kube

package
v1.46.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 8, 2023 License: MIT Imports: 41 Imported by: 29

Documentation

Index

Constants

View Source
const (
	RadixBranchAnnotation                            = "radix-branch"
	RadixGitTagsAnnotation                           = "radix.equinor.com/radix-git-tags"
	RadixCommitAnnotation                            = "radix.equinor.com/radix-commit"
	RadixConfigHash                                  = "radix.equinor.com/radix-config-hash"
	RadixBuildSecretHash                             = "radix.equinor.com/build-secret-hash"
	RadixComponentImagesAnnotation                   = "radix-component-images"
	RadixDeploymentNameAnnotation                    = "radix-deployment-name"
	RadixDeploymentPromotedFromDeploymentAnnotation  = "radix.equinor.com/radix-deployment-promoted-from-deployment"
	RadixDeploymentPromotedFromEnvironmentAnnotation = "radix.equinor.com/radix-deployment-promoted-from-environment"

	// See https://github.com/equinor/radix-velero-plugin/blob/master/velero-plugins/deployment/restore.go
	RestoredStatusAnnotation = "equinor.com/velero-restored-status"
)

Radix Annotations

View Source
const (
	K8sAppLabel                         = "k8s-app"
	RadixAppLabel                       = "radix-app"
	RadixEnvLabel                       = "radix-env"
	RadixComponentLabel                 = "radix-component"
	RadixDeploymentLabel                = "radix-deployment"
	RadixComponentTypeLabel             = "radix-component-type"
	RadixJobNameLabel                   = "radix-job-name"
	RadixAuxiliaryComponentLabel        = "radix-aux-component"
	RadixAuxiliaryComponentTypeLabel    = "radix-aux-component-type"
	RadixBuildLabel                     = "radix-build"
	RadixCommitLabel                    = "radix-commit"
	RadixImageTagLabel                  = "radix-image-tag"
	RadixJobTypeLabel                   = "radix-job-type"
	RadixJobTypeJob                     = "job" // Outer job
	RadixJobTypeBuild                   = "build"
	RadixJobTypeCloneConfig             = "clone-config"
	RadixJobTypePreparePipelines        = "prepare-pipelines"
	RadixJobTypeRunPipelines            = "run-pipelines"
	RadixJobTypeJobSchedule             = "job-scheduler"
	RadixJobTypeBatchSchedule           = "batch-scheduler"
	RadixAppAliasLabel                  = "radix-app-alias"
	RadixExternalAliasLabel             = "radix-app-external-alias"
	RadixActiveClusterAliasLabel        = "radix-app-active-cluster-alias"
	RadixMountTypeLabel                 = "mount-type"
	RadixVolumeMountNameLabel           = "radix-volume-mount-name"
	RadixGpuLabel                       = "radix-node-gpu"
	RadixGpuCountLabel                  = "radix-node-gpu-count"
	RadixJobNodeLabel                   = "nodepooltasks"
	RadixNamespace                      = "radix-namespace"
	RadixConfigMapTypeLabel             = "radix-config-map-type"
	RadixSecretTypeLabel                = "radix-secret-type"
	RadixSecretRefTypeLabel             = "radix-secret-ref-type"
	RadixSecretRefNameLabel             = "radix-secret-ref-name"
	RadixUserDefinedNetworkPolicyLabel  = "is-user-defined"
	RadixPodIsJobSchedulerLabel         = "is-job-scheduler-pod"
	RadixPodIsJobAuxObjectLabel         = "is-job-aux-object"
	IsServiceAccountForComponent        = "is-service-account-for-component"
	IsServiceAccountForSubPipelineLabel = "is-service-account-for-subpipeline"
	RadixBatchNameLabel                 = "radix-batch-name"
	RadixBatchJobNameLabel              = "radix-batch-job-name"
	RadixBatchTypeLabel                 = "radix-batch-type"
	RadixAccessValidationLabel          = "radix-access-validation"
	RadixPipelineTypeLabels             = "radix-pipeline"

	// NodeTaintGpuCountKey defines the taint key on GPU nodes.
	// Pods required to run on nodes with this taint must add a toleration with effect NoSchedule
	NodeTaintGpuCountKey = "radix-node-gpu-count"
	NodeTaintJobsKey     = "nodepooltasks"

	// RadixBranchDeprecated Only for backward compatibility
	RadixBranchDeprecated = "radix-branch"
)

Radix Labels

Variables

This section is empty.

Functions

func BuildAzureKeyVaultSecretProviderClass added in v1.22.1

func BuildAzureKeyVaultSecretProviderClass(tenantId string, appName string, radixDeploymentName string, radixDeployComponentName string, azureKeyVault radixv1.RadixAzureKeyVault, identity *radixv1.Identity) (*secretsstorev1.SecretProviderClass, error)

BuildAzureKeyVaultSecretProviderClass Build a SecretProviderClass for Azure Key vault secret-ref

func BuildRadixConfigEnvVarsConfigMap added in v1.15.0

func BuildRadixConfigEnvVarsConfigMap(appName, componentName string) *corev1.ConfigMap

BuildRadixConfigEnvVarsConfigMap Build environment-variables config-map

func BuildRadixConfigEnvVarsMetadataConfigMap added in v1.15.0

func BuildRadixConfigEnvVarsMetadataConfigMap(appName, componentName string) *corev1.ConfigMap

BuildRadixConfigEnvVarsMetadataConfigMap Build environment-variables metadata config-map

func CreateAppRole added in v1.20.3

func CreateAppRole(appName, roleName string, customLabels map[string]string, ruleBuilders ...RuleBuilder) *rbacv1.Role

func CreateManageSecretRole added in v1.3.0

func CreateManageSecretRole(appName, roleName string, secretNames []string, customLabels map[string]string) *rbacv1.Role

CreateManageSecretRole creates a role that can manage a secret with predefined set of verbs

func CreateReadSecretRole added in v1.39.3

func CreateReadSecretRole(appName, roleName string, secretNames []string, customLabels map[string]string) *rbacv1.Role

CreateReadSecretRole creates a role that can read a secret with predefined set of verbs

func GetAzureKeyVaultSecretRefSecretName added in v1.17.2

func GetAzureKeyVaultSecretRefSecretName(componentName, radixDeploymentName, azKeyVaultName string, secretType corev1.SecretType) string

GetAzureKeyVaultSecretRefSecretName Gets a secret name for Azure KeyVault RadixSecretRefs

func GetComponentSecretProviderClassName added in v1.17.2

func GetComponentSecretProviderClassName(radixDeploymentName, radixDeployComponentName string, radixSecretRefType radixv1.RadixSecretRefType, secretRefName string) string

GetComponentSecretProviderClassName Gets unique name of the component secret storage class

func GetEnvVarsConfigMapName added in v1.15.0

func GetEnvVarsConfigMapName(componentName string) string

GetEnvVarsConfigMapName Get config-map name for environment variables

func GetEnvVarsMetadataConfigMapName added in v1.15.0

func GetEnvVarsMetadataConfigMapName(componentName string) string

GetEnvVarsMetadataConfigMapName Get config-map name for environment variables metadata

func GetEnvVarsMetadataFromConfigMap added in v1.15.0

func GetEnvVarsMetadataFromConfigMap(envVarsMetadataConfigMap *corev1.ConfigMap) (map[string]EnvVarMetadata, error)

GetEnvVarsMetadataFromConfigMap Get environment-variables metadata from config-map

func GetRoleBindingGroups

func GetRoleBindingGroups(groups []string) []rbacv1.Subject

GetRoleBindingGroups Get subjects for list of ad groups

func GetRolebindingToClusterRole added in v1.3.0

func GetRolebindingToClusterRole(appName, roleName string, groups []string) *rbacv1.RoleBinding

GetRolebindingToClusterRole Get role binding object

func GetRolebindingToClusterRoleForServiceAccountWithLabels added in v1.3.0

func GetRolebindingToClusterRoleForServiceAccountWithLabels(roleName, serviceAccountName, serviceAccountNamespace string, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToClusterRoleForServiceAccountWithLabels Get role binding object

func GetRolebindingToClusterRoleForSubjects added in v1.5.0

func GetRolebindingToClusterRoleForSubjects(appName, roleName string, subjects []rbacv1.Subject) *rbacv1.RoleBinding

GetRolebindingToClusterRoleForSubjects Get role binding object for list of subjects

func GetRolebindingToClusterRoleForSubjectsWithLabels added in v1.5.0

func GetRolebindingToClusterRoleForSubjectsWithLabels(roleName string, subjects []rbacv1.Subject, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToClusterRoleForSubjectsWithLabels Get role binding object for list of subjects with labels set

func GetRolebindingToClusterRoleWithLabels added in v1.3.0

func GetRolebindingToClusterRoleWithLabels(roleName string, groups []string, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToClusterRoleWithLabels Get role binding object

func GetRolebindingToRole added in v1.3.0

func GetRolebindingToRole(appName, roleName string, groups []string) *rbacv1.RoleBinding

GetRolebindingToRole Get role binding object

func GetRolebindingToRoleForServiceAccountWithLabels added in v1.3.0

func GetRolebindingToRoleForServiceAccountWithLabels(roleName, serviceAccountName, serviceAccountNamespace string, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToRoleForServiceAccountWithLabels Get role binding object

func GetRolebindingToRoleForSubjectsWithLabels added in v1.5.0

func GetRolebindingToRoleForSubjectsWithLabels(appName, roleName string, subjects []rbacv1.Subject, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToRoleForSubjectsWithLabels Get role binding object for list of subjects with labels set

func GetRolebindingToRoleWithLabels added in v1.3.0

func GetRolebindingToRoleWithLabels(roleName string, groups []string, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToRoleWithLabels Get role binding object

func GetRolebindingToRoleWithLabelsForSubjects added in v1.5.0

func GetRolebindingToRoleWithLabelsForSubjects(roleName string, subjects []rbacv1.Subject, labels map[string]string) *rbacv1.RoleBinding

GetRolebindingToRoleWithLabelsForSubjects Get rolebinding object with subjects as input

func GetSecretRefAzureKeyVaultItemDataKey added in v1.22.1

func GetSecretRefAzureKeyVaultItemDataKey(keyVaultItem *radixv1.RadixAzureKeyVaultItem) string

GetSecretRefAzureKeyVaultItemDataKey Get item data key for the Azure Key vault secret-ref

func GetSecretTypeForRadixAzureKeyVault added in v1.17.2

func GetSecretTypeForRadixAzureKeyVault(k8sSecretType *radixv1.RadixAzureKeyVaultK8sSecretType) corev1.SecretType

GetSecretTypeForRadixAzureKeyVault Gets corev1.SecretType by RadixAzureKeyVaultK8sSecretType

func IsEmptyPatch added in v1.13.0

func IsEmptyPatch(patchBytes []byte) bool

func MergePodDisruptionBudgets added in v1.21.9

func MergePodDisruptionBudgets(existingPdb *v1.PodDisruptionBudget, generatedPdb *v1.PodDisruptionBudget) ([]byte, error)

MergePodDisruptionBudgets returns patch bytes between two PDBs

func SetEnvVarsMetadataMapToConfigMap added in v1.15.0

func SetEnvVarsMetadataMapToConfigMap(configMap *corev1.ConfigMap, envVarsMetadataMap map[string]EnvVarMetadata) error

SetEnvVarsMetadataMapToConfigMap Set environment-variables metadata to config-map

Types

type EnvVarMetadata added in v1.15.0

type EnvVarMetadata struct {
	RadixConfigValue string
}

EnvVarMetadata Metadata for environment variables

type Kube

type Kube struct {
	RrLister                 v1Lister.RadixRegistrationLister
	ReLister                 v1Lister.RadixEnvironmentLister
	RdLister                 v1Lister.RadixDeploymentLister
	RbLister                 v1Lister.RadixBatchLister
	RadixAlertLister         v1Lister.RadixAlertLister
	NamespaceLister          coreListers.NamespaceLister
	SecretLister             coreListers.SecretLister
	DeploymentLister         appsv1Listers.DeploymentLister
	IngressLister            networkingListers.IngressLister
	ServiceLister            coreListers.ServiceLister
	RoleBindingLister        rbacListers.RoleBindingLister
	ClusterRoleBindingLister rbacListers.ClusterRoleBindingLister
	RoleLister               rbacListers.RoleLister
	ClusterRoleLister        rbacListers.ClusterRoleLister
	ServiceAccountLister     coreListers.ServiceAccountLister
	LimitRangeLister         coreListers.LimitRangeLister
	JobLister                batchListers.JobLister
	// contains filtered or unexported fields
}

Kube Struct for accessing lower level kubernetes functions

func New

func New(client kubernetes.Interface, radixClient radixclient.Interface, secretProviderClient secretProviderClient.Interface) (*Kube, error)

New Constructor

func NewWithListers

func NewWithListers(client kubernetes.Interface,
	radixclient radixclient.Interface,
	secretProviderClient secretProviderClient.Interface,
	kubeInformerFactory kubeinformers.SharedInformerFactory,
	radixInformerFactory informers.SharedInformerFactory) (*Kube, error)

NewWithListers Constructor

func (*Kube) ApplyClusterRole

func (kubeutil *Kube) ApplyClusterRole(clusterrole *rbacv1.ClusterRole) error

ApplyClusterRole Creates or updates cluster-role

func (*Kube) ApplyClusterRoleBinding

func (kubeutil *Kube) ApplyClusterRoleBinding(clusterrolebinding *rbacv1.ClusterRoleBinding) error

ApplyClusterRoleBinding Creates or updates cluster-role-binding

func (*Kube) ApplyClusterRoleBindingToServiceAccount added in v1.42.4

func (kubeutil *Kube) ApplyClusterRoleBindingToServiceAccount(roleName string, serviceAccount *corev1.ServiceAccount, ownerReference []metav1.OwnerReference) error

ApplyClusterRoleBindingToServiceAccount Creates cluster-role-binding as a link between cluster role and service account

func (*Kube) ApplyConfigMap added in v1.15.0

func (kubeutil *Kube) ApplyConfigMap(namespace string, currentConfigMap, desiredConfigMap *corev1.ConfigMap) error

ApplyConfigMap Patch changes of environment-variables to config-map if any

func (*Kube) ApplyDeployment

func (kubeutil *Kube) ApplyDeployment(namespace string, currentDeployment *appsv1.Deployment, desiredDeployment *appsv1.Deployment) error

ApplyDeployment Create or update deployment in provided namespace

func (*Kube) ApplyEnvVarsMetadataConfigMap added in v1.15.0

func (kubeutil *Kube) ApplyEnvVarsMetadataConfigMap(namespace string, envVarsMetadataConfigMap *corev1.ConfigMap, envVarsMetadataMap map[string]EnvVarMetadata) error

ApplyEnvVarsMetadataConfigMap Save changes of environment-variables metadata to config-map

func (*Kube) ApplyIngress

func (kubeutil *Kube) ApplyIngress(namespace string, ingress *networkingv1.Ingress) error

ApplyIngress Will create or update ingress in provided namespace

func (*Kube) ApplyLimitRange

func (kubeutil *Kube) ApplyLimitRange(namespace string, limitRange *corev1.LimitRange) error

ApplyLimitRange Applies limit range to namespace

func (*Kube) ApplyNamespace

func (kubeutil *Kube) ApplyNamespace(name string, labels map[string]string, ownerRefs []metav1.OwnerReference) error

ApplyNamespace Creates a new namespace, if not exists already

func (*Kube) ApplyNetworkPolicy added in v1.20.0

func (kubeutil *Kube) ApplyNetworkPolicy(networkPolicy *v1.NetworkPolicy, ns string) error

ApplyNetworkPolicy Applies a k8s network policy to specified namespace

func (*Kube) ApplyRole

func (kubeutil *Kube) ApplyRole(namespace string, role *rbacv1.Role) error

ApplyRole Creates or updates role

func (*Kube) ApplyRoleBinding

func (kubeutil *Kube) ApplyRoleBinding(namespace string, role *rbacv1.RoleBinding) error

ApplyRoleBinding Creates or updates role

func (*Kube) ApplyRoleBindingToServiceAccount added in v1.42.4

func (kubeutil *Kube) ApplyRoleBindingToServiceAccount(roleKind, roleName, namespace string, serviceAccount *corev1.ServiceAccount, ownerReference []metav1.OwnerReference) error

ApplyRoleBindingToServiceAccount Creates role-binding as a link between role and service account

func (*Kube) ApplySecret

func (kubeutil *Kube) ApplySecret(namespace string, secret *corev1.Secret) (savedSecret *corev1.Secret, err error)

ApplySecret Creates or updates secret to namespace

func (*Kube) ApplyService added in v1.4.1

func (kubeutil *Kube) ApplyService(namespace string, service *corev1.Service) error

ApplyService Will create or update service in provided namespace

func (*Kube) ApplyServiceAccount

func (kubeutil *Kube) ApplyServiceAccount(serviceAccount *corev1.ServiceAccount) (*corev1.ServiceAccount, error)

ApplyServiceAccount Creates or updates service account

func (*Kube) BuildLimitRange

func (kubeutil *Kube) BuildLimitRange(namespace, name, appName string, defaultResourceMemory, defaultRequestCPU, defaultRequestMemory *resource.Quantity) *corev1.LimitRange

BuildLimitRange Builds a limit range spec

func (*Kube) CreateConfigMap added in v1.15.0

func (kubeutil *Kube) CreateConfigMap(namespace string, configMap *corev1.ConfigMap) (*corev1.ConfigMap, error)

CreateConfigMap Create config map

func (*Kube) CreateDeployment added in v1.38.0

func (kubeutil *Kube) CreateDeployment(namespace string, deployment *appsv1.Deployment) (*appsv1.Deployment, error)

CreateDeployment Created deployment

func (*Kube) CreateSecretProviderClass added in v1.17.2

func (kubeutil *Kube) CreateSecretProviderClass(namespace string, secretProviderClass *secretsstorev1.SecretProviderClass) (savedSecret *secretsstorev1.SecretProviderClass, err error)

CreateSecretProviderClass Creates secret provider class to namespace

func (*Kube) CreateServiceAccount added in v1.30.0

func (kubeutil *Kube) CreateServiceAccount(namespace, name string) (*corev1.ServiceAccount, error)

CreateServiceAccount create a service account

func (*Kube) DeleteClusterRoleBinding added in v1.5.0

func (kubeutil *Kube) DeleteClusterRoleBinding(name string) error

DeleteClusterRoleBinding Deletes a clusterrolebinding

func (*Kube) DeleteConfigMap added in v1.21.11

func (kubeutil *Kube) DeleteConfigMap(namespace string, name string) error

DeleteConfigMap Deletes config-maps

func (*Kube) DeleteDeployment added in v1.38.0

func (kubeutil *Kube) DeleteDeployment(namespace, name string) error

DeleteDeployment Delete deployment

func (*Kube) DeleteRadixBatch added in v1.43.2

func (kubeutil *Kube) DeleteRadixBatch(namespace, name string) error

DeleteRadixBatch Deletes a batch

func (*Kube) DeleteRole added in v1.5.0

func (kubeutil *Kube) DeleteRole(namespace, name string) error

DeleteRole Deletes a role in a namespace

func (*Kube) DeleteRoleBinding added in v1.5.0

func (kubeutil *Kube) DeleteRoleBinding(namespace, name string) error

DeleteRoleBinding Deletes a rolebinding in a namespace

func (*Kube) DeleteSecret added in v1.5.2

func (kubeutil *Kube) DeleteSecret(namespace, secretName string) error

DeleteSecret Deletes a secret in a namespace

func (*Kube) DeleteServiceAccount added in v1.5.0

func (kubeutil *Kube) DeleteServiceAccount(namespace, name string) error

DeleteServiceAccount Deletes service account

func (*Kube) GetActiveDeployment added in v1.15.0

func (kubeutil *Kube) GetActiveDeployment(namespace string) (*v1.RadixDeployment, error)

GetActiveDeployment Get active RadixDeployment for the namespace

func (*Kube) GetClusterActiveEgressIps added in v1.16.9

func (kubeutil *Kube) GetClusterActiveEgressIps() (string, error)

GetClusterActiveEgressIps Gets cluster active ips from config map in default namespace

func (*Kube) GetClusterName

func (kubeutil *Kube) GetClusterName() (string, error)

GetClusterName Gets the global name of the cluster from config map in default namespace

func (*Kube) GetClusterRole added in v1.4.2

func (kubeutil *Kube) GetClusterRole(name string) (*rbacv1.ClusterRole, error)

GetClusterRole Gets cluster role

func (*Kube) GetConfigMap

func (kubeutil *Kube) GetConfigMap(namespace, name string) (*corev1.ConfigMap, error)

GetConfigMap Gets config map by name

func (*Kube) GetDeployment added in v1.5.17

func (kubeutil *Kube) GetDeployment(namespace, name string) (*appsv1.Deployment, error)

func (*Kube) GetEnvVarsConfigMapAndMetadataMap added in v1.15.0

func (kubeutil *Kube) GetEnvVarsConfigMapAndMetadataMap(namespace string, componentName string) (*corev1.ConfigMap, *corev1.ConfigMap, map[string]EnvVarMetadata, error)

GetEnvVarsConfigMapAndMetadataMap Get environment-variables config-map, environment-variables metadata config-map and metadata map from it

func (*Kube) GetEnvVarsMetadataConfigMapAndMap added in v1.15.0

func (kubeutil *Kube) GetEnvVarsMetadataConfigMapAndMap(namespace string, componentName string) (*corev1.ConfigMap, map[string]EnvVarMetadata, error)

GetEnvVarsMetadataConfigMapAndMap Get environment-variables metadata config-map and map from it

func (*Kube) GetEnvironment added in v1.5.5

func (kubeutil *Kube) GetEnvironment(name string) (*v1.RadixEnvironment, error)

GetEnvironment Gets environment using lister from cache if present

func (*Kube) GetOrCreateEnvVarsConfigMapAndMetadataMap added in v1.15.0

func (kubeutil *Kube) GetOrCreateEnvVarsConfigMapAndMetadataMap(namespace, appName, componentName string) (*corev1.ConfigMap, *corev1.ConfigMap, error)

GetOrCreateEnvVarsConfigMapAndMetadataMap Get environment variables and its metadata config-maps

func (*Kube) GetRadixAlert added in v1.16.0

func (kubeutil *Kube) GetRadixAlert(namespace, name string) (*v1.RadixAlert, error)

GetRadixDeployment Gets radix alert using lister if present

func (*Kube) GetRadixBatch added in v1.43.2

func (kubeutil *Kube) GetRadixBatch(namespace, name string) (*v1.RadixBatch, error)

GetRadixBatch Gets batches using lister if present

func (*Kube) GetRadixDeployment

func (kubeutil *Kube) GetRadixDeployment(namespace, name string) (*v1.RadixDeployment, error)

GetRadixDeployment Gets deployment using lister if present

func (*Kube) GetRegistration

func (kubeutil *Kube) GetRegistration(name string) (*v1.RadixRegistration, error)

GetRegistration Gets registration using lister if present

func (*Kube) GetRole added in v1.4.2

func (kubeutil *Kube) GetRole(namespace, name string) (*rbacv1.Role, error)

GetRole Gets role

func (*Kube) GetRoleBinding added in v1.5.2

func (kubeutil *Kube) GetRoleBinding(namespace, name string) (*rbacv1.RoleBinding, error)

GetRoleBinding Gets rolebinding

func (*Kube) GetSecret added in v1.4.3

func (kubeutil *Kube) GetSecret(namespace, name string) (*corev1.Secret, error)

GetSecret Get secret from cache, if lister exist

func (*Kube) GetSecretProviderClass added in v1.17.2

func (kubeutil *Kube) GetSecretProviderClass(namespace string, className string) (*secretsstorev1.SecretProviderClass, error)

GetSecretProviderClass Gets secret provider class

func (*Kube) GetServiceAccount added in v1.31.0

func (kubeutil *Kube) GetServiceAccount(namespace, name string) (*corev1.ServiceAccount, error)

func (*Kube) GetSubscriptionId added in v1.16.7

func (kubeutil *Kube) GetSubscriptionId() (string, error)

GetSubscriptionId Gets the subscription-id from config map in default namespace

func (*Kube) KubeClient added in v1.18.0

func (kubeutil *Kube) KubeClient() kubernetes.Interface

KubeClient Kubernetes client

func (*Kube) ListClusterRoleBindings added in v1.4.2

func (kubeutil *Kube) ListClusterRoleBindings(namespace string) ([]*rbacv1.ClusterRoleBinding, error)

ListClusterRoleBindings List cluster roles

func (*Kube) ListClusterRoles added in v1.4.2

func (kubeutil *Kube) ListClusterRoles(namespace string) ([]*rbacv1.ClusterRole, error)

ListClusterRoles List cluster roles

func (*Kube) ListConfigMaps added in v1.23.4

func (kubeutil *Kube) ListConfigMaps(namespace string) ([]*corev1.ConfigMap, error)

ListConfigMaps Lists config maps in namespace

func (*Kube) ListConfigMapsWithSelector added in v1.31.8

func (kubeutil *Kube) ListConfigMapsWithSelector(namespace string, labelSelectorString string) ([]*corev1.ConfigMap, error)

ListConfigMapsWithSelector Get a list of ConfigMaps by Label requirements

func (*Kube) ListDeployments added in v1.4.2

func (kubeutil *Kube) ListDeployments(namespace string) ([]*appsv1.Deployment, error)

ListDeployments List deployments

func (*Kube) ListDeploymentsWithSelector added in v1.18.0

func (kubeutil *Kube) ListDeploymentsWithSelector(namespace, labelSelectorString string) ([]*appsv1.Deployment, error)

ListDeploymentsWithSelector List deployments with selector

func (*Kube) ListEnvVarsConfigMaps added in v1.23.4

func (kubeutil *Kube) ListEnvVarsConfigMaps(namespace string) ([]*corev1.ConfigMap, error)

ListEnvVarsConfigMaps Lists config maps which contain env vars

func (*Kube) ListEnvVarsMetadataConfigMaps added in v1.23.4

func (kubeutil *Kube) ListEnvVarsMetadataConfigMaps(namespace string) ([]*corev1.ConfigMap, error)

ListEnvVarsMetadataConfigMaps Lists config maps which contain metadata of env vars

func (*Kube) ListEnvironments added in v1.5.5

func (kubeutil *Kube) ListEnvironments() ([]*v1.RadixEnvironment, error)

ListEnvironments lists environments from cache if lister is present

func (*Kube) ListIngresses added in v1.4.0

func (kubeutil *Kube) ListIngresses(namespace string) ([]*networkingv1.Ingress, error)

ListIngresses lists ingresses

func (*Kube) ListIngressesWithSelector added in v1.4.0

func (kubeutil *Kube) ListIngressesWithSelector(namespace string, labelSelectorString string) ([]*networkingv1.Ingress, error)

ListIngressesWithSelector lists ingresses

func (*Kube) ListJobs added in v1.10.2

func (kubeutil *Kube) ListJobs(namespace string) ([]*batchv1.Job, error)

ListJobs Lists jobs from cache or from cluster

func (*Kube) ListJobsWithSelector added in v1.32.0

func (kubeutil *Kube) ListJobsWithSelector(namespace, labelSelectorString string) ([]*batchv1.Job, error)

ListJobsWithSelector List jobs with selector

func (*Kube) ListPodDisruptionBudgets added in v1.21.9

func (kubeutil *Kube) ListPodDisruptionBudgets(namespace string) ([]*v1.PodDisruptionBudget, error)

ListPodDisruptionBudgets lists PodDisruptionBudgets

func (*Kube) ListRadixAlert added in v1.16.0

func (kubeutil *Kube) ListRadixAlert(namespace string) ([]*v1.RadixAlert, error)

ListRadixAlert Gets radix alerts using lister if present

func (*Kube) ListRadixBatches added in v1.43.2

func (kubeutil *Kube) ListRadixBatches(namespace string) ([]*v1.RadixBatch, error)

ListRadixBatches Gets batches using lister if present

func (*Kube) ListRadixDeployments

func (kubeutil *Kube) ListRadixDeployments(namespace string) ([]*v1.RadixDeployment, error)

ListRadixDeployments Gets deployments using lister if present

func (*Kube) ListRegistrations

func (kubeutil *Kube) ListRegistrations() ([]*v1.RadixRegistration, error)

ListRegistrations lists registrations

func (*Kube) ListRoleBindings added in v1.4.1

func (kubeutil *Kube) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error)

ListRoleBindings Lists role bindings from cache or from cluster

func (*Kube) ListRoleBindingsWithSelector added in v1.4.1

func (kubeutil *Kube) ListRoleBindingsWithSelector(namespace string, labelSelectorString string) ([]*rbacv1.RoleBinding, error)

ListRoleBindingsWithSelector Lists role bindings from cache or from cluster using a selector

func (*Kube) ListRoles added in v1.4.2

func (kubeutil *Kube) ListRoles(namespace string) ([]*rbacv1.Role, error)

ListRoles List roles

func (*Kube) ListRolesWithSelector added in v1.4.2

func (kubeutil *Kube) ListRolesWithSelector(namespace string, labelSelectorString string) ([]*rbacv1.Role, error)

ListRolesWithSelector List roles

func (*Kube) ListSecretExistsForLabels added in v1.17.2

func (kubeutil *Kube) ListSecretExistsForLabels(namespace string, labelSelector string) ([]corev1.Secret, error)

ListSecretExistsForLabels Gets list of secrets for specific labels

func (*Kube) ListSecrets added in v1.4.3

func (kubeutil *Kube) ListSecrets(namespace string) ([]*corev1.Secret, error)

ListSecrets secrets in namespace

func (*Kube) ListSecretsWithSelector added in v1.4.3

func (kubeutil *Kube) ListSecretsWithSelector(namespace string, labelSelectorString string) ([]*corev1.Secret, error)

ListSecretsWithSelector secrets in namespace

func (*Kube) ListServiceAccounts added in v1.31.0

func (kubeutil *Kube) ListServiceAccounts(namespace string) ([]*corev1.ServiceAccount, error)

ListServiceAccounts List service accounts in namespace

func (*Kube) ListServiceAccountsWithSelector added in v1.31.0

func (kubeutil *Kube) ListServiceAccountsWithSelector(namespace string, labelSelectorString string) ([]*corev1.ServiceAccount, error)

ListServiceAccountsWithSelector List service accounts with selector in namespace

func (*Kube) ListServices added in v1.4.1

func (kubeutil *Kube) ListServices(namespace string) ([]*corev1.Service, error)

ListServices Lists services from cache or from cluster

func (*Kube) ListServicesWithSelector added in v1.18.0

func (kubeutil *Kube) ListServicesWithSelector(namespace, labelSelectorString string) ([]*corev1.Service, error)

ListServices Lists services from cache or from cluster

func (*Kube) ListUserDefinedNetworkPolicies added in v1.19.0

func (kubeutil *Kube) ListUserDefinedNetworkPolicies(appName string, env string) (*v1.NetworkPolicyList, error)

ListUserDefinedNetworkPolicies Returns list of user defined network policies

func (*Kube) RadixClient added in v1.19.7

func (kubeutil *Kube) RadixClient() radixclient.Interface

RadixClient Radix Kubernetes CRD client

func (*Kube) SecretExists

func (kubeutil *Kube) SecretExists(namespace, secretName string) bool

SecretExists Checks if secret already exists

func (*Kube) UpdateConfigMap added in v1.15.0

func (kubeutil *Kube) UpdateConfigMap(namespace string, configMaps ...*corev1.ConfigMap) error

UpdateConfigMap Update config-maps

func (*Kube) UpdatePodDisruptionBudget added in v1.21.9

func (kubeutil *Kube) UpdatePodDisruptionBudget(namespace string, pdb *v1.PodDisruptionBudget) error

UpdatePodDisruptionBudget will update PodDisruptionBudgets in provided namespace

type NamespaceWatcher

type NamespaceWatcher interface {
	WaitFor(namespace string) error
}

NamespaceWatcher Watcher to wait for namespace to be created

type NamespaceWatcherImpl

type NamespaceWatcherImpl struct {
	// contains filtered or unexported fields
}

NamespaceWatcherImpl Implementation of watcher

func NewNamespaceWatcherImpl

func NewNamespaceWatcherImpl(client kubernetes.Interface) NamespaceWatcherImpl

NewNamespaceWatcherImpl Constructor

func (NamespaceWatcherImpl) WaitFor

func (watcher NamespaceWatcherImpl) WaitFor(namespace string) error

WaitFor Waits for namespace to appear

type PodSecurityLevel added in v1.24.0

type PodSecurityLevel string
const (
	PrivilegedLevel PodSecurityLevel = "privileged"
	BaselineLevel   PodSecurityLevel = "baseline"
	RestrictedLevel PodSecurityLevel = "restricted"
)

type PodSecurityStandard added in v1.24.0

type PodSecurityStandard struct {
	// contains filtered or unexported fields
}

PodSecurityStandard defines methods to build pod security standard labels. See https://kubernetes.io/docs/concepts/security/pod-security-standards/

func NewAppNamespacePodSecurityStandardFromEnv added in v1.41.6

func NewAppNamespacePodSecurityStandardFromEnv() *PodSecurityStandard

NewAppNamespacePodSecurityStandardFromEnv builds pod security standard for app namespaces from environment variables

func NewEnvNamespacePodSecurityStandardFromEnv added in v1.41.6

func NewEnvNamespacePodSecurityStandardFromEnv() *PodSecurityStandard

NewEnvNamespacePodSecurityStandardFromEnv builds pod security standard for env namespaces from environment variables

func (*PodSecurityStandard) Audit added in v1.24.0

func (pss *PodSecurityStandard) Audit(level PodSecurityLevel, version string)

Audit pod policy violations. Policy violations will trigger the addition of an audit annotation to the event recorded in the audit log, but are otherwise allowed.

func (*PodSecurityStandard) Enforce added in v1.24.0

func (pss *PodSecurityStandard) Enforce(level PodSecurityLevel, version string)

Enforce policy Policy violations will cause the pod to be rejected.

func (*PodSecurityStandard) Labels added in v1.24.0

func (pss *PodSecurityStandard) Labels() map[string]string

Labels returns labels that will enforce pod security standard when applied on a namespace

func (*PodSecurityStandard) Warn added in v1.24.0

func (pss *PodSecurityStandard) Warn(level PodSecurityLevel, version string)

Warn triggers a user-facing warning (e.g. kubectl) when a pod violates the policy

type RadixBatchType added in v1.32.1

type RadixBatchType string

RadixBatchType defines value for use with label RadixBatchTypeLabel

const (
	RadixBatchTypeJob   RadixBatchType = "job"
	RadixBatchTypeBatch RadixBatchType = "batch"
)

type RadixConfigMapType added in v1.15.0

type RadixConfigMapType string

RadixConfigMapType Purpose of ConfigMap

const (
	// EnvVarsConfigMap ConfigMap contains environment variables
	EnvVarsConfigMap RadixConfigMapType = "env-vars"
	// EnvVarsMetadataConfigMap ConfigMap contains environment variables metadata
	EnvVarsMetadataConfigMap RadixConfigMapType = "env-vars-metadata"
	// RadixPipelineResultConfigMap Label of a ConfigMap, which keeps a Radix pipeline result
	RadixPipelineResultConfigMap RadixConfigMapType = "radix-pipeline-result"
	// RadixPipelineConfigConfigMap Label of a ConfigMap, which keeps a Radix pipeline configuration
	RadixPipelineConfigConfigMap RadixConfigMapType = "radix-pipeline-config"
	// RadixPipelineGitInformationConfigMap Label of a ConfigMap, which keeps a Radix pipeline Git information
	RadixPipelineGitInformationConfigMap RadixConfigMapType = "radix-pipeline-git-information"
)

type RadixSecretType added in v1.39.6

type RadixSecretType string

RadixSecretType defines value for use with label RadixSecretTypeLabel

const (
	RadixSecretJobPayload RadixSecretType = "scheduler-job-payload"
)

type RuleBuilder added in v1.20.3

type RuleBuilder func() rbacv1.PolicyRule

func ManageSecretsRule added in v1.20.3

func ManageSecretsRule(secretNames []string) RuleBuilder

func ReadSecretsRule added in v1.39.3

func ReadSecretsRule(secretNames []string) RuleBuilder

func UpdateDeploymentsRule added in v1.20.3

func UpdateDeploymentsRule(deployments []string) RuleBuilder

type SecretProviderClassParameterObject added in v1.17.2

type SecretProviderClassParameterObject struct {
	// Name. Name of the Azure Key Vault object
	Name string `json:"objectName" yaml:"objectName"`
	// Type. Type of the Azure KeyVault object: secret, key, cert
	Type string `json:"objectType" yaml:"objectType"`
	// Alias. Optional. Specify the filename of the object when written to disk. Defaults to objectName if not provided.
	Alias string `json:"objectAlias,omitempty" yaml:"objectAlias,omitempty"`
	// Version. Optional. object versions, default to the latest if empty
	Version string `json:"objectVersion,omitempty" yaml:"objectVersion,omitempty"`
	// Format. Optional. The format of the Azure Key Vault object, supported types are pem and pfx. objectFormat: pfx is only supported with objectType: secret and PKCS12 or ECC certificates. Default format for certificates is pem.
	Format string `json:"objectFormat,omitempty" yaml:"objectFormat,omitempty"`
	// Encoding. Optional. Setting object encoding to base64 and object format to pfx will fetch and write the base64 decoded pfx binary
	Encoding string `json:"objectEncoding,omitempty" yaml:"objectEncoding,omitempty"`
}

SecretProviderClassParameterObject Object for SecretProviderClass parameters

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL