Documentation
¶
Index ¶
- Constants
- func NewRealms() map[string]RealmAccessList
- type Cache
- type Config
- type Duration
- type Gitlab
- func (g *Gitlab) CertPool() (pool *x509.CertPool, err error)
- func (g *Gitlab) Certificates() (certs []tls.Certificate, err error)
- func (g *Gitlab) HTTPClient() (client *http.Client, err error)
- func (g *Gitlab) HTTPTransport() (transport http.RoundTripper, err error)
- func (g *Gitlab) MTLS() (cfg *tls.Config, err error)
- func (g *Gitlab) UserInfoOptions() *access.UserInfoOptions
- type GitlabGroupFilter
- type Health
- type Metrics
- type RealmAccessList
- type RealmAccessRules
- type Realms
- type Server
- type TLS
- type Web
Constants ¶
View Source
const ( Path = "/etc/kubernetes/gitlab-authn.yaml" WebPath = "/usr/share/kubernetes-gitlab-authn/public" )
Variables ¶
This section is empty.
Functions ¶
func NewRealms ¶
func NewRealms() map[string]RealmAccessList
Types ¶
type Config ¶
type Config struct {
Realms Realms `json:"realms"`
Gitlab *Gitlab `json:"gitlab"`
Server *Server `json:"server"`
Health *Health `json:"health"`
Metrics *Metrics `json:"metrics"`
Cache *Cache `json:"cache"`
Web *Web `json:"web"`
// contains filtered or unexported fields
}
func (*Config) Set ¶
Set is an alias for Config.LoadFile. It satisfies the flag.Value contract.
func (*Config) String ¶
String returns the filesystem location of the file containing the stored data. It satisfies the flag.Value contract.
type Duration ¶
func (*Duration) UnmarshalJSON ¶
type Gitlab ¶
type Gitlab struct {
Server `json:",inline"`
AttributesAsGroups bool `json:"attributes_as_groups"`
InactivityTimeout Duration `json:"inactivity_timeout"`
GroupFilter GitlabGroupFilter `json:"group_filter"`
}
func (*Gitlab) Certificates ¶
func (g *Gitlab) Certificates() (certs []tls.Certificate, err error)
func (*Gitlab) HTTPTransport ¶
func (g *Gitlab) HTTPTransport() (transport http.RoundTripper, err error)
func (*Gitlab) UserInfoOptions ¶
func (g *Gitlab) UserInfoOptions() *access.UserInfoOptions
type GitlabGroupFilter ¶
type GitlabGroupFilter struct {
OwnedOnly bool `json:"owned_only"`
TopLevelOnly bool `json:"top_level_only"`
MinAccessLevel gitlab.AccessLevelValue `json:"min_access_level"`
Name string `json:"name"`
Limit uint8 `json:"limit"`
}
func (*GitlabGroupFilter) ListOptions ¶
func (f *GitlabGroupFilter) ListOptions() *gitlab.ListGroupsOptions
type Metrics ¶
type Metrics struct {
Server `json:",inline"`
RequestLimit int `json:"request_limit"`
RequestTimeout time.Duration `json:"request_timeout"`
}
func NewMetrics ¶
func NewMetrics() *Metrics
type RealmAccessList ¶
type RealmAccessList []*RealmAccessRules
func (RealmAccessList) UserRules ¶
func (r RealmAccessList) UserRules() userauthz.Authorizer
type RealmAccessRules ¶
type RealmAccessRules struct {
// Reject users without 2FA set up
Require2FA bool `json:"require_2fa"`
// Reject users marked as robots
RejectBots bool `json:"reject_bots"`
// Reject users in locked state
RejectLocked bool `json:"reject_locked"`
// Reject users which have not confirmed their account yet
RejectPristine bool `json:"reject_pristine"`
// Reject users which have not had any activity for some time
RejectDormant bool `json:"reject_dormant"`
// Only allow users with the given usernames
RequireUsers []string `json:"require_users"`
// Reject users based on their username
RejectUsers []string `json:"reject_users"`
// Require membership of all of these groups
RequireGroups []string `json:"require_groups"`
// Reject members of any of the given groups
RejectGroups []string `json:"reject_groups"`
}
func (*RealmAccessRules) UserRules ¶
func (r *RealmAccessRules) UserRules() userauthz.Authorizer
type Realms ¶
type Realms map[string]RealmAccessList
func (Realms) UserAccessControlList ¶
func (r Realms) UserAccessControlList() map[string]userauthz.Authorizer
type Server ¶
type Server struct {
*TLS `json:"tls"`
Address string `json:"address"`
Port uint `json:"port"`
Path string `json:"path"`
}
func (*Server) HandlerPath ¶
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.