Documentation ¶
Index ¶
- Variables
- func ExtractSSHKeyPairFromSecret(secret *corev1.Secret) (public, private []byte, err error)
- func GetAsyncSidecar(devworkspaceID, sshVolumeName string, volumes []corev1.Volume) *corev1.Container
- func GetOrCreateSSHConfig(workspace *common.DevWorkspaceWithConfig, clusterAPI sync.ClusterAPI) (*corev1.Secret, *corev1.ConfigMap, error)
- func GetSSHKeyPair() (public, private []byte, err error)
- func GetSSHSidecarSecretName(workspaceId string) string
- func GetVolumeFromSecret(secret *corev1.Secret) *corev1.Volume
- func GetWorkspaceSyncDeploymentCluster(namespace string, clusterAPI sync.ClusterAPI) (*appsv1.Deployment, error)
- func RemoveAuthorizedKeyFromConfigMap(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI) (retry bool, err error)
- func SyncWorkspaceSyncDeploymentToCluster(workspace *common.DevWorkspaceWithConfig, sshConfigMap *corev1.ConfigMap, ...) (*appsv1.Deployment, error)
- func SyncWorkspaceSyncServiceToCluster(asyncDeploy *appsv1.Deployment, api sync.ClusterAPI) (*corev1.Service, error)
Constants ¶
This section is empty.
Variables ¶
var NotReadyError = errors.New("async storage component is not ready")
Functions ¶
func GetAsyncSidecar ¶
func GetAsyncSidecar(devworkspaceID, sshVolumeName string, volumes []corev1.Volume) *corev1.Container
GetAsyncSidecar gets the definition for the async storage sidecar. Within this sidecar, all provided volumes are mounted to `/volume.Name`, and the sshVolume is mounted to /etc/ssh/private as read-only.
Note: in the current implementation, the image used for the async sidecar only syncs from ${CHE_PROJECTS_ROOT}
func GetOrCreateSSHConfig ¶
func GetOrCreateSSHConfig(workspace *common.DevWorkspaceWithConfig, clusterAPI sync.ClusterAPI) (*corev1.Secret, *corev1.ConfigMap, error)
GetOrCreateSSHConfig returns the secret and configmap used for the asynchronous deployment. The Secret is generated per-workspace and should be mounted to the asynchronous storage sync sidecar. The ConfigMap is per-namespace and stores authorized_keys for each workspace that is expected to use asynchronous storage; it should be mounted in the asynchronous storage sync deployment.
If the k8s objects do not exist, an SSH keypair is generated and a secret and configmap are created on the cluster. This function works on two streams:
- If the async storage SSH secret for the given workspace does not exist on the cluster, an SSH keypair are generated, a Secret is synced to the cluster and the corresponding authorized key is added to the ConfigMap
- If the async storage SSH secret exists, its content is read, and the ConfigMap is verified to contain the corresponding public key in authorized_keys.
In both cases, if the ConfigMap does not exist, it is created.
Returns NotReadyError if changes were made to the cluster.
func GetSSHKeyPair ¶
GetSSHKeyPair returns a pair of SSH keys. The public key is formatted for inclusion in an ssh authorized_keys file, and the private key is pem-formatted.
func GetSSHSidecarSecretName ¶
func GetWorkspaceSyncDeploymentCluster ¶
func GetWorkspaceSyncDeploymentCluster(namespace string, clusterAPI sync.ClusterAPI) (*appsv1.Deployment, error)
func RemoveAuthorizedKeyFromConfigMap ¶ added in v0.12.0
func RemoveAuthorizedKeyFromConfigMap(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI) (retry bool, err error)
RemoveAuthorizedKeyFromConfigMap removes the ssh key used by a given workspace from the common async storage authorized keys configmap.
func SyncWorkspaceSyncDeploymentToCluster ¶
func SyncWorkspaceSyncDeploymentToCluster(workspace *common.DevWorkspaceWithConfig, sshConfigMap *corev1.ConfigMap, pvcName string, clusterAPI sync.ClusterAPI) (*appsv1.Deployment, error)
func SyncWorkspaceSyncServiceToCluster ¶
func SyncWorkspaceSyncServiceToCluster(asyncDeploy *appsv1.Deployment, api sync.ClusterAPI) (*corev1.Service, error)
Types ¶
This section is empty.