Documentation ¶
Index ¶
Constants ¶
const GroupName = "client.authentication.k8s.io"
GroupName is the group name use in this package
Variables ¶
var ( SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) AddToScheme = SchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
SchemeGroupVersion is group version used to register these objects
Functions ¶
func Kind ¶
Kind takes an unqualified kind and returns a Group qualified GroupKind
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type Cluster ¶
type Cluster struct { // Server is the address of the kubernetes cluster (https://hostname:port). Server string // TLSServerName is passed to the server for SNI and is used in the client to // check server certificates against. If ServerName is empty, the hostname // used to contact the server is used. // +optional TLSServerName string // InsecureSkipTLSVerify skips the validity check for the server's certificate. // This will make your HTTPS connections insecure. // +optional InsecureSkipTLSVerify bool // CAData contains PEM-encoded certificate authority certificates. // If empty, system roots should be used. // +listType=atomic // +optional CertificateAuthorityData []byte // ProxyURL is the URL to the proxy to be used for all requests to this // cluster. // +optional ProxyURL string // Config holds additional config data that is specific to the exec // plugin with regards to the cluster being authenticated to. // // This data is sourced from the clientcmd Cluster object's // extensions[client.authentication.k8s.io/exec] field: // // clusters: // - name: my-cluster // cluster: // ... // extensions: // - name: client.authentication.k8s.io/exec # reserved extension name for per cluster exec config // extension: // audience: 06e3fbd18de8 # arbitrary config // // In some environments, the user config may be exactly the same across many clusters // (i.e. call this exec plugin) minus some details that are specific to each cluster // such as the audience. This field allows the per cluster config to be directly // specified with the cluster info. Using this field to store secret data is not // recommended as one of the prime benefits of exec plugins is that no secrets need // to be stored directly in the kubeconfig. // +optional Config runtime.Object }
Cluster contains information to allow an exec plugin to communicate with the kubernetes cluster being authenticated to.
To ensure that this struct contains everything someone would need to communicate with a kubernetes cluster (just like they would via a kubeconfig), the fields should shadow "k8s.io/client-go/tools/clientcmd/api/v1".Cluster, with the exception of CertificateAuthority, since CA data will always be passed to the plugin as bytes.
func (*Cluster) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Cluster.
type ExecCredential ¶
type ExecCredential struct { metav1.TypeMeta // Spec holds information passed to the plugin by the transport. This contains // request and runtime specific information, such as if the session is interactive. Spec ExecCredentialSpec // Status is filled in by the plugin and holds the credentials that the transport // should use to contact the API. // +optional Status *ExecCredentialStatus }
ExecCredential is used by exec-based plugins to communicate credentials to HTTP transports.
func (*ExecCredential) DeepCopy ¶
func (in *ExecCredential) DeepCopy() *ExecCredential
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredential.
func (*ExecCredential) DeepCopyInto ¶
func (in *ExecCredential) DeepCopyInto(out *ExecCredential)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ExecCredential) DeepCopyObject ¶
func (in *ExecCredential) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ExecCredentialSpec ¶
type ExecCredentialSpec struct { // Response is populated when the transport encounters HTTP status codes, such as 401, // suggesting previous credentials were invalid. // +optional Response *Response // Interactive is true when the transport detects the command is being called from an // interactive prompt. // +optional Interactive bool // Cluster contains information to allow an exec plugin to communicate with the // kubernetes cluster being authenticated to. Note that Cluster is non-nil only // when provideClusterInfo is set to true in the exec provider config (i.e., // ExecConfig.ProvideClusterInfo). // +optional Cluster *Cluster }
ExecCredentialSpec holds request and runtime specific information provided by the transport.
func (*ExecCredentialSpec) DeepCopy ¶
func (in *ExecCredentialSpec) DeepCopy() *ExecCredentialSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialSpec.
func (*ExecCredentialSpec) DeepCopyInto ¶
func (in *ExecCredentialSpec) DeepCopyInto(out *ExecCredentialSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExecCredentialStatus ¶
type ExecCredentialStatus struct { // ExpirationTimestamp indicates a time when the provided credentials expire. // +optional ExpirationTimestamp *metav1.Time // Token is a bearer token used by the client for request authentication. // +optional Token string `datapolicy:"token"` // PEM-encoded client TLS certificate. // +optional ClientCertificateData string // PEM-encoded client TLS private key. // +optional ClientKeyData string `datapolicy:"secret-key"` }
ExecCredentialStatus holds credentials for the transport to use.
func (*ExecCredentialStatus) DeepCopy ¶
func (in *ExecCredentialStatus) DeepCopy() *ExecCredentialStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExecCredentialStatus.
func (*ExecCredentialStatus) DeepCopyInto ¶
func (in *ExecCredentialStatus) DeepCopyInto(out *ExecCredentialStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Response ¶
type Response struct { // Headers holds HTTP headers returned by the server. Header map[string][]string // Code is the HTTP status code returned by the server. Code int32 }
Response defines metadata about a failed request, including HTTP status code and response headers.
func (*Response) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Response.