helm

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 7, 2025 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SPIRERepositoryName = "spire"
	SPIRERepositoryUrl  = "https://spiffe.github.io/helm-charts-hardened/"

	SPIREChartName        = "spire"
	SPIREChartVersion     = "0.21.0"
	SPIRECRDsChartName    = "spire-crds"
	SPIRECRDsChartVersion = "0.4.0"

	// Kubernetes namespace in which Helm charts and CRDs will be installed.
	SPIREManagementNamespace = "spire-mgmt"
)

Variables

This section is empty.

Functions

func DiscardLogger 

func DiscardLogger(format string, v ...any)

func MergeMaps added in v0.5.0 

func MergeMaps(dest, src map[string]any) (map[string]any, error)

MergeMaps merges the source map into the destination map, returning a new merged map.

Types

type HelmSPIREProvider 

type HelmSPIREProvider struct {
	SPIREVersion     string
	SPIRECRDsVersion string
	// contains filtered or unexported fields
}

HelmSPIREProvider implements a Helm-based installer for the Cofide stack. It uses the SPIFFE/SPIRE project's own helm-charts-hardened Helm chart to install a SPIRE stack to a given Kubernetes context, making use of the Cofide API concepts and abstractions

func NewHelmSPIREProvider 

func NewHelmSPIREProvider(ctx context.Context, cluster *clusterpb.Cluster, spireValues, spireCRDsValues map[string]any) (*HelmSPIREProvider, error)

func (*HelmSPIREProvider) AddRepository 

func (h *HelmSPIREProvider) AddRepository(statusCh chan<- *provisionpb.Status) error

AddRepository adds the SPIRE Helm repository to the local repositories.yaml. The action is performed synchronously and status is streamed through the provided status channel. This function should be called once, not per-trust zone. The SPIRE Helm repository is added to the local repositories.yaml, locking the repositories.lock file while making changes.

func (*HelmSPIREProvider) CheckIfAlreadyInstalled 

func (h *HelmSPIREProvider) CheckIfAlreadyInstalled() (bool, error)

CheckIfAlreadyInstalled returns true if the SPIRE chart has previously been installed.

func (*HelmSPIREProvider) Execute 

func (h *HelmSPIREProvider) Execute(statusCh chan<- *provisionpb.Status) error

Execute installs the SPIRE Helm stack to the selected Kubernetes context. The action is performed synchronously and status is streamed through the provided status channel.

func (*HelmSPIREProvider) ExecutePostInstallUpgrade added in v0.5.0 

func (h *HelmSPIREProvider) ExecutePostInstallUpgrade(statusCh chan<- *provisionpb.Status) error

ExecutePostInstallUpgrade upgrades the SPIRE stack to the selected Kubernetes context. The action is performed synchronously and status is streamed through the provided status channel.

func (*HelmSPIREProvider) ExecuteUninstall 

func (h *HelmSPIREProvider) ExecuteUninstall(statusCh chan<- *provisionpb.Status) error

ExecuteUninstall uninstalls the SPIRE stack from the selected Kubernetes context. The action is performed synchronously and status is streamed through the provided status channel.

func (*HelmSPIREProvider) ExecuteUpgrade 

func (h *HelmSPIREProvider) ExecuteUpgrade(statusCh chan<- *provisionpb.Status) error

ExecuteUpgrade upgrades the SPIRE stack to the selected Kubernetes context. The action is performed synchronously and status is streamed through the provided status channel.

type HelmValuesGenerator 

type HelmValuesGenerator struct {
	// contains filtered or unexported fields
}

func NewHelmValuesGenerator 

func NewHelmValuesGenerator(trustZone *trust_zone_proto.TrustZone, cluster *clusterpb.Cluster, source datasource.DataSource, values map[string]any) *HelmValuesGenerator

func (*HelmValuesGenerator) GenerateValues 

func (g *HelmValuesGenerator) GenerateValues() (map[string]any, error)

type Provider added in v0.5.0 

type Provider interface {
	// AddRepository adds the SPIRE Helm repository to the local repositories.yaml.
	// The action is performed synchronously and status is streamed through the provided status channel.
	// This function should be called once, not per-trust zone.
	// The SPIRE Helm repository is added to the local repositories.yaml, locking the repositories.lock
	// file while making changes.
	AddRepository(statusCh chan<- *provisionpb.Status) error

	// Execute installs the SPIRE Helm stack to the selected Kubernetes context.
	// The action is performed synchronously and status is streamed through the provided status channel.
	Execute(statusCh chan<- *provisionpb.Status) error

	// ExecutePostInstallUpgrade upgrades the SPIRE stack to the selected Kubernetes context.
	// The action is performed synchronously and status is streamed through the provided status channel.
	ExecutePostInstallUpgrade(statusCh chan<- *provisionpb.Status) error

	// ExecuteUpgrade upgrades the SPIRE stack to the selected Kubernetes context.
	// The action is performed synchronously and status is streamed through the provided status channel.
	ExecuteUpgrade(statusCh chan<- *provisionpb.Status) error

	// ExecuteUninstall uninstalls the SPIRE stack from the selected Kubernetes context.
	// The action is performed synchronously and status is streamed through the provided status channel.
	ExecuteUninstall(statusCh chan<- *provisionpb.Status) error

	// CheckIfAlreadyInstalled returns true if the SPIRE chart has previously been installed.
	CheckIfAlreadyInstalled() (bool, error)
}

Provider is an interface that abstracts a Helm-based workload identity provider.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.