util

package
v0.0.0-...-27dc681 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 9, 2025 License: Apache-2.0 Imports: 18 Imported by: 3

Documentation

Index

Constants

View Source
const (
	DefaultClusterLocalDomain  = "svc." + constants.DefaultClusterLocalDomain
	ExportToNamespaceLocal     = "."
	ExportToAllNamespaces      = "*"
	IstioProxyName             = "istio-proxy"
	IstioOperator              = "istio-operator"
	MeshGateway                = "mesh"
	Wildcard                   = "*"
	MeshConfigName             = "istio"
	InjectionLabelName         = "istio-injection"
	InjectionLabelEnableValue  = "enabled"
	InjectionConfigMap         = "istio-sidecar-injector"
	InjectionConfigMapValue    = "values"
	InjectorWebhookConfigKey   = "sidecarInjectorWebhook"
	InjectorWebhookConfigValue = "enableNamespacesByDefault"
)
View Source
const (

	// Path for host in VirtualService.
	// Required parameters: route rule, route rule index, route index.
	DestinationHost = "{.spec.%s[%d].route[%d].destination.host}"

	// Path for mirror host in VirtualService.
	// Required parameters: http index.
	MirrorHost = "{.spec.http[%d].mirror.host}"

	// Path for mirrors host in VirtualService.
	// Required parameters: http index, mirror index.
	MirrorsHost = "{.spec.http[%d].mirrors[%d].host}"

	// Path for VirtualService gateway.
	// Required parameters: gateway index.
	VSGateway = "{.spec.gateways[%d]}"

	// Path for regex match of uri, scheme, method and authority.
	// Required parameters: http index, match index, where to match.
	URISchemeMethodAuthorityRegexMatch = "{.spec.http[%d].match[%d].%s.regex}"

	// Path for regex match of headers and queryParams.
	// Required parameters: http index, match index, where to match, match key.
	HeaderAndQueryParamsRegexMatch = "{.spec.http[%d].match[%d].%s.%s.regex}"

	// Path for regex match of allowOrigins.
	// Required parameters: http index, allowOrigins index.
	AllowOriginsRegexMatch = "{.spec.http[%d].corsPolicy.allowOrigins[%d].regex}"

	// Path for workload selector.
	// Required parameters: selector label.
	WorkloadSelector = "{.spec.workloadSelector.labels.%s}"

	// Path for port from ports collections.
	// Required parameters: port index.
	PortInPorts = "{.spec.ports[%d].port}"

	// Path for fromRegistry in the mesh networks.
	// Required parameters: network name, endPoint index.
	FromRegistry = "{.networks.%s.endpoints[%d]}"

	// Path for the image in the container.
	// Required parameters: container index.
	ImageInContainer = "{.spec.containers[%d].image}"

	// Path for namespace in metadata.
	// Required parameters: none.
	MetadataNamespace = "{.metadata.namespace}"

	// Path for name in metadata.
	// Required parameters: none.
	MetadataName = "{.metadata.name}"

	// Path for namespace in authorizationPolicy.
	// Required parameters: rule index, from index, namespace index.
	AuthorizationPolicyNameSpace = "{.spec.rules[%d].from[%d].source.namespaces[%d]}"

	// Path for annotation.
	// Required parameters: annotation name.
	Annotation = "{.metadata.annotations.%s}"

	// Path for selector in Gateway.
	// Required parameters: selector label.
	GatewaySelector = "{.spec.selector.%s}"

	// Path for credentialName.
	// Required parameters: server index.
	CredentialName = "{.spec.servers[%d].tls.credentialName}"

	// Path for Port in ServiceEntry.
	// Required parameters: port index.
	ServiceEntryPort = "{.spec.ports[%d].name}"

	// Path for DestinationRule tls certificate.
	// Required parameters: none.
	DestinationRuleTLSCert = "{.spec.trafficPolicy.tls.caCertificates}"

	// Path for DestinationRule port-level tls certificate.
	// Required parameters: portLevelSettings index.
	DestinationRuleTLSPortLevelCert = "{.spec.trafficPolicy.portLevelSettings[%d].tls.caCertificates}"

	// Path for ConfigPatch in envoyFilter
	// Required parameters: envoyFilter config patch index
	EnvoyFilterConfigPath = "{.spec.configPatches[%d].patch.value}"

	// Path for selector in telemetry.
	// Required parameters: selector label.
	TelemetrySelector = "{.spec.selector.matchLabels.%s}"
)

Variables

This section is empty.

Functions

func AddLineNumber

func AddLineNumber(r *resource.Instance, ann string, m diag.Message) bool

func ConvertHostToFQDN

func ConvertHostToFQDN(namespace resource.Namespace, host string) string

ConvertHostToFQDN returns the given host as a FQDN, if it isn't already.

func DeploymentInMesh

func DeploymentInMesh(r *resource.Instance, c analysis.Context) bool

DeploymentInMesh returns true if deployment is in the service mesh (has sidecar)

func ErrorLine

func ErrorLine(r *resource.Instance, path string) (line int, found bool)

ErrorLine returns the line number of the input path key in the resource

func ExtractLabelFromSelectorString

func ExtractLabelFromSelectorString(s string) string

ExtractLabelFromSelectorString returns the label of the match in the k8s labels.Selector

func GetDestinationHost

func GetDestinationHost(sourceNs resource.Namespace, exportTo []string, host string,
	serviceEntryHosts map[ScopedFqdn]*v1alpha3.ServiceEntry,
) *v1alpha3.ServiceEntry

func GetFullNameFromFQDN

func GetFullNameFromFQDN(fqdn string) resource.FullName

GetFullNameFromFQDN tries to parse namespace and name from a fqdn. Empty strings are returned if either namespace or name cannot be parsed.

func GetInjectorConfigMapName

func GetInjectorConfigMapName(revision string) string

func GetResourceNameFromHost

func GetResourceNameFromHost(defaultNamespace resource.Namespace, host string) resource.FullName

GetResourceNameFromHost figures out the resource.FullName to look up from the provided host string We need to handle two possible formats: short name and FQDN https://istio.io/docs/reference/config/networking/v1alpha3/virtual-service/#Destination

func InitServiceEntryHostMap

func InitServiceEntryHostMap(ctx analysis.Context) map[ScopedFqdn]*v1alpha3.ServiceEntry

func IsExportToAllNamespaces

func IsExportToAllNamespaces(exportTos []string) bool

IsExportToAllNamespaces returns true if export to applies to all namespaces and false if it is set to namespace local.

func IsIstioControlPlane

func IsIstioControlPlane(r *resource.Instance) bool

IsIstioControlPlane returns true for resources that are part of the Istio control plane

func NamespaceInAmbientMode

func NamespaceInAmbientMode(r *resource.Instance) bool

NamespaceInAmbientMode returns true if a Namespace is configured as a ambient namespace.

func PodInAmbientMode

func PodInAmbientMode(r *resource.Instance) bool

PodInAmbientMode returns true if a Pod is in the service mesh with the ambient mode

func PodInMesh

func PodInMesh(r *resource.Instance, c analysis.Context) bool

PodInMesh returns true if a Pod is in the service mesh (has sidecar)

Types

type EffectiveProxyConfigResolver

type EffectiveProxyConfigResolver struct {
	// contains filtered or unexported fields
}

func NewEffectiveProxyConfigResolver

func NewEffectiveProxyConfigResolver(c analysis.Context) *EffectiveProxyConfigResolver

func (*EffectiveProxyConfigResolver) ImageType

ImageType returns the effective image type for the given pod.

type ScopedFqdn

type ScopedFqdn string

func NewScopedFqdn

func NewScopedFqdn(scope string, namespace resource.Namespace, host string) ScopedFqdn

NewScopedFqdn converts the passed host to FQDN if needed and applies the passed scope.

func (ScopedFqdn) GetScopeAndFqdn

func (s ScopedFqdn) GetScopeAndFqdn() (string, string)

GetScopeAndFqdn splits ScopedFqdn back to scope namespace and fqdn parts

func (ScopedFqdn) InScopeOf

func (s ScopedFqdn) InScopeOf(ns string) bool

InScopeOf returns true if ns is in the scope of ScopedFqdn

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL