v1alpha1

package
v1.0.745 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 9, 2020 License: Apache-2.0 Imports: 9 Imported by: 1

Documentation

Index

Constants

View Source
const (
	// QuarksSecretResourceKind is the kind name of QuarksSecret
	QuarksSecretResourceKind = "QuarksSecret"
	// QuarksSecretResourcePlural is the plural name of QuarksSecret
	QuarksSecretResourcePlural = "quarkssecrets"
)
View Source
const (
	// GeneratedSecretKind is the kind of generated secret
	GeneratedSecretKind = "generated"
)

Variables

View Source
var (

	// AddToScheme is used for schema registrations in the controller package
	// and also in the generated kube code
	AddToScheme = schemeBuilder.AddToScheme

	// QuarksSecretResourceShortNames is the short names of QuarksSecret
	QuarksSecretResourceShortNames = []string{"qsec", "qsecs"}

	// QuarksSecretValidation is the validation schema for QuarksSecret
	QuarksSecretValidation = extv1.CustomResourceValidation{
		OpenAPIV3Schema: &extv1.JSONSchemaProps{
			Type: "object",
			Properties: map[string]extv1.JSONSchemaProps{
				"spec": {
					Type: "object",
					Properties: map[string]extv1.JSONSchemaProps{
						"secretName": {
							Type:        "string",
							MinLength:   pointers.Int64(1),
							Description: "The name of the generated secret",
						},
						"type": {
							Type:        "string",
							MinLength:   pointers.Int64(1),
							Description: "What kind of secret to generate: password, certificate, ssh, rsa",
						},
						"request": {
							Type:                   "object",
							XPreserveUnknownFields: pointers.Bool(true),
							Properties: map[string]extv1.JSONSchemaProps{
								"templatedConfig": {
									Type:        "object",
									Description: "TemplatedConfig renders the template map into the generated secret",
									Properties: map[string]extv1.JSONSchemaProps{
										"type": {
											Type:        "string",
											Description: "Type of template being used (helm)",
										},
										"templates": {
											Type:                   "object",
											XPreserveUnknownFields: pointers.Bool(true),
											Description:            "Template values to interpolate in the generated secret",
										},
										"values": {
											Type:                   "object",
											XPreserveUnknownFields: pointers.Bool(true),
											Description:            "Template values to interpolate in the generated secret",
										},
									},
								},
							},
						},
						"copies": {
							Type:        "array",
							Description: "A list of namespaced names where to copy generated secrets",
							Items: &extv1.JSONSchemaPropsOrArray{
								Schema: &extv1.JSONSchemaProps{
									Type:                   "object",
									XPreserveUnknownFields: pointers.Bool(true),
								},
							},
						},
						"secretLabels": {
							Type:                   "object",
							XPreserveUnknownFields: pointers.Bool(true),
						},
						"secretAnnotations": {
							Type:                   "object",
							XPreserveUnknownFields: pointers.Bool(true),
						},
					},
					Required: []string{
						"secretName",
						"type",
					},
				},
				"status": {
					Type: "object",
					Properties: map[string]extv1.JSONSchemaProps{
						"generated": {
							Type: "boolean",
						},
						"copied": {
							Type: "boolean",
						},
						"lastReconcile": {
							Type:     "string",
							Nullable: true,
						},
					},
				},
			},
		},
	}

	// QuarksSecretAdditionalPrinterColumns are used by `kubectl get`
	QuarksSecretAdditionalPrinterColumns = []extv1.CustomResourceColumnDefinition{
		{
			Name:     "type",
			Type:     "string",
			JSONPath: ".spec.type",
		},
		{
			Name:     "copied",
			Type:     "boolean",
			JSONPath: ".status.copied",
		},
		{
			Name:     "generated",
			Type:     "boolean",
			JSONPath: ".status.generated",
		},
		{
			Name:     "age",
			Type:     "date",
			JSONPath: ".metadata.creationTimestamp",
		},
		{
			Name:     "reconcile",
			Type:     "date",
			JSONPath: ".status.lastReconcile",
		},
	}
	// QuarksSecretResourceName is the resource name of QuarksSecret
	QuarksSecretResourceName = fmt.Sprintf("%s.%s", QuarksSecretResourcePlural, apis.GroupName)

	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: apis.GroupName, Version: "v1alpha1"}
)
View Source
var (
	// LabelKind is the label key for secret kind
	LabelKind = fmt.Sprintf("%s/secret-kind", apis.GroupName)
	// LabelNamespace key for label on a namespace to indicate that cf-operator is monitoring it.
	// Can be used as an ID, to keep operators in a cluster from intefering with each other.
	LabelNamespace = fmt.Sprintf("%s/monitored", apis.GroupName)
	// AnnotationCopyOf is a label key for secrets that are copies of generated secrets
	AnnotationCopyOf = fmt.Sprintf("%s/secret-copy-of", apis.GroupName)
	// AnnotationCertSecretName is the annotation key for certificate secret name
	AnnotationCertSecretName = fmt.Sprintf("%s/cert-secret-name", apis.GroupName)
	// AnnotationQSecName is the annotation key for the name of the owning quarks secret
	AnnotationQSecName = fmt.Sprintf("%s/quarks-secret-name", apis.GroupName)
	// AnnotationQSecNamespace is the annotation key for quarks secret namespace
	// since CSR are not namespaced
	AnnotationQSecNamespace = fmt.Sprintf("%s/quarks-secret-namespace", apis.GroupName)
	// AnnotationMonitoredID is used to link a CSR to a operator, so we don't have to
	// infer that via the namespace
	AnnotationMonitoredID = fmt.Sprintf("%s/monitored-id", apis.GroupName)
	// LabelSecretRotationTrigger is set on a config map to trigger secret
	// rotation. If set, then creating the config map will trigger secret
	// rotation.
	LabelSecretRotationTrigger = fmt.Sprintf("%s/secret-rotation", apis.GroupName)
	// RotateQSecretListName is the name of the config map entry, which
	// contains a JSON array of quarks secret names to rotate
	RotateQSecretListName = "secrets"
)

Functions

func IsMonitoredNamespace

func IsMonitoredNamespace(n *corev1.Namespace, id string) bool

IsMonitoredNamespace returns true if the namespace has all the necessary labels and should be included in controller watches.

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type BasicAuthRequest added in v1.0.683

type BasicAuthRequest struct {
	Username string `json:"username"`
}

BasicAuthRequest specifies the details for generating a basic-auth secret

func (*BasicAuthRequest) DeepCopy added in v1.0.683

func (in *BasicAuthRequest) DeepCopy() *BasicAuthRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuthRequest.

func (*BasicAuthRequest) DeepCopyInto added in v1.0.683

func (in *BasicAuthRequest) DeepCopyInto(out *BasicAuthRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateRequest

type CertificateRequest struct {
	CommonName                  string             `json:"commonName"`
	AlternativeNames            []string           `json:"alternativeNames"`
	IsCA                        bool               `json:"isCA"`
	CARef                       SecretReference    `json:"CARef"`
	CAKeyRef                    SecretReference    `json:"CAKeyRef"`
	SignerType                  SignerType         `json:"signerType,omitempty"`
	Usages                      []certv1.KeyUsage  `json:"usages"`
	ServiceRef                  []ServiceReference `json:"serviceRef"`
	ActivateEKSWorkaroundForSAN bool               `json:"activateEKSWorkaroundForSAN,omitempty"`
}

CertificateRequest specifies the details for the certificate generation

func (*CertificateRequest) DeepCopy

func (in *CertificateRequest) DeepCopy() *CertificateRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequest.

func (*CertificateRequest) DeepCopyInto

func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Copy

type Copy struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

Copy defines the destination of a copied generated secret We can't use types.NamespacedName because it doesn't marshal properly

func (*Copy) DeepCopy

func (in *Copy) DeepCopy() *Copy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Copy.

func (*Copy) DeepCopyInto

func (in *Copy) DeepCopyInto(out *Copy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Copy) String

func (c *Copy) String() string

type ImageCredentialsRequest added in v1.0.703

type ImageCredentialsRequest struct {
	Username SecretReference `json:"username"`
	Password SecretReference `json:"password"`
	Registry string          `json:"registry"`
	Email    string          `json:"email"`
}

ImageCredentialsRequest specifies the details for the image credentials

func (*ImageCredentialsRequest) DeepCopy added in v1.0.703

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageCredentialsRequest.

func (*ImageCredentialsRequest) DeepCopyInto added in v1.0.703

func (in *ImageCredentialsRequest) DeepCopyInto(out *ImageCredentialsRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type QuarksSecret

type QuarksSecret struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec         QuarksSecretSpec   `json:"spec,omitempty"`
	Status       QuarksSecretStatus `json:"status,omitempty"`
	SecretLabels map[string]string  `json:"secretLabels,omitempty"`
}

QuarksSecret is the Schema for the QuarksSecrets API +k8s:openapi-gen=true

func (*QuarksSecret) DeepCopy

func (in *QuarksSecret) DeepCopy() *QuarksSecret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecret.

func (*QuarksSecret) DeepCopyInto

func (in *QuarksSecret) DeepCopyInto(out *QuarksSecret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*QuarksSecret) DeepCopyObject

func (in *QuarksSecret) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*QuarksSecret) GetNamespacedName

func (qs *QuarksSecret) GetNamespacedName() string

GetNamespacedName returns the resource name with its namespace

type QuarksSecretList

type QuarksSecretList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []QuarksSecret `json:"items"`
}

QuarksSecretList contains a list of QuarksSecret

func (*QuarksSecretList) DeepCopy

func (in *QuarksSecretList) DeepCopy() *QuarksSecretList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretList.

func (*QuarksSecretList) DeepCopyInto

func (in *QuarksSecretList) DeepCopyInto(out *QuarksSecretList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*QuarksSecretList) DeepCopyObject

func (in *QuarksSecretList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type QuarksSecretSpec

type QuarksSecretSpec struct {
	Type              SecretType        `json:"type"`
	Request           Request           `json:"request"`
	SecretName        string            `json:"secretName"`
	Copies            []Copy            `json:"copies,omitempty"`
	SecretLabels      map[string]string `json:"secretLabels,omitempty"`
	SecretAnnotations map[string]string `json:"secretAnnotations,omitempty"`
}

QuarksSecretSpec defines the desired state of QuarksSecret

func (*QuarksSecretSpec) DeepCopy

func (in *QuarksSecretSpec) DeepCopy() *QuarksSecretSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretSpec.

func (*QuarksSecretSpec) DeepCopyInto

func (in *QuarksSecretSpec) DeepCopyInto(out *QuarksSecretSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type QuarksSecretStatus

type QuarksSecretStatus struct {
	// Timestamp for the last reconcile
	LastReconcile *metav1.Time `json:"lastReconcile"`
	// Indicates if the secret has already been generated
	Generated *bool `json:"generated"`
	// Indicates if the copy secrets have been updated
	Copied *bool `json:"copied"`
}

QuarksSecretStatus defines the observed state of QuarksSecret

func (*QuarksSecretStatus) DeepCopy

func (in *QuarksSecretStatus) DeepCopy() *QuarksSecretStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new QuarksSecretStatus.

func (*QuarksSecretStatus) DeepCopyInto

func (in *QuarksSecretStatus) DeepCopyInto(out *QuarksSecretStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (QuarksSecretStatus) IsCopied added in v1.0.730

func (qs QuarksSecretStatus) IsCopied() bool

IsCopied returns true if the copied field is a true value

func (QuarksSecretStatus) IsGenerated added in v1.0.726

func (qs QuarksSecretStatus) IsGenerated() bool

IsGenerated returns true if the Generated field is a true value

func (QuarksSecretStatus) NotCopied added in v1.0.730

func (qs QuarksSecretStatus) NotCopied() bool

NotCopied returns true if the copied field is a false value

func (QuarksSecretStatus) NotGenerated added in v1.0.726

func (qs QuarksSecretStatus) NotGenerated() bool

NotGenerated returns true if the Generated field is set to false, but not nil

type ReferenceType added in v1.0.730

type ReferenceType = string

ReferenceType lists all the types of Reference we can supports

const (
	// SecretReference represents Secret reference
	KubeSecretReference ReferenceType = "secret"
)

Valid values for ref types

type Request

type Request struct {
	BasicAuthRequest        BasicAuthRequest        `json:"basic-auth"`
	CertificateRequest      CertificateRequest      `json:"certificate"`
	ImageCredentialsRequest ImageCredentialsRequest `json:"imageCredentials"`
	TemplatedConfigRequest  TemplatedConfigRequest  `json:"templatedConfig,omitempty"`
}

Request specifies details for the secret generation

func (*Request) DeepCopy

func (in *Request) DeepCopy() *Request

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Request.

func (*Request) DeepCopyInto

func (in *Request) DeepCopyInto(out *Request)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretReference

type SecretReference struct {
	Name string `json:"name"`
	Key  string `json:"key"`
}

SecretReference specifies a reference to another secret

func (*SecretReference) DeepCopy

func (in *SecretReference) DeepCopy() *SecretReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.

func (*SecretReference) DeepCopyInto

func (in *SecretReference) DeepCopyInto(out *SecretReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretType

type SecretType = string

SecretType defines the type of the generated secret

const (
	Password         SecretType = "password"
	Certificate      SecretType = "certificate"
	TLS              SecretType = "tls"
	SSHKey           SecretType = "ssh"
	RSAKey           SecretType = "rsa"
	BasicAuth        SecretType = "basic-auth"
	DockerConfigJSON SecretType = "dockerconfigjson"
	SecretCopy       SecretType = "copy"
	TemplatedConfig  SecretType = "templatedconfig"
)

Valid values for secret types

type ServiceReference

type ServiceReference struct {
	Name string
}

ServiceReference specifies a reference to a service

func (*ServiceReference) DeepCopy

func (in *ServiceReference) DeepCopy() *ServiceReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceReference.

func (*ServiceReference) DeepCopyInto

func (in *ServiceReference) DeepCopyInto(out *ServiceReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SignerType

type SignerType = string

SignerType defines the type of the certificate signer

const (
	// LocalSigner defines the local as certificate signer
	LocalSigner SignerType = "local"
	// ClusterSigner defines the cluster as certificate signer
	ClusterSigner SignerType = "cluster"
)

Valid values for signer types

type TemplatedConfigRequest added in v1.0.725

type TemplatedConfigRequest struct {
	Type      string                     `json:"type,omitempty"`
	Templates map[string]string          `json:"templates,omitempty"`
	Values    map[string]SecretReference `json:"values,omitempty"`
}

TemplatedConfigRequest defines the type of the template engine, a map of templates, one per key and the variables for the templates.

func (*TemplatedConfigRequest) DeepCopy added in v1.0.725

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TemplatedConfigRequest.

func (*TemplatedConfigRequest) DeepCopyInto added in v1.0.725

func (in *TemplatedConfigRequest) DeepCopyInto(out *TemplatedConfigRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL