Documentation
¶
Index ¶
- func AugmentConfiguration(config *rest.Config)
- func ExtractTokenFromAuthorizationHeader(authHeader string) string
- func NamespaceFromContext(ctx context.Context) (string, bool)
- func NamespaceIntoContext(ctx context.Context, namespace string) context.Context
- func WithAuthFromRequestIntoContext(r *http.Request, ctx context.Context) (context.Context, error)
- func WithAuthIntoContext(bearerToken string, ctx context.Context) context.Context
- type InClusterK8sClientFactory
- type K8sClientFactoryBuilder
- type UserAuthK8sClientFactory
- type WorkspaceAwareK8sClientFactory
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AugmentConfiguration ¶
AugmentConfiguration modifies the provided Kubernetes client configuration such that it uses bearer tokens stored in the context using the WithAuthFromRequestIntoContext or WithAuthIntoContext functions.
func ExtractTokenFromAuthorizationHeader ¶
ExtractTokenFromAuthorizationHeader extracts the token value from the authorization header assumed to be formatted as a bearer token.
func NamespaceIntoContext ¶
func WithAuthFromRequestIntoContext ¶
WithAuthFromRequestIntoContext looks into the provided HTTP request and stores the bearer token from that request's Authorization header into the returned context which is based on the provided context. If used with a client constructed from configuration augmented using the AugmentConfiguration function, the requests to the Kubernetes API will be authenticated using this token.
To link the contexts, you can reuse the context of the provided request: WithAuthFromRequestIntoContext(req, req.Context())
func WithAuthIntoContext ¶
WithAuthIntoContext stores the provided bearer token into the returned context which is based on the provided context. If used with a client constructed from configuration augmented using the AugmentConfiguration function, the requests to the Kubernetes API will be authenticated using this token.
Types ¶
type InClusterK8sClientFactory ¶
InClusterK8sClientFactory produces instances of the clients that works on behalf of SPI SA; (it's quite ok to get just one instance of the client from that factory and pass it to all the consumers)
func (InClusterK8sClientFactory) CreateClient ¶
type K8sClientFactoryBuilder ¶
type K8sClientFactoryBuilder struct {
Args cli.OAuthServiceCliArgs
}
K8sClientFactoryBuilder allows to construct different types of K8S client factories
func (K8sClientFactoryBuilder) CreateInClusterClientFactory ¶
func (r K8sClientFactoryBuilder) CreateInClusterClientFactory() (clientFactory kubernetesclient.K8sClientFactory, err error)
func (K8sClientFactoryBuilder) CreateUserAuthClientFactory ¶
func (r K8sClientFactoryBuilder) CreateUserAuthClientFactory() (clientFactory kubernetesclient.K8sClientFactory, err error)
type UserAuthK8sClientFactory ¶
UserAuthK8sClientFactory is produces instances of the client which works on behalf of the user (i.e. using his token for authentication) but it is not the workspace-aware. It is used in workspace-less environments like minikube or integration tests etc
func (UserAuthK8sClientFactory) CreateClient ¶
type WorkspaceAwareK8sClientFactory ¶
type WorkspaceAwareK8sClientFactory struct {
ClientOptions *client.Options
RestConfig *rest.Config
ApiServer string
HTTPClient rest.HTTPClient
}
WorkspaceAwareK8sClientFactory is a K8S client factory, which is authenticates on server via user token, but it uses the custom API server URL and sets the workspace path in the requests to the cluster, by consuming the namespace in the context when new client instance is created.
Source Files