kubernetes

package
v0.7.0-rc Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2021 License: Apache-2.0 Imports: 30 Imported by: 0

Documentation

Overview

Package kubernetes provides functions for interacting with Kubernetes and is built using the kubernetes client-go (https://github.com/kubernetes/client-go).

Package kubernetes provides functions for interacting with Kubernetes and is built using the kubernetes client-go (https://github.com/kubernetes/client-go).

Index

Constants

View Source 
const (
	Namespace = "probr-general-test-ns"
)

Variables

View Source 
var AssetsDir string

Functions

func AssertResult 

func AssertResult(s *PodState, res, msg string) error

AssertResult evaluate the state in the context of the expected condition, e.g. if expected is "fail", then the expectation is that a creation error will be present.

func BeforeScenario 

func BeforeScenario(s *scenarioState, probeName string, gs *godog.Scenario)

func GenerateUniquePodName 

func GenerateUniquePodName(baseName string) string

GenerateUniquePodName creates a unique pod name based on the format: 'baseName'-'nanosecond time'-'random int'.

func ProcessPodCreationResult 

func ProcessPodCreationResult(state *PodState, pd *apiv1.Pod, expected PodCreationErrorReason, err error) error

ProcessPodCreationResult is a convenience function to process the result of a pod creation attempt. It records state information on the supplied state structure.

Types

type ClusterPayload 

type ClusterPayload struct {
	KubeConfigPath string
	KubeContext    string
}

func ClusterIsDeployed 

func ClusterIsDeployed() (string, ClusterPayload, error)

general feature steps:

type CmdExecutionResult 

type CmdExecutionResult struct {
	Stdout string
	Stderr string

	Err      error
	Code     int
	Internal bool
}

CmdExecutionResult encapsulates the result from an exec call to the kubernetes cluster. This includes 'stdout', 'stderr', 'exit code' and any error details in the case of a non-zero exit code.

func (*CmdExecutionResult) String 

func (e *CmdExecutionResult) String() string

type K8SJSON 

type K8SJSON struct {
	APIVersion string
	Items      []struct {
		Kind     string
		Metadata map[string]string
	}
}

K8SJSON encapsulates the response from a raw/rest call to the Kubernetes API

type Kube 

type Kube struct {
	// contains filtered or unexported fields
}

Kube provides an implementation of Kubernetes.

func GetKubeInstance 

func GetKubeInstance() *Kube

GetKubeInstance returns a singleton instance of Kube.

func (*Kube) ClusterIsDeployed 

func (k *Kube) ClusterIsDeployed() *bool

ClusterIsDeployed verifies if a cluster is deployed that can be contacted based on the current kubernetes config and context.

func (*Kube) CreateConfigMap 

func (k *Kube) CreateConfigMap(n *string, ns string) (*apiv1.ConfigMap, error)

CreateConfigMap creates a config map with the supplied name in the given namespace.

func (*Kube) CreatePod 

func (k *Kube) CreatePod(podName string, ns string, containerName string, image string, wait bool, sc *apiv1.SecurityContext, probe *audit.Probe) (*apiv1.Pod, *PodAudit, error)

CreatePod creates a pod with the supplied parameters. A true value for 'wait' indicates that the function should wait (block) until the pod is in a running state.

func (*Kube) CreatePodFromObject 

func (k *Kube) CreatePodFromObject(pod *apiv1.Pod, podName string, ns string, wait bool, probe *audit.Probe) (*apiv1.Pod, error)

CreatePodFromObject creates a pod from the supplied pod object with the given pod name and namespace. A true value for 'w' indicates that the function should wait (block) until the pod is in a running state.

func (*Kube) CreatePodFromYaml 

func (k *Kube) CreatePodFromYaml(y []byte, pname string, ns string, image string, aadpodidbinding string, w bool, probe *audit.Probe) (*apiv1.Pod, error)

CreatePodFromYaml creates a pod for the supplied yaml. A true value for 'w' indicates that the function should wait (block) until the pod is in a running state.

func (*Kube) DeleteConfigMap 

func (k *Kube) DeleteConfigMap(name string) error

DeleteConfigMap deletes the named config map in the given namespace.

func (*Kube) DeleteNamespace 

func (k *Kube) DeleteNamespace(ns *string) error

DeleteNamespace deletes the supplied namespace.

func (*Kube) DeletePod 

func (k *Kube) DeletePod(podName string, ns string, probeName string) error

DeletePod deletes the given pod in the specified namespace.

func (*Kube) ExecCommand 

func (k *Kube) ExecCommand(cmd string, ns string, pn *string) (s *CmdExecutionResult)

ExecCommand executes the supplied command on the given pod name in the specified namespace.

func (*Kube) GetClient 

func (k *Kube) GetClient() (*k8s.Clientset, error)

GetClient gets a client connection to the Kubernetes cluster specified via config.Vars.ServicePacks.Kubernetes.KubeConfigPath

func (*Kube) GetClusterRoles 

func (k *Kube) GetClusterRoles() (*rbacv1.ClusterRoleList, error)

GetClusterRoles retrieves all cluster roles associated with the active cluster.

func (*Kube) GetClusterRolesByResource 

func (k *Kube) GetClusterRolesByResource(r string) (*[]rbacv1.ClusterRole, error)

GetClusterRolesByResource returns a collection of cluster roles filtered by the supplied resource type.

func (*Kube) GetConstraintTemplates 

func (k *Kube) GetConstraintTemplates(prefix string) (*map[string]interface{}, error)

GetConstraintTemplates returns the constraint templates associated with the active cluster.

func (*Kube) GetIdentityBindings 

func (k *Kube) GetIdentityBindings(prefix string) (*map[string]interface{}, error)

GetIdentityBindings returns the identity bindings associated with the active cluster.

func (*Kube) GetPodObject 

func (k *Kube) GetPodObject(pname string, ns string, cname string, image string, sc *apiv1.SecurityContext) *apiv1.Pod

GetPodObject constructs a simple pod object using kubernetes API types.

func (*Kube) GetPods 

func (k *Kube) GetPods(ns string) (*apiv1.PodList, error)

GetPods returns a collection of pods on the target kubernetes cluster.

func (*Kube) GetRawResourcesByGrp 

func (k *Kube) GetRawResourcesByGrp(g string) (*K8SJSON, error)

GetRawResourcesByGrp makes a 'raw' REST call to k8s to get the resources specified by the supplied group string, e.g. "apis/aadpodidentity.k8s.io/v1/azureidentitybindings". This is required to support resources that are not supported by typed API calls (e.g. "pods").

func (*Kube) GetRoles 

func (k *Kube) GetRoles() (*rbacv1.RoleList, error)

GetRoles retrieves all roles associated with the active cluster.

func (*Kube) GetRolesByResource 

func (k *Kube) GetRolesByResource(r string) (*[]rbacv1.Role, error)

GetRolesByResource returns a collection of roles filtered by the supplied resource type.

func (*Kube) PodStatus 

func (k *Kube) PodStatus(name, ns string) (apiv1.PodStatus, error)

type KubeMock 

type KubeMock struct {
	mock.Mock
}

func (*KubeMock) ClusterIsDeployed 

func (m *KubeMock) ClusterIsDeployed() *bool

func (*KubeMock) CreateConfigMap 

func (m *KubeMock) CreateConfigMap(n *string, ns string) (*apiv1.ConfigMap, error)

func (*KubeMock) CreatePod 

func (m *KubeMock) CreatePod(pname string, ns string, cname string, image string, w bool, sc *apiv1.SecurityContext, probe *audit.Probe) (*apiv1.Pod, *PodAudit, error)

func (*KubeMock) CreatePodFromObject 

func (m *KubeMock) CreatePodFromObject(p *apiv1.Pod, pname string, ns string, w bool, probe *audit.Probe) (*apiv1.Pod, error)

func (*KubeMock) CreatePodFromYaml 

func (m *KubeMock) CreatePodFromYaml(y []byte, pname string, ns string, image string, identityBinding string, w bool, probe *audit.Probe) (*apiv1.Pod, error)

func (*KubeMock) DeleteConfigMap 

func (m *KubeMock) DeleteConfigMap(n string) error

func (*KubeMock) DeleteNamespace 

func (m *KubeMock) DeleteNamespace(ns *string) error

func (*KubeMock) DeletePod 

func (m *KubeMock) DeletePod(pname string, ns string, e string) error

func (*KubeMock) ExecCommand 

func (m *KubeMock) ExecCommand(cmd string, ns string, pn *string) *CmdExecutionResult

func (*KubeMock) GetClient 

func (m *KubeMock) GetClient() (*k8s.Clientset, error)

func (*KubeMock) GetClusterRoles 

func (m *KubeMock) GetClusterRoles() (*rbacv1.ClusterRoleList, error)

func (*KubeMock) GetClusterRolesByResource 

func (m *KubeMock) GetClusterRolesByResource(r string) (*[]rbacv1.ClusterRole, error)

func (*KubeMock) GetConstraintTemplates 

func (m *KubeMock) GetConstraintTemplates(prefix string) (*map[string]interface{}, error)

func (*KubeMock) GetPodObject 

func (m *KubeMock) GetPodObject(pname string, ns string, cname string, image string, sc *apiv1.SecurityContext) *apiv1.Pod

func (*KubeMock) GetPods 

func (m *KubeMock) GetPods(ns string) (*apiv1.PodList, error)

func (*KubeMock) GetRawResourcesByGrp 

func (m *KubeMock) GetRawResourcesByGrp(g string) (*K8SJSON, error)

func (*KubeMock) SetKubeConfigFile 

func (m *KubeMock) SetKubeConfigFile(f *string)

type Kubernetes 

type Kubernetes interface {
	ClusterIsDeployed() *bool
	GetClient() (*kubernetes.Clientset, error)
	GetPods(ns string) (*apiv1.PodList, error)
	CreatePod(pname string, ns string, cname string, image string, w bool, sc *apiv1.SecurityContext, probe *audit.Probe) (*apiv1.Pod, *PodAudit, error)
	CreatePodFromObject(pod *apiv1.Pod, podName string, ns string, wait bool, probe *audit.Probe) (*apiv1.Pod, error)
	CreatePodFromYaml(y []byte, pname string, ns string, image string, aadpodidbinding string, w bool, probe *audit.Probe) (*apiv1.Pod, error)
	GetPodObject(pname string, ns string, cname string, image string, sc *apiv1.SecurityContext) *apiv1.Pod
	ExecCommand(cmd string, ns string, pn *string) *CmdExecutionResult
	DeletePod(pname string, ns string, e string) error
	DeleteNamespace(ns *string) error
	CreateConfigMap(n *string, ns string) (*apiv1.ConfigMap, error)
	DeleteConfigMap(name string) error
	GetConstraintTemplates(prefix string) (*map[string]interface{}, error)
	GetRawResourcesByGrp(g string) (*K8SJSON, error)
	GetClusterRolesByResource(r string) (*[]rbacv1.ClusterRole, error)
	GetClusterRoles() (*rbacv1.ClusterRoleList, error)
}

Kubernetes interface defines the methods available to interact with the kubernetes cluster.

type PodAudit 

type PodAudit struct {
	PodName         string
	Namespace       string
	ContainerName   string
	Image           string
	SecurityContext *apiv1.SecurityContext
}

type PodCreationError 

type PodCreationError struct {
	ReasonCodes map[PodCreationErrorReason]*PodCreationErrorReason
	// contains filtered or unexported fields
}

PodCreationError encapsulates the underlying pod creation error along with a map of platform agnostic PodCreationErrorReason codes. Note that there could be more that one PodCreationErrorReason. For example a pod may fail due to a 'psp-container-no-privilege' error and 'psp-host-network', in which case there would be two entries in the ReasonCodes map.

func (*PodCreationError) Error 

func (p *PodCreationError) Error() string

type PodCreationErrorReason 

type PodCreationErrorReason int

PodCreationErrorReason provides an CSP agnostic reason for errors encountered when creating pods. 

const (
	UndefinedPodCreationErrorReason PodCreationErrorReason = iota
	PSPNoPrivilege
	PSPNoPrivilegeEscalation
	PSPAllowedUsersGroups
	PSPContainerAllowedImages
	PSPHostNamespace
	PSPHostNetwork
	PSPAllowedCapabilities
	PSPAllowedPortRange
	PSPAllowedVolumeTypes
	PSPSeccompProfile
	ImagePullError
	Blocked
	Unauthorized
)

enum values for PodCreationErrorReason

func (PodCreationErrorReason) String 

func (r PodCreationErrorReason) String() string

type PodPayload 

type PodPayload struct {
	Pod      *apiv1.Pod
	PodAudit *PodAudit
}

type PodState 

type PodState struct {
	PodName         string
	CreationError   *PodCreationError
	ExpectedReason  *PodCreationErrorReason
	CommandExitCode int
}

podState captures useful pod state data for use in a scenario's state.

Source Files

View all Source files

Directories

Path Synopsis
Package container_registry_access provides the implementation required to execute the feature based test cases described in the the 'events' directory.
 Package container_registry_access provides the implementation required to execute the feature based test cases described in the the 'events' directory.
Package general provides the implementation required to execute the feature-based test cases described in the the 'events' directory.
 Package general provides the implementation required to execute the feature-based test cases described in the the 'events' directory.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.