secrets

package

v1.11.0 Latest Latest Go to latest Published: Mar 31, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nginxinc/kubernetes-ingress

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func IsSupportedSecretType(secretType api_v1.SecretType) bool
func ValidateCASecret(secret *api_v1.Secret) error
func ValidateJWKSecret(secret *api_v1.Secret) error
func ValidateOIDCSecret(secret *api_v1.Secret) error
func ValidateSecret(secret *api_v1.Secret) error
func ValidateTLSSecret(secret *api_v1.Secret) error
type FakeSecretStore
type LocalSecretStore
- func NewLocalSecretStore(manager SecretFileManager) *LocalSecretStore
type SecretFileManager
type SecretReference
type SecretStore
- func NewFakeSecretsStore(secrets map[string]*SecretReference) SecretStore

Constants ¶

View Source

const CAKey = "ca.crt"

CAKey is the key of the data field of a Secret where the certificate authority must be stored.

View Source

const ClientSecretKey = "client-secret"

ClientSecretKey is the key of the data field of a Secret where the OIDC client secret must be stored.

View Source

const JWTKeyKey = "jwk"

JWTKeyKey is the key of the data field of a Secret where the JWK must be stored.

View Source

const SecretTypeCA api_v1.SecretType = "nginx.org/ca"

SecretTypeCA contains a certificate authority for TLS certificate verification.

View Source

const SecretTypeJWK api_v1.SecretType = "nginx.org/jwk"

SecretTypeJWK contains a JWK (JSON Web Key) for validating JWTs (JSON Web Tokens).

View Source

const SecretTypeOIDC api_v1.SecretType = "nginx.org/oidc"

SecretTypeOIDC contains an OIDC client secret for use in oauth flows.

Variables ¶

This section is empty.

Functions ¶

func IsSupportedSecretType ¶

func IsSupportedSecretType(secretType api_v1.SecretType) bool

IsSupportedSecretType checks if the secret type is supported.

func ValidateCASecret ¶

func ValidateCASecret(secret *api_v1.Secret) error

ValidateCASecret validates the secret. If it is valid, the function returns nil.

func ValidateJWKSecret ¶

func ValidateJWKSecret(secret *api_v1.Secret) error

ValidateJWKSecret validates the secret. If it is valid, the function returns nil.

func ValidateOIDCSecret ¶

func ValidateOIDCSecret(secret *api_v1.Secret) error

ValidateOIDCSecret validates the secret. If it is valid, the function returns nil.

func ValidateSecret ¶

func ValidateSecret(secret *api_v1.Secret) error

ValidateSecret validates the secret. If it is valid, the function returns nil.

func ValidateTLSSecret ¶

func ValidateTLSSecret(secret *api_v1.Secret) error

ValidateTLSSecret validates the secret. If it is valid, the function returns nil.

Types ¶

type FakeSecretStore ¶

type FakeSecretStore struct {
	// contains filtered or unexported fields
}

FakeSecretStore is a fake implementation of SecretStore.

func (*FakeSecretStore) AddOrUpdateSecret ¶

func (s *FakeSecretStore) AddOrUpdateSecret(secret *api_v1.Secret)

AddOrUpdateSecret is a fake implementation of AddOrUpdateSecret.

func (*FakeSecretStore) DeleteSecret ¶

func (s *FakeSecretStore) DeleteSecret(key string)

DeleteSecret is a fake implementation of DeleteSecret.

func (*FakeSecretStore) GetSecret ¶

func (s *FakeSecretStore) GetSecret(key string) *SecretReference

GetSecret is a fake implementation of GetSecret.

type LocalSecretStore ¶

type LocalSecretStore struct {
	// contains filtered or unexported fields
}

LocalSecretStore implements SecretStore interface. It validates the secrets and manages them on the file system (via SecretFileManager).

func NewLocalSecretStore ¶

func NewLocalSecretStore(manager SecretFileManager) *LocalSecretStore

NewLocalSecretStore creates a new LocalSecretStore.

func (*LocalSecretStore) AddOrUpdateSecret ¶

func (s *LocalSecretStore) AddOrUpdateSecret(secret *api_v1.Secret)

AddOrUpdateSecret adds or updates a secret. The secret will only be updated on the file system if it is valid and if it is already on the file system. If the secret becomes invalid, it will be removed from the filesystem.

func (*LocalSecretStore) DeleteSecret ¶

func (s *LocalSecretStore) DeleteSecret(key string)

DeleteSecret deletes a secret.

func (*LocalSecretStore) GetSecret ¶

func (s *LocalSecretStore) GetSecret(key string) *SecretReference

GetSecret returns a SecretReference. If the secret doesn't exist, is of an unsupported type, or invalid, the Error field will include an error. If the secret is valid but isn't present on the file system, the secret will be written to the file system.

type SecretFileManager ¶

type SecretFileManager interface {
	AddOrUpdateSecret(secret *api_v1.Secret) string
	DeleteSecret(key string)
}

SecretFileManager manages secrets on the file system.

type SecretReference ¶

type SecretReference struct {
	Secret *api_v1.Secret
	Path   string
	Error  error
}

SecretReference holds a reference to a secret stored on the file system.

type SecretStore ¶

type SecretStore interface {
	AddOrUpdateSecret(secret *api_v1.Secret)
	DeleteSecret(key string)
	GetSecret(key string) *SecretReference
}

SecretStore stores secrets that the Ingress Controller uses.

func NewFakeSecretsStore ¶

func NewFakeSecretsStore(secrets map[string]*SecretReference) SecretStore

NewFakeSecretsStore creates a new FakeSecretStore.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL