Documentation ¶
Overview ¶
Package cluster contains utility functions used to operate on cluster resources.
This includes getting cluster domain, operator namespace and CSV, defining different GVK being used in the project, config metadata on reousrces, managing reousrces like rolebinding, secret and configmap.
Index ¶
- func ApplyMetaOptions(obj metav1.Object, opts ...MetaOptions) error
- func CreateNamespace(ctx context.Context, cli client.Client, namespace string, ...) (*corev1.Namespace, error)
- func CreateOrUpdateClusterRole(ctx context.Context, cli client.Client, name string, rules []rbacv1.PolicyRule, ...) (*rbacv1.ClusterRole, error)
- func CreateOrUpdateClusterRoleBinding(ctx context.Context, cli client.Client, name string, subjects []rbacv1.Subject, ...) (*rbacv1.ClusterRoleBinding, error)
- func CreateOrUpdateConfigMap(ctx context.Context, c client.Client, desiredCfgMap *corev1.ConfigMap, ...) error
- func CreateSecret(ctx context.Context, cli client.Client, name, namespace string, ...) error
- func CreateSelfSignedCertificate(ctx context.Context, c client.Client, secretName, domain, namespace string, ...) error
- func CreateWithRetry(ctx context.Context, cli client.Client, obj client.Object, timeoutMin int) error
- func DeleteClusterRole(ctx context.Context, cli client.Client, name string) error
- func DeleteClusterRoleBinding(ctx context.Context, cli client.Client, name string) error
- func DeleteExistingSubscription(ctx context.Context, cli client.Client, operatorNs string, subsName string) error
- func ExecuteOnAllNamespaces(ctx context.Context, cli client.Client, ...) error
- func FindAvailableIngressController(ctx context.Context, c client.Client) (*operatorv1.IngressController, error)
- func GenerateSelfSignedCertificateAsSecret(name, addr, namespace string) (*corev1.Secret, error)
- func GetClusterServiceVersion(ctx context.Context, c client.Client, namespace string) (*ofapiv1alpha1.ClusterServiceVersion, error)
- func GetDefaultIngressCertSecretName(ingressCtrl *operatorv1.IngressController) string
- func GetDomain(ctx context.Context, c client.Client) (string, error)
- func GetOperatorNamespace() (string, error)
- func GetSecret(ctx context.Context, c client.Client, namespace, name string) (*corev1.Secret, error)
- func GetSubscription(ctx context.Context, cli client.Client, namespace string, name string) (*v1alpha1.Subscription, error)
- func IsNotReservedNamespace(ns *corev1.Namespace) bool
- func OperatorExists(ctx context.Context, cli client.Client, operatorPrefix string) (bool, error)
- func PropagateDefaultIngressCertificate(ctx context.Context, c client.Client, secretName, namespace string) error
- func SubscriptionExists(ctx context.Context, cli client.Client, name string) (bool, error)
- func UpdatePodSecurityRolebinding(ctx context.Context, cli client.Client, namespace string, ...) error
- func WaitForDeploymentAvailable(ctx context.Context, c client.Client, componentName string, namespace string, ...) error
- type MetaOptions
- type Platform
- type Release
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ApplyMetaOptions ¶ added in v2.10.0
func ApplyMetaOptions(obj metav1.Object, opts ...MetaOptions) error
func CreateNamespace ¶
func CreateNamespace(ctx context.Context, cli client.Client, namespace string, metaOptions ...MetaOptions) (*corev1.Namespace, error)
CreateNamespace creates a namespace and apply metadata. If a namespace already exists, the operation has no effect on it.
func CreateOrUpdateClusterRole ¶ added in v2.15.0
func CreateOrUpdateClusterRole(ctx context.Context, cli client.Client, name string, rules []rbacv1.PolicyRule, metaOptions ...MetaOptions) (*rbacv1.ClusterRole, error)
CreateOrUpdateClusterRole creates cluster role based on define PolicyRules and optional metadata fields and updates the rules if it already exists.
func CreateOrUpdateClusterRoleBinding ¶ added in v2.15.0
func CreateOrUpdateClusterRoleBinding(ctx context.Context, cli client.Client, name string, subjects []rbacv1.Subject, roleRef rbacv1.RoleRef, metaOptions ...MetaOptions) (*rbacv1.ClusterRoleBinding, error)
CreateOrUpdateClusterRoleBinding creates cluster role bindings based on define PolicyRules and optional metadata fields and updates the bindings if it already exists.
func CreateOrUpdateConfigMap ¶ added in v2.10.1
func CreateOrUpdateConfigMap(ctx context.Context, c client.Client, desiredCfgMap *corev1.ConfigMap, metaOptions ...MetaOptions) error
CreateOrUpdateConfigMap creates a new configmap or updates an existing one. If the configmap already exists, it will be updated with the merged Data and MetaOptions, if any. ConfigMap.ObjectMeta.Name and ConfigMap.ObjectMeta.Namespace are both required, it returns an error otherwise.
func CreateSecret ¶
func CreateSecret(ctx context.Context, cli client.Client, name, namespace string, metaOptions ...MetaOptions) error
CreateSecret creates secrets required by dashboard component in downstream.
func CreateSelfSignedCertificate ¶ added in v2.14.0
func CreateWithRetry ¶ added in v2.12.0
func DeleteClusterRole ¶ added in v2.15.0
DeleteClusterRole simply calls delete on a ClusterRole with the given name. Any error is returned. Check for IsNotFound.
func DeleteClusterRoleBinding ¶ added in v2.15.0
DeleteClusterRoleBinding simply calls delete on a ClusterRoleBinding with the given name. Any error is returned. Check for IsNotFound.
func DeleteExistingSubscription ¶ added in v2.13.0
func DeleteExistingSubscription(ctx context.Context, cli client.Client, operatorNs string, subsName string) error
DeleteExistingSubscription deletes given Subscription if it exists Do not error if the Subscription does not exist.
func ExecuteOnAllNamespaces ¶ added in v2.15.0
func ExecuteOnAllNamespaces(ctx context.Context, cli client.Client, processFunc func(*corev1.Namespace) error) error
ExecuteOnAllNamespaces executes the passed function for all namespaces in the cluster retrieved in batches.
func FindAvailableIngressController ¶ added in v2.14.0
func FindAvailableIngressController(ctx context.Context, c client.Client) (*operatorv1.IngressController, error)
func GenerateSelfSignedCertificateAsSecret ¶ added in v2.14.0
func GetClusterServiceVersion ¶ added in v2.10.0
func GetClusterServiceVersion(ctx context.Context, c client.Client, namespace string) (*ofapiv1alpha1.ClusterServiceVersion, error)
GetClusterServiceVersion retries CSV only from the defined namespace.
func GetDefaultIngressCertSecretName ¶ added in v2.14.0
func GetDefaultIngressCertSecretName(ingressCtrl *operatorv1.IngressController) string
func GetOperatorNamespace ¶ added in v2.10.0
func GetSubscription ¶ added in v2.13.0
func GetSubscription(ctx context.Context, cli client.Client, namespace string, name string) (*v1alpha1.Subscription, error)
GetSubscription checks if a Subscription for the operator exists in the given namespace. if exists, return object; otherwise, return error.
func IsNotReservedNamespace ¶ added in v2.15.0
func OperatorExists ¶ added in v2.13.0
OperatorExists checks if an Operator with 'operatorPrefix' is installed. Return true if found it, false if not. if we need to check exact version of the operator installed, can append vX.Y.Z later.
func PropagateDefaultIngressCertificate ¶ added in v2.14.0
func PropagateDefaultIngressCertificate(ctx context.Context, c client.Client, secretName, namespace string) error
PropagateDefaultIngressCertificate copies ingress cert secrets from openshift-ingress ns to given namespace.
func SubscriptionExists ¶ added in v2.13.0
func UpdatePodSecurityRolebinding ¶
func UpdatePodSecurityRolebinding(ctx context.Context, cli client.Client, namespace string, serviceAccountsList ...string) error
UpdatePodSecurityRolebinding update default rolebinding which is created in applications namespace by manifests being used by different components and SRE monitoring.
func WaitForDeploymentAvailable ¶ added in v2.12.0
func WaitForDeploymentAvailable(ctx context.Context, c client.Client, componentName string, namespace string, interval int, timeout int) error
WaitForDeploymentAvailable to check if component deployment from 'namespace' is ready within 'timeout' before apply prometheus rules for the component.
Types ¶
type MetaOptions ¶ added in v2.7.0
MetaOptions allows to add additional settings for the object being created through a chain of functions which are applied on metav1.Object before actual resource creation.
func InNamespace ¶ added in v2.14.0
func InNamespace(ns string) MetaOptions
func OwnedBy ¶ added in v2.11.0
func OwnedBy(owner metav1.Object, scheme *runtime.Scheme) MetaOptions
OwnedBy sets the owner reference for the object being created. It requires scheme to be passed as TypeMeta might not be set for the owning object, see: https://github.com/kubernetes-sigs/controller-runtime/issues/1517
func WithAnnotations ¶ added in v2.14.0
func WithAnnotations(annotationKeyValue ...string) MetaOptions
func WithLabels ¶ added in v2.7.0
func WithLabels(labels ...string) MetaOptions
func WithOwnerReference ¶ added in v2.10.0
func WithOwnerReference(ownerReferences ...metav1.OwnerReference) MetaOptions
type Platform ¶ added in v2.12.0
type Platform string
const ( // ManagedRhods defines expected addon catalogsource. ManagedRhods Platform = "OpenShift AI Cloud Service" // SelfManagedRhods defines display name in csv. SelfManagedRhods Platform = "OpenShift AI Self-Managed" // OpenDataHub defines display name in csv. OpenDataHub Platform = "Open Data Hub" // Unknown indicates that operator is not deployed using OLM. Unknown Platform = "" // DefaultNotebooksNamespace defines default namespace for notebooks. DefaultNotebooksNamespace = "rhods-notebooks" )
type Release ¶ added in v2.13.0
type Release struct { Name Platform `json:"name,omitempty"` Version version.OperatorVersion `json:"version,omitempty"` }
Release includes information on operator version and platform +kubebuilder:object:generate=true
func GetRelease ¶ added in v2.13.0
func (*Release) DeepCopy ¶ added in v2.13.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Release.
func (*Release) DeepCopyInto ¶ added in v2.13.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.