apiserver

package
v4.1.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 15, 2019 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const APPLY_POLICY_PERM = "ApplyPolicy"
View Source 
const CAT_PERM = "Cat"

MISC

View Source 
const CREATE_BACKUP_PERM = "CreateBackup"

CREATE

View Source 
const CREATE_BENCHMARK_PERM = "CreateBenchmark"
View Source 
const CREATE_CLUSTER_PERM = "CreateCluster"
View Source 
const CREATE_DUMP_PERM = "CreateDump"
View Source 
const CREATE_FAILOVER_PERM = "CreateFailover"
View Source 
const CREATE_INGEST_PERM = "CreateIngest"
View Source 
const CREATE_NAMESPACE_PERM = "CreateNamespace"
View Source 
const CREATE_PGBOUNCER_PERM = "CreatePgbouncer"
View Source 
const CREATE_PGOROLE_PERM = "CreatePgorole"
View Source 
const CREATE_PGOUSER_PERM = "CreatePgouser"
View Source 
const CREATE_PGPOOL_PERM = "CreatePgpool"
View Source 
const CREATE_POLICY_PERM = "CreatePolicy"
View Source 
const CREATE_SCHEDULE_PERM = "CreateSchedule"
View Source 
const CREATE_UPGRADE_PERM = "CreateUpgrade"
View Source 
const CREATE_USER_PERM = "CreateUser"
View Source 
const DELETE_BACKUP_PERM = "DeleteBackup"

DELETE

View Source 
const DELETE_BENCHMARK_PERM = "DeleteBenchmark"
View Source 
const DELETE_CLUSTER_PERM = "DeleteCluster"
View Source 
const DELETE_INGEST_PERM = "DeleteIngest"
View Source 
const DELETE_NAMESPACE_PERM = "DeleteNamespace"
View Source 
const DELETE_PGBOUNCER_PERM = "DeletePgbouncer"
View Source 
const DELETE_PGOROLE_PERM = "DeletePgorole"
View Source 
const DELETE_PGOUSER_PERM = "DeletePgouser"
View Source 
const DELETE_PGPOOL_PERM = "DeletePgpool"
View Source 
const DELETE_POLICY_PERM = "DeletePolicy"
View Source 
const DELETE_SCHEDULE_PERM = "DeleteSchedule"
View Source 
const DELETE_USER_PERM = "DeleteUser"
View Source 
const DF_CLUSTER_PERM = "DfCluster"
View Source 
const LABEL_PERM = "Label"
View Source 
const LOAD_PERM = "Load"
View Source 
const LS_PERM = "Ls"
View Source 
const PGOSecretName = "pgo.tls"
View Source 
const RELOAD_PERM = "Reload"
View Source 
const RESTORE_DUMP_PERM = "RestoreDump"

RESTORE

View Source 
const RESTORE_PERM = "Restore"
View Source 
const RESTORE_PGBASEBACKUP_PERM = "RestorePgbasebackup"
View Source 
const SCALE_CLUSTER_PERM = "ScaleCluster"

SCALE

View Source 
const SHOW_BACKUP_PERM = "ShowBackup"

SHOW

View Source 
const SHOW_BENCHMARK_PERM = "ShowBenchmark"
View Source 
const SHOW_CLUSTER_PERM = "ShowCluster"
View Source 
const SHOW_CONFIG_PERM = "ShowConfig"
View Source 
const SHOW_INGEST_PERM = "ShowIngest"
View Source 
const SHOW_NAMESPACE_PERM = "ShowNamespace"
View Source 
const SHOW_PGOROLE_PERM = "ShowPgorole"
View Source 
const SHOW_PGOUSER_PERM = "ShowPgouser"
View Source 
const SHOW_POLICY_PERM = "ShowPolicy"
View Source 
const SHOW_PVC_PERM = "ShowPVC"
View Source 
const SHOW_SCHEDULE_PERM = "ShowSchedule"
View Source 
const SHOW_SECRETS_PERM = "ShowSecrets"
View Source 
const SHOW_USER_PERM = "ShowUser"
View Source 
const SHOW_WORKFLOW_PERM = "ShowWorkflow"
View Source 
const STATUS_PERM = "Status"
View Source 
const TEST_CLUSTER_PERM = "TestCluster"
View Source 
const TreeBranch = "├── "

TreeBranch is for debugging only in this context

View Source 
const TreeTrunk = "└── "

TreeTrunk is for debugging only in this context

View Source 
const UPDATE_CLUSTER_PERM = "UpdateCluster"

UPDATE

View Source 
const UPDATE_NAMESPACE_PERM = "UpdateNamespace"
View Source 
const UPDATE_PGOROLE_PERM = "UpdatePgorole"
View Source 
const UPDATE_PGOUSER_PERM = "UpdatePgouser"
View Source 
const UPDATE_USER_PERM = "UpdateUser"
View Source 
const VERSION_MISMATCH_ERROR = "pgo client and server version mismatch"
View Source 
const VERSION_PERM = "Version"

Variables

View Source 
var AuditFlag bool

AuditFlag if set to true will cause auditing to occur in the logs

View Source 
var BasicAuth bool

BasicAuth comes from the apiserver config

View Source 
var CRUNCHY_DEBUG bool
View Source 
var Clientset *kubernetes.Clientset

Clientset ...

View Source 
var DebugFlag bool

DebugFlag is the debug flag value

View Source 
var InstallationName string
View Source 
var MetricsFlag, BadgerFlag bool

MetricsFlag if set to true will cause crunchy-collect to be added into new clusters

View Source 
var PermMap map[string]string
View Source 
var Pgo config.PgoConfig
View Source 
var PgoNamespace string

Namespace comes from the apiserver config in this version

View Source 
var RESTClient *rest.RESTClient

RESTClient ...

View Source 
var RESTConfig *rest.Config
View Source 
var RoleMap map[string]map[string]string

Functions

func Authn 

func Authn(perm string, w http.ResponseWriter, r *http.Request) (string, error)

func BasicAuthCheck 

func BasicAuthCheck(username, password string) bool

func BasicAuthzCheck 

func BasicAuthzCheck(username, perm string) bool

func ConnectToKube 

func ConnectToKube()

ConnectToKube ...

func CreateRMDataTask 

func CreateRMDataTask(clusterName, replicaName, taskName string, deleteBackups, deleteData, isReplica, isBackup bool, ns string) error

func GetBackrestStorageTypes 

func GetBackrestStorageTypes() []string

func GetContainerResourcesJSON 

func GetContainerResourcesJSON(resources *crv1.PgContainerResources) string

GetContainerResources ...

func GetNamespace 

func GetNamespace(clientset *kubernetes.Clientset, username, requestedNS string) (string, error)

GetNamespace determines if a user has permission for a namespace they are requesting a valid requested namespace is required

func GetPVCName 

func GetPVCName(pod *v1.Pod) map[string]string

func GetPodStatus 

func GetPodStatus(deployName, ns string) (string, string)

func GetSecrets 

func GetSecrets(cluster *crv1.Pgcluster, ns string) ([]msgs.ShowUserSecret, error)

func GetTLS 

func GetTLS(certPath, keyPath string) error

validate or generate the TLS keys

func HasPerm 

func HasPerm(role string, perm string) bool

func Initialize 

func Initialize()

func InitializePerms 

func InitializePerms()

func IsStringOneOf 

func IsStringOneOf(testVal string, acceptedVals ...string) bool

IsStringOneOf tests to see string testVal is included in the list of strings provided using acceptedVals

func IsValidBackrestStorageType 

func IsValidBackrestStorageType(storageType string) bool

IsValidBackrestStorageType determines if the storageType string contains valid pgBackRest storage type values

func IsValidContainerResource 

func IsValidContainerResource(name string) bool

func IsValidContainerResourceValues 

func IsValidContainerResourceValues() bool

func IsValidNodeLabel 

func IsValidNodeLabel(key, value string) (bool, bool, error)

IsValidNodeLabel returns bool for key validity returns bool for value validity returns error

func IsValidPVC 

func IsValidPVC(pvcName, ns string) bool

IsValidPVC determines if a PVC with the name provided exits

func IsValidStorageName 

func IsValidStorageName(name string) bool

func NewCertEnforcer 

func NewCertEnforcer(reqRoutes []string) (*certEnforcer, error)

NewCertEnforcer ensures a certEnforcer is created with skipped routes and validates that the configured routes are allowed

func UserIsPermittedInNamespace 

func UserIsPermittedInNamespace(username, requestedNS string) (bool, bool)

returns installation access and user access installation access means a namespace belongs to this Operator installation user access means this user has access to a namespace

func ValidateNodeLabel 

func ValidateNodeLabel(nodeLabel string) error

ValidateNodeLabel returns error if node label is invalid

Types

type CredentialDetail 

type CredentialDetail struct {
	Username   string
	Password   string
	Role       string
	Namespaces []string
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.