injector

package
v1.10.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 21, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AllowedServiceAccountInfos = []string{
	"kube-system:replicaset-controller",
	"kube-system:deployment-controller",
	"kube-system:cronjob-controller",
	"kube-system:job-controller",
	"kube-system:statefulset-controller",
	"kube-system:daemon-set-controller",
	"tekton-pipelines:tekton-pipelines-controller",
}

Functions

func AllowedControllersServiceAccountUID added in v1.1.0 

func AllowedControllersServiceAccountUID(ctx context.Context, cfg Config, kubeClient kubernetes.Interface) ([]string, error)

AllowedControllersServiceAccountUID returns an array of UID, list of allowed service account on the webhook handler.

Types

type Config 

type Config struct {
	TLSCertFile                 string `envconfig:"TLS_CERT_FILE" required:"true"`
	TLSKeyFile                  string `envconfig:"TLS_KEY_FILE" required:"true"`
	SidecarImage                string `envconfig:"SIDECAR_IMAGE" required:"true"`
	SidecarImagePullPolicy      string `envconfig:"SIDECAR_IMAGE_PULL_POLICY"`
	Namespace                   string `envconfig:"NAMESPACE" required:"true"`
	KubeClusterDomain           string `envconfig:"KUBE_CLUSTER_DOMAIN"`
	AllowedServiceAccounts      string `envconfig:"ALLOWED_SERVICE_ACCOUNTS"`
	IgnoreEntrypointTolerations string `envconfig:"IGNORE_ENTRYPOINT_TOLERATIONS"`
	RunAsNonRoot                string `envconfig:"SIDECAR_RUN_AS_NON_ROOT"`
	ReadOnlyRootFilesystem      string `envconfig:"SIDECAR_READ_ONLY_ROOT_FILESYSTEM"`
	// contains filtered or unexported fields
}

Config represents configuration options for the Dapr Sidecar Injector webhook server.

func GetConfig added in v1.3.0 

func GetConfig() (Config, error)

GetConfig returns configuration derived from environment variables.

func NewConfigWithDefaults 

func NewConfigWithDefaults() Config

NewConfigWithDefaults returns a Config object with default values already applied. Callers are then free to set custom values for the remaining fields and/or override default values.

func (*Config) GetIgnoreEntrypointTolerations added in v1.9.0 

func (c *Config) GetIgnoreEntrypointTolerations() []corev1.Toleration

func (Config) GetPullPolicy added in v1.9.0 

func (c Config) GetPullPolicy() corev1.PullPolicy

func (*Config) GetReadOnlyRootFilesystem added in v1.10.0 

func (c *Config) GetReadOnlyRootFilesystem() bool

func (*Config) GetRunAsNonRoot added in v1.10.0 

func (c *Config) GetRunAsNonRoot() bool

type Injector 

type Injector interface {
	Run(ctx context.Context, onReady func())
}

Injector is the interface for the Dapr runtime sidecar injection component.

func NewInjector 

func NewInjector(authUIDs []string, config Config, daprClient scheme.Interface, kubeClient kubernetes.Interface) Injector

NewInjector returns a new Injector instance with the given config.

Source Files

View all Source files

Directories

Path Synopsis
Package annotations contains the list of annotations for Dapr deployments.
 Package annotations contains the list of annotations for Dapr deployments.
package sidecar contains helpers to build the Container object for Kubernetes to deploy the Dapr sidecar container.
 package sidecar contains helpers to build the Container object for Kubernetes to deploy the Dapr sidecar container.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.