Documentation
¶
Index ¶
- Constants
- Variables
- type CredentialSpecDomainlessSchema
- type CredentialSpecResource
- func (cs *CredentialSpecResource) ApplyTransition(nextState resourcestatus.ResourceStatus) error
- func (cs *CredentialSpecResource) BuildContainerDependency(containerName string, satisfied apicontainerstatus.ContainerStatus, ...)
- func (cs *CredentialSpecResource) Cleanup() error
- func (cs *CredentialSpecResource) Create() error
- func (cs *CredentialSpecResource) DependOnTaskNetwork() bool
- func (cs *CredentialSpecResource) DesiredTerminal() bool
- func (cs *CredentialSpecResource) GetAppliedStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) GetContainerDependencies(dependent resourcestatus.ResourceStatus) []apicontainer.ContainerDependency
- func (cs *CredentialSpecResource) GetCreatedAt() time.Time
- func (cs *CredentialSpecResource) GetDesiredStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) GetKnownStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) GetName() string
- func (cs *CredentialSpecResource) GetTargetMapping(credSpecInput string) (string, error)
- func (cs *CredentialSpecResource) GetTerminalReason() string
- func (cs *CredentialSpecResource) HandleDomainlessKerberosTicketRenewal(iamCredentials credentials.IAMRoleCredentials) error
- func (cs *CredentialSpecResource) Initialize(resourceFields *taskresource.ResourceFields, _ status.TaskStatus, ...)
- func (cs *CredentialSpecResource) KnownCreated() bool
- func (cs *CredentialSpecResource) MarshalJSON() ([]byte, error)
- func (cs *CredentialSpecResource) MarshallPlatformSpecificFields(credentialSpecResourceJSON *CredentialSpecResourceJSON)
- func (cs *CredentialSpecResource) NextKnownState() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) SetAppliedStatus(status resourcestatus.ResourceStatus) bool
- func (cs *CredentialSpecResource) SetCreatedAt(createdAt time.Time)
- func (cs *CredentialSpecResource) SetDesiredStatus(status resourcestatus.ResourceStatus)
- func (cs *CredentialSpecResource) SetKnownStatus(status resourcestatus.ResourceStatus)
- func (cs *CredentialSpecResource) StatusString(status resourcestatus.ResourceStatus) string
- func (cs *CredentialSpecResource) SteadyState() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) TerminalStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) UnmarshalJSON(b []byte) error
- func (cs *CredentialSpecResource) UnmarshallPlatformSpecificFields(credentialSpecResourceJSON CredentialSpecResourceJSON)
- func (cs *CredentialSpecResource) UpdateRegionFromTask() error
- type CredentialSpecResourceCommon
- type CredentialSpecResourceJSON
- type CredentialSpecResourceJSONCommon
- type CredentialSpecSchema
- type CredentialSpecStatus
- type DomainlessUserCredentials
- type ServiceAccountInfo
Constants ¶
View Source
const (
// ResourceName is the name of the credentialspec resource
ResourceName = "credentialspec"
)
Variables ¶
View Source
var CredentialSpecStatusMap = map[string]CredentialSpecStatus{ "NONE": CredentialSpecStatusNone, "CREATED": CredentialSpecCreated, "REMOVED": CredentialSpecRemoved, }
Functions ¶
This section is empty.
Types ¶
type CredentialSpecDomainlessSchema ¶
type CredentialSpecDomainlessSchema struct {
CmsPlugins []string `json:"CmsPlugins"`
DomainJoinConfig struct {
Sid string `json:"Sid"`
MachineAccountName string `json:"MachineAccountName"`
GUID string `json:"Guid"`
DNSTreeName string `json:"DnsTreeName"`
DNSName string `json:"DnsName"`
NetBiosName string `json:"NetBiosName"`
} `json:"DomainJoinConfig"`
ActiveDirectoryConfig struct {
GroupManagedServiceAccounts []struct {
Name string `json:"Name"`
Scope string `json:"Scope"`
} `json:"GroupManagedServiceAccounts"`
HostAccountConfig struct {
PortableCcgVersion string `json:"PortableCcgVersion"`
PluginGUID string `json:"PluginGUID"`
PluginInput struct {
CredentialArn string `json:"CredentialArn"`
} `json:"PluginInput"`
} `json:"HostAccountConfig"`
} `json:"ActiveDirectoryConfig"`
}
CredentialSpec domainless object schema
type CredentialSpecResource ¶
type CredentialSpecResource struct {
*CredentialSpecResourceCommon
// This stores credspec arn and the corresponding service account name, domain name
// * key := credentialspec:ssmARN, value := corresponding ServiceAccountInfo
// * key := credentialspec:asmARN, value := corresponding ServiceAccountInfo
ServiceAccountInfoMap map[string]ServiceAccountInfo
// contains filtered or unexported fields
}
CredentialSpecResource is the abstraction for credentialspec resources
func NewCredentialSpecResource ¶
func NewCredentialSpecResource(taskARN, region string, executionCredentialsID string, credentialsManager credentials.Manager, ssmClientCreator ssmfactory.SSMClientCreator, s3ClientCreator s3factory.S3ClientCreator, asmClientCreator asmfactory.ClientCreator, credentialSpecContainerMap map[string]string) (*CredentialSpecResource, error)
NewCredentialSpecResource creates a new CredentialSpecResource object
func (*CredentialSpecResource) ApplyTransition ¶
func (cs *CredentialSpecResource) ApplyTransition(nextState resourcestatus.ResourceStatus) error
ApplyTransition calls the function required to move to the specified status
func (*CredentialSpecResource) BuildContainerDependency ¶
func (cs *CredentialSpecResource) BuildContainerDependency(containerName string, satisfied apicontainerstatus.ContainerStatus, dependent resourcestatus.ResourceStatus)
func (*CredentialSpecResource) Cleanup ¶
func (cs *CredentialSpecResource) Cleanup() error
Cleanup removes the credentialSpec created for the task
func (*CredentialSpecResource) Create ¶
func (cs *CredentialSpecResource) Create() error
Create is used to retrieve credentialspec resources for a given task
func (*CredentialSpecResource) DependOnTaskNetwork ¶
func (cs *CredentialSpecResource) DependOnTaskNetwork() bool
func (*CredentialSpecResource) DesiredTerminal ¶
func (cs *CredentialSpecResource) DesiredTerminal() bool
DesiredTerminal returns true if the credentialspec's desired status is REMOVED
func (*CredentialSpecResource) GetAppliedStatus ¶
func (cs *CredentialSpecResource) GetAppliedStatus() resourcestatus.ResourceStatus
GetAppliedStatus safely returns the currently applied status of the resource
func (*CredentialSpecResource) GetContainerDependencies ¶
func (cs *CredentialSpecResource) GetContainerDependencies(dependent resourcestatus.ResourceStatus) []apicontainer.ContainerDependency
func (*CredentialSpecResource) GetCreatedAt ¶
func (cs *CredentialSpecResource) GetCreatedAt() time.Time
GetCreatedAt sets the timestamp for resource's creation time
func (*CredentialSpecResource) GetDesiredStatus ¶
func (cs *CredentialSpecResource) GetDesiredStatus() resourcestatus.ResourceStatus
GetDesiredStatus safely returns the desired status of the task
func (*CredentialSpecResource) GetKnownStatus ¶
func (cs *CredentialSpecResource) GetKnownStatus() resourcestatus.ResourceStatus
GetKnownStatus safely returns the currently known status of the task
func (*CredentialSpecResource) GetName ¶
func (cs *CredentialSpecResource) GetName() string
GetName safely returns the name of the resource
func (*CredentialSpecResource) GetTargetMapping ¶
func (cs *CredentialSpecResource) GetTargetMapping(credSpecInput string) (string, error)
func (*CredentialSpecResource) GetTerminalReason ¶
func (cs *CredentialSpecResource) GetTerminalReason() string
GetTerminalReason returns an error string to propagate up through to task state change messages
func (*CredentialSpecResource) HandleDomainlessKerberosTicketRenewal ¶
func (cs *CredentialSpecResource) HandleDomainlessKerberosTicketRenewal(iamCredentials credentials.IAMRoleCredentials) error
func (*CredentialSpecResource) Initialize ¶
func (cs *CredentialSpecResource) Initialize(resourceFields *taskresource.ResourceFields, _ status.TaskStatus, _ status.TaskStatus)
func (*CredentialSpecResource) KnownCreated ¶
func (cs *CredentialSpecResource) KnownCreated() bool
KnownCreated returns true if the credentialspec's known status is CREATED
func (*CredentialSpecResource) MarshalJSON ¶
func (cs *CredentialSpecResource) MarshalJSON() ([]byte, error)
MarshalJSON serialises the CredentialSpecResourceJSON struct to JSON
func (*CredentialSpecResource) MarshallPlatformSpecificFields ¶
func (cs *CredentialSpecResource) MarshallPlatformSpecificFields(credentialSpecResourceJSON *CredentialSpecResourceJSON)
func (*CredentialSpecResource) NextKnownState ¶
func (cs *CredentialSpecResource) NextKnownState() resourcestatus.ResourceStatus
NextKnownState returns the state that the resource should progress to based on its `KnownState`.
func (*CredentialSpecResource) SetAppliedStatus ¶
func (cs *CredentialSpecResource) SetAppliedStatus(status resourcestatus.ResourceStatus) bool
SetAppliedStatus sets the applied status of resource and returns whether the resource is already in a transition
func (*CredentialSpecResource) SetCreatedAt ¶
func (cs *CredentialSpecResource) SetCreatedAt(createdAt time.Time)
SetCreatedAt sets the timestamp for resource's creation time
func (*CredentialSpecResource) SetDesiredStatus ¶
func (cs *CredentialSpecResource) SetDesiredStatus(status resourcestatus.ResourceStatus)
SetDesiredStatus safely sets the desired status of the resource
func (*CredentialSpecResource) SetKnownStatus ¶
func (cs *CredentialSpecResource) SetKnownStatus(status resourcestatus.ResourceStatus)
SetKnownStatus safely sets the currently known status of the resource
func (*CredentialSpecResource) StatusString ¶
func (cs *CredentialSpecResource) StatusString(status resourcestatus.ResourceStatus) string
StatusString returns the string of the cgroup resource status
func (*CredentialSpecResource) SteadyState ¶
func (cs *CredentialSpecResource) SteadyState() resourcestatus.ResourceStatus
SteadyState returns the transition state of the resource defined as "ready"
func (*CredentialSpecResource) TerminalStatus ¶
func (cs *CredentialSpecResource) TerminalStatus() resourcestatus.ResourceStatus
TerminalStatus returns the last transition state of credentialspec
func (*CredentialSpecResource) UnmarshalJSON ¶
func (cs *CredentialSpecResource) UnmarshalJSON(b []byte) error
UnmarshalJSON deserialises the raw JSON to a CredentialSpecResourceJSON struct
func (*CredentialSpecResource) UnmarshallPlatformSpecificFields ¶
func (cs *CredentialSpecResource) UnmarshallPlatformSpecificFields(credentialSpecResourceJSON CredentialSpecResourceJSON)
func (*CredentialSpecResource) UpdateRegionFromTask ¶
func (cs *CredentialSpecResource) UpdateRegionFromTask() error
update region if is not set
type CredentialSpecResourceCommon ¶
type CredentialSpecResourceCommon struct {
// map to transform credentialspec values, key is an input credentialspec
// Examples: (windows)
// * key := credentialspec:file://credentialspec.json, value := credentialspec=file://credentialspec.json
// * key := credentialspec:s3ARN, value := credentialspec=file://CredentialSpecResourceLocation/s3_taskARN_fileName.json
// * key := credentialspec:ssmARN, value := credentialspec=file://CredentialSpecResourceLocation/ssm_taskARN_param.json
// (linux)
// * key := credentialspec:file://credentialspec.json, value := Path to kerberos tickets on the host machine
// * key := credentialspec:ssmARN, value := Path to kerberos tickets on the host machine
// * key := credentialspec:asmARN, value := Path to kerberos tickets on the host machine
CredSpecMap map[string]string
// contains filtered or unexported fields
}
type CredentialSpecResourceJSON ¶
type CredentialSpecResourceJSON struct {
*CredentialSpecResourceJSONCommon
LeaseID string `json:"leaseID"`
}
CredentialSpecResourceJSON is the json representation of the credentialspec resource
type CredentialSpecResourceJSONCommon ¶
type CredentialSpecResourceJSONCommon struct {
TaskARN string `json:"taskARN"`
CreatedAt *time.Time `json:"createdAt,omitempty"`
DesiredStatus *CredentialSpecStatus `json:"desiredStatus"`
KnownStatus *CredentialSpecStatus `json:"knownStatus"`
CredentialSpecContainerMap map[string]string `json:"CredentialSpecContainerMap"`
CredSpecMap map[string]string `json:"CredSpecMap"`
ExecutionCredentialsID string `json:"executionCredentialsID"`
}
CredentialSpecResourceJSON is the json representation of the credentialspec resource
type CredentialSpecSchema ¶
type CredentialSpecSchema struct {
CmsPlugins []string `json:"CmsPlugins"`
DomainJoinConfig struct {
Sid string `json:"Sid"`
MachineAccountName string `json:"MachineAccountName"`
GUID string `json:"Guid"`
DNSTreeName string `json:"DnsTreeName"`
DNSName string `json:"DnsName"`
NetBiosName string `json:"NetBiosName"`
} `json:"DomainJoinConfig"`
ActiveDirectoryConfig struct {
GroupManagedServiceAccounts []struct {
Name string `json:"Name"`
Scope string `json:"Scope"`
} `json:"GroupManagedServiceAccounts"`
} `json:"ActiveDirectoryConfig"`
}
CredentialSpec object schema
type CredentialSpecStatus ¶
type CredentialSpecStatus resourcestatus.ResourceStatus
const ( // is the zero state of a task resource CredentialSpecStatusNone CredentialSpecStatus = iota // represents a task resource which has been created CredentialSpecCreated // represents a task resource which has been cleaned up CredentialSpecRemoved )
func (*CredentialSpecStatus) MarshalJSON ¶
func (cs *CredentialSpecStatus) MarshalJSON() ([]byte, error)
MarshalJSON overrides the logic for JSON-encoding the ResourceStatus type
func (CredentialSpecStatus) String ¶
func (cs CredentialSpecStatus) String() string
StatusString returns a human readable string representation of this object
func (*CredentialSpecStatus) UnmarshalJSON ¶
func (cs *CredentialSpecStatus) UnmarshalJSON(b []byte) error
UnmarshalJSON overrides the logic for parsing the JSON-encoded ResourceStatus data
type DomainlessUserCredentials ¶
type DomainlessUserCredentials struct {
Username string `json:"username"`
Password string `json:"password"`
DomainName string `json:"domainName"`
}
DomainlessUserCredentials represents user credentials for accessing the gMSA principals
type ServiceAccountInfo ¶
type ServiceAccountInfo struct {
// contains filtered or unexported fields
}
ServiceAccountInfo contains account info associated to a credentialspec
Source Files
Click to show internal directories.
Click to hide internal directories.