kubernetes/pkg/controller/certificates/signer/ca_provider.go

func newCAProvider(caFile, caKeyFile string) (*caProvider, error) {}

type caProvider

// setCA unconditionally stores the current cert/key content
func (p *caProvider) setCA() error {}

// currentCA provides the current value of the CA.
// It always check for a stale value.  This is cheap because it's all an in memory cache of small slices.
func (p *caProvider) currentCA() (*authority.CertificateAuthority, error) {}