settings

package
v1.8.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 25, 2020 License: Apache-2.0 Imports: 34 Imported by: 227

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ReplaceStringSecret added in v0.11.0

func ReplaceStringSecret(val string, secretValues map[string]string) string

ReplaceStringSecret checks if given string is a secret key reference ( starts with $ ) and returns corresponding value from provided map

func UnmarshalDexConfig added in v1.5.3

func UnmarshalDexConfig(config string) (map[string]interface{}, error)

Types

type Account added in v1.5.0

type Account struct {
	PasswordHash  string
	PasswordMtime *time.Time
	Enabled       bool
	Capabilities  []AccountCapability
	Tokens        []Token
}

Account holds local account information

func (*Account) FormatCapabilities added in v1.5.0

func (a *Account) FormatCapabilities() string

FormatCapabilities returns comma separate list of user capabilities.

func (*Account) FormatPasswordMtime added in v1.5.0

func (a *Account) FormatPasswordMtime() string

FormatPasswordMtime return the formatted password modify time or empty string of password modify time is nil.

func (*Account) HasCapability added in v1.5.0

func (a *Account) HasCapability(capability AccountCapability) bool

HasCapability return true if the account has the specified capability.

func (*Account) TokenIndex added in v1.5.0

func (a *Account) TokenIndex(id string) int

TokenIndex return an index of a token with the given identifier or -1 if token not found.

type AccountCapability added in v1.5.0

type AccountCapability string
const (
	// AccountCapabilityLogin represents capability to create UI session tokens.
	AccountCapabilityLogin AccountCapability = "login"
	// AccountCapabilityLogin represents capability to generate API auth tokens.
	AccountCapabilityApiKey AccountCapability = "apiKey"
)

type ArgoCDDiffOptions added in v1.7.0

type ArgoCDDiffOptions struct {
	IgnoreAggregatedRoles bool `json:"ignoreAggregatedRoles,omitempty"`

	// If set to true then differences caused by status are ignored.
	IgnoreResourceStatusField IgnoreStatus `json:"ignoreResourceStatusField,omitempty"`
}

func GetDefaultDiffOptions added in v1.8.0

func GetDefaultDiffOptions() ArgoCDDiffOptions

type ArgoCDSettings

type ArgoCDSettings struct {
	// URL is the externally facing URL users will visit to reach Argo CD.
	// The value here is used when configuring SSO. Omitting this value will disable SSO.
	URL string `json:"url,omitempty"`
	// Indicates if status badge is enabled or not.
	StatusBadgeEnabled bool `json:"statusBadgeEnable"`
	// DexConfig contains portions of a dex config yaml
	DexConfig string `json:"dexConfig,omitempty"`
	// OIDCConfigRAW holds OIDC configuration as a raw string
	OIDCConfigRAW string `json:"oidcConfig,omitempty"`
	// ServerSignature holds the key used to generate JWT tokens.
	ServerSignature []byte `json:"serverSignature,omitempty"`
	// Certificate holds the certificate/private key for the Argo CD API server.
	// If nil, will run insecure without TLS.
	Certificate *tls.Certificate `json:"-"`
	// WebhookGitLabSecret holds the shared secret for authenticating GitHub webhook events
	WebhookGitHubSecret string `json:"webhookGitHubSecret,omitempty"`
	// WebhookGitLabSecret holds the shared secret for authenticating GitLab webhook events
	WebhookGitLabSecret string `json:"webhookGitLabSecret,omitempty"`
	// WebhookBitbucketUUID holds the UUID for authenticating Bitbucket webhook events
	WebhookBitbucketUUID string `json:"webhookBitbucketUUID,omitempty"`
	// WebhookBitbucketServerSecret holds the shared secret for authenticating BitbucketServer webhook events
	WebhookBitbucketServerSecret string `json:"webhookBitbucketServerSecret,omitempty"`
	// WebhookGogsSecret holds the shared secret for authenticating Gogs webhook events
	WebhookGogsSecret string `json:"webhookGogsSecret,omitempty"`
	// Secrets holds all secrets in argocd-secret as a map[string]string
	Secrets map[string]string `json:"secrets,omitempty"`
	// KustomizeBuildOptions is a string of kustomize build parameters
	KustomizeBuildOptions string `json:"kustomizeBuildOptions,omitempty"`
	// Indicates if anonymous user is enabled or not
	AnonymousUserEnabled bool `json:"anonymousUserEnabled,omitempty"`
	// UiCssURL local or remote path to user-defined CSS to customize ArgoCD UI
	UiCssURL string `json:"uiCssURL,omitempty"`
}

ArgoCDSettings holds in-memory runtime configuration options.

func (*ArgoCDSettings) DexOAuth2ClientSecret added in v0.11.0

func (a *ArgoCDSettings) DexOAuth2ClientSecret() string

DexOAuth2ClientSecret calculates an arbitrary, but predictable OAuth2 client secret string derived from the server secret. This is called by the dex startup wrapper (argocd-util rundex), as well as the API server, such that they both independently come to the same conclusion of what the OAuth2 shared client secret should be.

func (*ArgoCDSettings) DexRedirectURL added in v1.2.4

func (a *ArgoCDSettings) DexRedirectURL() (string, error)

func (*ArgoCDSettings) IsDexConfigured added in v0.11.0

func (a *ArgoCDSettings) IsDexConfigured() bool

func (*ArgoCDSettings) IsSSOConfigured

func (a *ArgoCDSettings) IsSSOConfigured() bool

IsSSOConfigured returns whether or not single-sign-on is configured

func (*ArgoCDSettings) IssuerURL added in v0.4.0

func (a *ArgoCDSettings) IssuerURL() string

func (*ArgoCDSettings) OAuth2ClientID added in v0.11.0

func (a *ArgoCDSettings) OAuth2ClientID() string

func (*ArgoCDSettings) OAuth2ClientSecret added in v0.4.0

func (a *ArgoCDSettings) OAuth2ClientSecret() string

func (*ArgoCDSettings) OIDCConfig added in v0.11.0

func (a *ArgoCDSettings) OIDCConfig() *OIDCConfig

func (*ArgoCDSettings) RedirectURL added in v0.4.0

func (a *ArgoCDSettings) RedirectURL() (string, error)

func (*ArgoCDSettings) TLSConfig added in v0.4.0

func (a *ArgoCDSettings) TLSConfig() *tls.Config

TLSConfig returns a tls.Config with the configured certificates

type FilteredResource added in v1.0.0

type FilteredResource struct {
	APIGroups []string `json:"apiGroups,omitempty"`
	Kinds     []string `json:"kinds,omitempty"`
	Clusters  []string `json:"clusters,omitempty"`
}

func (FilteredResource) Match added in v1.0.0

func (r FilteredResource) Match(apiGroup, kind, cluster string) bool

func (FilteredResource) MatchCluster added in v1.8.0

func (r FilteredResource) MatchCluster(cluster string) bool

type GlobalProjectSettings added in v1.8.0

type GlobalProjectSettings struct {
	ProjectName   string               `json:"projectName,omitempty"`
	LabelSelector metav1.LabelSelector `json:"labelSelector,omitempty"`
}

type GoogleAnalytics added in v1.2.0

type GoogleAnalytics struct {
	TrackingID     string `json:"trackingID,omitempty"`
	AnonymizeUsers bool   `json:"anonymizeUsers,omitempty"`
}

type HelmRepoCredentials added in v0.11.0

type HelmRepoCredentials struct {
	URL            string                   `json:"url,omitempty"`
	Name           string                   `json:"name,omitempty"`
	UsernameSecret *apiv1.SecretKeySelector `json:"usernameSecret,omitempty"`
	PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
	CertSecret     *apiv1.SecretKeySelector `json:"certSecret,omitempty"`
	KeySecret      *apiv1.SecretKeySelector `json:"keySecret,omitempty"`
}

DEPRECATED. Helm repository credentials are now managed using RepoCredentials

type Help added in v1.2.0

type Help struct {
	// the URL for getting chat help, this will typically be your Slack channel for support
	ChatURL string `json:"chatUrl,omitempty"`
	// the text for getting chat help, defaults to "Chat now!"
	ChatText string `json:"chatText,omitempty"`
}

Help settings

type IgnoreStatus added in v1.7.0

type IgnoreStatus string
const (
	// IgnoreResourceStatusInCRD ignores status changes for all CRDs
	IgnoreResourceStatusInCRD IgnoreStatus = "crd"
	// IgnoreResourceStatusInAll ignores status changes for all resources
	IgnoreResourceStatusInAll IgnoreStatus = "all"
	// IgnoreResourceStatusInNone ignores status changes for no resources
	IgnoreResourceStatusInNone IgnoreStatus = "off"
)

type KustomizeSettings added in v1.5.3

type KustomizeSettings struct {
	BuildOptions string
	Versions     []KustomizeVersion
}

KustomizeSettings holds kustomize settings

func (*KustomizeSettings) GetOptions added in v1.5.3

type KustomizeVersion added in v1.5.3

type KustomizeVersion struct {
	// Name holds Kustomize version name
	Name string
	// Name holds corresponding binary path
	Path string
}

KustomizeVersion holds information about additional Kustomize version

type OIDCConfig added in v0.11.0

type OIDCConfig struct {
	Name                   string                 `json:"name,omitempty"`
	Issuer                 string                 `json:"issuer,omitempty"`
	ClientID               string                 `json:"clientID,omitempty"`
	ClientSecret           string                 `json:"clientSecret,omitempty"`
	CLIClientID            string                 `json:"cliClientID,omitempty"`
	RequestedScopes        []string               `json:"requestedScopes,omitempty"`
	RequestedIDTokenClaims map[string]*oidc.Claim `json:"requestedIDTokenClaims,omitempty"`
	LogoutURL              string                 `json:"logoutURL,omitempty"`
}

func UnmarshalOIDCConfig added in v1.5.3

func UnmarshalOIDCConfig(config string) (OIDCConfig, error)

type Repository added in v1.2.4

type Repository struct {
	// The URL to the repository
	URL string `json:"url,omitempty"`
	// the type of the repo, "git" or "helm", assumed to be "git" if empty or absent
	Type string `json:"type,omitempty"`
	// helm only
	Name string `json:"name,omitempty"`
	// Name of the secret storing the username used to access the repo
	UsernameSecret *apiv1.SecretKeySelector `json:"usernameSecret,omitempty"`
	// Name of the secret storing the password used to access the repo
	PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
	// Name of the secret storing the SSH private key used to access the repo. Git only
	SSHPrivateKeySecret *apiv1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
	// Whether to connect the repository in an insecure way (deprecated)
	InsecureIgnoreHostKey bool `json:"insecureIgnoreHostKey,omitempty"`
	// Whether to connect the repository in an insecure way
	Insecure bool `json:"insecure,omitempty"`
	// Whether the repo is git-lfs enabled. Git only.
	EnableLFS bool `json:"enableLfs,omitempty"`
	// Name of the secret storing the TLS client cert data
	TLSClientCertDataSecret *apiv1.SecretKeySelector `json:"tlsClientCertDataSecret,omitempty"`
	// Name of the secret storing the TLS client cert's key data
	TLSClientCertKeySecret *apiv1.SecretKeySelector `json:"tlsClientCertKeySecret,omitempty"`
	// Whether the repo is helm-oci enabled. Git only.
	EnableOci bool `json:"enableOci,omitempty"`
}

Credentials for accessing a Git repository

type RepositoryCredentials added in v1.2.4

type RepositoryCredentials struct {
	// The URL pattern the repository URL has to match
	URL string `json:"url,omitempty"`
	// Name of the secret storing the username used to access the repo
	UsernameSecret *apiv1.SecretKeySelector `json:"usernameSecret,omitempty"`
	// Name of the secret storing the password used to access the repo
	PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
	// Name of the secret storing the SSH private key used to access the repo. Git only
	SSHPrivateKeySecret *apiv1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
	// Name of the secret storing the TLS client cert data
	TLSClientCertDataSecret *apiv1.SecretKeySelector `json:"tlsClientCertDataSecret,omitempty"`
	// Name of the secret storing the TLS client cert's key data
	TLSClientCertKeySecret *apiv1.SecretKeySelector `json:"tlsClientCertKeySecret,omitempty"`
}

Credential template for accessing repositories

type ResourcesFilter added in v1.2.0

type ResourcesFilter struct {
	// ResourceExclusions holds the api groups, kinds per cluster to exclude from Argo CD's watch
	ResourceExclusions []FilteredResource
	// ResourceInclusions holds the only api groups, kinds per cluster that Argo CD will watch
	ResourceInclusions []FilteredResource
}

func (*ResourcesFilter) IsExcludedResource added in v1.2.0

func (rf *ResourcesFilter) IsExcludedResource(apiGroup, kind, cluster string) bool

Behavior of this function is as follows: +-------------+-------------+-------------+ | Inclusions | Exclusions | Result | +-------------+-------------+-------------+ | Empty | Empty | Allowed | +-------------+-------------+-------------+ | Present | Empty | Allowed | +-------------+-------------+-------------+ | Not Present | Empty | Not Allowed | +-------------+-------------+-------------+ | Empty | Present | Not Allowed | +-------------+-------------+-------------+ | Empty | Not Present | Allowed | +-------------+-------------+-------------+ | Present | Not Present | Allowed | +-------------+-------------+-------------+ | Not Present | Present | Not Allowed | +-------------+-------------+-------------+ | Not Present | Not Present | Not Allowed | +-------------+-------------+-------------+ | Present | Present | Not Allowed | +-------------+-------------+-------------+

type SettingsManager

type SettingsManager struct {
	// contains filtered or unexported fields
}

SettingsManager holds config info for a new manager with which to access Kubernetes ConfigMaps.

func NewSettingsManager

func NewSettingsManager(ctx context.Context, clientset kubernetes.Interface, namespace string) *SettingsManager

NewSettingsManager generates a new SettingsManager pointer and returns it

func (*SettingsManager) AddAccount added in v1.5.0

func (mgr *SettingsManager) AddAccount(name string, account Account) error

AddAccount save an account with the given name and properties.

func (*SettingsManager) GetAccount added in v1.5.0

func (mgr *SettingsManager) GetAccount(name string) (*Account, error)

GetAccount return an account info by the specified name.

func (*SettingsManager) GetAccounts added in v1.5.0

func (mgr *SettingsManager) GetAccounts() (map[string]Account, error)

GetAccounts returns list of configured accounts

func (*SettingsManager) GetAppInstanceLabelKey added in v1.2.0

func (mgr *SettingsManager) GetAppInstanceLabelKey() (string, error)

func (*SettingsManager) GetConfigManagementPlugins added in v1.2.0

func (mgr *SettingsManager) GetConfigManagementPlugins() ([]v1alpha1.ConfigManagementPlugin, error)

func (*SettingsManager) GetConfigMapByName added in v1.2.0

func (mgr *SettingsManager) GetConfigMapByName(configMapName string) (*apiv1.ConfigMap, error)

Returns the ConfigMap with the given name from the cluster. The ConfigMap must be labeled with "app.kubernetes.io/part-of: argocd" in order to be retrievable.

func (*SettingsManager) GetGlobalProjectsSettings added in v1.8.0

func (mgr *SettingsManager) GetGlobalProjectsSettings() ([]GlobalProjectSettings, error)

GetGlobalProjectsSettings loads the global project settings from argocd-cm ConfigMap

func (*SettingsManager) GetGoogleAnalytics added in v1.2.0

func (mgr *SettingsManager) GetGoogleAnalytics() (*GoogleAnalytics, error)

func (*SettingsManager) GetHelmRepositories added in v1.2.0

func (mgr *SettingsManager) GetHelmRepositories() ([]HelmRepoCredentials, error)

DEPRECATED. Helm repository credentials are now managed using RepoCredentials

func (*SettingsManager) GetHelp added in v1.2.0

func (mgr *SettingsManager) GetHelp() (*Help, error)

func (*SettingsManager) GetKustomizeSettings added in v1.5.3

func (mgr *SettingsManager) GetKustomizeSettings() (*KustomizeSettings, error)

GetKustomizeSettings loads the kustomize settings from argocd-cm ConfigMap

func (*SettingsManager) GetRepositories added in v1.2.0

func (mgr *SettingsManager) GetRepositories() ([]Repository, error)

func (*SettingsManager) GetRepositoryCredentials added in v1.2.0

func (mgr *SettingsManager) GetRepositoryCredentials() ([]RepositoryCredentials, error)

func (*SettingsManager) GetResourceCompareOptions added in v1.6.0

func (mgr *SettingsManager) GetResourceCompareOptions() (ArgoCDDiffOptions, error)

GetResourceCompareOptions loads the resource compare options settings from the ConfigMap

func (*SettingsManager) GetResourceOverrides added in v1.0.0

func (mgr *SettingsManager) GetResourceOverrides() (map[string]v1alpha1.ResourceOverride, error)

GetResourceOverrides loads Resource Overrides from argocd-cm ConfigMap

func (*SettingsManager) GetResourcesFilter added in v1.2.0

func (mgr *SettingsManager) GetResourcesFilter() (*ResourcesFilter, error)

func (*SettingsManager) GetSecretsLister added in v0.11.0

func (mgr *SettingsManager) GetSecretsLister() (v1listers.SecretLister, error)

func (*SettingsManager) GetSettings

func (mgr *SettingsManager) GetSettings() (*ArgoCDSettings, error)

GetSettings retrieves settings from the ArgoCDConfigMap and secret.

func (*SettingsManager) InitializeSettings added in v0.11.0

func (mgr *SettingsManager) InitializeSettings(insecureModeEnabled bool) (*ArgoCDSettings, error)

InitializeSettings is used to initialize empty admin password, signature, certificate etc if missing

func (*SettingsManager) ResyncInformers added in v0.11.0

func (mgr *SettingsManager) ResyncInformers() error

func (*SettingsManager) SaveGPGPublicKeyData added in v1.7.0

func (mgr *SettingsManager) SaveGPGPublicKeyData(ctx context.Context, gpgPublicKeys map[string]string) error

func (*SettingsManager) SaveRepositories added in v1.2.0

func (mgr *SettingsManager) SaveRepositories(repos []Repository) error

func (*SettingsManager) SaveRepositoryCredentials added in v1.2.4

func (mgr *SettingsManager) SaveRepositoryCredentials(creds []RepositoryCredentials) error

func (*SettingsManager) SaveSSHKnownHostsData added in v1.2.0

func (mgr *SettingsManager) SaveSSHKnownHostsData(ctx context.Context, knownHostsList []string) error

Save the SSH known host data into the corresponding ConfigMap

func (*SettingsManager) SaveSettings

func (mgr *SettingsManager) SaveSettings(settings *ArgoCDSettings) error

SaveSettings serializes ArgoCDSettings and upserts it into K8s secret/configmap

func (*SettingsManager) SaveTLSCertificateData added in v1.2.0

func (mgr *SettingsManager) SaveTLSCertificateData(ctx context.Context, tlsCertificates map[string]string) error

func (*SettingsManager) Subscribe added in v0.4.4

func (mgr *SettingsManager) Subscribe(subCh chan<- *ArgoCDSettings)

Subscribe registers a channel in which to subscribe to settings updates

func (*SettingsManager) Unsubscribe added in v0.4.4

func (mgr *SettingsManager) Unsubscribe(subCh chan<- *ArgoCDSettings)

Unsubscribe unregisters a channel from receiving of settings updates

func (*SettingsManager) UpdateAccount added in v1.5.0

func (mgr *SettingsManager) UpdateAccount(name string, callback func(account *Account) error) error

UpdateAccount runs the callback function against an account that matches to the specified name and persist changes applied by the callback.

type Token added in v1.5.0

type Token struct {
	ID        string `json:"id"`
	IssuedAt  int64  `json:"iat"`
	ExpiresAt int64  `json:"exp,omitempty"`
}

Token holds the information about the generated auth token.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL