Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrSAMissing = errors.New("the serviceAccountName does not exist")
Functions ¶
func GetToken ¶
func GetToken( ctx context.Context, wg *sync.WaitGroup, client *kubernetes.Clientset, serviceAccount types.NamespacedName, refreshConfig TokenRefreshConfig, ) (string, error)
GetToken will use the TokenRequest API to get a token for the service account and return a file path to where the token is stored. A new token will be requested and stored in the file before the token expires. If an unrecoverable error occurs during a token refresh, refreshConfig.OnFailedRefresh is called if it's defined.
Types ¶
type TemplateResolvers ¶
type TemplateResolvers struct {
templaterequest.UnimplementedTemplateResolverServer
DynamicWatcher depclient.DynamicWatcher
// contains filtered or unexported fields
}
func NewTemplateResolvers ¶
func NewTemplateResolvers( ctx context.Context, kubeconfig *rest.Config, tokenRequestingClient *kubernetes.Clientset, appUpdates chan event.GenericEvent, ) (*TemplateResolvers, source.TypedSource[reconcile.Request])
func (*TemplateResolvers) Resolve ¶
func (t *TemplateResolvers) Resolve( ctx context.Context, request *templaterequest.TemplateRequest, ) (*templaterequest.TemplateResponse, error)
type TokenRefreshConfig ¶
type TokenRefreshConfig struct {
// The token lifetime in seconds.
ExpirationSeconds int64
// The minimum refresh minutes before expiration. This must be <= MaxRefreshMins.
MinRefreshMins float64
// The maximum refresh minutes before expiration. This must be >= MinRefreshMins.
MaxRefreshMins float64
// If a token refresh encountered an unrecoverable error, then this is called.
OnFailedRefresh func(error)
}
Source Files
Click to show internal directories.
Click to hide internal directories.