bindings

package
v0.2023.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2023 License: Apache-2.0 Imports: 15 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	SecretDataNotFoundError = errors.New("data not found")
)

Functions

This section is empty.

Types

type CheckPoint 

type CheckPoint struct {
	// contains filtered or unexported fields
}

CheckPoint is an opaque struct representing the state of the dependent objects at some point in time. It can be used in the DependentsHandler.RevertTo method to delete the secret/service accounts from the cluster that have been created after an instance of this struct has been returned from the DependentsHandler.CheckPoint method.

type Dependents 

type Dependents struct {
	Secret          *corev1.Secret
	ServiceAccounts []*corev1.ServiceAccount
}

Dependents represent the secret and the list of the service accounts that are linked to a deployment target of a dependents handler.

type DependentsHandler 

type DependentsHandler[K any] struct {
	Target           SecretDeploymentTarget
	SecretDataGetter SecretDataGetter[K]
	ObjectMarker     ObjectMarker
}

DependentsHandler is taking care of the dependent objects of the provided target.

func (*DependentsHandler[K]) CheckPoint 

func (d *DependentsHandler[K]) CheckPoint(ctx context.Context) (CheckPoint, error)

CheckPoint creates an instance of CheckPoint struct that captures the secret name and the list of known service account names from the deployment target associated with the DependentsHandler. This can later be used to revert back to that state again. See RevertTo for more details.

func (*DependentsHandler[K]) Cleanup 

func (d *DependentsHandler[K]) Cleanup(ctx context.Context) error

func (*DependentsHandler[K]) RevertTo 

func (d *DependentsHandler[K]) RevertTo(ctx context.Context, checkPoint CheckPoint) error

RevertTo reverts the reconciliation "transaction". I.e. this should be called after Sync in case the subsequent steps in the reconciliation fail and the operator needs to revert the changes made in sync so that the changes remain idempontent. The provided checkpoint represents the state obtained from the DependentsHandler.Target prior to making any changes by Sync(). Note that currently this method is only able to delete secrets/service accounts that should not be in the cluster. It cannot "undelete" what has been deleted from the cluster. That should be OK though because we don't delete stuff during the Sync call.

func (*DependentsHandler[K]) Sync 

func (d *DependentsHandler[K]) Sync(ctx context.Context, dataKey K) (*Dependents, string, error)

type ErrorReason 

type ErrorReason string
const (
	ErrorReasonNone ErrorReason = ""

	// XXX: note that this used to be used as:
	// - api.SPIAccessTokenBindingErrorReasonTokenSync originally in secretHandler.Sync
	ErrorReasonSecretUpdate ErrorReason = "SecretUpdate"
	// XXX: note that this used to be used as:
	// - api.SPIAccessTokenBindingErrorReasonServiceAccountUnavailable in ensureReferencedServiceAccount -> serviceAccountHandler.Sync
	ErrorReasonServiceAccountUnavailable ErrorReason = "ServiceAccountUnavailable"
	// XXX: note that this used to be used as:
	// - api.SPIAccessTokenBindingErrorReasonServiceAccountUpdate in ensureReferencedServiceAccount -> serviceAccountHandler.Sync
	// - api.SPIAccessTokenBindingErrorReasonTokenSync in ensureReferencedServiceAccount -> serviceAccountHandler.Sync
	ErrorReasonServiceAccountUpdate ErrorReason = "ServiceAccountUpdate"
)

type ObjectMarker 

type ObjectMarker interface {
	MarkManaged(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)
	UnmarkManaged(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)
	MarkReferenced(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)
	UnmarkReferenced(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)
	IsManagedBy(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)
	IsReferencedBy(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)
	ListManagedOptions(ctx context.Context, taget client.ObjectKey) ([]client.ListOption, error)
	ListReferencedOptions(ctx context.Context, target client.ObjectKey) ([]client.ListOption, error)
	GetReferencingTargets(ctx context.Context, obj client.Object) ([]client.ObjectKey, error)
}

ObjectMarker is used to mark or unmark some object with a link to the target.

type SecretDataGetter 

type SecretDataGetter[K any] interface {
	// GetData returns the secret data from the backend storage given the key. If the data is not found, this method
	// MUST return the SecretDataNotFoundError.
	GetData(ctx context.Context, secretDataKey K) (data map[string][]byte, errorReason string, err error)
}

SecretDataGetter is an abstraction that, given the provided key, is able to obtain the secret data from some kind of backing secret storage and prepare it in some way or fashion to be ready for persisting as the Data field of a Kubernetes secret.

type SecretDeploymentTarget 

type SecretDeploymentTarget interface {
	// GetClient returns the client to use when connecting to the target "destination" to deploy the dependent objects to.
	GetClient() client.Client
	// GetType returns the type of the secret deployment target object.
	GetType() string
	// GetTargetObjectKey is the location of the object that describes the target.
	GetTargetObjectKey() client.ObjectKey
	// GetTargetNamespace specifies the namespace to which the secret and service accounts
	// should be deployed to.
	GetTargetNamespace() string
	// GetSpec gives the spec from which the secrets and service accounts should be created.
	GetSpec() api.LinkableSecretSpec
	// GetActualSecretName returns the actual name of the secret, if any (as opposed to the
	// configured name from the spec, which may not fully represent what's in the cluster
	// if for example GenerateName is used).
	GetActualSecretName() string
	// GetActualServiceAccountNames returns the names of the service accounts that the spec
	// configures.
	GetActualServiceAccountNames() []string
}

SecretDeploymentTarget, together with SecretBuilder and ObjectMarker, represents a method of obtaining enough information for the DependentsHandler to be able to deliver the secrets and service accounts to some "target" place in (some) K8s cluster.

type TestDeploymentTarget 

type TestDeploymentTarget struct {
	GetClientImpl                    func() client.Client
	GetTypeImpl                      func() string
	GetTargetObjectKeyImpl           func() client.ObjectKey
	GetTargetNamespaceImpl           func() string
	GetSpecImpl                      func() api.LinkableSecretSpec
	GetActualSecretNameImpl          func() string
	GetActualServiceAccountNamesImpl func() []string
}

func (*TestDeploymentTarget) GetActualSecretName 

func (t *TestDeploymentTarget) GetActualSecretName() string

GetActualSecretName implements SecretDeploymentTarget

func (*TestDeploymentTarget) GetActualServiceAccountNames 

func (t *TestDeploymentTarget) GetActualServiceAccountNames() []string

GetActualServiceAccountNames implements SecretDeploymentTarget

func (*TestDeploymentTarget) GetClient 

func (t *TestDeploymentTarget) GetClient() client.Client

GetClient implements SecretDeploymentTarget

func (*TestDeploymentTarget) GetSpec 

func (t *TestDeploymentTarget) GetSpec() api.LinkableSecretSpec

GetSpec implements SecretDeploymentTarget

func (*TestDeploymentTarget) GetTargetNamespace 

func (t *TestDeploymentTarget) GetTargetNamespace() string

GetTargetNamespace implements SecretDeploymentTarget

func (*TestDeploymentTarget) GetTargetObjectKey 

func (t *TestDeploymentTarget) GetTargetObjectKey() client.ObjectKey

GetTargetObjectKey implements SecretDeploymentTarget

func (*TestDeploymentTarget) GetType 

func (t *TestDeploymentTarget) GetType() string

GetType implements SecretDeploymentTarget

type TestObjectMarker 

type TestObjectMarker struct {
	IsManagedByImpl           func(context.Context, client.ObjectKey, client.Object) (bool, error)
	IsManagedByOtherImpl      func(context.Context, client.Object) (bool, error)
	IsReferencedByImpl        func(context.Context, client.ObjectKey, client.Object) (bool, error)
	ListManagedOptionsImpl    func(context.Context, client.ObjectKey) ([]client.ListOption, error)
	ListReferencedOptionsImpl func(context.Context, client.ObjectKey) ([]client.ListOption, error)
	MarkManagedImpl           func(context.Context, client.ObjectKey, client.Object) (bool, error)
	MarkReferencedImpl        func(context.Context, client.ObjectKey, client.Object) (bool, error)
	UnmarkManagedImpl         func(context.Context, client.ObjectKey, client.Object) (bool, error)
	UnmarkReferencedImpl      func(context.Context, client.ObjectKey, client.Object) (bool, error)
	GetReferencingTargetsImpl func(context.Context, client.Object) ([]client.ObjectKey, error)
}

func (*TestObjectMarker) GetReferencingTargets 

func (m *TestObjectMarker) GetReferencingTargets(ctx context.Context, obj client.Object) ([]types.NamespacedName, error)

GetReferencingTarget implements ObjectMarker

func (*TestObjectMarker) IsManagedBy 

func (m *TestObjectMarker) IsManagedBy(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)

IsManaged implements ObjectMarker

func (*TestObjectMarker) IsManagedByOther 

func (m *TestObjectMarker) IsManagedByOther(ctx context.Context, obj client.Object) (bool, error)

IsManagedByOther implements ObjectMarker

func (*TestObjectMarker) IsReferencedBy 

func (m *TestObjectMarker) IsReferencedBy(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)

IsReferenced implements ObjectMarker

func (*TestObjectMarker) ListManagedOptions 

func (m *TestObjectMarker) ListManagedOptions(ctx context.Context, target client.ObjectKey) ([]client.ListOption, error)

ListManagedOptions implements ObjectMarker

func (*TestObjectMarker) ListReferencedOptions 

func (m *TestObjectMarker) ListReferencedOptions(ctx context.Context, target client.ObjectKey) ([]client.ListOption, error)

ListReferencedOptions implements ObjectMarker

func (*TestObjectMarker) MarkManaged 

func (m *TestObjectMarker) MarkManaged(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)

MarkManaged implements ObjectMarker

func (*TestObjectMarker) MarkReferenced 

func (m *TestObjectMarker) MarkReferenced(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)

MarkReferenced implements ObjectMarker

func (*TestObjectMarker) UnmarkManaged 

func (m *TestObjectMarker) UnmarkManaged(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)

UnmarkManaged implements ObjectMarker

func (*TestObjectMarker) UnmarkReferenced 

func (m *TestObjectMarker) UnmarkReferenced(ctx context.Context, target client.ObjectKey, obj client.Object) (bool, error)

UnmarkReferenced implements ObjectMarker

type TestSecretDataGetter 

type TestSecretDataGetter[K any] struct {
	GetDataImpl func(context.Context, K) (map[string][]byte, string, error)
}

func (*TestSecretDataGetter[K]) GetData 

func (g *TestSecretDataGetter[K]) GetData(ctx context.Context, secretDataKey K) (data map[string][]byte, errorReason string, err error)

GetData implements SecretBuilder

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.