controller

package

v0.3.0 Latest Latest Go to latest Published: Jan 10, 2020 License: Apache-2.0 Imports: 80 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubevault/operator

Documentation ¶

Index ¶

Constants
func DeleteAWSAccessKeyCondition(condList []api.AWSAccessKeyRequestCondition, condType api.RequestConditionType) []api.AWSAccessKeyRequestCondition
func DeleteAzureAccessKeyCondition(condList []api.AzureAccessKeyRequestCondition, ...) []api.AzureAccessKeyRequestCondition
func DeleteDatabaseAccessCondition(condList []api.DatabaseAccessRequestCondition, ...) []api.DatabaseAccessRequestCondition
func DeleteGCPAccessKeyCondition(condList []api.GCPAccessKeyRequestCondition, condType api.RequestConditionType) []api.GCPAccessKeyRequestCondition
func NewMapFinalizer() *mapFinalizer
func UpsertAWSAccessKeyCondition(condList []api.AWSAccessKeyRequestCondition, ...) []api.AWSAccessKeyRequestCondition
func UpsertAzureAccessKeyCondition(condList []api.AzureAccessKeyRequestCondition, ...) []api.AzureAccessKeyRequestCondition
func UpsertDatabaseAccessCondition(condList []api.DatabaseAccessRequestCondition, ...) []api.DatabaseAccessRequestCondition
func UpsertGCPAccessKeyCondition(condList []api.GCPAccessKeyRequestCondition, ...) []api.GCPAccessKeyRequestCondition
type Config
- func NewConfig(clientConfig *rest.Config) *Config
- func (c *Config) New() (*VaultController, error)
type CtxWithCancel
type Vault
- func NewVault(vs *api.VaultServer, config *rest.Config, kc kubernetes.Interface, ...) (Vault, error)
type VaultController

Constants ¶

View Source

const (
	AWSAccessKeyRequestFailed    api.RequestConditionType = "Failed"
	AWSAccessKeyRequestFinalizer string                   = "awsaccesskeyrequest.engine.kubevault.com"
)

View Source

const (
	AWSRolePhaseSuccess    api.AWSRolePhase = "Success"
	AWSRoleConditionFailed string           = "Failed"
	AWSRoleFinalizer       string           = "awsrole.engine.kubevault.com"
)

View Source

const (
	AzureAccessKeyRequestFailed    api.RequestConditionType = "Failed"
	AzureAccessKeyRequestFinalizer string                   = "azureaccesskeyrequest.engine.kubevault.com"
)

View Source

const (
	AzureRolePhaseSuccess    api.AzureRolePhase = "Success"
	AzureRoleConditionFailed string             = "Failed"
	AzureRoleFinalizer       string             = "azurerole.engine.kubevault.com"
)

View Source

const (
	GCPAccessKeyRequestFailed    api.RequestConditionType = "Failed"
	GCPAccessKeyRequestFinalizer string                   = "gcpaccesskeyrequest.engine.kubevault.com"
)

View Source

const (
	GCPRolePhaseSuccess    api.GCPRolePhase = "Success"
	GCPRoleConditionFailed string           = "Failed"
	GCPRoleFinalizer       string           = "gcprole.engine.kubevault.com"
)

View Source

const (
	MongoDBRolePhaseSuccess    api.MongoDBRolePhase = "Success"
	MongoDBRoleConditionFailed string               = "Failed"
)

View Source

const (
	SecretEnginePhaseSuccess    api.SecretEnginePhase = "Success"
	SecretEngineConditionFailed string                = "Failed"
	SecretEngineFinalizer       string                = "secretengine.engine.kubevault.com"
)

View Source

const (
	EnvVaultAddr        = "VAULT_API_ADDR"
	EnvVaultClusterAddr = "VAULT_CLUSTER_ADDR"
	VaultClientPort     = 8200
	VaultClusterPort    = 8201
)

View Source

const (
	MySQLRolePhaseSuccess api.MySQLRolePhase = "Success"
)

View Source

const (
	PostgresRolePhaseSuccess api.PostgresRolePhase = "Success"
)

View Source

const RequestFailed api.RequestConditionType = "Failed"

View Source

const (
	VaultPolicyBindingFinalizer = "policybinding.kubevault.com"
)

View Source

const (
	VaultPolicyFinalizer = "policy.kubevault.com"
)

Variables ¶

This section is empty.

Functions ¶

func DeleteAWSAccessKeyCondition ¶

func DeleteAWSAccessKeyCondition(condList []api.AWSAccessKeyRequestCondition, condType api.RequestConditionType) []api.AWSAccessKeyRequestCondition

func DeleteAzureAccessKeyCondition ¶

func DeleteAzureAccessKeyCondition(condList []api.AzureAccessKeyRequestCondition, condType api.RequestConditionType) []api.AzureAccessKeyRequestCondition

func DeleteDatabaseAccessCondition ¶

func DeleteDatabaseAccessCondition(condList []api.DatabaseAccessRequestCondition, condType api.RequestConditionType) []api.DatabaseAccessRequestCondition

func DeleteGCPAccessKeyCondition ¶

func DeleteGCPAccessKeyCondition(condList []api.GCPAccessKeyRequestCondition, condType api.RequestConditionType) []api.GCPAccessKeyRequestCondition

func NewMapFinalizer ¶

func NewMapFinalizer() *mapFinalizer

func UpsertAWSAccessKeyCondition ¶

func UpsertAWSAccessKeyCondition(condList []api.AWSAccessKeyRequestCondition, cond api.AWSAccessKeyRequestCondition) []api.AWSAccessKeyRequestCondition

func UpsertAzureAccessKeyCondition ¶

func UpsertAzureAccessKeyCondition(condList []api.AzureAccessKeyRequestCondition, cond api.AzureAccessKeyRequestCondition) []api.AzureAccessKeyRequestCondition

func UpsertDatabaseAccessCondition ¶

func UpsertDatabaseAccessCondition(condList []api.DatabaseAccessRequestCondition, cond api.DatabaseAccessRequestCondition) []api.DatabaseAccessRequestCondition

func UpsertGCPAccessKeyCondition ¶

func UpsertGCPAccessKeyCondition(condList []api.GCPAccessKeyRequestCondition, cond api.GCPAccessKeyRequestCondition) []api.GCPAccessKeyRequestCondition

Types ¶

type Config ¶

type Config struct {
	ClientConfig     *rest.Config
	KubeClient       kubernetes.Interface
	ExtClient        cs.Interface
	CRDClient        crd_cs.ApiextensionsV1beta1Interface
	AppCatalogClient appcat_cs.AppcatalogV1alpha1Interface
	PromClient       pcm.MonitoringV1Interface
	DbClient         db_cs.Interface
	// contains filtered or unexported fields
}

func NewConfig ¶

func NewConfig(clientConfig *rest.Config) *Config

func (*Config) New ¶

func (c *Config) New() (*VaultController, error)

type CtxWithCancel ¶

type CtxWithCancel struct {
	Ctx    context.Context
	Cancel context.CancelFunc
}

type Vault ¶

type Vault interface {
	GetServerTLS() (*core.Secret, []byte, error)
	GetConfig() (*core.ConfigMap, error)
	Apply(pt *core.PodTemplateSpec) error
	GetService() *core.Service
	GetDeployment(pt *core.PodTemplateSpec) *apps.Deployment
	GetServiceAccounts() []core.ServiceAccount
	GetRBACRolesAndRoleBindings() ([]rbac.Role, []rbac.RoleBinding)
	GetRBACClusterRoleBinding() rbac.ClusterRoleBinding
	GetPodTemplate(c core.Container, saName string) *core.PodTemplateSpec
	GetContainer() core.Container
}

func NewVault ¶

func NewVault(vs *api.VaultServer, config *rest.Config, kc kubernetes.Interface, vc cs.Interface) (Vault, error)

type VaultController ¶

type VaultController struct {
	// contains filtered or unexported fields
}

func (*VaultController) CreateVaultConfig ¶

func (c *VaultController) CreateVaultConfig(vs *api.VaultServer, v Vault) error

func (*VaultController) CreateVaultTLSSecret ¶

func (c *VaultController) CreateVaultTLSSecret(vs *api.VaultServer, v Vault) error

func (*VaultController) DeployVault ¶

func (c *VaultController) DeployVault(vs *api.VaultServer, v Vault) error

- create service account for vault pod - create deployment - create service - create rbac role, rolebinding and cluster rolebinding

func (*VaultController) Run ¶

func (c *VaultController) Run(stopCh <-chan struct{})

func (*VaultController) RunInformers ¶

func (c *VaultController) RunInformers(stopCh <-chan struct{})

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL