ContainerImage.Pinniped/internal/provider/dynamic_tls_serving_cert_provider.go

43 lines
999 B
Go
Raw Normal View History

// Copyright 2020 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package provider
import (
"sync"
"k8s.io/apiserver/pkg/server/dynamiccertificates"
)
type DynamicTLSServingCertProvider interface {
dynamiccertificates.CertKeyContentProvider
Set(certPEM, keyPEM []byte)
}
type dynamicTLSServingCertProvider struct {
certPEM []byte
keyPEM []byte
mutex sync.RWMutex
}
func NewDynamicTLSServingCertProvider() DynamicTLSServingCertProvider {
return &dynamicTLSServingCertProvider{}
}
func (p *dynamicTLSServingCertProvider) Set(certPEM, keyPEM []byte) {
p.mutex.Lock() // acquire a write lock
defer p.mutex.Unlock()
p.certPEM = certPEM
p.keyPEM = keyPEM
}
func (p *dynamicTLSServingCertProvider) Name() string {
return "DynamicTLSServingCertProvider"
}
func (p *dynamicTLSServingCertProvider) CurrentCertKeyContent() (cert []byte, key []byte) {
p.mutex.RLock() // acquire a read lock
defer p.mutex.RUnlock()
return p.certPEM, p.keyPEM
}