Documentation ¶
Overview ¶
Package pomerium implements logic to convert K8s objects into Pomerium configuration
Index ¶
- Constants
- type ConfigReconciler
- type DataBrokerReconciler
- func (r *DataBrokerReconciler) Delete(ctx context.Context, namespacedName types.NamespacedName) (bool, error)
- func (r *DataBrokerReconciler) DeleteAll(ctx context.Context) error
- func (r *DataBrokerReconciler) Set(ctx context.Context, ics []*model.IngressConfig) (bool, error)
- func (r *DataBrokerReconciler) SetConfig(ctx context.Context, cfg *model.Config) (changes bool, err error)
- func (r *DataBrokerReconciler) SetGatewayConfig(ctx context.Context, config *model.GatewayConfig) (changes bool, err error)
- func (r *DataBrokerReconciler) Upsert(ctx context.Context, ic *model.IngressConfig) (bool, error)
- type GatewayReconciler
- type IngressReconciler
Constants ¶
const ( // IngressControllerConfigID is for Ingress-defined configuration IngressControllerConfigID = "ingress-controller" // GatewayControllerConfigID is for Gateway-defined configuration GatewayControllerConfigID = "gateway-controller" SharedSettingsConfigID = "pomerium-crd" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConfigReconciler ¶
type ConfigReconciler interface { // SetConfig updates just the shared config settings SetConfig(ctx context.Context, cfg *model.Config) (changes bool, err error) }
ConfigReconciler only updates global parameters and does not deal with individual routes
type DataBrokerReconciler ¶ added in v0.18.0
type DataBrokerReconciler struct { ConfigID string databroker.DataBrokerServiceClient // DebugDumpConfigDiff dumps a diff between current and new config being applied DebugDumpConfigDiff bool // RemoveUnreferencedCerts would strip any certs not matched by any of the Routes SNI RemoveUnreferencedCerts bool }
DataBrokerReconciler updates pomerium configuration only one DataBrokerReconciler should be active and its methods are not thread-safe
func (*DataBrokerReconciler) Delete ¶ added in v0.18.0
func (r *DataBrokerReconciler) Delete(ctx context.Context, namespacedName types.NamespacedName) (bool, error)
Delete should delete pomerium routes corresponding to this ingress name
func (*DataBrokerReconciler) DeleteAll ¶ added in v0.18.0
func (r *DataBrokerReconciler) DeleteAll(ctx context.Context) error
DeleteAll cleans pomerium configuration entirely
func (*DataBrokerReconciler) Set ¶ added in v0.18.0
func (r *DataBrokerReconciler) Set(ctx context.Context, ics []*model.IngressConfig) (bool, error)
Set merges existing config with the one generated for ingress
func (*DataBrokerReconciler) SetConfig ¶ added in v0.18.0
func (r *DataBrokerReconciler) SetConfig(ctx context.Context, cfg *model.Config) (changes bool, err error)
SetConfig updates just the shared config settings
func (*DataBrokerReconciler) SetGatewayConfig ¶ added in v0.28.0
func (r *DataBrokerReconciler) SetGatewayConfig( ctx context.Context, config *model.GatewayConfig, ) (changes bool, err error)
SetGatewayConfig applies Gateway-defined configuration.
func (*DataBrokerReconciler) Upsert ¶ added in v0.18.0
func (r *DataBrokerReconciler) Upsert(ctx context.Context, ic *model.IngressConfig) (bool, error)
Upsert should update or create the pomerium routes corresponding to this ingress
type GatewayReconciler ¶ added in v0.28.0
type GatewayReconciler interface { // GatewaySetConfig updates the entire Gateway-defined route configuration. SetGatewayConfig(ctx context.Context, config *model.GatewayConfig) (changes bool, err error) }
GatewayReconciler updates Pomerium configuration based on Gateway-defined resources.
type IngressReconciler ¶ added in v0.18.0
type IngressReconciler interface { // Upsert should update or create the pomerium routes corresponding to this ingress Upsert(ctx context.Context, ic *model.IngressConfig) (changes bool, err error) // Set configuration to match provided ingresses and shared config settings Set(ctx context.Context, ics []*model.IngressConfig) (changes bool, err error) // Delete should delete pomerium routes corresponding to this ingress name Delete(ctx context.Context, namespacedName types.NamespacedName) (changes bool, err error) }
IngressReconciler updates pomerium configuration based on provided network resources it is not expected to be thread safe
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package ctrl converts Settings CRD into a bootstrap config
|
Package ctrl converts Settings CRD into a bootstrap config |
Package envoy contains functions for working with an embedded envoy binary.
|
Package envoy contains functions for working with an embedded envoy binary. |
Package gateway contains logic for converting Gateway API configuration into Pomerium configuration.
|
Package gateway contains logic for converting Gateway API configuration into Pomerium configuration. |