https://github.com/att-cloudnative-labs/trustbuilder
Automated trusted certificate store creation
https://github.com/att-cloudnative-labs/trustbuilder
Last synced: 6 months ago
JSON representation
Automated trusted certificate store creation
- Host: GitHub
- URL: https://github.com/att-cloudnative-labs/trustbuilder
- Owner: att-cloudnative-labs
- License: mit
- Created: 2022-05-24T18:45:05.000Z (about 4 years ago)
- Default Branch: master
- Last Pushed: 2023-09-14T00:02:00.000Z (almost 3 years ago)
- Last Synced: 2025-04-09T21:43:56.078Z (about 1 year ago)
- Language: Go
- Size: 84 KB
- Stars: 0
- Watchers: 2
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Trustbuilder
---
----
Trustbuilder is custom-controller and custom-resource that allows for automatic creation of stores for trusted certificates which include PEM files and Java Keystore (JKS) files. The custom resource CertificatePackage defines an output certificate store and a selector that identifies which secrets/configmaps contain certificates that should be added to the indicated certificate store.
----
### CertificatePackage Resource Spec
```yaml
resourceType: "output resource type (secret/configmap) - required"
resourceName: "output resource name - required"
key: "key within the output resource data to place the certificate store - required"
passwordSecret: "secret containing the password to sign JKS keystore with - required only for JKS type only"
passwordSecretKey: "key within the passwordSecret containing the password data - required only for JKS type only"
addClusterCA: "(true/false) include the cluster CA in the certificate store. Default: false"
selector: "label selector that selects which secrets contain the source trusted certificates"
```
### Source Trusted Certificates
Secrets and configMaps to be used as sources of trusted certificates should have the annotation ```trustbuilder.directv.com/trustedcertificate: "true"``` in addition to a common set of labels that match the selector in the CertificatePackage object.
----
### Installation
```shell script
make install
make deploy IMG=
```
----
*Developed using the Kubebuilder Framework, https://github.com/kubernetes-sigs/kubebuilder