auth

package

v0.3.0 Latest Latest Go to latest Published: Jan 10, 2020 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubevault/unsealer

Links

Open Source Insights

Documentation ¶

Overview ¶

Copyright The KubeVault Authors.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright The KubeVault Authors.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

Constants
type Authenticator
- func NewKubernetesAuthenticator(vc *vaultapi.Client, cf *K8sAuthenticatorOptions) Authenticator
type K8sAuthenticatorOptions
- func NewK8sAuthOptions() *K8sAuthenticatorOptions
type KubernetesAuthenticator
- func (k *KubernetesAuthenticator) ConfigureAuth() error
- func (k *KubernetesAuthenticator) EnsureAuth() error

Constants ¶

View Source

const (
	K8sTokenReviewerJwtEnv = "K8S_TOKEN_REVIEWER_JWT"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authenticator ¶

type Authenticator interface {
	EnsureAuth() error
	ConfigureAuth() error
}

func NewKubernetesAuthenticator ¶

func NewKubernetesAuthenticator(vc *vaultapi.Client, cf *K8sAuthenticatorOptions) Authenticator

type K8sAuthenticatorOptions ¶

type K8sAuthenticatorOptions struct {
	// Host must be a host string, a host:port pair
	// or a URL to the base of the Kubernetes API server.
	Host string

	// PEM encoded CA cert for use by the TLS client used
	// to talk with the Kubernetes API
	CA string

	// A service account JWT used to access the TokenReview API
	// to validate other JWTs during login. If not set the JWT
	// used for login will be used to access the API.
	Token string
}

func NewK8sAuthOptions ¶

func NewK8sAuthOptions() *K8sAuthenticatorOptions

func (*K8sAuthenticatorOptions) AddFlags ¶

func (o *K8sAuthenticatorOptions) AddFlags(fs *pflag.FlagSet)

func (*K8sAuthenticatorOptions) Apply ¶

func (o *K8sAuthenticatorOptions) Apply() error

func (*K8sAuthenticatorOptions) Validate ¶

func (o *K8sAuthenticatorOptions) Validate() []error

type KubernetesAuthenticator ¶

type KubernetesAuthenticator struct {
	// contains filtered or unexported fields
}

func (*KubernetesAuthenticator) ConfigureAuth ¶

func (k *KubernetesAuthenticator) ConfigureAuth() error

links: https://www.vaultproject.io/api/auth/kubernetes/index.html#configure-method ConfigureAuth will set the kubernetes config it's safe to call multiple times

func (*KubernetesAuthenticator) EnsureAuth ¶

func (k *KubernetesAuthenticator) EnsureAuth() error

EnsureAuth will ensure kubernetes auth it's safe to call multiple times

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL