Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type KeySync ¶
type KeySync interface {
// SyncIfNeeded for every given gsk, sync the current service account key in the cache entry to
// the Kubernetes secret and Vault paths that are specified in the gsk's spec.
//
// Note that this function will update the cache entry's SyncStatus map to reflect any sync's it performs,
// but it WILL NOT save the entry to the cache -- that's the caller's responsibility!
SyncIfNeeded(entry *cache.Entry, gsks []Syncable) error
}
KeySync is responsible for propagating the current service account key from the Yale cache to destinations specified in the GcpSaKey spec - Vault paths, Kubernetes secrets, etc.
type Syncable ¶ added in v0.0.37
type Syncable interface {
Name() string
Namespace() string
SecretName() string
Secret() apiv1b1.Secret
SpecBytes() ([]byte, error)
VaultReplications() []apiv1b1.VaultReplication
GoogleSecretManagerReplications() []apiv1b1.GoogleSecretManagerReplication
APIVersion() string
Kind() string
UID() types.UID
Labels() map[string]string
}
Syncable is an interface for objects that can be synced to a Kubernetes secret It is a collection of getter methods that return the information needed to sync to a k8s secret or vault path.
func AzureClientSecretsToSyncable ¶ added in v0.0.37
func AzureClientSecretsToSyncable(acs []apiv1b1.AzureClientSecret) []Syncable
func GcpSaKeysToSyncable ¶ added in v0.0.37
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.