kubeseal

package
v0.27.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2024 License: Apache-2.0 Imports: 30 Imported by: 8

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EncryptSecretItem added in v0.19.2

func EncryptSecretItem(w io.Writer, secretName, ns string, data []byte, scope ssv1alpha1.SealingScope, pubKey *rsa.PublicKey) error

func OpenCert added in v0.19.2

func OpenCert(ctx context.Context, clientConfig ClientConfig, controllerNs, controllerName string, certURL string) (io.ReadCloser, error)

func ParseFromFile added in v0.19.2

func ParseFromFile(s string) (string, string)

parseFromFile parses a value of the kubectl --from-file flag, which can optionally include an item name preceding the first equals sign.

func ParseKey added in v0.19.2

func ParseKey(r io.Reader) (*rsa.PublicKey, error)

func ReEncryptSealedSecret added in v0.19.2

func ReEncryptSealedSecret(ctx context.Context, clientConfig ClientConfig, controllerNs, controllerName, outputFormat string, in io.Reader, out io.Writer, codecs runtimeserializer.CodecFactory) error

func Seal added in v0.19.2

func Seal(clientConfig ClientConfig, outputFormat string, in io.Reader, out io.Writer, codecs runtimeserializer.CodecFactory, pubKey *rsa.PublicKey, scope ssv1alpha1.SealingScope, allowEmptyData bool, overrideName, overrideNamespace string) error

Seal reads a k8s Secret resource parsed from an input reader by a given codec, encrypts all its secrets with a given public key, using the name and namespace found in the input secret, unless explicitly overridden by the overrideName and overrideNamespace arguments.

func SealMergingInto added in v0.19.2

func SealMergingInto(clientConfig ClientConfig, outputFormat string, in io.Reader, filename string, codecs runtimeserializer.CodecFactory, pubKey *rsa.PublicKey, scope ssv1alpha1.SealingScope, allowEmptyData bool) error

func UnsealSealedSecret added in v0.19.2

func UnsealSealedSecret(w io.Writer, in io.Reader, privKeysFilenames []string, outputFormat string, codecs runtimeserializer.CodecFactory) error

func ValidateSealedSecret added in v0.19.2

func ValidateSealedSecret(ctx context.Context, clientConfig ClientConfig, controllerNs, controllerName string, in io.Reader) error

Types

type ClientConfig added in v0.19.2

type ClientConfig interface {
	ClientConfig() (*rest.Config, error)
	Namespace() (string, bool, error)
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL