Documentation
¶
Index ¶
- Variables
- type NotifyingTokenStorage
- func (n NotifyingTokenStorage) Delete(ctx context.Context, owner *api.SPIAccessToken) error
- func (n NotifyingTokenStorage) Get(ctx context.Context, owner *api.SPIAccessToken) (token *api.Token, err error)
- func (n NotifyingTokenStorage) Initialize(ctx context.Context) error
- func (n NotifyingTokenStorage) Store(ctx context.Context, owner *api.SPIAccessToken, token *api.Token) error
- type TestTokenStorage
- func (t TestTokenStorage) Delete(ctx context.Context, owner *api.SPIAccessToken) error
- func (t TestTokenStorage) Get(ctx context.Context, owner *api.SPIAccessToken) (*api.Token, error)
- func (t TestTokenStorage) Initialize(ctx context.Context) error
- func (t TestTokenStorage) Store(ctx context.Context, owner *api.SPIAccessToken, token *api.Token) error
- type TokenStorage
- func CreateTestVaultTokenStorage(t vtesting.T) (*vault.TestCluster, TokenStorage)
- func CreateTestVaultTokenStorageWithAuth(t vtesting.T) (*vault.TestCluster, TokenStorage, string, string)
- func NewSecretsStorage(cl client.Client) (TokenStorage, error)
- func NewVaultStorage(vaultTokenStorageConfig *VaultStorageConfig) (TokenStorage, error)
- type VaultAuthMethod
- type VaultCliArgs
- type VaultStorageConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var (
VaultError = errors.New("error in Vault")
)
View Source
var VaultUnknownAuthMethodError = errors.New("unknown Vault authentication method")
Functions ¶
This section is empty.
Types ¶
type NotifyingTokenStorage ¶ added in v0.3.0
type NotifyingTokenStorage struct {
// Client is the kubernetes client to use to create the v1beta1.SPIAccessTokenDataUpdate objects.
Client client.Client
// TokenStorage is the token storage to delegate the actual storage operations to.
TokenStorage TokenStorage
}
NotifyingTokenStorage is a wrapper around TokenStorage that also automatically creates the v1beta1.SPIAccessTokenDataUpdate objects.
func (NotifyingTokenStorage) Delete ¶ added in v0.3.0
func (n NotifyingTokenStorage) Delete(ctx context.Context, owner *api.SPIAccessToken) error
func (NotifyingTokenStorage) Get ¶ added in v0.3.0
func (n NotifyingTokenStorage) Get(ctx context.Context, owner *api.SPIAccessToken) (token *api.Token, err error)
func (NotifyingTokenStorage) Initialize ¶ added in v0.8.1
func (n NotifyingTokenStorage) Initialize(ctx context.Context) error
func (NotifyingTokenStorage) Store ¶ added in v0.3.0
func (n NotifyingTokenStorage) Store(ctx context.Context, owner *api.SPIAccessToken, token *api.Token) error
type TestTokenStorage ¶ added in v0.3.0
type TestTokenStorage struct {
InitializeImpl func(context.Context) error
StoreImpl func(context.Context, *api.SPIAccessToken, *api.Token) error
GetImpl func(ctx context.Context, token *api.SPIAccessToken) (*api.Token, error)
DeleteImpl func(context.Context, *api.SPIAccessToken) error
}
func (TestTokenStorage) Delete ¶ added in v0.3.0
func (t TestTokenStorage) Delete(ctx context.Context, owner *api.SPIAccessToken) error
func (TestTokenStorage) Get ¶ added in v0.3.0
func (t TestTokenStorage) Get(ctx context.Context, owner *api.SPIAccessToken) (*api.Token, error)
func (TestTokenStorage) Initialize ¶ added in v0.8.1
func (t TestTokenStorage) Initialize(ctx context.Context) error
func (TestTokenStorage) Store ¶ added in v0.3.0
func (t TestTokenStorage) Store(ctx context.Context, owner *api.SPIAccessToken, token *api.Token) error
type TokenStorage ¶
type TokenStorage interface {
Initialize(ctx context.Context) error
Store(ctx context.Context, owner *api.SPIAccessToken, token *api.Token) error
Get(ctx context.Context, owner *api.SPIAccessToken) (*api.Token, error)
Delete(ctx context.Context, owner *api.SPIAccessToken) error
}
TokenStorage is a simple interface on top of Kubernetes client to perform CRUD operations on the tokens. This is done so that we can provide either secret-based or Vault-based implementation.
func CreateTestVaultTokenStorage ¶ added in v0.3.0
func CreateTestVaultTokenStorage(t vtesting.T) (*vault.TestCluster, TokenStorage)
func CreateTestVaultTokenStorageWithAuth ¶ added in v0.8.1
func CreateTestVaultTokenStorageWithAuth(t vtesting.T) (*vault.TestCluster, TokenStorage, string, string)
func NewSecretsStorage ¶ added in v0.3.0
func NewSecretsStorage(cl client.Client) (TokenStorage, error)
NewSecretsStorage creates a new `TokenStorage` instance using the provided Kubernetes client.
func NewVaultStorage ¶ added in v0.3.0
func NewVaultStorage(vaultTokenStorageConfig *VaultStorageConfig) (TokenStorage, error)
NewVaultStorage creates a new `TokenStorage` instance using the provided Vault instance.
type VaultAuthMethod ¶ added in v0.7.0
type VaultAuthMethod string
const ( VaultAuthMethodKubernetes VaultAuthMethod = "kubernetes" VaultAuthMethodApprole VaultAuthMethod = "approle" )
type VaultCliArgs ¶ added in v0.7.3
type VaultCliArgs struct {
VaultHost string `arg:"--vault-host, env" default:"http://spi-vault:8200" help:"Vault host URL. Default is internal kubernetes service."`
VaultInsecureTLS bool `arg:"--vault-insecure-tls, env" default:"false" help:"Whether is allowed or not insecure vault tls connection."`
VaultAuthMethod VaultAuthMethod `` /* 135-byte string literal not displayed */
VaultApproleRoleIdFilePath string `` /* 131-byte string literal not displayed */
VaultApproleSecretIdFilePath string `` /* 137-byte string literal not displayed */
VaultKubernetesSATokenFilePath string `` /* 274-byte string literal not displayed */
VaultKubernetesRole string `` /* 132-byte string literal not displayed */
}
type VaultStorageConfig ¶ added in v0.7.0
type VaultStorageConfig struct {
Host string
AuthType VaultAuthMethod
Insecure bool
Role string
ServiceAccountTokenFilePath string
RoleIdFilePath string
SecretIdFilePath string
}
func VaultStorageConfigFromCliArgs ¶ added in v0.7.3
func VaultStorageConfigFromCliArgs(args *VaultCliArgs) *VaultStorageConfig
Source Files
Click to show internal directories.
Click to hide internal directories.