Documentation
¶
Index ¶
- Constants
- func AddServiceAccountAsProjectMember(ctx context.Context, c client.Client, project *gardencorev1beta1.Project, ...) error
- func CreateOrUpdateDiscardResult(ctx context.Context, cs *ClientSet, obj client.Object, ...) error
- func GetProjectByNamespace(ctx context.Context, c client.Client, namespace string) (*gardencorev1beta1.Project, error)
- func IsMember(members []gardencorev1beta1.ProjectMember, serviceAccount types.NamespacedName) (bool, int)
- func RemoveServiceAccountFromProjectMember(ctx context.Context, c client.Client, project *gardencorev1beta1.Project, ...) error
- type ClientSet
- func NewClientSet(config *rest.Config, client client.Client, kubernetes kubernetes.Interface) *ClientSet
- func NewClientSetForConfig(config *rest.Config, opts client.Options) (*ClientSet, error)
- func NewClientSetFromBytes(kubeconfig []byte, opts client.Options) (*ClientSet, error)
- func NewClientSetFromClusterCredentials(ctx context.Context, cs *ClientSet, ...) (*ClientSet, error)
- func NewClientSetFromGoogleSAKey(ctx context.Context, cfg clientcmdapi.Config, context clientcmdapi.Context, ...) (*ClientSet, error)
- func NewClientSetFromSecret(ctx context.Context, config *rest.Config, secret *corev1.Secret, ...) (*ClientSet, error)
- func NewClientSetFromSecretRef(ctx context.Context, cs *ClientSet, ref *corev1.SecretReference, ...) (*ClientSet, error)
- func NewClientSetFromServiceAccountRef(ctx context.Context, cs *ClientSet, ref *corev1.ObjectReference, ...) (*ClientSet, error)
- func NewClientSetFromShootRef(ctx context.Context, cs *ClientSet, ref *extensionsv1alpha1.ShootRef, ...) (*ClientSet, error)
- func (s *ClientSet) CreateOrUpdateClusterRoleBinding(ctx context.Context, name string, subject rbacv1.Subject, ...) (*rbacv1.ClusterRoleBinding, error)
- func (s *ClientSet) CreateOrUpdateNamespace(ctx context.Context, namespaceName string, labelSet *labels.Set, ...) (*corev1.Namespace, error)
- func (s *ClientSet) CreateOrUpdateRole(ctx context.Context, namespace string, name string, rules []rbacv1.PolicyRule, ...) (*rbacv1.Role, error)
- func (s *ClientSet) CreateOrUpdateRoleBinding(ctx context.Context, namespace string, name string, subject rbacv1.Subject, ...) (*rbacv1.RoleBinding, error)
- func (s *ClientSet) CreateOrUpdateSecretData(ctx context.Context, namespace string, name string, data map[string][]byte, ...) (*corev1.Secret, error)
- func (s *ClientSet) CreateOrUpdateServiceAccount(ctx context.Context, namespace string, name string, labelSet *labels.Set, ...) (*corev1.ServiceAccount, error)
- func (s *ClientSet) DeleteClusterRoleBinding(ctx context.Context, name string) error
- func (s *ClientSet) DeleteNamespace(ctx context.Context, namespaceName string) error
- func (s *ClientSet) DeletePod(ctx context.Context, namespace string, name string) error
- func (s *ClientSet) DeleteRole(ctx context.Context, namespace string, name string) error
- func (s *ClientSet) DeleteRoleBinding(ctx context.Context, namespace string, name string) error
- func (s *ClientSet) DeleteSecret(ctx context.Context, namespace string, name string) error
- func (s *ClientSet) DeleteServiceAccount(ctx context.Context, namespace string, name string) error
- func (s *ClientSet) RequestToken(ctx context.Context, serviceAccount *corev1.ServiceAccount, ...) (string, error)
Constants ¶
View Source
const ( // DataKeyKubeConfig is the key in a secret holding the kubeconfig DataKeyKubeConfig = "kubeconfig" // DataKeyToken is the key in a secret holding the token DataKeyToken = "token" // DataKeyServiceaccountJSON is the key in a secret data holding the google service account key. DataKeyServiceaccountJSON = "serviceaccount.json" )
Variables ¶
This section is empty.
Functions ¶
func AddServiceAccountAsProjectMember ¶
func AddServiceAccountAsProjectMember(ctx context.Context, c client.Client, project *gardencorev1beta1.Project, serviceAccount *corev1.ServiceAccount, roles []string) error
AddServiceAccountAsProjectMember adds the service account as member to the project with the given roles
func GetProjectByNamespace ¶
func GetProjectByNamespace(ctx context.Context, c client.Client, namespace string) (*gardencorev1beta1.Project, error)
GetProjectByNamespace returns the project for the given namespace
func IsMember ¶
func IsMember(members []gardencorev1beta1.ProjectMember, serviceAccount types.NamespacedName) (bool, int)
IsMember returns true together with the index in case the passed service account NamespacedName is contained in the ProjectMember list
func RemoveServiceAccountFromProjectMember ¶
func RemoveServiceAccountFromProjectMember(ctx context.Context, c client.Client, project *gardencorev1beta1.Project, serviceAccount types.NamespacedName) error
RemoveServiceAccountFromProjectMember removes the service account from the members of the project
Types ¶
type ClientSet ¶
type ClientSet struct {
// contains the configuration for the respective Kubernetes cluster
*rest.Config
// default controller-runtime client for the built-in Kubernetes API groups and the Garden API group
client.Client
// Kubernetes client containing all REST clients for the built-in Kubernetes API groups
Kubernetes kubernetes.Interface
}
ClientSet is a struct containing the configuration for the respective Kubernetes cluster, the collection of Kubernetes clients <ClientSet> containing all REST clients for the built-in Kubernetes API groups, and the Garden which is a REST clientSet for the Garden API group.
func NewClientSet ¶
func NewClientSetForConfig ¶
NewClientSetForConfig returns a new controller ClientSet struct from a config.
func NewClientSetFromBytes ¶
NewClientSetFromBytes creates a new controller ClientSet struct for a given kubeconfig byte slice.
func NewClientSetFromGoogleSAKey ¶
func NewClientSetFromGoogleSAKey(ctx context.Context, cfg clientcmdapi.Config, context clientcmdapi.Context, gsaKey []byte, opts client.Options) (*ClientSet, error)
NewClientSetFromGoogleSAKey creates a new controller ClientSet struct for a given google service account key and client config.
func NewClientSetFromSecret ¶
func NewClientSetFromSecret(ctx context.Context, config *rest.Config, secret *corev1.Secret, opts client.Options) (*ClientSet, error)
NewClientSetFromSecret creates a new controller ClientSet struct for a given secret. Client is created either from "kubeconfig" (and in case of gcp from "serviceaccount.json") or "token" and "ca.crt" data keys
func NewClientSetFromSecretRef ¶
func NewClientSetFromSecretRef(ctx context.Context, cs *ClientSet, ref *corev1.SecretReference, scheme *runtime.Scheme) (*ClientSet, error)
NewClientSetFromSecretRef creates a new controller ClientSet struct for a given SecretReference.
func (*ClientSet) CreateOrUpdateClusterRoleBinding ¶
func (*ClientSet) CreateOrUpdateNamespace ¶
func (*ClientSet) CreateOrUpdateRole ¶
func (*ClientSet) CreateOrUpdateRoleBinding ¶
func (*ClientSet) CreateOrUpdateSecretData ¶
func (*ClientSet) CreateOrUpdateServiceAccount ¶
func (*ClientSet) DeleteClusterRoleBinding ¶
func (*ClientSet) DeleteNamespace ¶
func (*ClientSet) DeleteRole ¶
func (*ClientSet) DeleteRoleBinding ¶
func (*ClientSet) DeleteSecret ¶
func (*ClientSet) DeleteServiceAccount ¶
func (*ClientSet) RequestToken ¶
func (s *ClientSet) RequestToken(ctx context.Context, serviceAccount *corev1.ServiceAccount, expirationSeconds *int64) (string, error)
RequestToken requests a token using the TokenRequest API for the given service account
Source Files
Click to show internal directories.
Click to hide internal directories.