Versions in this module Expand all Collapse all v1 v1.0.1 Feb 21, 2024 v1.0.0 Feb 21, 2024 Changes in this version + const AWSInitContainerMountPath + const AWSSecretArnEnvVar + const AWSSecretFilenameEnvVar + const AWSSecretsVolumeName + const CaCertKey + const EnvVarGroupKeySeparator + const GCPSecretsVolumeName + const K8sDefaultEnvVarPrefix + const PodNameEnvVar + const PodNamespaceEnvVar + const SecretEnvVarPrefix + const SecretPathDefaultDirEnvVar + const SecretPathFilePrefixEnvVar + const ServerCertKey + const ServerCertPrivateKey + var AWSSecretMountPathPrefix = []string + var GCPSecretMountPath = filepath.Join(string(os.PathSeparator), "etc", "kozmo", "secrets") + var K8sSecretPathPrefix = []string + var VaultSecretPathPrefix = []string + func AppendEnvVars(containers []corev1.Container, envVar corev1.EnvVar) []corev1.Container + func AppendVolume(volumes []corev1.Volume, volume corev1.Volume) []corev1.Volume + func AppendVolumeMounts(containers []corev1.Container, mount corev1.VolumeMount) []corev1.Container + func CreateEnvVarForSecret(secret *core.Secret) corev1.EnvVar + func CreateVaultAnnotationsForSecret(secret *core.Secret, kvversion config.KVVersion) map[string]string + func CreateVolumeForSecret(secret *core.Secret) corev1.Volume + func CreateVolumeMountForSecret(volumeName string, secret *core.Secret) corev1.VolumeMount + func InitCerts(ctx context.Context, propellerCfg *config.Config, cfg *webhookConfig.Config) error + func Run(ctx context.Context, propellerCfg *config.Config, cfg *config2.Config, ...) error + type AWSSecretManagerInjector struct + func NewAWSSecretManagerInjector(cfg config.AWSSecretManagerConfig) AWSSecretManagerInjector + func (i AWSSecretManagerInjector) Inject(ctx context.Context, secret *core.Secret, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + func (i AWSSecretManagerInjector) Type() config.SecretManagerType + type GCPSecretManagerInjector struct + func NewGCPSecretManagerInjector(cfg config.GCPSecretManagerConfig) GCPSecretManagerInjector + func (i GCPSecretManagerInjector) Inject(ctx context.Context, secret *core.Secret, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + func (i GCPSecretManagerInjector) Type() config.SecretManagerType + type GlobalSecretProvider interface + GetForSecret func(ctx context.Context, secret *coreIdl.Secret) (string, error) + type GlobalSecrets struct + func NewGlobalSecrets(provider GlobalSecretProvider) GlobalSecrets + func (g GlobalSecrets) Inject(ctx context.Context, secret *coreIdl.Secret, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + func (g GlobalSecrets) Type() config.SecretManagerType + type K8sSecretInjector struct + func NewK8sSecretsInjector() K8sSecretInjector + func (i K8sSecretInjector) Inject(ctx context.Context, secret *core.Secret, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + func (i K8sSecretInjector) Type() config.SecretManagerType + type Mutator interface + ID func() string + Mutate func(ctx context.Context, p *corev1.Pod) (newP *corev1.Pod, changed bool, err error) + type MutatorConfig struct + Mutator Mutator + Required bool + type PodMutator struct + Mutators []MutatorConfig + func NewPodMutator(cfg *config.Config, scheme *runtime.Scheme, scope promutils.Scope) *PodMutator + func (pm PodMutator) CreateMutationWebhookConfiguration(namespace string) (*admissionregistrationv1.MutatingWebhookConfiguration, error) + func (pm PodMutator) GetMutatePath() string + func (pm PodMutator) Handle(ctx context.Context, request admission.Request) admission.Response + func (pm PodMutator) Mutate(ctx context.Context, p *corev1.Pod) (newP *corev1.Pod, changed bool, err error) + func (pm PodMutator) Register(ctx context.Context, mgr manager.Manager) error + type SecretsInjector interface + Inject func(ctx context.Context, secrets *core.Secret, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + Type func() config.SecretManagerType + type SecretsMutator struct + func NewSecretsMutator(cfg *config.Config, _ promutils.Scope) *SecretsMutator + func (s *SecretsMutator) Mutate(ctx context.Context, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + func (s SecretsMutator) ID() string + type VaultSecretManagerInjector struct + func NewVaultSecretManagerInjector(cfg config.VaultSecretManagerConfig) VaultSecretManagerInjector + func (i VaultSecretManagerInjector) Inject(ctx context.Context, secret *coreIdl.Secret, p *corev1.Pod) (newP *corev1.Pod, injected bool, err error) + func (i VaultSecretManagerInjector) Type() config.SecretManagerType