Documentation ¶
Index ¶
- Constants
- Variables
- func AddSeccompProfileForOpenShift(client client.Client, podspec *corev1.PodSpec)
- func CanUseKeycloakWithTemplate() bool
- func GenerateUniqueResourceName(argoComponentName string, cr *argoproj.ArgoCD) string
- func InspectCluster() error
- func IsPrometheusAPIAvailable() bool
- func IsRouteAPIAvailable() bool
- func IsVersionAPIAvailable() bool
- func Register(h ...Hook)
- func UseDex(cr *argoproj.ArgoCD) bool
- func ZapLogger(development bool) logr.Logger
- type CustomKeycloakAPIRealm
- type DeprecationEventEmissionStatus
- type DexConnector
- type Hook
- type KeycloakAPIClient
- type KeycloakClientScope
- type KeycloakIdentityProvider
- type KeycloakIdentityProviderMapper
- type KeycloakProtocolMapper
- type ReconcileArgoCD
- func (r *ReconcileArgoCD) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error)
- func (r *ReconcileArgoCD) ReconcileNetworkPolicies(cr *argoproj.ArgoCD) error
- func (r *ReconcileArgoCD) ReconcileRedisHANetworkPolicy(cr *argoproj.ArgoCD) error
- func (r *ReconcileArgoCD) ReconcileRedisNetworkPolicy(cr *argoproj.ArgoCD) error
- func (r *ReconcileArgoCD) SetupWithManager(mgr ctrl.Manager) error
- type SchemeOpt
- type TokenResponse
Constants ¶
const ( ApplicationSetGitlabSCMTlsCertPath = "/app/tls/scm/cert" ApplicationSetGitlabSCMTlsMountPath = "/app/tls/scm/" )
const ( // RedisIngressNetworkPolicy is the name of the network policy which controls Redis Ingress traffic RedisNetworkPolicy = "redis-network-policy" // RedisHAIngressNetworkPolicy is the name of the network policy which controls Redis HA Ingress traffic RedisHANetworkPolicy = "redis-ha-network-policy" )
const (
DefaultNotificationsConfigurationInstanceName = "default-notifications-configuration"
)
Variables ¶
var ( ActiveInstancesByPhase = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Name: "active_argocd_instances_by_phase", Help: "Number of active argocd instances by phase", }, []string{"phase"}, ) ActiveInstancesTotal = prometheus.NewGauge( prometheus.GaugeOpts{ Name: "active_argocd_instances_total", Help: "Total number of active argocd instances", }, ) ActiveInstanceReconciliationCount = prometheus.NewCounterVec( prometheus.CounterOpts{ Name: "active_argocd_instance_reconciliation_count", Help: "Number of reconciliations performed for a given instance", }, []string{"namespace"}, ) // ReconcileTime is a prometheus metric which keeps track of the duration // of reconciliations for a given instance ReconcileTime = prometheus.NewHistogramVec(prometheus.HistogramOpts{ Name: "controller_runtime_reconcile_time_seconds_per_instance", Help: "Length of time per reconciliation per instance", Buckets: []float64{0.05, 0.075, 0.1, 0.15, 0.2, 0.22, 0.24, 0.26, 0.28, 0.3, 0.32, 0.34, 0.37, 0.4, 0.42, 0.44, 0.48, 0.5, 0.55, 0.6, 0.75, 0.9, 1.00}, }, []string{"namespace"}) )
var ActiveInstanceMap = make(map[string]string)
Map to keep track of running Argo CD instances using their namespaces as key and phase as value This map will be used for the performance metrics purposes Important note: This assumes that each instance only contains one Argo CD instance as, having multiple Argo CD instances in the same namespace is considered an anti-pattern
var DeprecationEventEmissionTracker = make(map[string]DeprecationEventEmissionStatus)
DeprecationEventEmissionTracker map stores the namespace containing ArgoCD instance as key and DeprecationEventEmissionStatus as value, where DeprecationEventEmissionStatus tracks the events that have been emitted for the instance in the particular namespace. This is temporary and can be removed in v0.0.6 when we remove the deprecated fields.
var ( TCPProtocol = func() *corev1.Protocol { tcpProtocol := corev1.ProtocolTCP return &tcpProtocol }() )
Functions ¶
func AddSeccompProfileForOpenShift ¶ added in v0.2.3
func CanUseKeycloakWithTemplate ¶ added in v0.11.0
func CanUseKeycloakWithTemplate() bool
CanUseKeycloakWithTemplate checks if the required APIs are available to manage a Keycloak instance using Templates.
func GenerateUniqueResourceName ¶
GenerateUniqueResourceName generates unique names for cluster scoped resources
func InspectCluster ¶
func InspectCluster() error
InspectCluster will verify the availability of extra features available to the cluster, such as Prometheus and OpenShift Routes.
func IsPrometheusAPIAvailable ¶
func IsPrometheusAPIAvailable() bool
IsPrometheusAPIAvailable returns true if the Prometheus API is present.
func IsRouteAPIAvailable ¶
func IsRouteAPIAvailable() bool
IsRouteAPIAvailable returns true if the Route API is present.
func IsVersionAPIAvailable ¶ added in v0.2.3
func IsVersionAPIAvailable() bool
IsVersionAPIAvailable returns true if the version api is present
func Register ¶
func Register(h ...Hook)
Register adds a modifier for updating resources during reconciliation.
Types ¶
type CustomKeycloakAPIRealm ¶ added in v0.3.0
type CustomKeycloakAPIRealm struct { // Realm name. Realm string `json:"realm"` // Realm enabled flag. // +optional Enabled bool `json:"enabled"` // Require SSL // +optional SslRequired string `json:"sslRequired,omitempty"` // A set of Keycloak Clients. // +optional Clients []*KeycloakAPIClient `json:"clients,omitempty"` // Client scopes // +optional ClientScopes []KeycloakClientScope `json:"clientScopes,omitempty"` // A set of Identity Providers. // +optional IdentityProviders []*KeycloakIdentityProvider `json:"identityProviders,omitempty"` // KeycloakIdentityProviderMapper defines IdentityProvider Mappers // issue: https://github.com/keycloak/keycloak-operator/issues/471 IdentityProviderMappers []*KeycloakIdentityProviderMapper `json:"identityProviderMappers,omitempty"` }
CustomKeycloakAPIRealm is an extention type of KeycloakAPIRealm as is it does not support IdentityProvider Mappers issue: https://github.com/keycloak/keycloak-operator/issues/471
type DeprecationEventEmissionStatus ¶ added in v0.5.0
type DeprecationEventEmissionStatus struct { SSOSpecDeprecationWarningEmitted bool DexSpecDeprecationWarningEmitted bool DisableDexDeprecationWarningEmitted bool TLSInsecureWarningEmitted bool }
DeprecationEventEmissionStatus is meant to track which deprecation events have been emitted already. This is temporary and can be removed in v0.0.6 once we have provided enough deprecation notice
type DexConnector ¶
type DexConnector struct { Config map[string]interface{} `yaml:"config,omitempty"` ID string `yaml:"id"` Name string `yaml:"name"` Type string `yaml:"type"` }
DexConnector represents an authentication connector for Dex.
type KeycloakAPIClient ¶ added in v0.7.1
type KeycloakAPIClient struct { // Client ID. // +kubebuilder:validation:Required ClientID string `json:"clientId"` // Client name. // +optional Name string `json:"name,omitempty"` // What Client authentication type to use. // +optional ClientAuthenticatorType string `json:"clientAuthenticatorType,omitempty"` // Client Secret. The Operator will automatically create a Secret based on this value. // +optional Secret string `json:"secret,omitempty"` // Application base URL. // +optional BaseURL string `json:"baseUrl,omitempty"` // Application Admin URL. // +optional AdminURL string `json:"adminUrl,omitempty"` // Application root URL. // +optional RootURL string `json:"rootUrl,omitempty"` // A list of valid Redirection URLs. // +optional RedirectUris []string `json:"redirectUris,omitempty"` // A list of valid Web Origins. // +optional WebOrigins []string `json:"webOrigins,omitempty"` // True if Standard flow is enabled. // +optional StandardFlowEnabled bool `json:"standardFlowEnabled"` // A list of default client scopes. Default client scopes are // always applied when issuing OpenID Connect tokens or SAML // assertions for this client. // +optional DefaultClientScopes []string `json:"defaultClientScopes,omitempty"` }
type KeycloakClientScope ¶ added in v0.7.1
type KeycloakClientScope struct { // +optional Attributes map[string]string `json:"attributes,omitempty"` // +optional ID string `json:"id,omitempty"` // +optional Name string `json:"name,omitempty"` // +optional Protocol string `json:"protocol,omitempty"` // Protocol Mappers. // +optional ProtocolMappers []KeycloakProtocolMapper `json:"protocolMappers,omitempty"` }
type KeycloakIdentityProvider ¶ added in v0.7.1
type KeycloakIdentityProvider struct { // Identity Provider Alias. // +optional Alias string `json:"alias,omitempty"` // Identity Provider Display Name. // +optional DisplayName string `json:"displayName,omitempty"` // Identity Provider ID. // +optional ProviderID string `json:"providerId,omitempty"` // Identity Provider config. // +optional Config map[string]string `json:"config,omitempty"` }
type KeycloakIdentityProviderMapper ¶ added in v0.3.0
type KeycloakIdentityProviderMapper struct { // Name // +optional Name string `json:"name,omitempty"` // Identity Provider Alias. // +optional IdentityProviderAlias string `json:"identityProviderAlias,omitempty"` // Identity Provider Mapper. // +optional IdentityProviderMapper string `json:"identityProviderMapper,omitempty"` // Identity Provider Mapper config. // +optional Config map[string]string `json:"config,omitempty"` }
KeycloakIdentityProviderMapper defines IdentityProvider Mappers issue: https://github.com/keycloak/keycloak-operator/issues/471
type KeycloakProtocolMapper ¶ added in v0.7.1
type KeycloakProtocolMapper struct { // Protocol Mapper ID. // +optional ID string `json:"id,omitempty"` // Protocol Mapper Name. // +optional Name string `json:"name,omitempty"` // Protocol to use. // +optional Protocol string `json:"protocol,omitempty"` // Protocol Mapper to use // +optional ProtocolMapper string `json:"protocolMapper,omitempty"` // Config options. // +optional Config map[string]string `json:"config,omitempty"` }
type ReconcileArgoCD ¶
type ReconcileArgoCD struct { client.Client Scheme *runtime.Scheme ManagedNamespaces *corev1.NamespaceList // Stores a list of ApplicationSourceNamespaces as keys ManagedSourceNamespaces map[string]string // Stores a list of ApplicationSetSourceNamespaces as keys ManagedApplicationSetSourceNamespaces map[string]string // Stores label selector used to reconcile a subset of ArgoCD LabelSelector string }
ArgoCDReconciler reconciles a ArgoCD object TODO(upgrade): rename to ArgoCDRecoonciler
func (*ReconcileArgoCD) Reconcile ¶
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. the ArgoCD object against the actual cluster state, and then perform operations to make the cluster state reflect the state specified by the user.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.9.2/pkg/reconcile
func (*ReconcileArgoCD) ReconcileNetworkPolicies ¶ added in v0.10.1
func (r *ReconcileArgoCD) ReconcileNetworkPolicies(cr *argoproj.ArgoCD) error
func (*ReconcileArgoCD) ReconcileRedisHANetworkPolicy ¶ added in v0.10.1
func (r *ReconcileArgoCD) ReconcileRedisHANetworkPolicy(cr *argoproj.ArgoCD) error
ReconcileRedisHANetworkPolicy creates and reconciles network policy for Redis HA
func (*ReconcileArgoCD) ReconcileRedisNetworkPolicy ¶ added in v0.10.1
func (r *ReconcileArgoCD) ReconcileRedisNetworkPolicy(cr *argoproj.ArgoCD) error
ReconcileRedisNetworkPolicy creates and reconciles network policy for Redis
func (*ReconcileArgoCD) SetupWithManager ¶
func (r *ReconcileArgoCD) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type TokenResponse ¶ added in v0.7.1
Source Files ¶
- applicationset.go
- argocd_controller.go
- configmap.go
- custommapper.go
- deployment.go
- dex.go
- dexUtil.go
- hooks.go
- hpa.go
- ingress.go
- keycloak.go
- keycloak_client.go
- keycloak_types.go
- metrics.go
- networkpolicies.go
- notifications.go
- notifications_util.go
- policyrule.go
- prometheus.go
- role.go
- rolebinding.go
- route.go
- secret.go
- service.go
- service_account.go
- sso.go
- statefulset.go
- status.go
- testing.go
- util.go