gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-13 18:58:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(M47): add Kubernetes Secrets target + AWS ACM PCA issuer connectors

Browse Source 
Implement both M47 connectors with full cross-layer wiring:

Kubernetes Secrets target: DNS-1123 validation, kubernetes.io/tls Secret
create-or-update, chain concatenation, serial number validation, Helm
RBAC gating. 18 tests.

AWS ACM Private CA issuer: synchronous issuance (like Vault), ARN regex
validation, RFC 5280 revocation reason mapping, CA cert retrieval,
factory + env var seeding. 23 tests.

Cross-cutting: domain types, service validation, config, factory, agent
dispatch, frontend (TargetsPage, issuerTypes), OpenAPI, seed data, Helm
chart, connectors docs, README. Testing docs (testing-guide, qa-test-guide,
qa_test.go) with Parts thematically integrated near related connectors.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Shankar
2026-04-07 20:21:09 -04:00
parent f17027c62b
commit e72f06f35b
22 changed files with 2620 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/service/target.go
+4 -3
View File
@@ -24,9 +24,10 @@ var validTargetTypes = map[domain.TargetType]bool{
domain.TargetTypeEnvoy: true,
domain.TargetTypePostfix: true,
domain.TargetTypeDovecot: true,
domain.TargetTypeSSH: true,
domain.TargetTypeWinCertStore: true,
domain.TargetTypeJavaKeystore: true,
domain.TargetTypeSSH: true,
domain.TargetTypeWinCertStore: true,
domain.TargetTypeJavaKeystore: true,
domain.TargetTypeKubernetesSecrets: true,
}
// isValidTargetType checks if a type string is a known target type.