v1

package
v1.7.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 12, 2021 License: MIT Imports: 6 Imported by: 2

Documentation

Index

Constants

View Source
const (
	// CRDGroup is the group name of aad-pod-identity CRDs.
	CRDGroup = "aadpodidentity.k8s.io"

	// CRDVersion is the version of the CRD group.
	CRDVersion = "v1"

	// CRDLabelKey is the
	CRDLabelKey = "aadpodidbinding"

	// BehaviorKey is the key that describes the behavior of aad-pod-identity.
	// Supported values:
	// namespaced - used for running in namespaced mode. AzureIdentity,
	//              AzureIdentityBinding and pod in the same namespace
	//              will only be matched for this behavior.
	BehaviorKey = "aadpodidentity.k8s.io/Behavior"

	// BehaviorNamespaced indicates that aad-pod-identity is behaving in namespaced mode.
	BehaviorNamespaced = "namespaced"

	// AssignedIDCreated indicates that an AzureAssignedIdentity is created.
	AssignedIDCreated = "Created"

	// AssignedIDAssigned indicates that an identity has been assigned to the node.
	AssignedIDAssigned = "Assigned"

	// AssignedIDUnAssigned indicates that an identity has been unassigned from the node.
	AssignedIDUnAssigned = "Unassigned"
)
View Source
const (
	// AzureIDResource is the name of AzureIdentity.
	AzureIDResource = "azureidentities"

	// AzureIDBindingResource is the name of AzureIdentityBinding.
	AzureIDBindingResource = "azureidentitybindings"

	// AzureAssignedIDResource is the name of AzureAssignedIdentity.
	AzureAssignedIDResource = "azureassignedidentities"

	// AzurePodIdentityExceptionResource is the name of AzureIdentityException.
	AzurePodIdentityExceptionResource = "azurepodidentityexceptions"
)
View Source
const GroupName = "aadpodidentity.k8s.io"

GroupName is the group name use in this package

Variables

View Source
var (
	// We only register manually written functions here. The registration of the
	// generated functions takes place in the generated files. The separation
	// makes the code compile even when the generated files are missing.
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}

SchemeGroupVersion is group version used to register these objects

Functions

func ConvertV1AssignedIdentityToInternalAssignedIdentity

func ConvertV1AssignedIdentityToInternalAssignedIdentity(assignedIdentity AzureAssignedIdentity) (resAssignedIdentity aadpodid.AzureAssignedIdentity)

ConvertV1AssignedIdentityToInternalAssignedIdentity converts v1.AzureAssignedIdentity to an internal AzureAssignedIdentity type.

func ConvertV1BindingToInternalBinding

func ConvertV1BindingToInternalBinding(identityBinding AzureIdentityBinding) (resIdentityBinding aadpodid.AzureIdentityBinding)

ConvertV1BindingToInternalBinding converts v1.AzureIdentityBinding to an internal AzureIdentityBinding type.

func ConvertV1IdentityToInternalIdentity

func ConvertV1IdentityToInternalIdentity(identity AzureIdentity) (resIdentity aadpodid.AzureIdentity)

ConvertV1IdentityToInternalIdentity converts v1.AzureIdentity to an internal AzureIdentity type.

func ConvertV1PodIdentityExceptionToInternalPodIdentityException

func ConvertV1PodIdentityExceptionToInternalPodIdentityException(idException AzurePodIdentityException) (residException aadpodid.AzurePodIdentityException)

ConvertV1PodIdentityExceptionToInternalPodIdentityException converts v1.AzurePodIdentityException to an internal AzurePodIdentityException type.

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type AssignedIDState

type AssignedIDState int

AssignedIDState represents the state of an AzureAssignedIdentity

const (
	// Created - Default state of the assigned identity
	Created AssignedIDState = 0

	// Assigned - When the underlying platform assignment of
	// managed identity is complete, the state moves to assigned
	Assigned AssignedIDState = 1
)

type AzureAssignedIdentity

type AzureAssignedIdentity struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzureAssignedIdentitySpec   `json:"spec"`
	Status AzureAssignedIdentityStatus `json:"status"`
}

AzureAssignedIdentity contains the identity <-> pod mapping which is matched. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func ConvertInternalAssignedIdentityToV1AssignedIdentity

func ConvertInternalAssignedIdentityToV1AssignedIdentity(assignedIdentity aadpodid.AzureAssignedIdentity) (resAssignedIdentity AzureAssignedIdentity)

ConvertInternalAssignedIdentityToV1AssignedIdentity converts an internal AzureAssignedIdentity type to v1.AzureAssignedIdentity.

func (*AzureAssignedIdentity) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentity.

func (*AzureAssignedIdentity) DeepCopyInto

func (in *AzureAssignedIdentity) DeepCopyInto(out *AzureAssignedIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureAssignedIdentity) DeepCopyObject

func (in *AzureAssignedIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureAssignedIdentityList

type AzureAssignedIdentityList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzureAssignedIdentity `json:"items"`
}

AzureAssignedIdentityList contains a list of AzureAssignedIdentities. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureAssignedIdentityList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentityList.

func (*AzureAssignedIdentityList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureAssignedIdentityList) DeepCopyObject

func (in *AzureAssignedIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureAssignedIdentitySpec

type AzureAssignedIdentitySpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AzureIdentityRef  *AzureIdentity        `json:"azureIdentityRef"`
	AzureBindingRef   *AzureIdentityBinding `json:"azureBindingRef"`
	Pod               string                `json:"pod"`
	PodNamespace      string                `json:"podNamespace"`
	NodeName          string                `json:"nodename"`

	Replicas *int32 `json:"replicas"`
}

AzureAssignedIdentitySpec contains the relationship between an AzureIdentity and an AzureIdentityBinding.

func (*AzureAssignedIdentitySpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentitySpec.

func (*AzureAssignedIdentitySpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureAssignedIdentityStatus

type AzureAssignedIdentityStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Status            string `json:"status"`
	AvailableReplicas int32  `json:"availableReplicas"`
}

AzureAssignedIdentityStatus contains the replica status of the resource.

func (*AzureAssignedIdentityStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentityStatus.

func (*AzureAssignedIdentityStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentity

type AzureIdentity struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzureIdentitySpec   `json:"spec"`
	Status AzureIdentityStatus `json:"status"`
}

AzureIdentity is the specification of the identity data structure. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func ConvertInternalIdentityToV1Identity

func ConvertInternalIdentityToV1Identity(identity aadpodid.AzureIdentity) (resIdentity AzureIdentity)

ConvertInternalIdentityToV1Identity converts an internal AzureIdentity type to v1.AzureIdentity.

func (*AzureIdentity) DeepCopy

func (in *AzureIdentity) DeepCopy() *AzureIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentity.

func (*AzureIdentity) DeepCopyInto

func (in *AzureIdentity) DeepCopyInto(out *AzureIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentity) DeepCopyObject

func (in *AzureIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentityBinding

type AzureIdentityBinding struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzureIdentityBindingSpec   `json:"spec"`
	Status AzureIdentityBindingStatus `json:"status"`
}

AzureIdentityBinding brings together the spec of matching pods and the identity which they can use. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func ConvertInternalBindingToV1Binding

func ConvertInternalBindingToV1Binding(identityBinding aadpodid.AzureIdentityBinding) (resIdentityBinding AzureIdentityBinding)

ConvertInternalBindingToV1Binding converts an internal AzureIdentityBinding type to v1.AzureIdentityBinding.

func (*AzureIdentityBinding) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBinding.

func (*AzureIdentityBinding) DeepCopyInto

func (in *AzureIdentityBinding) DeepCopyInto(out *AzureIdentityBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentityBinding) DeepCopyObject

func (in *AzureIdentityBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentityBindingList

type AzureIdentityBindingList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzureIdentityBinding `json:"items"`
}

AzureIdentityBindingList contains a list of AzureIdentityBindings. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureIdentityBindingList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBindingList.

func (*AzureIdentityBindingList) DeepCopyInto

func (in *AzureIdentityBindingList) DeepCopyInto(out *AzureIdentityBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentityBindingList) DeepCopyObject

func (in *AzureIdentityBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentityBindingSpec

type AzureIdentityBindingSpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AzureIdentity     string `json:"azureIdentity"`
	Selector          string `json:"selector"`
	// Weight is used to figure out which of the matching identities would be selected.
	Weight int `json:"weight"`
}

AzureIdentityBindingSpec matches the pod with the Identity. Used to indicate the potential matches to look for between the pod/deployment and the identities present.

func (*AzureIdentityBindingSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBindingSpec.

func (*AzureIdentityBindingSpec) DeepCopyInto

func (in *AzureIdentityBindingSpec) DeepCopyInto(out *AzureIdentityBindingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentityBindingStatus

type AzureIdentityBindingStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AvailableReplicas int32 `json:"availableReplicas"`
}

AzureIdentityBindingStatus contains the status of an AzureIdentityBinding.

func (*AzureIdentityBindingStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBindingStatus.

func (*AzureIdentityBindingStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentityList

type AzureIdentityList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzureIdentity `json:"items"`
}

AzureIdentityList contains a list of AzureIdentities. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureIdentityList) DeepCopy

func (in *AzureIdentityList) DeepCopy() *AzureIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityList.

func (*AzureIdentityList) DeepCopyInto

func (in *AzureIdentityList) DeepCopyInto(out *AzureIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentityList) DeepCopyObject

func (in *AzureIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentitySpec

type AzureIdentitySpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// UserAssignedMSI or Service Principal
	Type IdentityType `json:"type"`

	// User assigned MSI resource id.
	ResourceID string `json:"resourceID"`
	// Both User Assigned MSI and SP can use this field.
	ClientID string `json:"clientID"`

	// Used for service principal
	ClientPassword api.SecretReference `json:"clientPassword"`
	// Service principal primary tenant id.
	TenantID string `json:"tenantID"`
	// Service principal auxiliary tenant ids
	AuxiliaryTenantIDs []string `json:"auxiliaryTenantIDs"`
	// For service principal. Option param for specifying the  AD details.
	ADResourceID string `json:"adResourceID"`
	ADEndpoint   string `json:"adEndpoint"`

	Replicas *int32 `json:"replicas"`
}

AzureIdentitySpec describes the credential specifications of an identity on Azure.

func (*AzureIdentitySpec) DeepCopy

func (in *AzureIdentitySpec) DeepCopy() *AzureIdentitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentitySpec.

func (*AzureIdentitySpec) DeepCopyInto

func (in *AzureIdentitySpec) DeepCopyInto(out *AzureIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentityStatus

type AzureIdentityStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AvailableReplicas int32 `json:"availableReplicas"`
}

AzureIdentityStatus contains the replica status of the resource.

func (*AzureIdentityStatus) DeepCopy

func (in *AzureIdentityStatus) DeepCopy() *AzureIdentityStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityStatus.

func (*AzureIdentityStatus) DeepCopyInto

func (in *AzureIdentityStatus) DeepCopyInto(out *AzureIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzurePodIdentityException

type AzurePodIdentityException struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzurePodIdentityExceptionSpec   `json:"spec"`
	Status AzurePodIdentityExceptionStatus `json:"status"`
}

AzurePodIdentityException contains the pod selectors for all pods that don't require NMI to process and request token on their behalf. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzurePodIdentityException) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityException.

func (*AzurePodIdentityException) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzurePodIdentityException) DeepCopyObject

func (in *AzurePodIdentityException) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzurePodIdentityExceptionList

type AzurePodIdentityExceptionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzurePodIdentityException `json:"items"`
}

AzurePodIdentityExceptionList contains a list of AzurePodIdentityExceptions. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzurePodIdentityExceptionList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityExceptionList.

func (*AzurePodIdentityExceptionList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzurePodIdentityExceptionList) DeepCopyObject

func (in *AzurePodIdentityExceptionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzurePodIdentityExceptionSpec

type AzurePodIdentityExceptionSpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	PodLabels         map[string]string `json:"podLabels"`
}

AzurePodIdentityExceptionSpec matches pods with the selector defined. If request originates from a pod that matches the selector, nmi will proxy the request and send response back without any validation.

func (*AzurePodIdentityExceptionSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityExceptionSpec.

func (*AzurePodIdentityExceptionSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzurePodIdentityExceptionStatus

type AzurePodIdentityExceptionStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Status            string `json:"status"`
}

AzurePodIdentityExceptionStatus contains the status of an AzurePodIdentityException.

func (*AzurePodIdentityExceptionStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityExceptionStatus.

func (*AzurePodIdentityExceptionStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IdentityType

type IdentityType int

IdentityType represents different types of identities. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

const (
	// UserAssignedMSI represents a user-assigned identity.
	UserAssignedMSI IdentityType = 0

	// ServicePrincipal represents a service principal.
	ServicePrincipal IdentityType = 1
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL