supervisorconfig

package

v0.2.0 Latest Latest Go to latest Published: Nov 3, 2020 License: Apache-2.0 Imports: 28 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vmware-tanzu/pinniped

Links

Open Source Insights

Documentation ¶

Index ¶

func NewJWKSObserverController(issuerToJWKSSetter IssuerToJWKSMapSetter, ...) controllerlib.Controller
func NewJWKSWriterController(jwksSecretLabels map[string]string, kubeClient kubernetes.Interface, ...) controllerlib.Controller
func NewOIDCProviderWatcherController(providerSetter ProvidersSetter, clock clock.Clock, ...) controllerlib.Controller
func NewTLSCertObserverController(issuerTLSCertSetter IssuerTLSCertSetter, ...) controllerlib.Controller
type IssuerTLSCertSetter
type IssuerToJWKSMapSetter
type ProvidersSetter

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewJWKSObserverController ¶

func NewJWKSObserverController(
	issuerToJWKSSetter IssuerToJWKSMapSetter,
	secretInformer corev1informers.SecretInformer,
	oidcProviderInformer v1alpha1.OIDCProviderInformer,
	withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller

Returns a controller which watches all of the OIDCProviders and their corresponding Secrets and fills an in-memory cache of the JWKS info for each currently configured issuer. This controller assumes that the informers passed to it are already scoped down to the appropriate namespace. It also assumes that the IssuerToJWKSMapSetter passed to it has an underlying implementation which is thread-safe.

func NewJWKSWriterController ¶

func NewJWKSWriterController(
	jwksSecretLabels map[string]string,
	kubeClient kubernetes.Interface,
	pinnipedClient pinnipedclientset.Interface,
	secretInformer corev1informers.SecretInformer,
	opcInformer configinformers.OIDCProviderInformer,
	withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller

NewJWKSWriterController returns a controllerlib.Controller that ensures an OPC has a corresponding Secret that contains a valid active JWK and JWKS.

func NewOIDCProviderWatcherController ¶

func NewOIDCProviderWatcherController(
	providerSetter ProvidersSetter,
	clock clock.Clock,
	client pinnipedclientset.Interface,
	opcInformer configinformers.OIDCProviderInformer,
	withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller

NewOIDCProviderWatcherController creates a controllerlib.Controller that watches OIDCProvider objects and notifies a callback object of the collection of provider configs.

func NewTLSCertObserverController ¶

func NewTLSCertObserverController(
	issuerTLSCertSetter IssuerTLSCertSetter,
	defaultTLSCertificateSecretName string,
	secretInformer corev1informers.SecretInformer,
	oidcProviderInformer v1alpha1.OIDCProviderInformer,
	withInformer pinnipedcontroller.WithInformerOptionFunc,
) controllerlib.Controller

Types ¶

type IssuerTLSCertSetter ¶

type IssuerTLSCertSetter interface {
	SetIssuerHostToTLSCertMap(issuerHostToTLSCertMap map[string]*tls.Certificate)
	SetDefaultTLSCert(certificate *tls.Certificate)
}

type IssuerToJWKSMapSetter ¶

type IssuerToJWKSMapSetter interface {
	SetIssuerToJWKSMap(issuerToJWKSMap map[string]*jose.JSONWebKeySet)
}

type ProvidersSetter ¶

type ProvidersSetter interface {
	SetProviders(oidcProviders ...*provider.OIDCProvider)
}

ProvidersSetter can be notified of all known valid providers with its SetIssuer function. If there are no longer any valid issuers, then it can be called with no arguments. Implementations of this type should be thread-safe to support calls from multiple goroutines.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL