controller

package

v0.0.0-...-a53ccdd Latest Latest Go to latest Published: Jul 30, 2023 License: Apache-2.0 Imports: 27 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

View Source

const (
	CONTROLLER_TYPE_SIGRUN = "sigrun"
	GUID_TO_REPO_INFO      = "guid_to_repo_info"
	IMAGE_TO_GUIDS         = "image_to_guids"
)

View Source

const (
	SIGRUN_CONTROLLER_CONFIG    = "sigrun-controller-config"
	SIGRUN_CONTROLLER_NAMESPACE = "default"
)

This section is empty.

func CertificateToPem(certificateDER []byte) []byte

CertificateToPem ...

func GenerateCACert(certValidityDuration time.Duration) ([]byte, *rsa.PrivateKey, error)

GenerateCACert creates the self-signed CA cert and private key it will be used to sign the webhook server certificate

func GenerateCertPem(caCertRaw []byte, caKey *rsa.PrivateKey, certValidityDuration time.Duration) ([]byte, *rsa.PrivateKey, error)

GenerateCertPem takes the results of GenerateCACert and uses it to create the PEM-encoded public certificate and private key, respectively

func GetContainersFromResource(req *v1beta1.AdmissionReview) ([]corev1.Container, error)

getContainersFromPodOrDeployment returns the containers from a kubernetes object

func New() *sigrunController

func NewError(message string, err error) error

func ParseSigrunConfigMap(configMap *corev1.ConfigMap) (map[string]*RepoInfo, map[string][]string, error)

func PrivateKeyToPem(rsaKey *rsa.PrivateKey) []byte

PrivateKeyToPem Creates PEM block from private key object

func ValidateContainers(configMap *v1.ConfigMap, containers []v1.Container) error

type ConfigMapCache struct {
	// contains filtered or unexported fields
}

func NewConfigMapCache(client *kubernetes.Clientset) *ConfigMapCache

TODO ideally should invalidate cache when config map is updated instead of every 5 seconds, well something is better than nothing

func (c *ConfigMapCache) Get() (*corev1.ConfigMap, error)

type ContainerValidationError error

type Error struct {
	Message string
	Child   error
}

func (e *Error) Error() string

type RepoInfo struct {
	config.VerificationInfo
	Path string
}