Documentation ¶
Index ¶
- Constants
- Variables
- func CreateClusterRole(clientset kubernetes.Interface, clusterRoleName string, ...)
- func CreateClusterRoleBinding(clientset kubernetes.Interface, ...)
- func CreateServiceAccount(clientset kubernetes.Interface, serviceAccountName string, namespace string)
- func InstallClusterManagerRBAC(conf *rest.Config) string
- func UninstallClusterManagerRBAC(conf *rest.Config)
- func UninstallRBAC(clientset kubernetes.Interface, ...)
Constants ¶
View Source
const ( // MetadataPrefix is the prefix used for our labels and annotations MetadataPrefix = "argocd.argoproj.io" // SecretTypeRepository indicates a secret type of repository SecretTypeRepository = "repository" // SecretTypeCluster indicates a secret type of cluster SecretTypeCluster = "cluster" // AuthCookieName is the HTTP cookie name where we store our auth token AuthCookieName = "argocd.token" // ResourcesFinalizerName is a number of application CRD finalizer ResourcesFinalizerName = "resources-finalizer." + MetadataPrefix // KubernetesInternalAPIServerAddr is address of the k8s API server when accessing internal to the cluster KubernetesInternalAPIServerAddr = "https://kubernetes.default.svc" )
View Source
const ( ArgoCDAdminUsername = "admin" ArgoCDSecretName = "argocd-secret" ArgoCDConfigMapName = "argocd-cm" ArgoCDRBACConfigMapName = "argocd-rbac-cm" )
View Source
const ( // DexAPIEndpoint is the endpoint where we serve the Dex API server DexAPIEndpoint = "/api/dex" // LoginEndpoint is ArgoCD's shorthand login endpoint which redirects to dex's OAuth 2.0 provider's consent page LoginEndpoint = "/auth/login" // CallbackEndpoint is ArgoCD's final callback endpoint we reach after OAuth 2.0 login flow has been completed CallbackEndpoint = "/auth/callback" // ArgoCDClientAppName is name of the Oauth client app used when registering our web app to dex ArgoCDClientAppName = "ArgoCD" // ArgoCDClientAppID is the Oauth client ID we will use when registering our app to dex ArgoCDClientAppID = "argo-cd" // ArgoCDCLIClientAppName is name of the Oauth client app used when registering our CLI to dex ArgoCDCLIClientAppName = "ArgoCD CLI" // ArgoCDCLIClientAppID is the Oauth client ID we will use when registering our CLI to dex ArgoCDCLIClientAppID = "argo-cd-cli" // EnvVarSSODebug is an environment variable to enable additional OAuth debugging in the API server EnvVarSSODebug = "ARGOCD_SSO_DEBUG" // EnvVarRBACDebug is an environment variable to enable additional RBAC debugging in the API server EnvVarRBACDebug = "ARGOCD_RBAC_DEBUG" // DefaultAppProjectName contains name of default app project. The default app project allows deploying application to any cluster. DefaultAppProjectName = "default" )
View Source
const ( ArgoCDManagerServiceAccount = "argocd-manager" ArgoCDManagerClusterRole = "argocd-manager-role" ArgoCDManagerClusterRoleBinding = "argocd-manager-role-binding" )
ArgoCDManagerServiceAccount is the name of the service account for managing a cluster
Variables ¶
View Source
var ( // LabelKeyAppInstance refers to the application instance resource name LabelKeyAppInstance = MetadataPrefix + "/app-instance" // LabelKeySecretType contains the type of argocd secret (either 'cluster' or 'repo') LabelKeySecretType = MetadataPrefix + "/secret-type" // AnnotationConnectionStatus contains connection state status AnnotationConnectionStatus = MetadataPrefix + "/connection-status" // AnnotationConnectionMessage contains additional information about connection status AnnotationConnectionMessage = MetadataPrefix + "/connection-message" // AnnotationConnectionModifiedAt contains timestamp when connection state had been modified AnnotationConnectionModifiedAt = MetadataPrefix + "/connection-modified-at" // AnnotationHook contains the hook type of a resource AnnotationHook = MetadataPrefix + "/hook" // AnnotationHookDeletePolicy is the policy of deleting a hook AnnotationHookDeletePolicy = MetadataPrefix + "/hook-delete-policy" // LabelKeyApplicationControllerInstanceID is the label which allows to separate application among multiple running application controllers. LabelKeyApplicationControllerInstanceID = application.ApplicationFullName + "/controller-instanceid" // LabelApplicationName is the label which indicates that resource belongs to application with the specified name LabelApplicationName = application.ApplicationFullName + "/app-name" // AnnotationKeyRefresh is the annotation key in the application which is updated with an // arbitrary value (i.e. timestamp) on a git event, to force the controller to wake up and // re-evaluate the application AnnotationKeyRefresh = application.ApplicationFullName + "/refresh" )
View Source
var ArgoCDManagerPolicyRules = []rbacv1.PolicyRule{ { APIGroups: []string{"*"}, Resources: []string{"*"}, Verbs: []string{"*"}, }, }
ArgoCDManagerPolicyRules are the policies to give argocd-manager
Functions ¶
func CreateClusterRole ¶
func CreateClusterRole( clientset kubernetes.Interface, clusterRoleName string, rules []rbacv1.PolicyRule, )
CreateClusterRole creates a cluster role
func CreateClusterRoleBinding ¶
func CreateClusterRoleBinding( clientset kubernetes.Interface, clusterBindingRoleName, serviceAccountName, clusterRoleName string, namespace string, )
CreateClusterRoleBinding create a ClusterRoleBinding
func CreateServiceAccount ¶
func CreateServiceAccount( clientset kubernetes.Interface, serviceAccountName string, namespace string, )
CreateServiceAccount creates a service account
func InstallClusterManagerRBAC ¶
InstallClusterManagerRBAC installs RBAC resources for a cluster manager to operate a cluster. Returns a token
func UninstallClusterManagerRBAC ¶
UninstallClusterManagerRBAC removes RBAC resources for a cluster manager to operate a cluster
func UninstallRBAC ¶
func UninstallRBAC(clientset kubernetes.Interface, namespace, bindingName, roleName, serviceAccount string)
UninstallRBAC uninstalls RBAC related resources for a binding, role, and service account
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.