Class ChallengeRequest
Namespace: Neon.Kube.Resources.CertManager
Assembly: Neon.Kube.Resources.dll
Syntax
public class ChallengeRequestProperties
Action
Action is one of 'present' or 'cleanup'.
If the action is 'present', the record will be presented with the solving service.
If the action is 'cleanup', the record will be cleaned up with the solving service.
Declaration
[JsonProperty(PropertyName = "action", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[JsonConverter(typeof(JsonStringEnumMemberConverter))]
public ChallengeAction Action { get; set; }Property Value
| Type | Description |
|---|---|
| ChallengeAction |
AllowAmbientCredentials
AllowAmbientCredentials advises webhook implementations that they can use 'ambient credentials' for authenticating with their respective DNS provider services.
This field SHOULD be honoured by all DNS webhook implementations, but in certain instances where it does not make sense to honour this option, an implementation may ignore it.
Declaration
[JsonProperty(PropertyName = "allowAmbientCredentials", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public bool AllowAmbientCredentials { get; set; }Property Value
| Type | Description |
|---|---|
| bool |
Config
Config contains unstructured JSON configuration data that the webhook implementation can unmarshal in order to fetch secrets or configure connection details etc.
Secret values should not be passed in this field, in favour of references to Kubernetes Secret resources that the webhook can fetch.
Declaration
[JsonProperty(PropertyName = "config", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public Dictionary<string, object> Config { get; set; }Property Value
| Type | Description |
|---|---|
| Dictionary<string, object> |
DnsName
DNSName is the name of the domain that is actually being validated, as requested by the user on the Certificate resource.
This will be of the form 'example.com' from normal hostnames, and '*.example.com' for wildcards.
Declaration
[JsonProperty(PropertyName = "dnsName", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string DnsName { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Key
Key is the key that should be presented.
This key will already be signed by the account that owns the challenge. For DNS01, this is the key that should be set for the TXT record for ResolveFQDN.
Declaration
[JsonProperty(PropertyName = "key", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string Key { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ResolvedFQDN
ResolvedFQDN is the fully-qualified domain name that should be updated/presented after resolving all CNAMEs.
This should be honoured when using the DNS01 solver type.
This will be of the form '_acme-challenge.example.com.'.
Declaration
[JsonProperty(PropertyName = "resolvedFQDN", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string ResolvedFQDN { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ResolvedZone
ResolvedZone is the zone encompassing the ResolvedFQDN. This is included as part of the ChallengeRequest so that webhook implementers do not need to implement their own SOA recursion logic.
This indicates the zone that the provided FQDN is encompassed within, determined by performing SOA record queries for each part of the FQDN until an authoritative zone is found.
This will be of the form 'example.com.'.
Declaration
[JsonProperty(PropertyName = "resolvedZone", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string ResolvedZone { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ResourceNamespace
ResourceNamespace is the namespace containing resources that are referenced in the providers config.
If this request is solving for an Issuer resource, this will be the namespace of the Issuer.
If this request is solving for a ClusterIssuer resource, this will be the configured 'cluster resource namespace'
Declaration
[JsonProperty(PropertyName = "resourceNamespace", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string ResourceNamespace { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Type
Type is the type of ACME challenge. Only dns-01 is currently supported.
Declaration
[JsonProperty(PropertyName = "type", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string Type { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Uid
UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are otherwise identical (parallel requests, requests when earlier requests did not modify etc)
The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request. It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
Declaration
[JsonProperty(PropertyName = "uid", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
public string Uid { get; set; }Property Value
| Type | Description |
|---|---|
| string |