Documentation
¶
Index ¶
- Constants
- func AssembleCredentialData(authCreds map[string]string) (map[string]string, error)
- func GetBaseSecurityContext(podSecurityContext *corev1.PodSecurityContext, webhookConfig appCommon.Config) *corev1.SecurityContext
- func GetDataFromConfigmap(ctx context.Context, k8sClient kubernetes.Interface, cmName string, ns string) (map[string]string, error)
- func GetDataFromSecret(ctx context.Context, k8sClient kubernetes.Interface, secretName string, ...) (map[string][]byte, error)
- func GetServiceAccountMount(containers []corev1.Container, serviceAccountTokenVolumeName string) (serviceAccountMount corev1.VolumeMount)
- func HasTLSSecret(secret []corev1.Secret, tlsSecretName string) bool
- func HasTLSVolume(volumes []corev1.Volume, tlsVolumeName string) bool
- func IsLogLevelSet(envVars []corev1.EnvVar) bool
- func IsPodAlreadyMutated(pod *corev1.Pod) bool
- func MutateConfigMapBinaryData(configMap *corev1.ConfigMap, mapData map[string]string) error
- type DockerAuthConfig
- type DockerCredentials
- type Iterator
Constants ¶
View Source
const SecretInitVolumeName = "secret-init"
Variables ¶
This section is empty.
Functions ¶
func AssembleCredentialData ¶ added in v0.2.0
assembleCredentialData assembles the credential data that will be retrieved from Vault
func GetBaseSecurityContext ¶
func GetBaseSecurityContext(podSecurityContext *corev1.PodSecurityContext, webhookConfig appCommon.Config) *corev1.SecurityContext
func GetDataFromConfigmap ¶
func GetDataFromSecret ¶
func GetServiceAccountMount ¶
func GetServiceAccountMount(containers []corev1.Container, serviceAccountTokenVolumeName string) (serviceAccountMount corev1.VolumeMount)
func HasTLSSecret ¶ added in v0.2.0
func HasTLSVolume ¶
If the original Pod contained a Volume "{providerName}-tls", for example Vault instances provisioned by the Operator we need to handle that edge case and choose another name for the vault-tls volume for accessing Vault with TLS.
func IsLogLevelSet ¶
isLogLevelSet checks if the SECRET_INIT_LOG_LEVEL environment variable has already been set in the container, so it doesn't get overridden.
func IsPodAlreadyMutated ¶
Types ¶
type DockerAuthConfig ¶
type DockerAuthConfig struct {
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
Auth interface{} `json:"auth,omitempty"`
// Email is an optional value associated with the username.
// This field is deprecated and will be removed in a later
// version of docker.
Email string `json:"email,omitempty"`
ServerAddress string `json:"serveraddress,omitempty"`
// IdentityToken is used to authenticate the user and get
// an access token for the registry.
IdentityToken string `json:"identitytoken,omitempty"`
// RegistryToken is a bearer token to be sent to a registry
RegistryToken string `json:"registrytoken,omitempty"`
}
DockerAuthConfig contains authorization information for connecting to a Registry
func AssembleDockerAuthConfig ¶ added in v0.2.0
func AssembleDockerAuthConfig(dcCreds map[string]string) DockerAuthConfig
assembleDockerAuthConfig assembles the DockerAuthConfig from the retrieved data from Vault
type DockerCredentials ¶
type DockerCredentials struct {
Auths map[string]DockerAuthConfig `json:"auths"`
}
type Iterator ¶
type Iterator <-chan element
func MapIterator ¶
func SliceIterator ¶
func SliceIterator(s []interface{}) Iterator
Source Files
Click to show internal directories.
Click to hide internal directories.