rotation

package
v1.99.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 16, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AgeSorter 

type AgeSorter []corev1.Secret

AgeSorter implements sort.Interface for a slice of secrets for sorting by age.

func (AgeSorter) Len 

func (x AgeSorter) Len() int

func (AgeSorter) Less 

func (x AgeSorter) Less(i, j int) bool

func (AgeSorter) Swap 

func (x AgeSorter) Swap(i, j int)

type ETCDEncryptionKeyVerifier added in v1.68.0 

type ETCDEncryptionKeyVerifier struct {
	RuntimeClient                client.Client
	Namespace                    string
	SecretsManagerLabelSelector  client.MatchingLabels
	GetETCDEncryptionKeyRotation func() *gardencorev1beta1.ETCDEncryptionKeyRotation

	EncryptionKey  string
	RoleLabelValue string
	// contains filtered or unexported fields
}

ETCDEncryptionKeyVerifier verifies the etcd encryption key rotation.

func (*ETCDEncryptionKeyVerifier) AfterCompleted added in v1.68.0 

func (v *ETCDEncryptionKeyVerifier) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*ETCDEncryptionKeyVerifier) AfterPrepared added in v1.68.0 

func (v *ETCDEncryptionKeyVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*ETCDEncryptionKeyVerifier) Before added in v1.68.0 

func (v *ETCDEncryptionKeyVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*ETCDEncryptionKeyVerifier) ExpectCompletingStatus added in v1.68.0 

func (v *ETCDEncryptionKeyVerifier) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*ETCDEncryptionKeyVerifier) ExpectPreparingStatus added in v1.68.0 

func (v *ETCDEncryptionKeyVerifier) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type EncryptedDataVerifier added in v1.80.0 

type EncryptedDataVerifier struct {
	NewTargetClientFunc func() (kubernetes.Interface, error)
	Resources           []EncryptedResource
}

EncryptedDataVerifier creates and reads encrypted data in the cluster to verify correct configuration of etcd encryption.

func (*EncryptedDataVerifier) AfterCompleted added in v1.80.0 

func (v *EncryptedDataVerifier) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*EncryptedDataVerifier) AfterPrepared added in v1.80.0 

func (v *EncryptedDataVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*EncryptedDataVerifier) Before added in v1.80.0 

func (v *EncryptedDataVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*EncryptedDataVerifier) ExpectCompletingStatus added in v1.80.0 

func (v *EncryptedDataVerifier) ExpectCompletingStatus(_ Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*EncryptedDataVerifier) ExpectPreparingStatus added in v1.80.0 

func (v *EncryptedDataVerifier) ExpectPreparingStatus(_ Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type EncryptedResource added in v1.80.0 

type EncryptedResource struct {
	NewObject    func() client.Object
	NewEmptyList func() client.ObjectList
}

EncryptedResource contains functions for creating objects and empty lists for encrypted resources.

type GardenletKubeconfigRotationVerifier added in v1.80.0 

type GardenletKubeconfigRotationVerifier struct {
	GardenReader client.Reader
	SeedReader   client.Reader
	Seed         *gardencorev1beta1.Seed

	GardenletKubeconfigSecretName      string
	GardenletKubeconfigSecretNamespace string
	// contains filtered or unexported fields
}

GardenletKubeconfigRotationVerifier verifies if a gardenlet kubeconfig rotation was successful

func (*GardenletKubeconfigRotationVerifier) After added in v1.80.0 

func (v *GardenletKubeconfigRotationVerifier) After(parentCtx context.Context, expectPodRestart bool)

After verifies the state after the rotation

func (*GardenletKubeconfigRotationVerifier) Before added in v1.80.0 

func (v *GardenletKubeconfigRotationVerifier) Before(ctx context.Context)

Before saves the status before the rotation

type ObservabilityVerifier added in v1.79.0 

type ObservabilityVerifier struct {
	GetObservabilitySecretFunc func(context.Context) (*corev1.Secret, error)
	GetObservabilityEndpoint   func(*corev1.Secret) string
	GetObservabilityRotation   func() *gardencorev1beta1.ObservabilityRotation
	// contains filtered or unexported fields
}

ObservabilityVerifier verifies the observability credentials rotation.

func (*ObservabilityVerifier) AfterCompleted added in v1.79.0 

func (v *ObservabilityVerifier) AfterCompleted(_ context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*ObservabilityVerifier) AfterPrepared added in v1.79.0 

func (v *ObservabilityVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*ObservabilityVerifier) Before added in v1.79.0 

func (v *ObservabilityVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*ObservabilityVerifier) ExpectCompletingStatus added in v1.79.0 

func (v *ObservabilityVerifier) ExpectCompletingStatus(_ Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*ObservabilityVerifier) ExpectPreparingStatus added in v1.79.0 

func (v *ObservabilityVerifier) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type SecretConfigNamesToSecrets 

type SecretConfigNamesToSecrets map[string][]corev1.Secret

SecretConfigNamesToSecrets is a map for secret config names to a list of corev1.Secret objects.

func GroupByName 

func GroupByName(allSecrets []corev1.Secret) SecretConfigNamesToSecrets

GroupByName groups all secrets by name.

type ServiceAccountKeyVerifier added in v1.68.0 

type ServiceAccountKeyVerifier struct {
	RuntimeClient                client.Client
	Namespace                    string
	SecretsManagerLabelSelector  client.MatchingLabels
	GetServiceAccountKeyRotation func() *gardencorev1beta1.ServiceAccountKeyRotation
	// contains filtered or unexported fields
}

ServiceAccountKeyVerifier verifies the service account key rotation.

func (*ServiceAccountKeyVerifier) AfterCompleted added in v1.68.0 

func (v *ServiceAccountKeyVerifier) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (*ServiceAccountKeyVerifier) AfterPrepared added in v1.68.0 

func (v *ServiceAccountKeyVerifier) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (*ServiceAccountKeyVerifier) Before added in v1.68.0 

func (v *ServiceAccountKeyVerifier) Before(ctx context.Context)

Before is called before the rotation is started.

func (*ServiceAccountKeyVerifier) ExpectCompletingStatus added in v1.68.0 

func (v *ServiceAccountKeyVerifier) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (*ServiceAccountKeyVerifier) ExpectPreparingStatus added in v1.68.0 

func (v *ServiceAccountKeyVerifier) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

type Verifier 

type Verifier interface {
	// Before is called before the rotation is started.
	Before(ctx context.Context)
	// ExpectPreparingStatus is called while waiting for the Preparing status.
	ExpectPreparingStatus(g Gomega)
	// AfterPrepared is called when the Shoot is in Prepared status.
	AfterPrepared(ctx context.Context)
	// ExpectCompletingStatus is called while waiting for the Completing status.
	ExpectCompletingStatus(g Gomega)
	// AfterCompleted is called when the Shoot is in Completed status.
	AfterCompleted(ctx context.Context)
}

Verifier does some assertions in different phases of the credentials rotation test.

type Verifiers 

type Verifiers []Verifier

Verifiers combines multiple Verifier instances and calls them sequentially

func (Verifiers) AfterCompleted 

func (v Verifiers) AfterCompleted(ctx context.Context)

AfterCompleted is called when the Shoot is in Completed status.

func (Verifiers) AfterPrepared 

func (v Verifiers) AfterPrepared(ctx context.Context)

AfterPrepared is called when the Shoot is in Prepared status.

func (Verifiers) Before 

func (v Verifiers) Before(ctx context.Context)

Before is called before the rotation is started.

func (Verifiers) Cleanup 

func (v Verifiers) Cleanup(ctx context.Context)

Cleanup is passed to ginkgo.DeferCleanup.

func (Verifiers) ExpectCompletingStatus 

func (v Verifiers) ExpectCompletingStatus(g Gomega)

ExpectCompletingStatus is called while waiting for the Completing status.

func (Verifiers) ExpectPreparingStatus 

func (v Verifiers) ExpectPreparingStatus(g Gomega)

ExpectPreparingStatus is called while waiting for the Preparing status.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.