Documentation
¶
Index ¶
Constants ¶
View Source
const ( // ExtensionType is the name of the extension type. ExtensionType = "shoot-oidc-service" // ServiceName is the name of the service. ServiceName = ExtensionType // ManagedResourceNamesSeed is the name used to describe the managed seed resources. ManagedResourceNamesSeed = extensionServiceName + "-seed" // ManagedResourceNamesShoot is the name used to describe the managed shoot resources. ManagedResourceNamesShoot = extensionServiceName + "-shoot" // ApplicationName is the name for resource describing the components deployed by the extension controller. ApplicationName = "oidc-webhook-authenticator" // ImageName is the name of the oidc webhook authenticator image. ImageName = ApplicationName // WebhookConfigurationName is the name of the webhook configuration(s) deployed in the shoot cluster. WebhookConfigurationName = ApplicationName + "-shoot" // WebhookTLSSecretName is the name of the TLS secret resource used by the OIDC webhook in the seed cluster. WebhookTLSSecretName = ApplicationName + "-tls" // WebhookTLSCertDir is the directory used for mounting the webhook certificates. WebhookTLSCertDir = "/var/run/oidc-webhook-authenticator/tls" // WebhookKubeConfigSecretName is the name of the secret providing the kubeconfig for connection to the webhook authenticator. WebhookKubeConfigSecretName = ApplicationName + "-kubeconfig" // OIDCResourceReader is the name of the RBAC resources created in the shoot cluster that allow reading authentication.gardener.cloud.openidconnects. OIDCResourceReader = ApplicationName + "-resource-reader" // TokenValidator is used to name the resources used to allow the kube-apiserver to validate tokens against the oidc authenticator. TokenValidator = ApplicationName + "-token-validator" // TokenValidatorDir is the path were the token-validator related secrets are mounted in the kube-apiserver pod. TokenValidatorDir = "/var/run/secrets/oidc-webhook/token-validator" // #nosec G101 -- No credential // AuthenticatorDir is the path were the authenticator related secrets are mounted in the kube-apiserver pod. AuthenticatorDir = "/var/run/secrets/oidc-webhook/authenticator" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.