azure

package
v0.0.0-...-a836d67 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 4, 2024 License: Apache-2.0 Imports: 36 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	AzureClientID           = "azure_client_id"
	AzureClientSecret       = "azure_client_secret"
	AzureRegion             = "azure_region"
	AzureResourceGroup      = "azure_resourcegroup"
	AzureResourcePrefix     = "azure_resource_prefix"
	AzureSubscriptionID     = "azure_subscription_id"
	AzureTenantID           = "azure_tenant_id"
	AzureFederatedTokenFile = "azure_federated_token_file"
)

Variables

View Source 
var RootSecretKey = client.ObjectKey{Name: constants.AzureCloudCredSecretName, Namespace: constants.CloudCredSecretNamespace}

Functions

func NewAccountsClient 

func NewAccountsClient(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions) (*accountsClient, error)

func NewAppClient 

func NewAppClient(authorizer *msgraphsdk.GraphRequestAdapter) *appClient

func NewBlobContainersClient 

func NewBlobContainersClient(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions) (*blobContainersClient, error)

func NewFederatedIdentityCredentialsClient 

func NewFederatedIdentityCredentialsClient(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions) (*federatedIdentityCredentialsClient, error)

func NewResourceGroupsClient 

func NewResourceGroupsClient(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions) (*resourceGroupsClient, error)

func NewRoleAssignmentsClient 

func NewRoleAssignmentsClient(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions) (*roleAssignmentsClient, error)

func NewRoleDefinitionsClient 

func NewRoleDefinitionsClient(cred azcore.TokenCredential, options *policy.ClientOptions) (*roleDefinitionsClient, error)

func NewUserAssignedIdentitiesClient 

func NewUserAssignedIdentitiesClient(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions) (*userAssignedIdentitiesClient, error)

Types

type AZBlobClient 

type AZBlobClient interface {
	UploadBuffer(ctx context.Context, containerName string, blobName string, buffer []byte, o *blockblob.UploadBufferOptions) (blockblob.UploadBufferResponse, error)
}

func NewAZBlobClientWithSharedKeyCredential 

func NewAZBlobClientWithSharedKeyCredential(blobContainerURL string, sharedKeyCredential *azblob.SharedKeyCredential, options *azblob.ClientOptions) (AZBlobClient, error)

type AccountsClient 

type AccountsClient interface {
	NewListByResourceGroupPager(resourceGroupName string, options *armstorage.AccountsClientListByResourceGroupOptions) *runtime.Pager[armstorage.AccountsClientListByResourceGroupResponse]
	NewListPager(options *armstorage.AccountsClientListOptions) *runtime.Pager[armstorage.AccountsClientListResponse]
	BeginCreate(ctx context.Context, resourceGroupName string, accountName string, parameters armstorage.AccountCreateParameters, options *armstorage.AccountsClientBeginCreateOptions) (*runtime.Poller[armstorage.AccountsClientCreateResponse], error)
	ListKeys(ctx context.Context, resourceGroupName string, accountName string, options *armstorage.AccountsClientListKeysOptions) (armstorage.AccountsClientListKeysResponse, error)
	Delete(ctx context.Context, resourceGroupName string, accountName string, options *armstorage.AccountsClientDeleteOptions) (armstorage.AccountsClientDeleteResponse, error)
	Update(ctx context.Context, resourceGroupName string, accountName string, parameters armstorage.AccountUpdateParameters, options *armstorage.AccountsClientUpdateOptions) (armstorage.AccountsClientUpdateResponse, error)
}

type Actuator 

type Actuator struct {
	// contains filtered or unexported fields
}

Actuator implements the CredentialsRequest Actuator interface to create credentials for Azure.

func NewActuator 

func NewActuator(c, rootCredClient client.Client, cloudName configv1.AzureCloudEnvironment) (*Actuator, error)

func NewFakeActuator 

func NewFakeActuator(c, rootCredClient client.Client,
	credentialMinterBuilder credentialMinterBuilder,
) *Actuator

func (*Actuator) Create 

func (a *Actuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error

func (*Actuator) Delete 

func (a *Actuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error

func (*Actuator) Exists 

func (a *Actuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error)

Checks if the credentials currently exist.

To do this we will check if the target secret exists. This call is only used to determine if we're doing a Create or an Update, but in the context of this acutator it makes no difference. As such we will not check if the SP exists in Azure and is correctly configured as this will all be handled in both Create and Update.

func (*Actuator) GetCredentialsRootSecret 

func (a *Actuator) GetCredentialsRootSecret(ctx context.Context, cr *minterv1.CredentialsRequest) (*corev1.Secret, error)

func (*Actuator) GetCredentialsRootSecretLocation 

func (a *Actuator) GetCredentialsRootSecretLocation() types.NamespacedName

GetCredentialsRootSecretLocation returns the namespace and name where the parent credentials secret is stored.

func (*Actuator) IsTimedTokenCluster 

func (a *Actuator) IsTimedTokenCluster(c client.Client, ctx context.Context, logger log.FieldLogger) (bool, error)

func (*Actuator) Update 

func (a *Actuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error

func (*Actuator) Upgradeable 

func (a *Actuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition

Upgradeable returns a ClusterOperator status condition for the upgradeable type if the system is considered not upgradeable. Otherwise, return nil as the default value is for things to be upgradeable.

type AppClient 

type AppClient interface {
	List(ctx context.Context, filter string) ([]models.Applicationable, error)
	Delete(ctx context.Context, applicationObjectID string) error
}

AppClient is a wrapper object for actual Azure SDK to allow for easier testing.

type AzureClientWrapper 

type AzureClientWrapper struct {
	ResourceGroupsClient               ResourceGroupsClient
	StorageAccountClient               AccountsClient
	BlobContainerClient                BlobContainersClient
	BlobSharedKeyClient                AZBlobClient
	UserAssignedIdentitiesClient       UserAssignedIdentitiesClient
	RoleDefinitionsClient              RoleDefinitionsClient
	RoleAssignmentClient               RoleAssignmentsClient
	FederatedIdentityCredentialsClient FederatedIdentityCredentialsClient
	// Mock field is used to create a PollerWrapper to facilitate testing
	// Azure client operations that return a runtime.Poller
	Mock bool
	// MockStorageClientBeginCreateResp is the AccountsClientCreateResponse
	// that will be returned from mocked StorageAccountClient.BeginCreate
	// operations such as from a PollerWrapper implementing PollUntilDone.
	MockStorageClientBeginCreateResp armstorage.AccountsClientCreateResponse
	// contains filtered or unexported fields
}

func NewAzureClientWrapper 

func NewAzureClientWrapper(subscriptionID string, cred azcore.TokenCredential, options *policy.ClientOptions, mock bool) (*AzureClientWrapper, error)

type AzureCredentialsMinter 

type AzureCredentialsMinter struct {
	// contains filtered or unexported fields
}

func NewAzureCredentialsMinter 

func NewAzureCredentialsMinter(logger log.FieldLogger, clientID, clientSecret string, cloudName configv1.AzureCloudEnvironment, tenantID, subscriptionID string) (*AzureCredentialsMinter, error)

func NewFakeAzureCredentialsMinter 

func NewFakeAzureCredentialsMinter(logger log.FieldLogger, clientID, clientSecret, tenantID, subscriptionID string, appClient AppClient) (*AzureCredentialsMinter, error)

func (*AzureCredentialsMinter) DeleteAADApplication 

func (credMinter *AzureCredentialsMinter) DeleteAADApplication(ctx context.Context, aadAppName string) error

DeleteAADApplication deletes an AAD application. If the application does not exist, it's no-op.

type BlobContainersClient 

type BlobContainersClient interface {
	Get(ctx context.Context, resourceGroupName string, accountName string, containerName string, options *armstorage.BlobContainersClientGetOptions) (armstorage.BlobContainersClientGetResponse, error)
	Create(ctx context.Context, resourceGroupName string, accountName string, containerName string, blobContainer armstorage.BlobContainer, options *armstorage.BlobContainersClientCreateOptions) (armstorage.BlobContainersClientCreateResponse, error)
}

type FederatedIdentityCredentialsClient 

type FederatedIdentityCredentialsClient interface {
	CreateOrUpdate(ctx context.Context, resourceGroupName string, resourceName string, federatedIdentityCredentialResourceName string, parameters armmsi.FederatedIdentityCredential, options *armmsi.FederatedIdentityCredentialsClientCreateOrUpdateOptions) (armmsi.FederatedIdentityCredentialsClientCreateOrUpdateResponse, error)
	Get(ctx context.Context, resourceGroupName string, resourceName string, federatedIdentityCredentialResourceName string, options *armmsi.FederatedIdentityCredentialsClientGetOptions) (armmsi.FederatedIdentityCredentialsClientGetResponse, error)
}

type MockablePoller 

type MockablePoller[T any] interface {
	PollUntilDone(ctx context.Context, options *runtime.PollUntilDoneOptions) (T, error)
	Poll(ctx context.Context) (*http.Response, error)
	Done() bool
	Result(ctx context.Context) (T, error)
	ResumeToken() (string, error)
}

func NewPollerWrapper 

func NewPollerWrapper[T any](poller *runtime.Poller[T], mock bool, mockResp T) MockablePoller[T]

NewPollerWrapper wraps runtime.Poller such that the Poller's methods may be conditionally mocked based on the provided mock bool. When mock is true, PollUntilDone() will return the provided mockResp generically typed object.

type PollerWrapper 

type PollerWrapper[T any] struct {
	*runtime.Poller[T]
	// contains filtered or unexported fields
}

func (*PollerWrapper[T]) Done 

func (p *PollerWrapper[T]) Done() bool

func (*PollerWrapper[T]) Poll 

func (p *PollerWrapper[T]) Poll(ctx context.Context) (*http.Response, error)

func (*PollerWrapper[T]) PollUntilDone 

func (p *PollerWrapper[T]) PollUntilDone(ctx context.Context, options *runtime.PollUntilDoneOptions) (T, error)

func (*PollerWrapper[T]) Result 

func (p *PollerWrapper[T]) Result(ctx context.Context) (T, error)

func (*PollerWrapper[T]) ResumeToken 

func (p *PollerWrapper[T]) ResumeToken() (string, error)

type ResourceGroupsClient 

type ResourceGroupsClient interface {
	Get(ctx context.Context, resourceGroupName string, options *armresources.ResourceGroupsClientGetOptions) (armresources.ResourceGroupsClientGetResponse, error)
	CreateOrUpdate(ctx context.Context, resourceGroupName string, parameters armresources.ResourceGroup, options *armresources.ResourceGroupsClientCreateOrUpdateOptions) (armresources.ResourceGroupsClientCreateOrUpdateResponse, error)
	BeginDelete(ctx context.Context, resourceGroupName string, options *armresources.ResourceGroupsClientBeginDeleteOptions) (*runtime.Poller[armresources.ResourceGroupsClientDeleteResponse], error)
}

type RoleAssignmentsClient 

type RoleAssignmentsClient interface {
	Create(ctx context.Context, scope string, roleAssignmentName string, parameters armauthorization.RoleAssignmentCreateParameters, options *armauthorization.RoleAssignmentsClientCreateOptions) (armauthorization.RoleAssignmentsClientCreateResponse, error)
	NewListForScopePager(scope string, options *armauthorization.RoleAssignmentsClientListForScopeOptions) *runtime.Pager[armauthorization.RoleAssignmentsClientListForScopeResponse]
	Delete(ctx context.Context, scope string, roleAssignmentName string, options *armauthorization.RoleAssignmentsClientDeleteOptions) (armauthorization.RoleAssignmentsClientDeleteResponse, error)
}

type RoleDefinitionsClient 

type RoleDefinitionsClient interface {
	CreateOrUpdate(ctx context.Context, scope string, roleDefinitionID string, roleDefinition armauthorization.RoleDefinition, options *armauthorization.RoleDefinitionsClientCreateOrUpdateOptions) (armauthorization.RoleDefinitionsClientCreateOrUpdateResponse, error)
	Delete(ctx context.Context, scope string, roleDefinitionID string, options *armauthorization.RoleDefinitionsClientDeleteOptions) (armauthorization.RoleDefinitionsClientDeleteResponse, error)
	GetByID(ctx context.Context, roleDefinitionID string, options *armauthorization.RoleDefinitionsClientGetByIDOptions) (armauthorization.RoleDefinitionsClientGetByIDResponse, error)
	NewListPager(scope string, options *armauthorization.RoleDefinitionsClientListOptions) *runtime.Pager[armauthorization.RoleDefinitionsClientListResponse]
}

type UserAssignedIdentitiesClient 

type UserAssignedIdentitiesClient interface {
	CreateOrUpdate(ctx context.Context, resourceGroupName string, resourceName string, parameters armmsi.Identity, options *armmsi.UserAssignedIdentitiesClientCreateOrUpdateOptions) (armmsi.UserAssignedIdentitiesClientCreateOrUpdateResponse, error)
	Get(ctx context.Context, resourceGroupName string, resourceName string, options *armmsi.UserAssignedIdentitiesClientGetOptions) (armmsi.UserAssignedIdentitiesClientGetResponse, error)
	Delete(ctx context.Context, resourceGroupName string, resourceName string, options *armmsi.UserAssignedIdentitiesClientDeleteOptions) (armmsi.UserAssignedIdentitiesClientDeleteResponse, error)
	NewListByResourceGroupPager(resourceGroupName string, options *armmsi.UserAssignedIdentitiesClientListByResourceGroupOptions) *runtime.Pager[armmsi.UserAssignedIdentitiesClientListByResourceGroupResponse]
}

Source Files

View all Source files

Directories

Path Synopsis
Package mock is a generated GoMock package.
 Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.