serviceaccounttoken

Documentation

Index

• Constants
• func EnsureSecretForServiceAccount(ctx context.Context, secretsCache corecontrollers.SecretCache, ...) (*corev1.Secret, error)
• func SecretTemplate(sa *corev1.ServiceAccount) *corev1.Secret
• func ServiceAccountSecret(ctx context.Context, sa *corev1.ServiceAccount, secretLister secretLister, ...) (*corev1.Secret, error)

Constants

const (
	// ServiceAccountSecretLabel is the label used to search for the secret belonging to a service account.
	ServiceAccountSecretLabel = "cattle.io/service-account.name"
)

Functions

func EnsureSecretForServiceAccount

func EnsureSecretForServiceAccount(ctx context.Context, secretsCache corecontrollers.SecretCache, clientSet kubernetes.Interface, sa *corev1.ServiceAccount, lockPrefix string) (*corev1.Secret, error)

EnsureSecretForServiceAccount gets or creates a service account token Secret for the provided Service Account.

If lockPrefix is provided, this is used as a prefix for the lock to provide context for concurrent requests. No concurrent creates will be allowed for a service account.

The lockPrefix should be of the same format as a generateName e.g. cluster-

For example, if this is "cluster-1" and the ServiceAccount is "default:test-sa" subsequent requests to create a ServiceAccount with the same name in "cluster-1" will be blocked until the first request has completed.

Note: This mutex is per-replica, currently there's no attempt to co-ordinate across replicas.

func SecretTemplate

func SecretTemplate(sa *corev1.ServiceAccount) *corev1.Secret

SecretTemplate generate a template of service-account-token Secret for the provided Service Account.

func ServiceAccountSecret

func ServiceAccountSecret(ctx context.Context, sa *corev1.ServiceAccount, secretLister secretLister, secretClient clientv1.SecretInterface) (*corev1.Secret, error)

ServiceAccountSecret returns the secret for the given Service Account. If there are more than one, it returns the first. Can return a nil secret and a nil error if no secret is found