Documentation ¶
Overview ¶
+groupName=kubevault.com
Index ¶
- Constants
- Variables
- func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
- func Resource(resource string) schema.GroupResource
- type AllowedSecretEngines
- func (in *AllowedSecretEngines) DeepCopy() *AllowedSecretEngines
- func (in *AllowedSecretEngines) DeepCopyInto(out *AllowedSecretEngines)
- func (*AllowedSecretEngines) Descriptor() ([]byte, []int)
- func (m *AllowedSecretEngines) Marshal() (dAtA []byte, err error)
- func (m *AllowedSecretEngines) MarshalTo(dAtA []byte) (int, error)
- func (m *AllowedSecretEngines) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AllowedSecretEngines) ProtoMessage()
- func (m *AllowedSecretEngines) Reset()
- func (m *AllowedSecretEngines) Size() (n int)
- func (this *AllowedSecretEngines) String() string
- func (m *AllowedSecretEngines) Unmarshal(dAtA []byte) error
- func (m *AllowedSecretEngines) XXX_DiscardUnknown()
- func (m *AllowedSecretEngines) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AllowedSecretEngines) XXX_Merge(src proto.Message)
- func (m *AllowedSecretEngines) XXX_Size() int
- func (m *AllowedSecretEngines) XXX_Unmarshal(b []byte) error
- type AuthConfig
- func (in *AuthConfig) DeepCopy() *AuthConfig
- func (in *AuthConfig) DeepCopyInto(out *AuthConfig)
- func (*AuthConfig) Descriptor() ([]byte, []int)
- func (m *AuthConfig) Marshal() (dAtA []byte, err error)
- func (m *AuthConfig) MarshalTo(dAtA []byte) (int, error)
- func (m *AuthConfig) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AuthConfig) ProtoMessage()
- func (m *AuthConfig) Reset()
- func (m *AuthConfig) Size() (n int)
- func (this *AuthConfig) String() string
- func (m *AuthConfig) Unmarshal(dAtA []byte) error
- func (m *AuthConfig) XXX_DiscardUnknown()
- func (m *AuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AuthConfig) XXX_Merge(src proto.Message)
- func (m *AuthConfig) XXX_Size() int
- func (m *AuthConfig) XXX_Unmarshal(b []byte) error
- type AuthMethod
- func (in *AuthMethod) DeepCopy() *AuthMethod
- func (in *AuthMethod) DeepCopyInto(out *AuthMethod)
- func (*AuthMethod) Descriptor() ([]byte, []int)
- func (m *AuthMethod) Marshal() (dAtA []byte, err error)
- func (m *AuthMethod) MarshalTo(dAtA []byte) (int, error)
- func (m *AuthMethod) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AuthMethod) ProtoMessage()
- func (m *AuthMethod) Reset()
- func (m *AuthMethod) Size() (n int)
- func (this *AuthMethod) String() string
- func (m *AuthMethod) Unmarshal(dAtA []byte) error
- func (m *AuthMethod) XXX_DiscardUnknown()
- func (m *AuthMethod) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AuthMethod) XXX_Merge(src proto.Message)
- func (m *AuthMethod) XXX_Size() int
- func (m *AuthMethod) XXX_Unmarshal(b []byte) error
- type AuthMethodEnableDisableStatus
- type AuthMethodStatus
- func (in *AuthMethodStatus) DeepCopy() *AuthMethodStatus
- func (in *AuthMethodStatus) DeepCopyInto(out *AuthMethodStatus)
- func (*AuthMethodStatus) Descriptor() ([]byte, []int)
- func (m *AuthMethodStatus) Marshal() (dAtA []byte, err error)
- func (m *AuthMethodStatus) MarshalTo(dAtA []byte) (int, error)
- func (m *AuthMethodStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AuthMethodStatus) ProtoMessage()
- func (m *AuthMethodStatus) Reset()
- func (m *AuthMethodStatus) Size() (n int)
- func (this *AuthMethodStatus) String() string
- func (m *AuthMethodStatus) Unmarshal(dAtA []byte) error
- func (m *AuthMethodStatus) XXX_DiscardUnknown()
- func (m *AuthMethodStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AuthMethodStatus) XXX_Merge(src proto.Message)
- func (m *AuthMethodStatus) XXX_Size() int
- func (m *AuthMethodStatus) XXX_Unmarshal(b []byte) error
- type AuthMethodType
- type AwsKmsSsmSpec
- func (in *AwsKmsSsmSpec) DeepCopy() *AwsKmsSsmSpec
- func (in *AwsKmsSsmSpec) DeepCopyInto(out *AwsKmsSsmSpec)
- func (*AwsKmsSsmSpec) Descriptor() ([]byte, []int)
- func (m *AwsKmsSsmSpec) Marshal() (dAtA []byte, err error)
- func (m *AwsKmsSsmSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *AwsKmsSsmSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AwsKmsSsmSpec) ProtoMessage()
- func (m *AwsKmsSsmSpec) Reset()
- func (m *AwsKmsSsmSpec) Size() (n int)
- func (this *AwsKmsSsmSpec) String() string
- func (m *AwsKmsSsmSpec) Unmarshal(dAtA []byte) error
- func (m *AwsKmsSsmSpec) XXX_DiscardUnknown()
- func (m *AwsKmsSsmSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AwsKmsSsmSpec) XXX_Merge(src proto.Message)
- func (m *AwsKmsSsmSpec) XXX_Size() int
- func (m *AwsKmsSsmSpec) XXX_Unmarshal(b []byte) error
- type AzureKeyVault
- func (in *AzureKeyVault) DeepCopy() *AzureKeyVault
- func (in *AzureKeyVault) DeepCopyInto(out *AzureKeyVault)
- func (*AzureKeyVault) Descriptor() ([]byte, []int)
- func (m *AzureKeyVault) Marshal() (dAtA []byte, err error)
- func (m *AzureKeyVault) MarshalTo(dAtA []byte) (int, error)
- func (m *AzureKeyVault) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AzureKeyVault) ProtoMessage()
- func (m *AzureKeyVault) Reset()
- func (m *AzureKeyVault) Size() (n int)
- func (this *AzureKeyVault) String() string
- func (m *AzureKeyVault) Unmarshal(dAtA []byte) error
- func (m *AzureKeyVault) XXX_DiscardUnknown()
- func (m *AzureKeyVault) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AzureKeyVault) XXX_Merge(src proto.Message)
- func (m *AzureKeyVault) XXX_Size() int
- func (m *AzureKeyVault) XXX_Unmarshal(b []byte) error
- type AzureSpec
- func (in *AzureSpec) DeepCopy() *AzureSpec
- func (in *AzureSpec) DeepCopyInto(out *AzureSpec)
- func (*AzureSpec) Descriptor() ([]byte, []int)
- func (m *AzureSpec) Marshal() (dAtA []byte, err error)
- func (m *AzureSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *AzureSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*AzureSpec) ProtoMessage()
- func (m *AzureSpec) Reset()
- func (m *AzureSpec) Size() (n int)
- func (this *AzureSpec) String() string
- func (m *AzureSpec) Unmarshal(dAtA []byte) error
- func (m *AzureSpec) XXX_DiscardUnknown()
- func (m *AzureSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AzureSpec) XXX_Merge(src proto.Message)
- func (m *AzureSpec) XXX_Size() int
- func (m *AzureSpec) XXX_Unmarshal(b []byte) error
- type BackendStorageSpec
- func (in *BackendStorageSpec) DeepCopy() *BackendStorageSpec
- func (in *BackendStorageSpec) DeepCopyInto(out *BackendStorageSpec)
- func (*BackendStorageSpec) Descriptor() ([]byte, []int)
- func (vsb *BackendStorageSpec) GetBackendType() (VaultServerBackend, error)
- func (m *BackendStorageSpec) Marshal() (dAtA []byte, err error)
- func (m *BackendStorageSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *BackendStorageSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*BackendStorageSpec) ProtoMessage()
- func (m *BackendStorageSpec) Reset()
- func (m *BackendStorageSpec) Size() (n int)
- func (this *BackendStorageSpec) String() string
- func (m *BackendStorageSpec) Unmarshal(dAtA []byte) error
- func (m *BackendStorageSpec) XXX_DiscardUnknown()
- func (m *BackendStorageSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *BackendStorageSpec) XXX_Merge(src proto.Message)
- func (m *BackendStorageSpec) XXX_Size() int
- func (m *BackendStorageSpec) XXX_Unmarshal(b []byte) error
- type ConsulSpec
- func (in *ConsulSpec) DeepCopy() *ConsulSpec
- func (in *ConsulSpec) DeepCopyInto(out *ConsulSpec)
- func (*ConsulSpec) Descriptor() ([]byte, []int)
- func (m *ConsulSpec) Marshal() (dAtA []byte, err error)
- func (m *ConsulSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *ConsulSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*ConsulSpec) ProtoMessage()
- func (m *ConsulSpec) Reset()
- func (m *ConsulSpec) Size() (n int)
- func (this *ConsulSpec) String() string
- func (m *ConsulSpec) Unmarshal(dAtA []byte) error
- func (m *ConsulSpec) XXX_DiscardUnknown()
- func (m *ConsulSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ConsulSpec) XXX_Merge(src proto.Message)
- func (m *ConsulSpec) XXX_Size() int
- func (m *ConsulSpec) XXX_Unmarshal(b []byte) error
- type DynamoDBSpec
- func (in *DynamoDBSpec) DeepCopy() *DynamoDBSpec
- func (in *DynamoDBSpec) DeepCopyInto(out *DynamoDBSpec)
- func (*DynamoDBSpec) Descriptor() ([]byte, []int)
- func (m *DynamoDBSpec) Marshal() (dAtA []byte, err error)
- func (m *DynamoDBSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *DynamoDBSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*DynamoDBSpec) ProtoMessage()
- func (m *DynamoDBSpec) Reset()
- func (m *DynamoDBSpec) Size() (n int)
- func (this *DynamoDBSpec) String() string
- func (m *DynamoDBSpec) Unmarshal(dAtA []byte) error
- func (m *DynamoDBSpec) XXX_DiscardUnknown()
- func (m *DynamoDBSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *DynamoDBSpec) XXX_Merge(src proto.Message)
- func (m *DynamoDBSpec) XXX_Size() int
- func (m *DynamoDBSpec) XXX_Unmarshal(b []byte) error
- type EtcdSpec
- func (in *EtcdSpec) DeepCopy() *EtcdSpec
- func (in *EtcdSpec) DeepCopyInto(out *EtcdSpec)
- func (*EtcdSpec) Descriptor() ([]byte, []int)
- func (m *EtcdSpec) Marshal() (dAtA []byte, err error)
- func (m *EtcdSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *EtcdSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*EtcdSpec) ProtoMessage()
- func (m *EtcdSpec) Reset()
- func (m *EtcdSpec) Size() (n int)
- func (this *EtcdSpec) String() string
- func (m *EtcdSpec) Unmarshal(dAtA []byte) error
- func (m *EtcdSpec) XXX_DiscardUnknown()
- func (m *EtcdSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *EtcdSpec) XXX_Merge(src proto.Message)
- func (m *EtcdSpec) XXX_Size() int
- func (m *EtcdSpec) XXX_Unmarshal(b []byte) error
- type FileSpec
- func (in *FileSpec) DeepCopy() *FileSpec
- func (in *FileSpec) DeepCopyInto(out *FileSpec)
- func (*FileSpec) Descriptor() ([]byte, []int)
- func (m *FileSpec) Marshal() (dAtA []byte, err error)
- func (m *FileSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *FileSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*FileSpec) ProtoMessage()
- func (m *FileSpec) Reset()
- func (m *FileSpec) Size() (n int)
- func (this *FileSpec) String() string
- func (m *FileSpec) Unmarshal(dAtA []byte) error
- func (m *FileSpec) XXX_DiscardUnknown()
- func (m *FileSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *FileSpec) XXX_Merge(src proto.Message)
- func (m *FileSpec) XXX_Size() int
- func (m *FileSpec) XXX_Unmarshal(b []byte) error
- type FromNamespaces
- type GcsSpec
- func (in *GcsSpec) DeepCopy() *GcsSpec
- func (in *GcsSpec) DeepCopyInto(out *GcsSpec)
- func (*GcsSpec) Descriptor() ([]byte, []int)
- func (m *GcsSpec) Marshal() (dAtA []byte, err error)
- func (m *GcsSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *GcsSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*GcsSpec) ProtoMessage()
- func (m *GcsSpec) Reset()
- func (m *GcsSpec) Size() (n int)
- func (this *GcsSpec) String() string
- func (m *GcsSpec) Unmarshal(dAtA []byte) error
- func (m *GcsSpec) XXX_DiscardUnknown()
- func (m *GcsSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *GcsSpec) XXX_Merge(src proto.Message)
- func (m *GcsSpec) XXX_Size() int
- func (m *GcsSpec) XXX_Unmarshal(b []byte) error
- type GoogleKmsGcsSpec
- func (in *GoogleKmsGcsSpec) DeepCopy() *GoogleKmsGcsSpec
- func (in *GoogleKmsGcsSpec) DeepCopyInto(out *GoogleKmsGcsSpec)
- func (*GoogleKmsGcsSpec) Descriptor() ([]byte, []int)
- func (m *GoogleKmsGcsSpec) Marshal() (dAtA []byte, err error)
- func (m *GoogleKmsGcsSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *GoogleKmsGcsSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*GoogleKmsGcsSpec) ProtoMessage()
- func (m *GoogleKmsGcsSpec) Reset()
- func (m *GoogleKmsGcsSpec) Size() (n int)
- func (this *GoogleKmsGcsSpec) String() string
- func (m *GoogleKmsGcsSpec) Unmarshal(dAtA []byte) error
- func (m *GoogleKmsGcsSpec) XXX_DiscardUnknown()
- func (m *GoogleKmsGcsSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *GoogleKmsGcsSpec) XXX_Merge(src proto.Message)
- func (m *GoogleKmsGcsSpec) XXX_Size() int
- func (m *GoogleKmsGcsSpec) XXX_Unmarshal(b []byte) error
- type InmemSpec
- func (in *InmemSpec) DeepCopy() *InmemSpec
- func (in *InmemSpec) DeepCopyInto(out *InmemSpec)
- func (*InmemSpec) Descriptor() ([]byte, []int)
- func (m *InmemSpec) Marshal() (dAtA []byte, err error)
- func (m *InmemSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *InmemSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*InmemSpec) ProtoMessage()
- func (m *InmemSpec) Reset()
- func (m *InmemSpec) Size() (n int)
- func (this *InmemSpec) String() string
- func (m *InmemSpec) Unmarshal(dAtA []byte) error
- func (m *InmemSpec) XXX_DiscardUnknown()
- func (m *InmemSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *InmemSpec) XXX_Merge(src proto.Message)
- func (m *InmemSpec) XXX_Size() int
- func (m *InmemSpec) XXX_Unmarshal(b []byte) error
- type KubernetesSecretSpec
- func (in *KubernetesSecretSpec) DeepCopy() *KubernetesSecretSpec
- func (in *KubernetesSecretSpec) DeepCopyInto(out *KubernetesSecretSpec)
- func (*KubernetesSecretSpec) Descriptor() ([]byte, []int)
- func (m *KubernetesSecretSpec) Marshal() (dAtA []byte, err error)
- func (m *KubernetesSecretSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *KubernetesSecretSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*KubernetesSecretSpec) ProtoMessage()
- func (m *KubernetesSecretSpec) Reset()
- func (m *KubernetesSecretSpec) Size() (n int)
- func (this *KubernetesSecretSpec) String() string
- func (m *KubernetesSecretSpec) Unmarshal(dAtA []byte) error
- func (m *KubernetesSecretSpec) XXX_DiscardUnknown()
- func (m *KubernetesSecretSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *KubernetesSecretSpec) XXX_Merge(src proto.Message)
- func (m *KubernetesSecretSpec) XXX_Size() int
- func (m *KubernetesSecretSpec) XXX_Unmarshal(b []byte) error
- type ModeSpec
- func (in *ModeSpec) DeepCopy() *ModeSpec
- func (in *ModeSpec) DeepCopyInto(out *ModeSpec)
- func (*ModeSpec) Descriptor() ([]byte, []int)
- func (m *ModeSpec) Marshal() (dAtA []byte, err error)
- func (m *ModeSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *ModeSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*ModeSpec) ProtoMessage()
- func (m *ModeSpec) Reset()
- func (m *ModeSpec) Size() (n int)
- func (this *ModeSpec) String() string
- func (m *ModeSpec) Unmarshal(dAtA []byte) error
- func (m *ModeSpec) XXX_DiscardUnknown()
- func (m *ModeSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ModeSpec) XXX_Merge(src proto.Message)
- func (m *ModeSpec) XXX_Size() int
- func (m *ModeSpec) XXX_Unmarshal(b []byte) error
- type MySQLSpec
- func (in *MySQLSpec) DeepCopy() *MySQLSpec
- func (in *MySQLSpec) DeepCopyInto(out *MySQLSpec)
- func (*MySQLSpec) Descriptor() ([]byte, []int)
- func (m *MySQLSpec) Marshal() (dAtA []byte, err error)
- func (m *MySQLSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *MySQLSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*MySQLSpec) ProtoMessage()
- func (m *MySQLSpec) Reset()
- func (m *MySQLSpec) Size() (n int)
- func (this *MySQLSpec) String() string
- func (m *MySQLSpec) Unmarshal(dAtA []byte) error
- func (m *MySQLSpec) XXX_DiscardUnknown()
- func (m *MySQLSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *MySQLSpec) XXX_Merge(src proto.Message)
- func (m *MySQLSpec) XXX_Size() int
- func (m *MySQLSpec) XXX_Unmarshal(b []byte) error
- type NamedServiceTemplateSpec
- func (in *NamedServiceTemplateSpec) DeepCopy() *NamedServiceTemplateSpec
- func (in *NamedServiceTemplateSpec) DeepCopyInto(out *NamedServiceTemplateSpec)
- func (*NamedServiceTemplateSpec) Descriptor() ([]byte, []int)
- func (m *NamedServiceTemplateSpec) Marshal() (dAtA []byte, err error)
- func (m *NamedServiceTemplateSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *NamedServiceTemplateSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*NamedServiceTemplateSpec) ProtoMessage()
- func (m *NamedServiceTemplateSpec) Reset()
- func (m *NamedServiceTemplateSpec) Size() (n int)
- func (this *NamedServiceTemplateSpec) String() string
- func (m *NamedServiceTemplateSpec) Unmarshal(dAtA []byte) error
- func (m *NamedServiceTemplateSpec) XXX_DiscardUnknown()
- func (m *NamedServiceTemplateSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *NamedServiceTemplateSpec) XXX_Merge(src proto.Message)
- func (m *NamedServiceTemplateSpec) XXX_Size() int
- func (m *NamedServiceTemplateSpec) XXX_Unmarshal(b []byte) error
- type PostgreSQLSpec
- func (in *PostgreSQLSpec) DeepCopy() *PostgreSQLSpec
- func (in *PostgreSQLSpec) DeepCopyInto(out *PostgreSQLSpec)
- func (*PostgreSQLSpec) Descriptor() ([]byte, []int)
- func (m *PostgreSQLSpec) Marshal() (dAtA []byte, err error)
- func (m *PostgreSQLSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *PostgreSQLSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*PostgreSQLSpec) ProtoMessage()
- func (m *PostgreSQLSpec) Reset()
- func (m *PostgreSQLSpec) Size() (n int)
- func (this *PostgreSQLSpec) String() string
- func (m *PostgreSQLSpec) Unmarshal(dAtA []byte) error
- func (m *PostgreSQLSpec) XXX_DiscardUnknown()
- func (m *PostgreSQLSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *PostgreSQLSpec) XXX_Merge(src proto.Message)
- func (m *PostgreSQLSpec) XXX_Size() int
- func (m *PostgreSQLSpec) XXX_Unmarshal(b []byte) error
- type RaftSpec
- func (in *RaftSpec) DeepCopy() *RaftSpec
- func (in *RaftSpec) DeepCopyInto(out *RaftSpec)
- func (*RaftSpec) Descriptor() ([]byte, []int)
- func (m *RaftSpec) Marshal() (dAtA []byte, err error)
- func (m *RaftSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *RaftSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*RaftSpec) ProtoMessage()
- func (m *RaftSpec) Reset()
- func (m *RaftSpec) Size() (n int)
- func (this *RaftSpec) String() string
- func (m *RaftSpec) Unmarshal(dAtA []byte) error
- func (m *RaftSpec) XXX_DiscardUnknown()
- func (m *RaftSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *RaftSpec) XXX_Merge(src proto.Message)
- func (m *RaftSpec) XXX_Size() int
- func (m *RaftSpec) XXX_Unmarshal(b []byte) error
- type S3Spec
- func (in *S3Spec) DeepCopy() *S3Spec
- func (in *S3Spec) DeepCopyInto(out *S3Spec)
- func (*S3Spec) Descriptor() ([]byte, []int)
- func (m *S3Spec) Marshal() (dAtA []byte, err error)
- func (m *S3Spec) MarshalTo(dAtA []byte) (int, error)
- func (m *S3Spec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*S3Spec) ProtoMessage()
- func (m *S3Spec) Reset()
- func (m *S3Spec) Size() (n int)
- func (this *S3Spec) String() string
- func (m *S3Spec) Unmarshal(dAtA []byte) error
- func (m *S3Spec) XXX_DiscardUnknown()
- func (m *S3Spec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *S3Spec) XXX_Merge(src proto.Message)
- func (m *S3Spec) XXX_Size() int
- func (m *S3Spec) XXX_Unmarshal(b []byte) error
- type SecretEngineNamespaces
- func (in *SecretEngineNamespaces) DeepCopy() *SecretEngineNamespaces
- func (in *SecretEngineNamespaces) DeepCopyInto(out *SecretEngineNamespaces)
- func (*SecretEngineNamespaces) Descriptor() ([]byte, []int)
- func (m *SecretEngineNamespaces) Marshal() (dAtA []byte, err error)
- func (m *SecretEngineNamespaces) MarshalTo(dAtA []byte) (int, error)
- func (m *SecretEngineNamespaces) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*SecretEngineNamespaces) ProtoMessage()
- func (m *SecretEngineNamespaces) Reset()
- func (m *SecretEngineNamespaces) Size() (n int)
- func (this *SecretEngineNamespaces) String() string
- func (m *SecretEngineNamespaces) Unmarshal(dAtA []byte) error
- func (m *SecretEngineNamespaces) XXX_DiscardUnknown()
- func (m *SecretEngineNamespaces) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *SecretEngineNamespaces) XXX_Merge(src proto.Message)
- func (m *SecretEngineNamespaces) XXX_Size() int
- func (m *SecretEngineNamespaces) XXX_Unmarshal(b []byte) error
- type SecretEngineType
- type ServiceAlias
- type SwiftSpec
- func (in *SwiftSpec) DeepCopy() *SwiftSpec
- func (in *SwiftSpec) DeepCopyInto(out *SwiftSpec)
- func (*SwiftSpec) Descriptor() ([]byte, []int)
- func (m *SwiftSpec) Marshal() (dAtA []byte, err error)
- func (m *SwiftSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *SwiftSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*SwiftSpec) ProtoMessage()
- func (m *SwiftSpec) Reset()
- func (m *SwiftSpec) Size() (n int)
- func (this *SwiftSpec) String() string
- func (m *SwiftSpec) Unmarshal(dAtA []byte) error
- func (m *SwiftSpec) XXX_DiscardUnknown()
- func (m *SwiftSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *SwiftSpec) XXX_Merge(src proto.Message)
- func (m *SwiftSpec) XXX_Size() int
- func (m *SwiftSpec) XXX_Unmarshal(b []byte) error
- type TLSPolicy
- func (in *TLSPolicy) DeepCopy() *TLSPolicy
- func (in *TLSPolicy) DeepCopyInto(out *TLSPolicy)
- func (*TLSPolicy) Descriptor() ([]byte, []int)
- func (m *TLSPolicy) Marshal() (dAtA []byte, err error)
- func (m *TLSPolicy) MarshalTo(dAtA []byte) (int, error)
- func (m *TLSPolicy) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*TLSPolicy) ProtoMessage()
- func (m *TLSPolicy) Reset()
- func (m *TLSPolicy) Size() (n int)
- func (this *TLSPolicy) String() string
- func (m *TLSPolicy) Unmarshal(dAtA []byte) error
- func (m *TLSPolicy) XXX_DiscardUnknown()
- func (m *TLSPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *TLSPolicy) XXX_Merge(src proto.Message)
- func (m *TLSPolicy) XXX_Size() int
- func (m *TLSPolicy) XXX_Unmarshal(b []byte) error
- type TerminationPolicy
- type UnsealerSpec
- func (in *UnsealerSpec) DeepCopy() *UnsealerSpec
- func (in *UnsealerSpec) DeepCopyInto(out *UnsealerSpec)
- func (*UnsealerSpec) Descriptor() ([]byte, []int)
- func (m *UnsealerSpec) Marshal() (dAtA []byte, err error)
- func (m *UnsealerSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *UnsealerSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*UnsealerSpec) ProtoMessage()
- func (m *UnsealerSpec) Reset()
- func (m *UnsealerSpec) Size() (n int)
- func (this *UnsealerSpec) String() string
- func (m *UnsealerSpec) Unmarshal(dAtA []byte) error
- func (m *UnsealerSpec) XXX_DiscardUnknown()
- func (m *UnsealerSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *UnsealerSpec) XXX_Merge(src proto.Message)
- func (m *UnsealerSpec) XXX_Size() int
- func (m *UnsealerSpec) XXX_Unmarshal(b []byte) error
- type VaultCertificateAlias
- type VaultServer
- func (v VaultServer) AppBindingName() string
- func (v *VaultServer) CertificateMountPath(alias VaultCertificateAlias) string
- func (v VaultServer) ConfigSecretName() string
- func (_ VaultServer) CustomResourceDefinition() *apiextensions.CustomResourceDefinition
- func (in *VaultServer) DeepCopy() *VaultServer
- func (in *VaultServer) DeepCopyInto(out *VaultServer)
- func (in *VaultServer) DeepCopyObject() runtime.Object
- func (vs *VaultServer) DefaultCertSecretName(alias string) string
- func (*VaultServer) Descriptor() ([]byte, []int)
- func (vs *VaultServer) GetCertSecretName(alias string) string
- func (vs *VaultServer) GetCertificateCN(alias VaultCertificateAlias) string
- func (v VaultServer) GetKey() string
- func (vs *VaultServer) GetServiceTemplate(alias ServiceAlias) ofst.ServiceTemplateSpec
- func (v VaultServer) IsValid() error
- func (m *VaultServer) Marshal() (dAtA []byte, err error)
- func (m *VaultServer) MarshalTo(dAtA []byte) (int, error)
- func (m *VaultServer) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (v VaultServer) OffshootLabels() map[string]string
- func (v VaultServer) OffshootName() string
- func (v VaultServer) OffshootSelectors() map[string]string
- func (v VaultServer) PolicyNameForAuthMethodController() string
- func (v VaultServer) PolicyNameForPolicyController() string
- func (*VaultServer) ProtoMessage()
- func (v *VaultServer) ReplicasAreReady(lister appslister.StatefulSetLister) (bool, string, error)
- func (m *VaultServer) Reset()
- func (_ VaultServer) ResourceFQN() string
- func (vs *VaultServer) Scheme() string
- func (v VaultServer) ServiceAccountForTokenReviewer() string
- func (v VaultServer) ServiceAccountName() string
- func (v VaultServer) ServiceName(alias ServiceAlias) string
- func (m *VaultServer) Size() (n int)
- func (v VaultServer) StatsLabels() map[string]string
- func (v VaultServer) StatsService() mona.StatsAccessor
- func (v VaultServer) StatsServiceName() string
- func (this *VaultServer) String() string
- func (v VaultServer) TLSSecretName() string
- func (m *VaultServer) Unmarshal(dAtA []byte) error
- func (m *VaultServer) XXX_DiscardUnknown()
- func (m *VaultServer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *VaultServer) XXX_Merge(src proto.Message)
- func (m *VaultServer) XXX_Size() int
- func (m *VaultServer) XXX_Unmarshal(b []byte) error
- type VaultServerBackend
- type VaultServerList
- func (in *VaultServerList) DeepCopy() *VaultServerList
- func (in *VaultServerList) DeepCopyInto(out *VaultServerList)
- func (in *VaultServerList) DeepCopyObject() runtime.Object
- func (*VaultServerList) Descriptor() ([]byte, []int)
- func (m *VaultServerList) Marshal() (dAtA []byte, err error)
- func (m *VaultServerList) MarshalTo(dAtA []byte) (int, error)
- func (m *VaultServerList) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*VaultServerList) ProtoMessage()
- func (m *VaultServerList) Reset()
- func (m *VaultServerList) Size() (n int)
- func (this *VaultServerList) String() string
- func (m *VaultServerList) Unmarshal(dAtA []byte) error
- func (m *VaultServerList) XXX_DiscardUnknown()
- func (m *VaultServerList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *VaultServerList) XXX_Merge(src proto.Message)
- func (m *VaultServerList) XXX_Size() int
- func (m *VaultServerList) XXX_Unmarshal(b []byte) error
- type VaultServerPhase
- type VaultServerSpec
- func (in *VaultServerSpec) DeepCopy() *VaultServerSpec
- func (in *VaultServerSpec) DeepCopyInto(out *VaultServerSpec)
- func (*VaultServerSpec) Descriptor() ([]byte, []int)
- func (m *VaultServerSpec) Marshal() (dAtA []byte, err error)
- func (m *VaultServerSpec) MarshalTo(dAtA []byte) (int, error)
- func (m *VaultServerSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*VaultServerSpec) ProtoMessage()
- func (m *VaultServerSpec) Reset()
- func (m *VaultServerSpec) Size() (n int)
- func (this *VaultServerSpec) String() string
- func (m *VaultServerSpec) Unmarshal(dAtA []byte) error
- func (m *VaultServerSpec) XXX_DiscardUnknown()
- func (m *VaultServerSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *VaultServerSpec) XXX_Merge(src proto.Message)
- func (m *VaultServerSpec) XXX_Size() int
- func (m *VaultServerSpec) XXX_Unmarshal(b []byte) error
- type VaultServerStatus
- func (in *VaultServerStatus) DeepCopy() *VaultServerStatus
- func (in *VaultServerStatus) DeepCopyInto(out *VaultServerStatus)
- func (*VaultServerStatus) Descriptor() ([]byte, []int)
- func (m *VaultServerStatus) Marshal() (dAtA []byte, err error)
- func (m *VaultServerStatus) MarshalTo(dAtA []byte) (int, error)
- func (m *VaultServerStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*VaultServerStatus) ProtoMessage()
- func (m *VaultServerStatus) Reset()
- func (m *VaultServerStatus) Size() (n int)
- func (this *VaultServerStatus) String() string
- func (m *VaultServerStatus) Unmarshal(dAtA []byte) error
- func (m *VaultServerStatus) XXX_DiscardUnknown()
- func (m *VaultServerStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *VaultServerStatus) XXX_Merge(src proto.Message)
- func (m *VaultServerStatus) XXX_Size() int
- func (m *VaultServerStatus) XXX_Unmarshal(b []byte) error
- type VaultStatus
- func (in *VaultStatus) DeepCopy() *VaultStatus
- func (in *VaultStatus) DeepCopyInto(out *VaultStatus)
- func (*VaultStatus) Descriptor() ([]byte, []int)
- func (m *VaultStatus) Marshal() (dAtA []byte, err error)
- func (m *VaultStatus) MarshalTo(dAtA []byte) (int, error)
- func (m *VaultStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)
- func (*VaultStatus) ProtoMessage()
- func (m *VaultStatus) Reset()
- func (m *VaultStatus) Size() (n int)
- func (this *VaultStatus) String() string
- func (m *VaultStatus) Unmarshal(dAtA []byte) error
- func (m *VaultStatus) XXX_DiscardUnknown()
- func (m *VaultStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *VaultStatus) XXX_Merge(src proto.Message)
- func (m *VaultStatus) XXX_Size() int
- func (m *VaultStatus) XXX_Unmarshal(b []byte) error
Constants ¶
const ( VaultServerContainerName = "vault" VaultUnsealerContainerName = "unsealer" VaultExporterContainerName = "exporter" )
const ( ResourceKindVaultServer = "VaultServer" ResourceVaultServer = "vaultserver" ResourceVaultServers = "vaultservers" )
Variables ¶
var ( ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowGenerated = fmt.Errorf("proto: integer overflow") ErrUnexpectedEndOfGroupGenerated = fmt.Errorf("proto: unexpected end of group") )
var ( // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api. // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder AddToScheme = localSchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: kubevault.GroupName, Version: "v1alpha1"}
Functions ¶
func GetOpenAPIDefinitions ¶
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type AllowedSecretEngines ¶ added in v0.5.0
type AllowedSecretEngines struct { // Namespaces indicates namespaces from which Secret Engines may be attached to this // Listener. This is restricted to the namespace of this VaultServer by default. // // +optional // +kubebuilder:default={from: Same} Namespaces *SecretEngineNamespaces `json:"namespaces,omitempty" protobuf:"bytes,1,opt,name=namespaces"` // SecretEngines specifies the types of Secret Engines that are allowed to bind // to this VaultServer. When unspecified or empty, all types of Secret Engines // are allowed. // // +optional SecretEngines []SecretEngineType `json:"secretEngines,omitempty" protobuf:"bytes,2,rep,name=secretEngines,casttype=SecretEngineType"` }
AllowedSecretEngines defines which Secret Engines may be attached to this Listener.
func (*AllowedSecretEngines) DeepCopy ¶ added in v0.5.0
func (in *AllowedSecretEngines) DeepCopy() *AllowedSecretEngines
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedSecretEngines.
func (*AllowedSecretEngines) DeepCopyInto ¶ added in v0.5.0
func (in *AllowedSecretEngines) DeepCopyInto(out *AllowedSecretEngines)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AllowedSecretEngines) Descriptor ¶ added in v0.5.0
func (*AllowedSecretEngines) Descriptor() ([]byte, []int)
func (*AllowedSecretEngines) Marshal ¶ added in v0.5.0
func (m *AllowedSecretEngines) Marshal() (dAtA []byte, err error)
func (*AllowedSecretEngines) MarshalTo ¶ added in v0.5.0
func (m *AllowedSecretEngines) MarshalTo(dAtA []byte) (int, error)
func (*AllowedSecretEngines) MarshalToSizedBuffer ¶ added in v0.5.0
func (m *AllowedSecretEngines) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*AllowedSecretEngines) ProtoMessage ¶ added in v0.5.0
func (*AllowedSecretEngines) ProtoMessage()
func (*AllowedSecretEngines) Reset ¶ added in v0.5.0
func (m *AllowedSecretEngines) Reset()
func (*AllowedSecretEngines) Size ¶ added in v0.5.0
func (m *AllowedSecretEngines) Size() (n int)
func (*AllowedSecretEngines) String ¶ added in v0.5.0
func (this *AllowedSecretEngines) String() string
func (*AllowedSecretEngines) Unmarshal ¶ added in v0.5.0
func (m *AllowedSecretEngines) Unmarshal(dAtA []byte) error
func (*AllowedSecretEngines) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *AllowedSecretEngines) XXX_DiscardUnknown()
func (*AllowedSecretEngines) XXX_Marshal ¶ added in v0.5.0
func (m *AllowedSecretEngines) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AllowedSecretEngines) XXX_Merge ¶ added in v0.5.0
func (m *AllowedSecretEngines) XXX_Merge(src proto.Message)
func (*AllowedSecretEngines) XXX_Size ¶ added in v0.5.0
func (m *AllowedSecretEngines) XXX_Size() int
func (*AllowedSecretEngines) XXX_Unmarshal ¶ added in v0.5.0
func (m *AllowedSecretEngines) XXX_Unmarshal(b []byte) error
type AuthConfig ¶
type AuthConfig struct { // The default lease duration, specified as a string duration like "5s" or "30m". // +optional DefaultLeaseTTL string `json:"defaultLeaseTTL,omitempty" protobuf:"bytes,1,opt,name=defaultLeaseTTL"` // The maximum lease duration, specified as a string duration like "5s" or "30m". // +optional MaxLeaseTTL string `json:"maxLeaseTTL,omitempty" protobuf:"bytes,2,opt,name=maxLeaseTTL"` // The name of the plugin in the plugin catalog to use. // +optional PluginName string `json:"pluginName,omitempty" protobuf:"bytes,3,opt,name=pluginName"` // List of keys that will not be HMAC'd by audit devices in the request data object. // +optional AuditNonHMACRequestKeys []string `json:"auditNonHMACRequestKeys,omitempty" protobuf:"bytes,4,rep,name=auditNonHMACRequestKeys"` // List of keys that will not be HMAC'd by audit devices in the response data object. // +optional AuditNonHMACResponseKeys []string `json:"auditNonHMACResponseKeys,omitempty" protobuf:"bytes,5,rep,name=auditNonHMACResponseKeys"` // Speficies whether to show this mount in the UI-specific listing endpoint. // +optional ListingVisibility string `json:"listingVisibility,omitempty" protobuf:"bytes,6,opt,name=listingVisibility"` // List of headers to whitelist and pass from the request to the backend. // +optional PassthroughRequestHeaders []string `json:"passthroughRequestHeaders,omitempty" protobuf:"bytes,7,rep,name=passthroughRequestHeaders"` }
func (*AuthConfig) DeepCopy ¶
func (in *AuthConfig) DeepCopy() *AuthConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthConfig.
func (*AuthConfig) DeepCopyInto ¶
func (in *AuthConfig) DeepCopyInto(out *AuthConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AuthConfig) Descriptor ¶
func (*AuthConfig) Descriptor() ([]byte, []int)
func (*AuthConfig) Marshal ¶
func (m *AuthConfig) Marshal() (dAtA []byte, err error)
func (*AuthConfig) MarshalToSizedBuffer ¶
func (m *AuthConfig) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*AuthConfig) ProtoMessage ¶
func (*AuthConfig) ProtoMessage()
func (*AuthConfig) Reset ¶
func (m *AuthConfig) Reset()
func (*AuthConfig) Size ¶
func (m *AuthConfig) Size() (n int)
func (*AuthConfig) String ¶
func (this *AuthConfig) String() string
func (*AuthConfig) Unmarshal ¶
func (m *AuthConfig) Unmarshal(dAtA []byte) error
func (*AuthConfig) XXX_DiscardUnknown ¶
func (m *AuthConfig) XXX_DiscardUnknown()
func (*AuthConfig) XXX_Marshal ¶
func (m *AuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AuthConfig) XXX_Merge ¶
func (m *AuthConfig) XXX_Merge(src proto.Message)
func (*AuthConfig) XXX_Size ¶
func (m *AuthConfig) XXX_Size() int
func (*AuthConfig) XXX_Unmarshal ¶
func (m *AuthConfig) XXX_Unmarshal(b []byte) error
type AuthMethod ¶
type AuthMethod struct { // Specifies the name of the authentication method type, such as "github" or "token". Type string `json:"type" protobuf:"bytes,1,opt,name=type"` // Specifies the path in which to enable the auth method. // Default value is the same as the 'type' Path string `json:"path" protobuf:"bytes,2,opt,name=path"` // Specifies a human-friendly description of the auth method. // +optional Description string `json:"description,omitempty" protobuf:"bytes,3,opt,name=description"` // Specifies configuration options for this auth method. // +optional Config *AuthConfig `json:"config,omitempty" protobuf:"bytes,4,opt,name=config"` // Specifies the name of the auth plugin to use based from the name in the plugin catalog. // Applies only to plugin methods. // +optional PluginName string `json:"pluginName,omitempty" protobuf:"bytes,5,opt,name=pluginName"` // Specifies if the auth method is a local only. Local auth methods are not replicated nor (if a secondary) removed by replication. // +optional Local bool `json:"local,omitempty" protobuf:"varint,6,opt,name=local"` }
AuthMethod contains the information to enable vault auth method links: https://www.vaultproject.io/api/system/auth.html
func (*AuthMethod) DeepCopy ¶
func (in *AuthMethod) DeepCopy() *AuthMethod
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthMethod.
func (*AuthMethod) DeepCopyInto ¶
func (in *AuthMethod) DeepCopyInto(out *AuthMethod)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AuthMethod) Descriptor ¶
func (*AuthMethod) Descriptor() ([]byte, []int)
func (*AuthMethod) Marshal ¶
func (m *AuthMethod) Marshal() (dAtA []byte, err error)
func (*AuthMethod) MarshalToSizedBuffer ¶
func (m *AuthMethod) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*AuthMethod) ProtoMessage ¶
func (*AuthMethod) ProtoMessage()
func (*AuthMethod) Reset ¶
func (m *AuthMethod) Reset()
func (*AuthMethod) Size ¶
func (m *AuthMethod) Size() (n int)
func (*AuthMethod) String ¶
func (this *AuthMethod) String() string
func (*AuthMethod) Unmarshal ¶
func (m *AuthMethod) Unmarshal(dAtA []byte) error
func (*AuthMethod) XXX_DiscardUnknown ¶
func (m *AuthMethod) XXX_DiscardUnknown()
func (*AuthMethod) XXX_Marshal ¶
func (m *AuthMethod) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AuthMethod) XXX_Merge ¶
func (m *AuthMethod) XXX_Merge(src proto.Message)
func (*AuthMethod) XXX_Size ¶
func (m *AuthMethod) XXX_Size() int
func (*AuthMethod) XXX_Unmarshal ¶
func (m *AuthMethod) XXX_Unmarshal(b []byte) error
type AuthMethodEnableDisableStatus ¶
type AuthMethodEnableDisableStatus string
+kubebuilder:validation:Enum=EnableSucceeded;EnableFailed;DisableSucceeded;DisableFailed
const ( AuthMethodEnableSucceeded AuthMethodEnableDisableStatus = "EnableSucceeded" AuthMethodEnableFailed AuthMethodEnableDisableStatus = "EnableFailed" AuthMethodDisableSucceeded AuthMethodEnableDisableStatus = "DisableSucceeded" AuthMethodDisableFailed AuthMethodEnableDisableStatus = "DisableFailed" )
type AuthMethodStatus ¶
type AuthMethodStatus struct { // Specifies the name of the authentication method type, such as "github" or "token". Type string `json:"type" protobuf:"bytes,1,opt,name=type"` // Specifies the path in which to enable the auth method. Path string `json:"path" protobuf:"bytes,2,opt,name=path"` // Specifies whether auth method is enabled or not Status AuthMethodEnableDisableStatus `json:"status" protobuf:"bytes,3,opt,name=status,casttype=AuthMethodEnableDisableStatus"` // Specifies the reason why failed to enable auth method // +optional Reason string `json:"reason,omitempty" protobuf:"bytes,4,opt,name=reason"` }
AuthMethodStatus specifies the status of the auth method maintained by the auth method controller
func (*AuthMethodStatus) DeepCopy ¶
func (in *AuthMethodStatus) DeepCopy() *AuthMethodStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthMethodStatus.
func (*AuthMethodStatus) DeepCopyInto ¶
func (in *AuthMethodStatus) DeepCopyInto(out *AuthMethodStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AuthMethodStatus) Descriptor ¶
func (*AuthMethodStatus) Descriptor() ([]byte, []int)
func (*AuthMethodStatus) Marshal ¶
func (m *AuthMethodStatus) Marshal() (dAtA []byte, err error)
func (*AuthMethodStatus) MarshalToSizedBuffer ¶
func (m *AuthMethodStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*AuthMethodStatus) ProtoMessage ¶
func (*AuthMethodStatus) ProtoMessage()
func (*AuthMethodStatus) Reset ¶
func (m *AuthMethodStatus) Reset()
func (*AuthMethodStatus) Size ¶
func (m *AuthMethodStatus) Size() (n int)
func (*AuthMethodStatus) String ¶
func (this *AuthMethodStatus) String() string
func (*AuthMethodStatus) Unmarshal ¶
func (m *AuthMethodStatus) Unmarshal(dAtA []byte) error
func (*AuthMethodStatus) XXX_DiscardUnknown ¶
func (m *AuthMethodStatus) XXX_DiscardUnknown()
func (*AuthMethodStatus) XXX_Marshal ¶
func (m *AuthMethodStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AuthMethodStatus) XXX_Merge ¶
func (m *AuthMethodStatus) XXX_Merge(src proto.Message)
func (*AuthMethodStatus) XXX_Size ¶
func (m *AuthMethodStatus) XXX_Size() int
func (*AuthMethodStatus) XXX_Unmarshal ¶
func (m *AuthMethodStatus) XXX_Unmarshal(b []byte) error
type AuthMethodType ¶
type AuthMethodType string
+kubebuilder:validation:Enum=kubernetes;aws;gcp;userpass;cert;azure
const ( AuthTypeKubernetes AuthMethodType = "kubernetes" AuthTypeAws AuthMethodType = "aws" AuthTypeGcp AuthMethodType = "gcp" AuthTypeUserPass AuthMethodType = "userpass" AuthTypeCert AuthMethodType = "cert" AuthTypeAzure AuthMethodType = "azure" )
type AwsKmsSsmSpec ¶
type AwsKmsSsmSpec struct { // The ID or ARN of the AWS KMS key to encrypt values KmsKeyID string `json:"kmsKeyID" protobuf:"bytes,1,opt,name=kmsKeyID"` // +optional // An optional Key prefix for SSM Parameter store SsmKeyPrefix string `json:"ssmKeyPrefix,omitempty" protobuf:"bytes,2,opt,name=ssmKeyPrefix"` Region string `json:"region,omitempty" protobuf:"bytes,3,opt,name=region"` // Specifies the secret name containing AWS access key and AWS secret key // secret data: // - access_key:<value> // - secret_key:<value> // +optional CredentialSecret string `json:"credentialSecret,omitempty" protobuf:"bytes,4,opt,name=credentialSecret"` // Used to make AWS KMS requests. This is useful, // for example, when connecting to KMS over a VPC Endpoint. // If not set, Vault will use the default API endpoint for your region. Endpoint string `json:"endpoint,omitempty" protobuf:"bytes,5,opt,name=endpoint"` }
AwsKmsSsmSpec contain the fields that required to unseal vault using aws kms ssm
func (*AwsKmsSsmSpec) DeepCopy ¶
func (in *AwsKmsSsmSpec) DeepCopy() *AwsKmsSsmSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsKmsSsmSpec.
func (*AwsKmsSsmSpec) DeepCopyInto ¶
func (in *AwsKmsSsmSpec) DeepCopyInto(out *AwsKmsSsmSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AwsKmsSsmSpec) Descriptor ¶
func (*AwsKmsSsmSpec) Descriptor() ([]byte, []int)
func (*AwsKmsSsmSpec) Marshal ¶
func (m *AwsKmsSsmSpec) Marshal() (dAtA []byte, err error)
func (*AwsKmsSsmSpec) MarshalToSizedBuffer ¶
func (m *AwsKmsSsmSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*AwsKmsSsmSpec) ProtoMessage ¶
func (*AwsKmsSsmSpec) ProtoMessage()
func (*AwsKmsSsmSpec) Reset ¶
func (m *AwsKmsSsmSpec) Reset()
func (*AwsKmsSsmSpec) Size ¶
func (m *AwsKmsSsmSpec) Size() (n int)
func (*AwsKmsSsmSpec) String ¶
func (this *AwsKmsSsmSpec) String() string
func (*AwsKmsSsmSpec) Unmarshal ¶
func (m *AwsKmsSsmSpec) Unmarshal(dAtA []byte) error
func (*AwsKmsSsmSpec) XXX_DiscardUnknown ¶
func (m *AwsKmsSsmSpec) XXX_DiscardUnknown()
func (*AwsKmsSsmSpec) XXX_Marshal ¶
func (m *AwsKmsSsmSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AwsKmsSsmSpec) XXX_Merge ¶
func (m *AwsKmsSsmSpec) XXX_Merge(src proto.Message)
func (*AwsKmsSsmSpec) XXX_Size ¶
func (m *AwsKmsSsmSpec) XXX_Size() int
func (*AwsKmsSsmSpec) XXX_Unmarshal ¶
func (m *AwsKmsSsmSpec) XXX_Unmarshal(b []byte) error
type AzureKeyVault ¶
type AzureKeyVault struct { // Azure key vault url, for example https://myvault.vault.azure.net VaultBaseURL string `json:"vaultBaseURL" protobuf:"bytes,1,opt,name=vaultBaseURL"` // The cloud environment identifier // default: "AZUREPUBLICCLOUD" // +optional Cloud string `json:"cloud,omitempty" protobuf:"bytes,2,opt,name=cloud"` // The AAD Tenant ID TenantID string `json:"tenantID" protobuf:"bytes,3,opt,name=tenantID"` // Specifies the name of secret containing client cert and client cert password // secret data: // - client-cert:<value> // - client-cert-password: <value> // +optional ClientCertSecret string `json:"clientCertSecret,omitempty" protobuf:"bytes,4,opt,name=clientCertSecret"` // Specifies the name of secret containing client id and client secret of AAD application // secret data: // - client-id:<value> // - client-secret:<value> // +optional AADClientSecret string `json:"aadClientSecret,omitempty" protobuf:"bytes,5,opt,name=aadClientSecret"` // Use managed service identity for the virtual machine // +optional UseManagedIdentity bool `json:"useManagedIdentity,omitempty" protobuf:"varint,6,opt,name=useManagedIdentity"` }
AzureKeyVault contain the fields that required to unseal vault using azure key vault
func (*AzureKeyVault) DeepCopy ¶
func (in *AzureKeyVault) DeepCopy() *AzureKeyVault
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureKeyVault.
func (*AzureKeyVault) DeepCopyInto ¶
func (in *AzureKeyVault) DeepCopyInto(out *AzureKeyVault)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AzureKeyVault) Descriptor ¶
func (*AzureKeyVault) Descriptor() ([]byte, []int)
func (*AzureKeyVault) Marshal ¶
func (m *AzureKeyVault) Marshal() (dAtA []byte, err error)
func (*AzureKeyVault) MarshalToSizedBuffer ¶
func (m *AzureKeyVault) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*AzureKeyVault) ProtoMessage ¶
func (*AzureKeyVault) ProtoMessage()
func (*AzureKeyVault) Reset ¶
func (m *AzureKeyVault) Reset()
func (*AzureKeyVault) Size ¶
func (m *AzureKeyVault) Size() (n int)
func (*AzureKeyVault) String ¶
func (this *AzureKeyVault) String() string
func (*AzureKeyVault) Unmarshal ¶
func (m *AzureKeyVault) Unmarshal(dAtA []byte) error
func (*AzureKeyVault) XXX_DiscardUnknown ¶
func (m *AzureKeyVault) XXX_DiscardUnknown()
func (*AzureKeyVault) XXX_Marshal ¶
func (m *AzureKeyVault) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AzureKeyVault) XXX_Merge ¶
func (m *AzureKeyVault) XXX_Merge(src proto.Message)
func (*AzureKeyVault) XXX_Size ¶
func (m *AzureKeyVault) XXX_Size() int
func (*AzureKeyVault) XXX_Unmarshal ¶
func (m *AzureKeyVault) XXX_Unmarshal(b []byte) error
type AzureSpec ¶
type AzureSpec struct { // Specifies the Azure Storage account name. AccountName string `json:"accountName" protobuf:"bytes,1,opt,name=accountName"` // Specifies the secret containing Azure Storage account key. // secret data: // - account_key:<value> AccountKeySecret string `json:"accountKeySecret" protobuf:"bytes,2,opt,name=accountKeySecret"` // Specifies the Azure Storage Blob container name. Container string `json:"container" protobuf:"bytes,3,opt,name=container"` // Specifies the maximum number of concurrent operations to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,4,opt,name=maxParallel"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/azure.html
AzureSpec defines configuration to set up Google Cloud Storage as backend storage in vault
func (*AzureSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureSpec.
func (*AzureSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AzureSpec) Descriptor ¶
func (*AzureSpec) MarshalToSizedBuffer ¶
func (*AzureSpec) ProtoMessage ¶
func (*AzureSpec) ProtoMessage()
func (*AzureSpec) XXX_DiscardUnknown ¶
func (m *AzureSpec) XXX_DiscardUnknown()
func (*AzureSpec) XXX_Marshal ¶
func (*AzureSpec) XXX_Unmarshal ¶
type BackendStorageSpec ¶
type BackendStorageSpec struct { // ref: https://www.vaultproject.io/docs/configuration/storage/in-memory.html // +optional Inmem *InmemSpec `json:"inmem,omitempty" protobuf:"bytes,1,opt,name=inmem"` // +optional Etcd *EtcdSpec `json:"etcd,omitempty" protobuf:"bytes,2,opt,name=etcd"` // +optional Gcs *GcsSpec `json:"gcs,omitempty" protobuf:"bytes,3,opt,name=gcs"` // +optional S3 *S3Spec `json:"s3,omitempty" protobuf:"bytes,4,opt,name=s3"` // +optional Azure *AzureSpec `json:"azure,omitempty" protobuf:"bytes,5,opt,name=azure"` // +optional PostgreSQL *PostgreSQLSpec `json:"postgresql,omitempty" protobuf:"bytes,6,opt,name=postgresql"` // +optional MySQL *MySQLSpec `json:"mysql,omitempty" protobuf:"bytes,7,opt,name=mysql"` // +optional File *FileSpec `json:"file,omitempty" protobuf:"bytes,8,opt,name=file"` // +optional DynamoDB *DynamoDBSpec `json:"dynamodb,omitempty" protobuf:"bytes,9,opt,name=dynamodb"` // +optional Swift *SwiftSpec `json:"swift,omitempty" protobuf:"bytes,10,opt,name=swift"` // +optional Consul *ConsulSpec `json:"consul,omitempty" protobuf:"bytes,11,opt,name=consul"` // +optional Raft *RaftSpec `json:"raft,omitempty" protobuf:"bytes,12,opt,name=raft"` }
TODO : set defaults and validation BackendStorageSpec defines storage backend configuration of vault
func (*BackendStorageSpec) DeepCopy ¶
func (in *BackendStorageSpec) DeepCopy() *BackendStorageSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendStorageSpec.
func (*BackendStorageSpec) DeepCopyInto ¶
func (in *BackendStorageSpec) DeepCopyInto(out *BackendStorageSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*BackendStorageSpec) Descriptor ¶
func (*BackendStorageSpec) Descriptor() ([]byte, []int)
func (*BackendStorageSpec) GetBackendType ¶
func (vsb *BackendStorageSpec) GetBackendType() (VaultServerBackend, error)
func (*BackendStorageSpec) Marshal ¶
func (m *BackendStorageSpec) Marshal() (dAtA []byte, err error)
func (*BackendStorageSpec) MarshalTo ¶
func (m *BackendStorageSpec) MarshalTo(dAtA []byte) (int, error)
func (*BackendStorageSpec) MarshalToSizedBuffer ¶
func (m *BackendStorageSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*BackendStorageSpec) ProtoMessage ¶
func (*BackendStorageSpec) ProtoMessage()
func (*BackendStorageSpec) Reset ¶
func (m *BackendStorageSpec) Reset()
func (*BackendStorageSpec) Size ¶
func (m *BackendStorageSpec) Size() (n int)
func (*BackendStorageSpec) String ¶
func (this *BackendStorageSpec) String() string
func (*BackendStorageSpec) Unmarshal ¶
func (m *BackendStorageSpec) Unmarshal(dAtA []byte) error
func (*BackendStorageSpec) XXX_DiscardUnknown ¶
func (m *BackendStorageSpec) XXX_DiscardUnknown()
func (*BackendStorageSpec) XXX_Marshal ¶
func (m *BackendStorageSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*BackendStorageSpec) XXX_Merge ¶
func (m *BackendStorageSpec) XXX_Merge(src proto.Message)
func (*BackendStorageSpec) XXX_Size ¶
func (m *BackendStorageSpec) XXX_Size() int
func (*BackendStorageSpec) XXX_Unmarshal ¶
func (m *BackendStorageSpec) XXX_Unmarshal(b []byte) error
type ConsulSpec ¶
type ConsulSpec struct { // Specifies the address of the Consul agent to communicate with. // This can be an IP address, DNS record, or unix socket. // +optional Address string `json:"address,omitempty" protobuf:"bytes,1,opt,name=address"` // Specifies the check interval used to send health check information // back to Consul. // This is specified using a label suffix like "30s" or "1h". // +optional CheckTimeout string `json:"checkTimeout,omitempty" protobuf:"bytes,2,opt,name=checkTimeout"` // Specifies the Consul consistency mode. // Possible values are "default" or "strong". // +optional ConsistencyMode string `json:"consistencyMode,omitempty" protobuf:"bytes,3,opt,name=consistencyMode"` // Specifies whether Vault should register itself with Consul. // Possible values are "true" or "false" // +optional DisableRegistration string `json:"disableRegistration,omitempty" protobuf:"bytes,4,opt,name=disableRegistration"` // Specifies the maximum number of concurrent requests to Consul. // +optional MaxParallel string `json:"maxParallel,omitempty" protobuf:"bytes,5,opt,name=maxParallel"` // Specifies the path in Consul's key-value store // where Vault data will be stored. // +optional Path string `json:"path,omitempty" protobuf:"bytes,6,opt,name=path"` // Specifies the scheme to use when communicating with Consul. // This can be set to "http" or "https". // +optional Scheme string `json:"scheme,omitempty" protobuf:"bytes,7,opt,name=scheme"` // Specifies the name of the service to register in Consul. // +optional Service string `json:"service,omitempty" protobuf:"bytes,8,opt,name=service"` // Specifies a comma-separated list of tags // to attach to the service registration in Consul. // +optional ServiceTags string `json:"serviceTags,omitempty" protobuf:"bytes,9,opt,name=serviceTags"` // Specifies a service-specific address to set on the service registration // in Consul. // If unset, Vault will use what it knows to be the HA redirect address // - which is usually desirable. // Setting this parameter to "" will tell Consul to leverage the configuration // of the node the service is registered on dynamically. // +optional ServiceAddress string `json:"serviceAddress,omitempty" protobuf:"bytes,10,opt,name=serviceAddress"` // Specifies the secret name that contains ACL token with permission // to read and write from the path in Consul's key-value store. // secret data: // - aclToken:<value> // +optional ACLTokenSecretName string `json:"aclTokenSecretName,omitempty" protobuf:"bytes,11,opt,name=aclTokenSecretName"` // Specifies the minimum allowed session TTL. // Consul server has a lower limit of 10s on the session TTL by default. // +optional SessionTTL string `json:"sessionTTL,omitempty" protobuf:"bytes,12,opt,name=sessionTTL"` // Specifies the wait time before a lock lock acquisition is made. // This affects the minimum time it takes to cancel a lock acquisition. // +optional LockWaitTime string `json:"lockWaitTime,omitempty" protobuf:"bytes,13,opt,name=lockWaitTime"` // Specifies the secret name that contains tls_ca_file, tls_cert_file and tls_key_file // for consul communication // Secret data: // - ca.crt // - client.crt // - client.key // +optional TLSSecretName string `json:"tlsSecretName,omitempty" protobuf:"bytes,14,opt,name=tlsSecretName"` // Specifies the minimum TLS version to use. // Accepted values are "tls10", "tls11" or "tls12". // +optional TLSMinVersion string `json:"tlsMinVersion,omitempty" protobuf:"bytes,15,opt,name=tlsMinVersion"` // Specifies if the TLS host verification should be disabled. // It is highly discouraged that you disable this option. // +optional TLSSkipVerify bool `json:"tlsSkipVerify,omitempty" protobuf:"varint,16,opt,name=tlsSkipVerify"` }
ref: https://www.vaultproject.io/docs/configuration/storage/consul.html
ConsulSpec defines the configuration to set up consul as backend storage in vault
func (*ConsulSpec) DeepCopy ¶
func (in *ConsulSpec) DeepCopy() *ConsulSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsulSpec.
func (*ConsulSpec) DeepCopyInto ¶
func (in *ConsulSpec) DeepCopyInto(out *ConsulSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ConsulSpec) Descriptor ¶
func (*ConsulSpec) Descriptor() ([]byte, []int)
func (*ConsulSpec) Marshal ¶
func (m *ConsulSpec) Marshal() (dAtA []byte, err error)
func (*ConsulSpec) MarshalToSizedBuffer ¶
func (m *ConsulSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*ConsulSpec) ProtoMessage ¶
func (*ConsulSpec) ProtoMessage()
func (*ConsulSpec) Reset ¶
func (m *ConsulSpec) Reset()
func (*ConsulSpec) Size ¶
func (m *ConsulSpec) Size() (n int)
func (*ConsulSpec) String ¶
func (this *ConsulSpec) String() string
func (*ConsulSpec) Unmarshal ¶
func (m *ConsulSpec) Unmarshal(dAtA []byte) error
func (*ConsulSpec) XXX_DiscardUnknown ¶
func (m *ConsulSpec) XXX_DiscardUnknown()
func (*ConsulSpec) XXX_Marshal ¶
func (m *ConsulSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ConsulSpec) XXX_Merge ¶
func (m *ConsulSpec) XXX_Merge(src proto.Message)
func (*ConsulSpec) XXX_Size ¶
func (m *ConsulSpec) XXX_Size() int
func (*ConsulSpec) XXX_Unmarshal ¶
func (m *ConsulSpec) XXX_Unmarshal(b []byte) error
type DynamoDBSpec ¶
type DynamoDBSpec struct { // Specifies an alternative, AWS compatible, DynamoDB endpoint. // +optional Endpoint string `json:"endpoint,omitempty" protobuf:"bytes,1,opt,name=endpoint"` // Specifies the AWS region // +optional Region string `json:"region,omitempty" protobuf:"bytes,2,opt,name=region"` // Specifies whether this backend should be used to run Vault in high availability mode. // +optional HaEnabled bool `json:"haEnabled,omitempty" protobuf:"varint,3,opt,name=haEnabled"` // Specifies the maximum number of reads consumed per second on the table // +optional ReadCapacity int64 `json:"readCapacity,omitempty" protobuf:"varint,4,opt,name=readCapacity"` // Specifies the maximum number of writes performed per second on the table. // +optional WriteCapacity int64 `json:"writeCapacity,omitempty" protobuf:"varint,5,opt,name=writeCapacity"` // Specifies the name of the DynamoDB table in which to store Vault data. // If the specified table does not yet exist, it will be created during initialization. // default: vault-dynamodb-backend // +optional Table string `json:"table,omitempty" protobuf:"bytes,6,opt,name=table"` // Specifies the secret name containing AWS access key and AWS secret key // secret data: // - access_key=<value> // - secret_key=<value> // +optional CredentialSecret string `json:"credentialSecret,omitempty" protobuf:"bytes,7,opt,name=credentialSecret"` // Specifies the secret name containing AWS session token // secret data: // - session_token:<value> // +optional SessionTokenSecret string `json:"sessionTokenSecret,omitempty" protobuf:"bytes,8,opt,name=sessionTokenSecret"` // Specifies the maximum number of parallel operations to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,9,opt,name=maxParallel"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/dynamodb.html
DynamoDBSpec defines configuration to set up DynamoDB Storage as backend storage in vault
func (*DynamoDBSpec) DeepCopy ¶
func (in *DynamoDBSpec) DeepCopy() *DynamoDBSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DynamoDBSpec.
func (*DynamoDBSpec) DeepCopyInto ¶
func (in *DynamoDBSpec) DeepCopyInto(out *DynamoDBSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*DynamoDBSpec) Descriptor ¶
func (*DynamoDBSpec) Descriptor() ([]byte, []int)
func (*DynamoDBSpec) Marshal ¶
func (m *DynamoDBSpec) Marshal() (dAtA []byte, err error)
func (*DynamoDBSpec) MarshalToSizedBuffer ¶
func (m *DynamoDBSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*DynamoDBSpec) ProtoMessage ¶
func (*DynamoDBSpec) ProtoMessage()
func (*DynamoDBSpec) Reset ¶
func (m *DynamoDBSpec) Reset()
func (*DynamoDBSpec) Size ¶
func (m *DynamoDBSpec) Size() (n int)
func (*DynamoDBSpec) String ¶
func (this *DynamoDBSpec) String() string
func (*DynamoDBSpec) Unmarshal ¶
func (m *DynamoDBSpec) Unmarshal(dAtA []byte) error
func (*DynamoDBSpec) XXX_DiscardUnknown ¶
func (m *DynamoDBSpec) XXX_DiscardUnknown()
func (*DynamoDBSpec) XXX_Marshal ¶
func (m *DynamoDBSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*DynamoDBSpec) XXX_Merge ¶
func (m *DynamoDBSpec) XXX_Merge(src proto.Message)
func (*DynamoDBSpec) XXX_Size ¶
func (m *DynamoDBSpec) XXX_Size() int
func (*DynamoDBSpec) XXX_Unmarshal ¶
func (m *DynamoDBSpec) XXX_Unmarshal(b []byte) error
type EtcdSpec ¶
type EtcdSpec struct { // Specifies the addresses of the etcd instances Address string `json:"address" protobuf:"bytes,1,opt,name=address"` // Specifies the version of the API to communicate with etcd // +optional EtcdApi string `json:"etcdApi,omitempty" protobuf:"bytes,2,opt,name=etcdApi"` // Specifies if high availability should be enabled // +optional HAEnable bool `json:"haEnable,omitempty" protobuf:"varint,3,opt,name=haEnable"` // Specifies the path in etcd where vault data will be stored // +optional Path string `json:"path,omitempty" protobuf:"bytes,4,opt,name=path"` // Specifies whether to sync list of available etcd services on startup // +optional Sync bool `json:"sync,omitempty" protobuf:"varint,5,opt,name=sync"` // Specifies the domain name to query for SRV records describing cluster endpoints // +optional DiscoverySrv string `json:"discoverySrv,omitempty" protobuf:"bytes,6,opt,name=discoverySrv"` // Specifies the secret name that contain username and password to use when authenticating with the etcd server // secret data: // - username:<value> // - password:<value> // +optional CredentialSecretName string `json:"credentialSecretName,omitempty" protobuf:"bytes,7,opt,name=credentialSecretName"` // Specifies the secret name that contains tls_ca_file, tls_cert_file and tls_key_file for etcd communication // secret data: // - ca.crt // - client.crt // - client.key // +optional TLSSecretName string `json:"tlsSecretName,omitempty" protobuf:"bytes,8,opt,name=tlsSecretName"` }
TODO : set defaults and validation vault doc: https://www.vaultproject.io/docs/configuration/storage/etcd.html
EtcdSpec defines configuration to set up etcd as backend storage in vault
func (*EtcdSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdSpec.
func (*EtcdSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EtcdSpec) Descriptor ¶
func (*EtcdSpec) MarshalToSizedBuffer ¶
func (*EtcdSpec) ProtoMessage ¶
func (*EtcdSpec) ProtoMessage()
func (*EtcdSpec) XXX_DiscardUnknown ¶
func (m *EtcdSpec) XXX_DiscardUnknown()
func (*EtcdSpec) XXX_Marshal ¶
func (*EtcdSpec) XXX_Unmarshal ¶
type FileSpec ¶
type FileSpec struct { // The absolute path on disk to the directory where the data will be stored. // If the directory does not exist, Vault will create it. Path string `json:"path" protobuf:"bytes,1,opt,name=path"` // volumeClaimTemplate is a claim that pods are allowed to reference. // The VaultServer controller is responsible for deploying the claim // and update the volumeMounts in the Vault server container in the template. VolumeClaimTemplate ofst.PersistentVolumeClaim `json:"volumeClaimTemplate" protobuf:"bytes,2,opt,name=volumeClaimTemplate"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/filesystem.html
FileSpec defines configuration to set up File system Storage as backend storage in vault
func (*FileSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileSpec.
func (*FileSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FileSpec) Descriptor ¶
func (*FileSpec) MarshalToSizedBuffer ¶
func (*FileSpec) ProtoMessage ¶
func (*FileSpec) ProtoMessage()
func (*FileSpec) XXX_DiscardUnknown ¶
func (m *FileSpec) XXX_DiscardUnknown()
func (*FileSpec) XXX_Marshal ¶
func (*FileSpec) XXX_Unmarshal ¶
type FromNamespaces ¶ added in v0.5.0
type FromNamespaces string
FromNamespaces specifies namespace from which Secret Engines may be attached to a VaultServer.
+kubebuilder:validation:Enum=All;Selector;Same
const ( // Secret Engines in all namespaces may be attached to this VaultServer. NamespacesFromAll FromNamespaces = "All" // Only Secret Engines in namespaces selected by the selector may be attached to // this VaultServer. NamespacesFromSelector FromNamespaces = "Selector" // Only Secret Engines in the same namespace as the VaultServer may be attached to this // VaultServer. NamespacesFromSame FromNamespaces = "Same" )
type GcsSpec ¶
type GcsSpec struct { // Specifies the name of the bucket to use for storage. Bucket string `json:"bucket" protobuf:"bytes,1,opt,name=bucket"` // Specifies the maximum size (in kilobytes) to send in a single request. If set to 0, // it will attempt to send the whole object at once, but will not retry any failures. // +optional ChunkSize string `json:"chunkSize,omitempty" protobuf:"bytes,2,opt,name=chunkSize"` // Specifies the maximum number of parallel operations to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,3,opt,name=maxParallel"` // Specifies if high availability mode is enabled. // +optional HAEnabled bool `json:"haEnabled,omitempty" protobuf:"varint,4,opt,name=haEnabled"` // Secret containing Google application credential // secret data: // - sa.json:<value> // +optional CredentialSecret string `json:"credentialSecret,omitempty" protobuf:"bytes,5,opt,name=credentialSecret"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/google-cloud-storage.html
GcsSpec defines configuration to set up Google Cloud Storage as backend storage in vault
func (*GcsSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GcsSpec.
func (*GcsSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GcsSpec) Descriptor ¶
func (*GcsSpec) MarshalToSizedBuffer ¶
func (*GcsSpec) ProtoMessage ¶
func (*GcsSpec) ProtoMessage()
func (*GcsSpec) XXX_DiscardUnknown ¶
func (m *GcsSpec) XXX_DiscardUnknown()
func (*GcsSpec) XXX_Marshal ¶
func (*GcsSpec) XXX_Unmarshal ¶
type GoogleKmsGcsSpec ¶
type GoogleKmsGcsSpec struct { // The name of the Google Cloud KMS crypto key to use KmsCryptoKey string `json:"kmsCryptoKey" protobuf:"bytes,1,opt,name=kmsCryptoKey"` // The name of the Google Cloud KMS key ring to use KmsKeyRing string `json:"kmsKeyRing" protobuf:"bytes,2,opt,name=kmsKeyRing"` // The Google Cloud KMS location to use (eg. 'global', 'europe-west1') KmsLocation string `json:"kmsLocation" protobuf:"bytes,3,opt,name=kmsLocation"` // The Google Cloud KMS project to use KmsProject string `json:"kmsProject" protobuf:"bytes,4,opt,name=kmsProject"` // The name of the Google Cloud Storage bucket to store values in Bucket string `json:"bucket" protobuf:"bytes,5,opt,name=bucket"` // Secret containing Google application credential // secret data: // - sa.json:<value> // +optional CredentialSecret string `json:"credentialSecret,omitempty" protobuf:"bytes,6,opt,name=credentialSecret"` }
GoogleKmsGcsSpec contain the fields that required to unseal vault using google kms
func (*GoogleKmsGcsSpec) DeepCopy ¶
func (in *GoogleKmsGcsSpec) DeepCopy() *GoogleKmsGcsSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GoogleKmsGcsSpec.
func (*GoogleKmsGcsSpec) DeepCopyInto ¶
func (in *GoogleKmsGcsSpec) DeepCopyInto(out *GoogleKmsGcsSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GoogleKmsGcsSpec) Descriptor ¶
func (*GoogleKmsGcsSpec) Descriptor() ([]byte, []int)
func (*GoogleKmsGcsSpec) Marshal ¶
func (m *GoogleKmsGcsSpec) Marshal() (dAtA []byte, err error)
func (*GoogleKmsGcsSpec) MarshalToSizedBuffer ¶
func (m *GoogleKmsGcsSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*GoogleKmsGcsSpec) ProtoMessage ¶
func (*GoogleKmsGcsSpec) ProtoMessage()
func (*GoogleKmsGcsSpec) Reset ¶
func (m *GoogleKmsGcsSpec) Reset()
func (*GoogleKmsGcsSpec) Size ¶
func (m *GoogleKmsGcsSpec) Size() (n int)
func (*GoogleKmsGcsSpec) String ¶
func (this *GoogleKmsGcsSpec) String() string
func (*GoogleKmsGcsSpec) Unmarshal ¶
func (m *GoogleKmsGcsSpec) Unmarshal(dAtA []byte) error
func (*GoogleKmsGcsSpec) XXX_DiscardUnknown ¶
func (m *GoogleKmsGcsSpec) XXX_DiscardUnknown()
func (*GoogleKmsGcsSpec) XXX_Marshal ¶
func (m *GoogleKmsGcsSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*GoogleKmsGcsSpec) XXX_Merge ¶
func (m *GoogleKmsGcsSpec) XXX_Merge(src proto.Message)
func (*GoogleKmsGcsSpec) XXX_Size ¶
func (m *GoogleKmsGcsSpec) XXX_Size() int
func (*GoogleKmsGcsSpec) XXX_Unmarshal ¶
func (m *GoogleKmsGcsSpec) XXX_Unmarshal(b []byte) error
type InmemSpec ¶
type InmemSpec struct { }
ref: https://www.vaultproject.io/docs/configuration/storage/in-memory.html
func (*InmemSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InmemSpec.
func (*InmemSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*InmemSpec) Descriptor ¶
func (*InmemSpec) MarshalToSizedBuffer ¶
func (*InmemSpec) ProtoMessage ¶
func (*InmemSpec) ProtoMessage()
func (*InmemSpec) XXX_DiscardUnknown ¶
func (m *InmemSpec) XXX_DiscardUnknown()
func (*InmemSpec) XXX_Marshal ¶
func (*InmemSpec) XXX_Unmarshal ¶
type KubernetesSecretSpec ¶
type KubernetesSecretSpec struct {
SecretName string `json:"secretName" protobuf:"bytes,1,opt,name=secretName"`
}
KubernetesSecretSpec contain the fields that required to unseal using kubernetes secret
func (*KubernetesSecretSpec) DeepCopy ¶
func (in *KubernetesSecretSpec) DeepCopy() *KubernetesSecretSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesSecretSpec.
func (*KubernetesSecretSpec) DeepCopyInto ¶
func (in *KubernetesSecretSpec) DeepCopyInto(out *KubernetesSecretSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KubernetesSecretSpec) Descriptor ¶
func (*KubernetesSecretSpec) Descriptor() ([]byte, []int)
func (*KubernetesSecretSpec) Marshal ¶
func (m *KubernetesSecretSpec) Marshal() (dAtA []byte, err error)
func (*KubernetesSecretSpec) MarshalTo ¶
func (m *KubernetesSecretSpec) MarshalTo(dAtA []byte) (int, error)
func (*KubernetesSecretSpec) MarshalToSizedBuffer ¶
func (m *KubernetesSecretSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*KubernetesSecretSpec) ProtoMessage ¶
func (*KubernetesSecretSpec) ProtoMessage()
func (*KubernetesSecretSpec) Reset ¶
func (m *KubernetesSecretSpec) Reset()
func (*KubernetesSecretSpec) Size ¶
func (m *KubernetesSecretSpec) Size() (n int)
func (*KubernetesSecretSpec) String ¶
func (this *KubernetesSecretSpec) String() string
func (*KubernetesSecretSpec) Unmarshal ¶
func (m *KubernetesSecretSpec) Unmarshal(dAtA []byte) error
func (*KubernetesSecretSpec) XXX_DiscardUnknown ¶
func (m *KubernetesSecretSpec) XXX_DiscardUnknown()
func (*KubernetesSecretSpec) XXX_Marshal ¶
func (m *KubernetesSecretSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*KubernetesSecretSpec) XXX_Merge ¶
func (m *KubernetesSecretSpec) XXX_Merge(src proto.Message)
func (*KubernetesSecretSpec) XXX_Size ¶
func (m *KubernetesSecretSpec) XXX_Size() int
func (*KubernetesSecretSpec) XXX_Unmarshal ¶
func (m *KubernetesSecretSpec) XXX_Unmarshal(b []byte) error
type ModeSpec ¶
type ModeSpec struct { // +optional KubernetesSecret *KubernetesSecretSpec `json:"kubernetesSecret,omitempty" protobuf:"bytes,1,opt,name=kubernetesSecret"` // +optional GoogleKmsGcs *GoogleKmsGcsSpec `json:"googleKmsGcs,omitempty" protobuf:"bytes,2,opt,name=googleKmsGcs"` // +optional AwsKmsSsm *AwsKmsSsmSpec `json:"awsKmsSsm,omitempty" protobuf:"bytes,3,opt,name=awsKmsSsm"` // +optional AzureKeyVault *AzureKeyVault `json:"azureKeyVault,omitempty" protobuf:"bytes,4,opt,name=azureKeyVault"` }
ModeSpec contain unseal mechanism
func (*ModeSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ModeSpec.
func (*ModeSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ModeSpec) Descriptor ¶
func (*ModeSpec) MarshalToSizedBuffer ¶
func (*ModeSpec) ProtoMessage ¶
func (*ModeSpec) ProtoMessage()
func (*ModeSpec) XXX_DiscardUnknown ¶
func (m *ModeSpec) XXX_DiscardUnknown()
func (*ModeSpec) XXX_Marshal ¶
func (*ModeSpec) XXX_Unmarshal ¶
type MySQLSpec ¶
type MySQLSpec struct { // Specifies the address of the MySQL host. // +optional Address string `json:"address" protobuf:"bytes,1,opt,name=address"` // Specifies the name of the database. If the database does not exist, Vault will attempt to create it. // +optional Database string `json:"database,omitempty" protobuf:"bytes,2,opt,name=database"` // Specifies the name of the table. If the table does not exist, Vault will attempt to create it. // +optional Table string `json:"table,omitempty" protobuf:"bytes,3,opt,name=table"` // Specifies the MySQL username and password to connect to the database // secret data: // - username=<value> // - password=<value> UserCredentialSecret string `json:"userCredentialSecret" protobuf:"bytes,4,opt,name=userCredentialSecret"` // Specifies the name of the secret containing the CA certificate to connect using TLS. // secret data: // - tls_ca_file=<ca_cert> // +optional TLSCASecret string `json:"tlsCASecret,omitempty" protobuf:"bytes,5,opt,name=tlsCASecret"` // Specifies the maximum number of concurrent requests to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,6,opt,name=maxParallel"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/mysql.html
MySQLSpec defines configuration to set up MySQL Storage as backend storage in vault
func (*MySQLSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MySQLSpec.
func (*MySQLSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*MySQLSpec) Descriptor ¶
func (*MySQLSpec) MarshalToSizedBuffer ¶
func (*MySQLSpec) ProtoMessage ¶
func (*MySQLSpec) ProtoMessage()
func (*MySQLSpec) XXX_DiscardUnknown ¶
func (m *MySQLSpec) XXX_DiscardUnknown()
func (*MySQLSpec) XXX_Marshal ¶
func (*MySQLSpec) XXX_Unmarshal ¶
type NamedServiceTemplateSpec ¶
type NamedServiceTemplateSpec struct { // Alias represents the identifier of the service. Alias ServiceAlias `json:"alias" protobuf:"bytes,1,opt,name=alias"` // ServiceTemplate is an optional configuration for a service used to expose VaultServer // +optional ofst.ServiceTemplateSpec `json:",inline,omitempty" protobuf:"bytes,2,opt,name=serviceTemplateSpec"` }
func (*NamedServiceTemplateSpec) DeepCopy ¶
func (in *NamedServiceTemplateSpec) DeepCopy() *NamedServiceTemplateSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamedServiceTemplateSpec.
func (*NamedServiceTemplateSpec) DeepCopyInto ¶
func (in *NamedServiceTemplateSpec) DeepCopyInto(out *NamedServiceTemplateSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NamedServiceTemplateSpec) Descriptor ¶
func (*NamedServiceTemplateSpec) Descriptor() ([]byte, []int)
func (*NamedServiceTemplateSpec) Marshal ¶
func (m *NamedServiceTemplateSpec) Marshal() (dAtA []byte, err error)
func (*NamedServiceTemplateSpec) MarshalTo ¶
func (m *NamedServiceTemplateSpec) MarshalTo(dAtA []byte) (int, error)
func (*NamedServiceTemplateSpec) MarshalToSizedBuffer ¶
func (m *NamedServiceTemplateSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*NamedServiceTemplateSpec) ProtoMessage ¶
func (*NamedServiceTemplateSpec) ProtoMessage()
func (*NamedServiceTemplateSpec) Reset ¶
func (m *NamedServiceTemplateSpec) Reset()
func (*NamedServiceTemplateSpec) Size ¶
func (m *NamedServiceTemplateSpec) Size() (n int)
func (*NamedServiceTemplateSpec) String ¶
func (this *NamedServiceTemplateSpec) String() string
func (*NamedServiceTemplateSpec) Unmarshal ¶
func (m *NamedServiceTemplateSpec) Unmarshal(dAtA []byte) error
func (*NamedServiceTemplateSpec) XXX_DiscardUnknown ¶
func (m *NamedServiceTemplateSpec) XXX_DiscardUnknown()
func (*NamedServiceTemplateSpec) XXX_Marshal ¶
func (m *NamedServiceTemplateSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*NamedServiceTemplateSpec) XXX_Merge ¶
func (m *NamedServiceTemplateSpec) XXX_Merge(src proto.Message)
func (*NamedServiceTemplateSpec) XXX_Size ¶
func (m *NamedServiceTemplateSpec) XXX_Size() int
func (*NamedServiceTemplateSpec) XXX_Unmarshal ¶
func (m *NamedServiceTemplateSpec) XXX_Unmarshal(b []byte) error
type PostgreSQLSpec ¶
type PostgreSQLSpec struct { //Specifies the name of the secret containing the connection string to use to authenticate and connect to PostgreSQL. // A full list of supported parameters can be found in the pq library documentation(https://godoc.org/github.com/lib/pq#hdr-Connection_String_Parameters). // secret data: // - connection_url:<data> ConnectionURLSecret string `json:"connectionURLSecret" protobuf:"bytes,1,opt,name=connectionURLSecret"` // Specifies the name of the table in which to write Vault data. // This table must already exist (Vault will not attempt to create it). // +optional Table string `json:"table,omitempty" protobuf:"bytes,2,opt,name=table"` // Specifies the maximum number of concurrent requests to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,3,opt,name=maxParallel"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/postgresql.html
PostgreSQLSpec defines configuration to set up PostgreSQL storage as backend storage in vault
func (*PostgreSQLSpec) DeepCopy ¶
func (in *PostgreSQLSpec) DeepCopy() *PostgreSQLSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PostgreSQLSpec.
func (*PostgreSQLSpec) DeepCopyInto ¶
func (in *PostgreSQLSpec) DeepCopyInto(out *PostgreSQLSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PostgreSQLSpec) Descriptor ¶
func (*PostgreSQLSpec) Descriptor() ([]byte, []int)
func (*PostgreSQLSpec) Marshal ¶
func (m *PostgreSQLSpec) Marshal() (dAtA []byte, err error)
func (*PostgreSQLSpec) MarshalToSizedBuffer ¶
func (m *PostgreSQLSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*PostgreSQLSpec) ProtoMessage ¶
func (*PostgreSQLSpec) ProtoMessage()
func (*PostgreSQLSpec) Reset ¶
func (m *PostgreSQLSpec) Reset()
func (*PostgreSQLSpec) Size ¶
func (m *PostgreSQLSpec) Size() (n int)
func (*PostgreSQLSpec) String ¶
func (this *PostgreSQLSpec) String() string
func (*PostgreSQLSpec) Unmarshal ¶
func (m *PostgreSQLSpec) Unmarshal(dAtA []byte) error
func (*PostgreSQLSpec) XXX_DiscardUnknown ¶
func (m *PostgreSQLSpec) XXX_DiscardUnknown()
func (*PostgreSQLSpec) XXX_Marshal ¶
func (m *PostgreSQLSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*PostgreSQLSpec) XXX_Merge ¶
func (m *PostgreSQLSpec) XXX_Merge(src proto.Message)
func (*PostgreSQLSpec) XXX_Size ¶
func (m *PostgreSQLSpec) XXX_Size() int
func (*PostgreSQLSpec) XXX_Unmarshal ¶
func (m *PostgreSQLSpec) XXX_Unmarshal(b []byte) error
type RaftSpec ¶
type RaftSpec struct { // Path (string: "") specifies the filesystem path where the vault data gets stored. // This value can be overridden by setting the VAULT_RAFT_PATH environment variable. // default: "" // +optional Path string `json:"path,omitempty" protobuf:"bytes,1,opt,name=path"` // An integer multiplier used by servers to scale key Raft timing parameters. // Tuning this affects the time it takes Vault to detect leader failures and to perform leader elections, // at the expense of requiring more network and CPU resources for better performance. // default: 0 // +optional PerformanceMultiplier int64 `json:"performanceMultiplier,omitempty" protobuf:"bytes,3,opt,name=performanceMultiplier"` // This controls how many log entries are left in the log store on disk after a snapshot is made. // default: 10000 // +optional TrailingLogs *int64 `json:"trailingLogs,omitempty" protobuf:"bytes,4,opt,name=trailingLogs"` // This controls the minimum number of raft commit entries between snapshots that are saved to disk. // default: 8192 // +optional SnapshotThreshold *int64 `json:"snapshotThreshold,omitempty" protobuf:"bytes,5,opt,name=snapshotThreshold"` // This configures the maximum number of bytes for a raft entry. It applies to both Put operations and transactions. // default: 1048576 // +optional MaxEntrySize *int64 `json:"maxEntrySize,omitempty" protobuf:"bytes,7,opt,name=maxEntrySize"` // This is the interval after which autopilot will pick up any state changes. // default: "" // +optional AutopilotReconcileInterval string `json:"autopilotReconcileInterval,omitempty" protobuf:"bytes,8,opt,name=autoPilotReconcileInterval"` // Storage to specify how storage shall be used. Storage *core.PersistentVolumeClaimSpec `json:"storage,omitempty" protobuf:"bytes,9,opt,name=storage"` }
RaftSpec defines the configuration for the Raft integrated storage. https://www.vaultproject.io/docs/configuration/storage/raft
func (*RaftSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RaftSpec.
func (*RaftSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RaftSpec) Descriptor ¶
func (*RaftSpec) MarshalToSizedBuffer ¶
func (*RaftSpec) ProtoMessage ¶
func (*RaftSpec) ProtoMessage()
func (*RaftSpec) XXX_DiscardUnknown ¶
func (m *RaftSpec) XXX_DiscardUnknown()
func (*RaftSpec) XXX_Marshal ¶
func (*RaftSpec) XXX_Unmarshal ¶
type S3Spec ¶
type S3Spec struct { // Specifies the name of the bucket to use for storage. Bucket string `json:"bucket" protobuf:"bytes,1,opt,name=bucket"` // Specifies an alternative, AWS compatible, S3 endpoint. // +optional Endpoint string `json:"endpoint,omitempty" protobuf:"bytes,2,opt,name=endpoint"` // Specifies the AWS region // +optional Region string `json:"region,omitempty" protobuf:"bytes,3,opt,name=region"` // Specifies the secret name containing AWS access key and AWS secret key // secret data: // - access_key=<value> // - secret_key=<value> // +optional CredentialSecret string `json:"credentialSecret,omitempty" protobuf:"bytes,4,opt,name=credentialSecret"` // Specifies the secret name containing AWS session token // secret data: // - session_token:<value> // +optional SessionTokenSecret string `json:"sessionTokenSecret,omitempty" protobuf:"bytes,5,opt,name=sessionTokenSecret"` // Specifies the maximum number of parallel operations to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,6,opt,name=maxParallel"` // Specifies whether to use host bucket style domains with the configured endpoint. // +optional ForcePathStyle bool `json:"forcePathStyle,omitempty" protobuf:"varint,7,opt,name=forcePathStyle"` // Specifies if SSL should be used for the endpoint connection // +optional DisableSSL bool `json:"disableSSL,omitempty" protobuf:"varint,8,opt,name=disableSSL"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/s3.html
S3Spec defines configuration to set up Amazon S3 Storage as backend storage in vault
func (*S3Spec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new S3Spec.
func (*S3Spec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*S3Spec) Descriptor ¶
func (*S3Spec) MarshalToSizedBuffer ¶
func (*S3Spec) ProtoMessage ¶
func (*S3Spec) ProtoMessage()
func (*S3Spec) XXX_DiscardUnknown ¶
func (m *S3Spec) XXX_DiscardUnknown()
func (*S3Spec) XXX_Marshal ¶
func (*S3Spec) XXX_Unmarshal ¶
type SecretEngineNamespaces ¶ added in v0.5.0
type SecretEngineNamespaces struct { // From indicates where Secret Engines will be selected for this VaultServer. Possible // values are: // * All: Secret Engines in all namespaces may be used by this VaultServer. // * Selector: Secret Engines in namespaces selected by the selector may be used by // this VaultServer. // * Same: Only Secret Engines in the same namespace may be used by this VaultServer. // // +optional // +kubebuilder:default=Same From *FromNamespaces `json:"from,omitempty" protobuf:"bytes,1,opt,name=from,casttype=FromNamespaces"` // Selector must be specified when From is set to "Selector". In that case, // only Secret Engines in Namespaces matching this Selector will be selected by this // VaultServer. This field is ignored for other values of "From". // // +optional Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,2,opt,name=selector"` }
SecretEngineNamespaces indicate which namespaces Secret Engines should be selected from.
func (*SecretEngineNamespaces) DeepCopy ¶ added in v0.5.0
func (in *SecretEngineNamespaces) DeepCopy() *SecretEngineNamespaces
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretEngineNamespaces.
func (*SecretEngineNamespaces) DeepCopyInto ¶ added in v0.5.0
func (in *SecretEngineNamespaces) DeepCopyInto(out *SecretEngineNamespaces)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SecretEngineNamespaces) Descriptor ¶ added in v0.5.0
func (*SecretEngineNamespaces) Descriptor() ([]byte, []int)
func (*SecretEngineNamespaces) Marshal ¶ added in v0.5.0
func (m *SecretEngineNamespaces) Marshal() (dAtA []byte, err error)
func (*SecretEngineNamespaces) MarshalTo ¶ added in v0.5.0
func (m *SecretEngineNamespaces) MarshalTo(dAtA []byte) (int, error)
func (*SecretEngineNamespaces) MarshalToSizedBuffer ¶ added in v0.5.0
func (m *SecretEngineNamespaces) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*SecretEngineNamespaces) ProtoMessage ¶ added in v0.5.0
func (*SecretEngineNamespaces) ProtoMessage()
func (*SecretEngineNamespaces) Reset ¶ added in v0.5.0
func (m *SecretEngineNamespaces) Reset()
func (*SecretEngineNamespaces) Size ¶ added in v0.5.0
func (m *SecretEngineNamespaces) Size() (n int)
func (*SecretEngineNamespaces) String ¶ added in v0.5.0
func (this *SecretEngineNamespaces) String() string
func (*SecretEngineNamespaces) Unmarshal ¶ added in v0.5.0
func (m *SecretEngineNamespaces) Unmarshal(dAtA []byte) error
func (*SecretEngineNamespaces) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *SecretEngineNamespaces) XXX_DiscardUnknown()
func (*SecretEngineNamespaces) XXX_Marshal ¶ added in v0.5.0
func (m *SecretEngineNamespaces) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*SecretEngineNamespaces) XXX_Merge ¶ added in v0.5.0
func (m *SecretEngineNamespaces) XXX_Merge(src proto.Message)
func (*SecretEngineNamespaces) XXX_Size ¶ added in v0.5.0
func (m *SecretEngineNamespaces) XXX_Size() int
func (*SecretEngineNamespaces) XXX_Unmarshal ¶ added in v0.5.0
func (m *SecretEngineNamespaces) XXX_Unmarshal(b []byte) error
type SecretEngineType ¶ added in v0.5.0
type SecretEngineType string
+kubebuilder:validation:Enum=kv;pki;aws;azure;gcp;postgres;mongodb;mysql;elasticsearch
const ( SecretEngineTypeKV SecretEngineType = "kv" SecretEngineTypePKI SecretEngineType = "pki" SecretEngineTypeAWS SecretEngineType = "aws" SecretEngineTypeAzure SecretEngineType = "azure" SecretEngineTypeGCP SecretEngineType = "gcp" SecretEngineTypePostgres SecretEngineType = "postgres" SecretEngineTypeMongoDB SecretEngineType = "mongodb" SecretEngineTypeMySQL SecretEngineType = "mysql" SecretEngineTypeElasticsearch SecretEngineType = "elasticsearch" )
type ServiceAlias ¶
type ServiceAlias string
+kubebuilder:validation:Enum=internal;vault;stats
const ( VaultServerServiceInternal ServiceAlias = "internal" VaultServerServiceVault ServiceAlias = "vault" VaultServerServiceStats ServiceAlias = "stats" )
type SwiftSpec ¶
type SwiftSpec struct { // Specifies the OpenStack authentication endpoint. AuthURL string `json:"authURL" protobuf:"bytes,1,opt,name=authURL"` // Specifies the name of the Swift container. Container string `json:"container" protobuf:"bytes,2,opt,name=container"` // Specifies the name of the secret containing the OpenStack account/username and password // secret data: // - username=<value> // - password=<value> CredentialSecret string `json:"credentialSecret" protobuf:"bytes,3,opt,name=credentialSecret"` // Specifies the name of the tenant. If left blank, this will default to the default tenant of the username. // +optional Tenant string `json:"tenant,omitempty" protobuf:"bytes,4,opt,name=tenant"` // Specifies the name of the region. // +optional Region string `json:"region,omitempty" protobuf:"bytes,5,opt,name=region"` // Specifies the id of the tenant. // +optional TenantID string `json:"tenantID,omitempty" protobuf:"bytes,6,opt,name=tenantID"` // Specifies the name of the user domain. // +optional Domain string `json:"domain,omitempty" protobuf:"bytes,7,opt,name=domain"` // Specifies the name of the project's domain. // +optional ProjectDomain string `json:"projectDomain,omitempty" protobuf:"bytes,8,opt,name=projectDomain"` // Specifies the id of the trust. // +optional TrustID string `json:"trustID,omitempty" protobuf:"bytes,9,opt,name=trustID"` // Specifies storage URL from alternate authentication. // +optional StorageURL string `json:"storageURL,omitempty" protobuf:"bytes,10,opt,name=storageURL"` // Specifies secret containing auth token from alternate authentication. // secret data: // - auth_token=<value> // +optional AuthTokenSecret string `json:"authTokenSecret,omitempty" protobuf:"bytes,11,opt,name=authTokenSecret"` // Specifies the maximum number of concurrent requests to take place. // +optional MaxParallel int64 `json:"maxParallel,omitempty" protobuf:"varint,12,opt,name=maxParallel"` }
vault doc: https://www.vaultproject.io/docs/configuration/storage/swift.html
SwiftSpec defines configuration to set up Swift Storage as backend storage in vault
func (*SwiftSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SwiftSpec.
func (*SwiftSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SwiftSpec) Descriptor ¶
func (*SwiftSpec) MarshalToSizedBuffer ¶
func (*SwiftSpec) ProtoMessage ¶
func (*SwiftSpec) ProtoMessage()
func (*SwiftSpec) XXX_DiscardUnknown ¶
func (m *SwiftSpec) XXX_DiscardUnknown()
func (*SwiftSpec) XXX_Marshal ¶
func (*SwiftSpec) XXX_Unmarshal ¶
type TLSPolicy ¶
type TLSPolicy struct { // TLSSecret is the secret containing TLS certs used by each vault node // for the communication between the vault server and its clients. // The secret should contain three files: // - tls.crt // - tls.key // // The server certificate must allow the following wildcard domains: // - localhost // - *.<namespace>.pod // - <vaultServer-name>.<namespace>.svc TLSSecret string `json:"tlsSecret" protobuf:"bytes,1,opt,name=tlsSecret"` // CABundle is a PEM encoded CA bundle which will be used to validate the serving certificate. // +optional CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,2,opt,name=caBundle"` }
TLSPolicy defines the TLS policy of the vault nodes If this is not set, operator will auto-gen TLS assets and secrets.
func (*TLSPolicy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicy.
func (*TLSPolicy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TLSPolicy) Descriptor ¶
func (*TLSPolicy) MarshalToSizedBuffer ¶
func (*TLSPolicy) ProtoMessage ¶
func (*TLSPolicy) ProtoMessage()
func (*TLSPolicy) XXX_DiscardUnknown ¶
func (m *TLSPolicy) XXX_DiscardUnknown()
func (*TLSPolicy) XXX_Marshal ¶
func (*TLSPolicy) XXX_Unmarshal ¶
type TerminationPolicy ¶
type TerminationPolicy string
+kubebuilder:validation:Enum=Halt;Delete;WipeOut;DoNotTerminate
const ( // Deletes VaultServer pods, service but leave the PVCs and stash backup data intact. TerminationPolicyHalt TerminationPolicy = "Halt" // Deletes VaultServer pods, service, pvcs but leave the stash backup data intact. TerminationPolicyDelete TerminationPolicy = "Delete" // Deletes VaultServer pods, service, pvcs and stash backup data. TerminationPolicyWipeOut TerminationPolicy = "WipeOut" // Rejects attempt to delete VaultServer using ValidationWebhook. TerminationPolicyDoNotTerminate TerminationPolicy = "DoNotTerminate" )
type UnsealerSpec ¶
type UnsealerSpec struct { // +optional SecretShares int64 `json:"secretShares,omitempty" protobuf:"varint,1,opt,name=secretShares"` // Minimum required secret shares to unseal // +optional SecretThreshold int64 `json:"secretThreshold,omitempty" protobuf:"varint,2,opt,name=secretThreshold"` // How often to attempt to unseal the vault instance // +optional RetryPeriodSeconds time.Duration `json:"retryPeriodSeconds,omitempty" protobuf:"varint,3,opt,name=retryPeriodSeconds,casttype=time.Duration"` // overwrite existing unseal keys and root tokens, possibly dangerous! // +optional OverwriteExisting bool `json:"overwriteExisting,omitempty" protobuf:"varint,4,opt,name=overwriteExisting"` // should the root token be stored in the key store (default true) // +optional StoreRootToken bool `json:"storeRootToken,omitempty" protobuf:"varint,5,opt,name=storeRootToken"` // mode contains unseal mechanism // +optional Mode ModeSpec `json:"mode,omitempty" protobuf:"bytes,6,opt,name=mode"` }
UnsealerSpec contain the configuration for auto vault initialize/unseal
func (*UnsealerSpec) DeepCopy ¶
func (in *UnsealerSpec) DeepCopy() *UnsealerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UnsealerSpec.
func (*UnsealerSpec) DeepCopyInto ¶
func (in *UnsealerSpec) DeepCopyInto(out *UnsealerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*UnsealerSpec) Descriptor ¶
func (*UnsealerSpec) Descriptor() ([]byte, []int)
func (*UnsealerSpec) Marshal ¶
func (m *UnsealerSpec) Marshal() (dAtA []byte, err error)
func (*UnsealerSpec) MarshalToSizedBuffer ¶
func (m *UnsealerSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*UnsealerSpec) ProtoMessage ¶
func (*UnsealerSpec) ProtoMessage()
func (*UnsealerSpec) Reset ¶
func (m *UnsealerSpec) Reset()
func (*UnsealerSpec) Size ¶
func (m *UnsealerSpec) Size() (n int)
func (*UnsealerSpec) String ¶
func (this *UnsealerSpec) String() string
func (*UnsealerSpec) Unmarshal ¶
func (m *UnsealerSpec) Unmarshal(dAtA []byte) error
func (*UnsealerSpec) XXX_DiscardUnknown ¶
func (m *UnsealerSpec) XXX_DiscardUnknown()
func (*UnsealerSpec) XXX_Marshal ¶
func (m *UnsealerSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*UnsealerSpec) XXX_Merge ¶
func (m *UnsealerSpec) XXX_Merge(src proto.Message)
func (*UnsealerSpec) XXX_Size ¶
func (m *UnsealerSpec) XXX_Size() int
func (*UnsealerSpec) XXX_Unmarshal ¶
func (m *UnsealerSpec) XXX_Unmarshal(b []byte) error
type VaultCertificateAlias ¶
type VaultCertificateAlias string
+kubebuilder:validation:Enum=ca;server;client;storage
const ( VaultCACert VaultCertificateAlias = "ca" VaultServerCert VaultCertificateAlias = "server" VaultClientCert VaultCertificateAlias = "client" VaultStorageCert VaultCertificateAlias = "storage" )
type VaultServer ¶
type VaultServer struct { metav1.TypeMeta `json:",inline,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` Spec VaultServerSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"` Status VaultServerStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"` }
+kubebuilder:object:root=true +kubebuilder:resource:path=vaultservers,singular=vaultserver,shortName=vs,categories={vault,appscode,all} +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Replicas",type="string",JSONPath=".spec.replicas" +kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.version" +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.phase" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
func (VaultServer) AppBindingName ¶
func (v VaultServer) AppBindingName() string
func (*VaultServer) CertificateMountPath ¶
func (v *VaultServer) CertificateMountPath(alias VaultCertificateAlias) string
func (VaultServer) ConfigSecretName ¶
func (v VaultServer) ConfigSecretName() string
func (VaultServer) CustomResourceDefinition ¶
func (_ VaultServer) CustomResourceDefinition() *apiextensions.CustomResourceDefinition
func (*VaultServer) DeepCopy ¶
func (in *VaultServer) DeepCopy() *VaultServer
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultServer.
func (*VaultServer) DeepCopyInto ¶
func (in *VaultServer) DeepCopyInto(out *VaultServer)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultServer) DeepCopyObject ¶
func (in *VaultServer) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*VaultServer) DefaultCertSecretName ¶
func (vs *VaultServer) DefaultCertSecretName(alias string) string
Returns the default certificate secret name for given alias.
func (*VaultServer) Descriptor ¶
func (*VaultServer) Descriptor() ([]byte, []int)
func (*VaultServer) GetCertSecretName ¶
func (vs *VaultServer) GetCertSecretName(alias string) string
Returns certificate secret name for given alias if exists, otherwise returns the default certificate secret name.
func (*VaultServer) GetCertificateCN ¶
func (vs *VaultServer) GetCertificateCN(alias VaultCertificateAlias) string
func (VaultServer) GetKey ¶
func (v VaultServer) GetKey() string
func (*VaultServer) GetServiceTemplate ¶
func (vs *VaultServer) GetServiceTemplate(alias ServiceAlias) ofst.ServiceTemplateSpec
GetServiceTemplate returns a pointer to the desired serviceTemplate referred by "alias". Otherwise, it returns nil.
func (VaultServer) IsValid ¶
func (v VaultServer) IsValid() error
func (*VaultServer) Marshal ¶
func (m *VaultServer) Marshal() (dAtA []byte, err error)
func (*VaultServer) MarshalToSizedBuffer ¶
func (m *VaultServer) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (VaultServer) OffshootLabels ¶
func (v VaultServer) OffshootLabels() map[string]string
func (VaultServer) OffshootName ¶
func (v VaultServer) OffshootName() string
func (VaultServer) OffshootSelectors ¶
func (v VaultServer) OffshootSelectors() map[string]string
func (VaultServer) PolicyNameForAuthMethodController ¶
func (v VaultServer) PolicyNameForAuthMethodController() string
func (VaultServer) PolicyNameForPolicyController ¶
func (v VaultServer) PolicyNameForPolicyController() string
func (*VaultServer) ProtoMessage ¶
func (*VaultServer) ProtoMessage()
func (*VaultServer) ReplicasAreReady ¶
func (v *VaultServer) ReplicasAreReady(lister appslister.StatefulSetLister) (bool, string, error)
func (*VaultServer) Reset ¶
func (m *VaultServer) Reset()
func (VaultServer) ResourceFQN ¶
func (_ VaultServer) ResourceFQN() string
func (*VaultServer) Scheme ¶
func (vs *VaultServer) Scheme() string
func (VaultServer) ServiceAccountForTokenReviewer ¶
func (v VaultServer) ServiceAccountForTokenReviewer() string
func (VaultServer) ServiceAccountName ¶
func (v VaultServer) ServiceAccountName() string
func (VaultServer) ServiceName ¶
func (v VaultServer) ServiceName(alias ServiceAlias) string
func (*VaultServer) Size ¶
func (m *VaultServer) Size() (n int)
func (VaultServer) StatsLabels ¶
func (v VaultServer) StatsLabels() map[string]string
func (VaultServer) StatsService ¶
func (v VaultServer) StatsService() mona.StatsAccessor
func (VaultServer) StatsServiceName ¶
func (v VaultServer) StatsServiceName() string
func (*VaultServer) String ¶
func (this *VaultServer) String() string
func (VaultServer) TLSSecretName ¶
func (v VaultServer) TLSSecretName() string
func (*VaultServer) Unmarshal ¶
func (m *VaultServer) Unmarshal(dAtA []byte) error
func (*VaultServer) XXX_DiscardUnknown ¶
func (m *VaultServer) XXX_DiscardUnknown()
func (*VaultServer) XXX_Marshal ¶
func (m *VaultServer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*VaultServer) XXX_Merge ¶
func (m *VaultServer) XXX_Merge(src proto.Message)
func (*VaultServer) XXX_Size ¶
func (m *VaultServer) XXX_Size() int
func (*VaultServer) XXX_Unmarshal ¶
func (m *VaultServer) XXX_Unmarshal(b []byte) error
type VaultServerBackend ¶
type VaultServerBackend string
+kubebuilder:validation:Enum=inmem;etcd;gcs;s3;azure;postgresql;mysql;file;dynamodb;swift;consul;raft
const ( VaultServerInmem VaultServerBackend = "inmem" VaultServerEtcd VaultServerBackend = "etcd" VaultServerGcs VaultServerBackend = "gcs" VaultServerS3 VaultServerBackend = "s3" VaultServerAzure VaultServerBackend = "azure" VaultServerPostgreSQL VaultServerBackend = "postgresql" VaultServerMySQL VaultServerBackend = "mysql" VaultServerFile VaultServerBackend = "file" VaultServerDynamoDB VaultServerBackend = "dynamodb" VaultServerSwift VaultServerBackend = "swift" VaultServerConsul VaultServerBackend = "consul" VaultServerRaft VaultServerBackend = "raft" )
type VaultServerList ¶
type VaultServerList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` Items []VaultServer `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` }
func (*VaultServerList) DeepCopy ¶
func (in *VaultServerList) DeepCopy() *VaultServerList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultServerList.
func (*VaultServerList) DeepCopyInto ¶
func (in *VaultServerList) DeepCopyInto(out *VaultServerList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultServerList) DeepCopyObject ¶
func (in *VaultServerList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*VaultServerList) Descriptor ¶
func (*VaultServerList) Descriptor() ([]byte, []int)
func (*VaultServerList) Marshal ¶
func (m *VaultServerList) Marshal() (dAtA []byte, err error)
func (*VaultServerList) MarshalToSizedBuffer ¶
func (m *VaultServerList) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*VaultServerList) ProtoMessage ¶
func (*VaultServerList) ProtoMessage()
func (*VaultServerList) Reset ¶
func (m *VaultServerList) Reset()
func (*VaultServerList) Size ¶
func (m *VaultServerList) Size() (n int)
func (*VaultServerList) String ¶
func (this *VaultServerList) String() string
func (*VaultServerList) Unmarshal ¶
func (m *VaultServerList) Unmarshal(dAtA []byte) error
func (*VaultServerList) XXX_DiscardUnknown ¶
func (m *VaultServerList) XXX_DiscardUnknown()
func (*VaultServerList) XXX_Marshal ¶
func (m *VaultServerList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*VaultServerList) XXX_Merge ¶
func (m *VaultServerList) XXX_Merge(src proto.Message)
func (*VaultServerList) XXX_Size ¶
func (m *VaultServerList) XXX_Size() int
func (*VaultServerList) XXX_Unmarshal ¶
func (m *VaultServerList) XXX_Unmarshal(b []byte) error
type VaultServerPhase ¶
type VaultServerPhase string
+kubebuilder:validation:Enum=Initializing;Unsealing;Sealed;Ready;NotReady;Critical
const ( // used for VaultServer that are Initializing VaultServerPhaseInitializing VaultServerPhase = "Initializing" // used for VaultServer that are Unsealing VaultServerPhaseUnsealing VaultServerPhase = "Unsealing" // used for VaultServer that are sealed VaultServerPhaseSealed VaultServerPhase = "Sealed" // used for VaultServer that are Ready VaultServerPhaseReady VaultServerPhase = "Ready" // used for VaultServer that are NotReady VaultServerPhaseNotReady VaultServerPhase = "NotReady" // used for VaultServer that are Critical VaultServerPhaseCritical VaultServerPhase = "Critical" )
type VaultServerSpec ¶
type VaultServerSpec struct { // Version of VaultServer to be deployed. Version string `json:"version" protobuf:"bytes,1,opt,name=version"` // Number of instances to deploy for a VaultServer. Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,2,opt,name=replicas"` // ConfigSecret is an optional field to provide extra configuration for vault. // This secret contain extra config for vault // File name should be 'vault.hcl'. // If specified, this file will be appended to the controller configuration file. // +optional ConfigSecret *core.LocalObjectReference `json:"configSecret,omitempty" protobuf:"bytes,3,opt,name=configSecret"` // DataSources is a list of Configmaps/Secrets in the same namespace as the VaultServer // object, which shall be mounted into the VaultServer Pods. // The data are mounted into /etc/vault/data/<name>. // The first data will be named as "data-0", second one will be named as "data-1" and so on. // +optional DataSources []core.VolumeSource `json:"dataSources,omitempty" protobuf:"bytes,4,rep,name=dataSources"` // TLS policy of vault nodes // +optional TLS *kmapi.TLSConfig `json:"tls,omitempty" protobuf:"bytes,5,opt,name=tls"` // backend storage configuration for vault Backend BackendStorageSpec `json:"backend" protobuf:"bytes,6,opt,name=backend"` // Unsealer configuration for vault // +optional Unsealer *UnsealerSpec `json:"unsealer,omitempty" protobuf:"bytes,7,opt,name=unsealer"` // Specifies the list of auth methods to enable // +optional AuthMethods []AuthMethod `json:"authMethods,omitempty" protobuf:"bytes,8,rep,name=authMethods"` // Monitor is used monitor database instance // +optional Monitor *mona.AgentSpec `json:"monitor,omitempty" protobuf:"bytes,9,opt,name=monitor"` // PodTemplate is an optional configuration for pods used to run vault // +optional PodTemplate ofst.PodTemplateSpec `json:"podTemplate,omitempty" protobuf:"bytes,10,opt,name=podTemplate"` // ServiceTemplates is an optional configuration for services used to expose database // +optional ServiceTemplates []NamedServiceTemplateSpec `json:"serviceTemplates,omitempty" protobuf:"bytes,11,rep,name=serviceTemplates"` // Indicates that the vault server is halted and all offshoot Kubernetes resources except PVCs are deleted. // +optional Halted bool `json:"halted,omitempty" protobuf:"varint,12,opt,name=halted"` // TerminationPolicy controls the delete operation for vault server // +optional TerminationPolicy TerminationPolicy `json:"terminationPolicy,omitempty" protobuf:"bytes,13,opt,name=terminationPolicy,casttype=TerminationPolicy"` // AllowedSecretEngines defines the types of Secret Engines that MAY be attached to a // Listener and the trusted namespaces where those Route resources MAY be // present. // // Although a client request may match multiple route rules, only one rule // may ultimately receive the request. Matching precedence MUST be // determined in order of the following criteria: // // * The most specific match as defined by the Route type. // * The oldest Route based on creation timestamp. For example, a Route with // a creation timestamp of "2020-09-08 01:02:03" is given precedence over // a Route with a creation timestamp of "2020-09-08 01:02:04". // * If everything else is equivalent, the Route appearing first in // alphabetical order (namespace/name) should be given precedence. For // example, foo/bar is given precedence over foo/baz. // // All valid rules within a Route attached to this Listener should be // implemented. Invalid Route rules can be ignored (sometimes that will mean // the full Route). If a Route rule transitions from valid to invalid, // support for that Route rule should be dropped to ensure consistency. For // example, even if a filter specified by a Route rule is invalid, the rest // of the rules within that Route should still be supported. // // Support: Core // +kubebuilder:default={namespaces:{from: Same}} // +optional AllowedSecretEngines *AllowedSecretEngines `json:"allowedSecretEngines,omitempty" protobuf:"bytes,14,opt,name=allowedSecretEngines"` }
func (*VaultServerSpec) DeepCopy ¶
func (in *VaultServerSpec) DeepCopy() *VaultServerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultServerSpec.
func (*VaultServerSpec) DeepCopyInto ¶
func (in *VaultServerSpec) DeepCopyInto(out *VaultServerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultServerSpec) Descriptor ¶
func (*VaultServerSpec) Descriptor() ([]byte, []int)
func (*VaultServerSpec) Marshal ¶
func (m *VaultServerSpec) Marshal() (dAtA []byte, err error)
func (*VaultServerSpec) MarshalToSizedBuffer ¶
func (m *VaultServerSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*VaultServerSpec) ProtoMessage ¶
func (*VaultServerSpec) ProtoMessage()
func (*VaultServerSpec) Reset ¶
func (m *VaultServerSpec) Reset()
func (*VaultServerSpec) Size ¶
func (m *VaultServerSpec) Size() (n int)
func (*VaultServerSpec) String ¶
func (this *VaultServerSpec) String() string
func (*VaultServerSpec) Unmarshal ¶
func (m *VaultServerSpec) Unmarshal(dAtA []byte) error
func (*VaultServerSpec) XXX_DiscardUnknown ¶
func (m *VaultServerSpec) XXX_DiscardUnknown()
func (*VaultServerSpec) XXX_Marshal ¶
func (m *VaultServerSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*VaultServerSpec) XXX_Merge ¶
func (m *VaultServerSpec) XXX_Merge(src proto.Message)
func (*VaultServerSpec) XXX_Size ¶
func (m *VaultServerSpec) XXX_Size() int
func (*VaultServerSpec) XXX_Unmarshal ¶
func (m *VaultServerSpec) XXX_Unmarshal(b []byte) error
type VaultServerStatus ¶
type VaultServerStatus struct { // ObservedGeneration is the most recent generation observed for this resource. It corresponds to the // resource's generation, which is updated on mutation by the API Server. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"` // Phase indicates the state this Vault server jumps in. // +optional Phase VaultServerPhase `json:"phase,omitempty" protobuf:"bytes,2,opt,name=phase,casttype=vaultServerPhase"` // Initialized indicates if the Vault service is initialized. // +optional Initialized bool `json:"initialized,omitempty" protobuf:"varint,3,opt,name=initialized"` // ServiceName is the LB service for accessing vault nodes. // +optional ServiceName string `json:"serviceName,omitempty" protobuf:"bytes,4,opt,name=serviceName"` // ClientPort is the port for vault client to access. // It's the same on client LB service and vault nodes. // +optional ClientPort int64 `json:"clientPort,omitempty" protobuf:"varint,5,opt,name=clientPort"` // VaultStatus is the set of Vault node specific statuses: Active, Standby, and Sealed // +optional VaultStatus VaultStatus `json:"vaultStatus,omitempty" protobuf:"bytes,6,opt,name=vaultStatus"` // PodNames of updated Vault nodes. Updated means the Vault container image version // matches the spec's version. // +optional UpdatedNodes []string `json:"updatedNodes,omitempty" protobuf:"bytes,7,rep,name=updatedNodes"` // Represents the latest available observations of a VaultServer current state. // +optional Conditions []kmapi.Condition `json:"conditions,omitempty" protobuf:"bytes,8,rep,name=conditions"` // Status of the vault auth methods // +optional AuthMethodStatus []AuthMethodStatus `json:"authMethodStatus,omitempty" protobuf:"bytes,9,rep,name=authMethodStatus"` }
func (*VaultServerStatus) DeepCopy ¶
func (in *VaultServerStatus) DeepCopy() *VaultServerStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultServerStatus.
func (*VaultServerStatus) DeepCopyInto ¶
func (in *VaultServerStatus) DeepCopyInto(out *VaultServerStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultServerStatus) Descriptor ¶
func (*VaultServerStatus) Descriptor() ([]byte, []int)
func (*VaultServerStatus) Marshal ¶
func (m *VaultServerStatus) Marshal() (dAtA []byte, err error)
func (*VaultServerStatus) MarshalTo ¶
func (m *VaultServerStatus) MarshalTo(dAtA []byte) (int, error)
func (*VaultServerStatus) MarshalToSizedBuffer ¶
func (m *VaultServerStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*VaultServerStatus) ProtoMessage ¶
func (*VaultServerStatus) ProtoMessage()
func (*VaultServerStatus) Reset ¶
func (m *VaultServerStatus) Reset()
func (*VaultServerStatus) Size ¶
func (m *VaultServerStatus) Size() (n int)
func (*VaultServerStatus) String ¶
func (this *VaultServerStatus) String() string
func (*VaultServerStatus) Unmarshal ¶
func (m *VaultServerStatus) Unmarshal(dAtA []byte) error
func (*VaultServerStatus) XXX_DiscardUnknown ¶
func (m *VaultServerStatus) XXX_DiscardUnknown()
func (*VaultServerStatus) XXX_Marshal ¶
func (m *VaultServerStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*VaultServerStatus) XXX_Merge ¶
func (m *VaultServerStatus) XXX_Merge(src proto.Message)
func (*VaultServerStatus) XXX_Size ¶
func (m *VaultServerStatus) XXX_Size() int
func (*VaultServerStatus) XXX_Unmarshal ¶
func (m *VaultServerStatus) XXX_Unmarshal(b []byte) error
type VaultStatus ¶
type VaultStatus struct { // PodName of the active Vault node. Active node is unsealed. // Only active node can serve requests. // Vault service only points to the active node. // +optional Active string `json:"active,omitempty" protobuf:"bytes,1,opt,name=active"` // PodNames of the standby Vault nodes. Standby nodes are unsealed. // Standby nodes do not process requests, and instead redirect to the active Vault. // +optional Standby []string `json:"standby,omitempty" protobuf:"bytes,2,rep,name=standby"` // PodNames of Sealed Vault nodes. Sealed nodes MUST be unsealed to // become standby or leader. // +optional Sealed []string `json:"sealed,omitempty" protobuf:"bytes,3,rep,name=sealed"` // PodNames of Unsealed Vault nodes. // +optional Unsealed []string `json:"unsealed,omitempty" protobuf:"bytes,4,rep,name=unsealed"` }
func (*VaultStatus) DeepCopy ¶
func (in *VaultStatus) DeepCopy() *VaultStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultStatus.
func (*VaultStatus) DeepCopyInto ¶
func (in *VaultStatus) DeepCopyInto(out *VaultStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultStatus) Descriptor ¶
func (*VaultStatus) Descriptor() ([]byte, []int)
func (*VaultStatus) Marshal ¶
func (m *VaultStatus) Marshal() (dAtA []byte, err error)
func (*VaultStatus) MarshalToSizedBuffer ¶
func (m *VaultStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)
func (*VaultStatus) ProtoMessage ¶
func (*VaultStatus) ProtoMessage()
func (*VaultStatus) Reset ¶
func (m *VaultStatus) Reset()
func (*VaultStatus) Size ¶
func (m *VaultStatus) Size() (n int)
func (*VaultStatus) String ¶
func (this *VaultStatus) String() string
func (*VaultStatus) Unmarshal ¶
func (m *VaultStatus) Unmarshal(dAtA []byte) error
func (*VaultStatus) XXX_DiscardUnknown ¶
func (m *VaultStatus) XXX_DiscardUnknown()
func (*VaultStatus) XXX_Marshal ¶
func (m *VaultStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*VaultStatus) XXX_Merge ¶
func (m *VaultStatus) XXX_Merge(src proto.Message)
func (*VaultStatus) XXX_Size ¶
func (m *VaultStatus) XXX_Size() int
func (*VaultStatus) XXX_Unmarshal ¶
func (m *VaultStatus) XXX_Unmarshal(b []byte) error