Documentation
¶
Index ¶
- Constants
- Variables
- func AddSeccompProfileForOpenShift(client client.Client, podspec *corev1.PodSpec)
- func CanUseKeycloakWithTemplate() bool
- func GenerateUniqueResourceName(argoComponentName string, cr *argoproj.ArgoCD) string
- func InspectCluster() error
- func IsPrometheusAPIAvailable() bool
- func IsRouteAPIAvailable() bool
- func IsVersionAPIAvailable() bool
- func Register(h ...Hook)
- func UseDex(cr *argoproj.ArgoCD) bool
- func ZapLogger(development bool) logr.Logger
- type CustomKeycloakAPIRealm
- type DeprecationEventEmissionStatus
- type DexConnector
- type Hook
- type KeycloakAPIClient
- type KeycloakClientScope
- type KeycloakIdentityProvider
- type KeycloakIdentityProviderMapper
- type KeycloakProtocolMapper
- type ReconcileArgoCD
- func (r *ReconcileArgoCD) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error)
- func (r *ReconcileArgoCD) ReconcileNetworkPolicies(cr *argoproj.ArgoCD) error
- func (r *ReconcileArgoCD) ReconcileRedisHANetworkPolicy(cr *argoproj.ArgoCD) error
- func (r *ReconcileArgoCD) ReconcileRedisNetworkPolicy(cr *argoproj.ArgoCD) error
- func (r *ReconcileArgoCD) SetupWithManager(mgr ctrl.Manager) error
- type SchemeOpt
- type TokenResponse
Constants ¶
const ( ApplicationSetGitlabSCMTlsCertPath = "/app/tls/scm/cert" ApplicationSetGitlabSCMTlsMountPath = "/app/tls/scm/" )
const ( // RedisIngressNetworkPolicy is the name of the network policy which controls Redis Ingress traffic RedisNetworkPolicy = "redis-network-policy" // RedisHAIngressNetworkPolicy is the name of the network policy which controls Redis HA Ingress traffic RedisHANetworkPolicy = "redis-ha-network-policy" )
const (
DefaultNotificationsConfigurationInstanceName = "default-notifications-configuration"
)
Variables ¶
var ( ActiveInstancesByPhase = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Name: "active_argocd_instances_by_phase", Help: "Number of active argocd instances by phase", }, []string{"phase"}, ) ActiveInstancesTotal = prometheus.NewGauge( prometheus.GaugeOpts{ Name: "active_argocd_instances_total", Help: "Total number of active argocd instances", }, ) ActiveInstanceReconciliationCount = prometheus.NewCounterVec( prometheus.CounterOpts{ Name: "active_argocd_instance_reconciliation_count", Help: "Number of reconciliations performed for a given instance", }, []string{"namespace"}, ) // ReconcileTime is a prometheus metric which keeps track of the duration // of reconciliations for a given instance ReconcileTime = prometheus.NewHistogramVec(prometheus.HistogramOpts{ Name: "controller_runtime_reconcile_time_seconds_per_instance", Help: "Length of time per reconciliation per instance", Buckets: []float64{0.05, 0.075, 0.1, 0.15, 0.2, 0.22, 0.24, 0.26, 0.28, 0.3, 0.32, 0.34, 0.37, 0.4, 0.42, 0.44, 0.48, 0.5, 0.55, 0.6, 0.75, 0.9, 1.00}, }, []string{"namespace"}) )
var ActiveInstanceMap = make(map[string]string)
Map to keep track of running Argo CD instances using their namespaces as key and phase as value This map will be used for the performance metrics purposes Important note: This assumes that each instance only contains one Argo CD instance as, having multiple Argo CD instances in the same namespace is considered an anti-pattern
var DeprecationEventEmissionTracker = make(map[string]DeprecationEventEmissionStatus)
DeprecationEventEmissionTracker map stores the namespace containing ArgoCD instance as key and DeprecationEventEmissionStatus as value, where DeprecationEventEmissionStatus tracks the events that have been emitted for the instance in the particular namespace. This is temporary and can be removed in v0.0.6 when we remove the deprecated fields.
var ( TCPProtocol = func() *corev1.Protocol { tcpProtocol := corev1.ProtocolTCP return &tcpProtocol }() )
Functions ¶
func AddSeccompProfileForOpenShift ¶ added in v0.2.3
func CanUseKeycloakWithTemplate ¶ added in v0.11.0
func CanUseKeycloakWithTemplate() bool
CanUseKeycloakWithTemplate checks if the required APIs are available to manage a Keycloak instance using Templates.
func GenerateUniqueResourceName ¶
GenerateUniqueResourceName generates unique names for cluster scoped resources
func InspectCluster ¶
func InspectCluster() error
InspectCluster will verify the availability of extra features available to the cluster, such as Prometheus and OpenShift Routes.
func IsPrometheusAPIAvailable ¶
func IsPrometheusAPIAvailable() bool
IsPrometheusAPIAvailable returns true if the Prometheus API is present.
func IsRouteAPIAvailable ¶
func IsRouteAPIAvailable() bool
IsRouteAPIAvailable returns true if the Route API is present.
func IsVersionAPIAvailable ¶ added in v0.2.3
func IsVersionAPIAvailable() bool
IsVersionAPIAvailable returns true if the version api is present
func Register ¶
func Register(h ...Hook)
Register adds a modifier for updating resources during reconciliation.
Types ¶
type CustomKeycloakAPIRealm ¶ added in v0.3.0
type CustomKeycloakAPIRealm struct {
// Realm name.
Realm string `json:"realm"`
// Realm enabled flag.
// +optional
Enabled bool `json:"enabled"`
// Require SSL
// +optional
SslRequired string `json:"sslRequired,omitempty"`
// A set of Keycloak Clients.
// +optional
Clients []*KeycloakAPIClient `json:"clients,omitempty"`
// Client scopes
// +optional
ClientScopes []KeycloakClientScope `json:"clientScopes,omitempty"`
// A set of Identity Providers.
// +optional
IdentityProviders []*KeycloakIdentityProvider `json:"identityProviders,omitempty"`
// KeycloakIdentityProviderMapper defines IdentityProvider Mappers
// issue: https://github.com/keycloak/keycloak-operator/issues/471
IdentityProviderMappers []*KeycloakIdentityProviderMapper `json:"identityProviderMappers,omitempty"`
}
CustomKeycloakAPIRealm is an extention type of KeycloakAPIRealm as is it does not support IdentityProvider Mappers issue: https://github.com/keycloak/keycloak-operator/issues/471
type DeprecationEventEmissionStatus ¶ added in v0.5.0
type DeprecationEventEmissionStatus struct {
SSOSpecDeprecationWarningEmitted bool
DexSpecDeprecationWarningEmitted bool
DisableDexDeprecationWarningEmitted bool
TLSInsecureWarningEmitted bool
}
DeprecationEventEmissionStatus is meant to track which deprecation events have been emitted already. This is temporary and can be removed in v0.0.6 once we have provided enough deprecation notice
type DexConnector ¶
type DexConnector struct {
Config map[string]interface{} `yaml:"config,omitempty"`
ID string `yaml:"id"`
Name string `yaml:"name"`
Type string `yaml:"type"`
}
DexConnector represents an authentication connector for Dex.
type KeycloakAPIClient ¶ added in v0.7.1
type KeycloakAPIClient struct {
// Client ID.
// +kubebuilder:validation:Required
ClientID string `json:"clientId"`
// Client name.
// +optional
Name string `json:"name,omitempty"`
// What Client authentication type to use.
// +optional
ClientAuthenticatorType string `json:"clientAuthenticatorType,omitempty"`
// Client Secret. The Operator will automatically create a Secret based on this value.
// +optional
Secret string `json:"secret,omitempty"`
// Application base URL.
// +optional
BaseURL string `json:"baseUrl,omitempty"`
// Application Admin URL.
// +optional
AdminURL string `json:"adminUrl,omitempty"`
// Application root URL.
// +optional
RootURL string `json:"rootUrl,omitempty"`
// A list of valid Redirection URLs.
// +optional
RedirectUris []string `json:"redirectUris,omitempty"`
// A list of valid Web Origins.
// +optional
WebOrigins []string `json:"webOrigins,omitempty"`
// True if Standard flow is enabled.
// +optional
StandardFlowEnabled bool `json:"standardFlowEnabled"`
// A list of default client scopes. Default client scopes are
// always applied when issuing OpenID Connect tokens or SAML
// assertions for this client.
// +optional
DefaultClientScopes []string `json:"defaultClientScopes,omitempty"`
}
type KeycloakClientScope ¶ added in v0.7.1
type KeycloakClientScope struct {
// +optional
Attributes map[string]string `json:"attributes,omitempty"`
// +optional
ID string `json:"id,omitempty"`
// +optional
Name string `json:"name,omitempty"`
// +optional
Protocol string `json:"protocol,omitempty"`
// Protocol Mappers.
// +optional
ProtocolMappers []KeycloakProtocolMapper `json:"protocolMappers,omitempty"`
}
type KeycloakIdentityProvider ¶ added in v0.7.1
type KeycloakIdentityProvider struct {
// Identity Provider Alias.
// +optional
Alias string `json:"alias,omitempty"`
// Identity Provider Display Name.
// +optional
DisplayName string `json:"displayName,omitempty"`
// Identity Provider ID.
// +optional
ProviderID string `json:"providerId,omitempty"`
// Identity Provider config.
// +optional
Config map[string]string `json:"config,omitempty"`
}
type KeycloakIdentityProviderMapper ¶ added in v0.3.0
type KeycloakIdentityProviderMapper struct {
// Name
// +optional
Name string `json:"name,omitempty"`
// Identity Provider Alias.
// +optional
IdentityProviderAlias string `json:"identityProviderAlias,omitempty"`
// Identity Provider Mapper.
// +optional
IdentityProviderMapper string `json:"identityProviderMapper,omitempty"`
// Identity Provider Mapper config.
// +optional
Config map[string]string `json:"config,omitempty"`
}
KeycloakIdentityProviderMapper defines IdentityProvider Mappers issue: https://github.com/keycloak/keycloak-operator/issues/471
type KeycloakProtocolMapper ¶ added in v0.7.1
type KeycloakProtocolMapper struct {
// Protocol Mapper ID.
// +optional
ID string `json:"id,omitempty"`
// Protocol Mapper Name.
// +optional
Name string `json:"name,omitempty"`
// Protocol to use.
// +optional
Protocol string `json:"protocol,omitempty"`
// Protocol Mapper to use
// +optional
ProtocolMapper string `json:"protocolMapper,omitempty"`
// Config options.
// +optional
Config map[string]string `json:"config,omitempty"`
}
type ReconcileArgoCD ¶
type ReconcileArgoCD struct {
client.Client
Scheme *runtime.Scheme
ManagedNamespaces *corev1.NamespaceList
// Stores a list of ApplicationSourceNamespaces as keys
ManagedSourceNamespaces map[string]string
// Stores a list of ApplicationSetSourceNamespaces as keys
ManagedApplicationSetSourceNamespaces map[string]string
// Stores label selector used to reconcile a subset of ArgoCD
LabelSelector string
}
ArgoCDReconciler reconciles a ArgoCD object TODO(upgrade): rename to ArgoCDRecoonciler
func (*ReconcileArgoCD) Reconcile ¶
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. the ArgoCD object against the actual cluster state, and then perform operations to make the cluster state reflect the state specified by the user.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.9.2/pkg/reconcile
func (*ReconcileArgoCD) ReconcileNetworkPolicies ¶ added in v0.10.1
func (r *ReconcileArgoCD) ReconcileNetworkPolicies(cr *argoproj.ArgoCD) error
func (*ReconcileArgoCD) ReconcileRedisHANetworkPolicy ¶ added in v0.10.1
func (r *ReconcileArgoCD) ReconcileRedisHANetworkPolicy(cr *argoproj.ArgoCD) error
ReconcileRedisHANetworkPolicy creates and reconciles network policy for Redis HA
func (*ReconcileArgoCD) ReconcileRedisNetworkPolicy ¶ added in v0.10.1
func (r *ReconcileArgoCD) ReconcileRedisNetworkPolicy(cr *argoproj.ArgoCD) error
ReconcileRedisNetworkPolicy creates and reconciles network policy for Redis
func (*ReconcileArgoCD) SetupWithManager ¶
func (r *ReconcileArgoCD) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type TokenResponse ¶ added in v0.7.1
Source Files
¶
- applicationset.go
- argocd_controller.go
- configmap.go
- custommapper.go
- deployment.go
- dex.go
- dexUtil.go
- hooks.go
- hpa.go
- ingress.go
- keycloak.go
- keycloak_client.go
- keycloak_types.go
- metrics.go
- networkpolicies.go
- notifications.go
- notifications_util.go
- policyrule.go
- prometheus.go
- role.go
- rolebinding.go
- route.go
- secret.go
- service.go
- service_account.go
- sso.go
- statefulset.go
- status.go
- testing.go
- util.go