v1alpha1

package
v0.0.698-gef19eb6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 4, 2020 License: Apache-2.0 Imports: 9 Imported by: 1

Documentation

Index

Constants

View Source
const (
	// QuarksSecretResourceKind is the kind name of QuarksSecret
	QuarksSecretResourceKind = "QuarksSecret"
	// QuarksSecretResourcePlural is the plural name of QuarksSecret
	QuarksSecretResourcePlural = "quarkssecrets"
)
View Source
const (
	// GeneratedSecretKind is the kind of generated secret
	GeneratedSecretKind = "generated"
)

Variables

View Source
var (

	// AddToScheme is used for schema registrations in the controller package
	// and also in the generated kube code
	AddToScheme = schemeBuilder.AddToScheme

	// QuarksSecretResourceShortNames is the short names of QuarksSecret
	QuarksSecretResourceShortNames = []string{"qsec", "qsecs"}

	// QuarksSecretValidation is the validation schema for QuarksSecret
	QuarksSecretValidation = extv1.CustomResourceValidation{
		OpenAPIV3Schema: &extv1.JSONSchemaProps{
			Type: "object",
			Properties: map[string]extv1.JSONSchemaProps{
				"spec": {
					Type: "object",
					Properties: map[string]extv1.JSONSchemaProps{
						"secretName": {
							Type:        "string",
							MinLength:   pointers.Int64(1),
							Description: "The name of the generated secret",
						},
						"type": {
							Type:        "string",
							MinLength:   pointers.Int64(1),
							Description: "What kind of secret to generate: password, certificate, ssh, rsa",
						},
						"request": {
							Type:                   "object",
							XPreserveUnknownFields: pointers.Bool(true),
						},
						"copies": {
							Type:        "array",
							Description: "A list of namespaced names where to copy generated secrets",
							Items: &extv1.JSONSchemaPropsOrArray{
								Schema: &extv1.JSONSchemaProps{
									Type:                   "object",
									XPreserveUnknownFields: pointers.Bool(true),
								},
							},
						},
						"secretLabels": {
							Type:                   "object",
							XPreserveUnknownFields: pointers.Bool(true),
						},
						"secretAnnotations": {
							Type:                   "object",
							XPreserveUnknownFields: pointers.Bool(true),
						},
					},
					Required: []string{
						"secretName",
						"type",
					},
				},
				"status": {
					Type: "object",
					Properties: map[string]extv1.JSONSchemaProps{
						"generated": {
							Type: "boolean",
						},
						"lastReconcile": {
							Type: "string",
						},
					},
				},
			},
		},
	}

	// QuarksSecretResourceName is the resource name of QuarksSecret
	QuarksSecretResourceName = fmt.Sprintf("%s.%s", QuarksSecretResourcePlural, apis.GroupName)

	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: apis.GroupName, Version: "v1alpha1"}
)
View Source
var (
	// LabelKind is the label key for secret kind
	LabelKind = fmt.Sprintf("%s/secret-kind", apis.GroupName)
	// LabelNamespace key for label on a namespace to indicate that cf-operator is monitoring it.
	// Can be used as an ID, to keep operators in a cluster from intefering with each other.
	LabelNamespace = fmt.Sprintf("%s/monitored", apis.GroupName)
	// AnnotationCopyOf is a label key for secrets that are copies of generated secrets
	AnnotationCopyOf = fmt.Sprintf("%s/secret-copy-of", apis.GroupName)
	// AnnotationCertSecretName is the annotation key for certificate secret name
	AnnotationCertSecretName = fmt.Sprintf("%s/cert-secret-name", apis.GroupName)
	// AnnotationQSecName is the annotation key for the name of the owning quarks secret
	AnnotationQSecName = fmt.Sprintf("%s/quarks-secret-name", apis.GroupName)
	// AnnotationQSecNamespace is the annotation key for quarks secret namespace
	// since CSR are not namespaced
	AnnotationQSecNamespace = fmt.Sprintf("%s/quarks-secret-namespace", apis.GroupName)
	// AnnotationMonitoredID is used to link a CSR to a operator, so we don't have to
	// infer that via the namespace
	AnnotationMonitoredID = fmt.Sprintf("%s/monitored-id", apis.GroupName)
	// LabelSecretRotationTrigger is set on a config map to trigger secret
	// rotation. If set, then creating the config map will trigger secret
	// rotation.
	LabelSecretRotationTrigger = fmt.Sprintf("%s/secret-rotation", apis.GroupName)
	// RotateQSecretListName is the name of the config map entry, which
	// contains a JSON array of quarks secret names to rotate
	RotateQSecretListName = "secrets"
)

Functions

func IsMonitoredNamespace

func IsMonitoredNamespace(n *corev1.Namespace, id string) bool

IsMonitoredNamespace returns true if the namespace has all the necessary labels and should be included in controller watches.

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type BasicAuthRequest added in v1.0.683

type BasicAuthRequest struct {
	Username string `json:"username"`
}

BasicAuthRequest specifies the details for generating a basic-auth secret

func (*BasicAuthRequest) DeepCopy added in v1.0.683

func (in *BasicAuthRequest) DeepCopy() *BasicAuthRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuthRequest.

func (*BasicAuthRequest) DeepCopyInto added in v1.0.683

func (in *BasicAuthRequest) DeepCopyInto(out *BasicAuthRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateRequest

type CertificateRequest struct {
	CommonName                  string             `json:"commonName"`
	AlternativeNames            []string           `json:"alternativeNames"`
	IsCA                        bool               `json:"isCA"`
	CARef                       SecretReference    `json:"CARef"`
	CAKeyRef                    SecretReference    `json:"CAKeyRef"`
	SignerType                  SignerType         `json:"signerType,omitempty"`
	Usages                      []certv1.KeyUsage  `json:"usages"`
	ServiceRef                  []ServiceReference `json:"serviceRef"`
	ActivateEKSWorkaroundForSAN bool               `json:"activateEKSWorkaroundForSAN,omitempty"`
}

CertificateRequest specifies the details for the certificate generation

func (*CertificateRequest) DeepCopy

func (in *CertificateRequest) DeepCopy() *CertificateRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequest.

func (*CertificateRequest) DeepCopyInto

func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Copy

type Copy struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

Copy defines the destination of a copied generated secret We can't use types.NamespacedName because it doesn't marshal properly

func (*Copy) DeepCopy

func (in *Copy) DeepCopy() *Copy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Copy.

func (*Copy) DeepCopyInto

func (in *Copy) DeepCopyInto(out *Copy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Copy) String

func (c *Copy) String() string

type QuarksSecret

type QuarksSecret struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec         QuarksSecretSpec   `json:"spec,omitempty"`
	Status       QuarksSecretStatus `json:"status,omitempty"`
	SecretLabels map[string]string  `json:"secretLabels,omitempty"`
}

QuarksSecret is the Schema for the QuarksSecrets API +k8s:openapi-gen=true

func (*QuarksSecret) DeepCopy

func (in *QuarksSecret) DeepCopy() *QuarksSecret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecret.

func (*QuarksSecret) DeepCopyInto

func (in *QuarksSecret) DeepCopyInto(out *QuarksSecret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*QuarksSecret) DeepCopyObject

func (in *QuarksSecret) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*QuarksSecret) GetNamespacedName

func (qs *QuarksSecret) GetNamespacedName() string

GetNamespacedName returns the resource name with its namespace

type QuarksSecretList

type QuarksSecretList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []QuarksSecret `json:"items"`
}

QuarksSecretList contains a list of QuarksSecret

func (*QuarksSecretList) DeepCopy

func (in *QuarksSecretList) DeepCopy() *QuarksSecretList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretList.

func (*QuarksSecretList) DeepCopyInto

func (in *QuarksSecretList) DeepCopyInto(out *QuarksSecretList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*QuarksSecretList) DeepCopyObject

func (in *QuarksSecretList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type QuarksSecretSpec

type QuarksSecretSpec struct {
	Type              SecretType        `json:"type"`
	Request           Request           `json:"request"`
	SecretName        string            `json:"secretName"`
	Copies            []Copy            `json:"copies,omitempty"`
	SecretLabels      map[string]string `json:"secretLabels,omitempty"`
	SecretAnnotations map[string]string `json:"secretAnnotations,omitempty"`
}

QuarksSecretSpec defines the desired state of QuarksSecret

func (*QuarksSecretSpec) DeepCopy

func (in *QuarksSecretSpec) DeepCopy() *QuarksSecretSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretSpec.

func (*QuarksSecretSpec) DeepCopyInto

func (in *QuarksSecretSpec) DeepCopyInto(out *QuarksSecretSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type QuarksSecretStatus

type QuarksSecretStatus struct {
	// Timestamp for the last reconcile
	LastReconcile *metav1.Time `json:"lastReconcile"`
	// Indicates if the secret has already been generated
	Generated *bool `json:"generated"`
}

QuarksSecretStatus defines the observed state of QuarksSecret

func (*QuarksSecretStatus) DeepCopy

func (in *QuarksSecretStatus) DeepCopy() *QuarksSecretStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretStatus.

func (*QuarksSecretStatus) DeepCopyInto

func (in *QuarksSecretStatus) DeepCopyInto(out *QuarksSecretStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Request

type Request struct {
	BasicAuthRequest   BasicAuthRequest   `json:"basic-auth"`
	CertificateRequest CertificateRequest `json:"certificate"`
}

Request specifies details for the secret generation

func (*Request) DeepCopy

func (in *Request) DeepCopy() *Request

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Request.

func (*Request) DeepCopyInto

func (in *Request) DeepCopyInto(out *Request)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretReference

type SecretReference struct {
	Name string `json:"name"`
	Key  string `json:"key"`
}

SecretReference specifies a reference to another secret

func (*SecretReference) DeepCopy

func (in *SecretReference) DeepCopy() *SecretReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.

func (*SecretReference) DeepCopyInto

func (in *SecretReference) DeepCopyInto(out *SecretReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretType

type SecretType = string

SecretType defines the type of the generated secret

const (
	Password    SecretType = "password"
	Certificate SecretType = "certificate"
	SSHKey      SecretType = "ssh"
	RSAKey      SecretType = "rsa"
	BasicAuth   SecretType = "basic-auth"
)

Valid values for secret types

type ServiceReference

type ServiceReference struct {
	Name string
}

ServiceReference specifies a reference to a service

func (*ServiceReference) DeepCopy

func (in *ServiceReference) DeepCopy() *ServiceReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference.

func (*ServiceReference) DeepCopyInto

func (in *ServiceReference) DeepCopyInto(out *ServiceReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SignerType

type SignerType = string

SignerType defines the type of the certificate signer

const (
	// LocalSigner defines the local as certificate signer
	LocalSigner SignerType = "local"
	// ClusterSigner defines the cluster as certificate signer
	ClusterSigner SignerType = "cluster"
)

Valid values for signer types

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL