Documentation
¶
Index ¶
- Constants
- Variables
- func IsMonitoredNamespace(n *corev1.Namespace, id string) bool
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type BasicAuthRequest
- type CertificateRequest
- type Copy
- type QuarksSecret
- type QuarksSecretList
- type QuarksSecretSpec
- type QuarksSecretStatus
- type Request
- type SecretReference
- type SecretType
- type ServiceReference
- type SignerType
Constants ¶
const ( // QuarksSecretResourceKind is the kind name of QuarksSecret QuarksSecretResourceKind = "QuarksSecret" // QuarksSecretResourcePlural is the plural name of QuarksSecret QuarksSecretResourcePlural = "quarkssecrets" )
const (
// GeneratedSecretKind is the kind of generated secret
GeneratedSecretKind = "generated"
)
Variables ¶
var ( // AddToScheme is used for schema registrations in the controller package // and also in the generated kube code AddToScheme = schemeBuilder.AddToScheme // QuarksSecretResourceShortNames is the short names of QuarksSecret QuarksSecretResourceShortNames = []string{"qsec", "qsecs"} // QuarksSecretValidation is the validation schema for QuarksSecret QuarksSecretValidation = extv1.CustomResourceValidation{ OpenAPIV3Schema: &extv1.JSONSchemaProps{ Type: "object", Properties: map[string]extv1.JSONSchemaProps{ "spec": { Type: "object", Properties: map[string]extv1.JSONSchemaProps{ "secretName": { Type: "string", MinLength: pointers.Int64(1), Description: "The name of the generated secret", }, "type": { Type: "string", MinLength: pointers.Int64(1), Description: "What kind of secret to generate: password, certificate, ssh, rsa", }, "request": { Type: "object", XPreserveUnknownFields: pointers.Bool(true), }, "copies": { Type: "array", Description: "A list of namespaced names where to copy generated secrets", Items: &extv1.JSONSchemaPropsOrArray{ Schema: &extv1.JSONSchemaProps{ Type: "object", XPreserveUnknownFields: pointers.Bool(true), }, }, }, "secretLabels": { Type: "object", XPreserveUnknownFields: pointers.Bool(true), }, "secretAnnotations": { Type: "object", XPreserveUnknownFields: pointers.Bool(true), }, }, Required: []string{ "secretName", "type", }, }, "status": { Type: "object", Properties: map[string]extv1.JSONSchemaProps{ "generated": { Type: "boolean", }, "lastReconcile": { Type: "string", }, }, }, }, }, } // QuarksSecretResourceName is the resource name of QuarksSecret QuarksSecretResourceName = fmt.Sprintf("%s.%s", QuarksSecretResourcePlural, apis.GroupName) // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: apis.GroupName, Version: "v1alpha1"} )
var ( // LabelKind is the label key for secret kind LabelKind = fmt.Sprintf("%s/secret-kind", apis.GroupName) // LabelNamespace key for label on a namespace to indicate that cf-operator is monitoring it. // Can be used as an ID, to keep operators in a cluster from intefering with each other. LabelNamespace = fmt.Sprintf("%s/monitored", apis.GroupName) // AnnotationCopyOf is a label key for secrets that are copies of generated secrets AnnotationCopyOf = fmt.Sprintf("%s/secret-copy-of", apis.GroupName) // AnnotationCertSecretName is the annotation key for certificate secret name AnnotationCertSecretName = fmt.Sprintf("%s/cert-secret-name", apis.GroupName) // AnnotationQSecName is the annotation key for the name of the owning quarks secret AnnotationQSecName = fmt.Sprintf("%s/quarks-secret-name", apis.GroupName) // AnnotationQSecNamespace is the annotation key for quarks secret namespace // since CSR are not namespaced AnnotationQSecNamespace = fmt.Sprintf("%s/quarks-secret-namespace", apis.GroupName) // AnnotationMonitoredID is used to link a CSR to a operator, so we don't have to // infer that via the namespace AnnotationMonitoredID = fmt.Sprintf("%s/monitored-id", apis.GroupName) // LabelSecretRotationTrigger is set on a config map to trigger secret // rotation. If set, then creating the config map will trigger secret // rotation. LabelSecretRotationTrigger = fmt.Sprintf("%s/secret-rotation", apis.GroupName) // RotateQSecretListName is the name of the config map entry, which // contains a JSON array of quarks secret names to rotate RotateQSecretListName = "secrets" )
Functions ¶
func IsMonitoredNamespace ¶
IsMonitoredNamespace returns true if the namespace has all the necessary labels and should be included in controller watches.
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type BasicAuthRequest ¶ added in v1.0.683
type BasicAuthRequest struct {
Username string `json:"username"`
}
BasicAuthRequest specifies the details for generating a basic-auth secret
func (*BasicAuthRequest) DeepCopy ¶ added in v1.0.683
func (in *BasicAuthRequest) DeepCopy() *BasicAuthRequest
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuthRequest.
func (*BasicAuthRequest) DeepCopyInto ¶ added in v1.0.683
func (in *BasicAuthRequest) DeepCopyInto(out *BasicAuthRequest)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CertificateRequest ¶
type CertificateRequest struct {
CommonName string `json:"commonName"`
AlternativeNames []string `json:"alternativeNames"`
IsCA bool `json:"isCA"`
CARef SecretReference `json:"CARef"`
CAKeyRef SecretReference `json:"CAKeyRef"`
SignerType SignerType `json:"signerType,omitempty"`
Usages []certv1.KeyUsage `json:"usages"`
ServiceRef []ServiceReference `json:"serviceRef"`
ActivateEKSWorkaroundForSAN bool `json:"activateEKSWorkaroundForSAN,omitempty"`
}
CertificateRequest specifies the details for the certificate generation
func (*CertificateRequest) DeepCopy ¶
func (in *CertificateRequest) DeepCopy() *CertificateRequest
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequest.
func (*CertificateRequest) DeepCopyInto ¶
func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Copy ¶
Copy defines the destination of a copied generated secret We can't use types.NamespacedName because it doesn't marshal properly
func (*Copy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Copy.
func (*Copy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type QuarksSecret ¶
type QuarksSecret struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec QuarksSecretSpec `json:"spec,omitempty"`
Status QuarksSecretStatus `json:"status,omitempty"`
}
QuarksSecret is the Schema for the QuarksSecrets API +k8s:openapi-gen=true
func (*QuarksSecret) DeepCopy ¶
func (in *QuarksSecret) DeepCopy() *QuarksSecret
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecret.
func (*QuarksSecret) DeepCopyInto ¶
func (in *QuarksSecret) DeepCopyInto(out *QuarksSecret)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*QuarksSecret) DeepCopyObject ¶
func (in *QuarksSecret) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*QuarksSecret) GetNamespacedName ¶
func (qs *QuarksSecret) GetNamespacedName() string
GetNamespacedName returns the resource name with its namespace
type QuarksSecretList ¶
type QuarksSecretList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []QuarksSecret `json:"items"`
}
QuarksSecretList contains a list of QuarksSecret
func (*QuarksSecretList) DeepCopy ¶
func (in *QuarksSecretList) DeepCopy() *QuarksSecretList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretList.
func (*QuarksSecretList) DeepCopyInto ¶
func (in *QuarksSecretList) DeepCopyInto(out *QuarksSecretList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*QuarksSecretList) DeepCopyObject ¶
func (in *QuarksSecretList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type QuarksSecretSpec ¶
type QuarksSecretSpec struct {
Type SecretType `json:"type"`
Request Request `json:"request"`
SecretName string `json:"secretName"`
Copies []Copy `json:"copies,omitempty"`
SecretLabels map[string]string `json:"secretLabels,omitempty"`
SecretAnnotations map[string]string `json:"secretAnnotations,omitempty"`
}
QuarksSecretSpec defines the desired state of QuarksSecret
func (*QuarksSecretSpec) DeepCopy ¶
func (in *QuarksSecretSpec) DeepCopy() *QuarksSecretSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretSpec.
func (*QuarksSecretSpec) DeepCopyInto ¶
func (in *QuarksSecretSpec) DeepCopyInto(out *QuarksSecretSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type QuarksSecretStatus ¶
type QuarksSecretStatus struct {
// Timestamp for the last reconcile
LastReconcile *metav1.Time `json:"lastReconcile"`
// Indicates if the secret has already been generated
Generated *bool `json:"generated"`
}
QuarksSecretStatus defines the observed state of QuarksSecret
func (*QuarksSecretStatus) DeepCopy ¶
func (in *QuarksSecretStatus) DeepCopy() *QuarksSecretStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretStatus.
func (*QuarksSecretStatus) DeepCopyInto ¶
func (in *QuarksSecretStatus) DeepCopyInto(out *QuarksSecretStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Request ¶
type Request struct {
BasicAuthRequest BasicAuthRequest `json:"basic-auth"`
CertificateRequest CertificateRequest `json:"certificate"`
}
Request specifies details for the secret generation
func (*Request) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Request.
func (*Request) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretReference ¶
SecretReference specifies a reference to another secret
func (*SecretReference) DeepCopy ¶
func (in *SecretReference) DeepCopy() *SecretReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.
func (*SecretReference) DeepCopyInto ¶
func (in *SecretReference) DeepCopyInto(out *SecretReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretType ¶
type SecretType = string
SecretType defines the type of the generated secret
const ( Password SecretType = "password" Certificate SecretType = "certificate" SSHKey SecretType = "ssh" RSAKey SecretType = "rsa" BasicAuth SecretType = "basic-auth" )
Valid values for secret types
type ServiceReference ¶
type ServiceReference struct {
Name string
}
ServiceReference specifies a reference to a service
func (*ServiceReference) DeepCopy ¶
func (in *ServiceReference) DeepCopy() *ServiceReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference.
func (*ServiceReference) DeepCopyInto ¶
func (in *ServiceReference) DeepCopyInto(out *ServiceReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SignerType ¶
type SignerType = string
SignerType defines the type of the certificate signer
const ( // LocalSigner defines the local as certificate signer LocalSigner SignerType = "local" // ClusterSigner defines the cluster as certificate signer ClusterSigner SignerType = "cluster" )
Valid values for signer types
Source Files