Documentation ¶
Overview ¶
Package v1 is the v1 version of the API.
Index ¶
- Constants
- Variables
- func Convert_config_AESConfiguration_To_v1_AESConfiguration(in *config.AESConfiguration, out *AESConfiguration, s conversion.Scope) error
- func Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration(in *config.EncryptionConfiguration, out *EncryptionConfiguration, ...) error
- func Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration(in *config.IdentityConfiguration, out *IdentityConfiguration, ...) error
- func Convert_config_KMSConfiguration_To_v1_KMSConfiguration(in *config.KMSConfiguration, out *KMSConfiguration, s conversion.Scope) error
- func Convert_config_Key_To_v1_Key(in *config.Key, out *Key, s conversion.Scope) error
- func Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration(in *config.ProviderConfiguration, out *ProviderConfiguration, ...) error
- func Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration(in *config.ResourceConfiguration, out *ResourceConfiguration, ...) error
- func Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration(in *config.SecretboxConfiguration, out *SecretboxConfiguration, ...) error
- func Convert_v1_AESConfiguration_To_config_AESConfiguration(in *AESConfiguration, out *config.AESConfiguration, s conversion.Scope) error
- func Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration(in *EncryptionConfiguration, out *config.EncryptionConfiguration, ...) error
- func Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration(in *IdentityConfiguration, out *config.IdentityConfiguration, ...) error
- func Convert_v1_KMSConfiguration_To_config_KMSConfiguration(in *KMSConfiguration, out *config.KMSConfiguration, s conversion.Scope) error
- func Convert_v1_Key_To_config_Key(in *Key, out *config.Key, s conversion.Scope) error
- func Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration(in *ProviderConfiguration, out *config.ProviderConfiguration, ...) error
- func Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration(in *ResourceConfiguration, out *config.ResourceConfiguration, ...) error
- func Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration(in *SecretboxConfiguration, out *config.SecretboxConfiguration, ...) error
- func RegisterConversions(s *runtime.Scheme) error
- func RegisterDefaults(scheme *runtime.Scheme) error
- func SetDefaults_KMSConfiguration(obj *KMSConfiguration)
- func SetObjectDefaults_EncryptionConfiguration(in *EncryptionConfiguration)
- type AESConfiguration
- type EncryptionConfiguration
- type IdentityConfiguration
- type KMSConfiguration
- type Key
- type ProviderConfiguration
- type ResourceConfiguration
- type SecretboxConfiguration
Constants ¶
const GroupName = "apiserver.config.k8s.io"
GroupName is the group name use in this package.
Variables ¶
var ( // SchemeBuilder points to a list of functions added to Scheme. SchemeBuilder runtime.SchemeBuilder // AddToScheme adds this group to a scheme. AddToScheme = localSchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}
SchemeGroupVersion is group version used to register these objects.
Functions ¶
func Convert_config_AESConfiguration_To_v1_AESConfiguration ¶
func Convert_config_AESConfiguration_To_v1_AESConfiguration(in *config.AESConfiguration, out *AESConfiguration, s conversion.Scope) error
Convert_config_AESConfiguration_To_v1_AESConfiguration is an autogenerated conversion function.
func Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration ¶
func Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration(in *config.EncryptionConfiguration, out *EncryptionConfiguration, s conversion.Scope) error
Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration is an autogenerated conversion function.
func Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration ¶
func Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration(in *config.IdentityConfiguration, out *IdentityConfiguration, s conversion.Scope) error
Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration is an autogenerated conversion function.
func Convert_config_KMSConfiguration_To_v1_KMSConfiguration ¶
func Convert_config_KMSConfiguration_To_v1_KMSConfiguration(in *config.KMSConfiguration, out *KMSConfiguration, s conversion.Scope) error
Convert_config_KMSConfiguration_To_v1_KMSConfiguration is an autogenerated conversion function.
func Convert_config_Key_To_v1_Key ¶
Convert_config_Key_To_v1_Key is an autogenerated conversion function.
func Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration ¶
func Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration(in *config.ProviderConfiguration, out *ProviderConfiguration, s conversion.Scope) error
Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration is an autogenerated conversion function.
func Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration ¶
func Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration(in *config.ResourceConfiguration, out *ResourceConfiguration, s conversion.Scope) error
Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration is an autogenerated conversion function.
func Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration ¶
func Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration(in *config.SecretboxConfiguration, out *SecretboxConfiguration, s conversion.Scope) error
Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration is an autogenerated conversion function.
func Convert_v1_AESConfiguration_To_config_AESConfiguration ¶
func Convert_v1_AESConfiguration_To_config_AESConfiguration(in *AESConfiguration, out *config.AESConfiguration, s conversion.Scope) error
Convert_v1_AESConfiguration_To_config_AESConfiguration is an autogenerated conversion function.
func Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration ¶
func Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration(in *EncryptionConfiguration, out *config.EncryptionConfiguration, s conversion.Scope) error
Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration is an autogenerated conversion function.
func Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration ¶
func Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration(in *IdentityConfiguration, out *config.IdentityConfiguration, s conversion.Scope) error
Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration is an autogenerated conversion function.
func Convert_v1_KMSConfiguration_To_config_KMSConfiguration ¶
func Convert_v1_KMSConfiguration_To_config_KMSConfiguration(in *KMSConfiguration, out *config.KMSConfiguration, s conversion.Scope) error
Convert_v1_KMSConfiguration_To_config_KMSConfiguration is an autogenerated conversion function.
func Convert_v1_Key_To_config_Key ¶
Convert_v1_Key_To_config_Key is an autogenerated conversion function.
func Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration ¶
func Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration(in *ProviderConfiguration, out *config.ProviderConfiguration, s conversion.Scope) error
Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration is an autogenerated conversion function.
func Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration ¶
func Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration(in *ResourceConfiguration, out *config.ResourceConfiguration, s conversion.Scope) error
Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration is an autogenerated conversion function.
func Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration ¶
func Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration(in *SecretboxConfiguration, out *config.SecretboxConfiguration, s conversion.Scope) error
Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration is an autogenerated conversion function.
func RegisterConversions ¶
RegisterConversions adds conversion functions to the given scheme. Public to allow building arbitrary schemes.
func RegisterDefaults ¶
RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.
func SetDefaults_KMSConfiguration ¶ added in v0.18.0
func SetDefaults_KMSConfiguration(obj *KMSConfiguration)
SetDefaults_KMSConfiguration applies defaults to KMSConfiguration.
func SetObjectDefaults_EncryptionConfiguration ¶ added in v0.18.0
func SetObjectDefaults_EncryptionConfiguration(in *EncryptionConfiguration)
Types ¶
type AESConfiguration ¶
type AESConfiguration struct { // keys is a list of keys to be used for creating the AES transformer. // Each key has to be 32 bytes long for AES-CBC and 16, 24 or 32 bytes for AES-GCM. Keys []Key `json:"keys"` }
AESConfiguration contains the API configuration for an AES transformer.
func (*AESConfiguration) DeepCopy ¶
func (in *AESConfiguration) DeepCopy() *AESConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AESConfiguration.
func (*AESConfiguration) DeepCopyInto ¶
func (in *AESConfiguration) DeepCopyInto(out *AESConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EncryptionConfiguration ¶
type EncryptionConfiguration struct { metav1.TypeMeta // resources is a list containing resources, and their corresponding encryption providers. Resources []ResourceConfiguration `json:"resources"` }
EncryptionConfiguration stores the complete configuration for encryption providers. example:
kind: EncryptionConfiguration apiVersion: apiserver.config.k8s.io/v1 resources: - resources: - secrets - configmaps - pandas.awesome.bears.example providers: - aescbc: keys: - name: key1 secret: c2VjcmV0IGlzIHNlY3VyZQ==
func (*EncryptionConfiguration) DeepCopy ¶
func (in *EncryptionConfiguration) DeepCopy() *EncryptionConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfiguration.
func (*EncryptionConfiguration) DeepCopyInto ¶
func (in *EncryptionConfiguration) DeepCopyInto(out *EncryptionConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EncryptionConfiguration) DeepCopyObject ¶
func (in *EncryptionConfiguration) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IdentityConfiguration ¶
type IdentityConfiguration struct{}
IdentityConfiguration is an empty struct to allow identity transformer in provider configuration.
func (*IdentityConfiguration) DeepCopy ¶
func (in *IdentityConfiguration) DeepCopy() *IdentityConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityConfiguration.
func (*IdentityConfiguration) DeepCopyInto ¶
func (in *IdentityConfiguration) DeepCopyInto(out *IdentityConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KMSConfiguration ¶
type KMSConfiguration struct { // apiVersion of KeyManagementService // +optional APIVersion string `json:"apiVersion"` // name is the name of the KMS plugin to be used. Name string `json:"name"` // cachesize is the maximum number of secrets which are cached in memory. The default value is 1000. // Set to a negative value to disable caching. This field is only allowed for KMS v1 providers. // +optional CacheSize *int32 `json:"cachesize,omitempty"` // endpoint is the gRPC server listening address, for example "unix:///var/run/kms-provider.sock". Endpoint string `json:"endpoint"` // timeout for gRPC calls to kms-plugin (ex. 5s). The default is 3 seconds. // +optional Timeout *metav1.Duration `json:"timeout,omitempty"` }
KMSConfiguration contains the name, cache size and path to configuration file for a KMS based envelope transformer.
func (*KMSConfiguration) DeepCopy ¶
func (in *KMSConfiguration) DeepCopy() *KMSConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfiguration.
func (*KMSConfiguration) DeepCopyInto ¶
func (in *KMSConfiguration) DeepCopyInto(out *KMSConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Key ¶
type Key struct { // name is the name of the key to be used while storing data to disk. Name string `json:"name"` // secret is the actual key, encoded in base64. Secret string `json:"secret"` }
Key contains name and secret of the provided key for a transformer.
func (*Key) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
func (*Key) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderConfiguration ¶
type ProviderConfiguration struct { // aesgcm is the configuration for the AES-GCM transformer. AESGCM *AESConfiguration `json:"aesgcm,omitempty"` // aescbc is the configuration for the AES-CBC transformer. AESCBC *AESConfiguration `json:"aescbc,omitempty"` // secretbox is the configuration for the Secretbox based transformer. Secretbox *SecretboxConfiguration `json:"secretbox,omitempty"` // identity is the (empty) configuration for the identity transformer. Identity *IdentityConfiguration `json:"identity,omitempty"` // kms contains the name, cache size and path to configuration file for a KMS based envelope transformer. KMS *KMSConfiguration `json:"kms,omitempty"` }
ProviderConfiguration stores the provided configuration for an encryption provider.
func (*ProviderConfiguration) DeepCopy ¶
func (in *ProviderConfiguration) DeepCopy() *ProviderConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfiguration.
func (*ProviderConfiguration) DeepCopyInto ¶
func (in *ProviderConfiguration) DeepCopyInto(out *ProviderConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceConfiguration ¶
type ResourceConfiguration struct { // resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from `resource` or `resource.group` of the group/version/resource. // eg: pandas.awesome.bears.example is a custom resource with 'group': awesome.bears.example, 'resource': pandas) Resources []string `json:"resources"` // providers is a list of transformers to be used for reading and writing the resources to disk. // eg: aesgcm, aescbc, secretbox, identity. Providers []ProviderConfiguration `json:"providers"` }
ResourceConfiguration stores per resource configuration.
func (*ResourceConfiguration) DeepCopy ¶
func (in *ResourceConfiguration) DeepCopy() *ResourceConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceConfiguration.
func (*ResourceConfiguration) DeepCopyInto ¶
func (in *ResourceConfiguration) DeepCopyInto(out *ResourceConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretboxConfiguration ¶
type SecretboxConfiguration struct { // keys is a list of keys to be used for creating the Secretbox transformer. // Each key has to be 32 bytes long. Keys []Key `json:"keys"` }
SecretboxConfiguration contains the API configuration for an Secretbox transformer.
func (*SecretboxConfiguration) DeepCopy ¶
func (in *SecretboxConfiguration) DeepCopy() *SecretboxConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretboxConfiguration.
func (*SecretboxConfiguration) DeepCopyInto ¶
func (in *SecretboxConfiguration) DeepCopyInto(out *SecretboxConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.