drivers

package
v0.0.0-...-9a44da8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 18, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// SecretsProviderAPI is the endpoint for fetching secrets from plugins
	SecretsProviderAPI = "/SecretProvider.GetSecret"

	// SecretsProviderCapability is the secrets provider plugin capability identification
	SecretsProviderCapability = "secretprovider"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type DriverProvider

type DriverProvider struct {
	// contains filtered or unexported fields
}

DriverProvider provides external drivers

func New

func New(pluginGetter plugingetter.PluginGetter) *DriverProvider

New returns a new driver provider

func (*DriverProvider) NewSecretDriver

func (m *DriverProvider) NewSecretDriver(driver *api.Driver) (*SecretDriver, error)

NewSecretDriver creates a new driver for fetching secrets

type EndpointSpec

type EndpointSpec struct {
	Mode  int32        `json:",omitempty"`
	Ports []PortConfig `json:",omitempty"`
}

EndpointSpec represents the spec of an endpoint.

type PortConfig

type PortConfig struct {
	Name     string `json:",omitempty"`
	Protocol int32  `json:",omitempty"`
	// TargetPort is the port inside the container
	TargetPort uint32 `json:",omitempty"`
	// PublishedPort is the port on the swarm hosts
	PublishedPort uint32 `json:",omitempty"`
	// PublishMode is the mode in which port is published
	PublishMode int32 `json:",omitempty"`
}

PortConfig represents the config of a port.

type SecretDriver

type SecretDriver struct {
	// contains filtered or unexported fields
}

SecretDriver provides secrets from different stores

func NewSecretDriver

func NewSecretDriver(plugin plugingetter.CompatPlugin) *SecretDriver

NewSecretDriver creates a new driver that provides third party secrets

func (*SecretDriver) Get

func (d *SecretDriver) Get(spec *api.SecretSpec, task *api.Task) ([]byte, bool, error)

Get gets a secret from the secret provider. The function returns: the secret value; a bool indicating whether the value should be reused across different tasks (defaults to false); and an error if either the spec or task are nil, if calling the driver returns an error, or if the driver returns an error in the payload.

type SecretsProviderRequest

type SecretsProviderRequest struct {
	SecretName          string            `json:",omitempty"` // SecretName is the name of the secret to request from the plugin
	SecretLabels        map[string]string `json:",omitempty"` // SecretLabels capture environment names and other metadata pertaining to the secret
	ServiceHostname     string            `json:",omitempty"` // ServiceHostname is the hostname of the service, can be used for x509 certificate
	ServiceID           string            `json:",omitempty"` // ServiceID is the name of the service that requested the secret
	ServiceName         string            `json:",omitempty"` // ServiceName is the name of the service that requested the secret
	ServiceLabels       map[string]string `json:",omitempty"` // ServiceLabels capture environment names and other metadata pertaining to the service
	TaskID              string            `json:",omitempty"` // TaskID is the ID of the task that the secret will be assigned to
	TaskName            string            `json:",omitempty"` // TaskName is the name of the task that the secret will be assigned to
	TaskImage           string            `json:",omitempty"` // TaskName is the image of the task that the secret will be assigned to
	NodeID              string            `json:",omitempty"` // NodeID is the ID of the node that the task will be executed on
	ServiceEndpointSpec *EndpointSpec     `json:",omitempty"` // ServiceEndpointSpec holds the specification for endpoints
}

SecretsProviderRequest is the secrets provider request.

type SecretsProviderResponse

type SecretsProviderResponse struct {
	Value []byte `json:",omitempty"` // Value is the value of the secret
	Err   string `json:",omitempty"` // Err is the error response of the plugin

	// DoNotReuse indicates that the secret returned from this request should
	// only be used for one task, and any further tasks should call the secret
	// driver again.
	DoNotReuse bool `json:",omitempty"`
}

SecretsProviderResponse is the secrets provider response.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL