For NewManager, the Config struct gets changed (not extended!) so that the
caller can provide a logger instead of just a logging function. Breaking the
API was chosen because it avoids having to maintain two different log calls in
various places (one for printf-style logging, one for structured logging).
RequestCertificateWithContext is an extension. It enables getting rid of
context.TODO calls.
NewFileStoreWithLogger also is an extension.
Kubernetes-commit: f9051901cee8d8ff4aed3db27ff495a706f1a487
This change updates the CSR API to add a new, optional field called
expirationSeconds. This field is a request to the signer for the
maximum duration the client wishes the cert to have. The signer is
free to ignore this request based on its own internal policy. The
signers built-in to KCM will honor this field if it is not set to a
value greater than --cluster-signing-duration. The minimum allowed
value for this field is 600 seconds (ten minutes).
This change will help enforce safer durations for certificates in
the Kube ecosystem and will help related projects such as
cert-manager with their migration to the Kube CSR API.
Future enhancements may update the Kubelet to take advantage of this
field when it is configured in a way that can tolerate shorter
certificate lifespans with regular rotation.
Signed-off-by: Monis Khan <mok@vmware.com>
Kubernetes-commit: cd91e59f7c351fce47c064a5162c2cb79075159c
This func is only used by the kubelet and there's no need to pollute
client-go API with it.
Kubernetes-commit: 5c073abfe16fc0b9f62310b8276fc3b0c7043e60
This func is only used internally and was copied from
k8s.io/kubernetes/pkg/apis/certificates.
Kubernetes-commit: 41334cfdd3eefc352536943518ffd9eaf570e27c
- Move from the old github.com/golang/glog to k8s.io/klog
- klog as explicit InitFlags() so we add them as necessary
- we update the other repositories that we vendor that made a similar
change from glog to klog
* github.com/kubernetes/repo-infra
* k8s.io/gengo/
* k8s.io/kube-openapi/
* github.com/google/cadvisor
- Entirely remove all references to glog
- Fix some tests by explicit InitFlags in their init() methods
Change-Id: I92db545ff36fcec83afe98f550c9e630098b3135
Kubernetes-commit: 954996e231074dc7429f7be1256a579bedd8344c
Everything else it depends on was already there, and now we have a
somewhat consistent code chain.
Kubernetes-commit: 5649f9a578f4f130f61579d77d5609fbdaf82a1f
