controller

package
v0.4.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2022 License: MPL-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultPartition is the name of the default Consul partition.
	DefaultPartition = "default"
	// DefaultNamespace is the name of the default Consul namespace.
	DefaultNamespace = "default"
)
View Source 
const DefaultPollingInterval = 10 * time.Second

Variables

This section is empty.

Functions

func IsACLNotFoundError added in v0.4.0 

func IsACLNotFoundError(err error) bool

IsACLNotFoundError returns true if the ACL is not found.

func PartitionsEnabled added in v0.4.0 

func PartitionsEnabled(p string) bool

PartitionsEnabled indicates if support for partitions and namespaces is enabled.

Types

type Controller 

type Controller struct {
	// Resources lists resources for Controller to reconcile.
	Resources ResourceLister
	// PollingInterval is an interval that Controller will use to reconcile all Resources.
	PollingInterval time.Duration
	// Log is the logger used by the Controller.
	Log hclog.Logger
}

Controller is a generic controller implementation. It periodically polls for Resources and reconciles them by calling Resource's Upsert or Delete function accordingly.

func (*Controller) Run 

func (c *Controller) Run(ctx context.Context)

Run starts the Controller loop. The loop will exit when ctx is canceled.

type Resource 

type Resource interface {
	// Namespace indicates the namespace that this resource belongs to [Consul Enterprise].
	// It returns the empty string if namespaces are not enabled.
	Namespace() string

	// Reconcile offers Upsert and Delete functions to reconcile itself with an external state.
	Reconcile() error
}

Resource is a generic type that needs to be reconciled by the Controller.

type ResourceLister 

type ResourceLister interface {
	// List all Resources.
	List() ([]Resource, error)

	// ReconcileNamespaces ensures that all requisite namespaces exist.
	ReconcileNamespaces([]Resource) error
}

ResourceLister is an interface for listing Resources.

type ServiceInfo 

type ServiceInfo struct {
	SecretsManagerClient secretsmanageriface.SecretsManagerAPI
	ConsulClient         *api.Client

	Cluster      string
	SecretPrefix string
	ServiceName  ServiceName
	ServiceState ServiceState

	Log hclog.Logger
}

func (*ServiceInfo) Delete 

func (s *ServiceInfo) Delete() error

Delete removes the service policy and token for the given ServiceInfo.

func (*ServiceInfo) Namespace added in v0.4.0 

func (s *ServiceInfo) Namespace() string

Namespace returns the namespace that the service belongs to. It returns the empty string if namespaces are not enabled.

func (*ServiceInfo) Reconcile 

func (s *ServiceInfo) Reconcile() error

Reconcile inserts or deletes ACL tokens based on their ServiceState.

func (*ServiceInfo) Upsert 

func (s *ServiceInfo) Upsert() error

Upsert creates a service policy and token for the task if one doesn't already exist and updates the secret with the contents of the token.

type ServiceName added in v0.4.0 

type ServiceName struct {
	// Name of the service.
	Name string
	// Partition that the service belongs to (Consul Enterprise).
	Partition string
	// Namespace that the service belongs to (Consul Enterprise).
	Namespace string
	// ACLNamespace defines the namespace that ACL tokens and policies are scoped to (Consul Enterprise).
	ACLNamespace string
}

ServiceName is a type that represents a fully qualified service.

type ServiceState 

type ServiceState struct {
	ConsulECSTasks bool
	ACLTokens      []*api.ACLTokenListEntry
	ACLPolicies    []*api.ACLPolicyListEntry
}

ServiceState contains all of the information needed to determine if an ACL token should be created for a Consul service or if an ACL token should be deleted.

type ServiceStateLister 

type ServiceStateLister struct {
	// ECSClient is the AWS ECS client to be used by the ServiceStateLister.
	ECSClient ecsiface.ECSAPI
	// SecretsManagerClient is the AWS Secrets Manager client to be used by the ServiceStateLister.
	SecretsManagerClient secretsmanageriface.SecretsManagerAPI
	// ConsulClient is the Consul client to be used by the ServiceStateLister.
	ConsulClient *api.Client

	// Cluster is the name or the ARN of the ECS cluster.
	Cluster string
	// SecretPrefix is the prefix to determine names of resources in Consul or AWS.
	SecretPrefix string

	// Partition is the partition that is used by the ServiceStateLister [Consul Enterprise].
	// If partition and namespace support are not enabled then this is set to the empty string.
	Partition string

	// Log is the logger for the ServiceStateLister.
	Log hclog.Logger
}

ServiceStateLister is an implementation of ResourceLister that constructs ServiceInfo

func (ServiceStateLister) List 

func (s ServiceStateLister) List() ([]Resource, error)

List returns a mapping from inferred service names to the ACL tokens, ECS tasks and existence of a Consul service.

func (ServiceStateLister) ReconcileNamespaces added in v0.4.0 

func (s ServiceStateLister) ReconcileNamespaces(resources []Resource) error

ReconcileNamespaces ensures that for every service in the cluster the namespace exists and the cross-partition/cross-namespace read policy exists.

type TokenSecretJSON added in v0.4.0 

type TokenSecretJSON struct {
	AccessorID string `json:"accessor_id"`
	Token      string `json:"token"`
}

TokenSecretJSON is the struct that represents JSON of the token secrets stored in Secrets Manager.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.