Documentation ¶
Index ¶
- Constants
- func GetBlobFuseCredsSecretName(componentName string, volumeMountName string) string
- func GetCsiAzureCredsSecretName(componentName, radixVolumeMountName string) string
- func GetCsiAzureKeyVaultCredsSecretName(componentName, azureKeyVaultName string) string
- func GetDefaultCPULimit() *resource.Quantity
- func GetDefaultCPULimitForAppNamespace() *resource.Quantity
- func GetDefaultCPURequest() *resource.Quantity
- func GetDefaultCPURequestForAppNamespace() *resource.Quantity
- func GetDefaultMemoryLimit() *resource.Quantity
- func GetDefaultMemoryLimitForAppNamespace() *resource.Quantity
- func GetDefaultMemoryRequest() *resource.Quantity
- func GetDefaultMemoryRequestForAppNamespace() *resource.Quantity
- func GetDefaultReadinessProbeInitialDelaySeconds() (int32, error)
- func GetDefaultReadinessProbePeriodSeconds() (int32, error)
- func GetDefaultRollingUpdateMaxSurge() (string, error)
- func GetDefaultRollingUpdateMaxUnavailable() (string, error)
- func GetMachineUserRoleName(appName string) string
Constants ¶
const ( // SnykServiceAccountSecretName name of the secret containing SNYK access token used in pipeline scan steps SnykServiceAccountSecretName = "radix-snyk-service-account" // AzureACRServicePrincipleSecretName name of the secret containing ACR authentication information AzureACRServicePrincipleSecretName = "radix-sp-acr-azure" )
const ( RadixPipelineScanStepVulnerabilityListKey = "vulnerability_list" RadixPipelineScanStepVulnerabilityCountKey = "vulnerability_count" )
const ( // OperatorDNSZoneEnvironmentVariable The DNS zone used fro creating ingress of the cluster OperatorDNSZoneEnvironmentVariable = "DNS_ZONE" // OperatorAppAliasBaseURLEnvironmentVariable The base url for any app alias of the cluster OperatorAppAliasBaseURLEnvironmentVariable = "APP_ALIAS_BASE_URL" // OperatorClusterTypeEnvironmentVariable The type of cluster dev|playground|prod OperatorClusterTypeEnvironmentVariable = "RADIXOPERATOR_CLUSTER_TYPE" // DeploymentsHistoryLimitEnvironmentVariable Controls the number of RDs we can have in a environment DeploymentsHistoryLimitEnvironmentVariable = "RADIX_DEPLOYMENTS_PER_ENVIRONMENT_HISTORY_LIMIT" // JobsHistoryLimitEnvironmentVariable Controls the number of RJs we can have in a app namespace JobsHistoryLimitEnvironmentVariable = "RADIX_JOBS_PER_APP_HISTORY_LIMIT" // ClusternameEnvironmentVariable The name of the cluster ClusternameEnvironmentVariable = "RADIX_CLUSTERNAME" // ContainerRegistryEnvironmentVariable The name of the container registry ContainerRegistryEnvironmentVariable = "RADIX_CONTAINER_REGISTRY" // EnvironmentnameEnvironmentVariable The name of the environment for the application EnvironmentnameEnvironmentVariable = "RADIX_ENVIRONMENT" // PublicEndpointEnvironmentVariable The environment variable holding the public endpoint of the component PublicEndpointEnvironmentVariable = "RADIX_PUBLIC_DOMAIN_NAME" // CanonicalEndpointEnvironmentVariable Variable to hold the cluster spcific ingress CanonicalEndpointEnvironmentVariable = "RADIX_CANONICAL_DOMAIN_NAME" // RadixAppEnvironmentVariable The environment variable holding the name of the app RadixAppEnvironmentVariable = "RADIX_APP" // RadixComponentEnvironmentVariable The environment variable holding the name of the component RadixComponentEnvironmentVariable = "RADIX_COMPONENT" // RadixPortsEnvironmentVariable The environment variable holding the available ports of the component RadixPortsEnvironmentVariable = "RADIX_PORTS" // RadixPortNamesEnvironmentVariable The environment variable holding the available port names of the component RadixPortNamesEnvironmentVariable = "RADIX_PORT_NAMES" // RadixDNSZoneEnvironmentVariable The environment variable on a radix app giving the dns zone. Will be equal to OperatorDNSZoneEnvironmentVariable RadixDNSZoneEnvironmentVariable = "RADIX_DNS_ZONE" // RadixClusterTypeEnvironmentVariable The type of cluster dev|playground|prod. Will be equal to OperatorClusterTypeEnvironmentVariable RadixClusterTypeEnvironmentVariable = "RADIX_CLUSTER_TYPE" // ActiveClusternameEnvironmentVariable The name of the active cluster. If ActiveClusternameEnvironmentVariable == ClusternameEnvironmentVariable, this is the active cluster ActiveClusternameEnvironmentVariable = "RADIX_ACTIVE_CLUSTERNAME" // RadixCommitHashEnvironmentVariable Contains the commit id of the build RadixCommitHashEnvironmentVariable = "RADIX_GIT_COMMIT_HASH" // RadixRestartEnvironmentVariable Environment variable to indicate that a restart was triggered RadixRestartEnvironmentVariable = "RADIX_RESTART_TRIGGERED" // RadixConfigToMapEnvironmentVariable Points to the utility image for copying config file to map RadixConfigToMapEnvironmentVariable = "RADIX_CONFIG_TO_MAP" // RadixImageBuilderEnvironmentVariable Points to the image builder RadixImageBuilderEnvironmentVariable = "RADIX_IMAGE_BUILDER" // RadixImageScannerEnvironmentVariable Points to the image scanner RadixImageScannerEnvironmentVariable = "RADIX_IMAGE_SCANNER" // OperatorRadixJobSchedulerEnvironmentVariable Points to the image used to deploy job scheduler REST API for RD jobs OperatorRadixJobSchedulerEnvironmentVariable = "RADIXOPERATOR_JOB_SCHEDULER" // RadixDeploymentEnvironmentVariable Name of Radix Deployment RadixDeploymentEnvironmentVariable = "RADIX_DEPLOYMENT" // RadixDeploymentForceNonRootContainers Controls the non-root configuration for component containers // true: all component containers are force to run as non-root // false: non-root for a component container is controlled by runAsNonRoot from radixconfig RadixDeploymentForceNonRootContainers = "RADIX_DEPLOYMENTS_FORCE_NON_ROOT_CONTAINER" // RadixActiveClusterEgressIpsEnvironmentVariable IPs assigned to the cluster RadixActiveClusterEgressIpsEnvironmentVariable = "RADIX_ACTIVE_CLUSTER_EGRESS_IPS" // OperatorTenantIdEnvironmentVariable Tenant-id of the subscription OperatorTenantIdEnvironmentVariable = "RADIXOPERATOR_TENANT_ID" )
const ( RadixComponentTypeComponent = "component" RadixComponentTypeJobScheduler = "job" )
const ( OperatorReadinessProbeInitialDelaySeconds = "RADIXOPERATOR_APP_READINESS_PROBE_INITIAL_DELAY_SECONDS" OperatorReadinessProbePeriodSeconds = "RADIXOPERATOR_APP_READINESS_PROBE_PERIOD_SECONDS" )
Environment variables that define default readiness probe parameters for containers
const ( OperatorEnvLimitDefaultMemoryEnvironmentVariable = "RADIXOPERATOR_APP_ENV_LIMITS_DEFAULT_MEMORY" OperatorEnvLimitDefaultCPUEnvironmentVariable = "RADIXOPERATOR_APP_ENV_LIMITS_DEFAULT_CPU" OperatorEnvLimitDefaultRequestMemoryEnvironmentVariable = "RADIXOPERATOR_APP_ENV_LIMITS_DEFAULT_REQUEST_MEMORY" OperatorEnvLimitDefaultReqestCPUEnvironmentVariable = "RADIXOPERATOR_APP_ENV_LIMITS_DEFAULT_REQUEST_CPU" OperatorAppLimitDefaultMemoryEnvironmentVariable = "RADIXOPERATOR_APP_LIMITS_DEFAULT_MEMORY" OperatorAppLimitDefaultCPUEnvironmentVariable = "RADIXOPERATOR_APP_LIMITS_DEFAULT_CPU" OperatorAppLimitDefaultRequestMemoryEnvironmentVariable = "RADIXOPERATOR_APP_LIMITS_DEFAULT_REQUEST_MEMORY" OperatorAppLimitDefaultReqestCPUEnvironmentVariable = "RADIXOPERATOR_APP_LIMITS_DEFAULT_REQUEST_CPU" )
Environment variables that define default resources (limits and requests) for containers and environments See https://kubernetes.io/docs/tasks/administer-cluster/manage-resources/memory-default-namespace/
const ( // RadixGithubWebhookRoleName Name of the cluster role with RBAC for radix-github-webhook service account RadixGithubWebhookRoleName = "radix-github-webhook" // RadixGithubWebhookServiceAccountName Name of the service account representing the webhook RadixGithubWebhookServiceAccountName = "radix-github-webhook" // RadixAPIRoleName Name of the cluster role with RBAC for radix-api service account RadixAPIRoleName = "radix-api" // RadixAPIServiceAccountName Name of the service account representing the Radix API RadixAPIServiceAccountName = "radix-api" // AppAdminRoleName Name of role which grants access to manage the CI/CD of their applications AppAdminRoleName = "radix-app-admin" // AppAdminEnvironmentRoleName Name of role which grants access to manage their running Radix applications AppAdminEnvironmentRoleName = "radix-app-admin-envs" // PipelineRoleName Role to update the radix config from repo and execute the outer pipeline PipelineRoleName = "radix-pipeline" // PipelineRunnerRoleName Give radix-pipeline service account inside app namespace access to creating namespaces and make deployments through radix-pipeline-runner clusterrole PipelineRunnerRoleName = "radix-pipeline-runner" // ConfigToMapRunnerRoleName Role (service account name) of user to apply radixconfig to configmap ConfigToMapRunnerRoleName = "radix-config-to-map-runner" // ScanImageRunnerRoleName Role (service account name) of user to store vulnerability scan results to configmap ScanImageRunnerRoleName = "radix-scan-image-runner" // MachineUserPostfix Role (service account) of machine user will be <appName--machine-user> in default namespace MachineUserPostfix = "machine-user" // PlatformUserRoleName Name of platform user cluster role PlatformUserRoleName = "radix-platform-user" // RadixJobSchedulerServerRoleName Name of the cluster role with RBAC for radix-job-scheduler-server service account RadixJobSchedulerServerRoleName = "radix-job-scheduler-server" // RadixJobSchedulerServerServiceName Name of the service account representing the Radix Job Scheduler RadixJobSchedulerServerServiceName = "radix-job-scheduler-server" )
const ( OperatorRollingUpdateMaxSurge = "RADIXOPERATOR_APP_ROLLING_UPDATE_MAX_SURGE" )
Environment variables that define default rolling update parameters for containers
const ( // BuildSecretPrefix All build secrets will be mounted with this prefix BuildSecretPrefix = "BUILD_SECRET_" // BuildSecretsName Name of the secret in the app namespace holding all build secrets BuildSecretsName = "build-secrets" // BuildSecretDefaultData When the build secrets hold radix_undefined, it means they have not been set yet BuildSecretDefaultData = "radix_undefined" // BlobFuseCredsAccountKeyPartSuffix Account key suffix of secret listed BlobFuseCredsAccountKeyPartSuffix = "-accountkey" // BlobFuseCredsAccountNamePartSuffix Account name suffix of secret listed BlobFuseCredsAccountNamePartSuffix = "-accountname" // BlobFuseCredsAccountKeyPart Account key part of secret data BlobFuseCredsAccountKeyPart = "accountkey" // BlobFuseCredsAccountNamePart Account name part of secret data BlobFuseCredsAccountNamePart = "accountname" // CsiAzureCredsAccountKeyPartSuffix Account key suffix of secret listed CsiAzureCredsAccountKeyPartSuffix = "-accountkey" // CsiAzureCredsAccountNamePartSuffix Account name suffix of secret listed CsiAzureCredsAccountNamePartSuffix = "-accountname" // CsiAzureCredsAccountKeyPart Account key part of secret data CsiAzureCredsAccountKeyPart = "accountkey" // CsiAzureCredsAccountNamePart Account name part of secret data CsiAzureCredsAccountNamePart = "accountname" // CsiAzureKeyVaultCredsClientIdSuffix Client ID suffix of secret listed CsiAzureKeyVaultCredsClientIdSuffix = "-azkv-clientid" // CsiAzureKeyVaultCredsClientSecretSuffix Client secret suffix of secret listed CsiAzureKeyVaultCredsClientSecretSuffix = "-azkv-clientsecret" // CsiAzureKeyVaultCredsClientIdPart Client ID part of secret data for Azure Key Vault CsiAzureKeyVaultCredsClientIdPart = "clientid" // CsiAzureKeyVaultCredsClientSecretPart Client secret part of secret data for Azure Key Vault CsiAzureKeyVaultCredsClientSecretPart = "clientsecret" )
const PrivateImageHubSecretName = "radix-private-image-hubs"
PrivateImageHubSecretName name of private image hub secret - contain secret with all private image hubs credentials for an app
const RadixJobSchedulerPortName = "scheduler-port"
const RadixJobTimeLimitSeconds = 43200 // 12 hours
Variables ¶
This section is empty.
Functions ¶
func GetBlobFuseCredsSecretName ¶ added in v1.7.1
GetBlobFuseCredsSecretName Helper method
func GetCsiAzureCredsSecretName ¶ added in v1.13.0
GetCsiAzureCredsSecretName Helper method
func GetCsiAzureKeyVaultCredsSecretName ¶ added in v1.17.2
GetCsiAzureKeyVaultCredsSecretName Helper method
func GetDefaultCPULimit ¶
GetDefaultCPULimit Gets the default container CPU limit defined as an environment variable
func GetDefaultCPULimitForAppNamespace ¶ added in v1.5.21
GetDefaultCPULimitForAppNamespace Gets the default container CPU limit for app namespaces defined as an environment variable
func GetDefaultCPURequest ¶
GetDefaultCPURequest Gets the default container CPU request defined as an environment variable
func GetDefaultCPURequestForAppNamespace ¶ added in v1.5.21
GetDefaultCPURequestForAppNamespace Gets the default container CPU request for app namespaces defined as an environment variable
func GetDefaultMemoryLimit ¶
GetDefaultMemoryLimit Gets the default container memory limit defined as an environment variable
func GetDefaultMemoryLimitForAppNamespace ¶ added in v1.5.21
GetDefaultMemoryLimitForAppNamespace Gets the default container memory limit for app namespaces defined as an environment variable
func GetDefaultMemoryRequest ¶
GetDefaultMemoryRequest Gets the default container memory request defined as an environment variable
func GetDefaultMemoryRequestForAppNamespace ¶ added in v1.5.21
GetDefaultMemoryRequestForAppNamespace Gets the default container memory request for app namespaces defined as an environment variable
func GetDefaultReadinessProbeInitialDelaySeconds ¶
GetDefaultReadinessProbeInitialDelaySeconds Gets the default readiness probe initial delay seconds defined as an environment variable
func GetDefaultReadinessProbePeriodSeconds ¶
GetDefaultReadinessProbePeriodSeconds Gets the default readiness probe period seconds defined as an environment variable
func GetDefaultRollingUpdateMaxSurge ¶
GetDefaultRollingUpdateMaxSurge Gets the default rolling update max surge defined as an environment variable
func GetDefaultRollingUpdateMaxUnavailable ¶
GetDefaultRollingUpdateMaxUnavailable Gets the default rolling update max unavailable defined as an environment variable
func GetMachineUserRoleName ¶ added in v1.5.0
GetMachineUserRoleName Gets the name of the machine user for an app
Types ¶
This section is empty.