app

package
v0.0.0-...-cb1a7a4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 21, 2022 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	VaultConfigFileName   = "vault.hcl"
	VaultConfigVolumeName = "vault-config"
	VaultConfigVolumePath = "/var/run/vault/config"
	VaultDataVolumePath   = "/vault/data"
	VaultDataVolumeName   = "data"
	VaultIdentifier       = "vault"
)
View Source 
const (
	DefaultLogServicePort = 7050
)

Variables

View Source 
var DependencyManager = ownerext.NewManager("installer.relay.sh/dependency-of")

Functions

func ConfigureClusterRoleBinding 

func ConfigureClusterRoleBinding(sa *corev1obj.ServiceAccount, crb *rbacv1obj.ClusterRoleBinding)

func ConfigureClusterRoleBindingWithRoleRef 

func ConfigureClusterRoleBindingWithRoleRef(sa *corev1obj.ServiceAccount, crb *rbacv1obj.ClusterRoleBinding, rr rbacv1.RoleRef)

func ConfigureCoreDefaults 

func ConfigureCoreDefaults(cd *CoreDeps)

func ConfigureJWTSigningKeys 

func ConfigureJWTSigningKeys(sec *corev1obj.Secret) error

func ConfigureLogServiceContainer 

func ConfigureLogServiceContainer(coreobj *obj.Core, c *corev1.Container)

func ConfigureLogServiceDeployment 

func ConfigureLogServiceDeployment(ld *LogServiceDeps, dep *appsv1obj.Deployment)

func ConfigureLogServiceService 

func ConfigureLogServiceService(ld *LogServiceDeps, svc *corev1obj.Service)

func ConfigureMetadataAPIClusterRole 

func ConfigureMetadataAPIClusterRole(cr *rbacv1obj.ClusterRole)

func ConfigureMutatingWebhook 

func ConfigureMutatingWebhook(od *OperatorDeps, mw *admissionv1.MutatingWebhook, name string, path *string)

func ConfigureOperatorClusterRole 

func ConfigureOperatorClusterRole(cr *rbacv1obj.ClusterRole)

func ConfigureOperatorDelegateClusterRole 

func ConfigureOperatorDelegateClusterRole(cr *rbacv1obj.ClusterRole)

func ConfigureOperatorWebhookConfiguration 

func ConfigureOperatorWebhookConfiguration(od *OperatorDeps, mwc *admissionregistrationv1obj.MutatingWebhookConfiguration)

func ConfigureRoleBinding 

func ConfigureRoleBinding(sa *corev1obj.ServiceAccount, rb *rbacv1obj.RoleBinding)

func ConfigureVaultAgentConfigMap 

func ConfigureVaultAgentConfigMap(core *obj.Core, role string, cm *corev1obj.ConfigMap)

func ConfigureVaultAgentTokenSecret 

func ConfigureVaultAgentTokenSecret(vd *VaultAgentDeps, secret *corev1obj.Secret)

func ConfigureVaultConfigJob 

func ConfigureVaultConfigJob(
	coreKey types.NamespacedName,
	logServiceConfig *v1alpha1.LogServiceConfig,
	metadataAPIConfig v1alpha1.MetadataAPIConfig,
	operatorConfig v1alpha1.OperatorConfig,
	vaultConfig v1alpha1.VaultConfig,
	job *batchv1obj.Job, sa *corev1obj.ServiceAccount,
	jskd *JWTSigningKeyDeps)

func ConfigureVaultConfigRole 

func ConfigureVaultConfigRole(r *rbacv1obj.Role)

func ConfigureVaultContainer 

func ConfigureVaultContainer(coreobj *obj.Core, c *corev1.Container)

func ConfigureVaultService 

func ConfigureVaultService(vd *VaultServerBuiltInConfigDeps, svc *corev1obj.Service)

func ConfigureVaultStatefulSet 

func ConfigureVaultStatefulSet(vd *VaultServerBuiltInConfigDeps, ss *appsv1obj.StatefulSet)

func ConfigureWebhookCertificateControllerClusterRole 

func ConfigureWebhookCertificateControllerClusterRole(cr *rbacv1obj.ClusterRole)

func ConfigureWebhookCertificateControllerContainer 

func ConfigureWebhookCertificateControllerContainer(wd *WebhookCertificateControllerDeps, c *corev1.Container)

func ConfigureWebhookCertificateControllerDeployment 

func ConfigureWebhookCertificateControllerDeployment(wd *WebhookCertificateControllerDeps, dep *appsv1obj.Deployment)

func VaultAuthDataEnvVar 

func VaultAuthDataEnvVar(name string, vad *v1alpha1.VaultAuthData) (corev1.EnvVar, bool)

Types

type CoreDeps 

type CoreDeps struct {
	Core            *obj.Core
	OwnerConfigMap  *corev1obj.ConfigMap
	Namespace       *corev1obj.Namespace
	VaultConfigDeps *VaultConfigDeps
	OperatorDeps    *OperatorDeps
	MetadataAPIDeps *MetadataAPIDeps
	LogServiceDeps  *LogServiceDeps
}

func ApplyCoreDeps 

func ApplyCoreDeps(ctx context.Context, cl client.Client, c *obj.Core) (*CoreDeps, error)

func NewCoreDeps 

func NewCoreDeps(c *obj.Core) *CoreDeps

func (*CoreDeps) Configure 

func (cd *CoreDeps) Configure(_ context.Context) error

func (*CoreDeps) Delete 

func (cd *CoreDeps) Delete(ctx context.Context, cl client.Client, opts ...lifecycle.DeleteOption) (bool, error)

func (*CoreDeps) Load 

func (cd *CoreDeps) Load(ctx context.Context, cl client.Client) (*CoreDepsLoadResult, error)

func (*CoreDeps) Persist 

func (cd *CoreDeps) Persist(ctx context.Context, cl client.Client) error

type CoreDepsLoadResult 

type CoreDepsLoadResult struct {
	All bool
}

type JWTSigningKeyDeps 

type JWTSigningKeyDeps struct {
	Core                       *obj.Core
	OwnerConfigMap             *corev1obj.ConfigMap
	ManagedJWTSigningKeySecret *corev1obj.Secret
	Labels                     map[string]string
}

func NewJWTSigningKeyDeps 

func NewJWTSigningKeyDeps(c *obj.Core) *JWTSigningKeyDeps

func (*JWTSigningKeyDeps) Configure 

func (d *JWTSigningKeyDeps) Configure(_ context.Context) error

func (*JWTSigningKeyDeps) Delete 

func (d *JWTSigningKeyDeps) Delete(ctx context.Context, cl client.Client, opts ...lifecycle.DeleteOption) (bool, error)

func (*JWTSigningKeyDeps) Load 

func (d *JWTSigningKeyDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*JWTSigningKeyDeps) Owned 

func (d *JWTSigningKeyDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*JWTSigningKeyDeps) Persist 

func (d *JWTSigningKeyDeps) Persist(ctx context.Context, cl client.Client) error

func (*JWTSigningKeyDeps) PrivateKey 

func (d *JWTSigningKeyDeps) PrivateKey() corev1.SecretKeySelector

func (*JWTSigningKeyDeps) PublicKey 

func (d *JWTSigningKeyDeps) PublicKey() corev1.SecretKeySelector

type LogServiceDeps 

type LogServiceDeps struct {
	Core           *obj.Core
	Deployment     *appsv1.Deployment
	Service        *corev1.Service
	ServiceAccount *corev1.ServiceAccount
	OwnerConfigMap *corev1.ConfigMap
	VaultAgentDeps *VaultAgentDeps
	Labels         map[string]string
}

func NewLogServiceDeps 

func NewLogServiceDeps(c *obj.Core) *LogServiceDeps

func (*LogServiceDeps) Configure 

func (ld *LogServiceDeps) Configure(ctx context.Context) error

func (*LogServiceDeps) Load 

func (ld *LogServiceDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*LogServiceDeps) Owned 

func (ld *LogServiceDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*LogServiceDeps) Persist 

func (ld *LogServiceDeps) Persist(ctx context.Context, cl client.Client) error

type MetadataAPIDeps 

type MetadataAPIDeps struct {
	Core               *obj.Core
	Deployment         *metadataAPIDeployment
	Service            *metadataAPIService
	ServiceAccount     *corev1.ServiceAccount
	ClusterRole        *rbacv1.ClusterRole
	ClusterRoleBinding *rbacv1.ClusterRoleBinding
	OwnerConfigMap     *corev1.ConfigMap
	VaultAgentDeps     *VaultAgentDeps
	Labels             map[string]string
}

func NewMetadataAPIDeps 

func NewMetadataAPIDeps(c *obj.Core) *MetadataAPIDeps

func (*MetadataAPIDeps) Configure 

func (md *MetadataAPIDeps) Configure(ctx context.Context) error

func (*MetadataAPIDeps) Load 

func (md *MetadataAPIDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*MetadataAPIDeps) Owned 

func (md *MetadataAPIDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*MetadataAPIDeps) Persist 

func (md *MetadataAPIDeps) Persist(ctx context.Context, cl client.Client) error

type OperatorDeps 

type OperatorDeps struct {
	Core                             *obj.Core
	Deployment                       *operatorDeployment
	WebhookService                   *operatorWebhookService
	ServiceAccount                   *corev1obj.ServiceAccount
	TenantNamespace                  *corev1obj.Namespace
	ClusterRole                      *rbacv1obj.ClusterRole
	ClusterRoleBinding               *rbacv1obj.ClusterRoleBinding
	DelegateClusterRole              *rbacv1obj.ClusterRole
	DelegateClusterRoleBinding       *rbacv1obj.ClusterRoleBinding
	WebhookConfig                    *admissionregistrationv1.MutatingWebhookConfiguration
	OwnerConfigMap                   *corev1obj.ConfigMap
	WebhookCertificateControllerDeps *WebhookCertificateControllerDeps
	VaultAgentDeps                   *VaultAgentDeps
	VaultConfigDeps                  *VaultConfigDeps
	Labels                           map[string]string
}

func NewOperatorDeps 

func NewOperatorDeps(c *obj.Core, vcd *VaultConfigDeps) *OperatorDeps

func (*OperatorDeps) Configure 

func (od *OperatorDeps) Configure(ctx context.Context) error

func (*OperatorDeps) Load 

func (od *OperatorDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*OperatorDeps) Owned 

func (od *OperatorDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*OperatorDeps) Persist 

func (od *OperatorDeps) Persist(ctx context.Context, cl client.Client) error

type VaultAgentConfig 

type VaultAgentConfig struct {
	AutoAuth  *VaultAutoAuth   `hcl:"auto_auth,block"`
	Cache     *VaultCache      `hcl:"cache,block"`
	Listeners []*VaultListener `hcl:"listener,block"`
	Vault     *VaultServer     `hcl:"vault,block"`
}

type VaultAgentDeps 

type VaultAgentDeps struct {
	Core           *obj.Core
	ConfigMap      *corev1obj.ConfigMap
	ServiceAccount *corev1obj.ServiceAccount
	TokenSecret    *corev1obj.Secret
	OwnerConfigMap *corev1obj.ConfigMap
	Role           string
}

func NewVaultAgentDepsForRole 

func NewVaultAgentDepsForRole(role string, c *obj.Core) *VaultAgentDeps

func (*VaultAgentDeps) Configure 

func (vd *VaultAgentDeps) Configure(ctx context.Context) error

func (*VaultAgentDeps) DeploymentVolumes 

func (vd *VaultAgentDeps) DeploymentVolumes() []corev1.Volume

func (*VaultAgentDeps) Load 

func (vd *VaultAgentDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*VaultAgentDeps) Owned 

func (vd *VaultAgentDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*VaultAgentDeps) Persist 

func (vd *VaultAgentDeps) Persist(ctx context.Context, cl client.Client) error

func (*VaultAgentDeps) SidecarContainer 

func (vd *VaultAgentDeps) SidecarContainer() corev1.Container

type VaultAutoAuth 

type VaultAutoAuth struct {
	Method *VaultAutoAuthMethod `hcl:"method,block"`
}

type VaultAutoAuthMethod 

type VaultAutoAuthMethod struct {
	Type      string            `hcl:"type,label"`
	MountPath string            `hcl:"mount_path"`
	Config    map[string]string `hcl:"config"`
}

type VaultCache 

type VaultCache struct {
	UseAutoAuthToken bool `hcl:"use_auto_auth_token"`
}

type VaultConfigDeps 

type VaultConfigDeps struct {
	Core                         *obj.Core
	OwnerConfigMap               *corev1obj.ConfigMap
	JWTSigningKeyDeps            *JWTSigningKeyDeps
	VaultEngineConfigDeps        *VaultEngineConfigDeps
	VaultServerBuiltInConfigDeps *VaultServerBuiltInConfigDeps
}

func NewVaultConfigDeps 

func NewVaultConfigDeps(c *obj.Core) *VaultConfigDeps

func (*VaultConfigDeps) Configure 

func (vcd *VaultConfigDeps) Configure(ctx context.Context) error

func (*VaultConfigDeps) Load 

func (vcd *VaultConfigDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*VaultConfigDeps) Owned 

func (vcd *VaultConfigDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*VaultConfigDeps) Persist 

func (vcd *VaultConfigDeps) Persist(ctx context.Context, cl client.Client) error

type VaultEngineConfigDeps 

type VaultEngineConfigDeps struct {
	Core              *obj.Core
	ConfigJob         *batchv1obj.Job
	OwnerConfigMap    *corev1obj.ConfigMap
	Role              *rbacv1obj.Role
	RoleBinding       *rbacv1obj.RoleBinding
	ServiceAccount    *corev1obj.ServiceAccount
	JWTSigningKeyDeps *JWTSigningKeyDeps
	Labels            map[string]string
}

func NewVaultSystemConfigDeps 

func NewVaultSystemConfigDeps(c *obj.Core, jskd *JWTSigningKeyDeps) *VaultEngineConfigDeps

func (*VaultEngineConfigDeps) Configure 

func (vd *VaultEngineConfigDeps) Configure(ctx context.Context) error

func (*VaultEngineConfigDeps) Load 

func (vd *VaultEngineConfigDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*VaultEngineConfigDeps) Owned 

func (vd *VaultEngineConfigDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*VaultEngineConfigDeps) Persist 

func (vd *VaultEngineConfigDeps) Persist(ctx context.Context, cl client.Client) error

type VaultListener 

type VaultListener struct {
	Type       string `hcl:"type,label"`
	Address    string `hcl:"address"`
	TLSDisable bool   `hcl:"tls_disable"`
}

type VaultServer 

type VaultServer struct {
	Address string `hcl:"address"`
}

type VaultServerBuiltInConfigDeps 

type VaultServerBuiltInConfigDeps struct {
	Core               *obj.Core
	ClusterRoleBinding *rbacv1obj.ClusterRoleBinding
	OwnerConfigMap     *corev1obj.ConfigMap
	Service            *corev1obj.Service
	ServiceAccount     *corev1obj.ServiceAccount
	StatefulSet        *appsv1obj.StatefulSet
	Labels             map[string]string
}

func NewVaultServerBuiltInConfigDeps 

func NewVaultServerBuiltInConfigDeps(c *obj.Core) *VaultServerBuiltInConfigDeps

func (*VaultServerBuiltInConfigDeps) Configure 

func (vd *VaultServerBuiltInConfigDeps) Configure(ctx context.Context) error

func (*VaultServerBuiltInConfigDeps) Load 

func (vd *VaultServerBuiltInConfigDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*VaultServerBuiltInConfigDeps) Owned 

func (vd *VaultServerBuiltInConfigDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*VaultServerBuiltInConfigDeps) Persist 

func (vd *VaultServerBuiltInConfigDeps) Persist(ctx context.Context, cl client.Client) error

func (*VaultServerBuiltInConfigDeps) Volumes 

func (vd *VaultServerBuiltInConfigDeps) Volumes() []corev1.Volume

type WebhookCertificateControllerDeps 

type WebhookCertificateControllerDeps struct {
	Core               *obj.Core
	TargetDeployment   types.NamespacedName
	Deployment         *appsv1obj.Deployment
	ServiceAccount     *corev1obj.ServiceAccount
	ClusterRole        *rbacv1obj.ClusterRole
	ClusterRoleBinding *rbacv1obj.ClusterRoleBinding
	OwnerConfigMap     *corev1obj.ConfigMap
	Labels             map[string]string
}

func NewWebhookCertificateControllerDeps 

func NewWebhookCertificateControllerDeps(target types.NamespacedName, c *obj.Core) *WebhookCertificateControllerDeps

func (*WebhookCertificateControllerDeps) Configure 

func (wd *WebhookCertificateControllerDeps) Configure(ctx context.Context) error

func (*WebhookCertificateControllerDeps) Load 

func (d *WebhookCertificateControllerDeps) Load(ctx context.Context, cl client.Client) (bool, error)

func (*WebhookCertificateControllerDeps) Owned 

func (d *WebhookCertificateControllerDeps) Owned(ctx context.Context, owner lifecycle.TypedObject) error

func (*WebhookCertificateControllerDeps) Persist 

func (d *WebhookCertificateControllerDeps) Persist(ctx context.Context, cl client.Client) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.