Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the v1alpha1 API group +kubebuilder:object:generate=true +groupName=confidentialcontainers.org
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "confidentialcontainers.org", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type DeploymentType ¶
type DeploymentType string
Deployment Type string determines the way to deploy the KBS +enum
const ( // DeploymentTypeAllInOne: all the KBS components will be deployed in the same container DeploymentTypeAllInOne DeploymentType = "AllInOneDeployment" // DeploymentTypeMicroservices: all the KBS components will be deployed in separate containers DeploymentTypeMicroservices DeploymentType = "MicroservicesDeployment" )
type IbmSEConfigSpec ¶
type IbmSEConfigSpec struct {
// certStorePvc is the name of the PeristentVolumeClaim where certificates/keys are mounted
// +optional
CertStorePvc string `json:"certStorePvc,omitempty"`
}
IbmSEConfigSpec defines the desired state for IBMSE configuration
func (*IbmSEConfigSpec) DeepCopy ¶
func (in *IbmSEConfigSpec) DeepCopy() *IbmSEConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IbmSEConfigSpec.
func (*IbmSEConfigSpec) DeepCopyInto ¶
func (in *IbmSEConfigSpec) DeepCopyInto(out *IbmSEConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KbsConfig ¶
type KbsConfig struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec KbsConfigSpec `json:"spec,omitempty"`
Status KbsConfigStatus `json:"status,omitempty"`
}
KbsConfig is the Schema for the kbsconfigs API
func (*KbsConfig) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KbsConfig.
func (*KbsConfig) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KbsConfig) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type KbsConfigList ¶
type KbsConfigList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []KbsConfig `json:"items"`
}
KbsConfigList contains a list of KbsConfig
func (*KbsConfigList) DeepCopy ¶
func (in *KbsConfigList) DeepCopy() *KbsConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KbsConfigList.
func (*KbsConfigList) DeepCopyInto ¶
func (in *KbsConfigList) DeepCopyInto(out *KbsConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KbsConfigList) DeepCopyObject ¶
func (in *KbsConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type KbsConfigSpec ¶
type KbsConfigSpec struct {
// KbsConfigMapName is the name of the configmap that contains the KBS configuration
KbsConfigMapName string `json:"kbsConfigMapName,omitempty"`
// KbsAsConfigMapName is the name of the configmap that contains the KBS AS configuration
// Required only when MicroservicesDeployment is set
// +optional
KbsAsConfigMapName string `json:"kbsAsConfigMapName,omitempty"`
// KbsRvpsConfigMapName is the name of the configmap that contains the KBS RVPS configuration
// Required only when MicroservicesDeployment is set
// +optional
KbsRvpsConfigMapName string `json:"kbsRvpsConfigMapName,omitempty"`
// kbsRvpsRefValuesConfigMapName is the name of the configmap that contains the RVPS reference values
KbsRvpsRefValuesConfigMapName string `json:"kbsRvpsRefValuesConfigMapName,omitempty"`
// KbsAuthSecretName is the name of the secret that contains the KBS auth secret
KbsAuthSecretName string `json:"kbsAuthSecretName,omitempty"`
// KbsServiceType is the type of service to create for KBS
// Default value is ClusterIP
// +optional
KbsServiceType corev1.ServiceType `json:"kbsServiceType,omitempty"`
// KbsDeploymentType is the type of KBS deployment
// It can assume one of the following values:
// AllInOneDeployment: all the KBS components will be deployed in the same container
// MicroservicesDeployment: all the KBS components will be deployed in separate containers
// +kubebuilder:validation:Enum=AllInOneDeployment;MicroservicesDeployment
// Default value is AllInOneDeployment
// +optional
KbsDeploymentType DeploymentType `json:"kbsDeploymentType,omitempty"`
// KbsHttpsKeySecretName is the name of the secret that contains the KBS https private key
KbsHttpsKeySecretName string `json:"kbsHttpsKeySecretName,omitempty"`
// KbsHttpsCertSecretName is the name of the secret that contains the KBS https certificate
KbsHttpsCertSecretName string `json:"kbsHttpsCertSecretName,omitempty"`
// KbsSecretResources is an array of secret names that contain the keys required by clients
// +optional
KbsSecretResources []string `json:"kbsSecretResources,omitempty"`
// KbsAttestationPolicyConfigMapName is the name of the configmap that contains the Attestation Policy
// +optional
KbsAttestationPolicyConfigMapName string `json:"kbsAttestationPolicyConfigMapName,omitempty"`
// KbsResourcePolicyConfigMapName is the name of the configmap that contains the Resource Policy
// +optional
KbsResourcePolicyConfigMapName string `json:"kbsResourcePolicyConfigMapName,omitempty"`
// TdxConfigSpec is the struct that hosts the TDX specific configuration
// +optional
TdxConfigSpec TdxConfigSpec `json:"tdxConfigSpec,omitempty"`
// IbmSEConfigSpec is the struct that hosts the IBMSE specific configuration
// +optional
IbmSEConfigSpec IbmSEConfigSpec `json:"ibmSEConfigSpec,omitempty"`
// KbsEnvVars injects environment variables in the trustee pods
// For example, RUST_LOG=debug enables logging with DEBUG severity
// +optional
KbsEnvVars map[string]string `json:"KbsEnvVars,omitempty"`
}
KbsConfigSpec defines the desired state of KbsConfig
func (*KbsConfigSpec) DeepCopy ¶
func (in *KbsConfigSpec) DeepCopy() *KbsConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KbsConfigSpec.
func (*KbsConfigSpec) DeepCopyInto ¶
func (in *KbsConfigSpec) DeepCopyInto(out *KbsConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KbsConfigStatus ¶
type KbsConfigStatus struct {
// IsReady is true when the KBS configuration is ready
IsReady bool `json:"isReady,omitempty"`
}
KbsConfigStatus defines the observed state of KbsConfig
func (*KbsConfigStatus) DeepCopy ¶
func (in *KbsConfigStatus) DeepCopy() *KbsConfigStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KbsConfigStatus.
func (*KbsConfigStatus) DeepCopyInto ¶
func (in *KbsConfigStatus) DeepCopyInto(out *KbsConfigStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TdxConfigSpec ¶
type TdxConfigSpec struct {
// kbsTdxConfigMapName is the name of the configmap containing sgx_default_qcnl.conf file
// +optional
KbsTdxConfigMapName string `json:"kbsTdxConfigMapName,omitempty"`
}
TdxConfigSpec defines the desired state for TDX configuration
func (*TdxConfigSpec) DeepCopy ¶
func (in *TdxConfigSpec) DeepCopy() *TdxConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TdxConfigSpec.
func (*TdxConfigSpec) DeepCopyInto ¶
func (in *TdxConfigSpec) DeepCopyInto(out *TdxConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files