Documentation ¶
Index ¶
- Variables
- func ValidateSecret(secret *corev1.Secret) error
- type BlobClient
- func (c *BlobClient) BucketExists(ctx context.Context, bucketName string) (bool, error)
- func (c *BlobClient) Close(_ context.Context)
- func (c *BlobClient) FGetObject(ctx context.Context, bucketName, objectName, localPath string) (string, error)
- func (c *BlobClient) ObjectIsNotFound(err error) bool
- func (c *BlobClient) VisitObjects(ctx context.Context, bucketName string, visit func(path, etag string) error) error
Constants ¶
This section is empty.
Variables ¶
var ( // ErrorDirectoryExists is an error returned when the filename provided // is a directory. ErrorDirectoryExists = errors.New("filename is a directory") )
Functions ¶
func ValidateSecret ¶
ValidateSecret validates if the provided Secret does at least have one valid set of credentials. The provided Secret may be nil.
Types ¶
type BlobClient ¶
BlobClient is a minimal Azure Blob client for fetching objects.
func NewClient ¶
NewClient creates a new Azure Blob storage client. The credential config on the client is set based on the data from the Bucket and Secret. It detects credentials in the Secret in the following order:
- azidentity.ClientSecretCredential when `tenantId`, `clientId` and `clientSecret` fields are found.
- azidentity.ClientCertificateCredential when `tenantId`, `clientCertificate` (and optionally `clientCertificatePassword`) fields are found.
- azidentity.ManagedIdentityCredential for a User ID, when a `clientId` field but no `tenantId` is found.
- azidentity.WorkloadIdentityCredential for when environment variables (AZURE_AUTHORITY_HOST, AZURE_CLIENT_ID, AZURE_FEDERATED_TOKEN_FILE, AZURE_TENANT_ID) are set by the Azure workload identity webhook.
- azblob.SharedKeyCredential when an `accountKey` field is found. The account name is extracted from the endpoint specified on the Bucket object.
- azidentity.ChainedTokenCredential with azidentity.EnvironmentCredential and azidentity.ManagedIdentityCredential.
If no credentials are found, and the azidentity.ChainedTokenCredential can not be established. A simple client without credentials is returned.
func (*BlobClient) BucketExists ¶
BucketExists returns if an object storage bucket with the provided name exists, or returns a (client) error.
func (*BlobClient) Close ¶
func (c *BlobClient) Close(_ context.Context)
Close has no effect on BlobClient.
func (*BlobClient) FGetObject ¶
func (c *BlobClient) FGetObject(ctx context.Context, bucketName, objectName, localPath string) (string, error)
FGetObject gets the object from the provided object storage bucket, and writes it to targetPath. It returns the etag of the successfully fetched file, or any error.
func (*BlobClient) ObjectIsNotFound ¶
func (c *BlobClient) ObjectIsNotFound(err error) bool
ObjectIsNotFound checks if the error provided is an azblob.StorageError with an azblob.StorageErrorCodeBlobNotFound error code.
func (*BlobClient) VisitObjects ¶
func (c *BlobClient) VisitObjects(ctx context.Context, bucketName string, visit func(path, etag string) error) error
VisitObjects iterates over the items in the provided object storage bucket, calling visit for every item. If the underlying client or the visit callback returns an error, it returns early.