gcp

package

v0.9.2 Latest Latest Go to latest Published: Jun 12, 2023 License: Apache-2.0 Imports: 27 Imported by: 8

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift/installer

Documentation ¶

Index ¶

Variables
func GetBaseDomain(project string) (string, error)
func IsForbidden(err error) bool
func IsNotFound(err error) bool
func IsThrottled(err error) bool
func Platform() (*gcp.Platform, error)
func Validate(client API, ic *types.InstallConfig) error
func ValidateCredentialMode(client API, ic *types.InstallConfig) error
func ValidateEnabledServices(ctx context.Context, client API, project string) error
func ValidateForProvisioning(ic *types.InstallConfig) error
func ValidateInstanceType(client API, fieldPath *field.Path, project, zone, instanceType string, ...) field.ErrorList
func ValidatePreExistingPublicDNS(client API, ic *types.InstallConfig) *field.Error
func ValidatePrivateDNSZone(client API, ic *types.InstallConfig) *field.Error
type API
type Client
- func NewClient(ctx context.Context) (*Client, error)
type Session
- func GetSession(ctx context.Context) (*Session, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// RequiredBasePermissions is the list of permissions required for an installation.
	// A list of valid permissions can be found at https://cloud.google.com/iam/docs/understanding-roles.
	RequiredBasePermissions = []string{}
)

Functions ¶

func GetBaseDomain ¶

func GetBaseDomain(project string) (string, error)

GetBaseDomain returns a base domain chosen from among the project's public DNS zones.

func IsForbidden ¶

func IsForbidden(err error) bool

IsForbidden checks whether a response from the GPC API was forbidden, indicating that a given service account cannot access the specified project.

func IsNotFound ¶

func IsNotFound(err error) bool

IsNotFound checks whether a response from the GPC API was not found.

func IsThrottled ¶

func IsThrottled(err error) bool

IsThrottled checks whether a response from the GPC API returns Too Many Requests

func Platform ¶

func Platform() (*gcp.Platform, error)

Platform collects GCP-specific configuration.

func Validate ¶

func Validate(client API, ic *types.InstallConfig) error

Validate executes platform-specific validation.

func ValidateCredentialMode ¶

func ValidateCredentialMode(client API, ic *types.InstallConfig) error

ValidateCredentialMode checks whether the credential mode is compatible with the authentication mode.

func ValidateEnabledServices ¶

func ValidateEnabledServices(ctx context.Context, client API, project string) error

ValidateEnabledServices gets all the enabled services for a project and validate if any of the required services are not enabled. also warns the user if optional services are not enabled.

func ValidateForProvisioning ¶

func ValidateForProvisioning(ic *types.InstallConfig) error

ValidateForProvisioning validates that the install config is valid for provisioning the cluster.

func ValidateInstanceType ¶

func ValidateInstanceType(client API, fieldPath *field.Path, project, zone, instanceType string, req resourceRequirements) field.ErrorList

ValidateInstanceType ensures the instance type has sufficient Vcpu and Memory.

func ValidatePreExistingPublicDNS ¶

func ValidatePreExistingPublicDNS(client API, ic *types.InstallConfig) *field.Error

ValidatePreExistingPublicDNS ensure no pre-existing DNS record exists in the public DNS zone for cluster's Kubernetes API. If a PublicDNSZone is provided, the provided zone is verified against the BaseDomain. If no zone is provided, the base domain is checked for any public zone that can be used.

func ValidatePrivateDNSZone ¶

func ValidatePrivateDNSZone(client API, ic *types.InstallConfig) *field.Error

ValidatePrivateDNSZone ensure no pre-existing DNS record exists in the private dns zone matching the name that will be used for this installation.

Types ¶

type API ¶

type API interface {
	GetNetwork(ctx context.Context, network, project string) (*compute.Network, error)
	GetMachineType(ctx context.Context, project, zone, machineType string) (*compute.MachineType, error)
	GetPublicDomains(ctx context.Context, project string) ([]string, error)
	GetDNSZone(ctx context.Context, project, baseDomain string, isPublic bool) (*dns.ManagedZone, error)
	GetDNSZoneByName(ctx context.Context, project, zoneName string) (*dns.ManagedZone, error)
	GetSubnetworks(ctx context.Context, network, project, region string) ([]*compute.Subnetwork, error)
	GetProjects(ctx context.Context) (map[string]string, error)
	GetRegions(ctx context.Context, project string) ([]string, error)
	GetRecordSets(ctx context.Context, project, zone string) ([]*dns.ResourceRecordSet, error)
	GetZones(ctx context.Context, project, filter string) ([]*compute.Zone, error)
	GetEnabledServices(ctx context.Context, project string) ([]string, error)
	GetCredentials() *googleoauth.Credentials
	GetProjectPermissions(ctx context.Context, project string, permissions []string) (sets.Set[string], error)
	ValidateServiceAccountHasPermissions(ctx context.Context, project string, permissions []string) (bool, error)
}

API represents the calls made to the API.

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client makes calls to the GCP API.

func NewClient ¶

func NewClient(ctx context.Context) (*Client, error)

NewClient initializes a client with a session.

func (*Client) GetCredentials ¶

func (c *Client) GetCredentials() *googleoauth.Credentials

GetCredentials returns the credentials used to authenticate the GCP session.

func (*Client) GetDNSZone ¶

func (c *Client) GetDNSZone(ctx context.Context, project, baseDomain string, isPublic bool) (*dns.ManagedZone, error)

GetDNSZone returns a DNS zone for a basedomain.

func (*Client) GetDNSZoneByName ¶

func (c *Client) GetDNSZoneByName(ctx context.Context, project, zoneName string) (*dns.ManagedZone, error)

GetDNSZoneByName returns a DNS zone matching the `zoneName` if the DNS zone exists and can be seen (correct permissions for a private zone) in the project.

func (*Client) GetEnabledServices ¶

func (c *Client) GetEnabledServices(ctx context.Context, project string) ([]string, error)

GetEnabledServices gets the list of enabled services for a project.

func (*Client) GetMachineType ¶

func (c *Client) GetMachineType(ctx context.Context, project, zone, machineType string) (*compute.MachineType, error)

GetMachineType uses the GCP Compute Service API to get the specified machine type.

func (*Client) GetNetwork ¶

func (c *Client) GetNetwork(ctx context.Context, network, project string) (*compute.Network, error)

GetNetwork uses the GCP Compute Service API to get a network by name from a project.

func (*Client) GetProjectPermissions ¶

func (c *Client) GetProjectPermissions(ctx context.Context, project string, permissions []string) (sets.Set[string], error)

GetProjectPermissions consumes a set of permissions and returns the set of found permissions for the service account (in the provided project). A list of valid permissions can be found at https://cloud.google.com/iam/docs/understanding-roles.

func (*Client) GetProjects ¶

func (c *Client) GetProjects(ctx context.Context) (map[string]string, error)

GetProjects gets the list of project names and ids associated with the current user in the form of a map whose keys are ids and values are names.

func (*Client) GetPublicDomains ¶

func (c *Client) GetPublicDomains(ctx context.Context, project string) ([]string, error)

GetPublicDomains returns all of the domains from among the project's public DNS zones.

func (*Client) GetRecordSets ¶

func (c *Client) GetRecordSets(ctx context.Context, project, zone string) ([]*dns.ResourceRecordSet, error)

GetRecordSets returns all the records for a DNS zone.

func (*Client) GetRegions ¶

func (c *Client) GetRegions(ctx context.Context, project string) ([]string, error)

GetRegions gets the regions that are valid for the project. An error is returned when unsuccessful

func (*Client) GetSubnetworks ¶

func (c *Client) GetSubnetworks(ctx context.Context, network, project, region string) ([]*compute.Subnetwork, error)

GetSubnetworks uses the GCP Compute Service API to retrieve all subnetworks in a given network.

func (*Client) GetZones ¶

func (c *Client) GetZones(ctx context.Context, project, filter string) ([]*compute.Zone, error)

GetZones uses the GCP Compute Service API to get a list of zones from a project.

func (*Client) ValidateServiceAccountHasPermissions ¶

func (c *Client) ValidateServiceAccountHasPermissions(ctx context.Context, project string, permissions []string) (bool, error)

ValidateServiceAccountHasPermissions compares the permissions to the set returned from the GCP API. Returns true if all permissions are available to the service account in the project.

type Session ¶

type Session struct {
	Credentials *googleoauth.Credentials
}

Session is an object representing session for GCP API.

func GetSession ¶

func GetSession(ctx context.Context) (*Session, error)

GetSession returns a GCP session by using credentials found in default locations in order: env GOOGLE_CREDENTIALS, env GOOGLE_CLOUD_KEYFILE_JSON, env GCLOUD_KEYFILE_JSON, file ~/.gcp/osServiceAccount.json, and gcloud cli defaults and, if no creds are found, asks for them and stores them on disk in a config file

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock Package mock is a generated GoMock package.	Package mock is a generated GoMock package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL