feat: Add TLS certificate util crate

stackabletech / operator-rs

A simple wrapper/framework around kube-rs to make implementing Operators/Controllers easier

Apache License 2.0

116 stars 12 forks source link

feat: Add TLS certificate util crate #736

Closed Techassi closed 5 months ago

Techassi commented 6 months ago

Follow-up of #730, discussed in https://github.com/stackabletech/documentation/pull/522, tracked by https://github.com/stackabletech/issues/issues/361

This PR adds a crate which handles TLS certificate generation, reading and writing.

Techassi commented 6 months ago

The basic work is mostly done, but a few pieces are still missing:

Add a manager, which contains one or more CAs, which will be rotated automatically once they expire.
Add dynamic TLS cert resolver in the webhook server

Techassi commented 6 months ago

* Add a manager, which contains one or more CAs, which will be rotated automatically once they expire.
* Add dynamic TLS cert resolver in the webhook server

I decided to move this into a separate PR as this PR is already big enough. Both features can be implemented on top of the changes introduced in this PR.

Techassi commented 6 months ago

Followup issues / PRs:

stackabletech / operator-rs

feat: Add TLS certificate util crate #736

743

744

745