Documentation
¶
Index ¶
- Variables
- func WithCustomAzureLoginURL(url string) option
- func WithCustomGCPMetadataServerURL(url string) option
- func WithHttpClient(client *http.Client) option
- func WithNamespace(namespace string) option
- type AWSProvider
- type Auth
- type AzureProvider
- type Credentials
- type GCPProvider
- type GoogleToken
- type Provider
- type ProviderID
- type SecretRef
- type WorkloadIdentity
Constants ¶
This section is empty.
Variables ¶
var ( ErrSecretRefNotSet = errors.New("Auth secret reference not set") ErrAuthSecretValueNotFound = errors.New("Auth secret value not found") )
var (
ErrUnexpectedHost = errors.New("Unexpected host")
)
var (
ErrUnexpectedResponse = errors.New("Unexpected response")
)
Functions ¶
func WithCustomAzureLoginURL ¶
func WithCustomAzureLoginURL(url string) option
func WithCustomGCPMetadataServerURL ¶
func WithCustomGCPMetadataServerURL(url string) option
func WithHttpClient ¶
func WithNamespace ¶
func WithNamespace(namespace string) option
Types ¶
type AWSProvider ¶
AWSProvider is the dedicated provider for accessing AWS services.
func (*AWSProvider) FetchCredentials ¶
func (provider *AWSProvider) FetchCredentials(ctx context.Context) (*Credentials, error)
type Auth ¶
type Auth struct {
SecretRef *SecretRef `json:"secretRef"`
WorkloadIdentity *WorkloadIdentity `json:"workloadIdentity"`
}
Auth contains methods for repository/registry authentication.
type AzureProvider ¶
AzureProvider is the dedicated provider for accessing Azure cloud services.
func (*AzureProvider) FetchCredentials ¶
func (provider *AzureProvider) FetchCredentials(ctx context.Context) (*Credentials, error)
type Credentials ¶
Workload credentials used for cloud provider authentication and accessing cloud provider services.
func ReadCredentials ¶
func ReadCredentials( ctx context.Context, host string, auth Auth, kubeClient kube.Client[unstructured.Unstructured, unstructured.Unstructured], opts ...option, ) (*Credentials, error)
type GCPProvider ¶
GCPProvider is the dedicated provider for accessing Google Cloud services.
func (*GCPProvider) FetchCredentials ¶
func (provider *GCPProvider) FetchCredentials(ctx context.Context) (*Credentials, error)
type GoogleToken ¶
type GoogleToken struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
TokenType string `json:"token_type"`
}
Access token for accessing google services like artifact registry.
type Provider ¶
type Provider interface {
// FetchCredentials uses the configured provider identity and access management approach to receive credentials for accessing cloud provider services, like container registries.
FetchCredentials(context.Context) (*Credentials, error)
}
A Provider is a widely recognized cloud computing platform that provides several services for managing access and hosting containers.
func GetProvider ¶
func GetProvider( providerID ProviderID, host url.URL, httpClient *http.Client, azureLoginURL string, gcpMetadataServerURL string, ) Provider
GetProvider constructs a cloud Provider based on the given identifier or nil if no provider for given identifier could be constructed. Currently supported: gcp, aws, azure
type ProviderID ¶
type ProviderID string
const ( AWS ProviderID = "aws" GCP ProviderID = "gcp" Azure ProviderID = "azure" )
type SecretRef ¶
type SecretRef struct {
Name string `json:"name"`
}
SecretRef is the reference to the secret containing the repository/registry authentication.
type WorkloadIdentity ¶
type WorkloadIdentity struct {
Provider ProviderID `json:"provider"`
}
WorkloadIdentity is a keyless approach used for repository/registry authentication.
Source Files