controllers

package
v1.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 8, 2022 License: Apache-2.0 Imports: 30 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PodNameLabel           = "Name"
	PodUIDLabel            = "UID"
	PodNamespaceLabel      = "Namespace"
	PodServiceAccountLabel = "ServiceAccount"
	PodHostnameLabel       = "Hostname"
	PodNodeNameLabel       = "NodeName"
	DefaultSpiffeIDPath    = "ns/{{.Pod.Namespace}}/sa/{{.Pod.ServiceAccount}}"
)

Variables

This section is empty.

Functions

func NewManager 

func NewManager(leaderElection bool, leaderElectionResourceLock string, metricsBindAddr, webhookCertDir string, webhookPort int) (ctrl.Manager, error)

Types

type EndpointReconciler 

type EndpointReconciler struct {
	client.Client
	// contains filtered or unexported fields
}

EndpointReconciler holds the runtime configuration and state of this controller

func NewEndpointReconciler 

func NewEndpointReconciler(config EndpointReconcilerConfig) *EndpointReconciler

NewEndpointReconciler creates a new EndpointReconciler object

func (*EndpointReconciler) Reconcile 

func (e *EndpointReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile steps through the endpoints for each service and adds the name of the service as a DNS name to the SPIFFE ID CRD

func (*EndpointReconciler) SetupWithManager 

func (e *EndpointReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager adds a controller manager to manage this reconciler

type EndpointReconcilerConfig 

type EndpointReconcilerConfig struct {
	Client             client.Client
	DisabledNamespaces []string
	Log                logrus.FieldLogger
	PodLabel           string
	PodAnnotation      string
}

EndpointReconcilerConfig holds the config passed in when creating the reconciler

type IdentityMaps added in v1.0.2 

type IdentityMaps struct {
	Context map[string]string
	Pod     PodInfo
}

IdentityMaps is used for forming the text from the templates

type NodeReconciler 

type NodeReconciler struct {
	client.Client
	// contains filtered or unexported fields
}

NodeReconciler holds the runtime configuration and state of this controller

func NewNodeReconciler 

func NewNodeReconciler(config NodeReconcilerConfig) *NodeReconciler

NewNodeReconciler creates a new NodeReconciler object

func (*NodeReconciler) Reconcile 

func (n *NodeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile creates a SPIFFE ID for each node, used to parent SPIFFE IDs for pods running on that node

func (*NodeReconciler) SetupWithManager 

func (n *NodeReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager adds a controller manager to manage this reconciler

type NodeReconcilerConfig 

type NodeReconcilerConfig struct {
	Client      client.Client
	Cluster     string
	Log         logrus.FieldLogger
	Namespace   string
	Scheme      *runtime.Scheme
	TrustDomain string
}

NodeReconcilerConfig holds the config passed in when creating the reconciler

type PodInfo added in v1.0.2 

type PodInfo struct {
	ServiceAccount string
	Namespace      string
	Name           string
	UID            types.UID
	Hostname       string
	NodeName       string
}

PodInfo is created for every processed Pod and it holds pod specific information

type PodReconciler 

type PodReconciler struct {
	client.Client
	// contains filtered or unexported fields
}

PodReconciler holds the runtime configuration and state of this controller

func NewPodReconciler 

func NewPodReconciler(config PodReconcilerConfig) (*PodReconciler, error)

NewPodReconciler creates a new PodReconciler object

func (*PodReconciler) Reconcile 

func (r *PodReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile creates a new SPIFFE ID when pods are created

func (*PodReconciler) SetupWithManager 

func (r *PodReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager adds a controller manager to manage this reconciler

type PodReconcilerConfig 

type PodReconcilerConfig struct {
	Client                client.Client
	Cluster               string
	DisabledNamespaces    []string
	Log                   logrus.FieldLogger
	PodLabel              string
	PodAnnotation         string
	Scheme                *runtime.Scheme
	TrustDomain           string
	IdentityTemplate      string
	IdentityTemplateLabel string
	DNSNameTemplates      []string
	Context               map[string]string
}

PodReconcilerConfig holds the config passed in when creating the reconciler

type SpiffeIDReconciler 

type SpiffeIDReconciler struct {
	client.Client
	// contains filtered or unexported fields
}

SpiffeIDReconciler holds the runtime configuration and state of this controller

func NewSpiffeIDReconciler 

func NewSpiffeIDReconciler(config SpiffeIDReconcilerConfig) *SpiffeIDReconciler

NewSpiffeIDReconciler creates a new SpiffeIDReconciler object

func (*SpiffeIDReconciler) Reconcile 

func (r *SpiffeIDReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile ensures the SPIRE Server entry matches the corresponding CRD

func (*SpiffeIDReconciler) SetupWithManager 

func (r *SpiffeIDReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager adds a controller manager to manage this reconciler

type SpiffeIDReconcilerConfig 

type SpiffeIDReconcilerConfig struct {
	Client  client.Client
	Cluster string
	Log     logrus.FieldLogger
	E       entryv1.EntryClient
}

SpiffeIDReconcilerConfig holds the config passed in when creating the reconciler

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.