utils

package

v0.11.0-rc.3 Latest Latest Go to latest Published: Jul 2, 2024 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/liqotech/liqo

Documentation ¶

Overview ¶

Package utils contains utility functions for the authentication module.

Index ¶

func EnsureNonceSecret(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID, ...) error
func EnsureSignedNonceSecret(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID, ...) error
func GenerateIdentityControlPlane(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID, ...) (*authv1alpha1.Identity, error)
func GenerateTenant(ctx context.Context, cl client.Client, localClusterID liqov1alpha1.ClusterID, ...) (*authv1alpha1.Tenant, error)
func RetrieveNonce(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID) ([]byte, error)
func RetrieveSignedNonce(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID) ([]byte, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func EnsureNonceSecret ¶

func EnsureNonceSecret(ctx context.Context, cl client.Client,
	remoteClusterID liqov1alpha1.ClusterID, tenantNamespace string) error

EnsureNonceSecret ensures that a nonce secret exists in the tenant namespace.

func EnsureSignedNonceSecret ¶

func EnsureSignedNonceSecret(ctx context.Context, cl client.Client,
	remoteClusterID liqov1alpha1.ClusterID, tenantNamespace string, nonce *string) error

EnsureSignedNonceSecret ensures that a signed nonce secret exists in the tenant namespace. If nonce is not provided, get it from the secret in the tenant namespace and raise an error if the secret does not exist. If nonce is provided, create nonce secret in the tenant namespace and wait for it to be signed. Raise an error if there is already a nonce secret in the tenant namespace.

func GenerateIdentityControlPlane ¶

func GenerateIdentityControlPlane(ctx context.Context, cl client.Client,
	remoteClusterID liqov1alpha1.ClusterID, remoteTenantNamespace string,
	localClusterID liqov1alpha1.ClusterID) (*authv1alpha1.Identity, error)

GenerateIdentityControlPlane generates an Identity resource of type ControlPlane to be applied on the consumer cluster.

func GenerateTenant ¶

func GenerateTenant(ctx context.Context, cl client.Client,
	localClusterID liqov1alpha1.ClusterID, liqoNamespace string,
	signature []byte, proxyURL *string) (*authv1alpha1.Tenant, error)

GenerateTenant generates a Tenant resource to be applied on a remote cluster. Using the cluster keys it generates a CSR to obtain a ControlPlane Identity from the provider cluster. It needs the local cluster identity to get the authentication keys and the signature of the nonce given by the provider cluster to complete the authentication challenge.

func RetrieveNonce ¶

func RetrieveNonce(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID) ([]byte, error)

RetrieveNonce retrieves the nonce from the secret in the tenant namespace.

func RetrieveSignedNonce ¶

func RetrieveSignedNonce(ctx context.Context, cl client.Client, remoteClusterID liqov1alpha1.ClusterID) ([]byte, error)

RetrieveSignedNonce retrieves the signed nonce from the secret in the tenant namespace.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL