common

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// MetadataPrefix is the prefix used for our labels and annotations
	MetadataPrefix = "argocd.argoproj.io"

	// SecretTypeRepository indicates a secret type of repository
	SecretTypeRepository = "repository"

	// SecretTypeCluster indicates a secret type of cluster
	SecretTypeCluster = "cluster"
)
View Source
const (
	ArgoCDManagerServiceAccount     = "argocd-manager"
	ArgoCDManagerClusterRole        = "argocd-manager-role"
	ArgoCDManagerClusterRoleBinding = "argocd-manager-role-binding"
)

ArgoCDManagerServiceAccount is the name of the service account for managing a cluster

View Source
const (
	ArgoCDServerServiceAccount = "argocd-server"
	ArgoCDServerRole           = "argocd-server-role"
	ArgoCDServerRoleBinding    = "argocd-server-role-binding"
)
View Source
const (
	ApplicationControllerServiceAccount = "application-controller"
	ApplicationControllerRole           = "application-controller-role"
	ApplicationControllerRoleBinding    = "application-controller-role-binding"
)

Variables

View Source
var (
	// LabelKeyAppInstance refers to the application instance resource name
	LabelKeyAppInstance = MetadataPrefix + "/app-instance"

	// LabelKeySecretType contains the type of argocd secret (either 'cluster' or 'repo')
	LabelKeySecretType = MetadataPrefix + "/secret-type"

	// LabelKeyApplicationControllerInstanceID is the label which allows to separate application among multiple running application controllers.
	LabelKeyApplicationControllerInstanceID = application.ApplicationFullName + "/controller-instanceid"
	// LabelApplicationName is the label which indicates that resource belongs to application with the specified name
	LabelApplicationName = application.ApplicationFullName + "/app-name"
)
View Source
var ApplicationControllerPolicyRules = []rbacv1.PolicyRule{
	{
		APIGroups: []string{""},
		Resources: []string{"secrets"},
		Verbs:     []string{"get"},
	},
	{
		APIGroups: []string{"argoproj.io"},
		Resources: []string{"applications"},
		Verbs:     []string{"create", "get", "list", "watch", "update", "patch", "delete"},
	},
}
View Source
var ArgoCDManagerPolicyRules = []rbacv1.PolicyRule{
	{
		APIGroups: []string{"*"},
		Resources: []string{"*"},
		Verbs:     []string{"*"},
	},
}

ArgoCDManagerPolicyRules are the policies to give argocd-manager

View Source
var ArgoCDServerPolicyRules = []rbacv1.PolicyRule{
	{
		APIGroups: []string{""},
		Resources: []string{"pods", "pods/exec", "pods/log"},
		Verbs:     []string{"get", "list", "watch"},
	},
	{
		APIGroups: []string{""},
		Resources: []string{"secrets"},
		Verbs:     []string{"create", "get", "list", "watch", "update", "patch", "delete"},
	},
	{
		APIGroups: []string{"argoproj.io"},
		Resources: []string{"applications"},
		Verbs:     []string{"create", "get", "list", "watch", "update", "patch", "delete"},
	},
}

Functions

func CreateClusterRole

func CreateClusterRole(
	clientset kubernetes.Interface,
	clusterRoleName string,
	rules []rbacv1.PolicyRule,
)

CreateClusterRole creates a cluster role

func CreateClusterRoleBinding

func CreateClusterRoleBinding(
	clientset kubernetes.Interface,
	clusterBindingRoleName,
	serviceAccountName,
	clusterRoleName string,
	namespace string,
)

CreateClusterRoleBinding create a ClusterRoleBinding

func CreateServiceAccount

func CreateServiceAccount(
	clientset kubernetes.Interface,
	serviceAccountName string,
	namespace string,
)

CreateServiceAccount creates a service account

func InstallClusterManagerRBAC

func InstallClusterManagerRBAC(conf *rest.Config) string

InstallClusterManagerRBAC installs RBAC resources for a cluster manager to operate a cluster. Returns a token

func UninstallClusterManagerRBAC

func UninstallClusterManagerRBAC(conf *rest.Config)

UninstallClusterManagerRBAC removes RBAC resources for a cluster manager to operate a cluster

func UninstallRBAC

func UninstallRBAC(clientset kubernetes.Interface, namespace, bindingName, roleName, serviceAccount string)

UninstallRBAC uninstalls RBAC related resources for a binding, role, and service account

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL