Documentation ¶
Index ¶
- Constants
- Variables
- func BucketExists(projectID string, bucketName string) (bool, error)
- func CheckPermission(perm string, projectID string) (bool, error)
- func CleanupServiceAccountKeys(serviceAccount string, projectID string) error
- func ClusterName(kuber kube.Kuber) (string, error)
- func CreateBucket(projectID string, bucketName string, location string) error
- func CreateKmsKey(keyName string, keyringName string, projectID string) error
- func CreateKmsKeyring(keyringName string, projectID string) error
- func CreateServiceAccountKey(serviceAccount string, projectID string, keyPath string) error
- func DeleteAllObjectsInBucket(bucketName string) error
- func DeleteBucket(bucketName string) error
- func DeleteServiceAccount(serviceAccount string, projectID string, roles []string) error
- func DeleteServiceAccountKey(serviceAccount string, projectID string, key string) error
- func EnableAPIs(projectID string, apis ...string) error
- func FindBucket(bucketName string) bool
- func FindServiceAccount(serviceAccount string, projectID string) bool
- func GetEnabledApis(projectID string) ([]string, error)
- func GetGoogleMachineTypes() []string
- func GetGoogleProjects() ([]string, error)
- func GetGoogleZones(project string) ([]string, error)
- func GetOrCreateServiceAccount(serviceAccount string, projectID string, clusterConfigDir string, ...) (string, error)
- func GetRegionFromZone(zone string) string
- func GetServiceAccountKeys(serviceAccount string, projectID string) ([]string, error)
- func GetSimplifiedClusterName(complexClusterName string) string
- func IsKmsKeyAvailable(keyName string, keyringName string, projectID string) bool
- func IsKmsKeyringAvailable(keyringName string, projectID string) bool
- func Login(serviceAccountKeyPath string, skipLogin bool) error
- func ShortClusterName(kuber kube.Kuber) (string, error)
Constants ¶
const KmsLocation = "global"
KmsLocation indicates the location used by the Google KMS service
Variables ¶
var PROJECT_LIST_HEADER = "PROJECT_ID"
var (
REQUIRED_SERVICE_ACCOUNT_ROLES = []string{"roles/compute.instanceAdmin.v1",
"roles/iam.serviceAccountActor",
"roles/container.clusterAdmin",
"roles/container.admin",
"roles/container.developer",
"roles/storage.objectAdmin",
"roles/editor"}
)
Functions ¶
func BucketExists ¶
BucketExists checks if a Google Storage bucket exists
func CheckPermission ¶
CheckPermission checks permission on the given project
func CleanupServiceAccountKeys ¶
CleanupServiceAccountKeys remove all keys from given service account
func ClusterName ¶
ClusterName gets the cluster name from the current context Note that this just reads the ClusterName from the local kube config, which can be renamed (but is unlikely to happen)
func CreateBucket ¶
CreateBucket creates a new Google Storage bucket
func CreateKmsKey ¶
CreateKmsKey creates a new KMS key in the given keyring
func CreateKmsKeyring ¶
CreateKmsKeyring creates a new KMS keyring
func CreateServiceAccountKey ¶
CreateServiceAccountKey creates a new service account key and downloads into the given file
func DeleteAllObjectsInBucket ¶
DeleteAllObjectsInBucket deletes all objects in a Google Storage bucket
func DeleteBucket ¶
DeleteBucket deletes a Google storage bucket
func DeleteServiceAccount ¶
DeleteServiceAccount deletes a service account and its role bindings
func DeleteServiceAccountKey ¶
DeleteServiceAccountKey deletes a service account key
func EnableAPIs ¶
EnableAPIs enables APIs for the given services
func FindServiceAccount ¶
FindServiceAccount checks if a service account exists
func GetEnabledApis ¶
GetEnabledApis returns which services have the API enabled
func GetGoogleMachineTypes ¶
func GetGoogleMachineTypes() []string
func GetGoogleProjects ¶
func GetGoogleZones ¶
func GetOrCreateServiceAccount ¶
func GetOrCreateServiceAccount(serviceAccount string, projectID string, clusterConfigDir string, roles []string) (string, error)
GetOrCreateServiceAccount retrieves or creates a GCP service account. It will return the path to the file where the service account token is stored
func GetRegionFromZone ¶
GetRegionFromZone parses the region from a GCP zone name
func GetServiceAccountKeys ¶
GetServiceAccountKeys returns all keys of a service account
func GetSimplifiedClusterName ¶
GetSimplifiedClusterName get the simplified cluster name from the long-winded context cluster name that gets generated GKE cluster names as defined in the kube config are of the form gke_<projectname>_<region>_<clustername> This method will return <clustername> in the above
func IsKmsKeyAvailable ¶
IsKmsKeyAvailable checks if the KMS key is already available
func IsKmsKeyringAvailable ¶
IsKmsKeyringAvailable checks if the KMS keyring is already available
func Login ¶
Login login an user into Google account. It skips the interactive login using the browser when the skipLogin flag is active
func ShortClusterName ¶
ShortClusterName returns a short clusters name. Eg, if ClusterName would return tweetypie-jenkinsx-dev, ShortClusterName would return tweetypie. This is needed because GCP has character limits on things like service accounts (6-30 chars) and combining a long cluster name and a long vault name exceeds this limit
Types ¶
This section is empty.