Documentation
¶
Index ¶
- Constants
- func CreateMembership(project string, membershipID string, description string, ...) (membershipUUID string, err error)
- func DeleteMembership(project string, membershipID string, description string, ...) error
- func GetMembership(project string, membershipID string, description string, ...) error
- func GetOptionsWithCreds(project string) (option.ClientOption, error)
- type Authority
- type Client
- func (c *Client) CallCreateMembershipAPI(membershipID string) (HTTPResult, error)
- func (c *Client) CheckOperation(operationName string) error
- func (c *Client) CreateMembership(membershipID string) error
- func (c *Client) DeleteMembership() error
- func (c *Client) GenerateConnectManifest(proxy string, namespace string, version string, isUpgrade bool, ...) (k8s.ConnectManifestResponse, error)
- func (c *Client) GenerateExclusivity(membershipID string) error
- func (c *Client) GetKubeArtifacts() error
- func (c *Client) GetKubeUUID() error
- func (c *Client) GetMembership(membershipID string, checkNotExisting bool) error
- func (c *Client) ValidateExclusivity(membershipID string) error
- type ConnectAgent
- type GKECluster
- type GRCPResponse
- type GRCPResponseStatus
- type HTTPResult
- type K8S
- type MembershipEndpoint
- type MembershipState
- type ParentRef
- type Resource
- type Service
Constants ¶
const ( MembershipStateCodeUnspecified stateString = "CODE_UNSPECIFIED" MembershipStateCreating = "CREATING" // CREATING indicates the cluster is being registered. MembershipStateReady = "READY" // READY indicates the cluster is registered. MembershipStateDeleting = "DELETING" // DELETING indicates that the cluster is being unregistered. MembershipStateUpdating = "UPDATING" // indicates the Membership is being updated. MembershipStateServiceUpdating = "SERVICE_UPDATING" // indicates the Membership is being updated by the Hub Service. )
Code indicating the state of the Membership resource
Variables ¶
This section is empty.
Functions ¶
func CreateMembership ¶
func CreateMembership(project string, membershipID string, description string, gkeClusterSelfLink string, issuerURL string, k8sAuth k8s.Auth) (membershipUUID string, err error)
CreateMembership creates a membership GKEHub resource
func DeleteMembership ¶
func DeleteMembership(project string, membershipID string, description string, gkeClusterSelfLink string, issuerURL string, k8sAuth k8s.Auth, deleteArtifacts bool) error
DeleteMembership deletes a membership GKEHub resource
func GetMembership ¶
func GetMembership(project string, membershipID string, description string, gkeClusterSelfLink string, issuerURL string, k8sAuth k8s.Auth) error
GetMembership gets a Membership resource from the GKEHub API
func GetOptionsWithCreds ¶
func GetOptionsWithCreds(project string) (option.ClientOption, error)
GetOptionsWithCreds initializes a GKEhub client object
Types ¶
type Authority ¶
type Authority struct {
// An JWT issuer URI.\nGoogle will attempt OIDC discovery on this URI,
// and allow valid OIDC tokens\nfrom this issuer to authenticate within
// the below identity namespace.
Issuer string `json:"Issuer"`
// Output only. The identity namespace in which the issuer will be recognized.
IdentityNamespace string `json:"identityNamespace"`
// Output only. An identity provider that reflects this issuer in the identity namespace.
IdentityProvider string `json:"identityProvider"`
}
Authority encodes how Google will recognize identities from this Membership. A workload with a token from this oidc_issuer can call the IAM credentials API for the provided identity_namespace and identity_provider; the workload will receive a Google OAuth token that it can use for further API calls. See the workload identity documentation for more details: https:\/\/cloud.google.com\/kubernetes-engine\/docs\/how-to\/workload-identity
type Client ¶
Client is a Google Connect Hub client, which may be used to manage hub memberships with a project. It must be constructed via NewClient.
func (*Client) CallCreateMembershipAPI ¶
func (c *Client) CallCreateMembershipAPI(membershipID string) (HTTPResult, error)
CallCreateMembershipAPI creates a hub membership The client object should already contain the updated resource component updated in another method
func (*Client) CheckOperation ¶
CheckOperation checks a hub operation status and returns true if the operation is done
func (*Client) CreateMembership ¶
CreateMembership creates a hub membership The client object should already contain the updated resource component updated in another method
func (*Client) DeleteMembership ¶
DeleteMembership deletes a hub membership The client object should already contain the updated resource component updated in another method
func (*Client) GenerateConnectManifest ¶
func (c *Client) GenerateConnectManifest(proxy string, namespace string, version string, isUpgrade bool, registry string, imagePullSecretContent string) (k8s.ConnectManifestResponse, error)
GenerateConnectManifest asks the gkehub API for a gke-connect-agent manifest
func (*Client) GenerateExclusivity ¶
GenerateExclusivity checks the cluster exclusivity against the API
func (*Client) GetKubeArtifacts ¶
GetKubeArtifacts grabs the K8s CRD and manifest resource if existing
func (*Client) GetKubeUUID ¶
GetKubeUUID grabs the namespace UID of the K8s cluster
func (*Client) GetMembership ¶
GetMembership gets details of a hub membership. This method also initializes/updates the client component
func (*Client) ValidateExclusivity ¶
ValidateExclusivity checks the cluster exclusivity against the API
type ConnectAgent ¶
type ConnectAgent struct {
Proxy string
Namespace string
Version string
IsUpgrade bool
Registry string
ImagePullSecretContent string
Response k8s.ConnectManifestResponse
GCPSAKey string
}
ConnectAgent holds info needed to request and process a gke-connect-agent object
func (ConnectAgent) InstallOrUpdateConnectAgent ¶
func (ca ConnectAgent) InstallOrUpdateConnectAgent(project string, membershipID string, k8sAuth k8s.Auth) error
InstallOrUpdateConnectAgent retrieves the connect-agent manifests from the gke api and installs or update them into a Kubernetes cluster
type GKECluster ¶
type GKECluster struct {
// Self-link of the GCP resource for the GKE cluster. For example:
// \/\/container.googleapis.com\/v1\/projects\/my-project\/zones\/us-west1-a\/clusters\/my-cluster
// It can be at the most 1000 characters in length
ResourceLink string `json:"resourceLink"`
}
GKECluster represents a k8s cluster on GKE.
type GRCPResponse ¶
type GRCPResponse struct {
Status GRCPResponseStatus `json:"status"`
}
GRCPResponse follows the https://cloud.google.com/apis/design/errors Code must be one of the following https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto
type GRCPResponseStatus ¶
type GRCPResponseStatus struct {
// Code contains the validation result. As such,
// * OK means that exclusivity may be obtained if the manifest produced by
// GenerateExclusivityManifest can successfully be applied.
// * ALREADY_EXISTS means that the Membership CRD is already owned by another
// Hub. See status.message for more information when this occurs
Code int32 `json:"code"`
Message string `json:"message"`
Details map[string]interface{} `json:"details"`
}
GRCPResponseStatus is the inner GRCPResponse struct
type HTTPResult ¶
type HTTPResult map[string]interface{}
HTTPResult is used to store the result of an http request
func DecodeHTTPResult ¶
func DecodeHTTPResult(httpBody io.ReadCloser) (HTTPResult, error)
DecodeHTTPResult decodes an http response body
type K8S ¶
type K8S struct {
CRManifest string
CRDManifest string
Auth k8s.Auth // K8s auth info
UUID string // default namespace UID
}
K8S contains the membership K8S manifests
type MembershipEndpoint ¶
type MembershipEndpoint struct {
// If this Membership is a Kubernetes API server hosted on GKE, this is a
// self link to its GCP resource.
GKECluster GKECluster `json:"gkeCluster"`
}
MembershipEndpoint contains a map with a membership's endpoint information At the moment it only has gke options
type MembershipState ¶
type MembershipState struct {
Code stateString `json:"code"`
Description string `json:"description"` //Human readable description of the issue.\nThis field is deprecated, and is never set by the Hub Service.
UpdateTime time.Time `json:"updateTime"`
}
MembershipState contains the status of a membership
type ParentRef ¶
type ParentRef string
ParentRef is the resource name of the parent collection of a membership.
func GetParentRef ¶
GetParentRef gets the resource name of the parent collection of a membership.
type Resource ¶
type Resource struct {
// Output only. The unique name of this domain resource in the format:
// \n`projects\/[project_id]\/locations\/global\/memberships\/[membership_id]`.\n`membership_id`
// can only be set at creation time using the `membership_id`\nfield in
// the creation request. `membership_id` must be a valid RFC 1123\ncompliant
// DNS label. In particular, it must be:\n 1. At most 63 characters in length\n 2. It must consist of lower case alphanumeric characters or `-`\n 3. It must start and end with an alphanumeric character\nI.e. `membership_id` must match the regex:
// `[a-z0-9]([-a-z0-9]*[a-z0-9])?`\nwith at most 63 characters.
Name string `json:"name"`
// GCP labels for this membership."
Labels string `json:"labels"`
// Required. Description of this membership, limited to 63 characters.
// It must match the regex: `a-zA-Z0-9*`
Description string `json:"description"`
Endpoint MembershipEndpoint `json:"endpoint"`
// State is the current status of the membership
State MembershipState `json:"state"`
// How to identify workloads from this Membership.
// See the documentation on workload identity for more details:
// https:\/\/cloud.google.com\/kubernetes-engine\/docs\/how-to\/workload-identity
Authority Authority `json:"authority"`
// Output only. Timestamp for when the Membership was created.
CreateTime time.Time `json:"createTime"`
// Output only. Timestamp for when the Membership was last updated.
UpdateTime time.Time `json:"updateTime"`
//Output only. Timestamp for when the Membership was deleted.
DeleteTime time.Time `json:"deleteTime"`
// An externally-generated and managed ID for this Membership.
// This ID may still be modified after creation but it is not
// recommended to do so. The ID must match the regex: `a-zA-Z0-9*`
ExternalID string `json:"externalId"`
// Output only. For clusters using Connect, the timestamp
// of the most recent connection established with Google Cloud.
// This time is updated every several minutes, not continuously.
// For clusters that do not use GKE Connect, or that have never
// connected successfully, this field will be unset.
LastConnectionTime string `json:"lastConnectionTime"`
}
Resource type contains specific info about a Hub membership resource
Source Files