Expand Client Auth Type configuration
This commit is contained in:
Jean-Baptiste Doumenjou
Traefiker Bot
parent
7a4b4c941c
commit
2c7cfd1c68
31 changed files with 304 additions and 151 deletions
|
|
@ -19,22 +19,22 @@ type TLSOption struct {
|
|||
|
||||
// TLSOptionSpec configures TLS for an entry point
|
||||
type TLSOptionSpec struct {
|
||||
MinVersion string `json:"minversion"`
|
||||
CipherSuites []string `json:"ciphersuites"`
|
||||
ClientCA ClientCA `json:"clientca"`
|
||||
SniStrict bool `json:"snistrict"`
|
||||
MinVersion string `json:"minVersion,omitempty"`
|
||||
CipherSuites []string `json:"cipherSuites,omitempty"`
|
||||
ClientAuth ClientAuth `json:"clientAuth,omitempty"`
|
||||
SniStrict bool `json:"sniStrict,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen=true
|
||||
|
||||
// ClientCA defines traefik CA files for an entryPoint
|
||||
// and it indicates if they are mandatory or have just to be analyzed if provided
|
||||
type ClientCA struct {
|
||||
// ClientAuth defines the parameters of the client authentication part of the TLS connection, if any.
|
||||
type ClientAuth struct {
|
||||
// SecretName is the name of the referenced Kubernetes Secret to specify the
|
||||
// certificate details.
|
||||
SecretNames []string `json:"secretnames"`
|
||||
// Optional indicates if ClientCA are mandatory or have just to be analyzed if provided
|
||||
Optional bool `json:"optional"`
|
||||
SecretNames []string `json:"secretNames"`
|
||||
// ClientAuthType defines the client authentication type to apply.
|
||||
// The available values are: "NoClientCert", "RequestClientCert", "VerifyClientCertIfGiven" and "RequireAndVerifyClientCert".
|
||||
ClientAuthType string `json:"clientAuthType"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import (
|
|||
)
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ClientCA) DeepCopyInto(out *ClientCA) {
|
||||
func (in *ClientAuth) DeepCopyInto(out *ClientAuth) {
|
||||
*out = *in
|
||||
if in.SecretNames != nil {
|
||||
in, out := &in.SecretNames, &out.SecretNames
|
||||
|
|
@ -43,12 +43,12 @@ func (in *ClientCA) DeepCopyInto(out *ClientCA) {
|
|||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientCA.
|
||||
func (in *ClientCA) DeepCopy() *ClientCA {
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientAuth.
|
||||
func (in *ClientAuth) DeepCopy() *ClientAuth {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ClientCA)
|
||||
out := new(ClientAuth)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
|
@ -529,7 +529,7 @@ func (in *TLSOptionSpec) DeepCopyInto(out *TLSOptionSpec) {
|
|||
*out = make([]string, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
in.ClientCA.DeepCopyInto(&out.ClientCA)
|
||||
in.ClientAuth.DeepCopyInto(&out.ClientAuth)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue