settings

package
v1.5.0-rc3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2020 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ReplaceStringSecret added in v0.11.0 

func ReplaceStringSecret(val string, secretValues map[string]string) string

ReplaceStringSecret checks if given string is a secret key reference ( starts with $ ) and returns corresponding value from provided map

Types

type Account added in v1.5.0 

type Account struct {
	PasswordHash  string
	PasswordMtime *time.Time
	Enabled       bool
	Capabilities  []AccountCapability
	Tokens        []Token
}

Account holds local account information

func (*Account) FormatCapabilities added in v1.5.0 

func (a *Account) FormatCapabilities() string

FormatCapabilities returns comma separate list of user capabilities.

func (*Account) FormatPasswordMtime added in v1.5.0 

func (a *Account) FormatPasswordMtime() string

FormatPasswordMtime return the formatted password modify time or empty string of password modify time is nil.

func (*Account) HasCapability added in v1.5.0 

func (a *Account) HasCapability(capability AccountCapability) bool

HasCapability return true if the account has the specified capability.

func (*Account) TokenIndex added in v1.5.0 

func (a *Account) TokenIndex(id string) int

TokenIndex return an index of a token with the given identifier or -1 if token not found.

type AccountCapability added in v1.5.0 

type AccountCapability string
const (
	// AccountCapabilityLogin represents capability to create UI session tokens.
	AccountCapabilityLogin AccountCapability = "login"
	// AccountCapabilityLogin represents capability to generate API auth tokens.
	AccountCapabilityApiKey AccountCapability = "apiKey"
)

type ArgoCDSettings 

type ArgoCDSettings struct {
	// URL is the externally facing URL users will visit to reach Argo CD.
	// The value here is used when configuring SSO. Omitting this value will disable SSO.
	URL string `json:"url,omitempty"`
	// Indicates if status badge is enabled or not.
	StatusBadgeEnabled bool `json:"statusBadgeEnable"`
	// DexConfig contains portions of a dex config yaml
	DexConfig string `json:"dexConfig,omitempty"`
	// OIDCConfigRAW holds OIDC configuration as a raw string
	OIDCConfigRAW string `json:"oidcConfig,omitempty"`
	// ServerSignature holds the key used to generate JWT tokens.
	ServerSignature []byte `json:"serverSignature,omitempty"`
	// Certificate holds the certificate/private key for the Argo CD API server.
	// If nil, will run insecure without TLS.
	Certificate *tls.Certificate `json:"-"`
	// WebhookGitLabSecret holds the shared secret for authenticating GitHub webhook events
	WebhookGitHubSecret string `json:"webhookGitHubSecret,omitempty"`
	// WebhookGitLabSecret holds the shared secret for authenticating GitLab webhook events
	WebhookGitLabSecret string `json:"webhookGitLabSecret,omitempty"`
	// WebhookBitbucketUUID holds the UUID for authenticating Bitbucket webhook events
	WebhookBitbucketUUID string `json:"webhookBitbucketUUID,omitempty"`
	// WebhookBitbucketServerSecret holds the shared secret for authenticating BitbucketServer webhook events
	WebhookBitbucketServerSecret string `json:"webhookBitbucketServerSecret,omitempty"`
	// WebhookGogsSecret holds the shared secret for authenticating Gogs webhook events
	WebhookGogsSecret string `json:"webhookGogsSecret,omitempty"`
	// Secrets holds all secrets in argocd-secret as a map[string]string
	Secrets map[string]string `json:"secrets,omitempty"`
	// KustomizeBuildOptions is a string of kustomize build parameters
	KustomizeBuildOptions string `json:"kustomizeBuildOptions,omitempty"`
	// Indicates if anonymous user is enabled or not
	AnonymousUserEnabled bool `json:"anonymousUserEnabled,omitempty"`
}

ArgoCDSettings holds in-memory runtime configuration options.

func (*ArgoCDSettings) DexOAuth2ClientSecret added in v0.11.0 

func (a *ArgoCDSettings) DexOAuth2ClientSecret() string

DexOAuth2ClientSecret calculates an arbitrary, but predictable OAuth2 client secret string derived from the server secret. This is called by the dex startup wrapper (argocd-util rundex), as well as the API server, such that they both independently come to the same conclusion of what the OAuth2 shared client secret should be.

func (*ArgoCDSettings) DexRedirectURL added in v1.3.0 

func (a *ArgoCDSettings) DexRedirectURL() (string, error)

func (*ArgoCDSettings) IsDexConfigured added in v0.11.0 

func (a *ArgoCDSettings) IsDexConfigured() bool

func (*ArgoCDSettings) IsSSOConfigured 

func (a *ArgoCDSettings) IsSSOConfigured() bool

IsSSOConfigured returns whether or not single-sign-on is configured

func (*ArgoCDSettings) IssuerURL added in v0.4.0 

func (a *ArgoCDSettings) IssuerURL() string

func (*ArgoCDSettings) OAuth2ClientID added in v0.11.0 

func (a *ArgoCDSettings) OAuth2ClientID() string

func (*ArgoCDSettings) OAuth2ClientSecret added in v0.4.0 

func (a *ArgoCDSettings) OAuth2ClientSecret() string

func (*ArgoCDSettings) OIDCConfig added in v0.11.0 

func (a *ArgoCDSettings) OIDCConfig() *OIDCConfig

func (*ArgoCDSettings) RedirectURL added in v0.4.0 

func (a *ArgoCDSettings) RedirectURL() (string, error)

func (*ArgoCDSettings) TLSConfig added in v0.4.0 

func (a *ArgoCDSettings) TLSConfig() *tls.Config

TLSConfig returns a tls.Config with the configured certificates

type FilteredResource added in v1.0.0 

type FilteredResource struct {
	APIGroups []string `json:"apiGroups,omitempty"`
	Kinds     []string `json:"kinds,omitempty"`
	Clusters  []string `json:"clusters,omitempty"`
}

func (FilteredResource) Match added in v1.0.0 

func (r FilteredResource) Match(apiGroup, kind, cluster string) bool

type GoogleAnalytics added in v1.2.0 

type GoogleAnalytics struct {
	TrackingID     string `json:"trackingID,omitempty"`
	AnonymizeUsers bool   `json:"anonymizeUsers,omitempty"`
}

type HelmRepoCredentials added in v0.11.0 

type HelmRepoCredentials struct {
	URL            string                   `json:"url,omitempty"`
	Name           string                   `json:"name,omitempty"`
	UsernameSecret *apiv1.SecretKeySelector `json:"usernameSecret,omitempty"`
	PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
	CertSecret     *apiv1.SecretKeySelector `json:"certSecret,omitempty"`
	KeySecret      *apiv1.SecretKeySelector `json:"keySecret,omitempty"`
}

DEPRECATED. Helm repository credentials are now managed using RepoCredentials

type Help added in v1.2.0 

type Help struct {
	// the URL for getting chat help, this will typically be your Slack channel for support
	ChatURL string `json:"chatUrl,omitempty"`
	// the text for getting chat help, defaults to "Chat now!"
	ChatText string `json:"chatText,omitempty"`
}

Help settings

type OIDCConfig added in v0.11.0 

type OIDCConfig struct {
	Name                   string                 `json:"name,omitempty"`
	Issuer                 string                 `json:"issuer,omitempty"`
	ClientID               string                 `json:"clientID,omitempty"`
	ClientSecret           string                 `json:"clientSecret,omitempty"`
	CLIClientID            string                 `json:"cliClientID,omitempty"`
	RequestedScopes        []string               `json:"requestedScopes,omitempty"`
	RequestedIDTokenClaims map[string]*oidc.Claim `json:"requestedIDTokenClaims,omitempty"`
}

type Repository added in v1.4.0 

type Repository struct {
	// The URL to the repository
	URL string `json:"url,omitempty"`
	// the type of the repo, "git" or "helm", assumed to be "git" if empty or absent
	Type string `json:"type,omitempty"`
	// helm only
	Name string `json:"name,omitempty"`
	// Name of the secret storing the username used to access the repo
	UsernameSecret *apiv1.SecretKeySelector `json:"usernameSecret,omitempty"`
	// Name of the secret storing the password used to access the repo
	PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
	// Name of the secret storing the SSH private key used to access the repo. Git only
	SSHPrivateKeySecret *apiv1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
	// Whether to connect the repository in an insecure way (deprecated)
	InsecureIgnoreHostKey bool `json:"insecureIgnoreHostKey,omitempty"`
	// Whether to connect the repository in an insecure way
	Insecure bool `json:"insecure,omitempty"`
	// Whether the repo is git-lfs enabled. Git only.
	EnableLFS bool `json:"enableLfs,omitempty"`
	// Name of the secret storing the TLS client cert data
	TLSClientCertDataSecret *apiv1.SecretKeySelector `json:"tlsClientCertDataSecret,omitempty"`
	// Name of the secret storing the TLS client cert's key data
	TLSClientCertKeySecret *apiv1.SecretKeySelector `json:"tlsClientCertKeySecret,omitempty"`
}

Credentials for accessing a Git repository

type RepositoryCredentials added in v1.4.0 

type RepositoryCredentials struct {
	// The URL pattern the repository URL has to match
	URL string `json:"url,omitempty"`
	// Name of the secret storing the username used to access the repo
	UsernameSecret *apiv1.SecretKeySelector `json:"usernameSecret,omitempty"`
	// Name of the secret storing the password used to access the repo
	PasswordSecret *apiv1.SecretKeySelector `json:"passwordSecret,omitempty"`
	// Name of the secret storing the SSH private key used to access the repo. Git only
	SSHPrivateKeySecret *apiv1.SecretKeySelector `json:"sshPrivateKeySecret,omitempty"`
	// Name of the secret storing the TLS client cert data
	TLSClientCertDataSecret *apiv1.SecretKeySelector `json:"tlsClientCertDataSecret,omitempty"`
	// Name of the secret storing the TLS client cert's key data
	TLSClientCertKeySecret *apiv1.SecretKeySelector `json:"tlsClientCertKeySecret,omitempty"`
}

Credential template for accessing repositories

type ResourcesFilter added in v1.2.0 

type ResourcesFilter struct {
	// ResourceExclusions holds the api groups, kinds per cluster to exclude from Argo CD's watch
	ResourceExclusions []FilteredResource
	// ResourceInclusions holds the only api groups, kinds per cluster that Argo CD will watch
	ResourceInclusions []FilteredResource
}

func (*ResourcesFilter) IsExcludedResource added in v1.2.0 

func (rf *ResourcesFilter) IsExcludedResource(apiGroup, kind, cluster string) bool

Behavior of this function is as follows: +-------------+-------------+-------------+ | Inclusions | Exclusions | Result | +-------------+-------------+-------------+ | Empty | Empty | Allowed | +-------------+-------------+-------------+ | Present | Empty | Allowed | +-------------+-------------+-------------+ | Not Present | Empty | Not Allowed | +-------------+-------------+-------------+ | Empty | Present | Not Allowed | +-------------+-------------+-------------+ | Empty | Not Present | Allowed | +-------------+-------------+-------------+ | Present | Not Present | Allowed | +-------------+-------------+-------------+ | Not Present | Present | Not Allowed | +-------------+-------------+-------------+ | Not Present | Not Present | Not Allowed | +-------------+-------------+-------------+ | Present | Present | Not Allowed | +-------------+-------------+-------------+

type SettingsManager 

type SettingsManager struct {
	// contains filtered or unexported fields
}

SettingsManager holds config info for a new manager with which to access Kubernetes ConfigMaps.

func NewSettingsManager 

func NewSettingsManager(ctx context.Context, clientset kubernetes.Interface, namespace string) *SettingsManager

NewSettingsManager generates a new SettingsManager pointer and returns it

func (*SettingsManager) AddAccount added in v1.5.0 

func (mgr *SettingsManager) AddAccount(name string, account Account) error

AddAccount save an account with the given name and properties.

func (*SettingsManager) GetAccount added in v1.5.0 

func (mgr *SettingsManager) GetAccount(name string) (*Account, error)

GetAccount return an account info by the specified name.

func (*SettingsManager) GetAccounts added in v1.5.0 

func (mgr *SettingsManager) GetAccounts() (map[string]Account, error)

GetAccounts returns list of configured accounts

func (*SettingsManager) GetAppInstanceLabelKey added in v1.2.0 

func (mgr *SettingsManager) GetAppInstanceLabelKey() (string, error)

func (*SettingsManager) GetConfigManagementPlugins added in v1.2.0 

func (mgr *SettingsManager) GetConfigManagementPlugins() ([]v1alpha1.ConfigManagementPlugin, error)

func (*SettingsManager) GetConfigMapByName added in v1.2.0 

func (mgr *SettingsManager) GetConfigMapByName(configMapName string) (*apiv1.ConfigMap, error)

Returns the ConfigMap with the given name from the cluster. The ConfigMap must be labeled with "app.kubernetes.io/part-of: argocd" in order to be retrievable.

func (*SettingsManager) GetGoogleAnalytics added in v1.2.0 

func (mgr *SettingsManager) GetGoogleAnalytics() (*GoogleAnalytics, error)

func (*SettingsManager) GetHelmRepositories added in v1.2.0 

func (mgr *SettingsManager) GetHelmRepositories() ([]HelmRepoCredentials, error)

DEPRECATED. Helm repository credentials are now managed using RepoCredentials

func (*SettingsManager) GetHelp added in v1.2.0 

func (mgr *SettingsManager) GetHelp() (*Help, error)

func (*SettingsManager) GetKustomizeBuildOptions added in v1.2.0 

func (mgr *SettingsManager) GetKustomizeBuildOptions() (string, error)

GetKustomizeBuildOptions loads the kustomize build options from argocd-cm ConfigMap

func (*SettingsManager) GetRepositories added in v1.2.0 

func (mgr *SettingsManager) GetRepositories() ([]Repository, error)

func (*SettingsManager) GetRepositoryCredentials added in v1.2.0 

func (mgr *SettingsManager) GetRepositoryCredentials() ([]RepositoryCredentials, error)

func (*SettingsManager) GetResourceOverrides added in v1.0.0 

func (mgr *SettingsManager) GetResourceOverrides() (map[string]v1alpha1.ResourceOverride, error)

GetResourceOverrides loads Resource Overrides from argocd-cm ConfigMap

func (*SettingsManager) GetResourcesFilter added in v1.2.0 

func (mgr *SettingsManager) GetResourcesFilter() (*ResourcesFilter, error)

func (*SettingsManager) GetSecretsLister added in v0.11.0 

func (mgr *SettingsManager) GetSecretsLister() (v1listers.SecretLister, error)

func (*SettingsManager) GetSettings 

func (mgr *SettingsManager) GetSettings() (*ArgoCDSettings, error)

GetSettings retrieves settings from the ArgoCDConfigMap and secret.

func (*SettingsManager) InitializeSettings added in v0.11.0 

func (mgr *SettingsManager) InitializeSettings(insecureModeEnabled bool) (*ArgoCDSettings, error)

InitializeSettings is used to initialize empty admin password, signature, certificate etc if missing

func (*SettingsManager) ResyncInformers added in v0.11.0 

func (mgr *SettingsManager) ResyncInformers() error

func (*SettingsManager) SaveRepositories added in v1.2.0 

func (mgr *SettingsManager) SaveRepositories(repos []Repository) error

func (*SettingsManager) SaveRepositoryCredentials added in v1.3.3 

func (mgr *SettingsManager) SaveRepositoryCredentials(creds []RepositoryCredentials) error

func (*SettingsManager) SaveSSHKnownHostsData added in v1.2.0 

func (mgr *SettingsManager) SaveSSHKnownHostsData(ctx context.Context, knownHostsList []string) error

Save the SSH known host data into the corresponding ConfigMap

func (*SettingsManager) SaveSettings 

func (mgr *SettingsManager) SaveSettings(settings *ArgoCDSettings) error

SaveSettings serializes ArgoCDSettings and upserts it into K8s secret/configmap

func (*SettingsManager) SaveTLSCertificateData added in v1.2.0 

func (mgr *SettingsManager) SaveTLSCertificateData(ctx context.Context, tlsCertificates map[string]string) error

func (*SettingsManager) Subscribe added in v0.4.4 

func (mgr *SettingsManager) Subscribe(subCh chan<- *ArgoCDSettings)

Subscribe registers a channel in which to subscribe to settings updates

func (*SettingsManager) Unsubscribe added in v0.4.4 

func (mgr *SettingsManager) Unsubscribe(subCh chan<- *ArgoCDSettings)

Unsubscribe unregisters a channel from receiving of settings updates

func (*SettingsManager) UpdateAccount added in v1.5.0 

func (mgr *SettingsManager) UpdateAccount(name string, callback func(account *Account) error) error

UpdateAccount runs the callback function against an account that matches to the specified name and persist changes applied by the callback.

type Token added in v1.5.0 

type Token struct {
	ID        string `json:"id"`
	IssuedAt  int64  `json:"iat"`
	ExpiresAt int64  `json:"exp,omitempty"`
}

Token holds the information about the generated auth token.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.