rotation

package

v1.73.0 Latest Latest Go to latest Published: Jun 16, 2023 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gardener/gardener

Links

Open Source Insights

Documentation ¶

Index ¶

type AgeSorter
type ETCDEncryptionKeyVerifier
type SecretConfigNamesToSecrets
- func GroupByName(allSecrets []corev1.Secret) SecretConfigNamesToSecrets
type SecretEncryptionVerifier
type ServiceAccountKeyVerifier
type Verifier
type Verifiers

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AgeSorter ¶

type AgeSorter []corev1.Secret

AgeSorter implements sort.Interface for a slice of secrets for sorting by age.

func (AgeSorter) Len ¶

func (x AgeSorter) Len() int

func (AgeSorter) Less ¶

func (x AgeSorter) Less(i, j int) bool

func (AgeSorter) Swap ¶

func (x AgeSorter) Swap(i, j int)

type ETCDEncryptionKeyVerifier ¶ added in v1.68.0

type ETCDEncryptionKeyVerifier struct {
	RuntimeClient                client.Client
	Namespace                    string
	SecretsManagerLabelSelector  client.MatchingLabels
	GetETCDEncryptionKeyRotation func() *gardencorev1beta1.ETCDEncryptionKeyRotation
	// contains filtered or unexported fields
}

ETCDEncryptionKeyVerifier verifies the etcd encryption key rotation.

func (*ETCDEncryptionKeyVerifier) AfterCompleted ¶ added in v1.68.0

func (v *ETCDEncryptionKeyVerifier) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*ETCDEncryptionKeyVerifier) AfterPrepared ¶ added in v1.68.0

func (v *ETCDEncryptionKeyVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*ETCDEncryptionKeyVerifier) Before ¶ added in v1.68.0

func (v *ETCDEncryptionKeyVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*ETCDEncryptionKeyVerifier) ExpectCompletingStatus ¶ added in v1.68.0

func (v *ETCDEncryptionKeyVerifier) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*ETCDEncryptionKeyVerifier) ExpectPreparingStatus ¶ added in v1.68.0

func (v *ETCDEncryptionKeyVerifier) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type SecretConfigNamesToSecrets ¶

type SecretConfigNamesToSecrets map[string][]corev1.Secret

SecretConfigNamesToSecrets is a map for secret config names to a list of corev1.Secret objects.

func GroupByName ¶

func GroupByName(allSecrets []corev1.Secret) SecretConfigNamesToSecrets

GroupByName groups all secrets by name.

type SecretEncryptionVerifier ¶ added in v1.68.0

type SecretEncryptionVerifier struct {
	NewTargetClientFunc func() (kubernetes.Interface, error)
}

SecretEncryptionVerifier creates and reads secrets in the cluster to verify correct configuration of etcd encryption.

func (*SecretEncryptionVerifier) AfterCompleted ¶ added in v1.68.0

func (v *SecretEncryptionVerifier) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*SecretEncryptionVerifier) AfterPrepared ¶ added in v1.68.0

func (v *SecretEncryptionVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*SecretEncryptionVerifier) Before ¶ added in v1.68.0

func (v *SecretEncryptionVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*SecretEncryptionVerifier) ExpectCompletingStatus ¶ added in v1.68.0

func (v *SecretEncryptionVerifier) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*SecretEncryptionVerifier) ExpectPreparingStatus ¶ added in v1.68.0

func (v *SecretEncryptionVerifier) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type ServiceAccountKeyVerifier ¶ added in v1.68.0

type ServiceAccountKeyVerifier struct {
	RuntimeClient                client.Client
	Namespace                    string
	SecretsManagerLabelSelector  client.MatchingLabels
	GetServiceAccountKeyRotation func() *gardencorev1beta1.ServiceAccountKeyRotation
	// contains filtered or unexported fields
}

ServiceAccountKeyVerifier verifies the service account key rotation.

func (*ServiceAccountKeyVerifier) AfterCompleted ¶ added in v1.68.0

func (v *ServiceAccountKeyVerifier) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*ServiceAccountKeyVerifier) AfterPrepared ¶ added in v1.68.0

func (v *ServiceAccountKeyVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*ServiceAccountKeyVerifier) Before ¶ added in v1.68.0

func (v *ServiceAccountKeyVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*ServiceAccountKeyVerifier) ExpectCompletingStatus ¶ added in v1.68.0

func (v *ServiceAccountKeyVerifier) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*ServiceAccountKeyVerifier) ExpectPreparingStatus ¶ added in v1.68.0

func (v *ServiceAccountKeyVerifier) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type Verifier ¶

type Verifier interface {
	// Before is called before the rotation is started.
	Before(ctx context.Context)
	// ExpectPreparingStatus is called while waiting for the Preparing status.
	ExpectPreparingStatus(g Gomega)
	// AfterPrepared is called when the Shoot is in Prepared status.
	AfterPrepared(ctx context.Context)
	// ExpectCompletingStatus is called while waiting for the Completing status.
	ExpectCompletingStatus(g Gomega)
	// AfterCompleted is called when the Shoot is in Completed status.
	AfterCompleted(ctx context.Context)
}

Verifier does some assertions in different phases of the credentials rotation test.

type Verifiers ¶

type Verifiers []Verifier

Verifiers combines multiple Verifier instances and calls them sequentially

func (Verifiers) AfterCompleted ¶

func (v Verifiers) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (Verifiers) AfterPrepared ¶

func (v Verifiers) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (Verifiers) Before ¶

func (v Verifiers) Before(ctx context.Context)

Before is called before the rotation is started.

func (Verifiers) Cleanup ¶

func (v Verifiers) Cleanup(ctx context.Context)

Cleanup is passed to ginkgo.DeferCleanup.

func (Verifiers) ExpectCompletingStatus ¶

func (v Verifiers) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (Verifiers) ExpectPreparingStatus ¶

func (v Verifiers) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL