Documentation
¶
Index ¶
- func Backend(k KubernetesInterface) *backend
- func K8sServiceAccountFactory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)
- type KubernetesInterface
- type KubernetesService
- func (k *KubernetesService) CreateRoleBinding(pluginConfig *PluginConfig, namespace string, serviceAccountName string, ...) (*RoleBindingDetails, error)
- func (k *KubernetesService) CreateServiceAccount(pluginConfig *PluginConfig, namespace string) (*ServiceAccountDetails, error)
- func (k *KubernetesService) DeleteRoleBinding(pluginConfig *PluginConfig, namespace string, roleBindingName string) error
- func (k *KubernetesService) DeleteServiceAccount(pluginConfig *PluginConfig, namespace string, serviceAccountName string) error
- func (k *KubernetesService) GetServiceAccountSecret(pluginConfig *PluginConfig, sa *ServiceAccountDetails) ([]*ServiceAccountSecret, error)
- type PluginConfig
- type RoleBindingDetails
- type ServiceAccountDetails
- type ServiceAccountSecret
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Backend ¶
func Backend(k KubernetesInterface) *backend
Backend instantiates the backend for the plugin
func K8sServiceAccountFactory ¶
func K8sServiceAccountFactory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)
K8sServiceAccountFactory inits a new instance of the plugin
Types ¶
type KubernetesInterface ¶
type KubernetesInterface interface {
// CreateServiceAccount creates a new service account
CreateServiceAccount(pluginConfig *PluginConfig, namespace string) (*ServiceAccountDetails, error)
// GetServiceAccountSecret retrieves the secrets for a newly created service account
GetServiceAccountSecret(pluginConfig *PluginConfig, sa *ServiceAccountDetails) ([]*ServiceAccountSecret, error)
// DeleteServiceAccount removes a services account from the Kubernetes server
DeleteServiceAccount(pluginConfig *PluginConfig, namespace string, serviceAccountName string) error
// CreateRoleBinding creates a new rolebinding for a service account in a specific namespace
CreateRoleBinding(pluginConfig *PluginConfig, namespace string, serviceAccountName string, roleName string) (*RoleBindingDetails, error)
// DeleteRoleBinding removes an existing role binding
DeleteRoleBinding(pluginConfig *PluginConfig, namespace string, roleBindingName string) error
}
KubernetesInterface defines the core functions for the Kubernetes integration
type KubernetesService ¶
type KubernetesService struct{}
KubernetesService is an empty struct to wrap the Kubernetes service functions
func (*KubernetesService) CreateRoleBinding ¶
func (k *KubernetesService) CreateRoleBinding(pluginConfig *PluginConfig, namespace string, serviceAccountName string, roleName string) (*RoleBindingDetails, error)
CreateRoleBinding creates a new rolebinding for a service account in a specific namespace
func (*KubernetesService) CreateServiceAccount ¶
func (k *KubernetesService) CreateServiceAccount(pluginConfig *PluginConfig, namespace string) (*ServiceAccountDetails, error)
CreateServiceAccount creates a new service account
func (*KubernetesService) DeleteRoleBinding ¶
func (k *KubernetesService) DeleteRoleBinding(pluginConfig *PluginConfig, namespace string, roleBindingName string) error
DeleteRoleBinding removes an existing role binding
func (*KubernetesService) DeleteServiceAccount ¶
func (k *KubernetesService) DeleteServiceAccount(pluginConfig *PluginConfig, namespace string, serviceAccountName string) error
DeleteServiceAccount removes a services account from the Kubernetes server
func (*KubernetesService) GetServiceAccountSecret ¶
func (k *KubernetesService) GetServiceAccountSecret(pluginConfig *PluginConfig, sa *ServiceAccountDetails) ([]*ServiceAccountSecret, error)
GetServiceAccountSecret retrieves the secrets for a newly created service account
type PluginConfig ¶
type PluginConfig struct {
MaxTTL int `json:"max_ttl"`
DefaulTTL int `json:"ttl"`
AdminRole string `json:"admin_role"`
EditorRole string `json:"editor_role"`
ViewerRole string `json:"viewer_role"`
ServiceAccountJWT string `json:"jwt"`
CACert string `json:"ca_cert"`
Host string `json:"host"`
}
PluginConfig contains all the configuration for the plugin
func (*PluginConfig) Validate ¶
func (c *PluginConfig) Validate() error
Validate validates the plugin config by checking all required values are correct
type RoleBindingDetails ¶
RoleBindingDetails contains the details of a RoleBinding
type ServiceAccountDetails ¶
ServiceAccountDetails contains the details for a service account
type ServiceAccountSecret ¶
ServiceAccountSecret contain the secrets for a service account
Source Files