Documentation
¶
Overview ¶
Package vault is a secret client to save cluster info to vault
Index ¶
- Constants
- func ErrorRoleNameNotFound(name string) error
- func NewVaultClient(ctx context.Context, cfg *configs.Config, k8sClient client.Client) (secretclient.SecretClient, error)
- type InitOpt
- type KubernetesClient
- type SyncAuthResult
- type SyncResult
- type SyncSecretResult
- type VaultClient
- func (vc *VaultClient) CleanCluster(ctx context.Context, cluster, lastCluster *nautescrd.Cluster, _ *SyncResult) error
- func (vc *VaultClient) Delete(ctx context.Context, cluster *nautescrd.Cluster) error
- func (vc *VaultClient) GetKubeConfig(_ context.Context, cluster *v1alpha1.Cluster) (string, error)
- func (vc *VaultClient) Logout()
- func (vc *VaultClient) Sync(ctx context.Context, cluster, lastCluster *nautescrd.Cluster) (*secretclient.SyncResult, error)
- func (vc *VaultClient) SyncCluster(ctx context.Context, cluster, lastCluster *nautescrd.Cluster) (*SyncResult, error)
- func (vc *VaultClient) SyncSecret(cluster, lastCluster *nautescrd.Cluster) (*SyncSecretResult, error)
- type VaultStatus
Constants ¶
View Source
const ( RoleNameKeyArgo = "Argo" RoleNameKeyRuntime = "Runtime" AuthPathFormat = "auth/%s/config" SecretPathFormat = "kubernetes/%s/default/admin" //nolint:gosec )
View Source
const (
ContextKeyConfig nautesctx.ContextKey = "vault.client.config"
)
View Source
const (
EnvVaultProxyClientKeypairPath = "VAULT_PROXY_CLIENT_KEYPAIR_PATH"
)
Variables ¶
This section is empty.
Functions ¶
func ErrorRoleNameNotFound ¶
func NewVaultClient ¶
func NewVaultClient(ctx context.Context, cfg *configs.Config, k8sClient client.Client) (secretclient.SecretClient, error)
Types ¶
type InitOpt ¶
type InitOpt func(vs *VaultClient) error
type KubernetesClient ¶
type KubernetesClient interface {
GetCluster(ctx context.Context, name, namespace string) (*v1alpha1.Cluster, error)
GetServiceAccount(ctx context.Context, name, namespace string) (*v1.ServiceAccount, error)
GetSecret(ctx context.Context, name, namespace string) (*v1.Secret, error)
ListStatefulSets(ctx context.Context, namespace string, opts metav1.ListOptions) (*appsv1.StatefulSetList, error)
}
func NewK8SClient ¶
func NewK8SClient(kubeconfig string) (KubernetesClient, error)
type SyncAuthResult ¶
type SyncAuthResult struct {
}
type SyncResult ¶
type SyncResult struct {
Secret *SyncSecretResult
Auth *SyncAuthResult
Error error
}
type SyncSecretResult ¶
type SyncSecretResult struct {
SecretVersion int
}
type VaultClient ¶
type VaultClient struct {
Vault *vault.Client
VaultProxy vaultproxyv1.SecretHTTPClient
VaultAuth vaultproxyv1.AuthHTTPClient
VaultAuthGrant vaultproxyv1.AuthGrantHTTPClient
TenantAuthName string
Configs *configs.Config
Client client.Client
GetKubeClient kubeClientFactory
// contains filtered or unexported fields
}
func NewVaultClientWithOpts ¶
func (*VaultClient) CleanCluster ¶
func (vc *VaultClient) CleanCluster(ctx context.Context, cluster, lastCluster *nautescrd.Cluster, _ *SyncResult) error
func (*VaultClient) GetKubeConfig ¶
func (*VaultClient) Logout ¶
func (vc *VaultClient) Logout()
func (*VaultClient) Sync ¶
func (vc *VaultClient) Sync(ctx context.Context, cluster, lastCluster *nautescrd.Cluster) (*secretclient.SyncResult, error)
func (*VaultClient) SyncCluster ¶
func (vc *VaultClient) SyncCluster(ctx context.Context, cluster, lastCluster *nautescrd.Cluster) (*SyncResult, error)
func (*VaultClient) SyncSecret ¶
func (vc *VaultClient) SyncSecret(cluster, lastCluster *nautescrd.Cluster) (*SyncSecretResult, error)
type VaultStatus ¶
Source Files
Click to show internal directories.
Click to hide internal directories.