crane

package

v0.0.0-...-035f276 Latest Latest Go to latest Published: Apr 11, 2022 License: MIT Imports: 16 Imported by: 0

Documentation ¶

Index ¶

type ACRKeyChain
- func (b *ACRKeyChain) Resolve(resource authn.Resource) (authn.Authenticator, error)
type ACRKeychainFactory
- func NewACRKeychainFactory(instrumentationProvider instrumentation.IInstrumentationProvider, ...) *ACRKeychainFactory
- func (factory *ACRKeychainFactory) Create(registry string) (authn.Keychain, error)
type CraneRegistryClient
- func NewCraneRegistryClient(instrumentationProvider instrumentation.IInstrumentationProvider, ...) *CraneRegistryClient
type IACRKeychainFactory
type IK8SKeychainFactory
type K8SKeychainFactory
- func NewK8SKeychainFactory(instrumentationProvider instrumentation.IInstrumentationProvider, ...) *K8SKeychainFactory
- func (factory *K8SKeychainFactory) Create(namespace string, imagePullSecrets []string, serviceAccountName string) (authn.Keychain, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ACRKeyChain ¶

type ACRKeyChain struct {
	Token string `json:"token"`
}

ACRKeyChain represents an ACR based keychain

func (*ACRKeyChain) Resolve ¶

func (b *ACRKeyChain) Resolve(resource authn.Resource) (authn.Authenticator, error)

Resolve Implements keychain required function, check if registry is ACR or not to decide it to return the auth with token or anonymous (non acr dns suffix -> anonymous, otherwise -> IdenitytToken(refreshtoken based) auth bosed)

type ACRKeychainFactory ¶

type ACRKeychainFactory struct {
	// contains filtered or unexported fields
}

ACRKeychainFactory basic implementation of

func NewACRKeychainFactory ¶

func NewACRKeychainFactory(instrumentationProvider instrumentation.IInstrumentationProvider, acrTokenProvider acrauth.IACRTokenProvider) *ACRKeychainFactory

NewACRKeychainFactory Ctor

func (*ACRKeychainFactory) Create ¶

func (factory *ACRKeychainFactory) Create(registry string) (authn.Keychain, error)

Create creating an ACR auth based keychain to registry using provided registry

type CraneRegistryClient ¶

type CraneRegistryClient struct {
	// contains filtered or unexported fields
}

CraneRegistryClient crane based implementation of the registry client interface registry.IRegistryClient

func NewCraneRegistryClient ¶

func NewCraneRegistryClient(instrumentationProvider instrumentation.IInstrumentationProvider, craneWrapper wrappers.ICraneWrapper, acrKeychainFactory IACRKeychainFactory, k8sKeychainFactory IK8SKeychainFactory) *CraneRegistryClient

NewCraneRegistryClient Constructor for the registry client

func (*CraneRegistryClient) GetDigestUsingACRAttachAuth ¶

func (client *CraneRegistryClient) GetDigestUsingACRAttachAuth(imageReference registry.IImageReference) (string, error)

GetDigestUsingACRAttachAuth receives image reference and get it's digest using ACR attach authntication ACR attach auth is based MSI token used to access the registry Authenticate with multikeychain with acrkeychain and default keychain

func (*CraneRegistryClient) GetDigestUsingDefaultAuth ¶

func (client *CraneRegistryClient) GetDigestUsingDefaultAuth(imageReference registry.IImageReference) (string, error)

GetDigestUsingDefaultAuth receives image reference and get it's digest using the default docker config auth

func (*CraneRegistryClient) GetDigestUsingK8SAuth ¶

func (client *CraneRegistryClient) GetDigestUsingK8SAuth(imageReference registry.IImageReference, namespace string, imagePullSecrets []string, serviceAccountName string) (string, error)

GetDigestUsingK8SAuth receives image reference and get it's digest using K8S secerts and auth K8S auth is based image pull secrets used in deployment or attached to service account to pull the image Authenticate with multikeychain with k8skeychain and default keychain

type IACRKeychainFactory ¶

type IACRKeychainFactory interface {
	// Create is creating  an ACR auth based keychain to registry using provided registry
	Create(registry string) (authn.Keychain, error)
}

IACRKeychainFactory responsible to create an ACR auth based keychain to authenticate to registry

type IK8SKeychainFactory ¶

type IK8SKeychainFactory interface {
	// Create create a K8S keychain (github.com/google/go-containerregistry/pkg/authn/k8schain)
	// Using a namespace and it's related imagePullSecrets and service account containing pull secrets to create the keychain
	Create(namespace string, imagePullSecrets []string, serviceAccountName string) (authn.Keychain, error)
}

IK8SKeychainFactory factory to create a K8S keychain (github.com/google/go-containerregistry/pkg/authn/k8schain)

type K8SKeychainFactory ¶

type K8SKeychainFactory struct {
	// contains filtered or unexported fields
}

K8SKeychainFactory Basic implementation of IK8SKeychainFactory interface

func NewK8SKeychainFactory ¶

func NewK8SKeychainFactory(instrumentationProvider instrumentation.IInstrumentationProvider, client kubernetes.Interface) *K8SKeychainFactory

NewK8SKeychainFactory ctor

func (*K8SKeychainFactory) Create ¶

func (factory *K8SKeychainFactory) Create(namespace string, imagePullSecrets []string, serviceAccountName string) (authn.Keychain, error)

Create create a K8S keychain (github.com/google/go-containerregistry/pkg/authn/k8schain) Using a namespace and it's related imagePullSecrets and service account containing pull secrets to create the keychain

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL