Documentation
¶
Overview ¶
Package model contains common data structures between the controller and pomerium config reconciler
Index ¶
- Constants
- type IngressConfig
- func (ic *IngressConfig) Clone() *IngressConfig
- func (ic *IngressConfig) GetServicePortByName(name types.NamespacedName, port string) (int32, error)
- func (ic *IngressConfig) IsAnnotationSet(name string) bool
- func (ic *IngressConfig) IsPathRegex() bool
- func (ic *IngressConfig) IsSecureUpstream() bool
- func (ic *IngressConfig) ParseTLSCerts() ([]*TLSCert, error)
- func (ic *IngressConfig) UseServiceProxy() bool
- type Key
- type Registry
- type TLSCert
Constants ¶
const ( // TLSCustomCASecret replaces https://pomerium.io/reference/#tls-custom-certificate-authority // nolint: gosec TLSCustomCASecret = "tls_custom_ca_secret" // TLSClientSecret replaces https://pomerium.io/reference/#tls-client-certificate // nolint: gosec TLSClientSecret = "tls_client_secret" // TLSDownstreamClientCASecret replaces https://pomerium.io/reference/#tls-downstream-client-certificate-authority TLSDownstreamClientCASecret = "tls_downstream_client_ca_secret" // SecureUpstream indicate that service communication should happen over HTTPS SecureUpstream = "secure_upstream" // PathRegex indicates that paths of ImplementationSpecific type should be treated as regular expression PathRegex = "path_regex" // UseServiceProxy will use standard k8s service proxy as upstream, opposed to individual endpoints UseServiceProxy = "service_proxy_upstream" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IngressConfig ¶
type IngressConfig struct {
AnnotationPrefix string
*networkingv1.Ingress
Endpoints map[types.NamespacedName]*corev1.Endpoints
Secrets map[types.NamespacedName]*corev1.Secret
Services map[types.NamespacedName]*corev1.Service
}
IngressConfig represents ingress and all other required resources
func (*IngressConfig) Clone ¶
func (ic *IngressConfig) Clone() *IngressConfig
Clone creates a deep copy of the ingress config
func (*IngressConfig) GetServicePortByName ¶
func (ic *IngressConfig) GetServicePortByName(name types.NamespacedName, port string) (int32, error)
GetServicePortByName returns service named port
func (*IngressConfig) IsAnnotationSet ¶ added in v0.15.3
func (ic *IngressConfig) IsAnnotationSet(name string) bool
IsAnnotationSet checks if a boolean annotation is set to true
func (*IngressConfig) IsPathRegex ¶ added in v0.15.3
func (ic *IngressConfig) IsPathRegex() bool
IsPathRegex returns true if paths in the Ingress spec should be treated as regular expressions
func (*IngressConfig) IsSecureUpstream ¶
func (ic *IngressConfig) IsSecureUpstream() bool
IsSecureUpstream returns true if upstream endpoints should be HTTPS
func (*IngressConfig) ParseTLSCerts ¶
func (ic *IngressConfig) ParseTLSCerts() ([]*TLSCert, error)
ParseTLSCerts decodes K8s TLS secret
func (*IngressConfig) UseServiceProxy ¶ added in v0.16.1
func (ic *IngressConfig) UseServiceProxy() bool
UseServiceProxy disables use of endpoints and would use standard k8s service proxy instead
type Registry ¶
type Registry interface {
// Add registers a dependency between x,y
Add(x, y Key)
// Deps returns list of dependencies given object key has
Deps(x Key) []Key
DepsOfKind(x Key, kind string) []Key
// DeleteCascade deletes key x and also any dependent keys that do not have other dependencies
DeleteCascade(x Key)
}
Registry is used to keep track of dependencies between kubernetes objects i.e. ingress depends on secret and service configurations no dependency subordination is tracked
func NewRegistry ¶
func NewRegistry() Registry
NewRegistry creates an empty registry safe for concurrent use
Source Files