An open API service indexing awesome lists of open source software.

https://github.com/att-cloudnative-labs/trustbuilder

Automated trusted certificate store creation
https://github.com/att-cloudnative-labs/trustbuilder

Last synced: 6 months ago
JSON representation

Automated trusted certificate store creation

Awesome Lists containing this project

README

          

# Trustbuilder

---

































----

Trustbuilder is custom-controller and custom-resource that allows for automatic creation of stores for trusted certificates which include PEM files and Java Keystore (JKS) files. The custom resource CertificatePackage defines an output certificate store and a selector that identifies which secrets/configmaps contain certificates that should be added to the indicated certificate store.

----
### CertificatePackage Resource Spec
```yaml
resourceType: "output resource type (secret/configmap) - required"
resourceName: "output resource name - required"
key: "key within the output resource data to place the certificate store - required"
passwordSecret: "secret containing the password to sign JKS keystore with - required only for JKS type only"
passwordSecretKey: "key within the passwordSecret containing the password data - required only for JKS type only"
addClusterCA: "(true/false) include the cluster CA in the certificate store. Default: false"
selector: "label selector that selects which secrets contain the source trusted certificates"
```

### Source Trusted Certificates

Secrets and configMaps to be used as sources of trusted certificates should have the annotation ```trustbuilder.directv.com/trustedcertificate: "true"``` in addition to a common set of labels that match the selector in the CertificatePackage object.

----
### Installation

```shell script
make install
make deploy IMG=
```

----

*Developed using the Kubebuilder Framework, https://github.com/kubernetes-sigs/kubebuilder