security

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2025 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package security is the internal version of the API. +groupName=security.gardener.cloud

Index

Constants

View Source 
const GroupName = "security.gardener.cloud"

GroupName is the name of the security API group.

Variables

View Source 
var (
	// SchemeBuilder is a new Scheme Builder which registers our API.
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// AddToScheme is a reference to the Scheme Builder's AddToScheme function.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects.

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind.

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource.

Types

type ContextObject 

type ContextObject struct {
	// Kind of the object the token is requested for. Valid kinds are 'Shoot', 'Seed', etc.
	Kind string
	// API version of the object the token is requested for.
	APIVersion string
	// Name of the object the token is requested for.
	Name string
	// Namespace of the object the token is requested for.
	Namespace *string
	// UID of the object the token is requested for.
	UID types.UID
}

ContextObject identifies the object the token is requested for.

func (*ContextObject) DeepCopy 

func (in *ContextObject) DeepCopy() *ContextObject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextObject.

func (*ContextObject) DeepCopyInto 

func (in *ContextObject) DeepCopyInto(out *ContextObject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsBinding 

type CredentialsBinding struct {
	metav1.TypeMeta
	// Standard object metadata.
	metav1.ObjectMeta
	// Provider defines the provider type of the CredentialsBinding.
	// This field is immutable.
	Provider CredentialsBindingProvider
	// CredentialsRef is a reference to a resource holding the credentials.
	// Accepted resources are core/v1.Secret and security.gardener.cloud/v1alpha1.WorkloadIdentity
	// This field is immutable.
	CredentialsRef corev1.ObjectReference
	// Quotas is a list of references to Quota objects in the same or another namespace.
	// This field is immutable.
	Quotas []corev1.ObjectReference
}

CredentialsBinding represents a binding to credentials in the same or another namespace.

func (*CredentialsBinding) DeepCopy 

func (in *CredentialsBinding) DeepCopy() *CredentialsBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsBinding.

func (*CredentialsBinding) DeepCopyInto 

func (in *CredentialsBinding) DeepCopyInto(out *CredentialsBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsBinding) DeepCopyObject 

func (in *CredentialsBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsBindingList 

type CredentialsBindingList struct {
	metav1.TypeMeta
	// Standard list object metadata.
	metav1.ListMeta
	// Items is the list of CredentialsBindings.
	Items []CredentialsBinding
}

CredentialsBindingList is a collection of CredentialsBindings.

func (*CredentialsBindingList) DeepCopy 

func (in *CredentialsBindingList) DeepCopy() *CredentialsBindingList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsBindingList.

func (*CredentialsBindingList) DeepCopyInto 

func (in *CredentialsBindingList) DeepCopyInto(out *CredentialsBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsBindingList) DeepCopyObject 

func (in *CredentialsBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsBindingProvider 

type CredentialsBindingProvider struct {
	// Type is the type of the provider.
	Type string
}

CredentialsBindingProvider defines the provider type of the CredentialsBinding.

func (*CredentialsBindingProvider) DeepCopy 

func (in *CredentialsBindingProvider) DeepCopy() *CredentialsBindingProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsBindingProvider.

func (*CredentialsBindingProvider) DeepCopyInto 

func (in *CredentialsBindingProvider) DeepCopyInto(out *CredentialsBindingProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Object 

type Object interface {
	metav1.Object
}

Object is a security object resource.

type TargetSystem 

type TargetSystem struct {
	// Type is the type of the target system.
	Type string
	// ProviderConfig is the configuration passed to extension resource.
	ProviderConfig runtime.Object
}

TargetSystem represents specific configurations for the system that will accept the JWTs.

func (*TargetSystem) DeepCopy 

func (in *TargetSystem) DeepCopy() *TargetSystem

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetSystem.

func (*TargetSystem) DeepCopyInto 

func (in *TargetSystem) DeepCopyInto(out *TargetSystem)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TokenRequest 

type TokenRequest struct {
	metav1.TypeMeta
	// Standard object metadata.
	metav1.ObjectMeta
	// Spec holds configuration settings for the requested token.
	Spec TokenRequestSpec
	// Status bears the issued token with additional information back to the client.
	Status TokenRequestStatus
}

TokenRequest is a resource that is used to request WorkloadIdentity tokens.

func (*TokenRequest) DeepCopy 

func (in *TokenRequest) DeepCopy() *TokenRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequest.

func (*TokenRequest) DeepCopyInto 

func (in *TokenRequest) DeepCopyInto(out *TokenRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TokenRequest) DeepCopyObject 

func (in *TokenRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TokenRequestSpec 

type TokenRequestSpec struct {
	// ContextObject identifies the object the token is requested for.
	ContextObject *ContextObject
	// ExpirationSeconds specifies for how long the requested token should be valid.
	ExpirationSeconds int64
}

TokenRequestSpec holds configuration settings for the requested token.

func (*TokenRequestSpec) DeepCopy 

func (in *TokenRequestSpec) DeepCopy() *TokenRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestSpec.

func (*TokenRequestSpec) DeepCopyInto 

func (in *TokenRequestSpec) DeepCopyInto(out *TokenRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TokenRequestStatus 

type TokenRequestStatus struct {
	// Token is the issued token.
	Token string
	// ExpirationTimestamp is the time of expiration of the returned token.
	ExpirationTimestamp metav1.Time
}

TokenRequestStatus bears the issued token with additional information back to the client.

func (*TokenRequestStatus) DeepCopy 

func (in *TokenRequestStatus) DeepCopy() *TokenRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestStatus.

func (*TokenRequestStatus) DeepCopyInto 

func (in *TokenRequestStatus) DeepCopyInto(out *TokenRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkloadIdentity 

type WorkloadIdentity struct {
	metav1.TypeMeta
	// Standard object metadata.
	metav1.ObjectMeta
	// Spec configures the JSON Web Token issued by the Gardener API server.
	Spec WorkloadIdentitySpec
	// Status contain the latest observed status of the WorkloadIdentity.
	Status WorkloadIdentityStatus
}

WorkloadIdentity is resource that allows workloads to be presented before external systems by giving them identities managed by the Gardener API server. The identity of such workload is represented by JSON Web Token issued by the Gardener API server. Workload identities are designed to be used by components running in the Gardener environment, seed or runtime cluster, that make use of identity federation inspired by the OIDC protocol.

func (*WorkloadIdentity) DeepCopy 

func (in *WorkloadIdentity) DeepCopy() *WorkloadIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentity.

func (*WorkloadIdentity) DeepCopyInto 

func (in *WorkloadIdentity) DeepCopyInto(out *WorkloadIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WorkloadIdentity) DeepCopyObject 

func (in *WorkloadIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type WorkloadIdentityList 

type WorkloadIdentityList struct {
	metav1.TypeMeta
	// Standard list object metadata.
	metav1.ListMeta
	// Items is the list of WorkloadIdentities.
	Items []WorkloadIdentity
}

WorkloadIdentityList is a collection of WorkloadIdentities.

func (*WorkloadIdentityList) DeepCopy 

func (in *WorkloadIdentityList) DeepCopy() *WorkloadIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentityList.

func (*WorkloadIdentityList) DeepCopyInto 

func (in *WorkloadIdentityList) DeepCopyInto(out *WorkloadIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WorkloadIdentityList) DeepCopyObject 

func (in *WorkloadIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type WorkloadIdentitySpec 

type WorkloadIdentitySpec struct {
	// Audiences specify the list of recipients that the JWT is intended for.
	// The values of this field will be set in the 'aud' claim.
	Audiences []string
	// TargetSystem represents specific configurations for the system that will accept the JWTs.
	TargetSystem TargetSystem
}

WorkloadIdentitySpec configures the JSON Web Token issued by the Gardener API server.

func (*WorkloadIdentitySpec) DeepCopy 

func (in *WorkloadIdentitySpec) DeepCopy() *WorkloadIdentitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentitySpec.

func (*WorkloadIdentitySpec) DeepCopyInto 

func (in *WorkloadIdentitySpec) DeepCopyInto(out *WorkloadIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkloadIdentityStatus 

type WorkloadIdentityStatus struct {
	// Sub contains the computed value of the subject that is going to be set in JWTs 'sub' claim.
	Sub string
}

WorkloadIdentityStatus contain the latest observed status of the WorkloadIdentity.

func (*WorkloadIdentityStatus) DeepCopy 

func (in *WorkloadIdentityStatus) DeepCopy() *WorkloadIdentityStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentityStatus.

func (*WorkloadIdentityStatus) DeepCopyInto 

func (in *WorkloadIdentityStatus) DeepCopyInto(out *WorkloadIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Directories

Path Synopsis
Package v1alpha1 is a version of the API.
 Package v1alpha1 is a version of the API.
constants

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.