kubernetes/pkg/controlplane/controller/clusterauthenticationtrust/cluster_authentication_trust_controller.go

const configMapNamespace

const configMapName

type Controller

type ClusterAuthenticationInfo

// NewClusterAuthenticationTrustController returns a controller that will maintain the kube-system configmap/extension-apiserver-authentication
// that holds information about how to aggregated apiservers are recommended (but not required) to configure themselves.
func NewClusterAuthenticationTrustController(requiredAuthenticationData ClusterAuthenticationInfo, kubeClient kubernetes.Interface) *Controller {}

func (c *Controller) syncConfigMap() error {}

func createNamespaceIfNeeded(nsClient corev1client.NamespacesGetter, ns string) error {}

func writeConfigMap(configMapClient corev1client.ConfigMapsGetter, required *corev1.ConfigMap) error {}

// combinedClusterAuthenticationInfo combines two sets of authentication information into a new one
func combinedClusterAuthenticationInfo(lhs, rhs ClusterAuthenticationInfo) (ClusterAuthenticationInfo, error) {}

func getConfigMapDataFor(authenticationInfo ClusterAuthenticationInfo) (map[string]string, error) {}

func getClusterAuthenticationInfoFor(data map[string]string) (ClusterAuthenticationInfo, error) {}

func jsonSerializeStringSlice(in []string) (string, error) {}

func jsonDeserializeStringSlice(in string) (headerrequest.StringSliceProvider, error) {}

func combineUniqueStringSlices(lhs, rhs headerrequest.StringSliceProvider) headerrequest.StringSliceProvider {}

func combineCertLists(lhs, rhs dynamiccertificates.CAContentProvider) (dynamiccertificates.CAContentProvider, error) {}

// filterExpiredCerts checks are all certificates in the bundle valid, i.e. they have not expired.
// The function returns new bundle with only valid certificates or error if no valid certificate is found.
// We allow five minutes of slack for NotAfter comparisons
func filterExpiredCerts(certs ...*x509.Certificate) []*x509.Certificate {}

// Enqueue a method to allow separate control loops to cause the controller to trigger and reconcile content.
func (c *Controller) Enqueue() {}

// Run the controller until stopped.
func (c *Controller) Run(ctx context.Context, workers int) {}

func (c *Controller) runWorker() {}

// processNextWorkItem deals with one key off the queue.  It returns false when it's time to quit.
func (c *Controller) processNextWorkItem() bool {}

func keyFn() string {}

func encodeCertificates(certs ...*x509.Certificate) ([]byte, error) {}