mirror of
https://github.com/lensapp/lens.git
synced 2025-05-20 05:10:56 +00:00
0fa89ecbfa
* wip: enable tls on lens-k8s-proxy Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * cleanup Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * type -> interface Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * more dependencies Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * refactor Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * run di.runSetups() after app is ready Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * tls fixes & refactor Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * cleanup Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * cleanup Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * refactor Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * refactor Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com>
44 lines
1.3 KiB
TypeScript
44 lines
1.3 KiB
TypeScript
/**
|
|
* Copyright (c) OpenLens Authors. All rights reserved.
|
|
* Licensed under MIT License. See LICENSE in root directory for more information.
|
|
*/
|
|
|
|
import path from "path";
|
|
import type * as selfsigned from "selfsigned";
|
|
|
|
type SelfSignedGenerate = typeof selfsigned.generate;
|
|
|
|
interface CreateKubeAuthProxyCertificateFilesDependencies {
|
|
generate: SelfSignedGenerate;
|
|
writeFile: (path: string, content: string | Buffer) => Promise<void>;
|
|
}
|
|
|
|
function getKubeAuthProxyCertificate(generate: SelfSignedGenerate): selfsigned.SelfSignedCert {
|
|
const opts = [
|
|
{ name: "commonName", value: "Lens Certificate Authority" },
|
|
{ name: "organizationName", value: "Lens" },
|
|
];
|
|
|
|
return generate(opts, {
|
|
keySize: 2048,
|
|
algorithm: "sha256",
|
|
days: 365,
|
|
extensions: [
|
|
{ name: "basicConstraints", cA: true },
|
|
{ name: "subjectAltName", altNames: [
|
|
{ type: 2, value: "localhost" },
|
|
{ type: 7, ip: "127.0.0.1" },
|
|
] },
|
|
],
|
|
});
|
|
}
|
|
|
|
export async function createKubeAuthProxyCertFiles(dir: string, dependencies: CreateKubeAuthProxyCertificateFilesDependencies): Promise<string> {
|
|
const cert = getKubeAuthProxyCertificate(dependencies.generate);
|
|
|
|
await dependencies.writeFile(path.join(dir, "proxy.key"), cert.private);
|
|
await dependencies.writeFile(path.join(dir, "proxy.crt"), cert.cert);
|
|
|
|
return dir;
|
|
}
|