secret

package
v1.30.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 19, 2024 License: Apache-2.0 Imports: 13 Imported by: 61

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Manager

type Manager interface {
	// Get secret by secret namespace and name.
	GetSecret(namespace, name string) (*v1.Secret, error)

	// RegisterPod registers all secrets from a given pod.
	RegisterPod(pod *v1.Pod)

	// UnregisterPod unregisters secrets from a given pod that are not
	// used by any other registered pod.
	UnregisterPod(pod *v1.Pod)
}

Manager manages Kubernetes secrets. This includes retrieving secrets or registering/unregistering them via Pods.

func NewCachingSecretManager

func NewCachingSecretManager(kubeClient clientset.Interface, getTTL manager.GetObjectTTLFunc) Manager

NewCachingSecretManager creates a manager that keeps a cache of all secrets necessary for registered pods. It implements the following logic:

  • whenever a pod is created or updated, the cached versions of all secrets are invalidated
  • every GetObject() call tries to fetch the value from local cache; if it is not there, invalidated or too old, we fetch it from apiserver and refresh the value in cache; otherwise it is just fetched from cache

func NewFakeManager

func NewFakeManager() Manager

NewFakeManager creates empty/fake secret manager

func NewFakeManagerWithSecrets added in v1.28.0

func NewFakeManagerWithSecrets(secrets []*v1.Secret) Manager

NewFakeManagerWithSecrets creates a fake secret manager with the provided secrets

func NewSimpleSecretManager

func NewSimpleSecretManager(kubeClient clientset.Interface) Manager

NewSimpleSecretManager creates a new SecretManager instance.

func NewWatchingSecretManager added in v1.12.0

func NewWatchingSecretManager(kubeClient clientset.Interface, resyncInterval time.Duration) Manager

NewWatchingSecretManager creates a manager that keeps a cache of all secrets necessary for registered pods. It implements the following logic:

  • whenever a pod is created or updated, we start individual watches for all referenced objects that aren't referenced from other registered pods
  • every GetObject() returns a value from local cache propagated via watches

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL