azure

package

v0.25.0-rc1 Latest Latest Go to latest Published: Sep 13, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/radius-project/radius

Documentation ¶

Index ¶

Constants
func MakeAzureFileShareVolumeSpec(volumeName string, persistentVolume *datamodel.PersistentVolume, ...) (corev1.Volume, corev1.VolumeMount, error)
func MakeFederatedIdentity(name string, envOpt *renderers.EnvironmentOptions) (*rpv1.OutputResource, error)
func MakeKeyVaultSecretProviderClass(appName, name string, res *datamodel.VolumeResource, objSpec string, ...) (*rpv1.OutputResource, error)
func MakeKeyVaultVolumeSpec(volumeName string, mountPath, spcName string) (corev1.Volume, corev1.VolumeMount, error)
func MakeManagedIdentity(name string, cloudProvider *datamodel.Providers) (*rpv1.OutputResource, error)
func MakeResourceName(prefix, name, separator string) string
func MakeRoleAssignments(azResourceID string, roleNames []string) ([]rpv1.OutputResource, []string)
func SetWorkloadIdentityServiceAccount(base *corev1.ServiceAccount) *rpv1.OutputResource
func TransformFederatedIdentitySA(ctx context.Context, options *handlers.PutOptions) error
func TransformSecretProviderClass(ctx context.Context, options *handlers.PutOptions) error

Constants ¶

View Source

const (

	// AzureWorkloadIdentityUseKey represents the key of azure workload identity to enable in Pod and SA.
	// https://azure.github.io/azure-workload-identity/docs/topics/service-account-labels-and-annotations.html?highlight=azure.workload.identity#pod
	AzureWorkloadIdentityUseKey = "azure.workload.identity/use"
)

View Source

const (
	// Separator represents the resource name separator.
	Separator = "-"
)

Variables ¶

This section is empty.

Functions ¶

func MakeAzureFileShareVolumeSpec ¶

func MakeAzureFileShareVolumeSpec(volumeName string, persistentVolume *datamodel.PersistentVolume, applicationName string, options renderers.RenderOptions) (corev1.Volume, corev1.VolumeMount, error)

MakeAzureFileShareVolumeSpec creates a Volume and VolumeMount spec for an Azure File Share and returns them along with an error if one occurs. TODO: This is unused code now. We will enable file share later.

func MakeFederatedIdentity ¶

func MakeFederatedIdentity(name string, envOpt *renderers.EnvironmentOptions) (*rpv1.OutputResource, error)

MakeFederatedIdentity creates an OutputResource object with the necessary fields to create a Federated Identity in Azure (aka workload identity), and returns an error if the OIDC Issuer URL or namespace is not specified.

func MakeKeyVaultSecretProviderClass ¶

func MakeKeyVaultSecretProviderClass(appName, name string, res *datamodel.VolumeResource, objSpec string, envOpt *renderers.EnvironmentOptions) (*rpv1.OutputResource, error)

MakeKeyVaultSecretProviderClass creates a SecretProviderClass object for an Azure KeyVault resource and returns an OutputResource with the ServiceAccount as a dependency.

func MakeKeyVaultVolumeSpec ¶

func MakeKeyVaultVolumeSpec(volumeName string, mountPath, spcName string) (corev1.Volume, corev1.VolumeMount, error)

MakeKeyVaultVolumeSpec creates a Volume and VolumeMount spec for a secret store volume using the given volumeName, mountPath and spcName and returns them along with a nil error.

func MakeManagedIdentity ¶

func MakeManagedIdentity(name string, cloudProvider *datamodel.Providers) (*rpv1.OutputResource, error)

MakeManagedIdentity parses the Azure Provider scope and creates an OutputResource with the parsed subscription ID and resource group, and the given name. It returns an error if the scope is invalid or if the environment providers are not specified.

func MakeResourceName ¶

func MakeResourceName(prefix, name, separator string) string

MakeResourceName creates a normalized resource name by combining the prefix, name and separator. For instance, when user uses keyvault persistent volume, RP will auto-provision per-container managed identity in the resource group which is specified by environment resource. In this case, RP uses application name as prefix to avoid the name conflict in the same resource group.

func MakeRoleAssignments ¶

func MakeRoleAssignments(azResourceID string, roleNames []string) ([]rpv1.OutputResource, []string)

MakeRoleAssignments creates OutputResources and Dependencies for each roleName in the roleNames slice, and adds them to the outputResources and deps slices respectively.

func SetWorkloadIdentityServiceAccount ¶

func SetWorkloadIdentityServiceAccount(base *corev1.ServiceAccount) *rpv1.OutputResource

SetWorkloadIdentityServiceAccount creates a ServiceAccount with descriptive labels and placeholder annotations for Azure Workload Identity, and returns an OutputResource with the ServiceAccount and a dependency on the FederatedIdentity.

func TransformFederatedIdentitySA ¶

func TransformFederatedIdentitySA(ctx context.Context, options *handlers.PutOptions) error

TransformFederatedIdentitySA extracts the identity info from the request and adds it to the ServiceAccount annotations.

func TransformSecretProviderClass ¶

func TransformSecretProviderClass(ctx context.Context, options *handlers.PutOptions) error

TransformSecretProviderClass updates the clientID and tenantID for azure workload identity.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL