Documentation ¶
Overview ¶
Package identitymanager provides an interface, and its implementation, to handle the creation and the issue process of an identity for a remote cluster.
Index ¶
- Constants
- type AwsConfig
- type IdentityManager
- func NewCertificateIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, ...) IdentityManager
- func NewIAMIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, ...) IdentityManager
- func NewIAMIdentityReader(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, ...) IdentityManager
- type IdentityProvider
- type IdentityReader
Constants ¶
const (
// APIServerURLSecretKey key used for the api server url inside the secret.
APIServerURLSecretKey = "apiServerUrl"
)
const (
// CertificateAvailableLabel is the label used to identify the secrets containing a certificate.
CertificateAvailableLabel = "discovery.liqo.io/certificate-available"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AwsConfig ¶ added in v0.3.0
type AwsConfig struct { AwsAccessKeyID string AwsSecretAccessKey string AwsRegion string AwsClusterName string }
AwsConfig contains the AWS configuration and access key for the Liqo user and the current EKS cluster.
type IdentityManager ¶
type IdentityManager interface { IdentityReader StoreIdentity(ctx context.Context, remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string, key []byte, remoteProxyURL string, identityResponse *auth.CertificateIdentityResponse) error }
IdentityManager interface provides the methods to manage identities for the remote clusters.
func NewCertificateIdentityManager ¶
func NewCertificateIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, namespaceManager tenantnamespace.Manager) IdentityManager
NewCertificateIdentityManager gets a new certificate identity manager.
func NewIAMIdentityManager ¶ added in v0.3.0
func NewIAMIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, awsConfig *AwsConfig, namespaceManager tenantnamespace.Manager) IdentityManager
NewIAMIdentityManager gets a new identity manager to handle IAM identities.
func NewIAMIdentityReader ¶ added in v0.3.0
func NewIAMIdentityReader(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, awsConfig *AwsConfig, namespaceManager tenantnamespace.Manager) IdentityManager
NewIAMIdentityReader gets a new identity reader to handle IAM identities.
type IdentityProvider ¶ added in v0.3.0
type IdentityProvider interface { GetRemoteCertificate(cluster discoveryv1alpha1.ClusterIdentity, namespace, signingRequest string) (response *responsetypes.SigningRequestResponse, err error) ApproveSigningRequest(cluster discoveryv1alpha1.ClusterIdentity, signingRequest string) (response *responsetypes.SigningRequestResponse, err error) }
IdentityProvider provides the interface to retrieve and approve remote cluster identities.
func NewCertificateIdentityProvider ¶ added in v0.3.0
func NewCertificateIdentityProvider(ctx context.Context, client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, namespaceManager tenantnamespace.Manager) IdentityProvider
NewCertificateIdentityProvider gets a new certificate identity approver.
func NewIAMIdentityProvider ¶ added in v0.3.0
func NewIAMIdentityProvider(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, awsConfig *AwsConfig, namespaceManager tenantnamespace.Manager) IdentityProvider
NewIAMIdentityProvider gets a new identity approver to handle IAM identities.
type IdentityReader ¶ added in v0.3.0
type IdentityReader interface { GetConfig(remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string) (*rest.Config, error) GetConfigFromSecret(secret *corev1.Secret) (*rest.Config, error) GetRemoteTenantNamespace(remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string) (string, error) GetSecretNamespacedName(remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string) (types.NamespacedName, error) }
IdentityReader provides the interface to retrieve the identities for the remote clusters.
func NewCertificateIdentityReader ¶ added in v0.3.0
func NewCertificateIdentityReader(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, namespaceManager tenantnamespace.Manager) IdentityReader
NewCertificateIdentityReader gets a new certificate identity reader.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package fake implements mock Identity interfaces for test purposes.
|
Package fake implements mock Identity interfaces for test purposes. |
Package responsetypes contains utils for methods responses.
|
Package responsetypes contains utils for methods responses. |
Package identitymanagertestutils provides utility funcition for identity manager testing.
|
Package identitymanagertestutils provides utility funcition for identity manager testing. |