cocoa

package module
v0.0.0-...-69a3ef4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 18, 2023 License: Apache-2.0 Imports: 11 Imported by: 6

README

Cocoa

Cocoa is a library to orchestrate groups of containers (pods).

Documentation

Overview

Package cocoa provides interfaces to interact with groups of containers (called pods) backed by container orchestration services. Containers are not managed individually - they're managed as logical groupings of containers.

The ECSPodCreator provides an abstraction to create pods in AWS ECS without needing to make direct calls to the API.

The ECSPod is a self-contained unit that allows users to manage their pod without having to make direct calls to the AWS ECS API.

The ECSPodDefinitionManager provides a means to manage pod definition templates in AWS ECS without needing to make direct calls to the API. This can be used in conjunction with a ECSPodDefinitionCache to both manage pod definitions in AWS ECS and also track these definitions in an external cache.

The ECSClient provides a convenience wrapper around the AWS ECS API. If the ECSPodCreator and ECSPod do not fulfill your needs, you can instead make calls directly to the ECS API using this client.

The Vault is an ancillary service for pods that supports interacting with a dedicated secrets management service. It conveniently integrates with pods to securely pass secrets into containers. This can be used in conjunction with a SecretCache to both manage the cloud secrets and also keep track of these secrets in an external cache.

The SecretsManagerClient provides a convenience wrapper around the AWS Secrets Manager API. If the Vault does not fulfill your needs, you can instead make calls directly to the Secrets Manager API using this client.

The TagClient provides a wrapper around the AWS Resource Groups Tagging API. This can be useful for managing tagged resources across different services, such as secrets, pod definitions, and pods.

Index

Constants

View Source 
const (
	// ConstraintDistinctInstance is a container instance filter indicating that
	// ECS should place all pods in the same group on different container
	// instances.
	ConstraintDistinctInstance = "distinctInstance"
)

Variables

This section is empty.

Functions

func IsECSTaskNotFoundError 

func IsECSTaskNotFoundError(err error) bool

IsECSTaskNotFoundError returns whether or not the error is due to not being able to find the task in ECS.

Types

type AWSVPCOptions 

type AWSVPCOptions struct {
	// Subnets are all the subnet IDs associated with the pod. This is required.
	Subnets []string
	// SecurityGroups are all the security group IDs associated with the pod. If
	// this is not specified, the default security group for the VPC will be
	// used.
	SecurityGroups []string
}

AWSVPCOptions represent options to configure networking when the network mode is NetworkModeAWSVPC.

func NewAWSVPCOptions 

func NewAWSVPCOptions() *AWSVPCOptions

NewAWSVPCOptions returns new uninitialized options for NetworkModeAWSVPC.

func (*AWSVPCOptions) AddSecurityGroups 

func (o *AWSVPCOptions) AddSecurityGroups(groups ...string) *AWSVPCOptions

AddSecurityGroups adds new security groups to the existing ones for the pod.

func (*AWSVPCOptions) AddSubnets 

func (o *AWSVPCOptions) AddSubnets(subnets ...string) *AWSVPCOptions

AddSubnets adds new subnets to the existing ones for the pod.

func (*AWSVPCOptions) SetSecurityGroups 

func (o *AWSVPCOptions) SetSecurityGroups(groups []string) *AWSVPCOptions

SetSecurityGroups sets the security groups associated with the pod. This overwrites any existing security groups.

func (*AWSVPCOptions) SetSubnets 

func (o *AWSVPCOptions) SetSubnets(subnets []string) *AWSVPCOptions

SetSubnets sets the subnets associated with the pod. This overwrites any existing subnets.

func (*AWSVPCOptions) Validate 

func (o *AWSVPCOptions) Validate() error

Validate checks that subnets are set.

type ContainerSecret 

type ContainerSecret struct {
	// ID is the unique resource identifier for the secret.
	ID *string
	// Name is the friendly name of the secret.
	Name *string
	// Owned determines whether or not the secret is owned by its container or
	// not.
	Owned *bool
}

ContainerSecret is a named secret that may or may not be owned by its container.

func NewContainerSecret 

func NewContainerSecret() *ContainerSecret

NewContainerSecret creates a new uninitialized container secret.

func (*ContainerSecret) SetID 

func (s *ContainerSecret) SetID(id string) *ContainerSecret

SetID sets the secret's unique resource identifier.

func (*ContainerSecret) SetName 

func (s *ContainerSecret) SetName(name string) *ContainerSecret

SetName sets the secret's friendly name.

func (*ContainerSecret) SetOwned 

func (s *ContainerSecret) SetOwned(owned bool) *ContainerSecret

SetOwned sets if the secret should be owned by its container.

func (*ContainerSecret) Validate 

func (s *ContainerSecret) Validate() error

Validate checks that the secret has either a name or ID

type ECSClient 

type ECSClient interface {
	// RegisterTaskDefinition registers the definition for a new task with ECS.
	RegisterTaskDefinition(context.Context, *ecs.RegisterTaskDefinitionInput) (*ecs.RegisterTaskDefinitionOutput, error)
	// DescribeTaskDefinitions gets information about the configuration and
	// status of a task definition.
	DescribeTaskDefinition(ctx context.Context, in *ecs.DescribeTaskDefinitionInput) (*ecs.DescribeTaskDefinitionOutput, error)
	// ListTaskDefinitions lists all ECS task definitions matching the input.
	ListTaskDefinitions(ctx context.Context, in *ecs.ListTaskDefinitionsInput) (*ecs.ListTaskDefinitionsOutput, error)
	// DeregisterTaskDefinition deregisters an existing ECS task definition.
	DeregisterTaskDefinition(ctx context.Context, in *ecs.DeregisterTaskDefinitionInput) (*ecs.DeregisterTaskDefinitionOutput, error)
	// RunTask runs a registered task.
	RunTask(ctx context.Context, in *ecs.RunTaskInput) (*ecs.RunTaskOutput, error)
	// DescribeTasks gets information about the configuration and status of
	// tasks.
	DescribeTasks(ctx context.Context, in *ecs.DescribeTasksInput) (*ecs.DescribeTasksOutput, error)
	// ListTasks lists all ECS tasks matching the input.
	ListTasks(ctx context.Context, in *ecs.ListTasksInput) (*ecs.ListTasksOutput, error)
	// StopTask stops a running task.
	StopTask(ctx context.Context, in *ecs.StopTaskInput) (*ecs.StopTaskOutput, error)
	// TagResource adds tags to an ECS resource.
	TagResource(ctx context.Context, in *ecs.TagResourceInput) (*ecs.TagResourceOutput, error)
	// Close closes the client and cleans up its resources. Implementations
	// should ensure that this is idempotent.
	Close(ctx context.Context) error
}

ECSClient provides a common interface to interact with a client backed by AWS ECS. Implementations must handle retrying and backoff.

type ECSContainerDefinition 

type ECSContainerDefinition struct {
	// Name is the friendly name of the container. By default, this is a random
	// string.
	Name *string
	// Image is the Docker image to use. This is required.
	Image *string
	// Command is the command to run, separated into individual arguments. By
	// default, there is no command.
	Command []string
	// WorkingDir is the container working directory in which commands will be
	// run.
	WorkingDir *string
	// MemoryMB is the amount of memory (in MB) to allocate. This must be set if
	// a pod-level memory limit is not given.
	MemoryMB *int
	// CPU is the number of CPU units to allocate. 1024 CPU units is equivalent
	// to 1 vCPU on a machine. This must be set if a pod-level CPU limit is not
	// given.
	CPU *int
	// EnvVars are environment variables to make available in the container.
	EnvVars []EnvironmentVariable
	// RepoCreds are private repository credentials for using images that
	// require authentication.
	RepoCreds *RepositoryCredentials
	// PortMappings are mappings between the ports within the container to
	// allow network traffic.
	PortMappings []PortMapping
	// LogConfiguration is the configuration for logging the container's output.
	LogConfiguration *LogConfiguration
}

ECSContainerDefinition defines settings that apply to a single container within an ECS pod.

func NewECSContainerDefinition 

func NewECSContainerDefinition() *ECSContainerDefinition

NewECSContainerDefinition returns a new uninitialized container definition.

func (*ECSContainerDefinition) AddEnvironmentVariables 

func (d *ECSContainerDefinition) AddEnvironmentVariables(envVars ...EnvironmentVariable) *ECSContainerDefinition

AddEnvironmentVariables adds new environment variables to the existing ones for the container.

func (*ECSContainerDefinition) AddPortMappings 

func (d *ECSContainerDefinition) AddPortMappings(mappings ...PortMapping) *ECSContainerDefinition

AddPortMappings adds new port mappings to the existing ones for the container.

func (*ECSContainerDefinition) SetCPU 

func (d *ECSContainerDefinition) SetCPU(cpu int) *ECSContainerDefinition

SetCPU sets the number of CPU units to allocate.

func (*ECSContainerDefinition) SetCommand 

func (d *ECSContainerDefinition) SetCommand(cmd []string) *ECSContainerDefinition

SetCommand sets the command for the container to run.

func (*ECSContainerDefinition) SetEnvironmentVariables 

func (d *ECSContainerDefinition) SetEnvironmentVariables(envVars []EnvironmentVariable) *ECSContainerDefinition

SetEnvironmentVariables sets the environment variables for the container. This overwrites any existing environment variables.

func (*ECSContainerDefinition) SetImage 

func (d *ECSContainerDefinition) SetImage(img string) *ECSContainerDefinition

SetImage sets the image for the container.

func (*ECSContainerDefinition) SetLogConfiguration 

func (d *ECSContainerDefinition) SetLogConfiguration(lc LogConfiguration) *ECSContainerDefinition

SetLogConfiguration sets the log configuration for the container.

func (*ECSContainerDefinition) SetMemoryMB 

func (d *ECSContainerDefinition) SetMemoryMB(mem int) *ECSContainerDefinition

SetMemoryMB sets the amount of memory (in MB) to allocate.

func (*ECSContainerDefinition) SetName 

func (d *ECSContainerDefinition) SetName(name string) *ECSContainerDefinition

SetName sets the friendly name for the container.

func (*ECSContainerDefinition) SetPortMappings 

func (d *ECSContainerDefinition) SetPortMappings(mappings []PortMapping) *ECSContainerDefinition

SetPortMappings sets the port mappings for the container. This overwrites any existing port mappings.

func (*ECSContainerDefinition) SetRepositoryCredentials 

func (d *ECSContainerDefinition) SetRepositoryCredentials(creds RepositoryCredentials) *ECSContainerDefinition

SetRepositoryCredentials sets the private repository credentials for using images that require authentication.

func (*ECSContainerDefinition) SetWorkingDir 

func (d *ECSContainerDefinition) SetWorkingDir(dir string) *ECSContainerDefinition

SetWorkingDir sets the working directory where the container's commands will run.

func (*ECSContainerDefinition) Validate 

func (d *ECSContainerDefinition) Validate() error

Validate checks that the container definition is valid and sets defaults where possible.

type ECSContainerResources 

type ECSContainerResources struct {
	// ContainerID is the resource identifier for the container.
	ContainerID *string `bson:"-" json:"-" yaml:"-"`
	// Name is the friendly name of the container.
	Name *string `bson:"-" json:"-" yaml:"-"`
	// Secrets are the secrets associated with the container.
	Secrets []ContainerSecret `bson:"-" json:"-" yaml:"-"`
}

ECSContainerResources are ECS-specific resources associated with a container.

func NewECSContainerResources 

func NewECSContainerResources() *ECSContainerResources

NewECSContainerResources returns a new uninitialized set of resources used by a container.

func (*ECSContainerResources) AddSecrets 

func (r *ECSContainerResources) AddSecrets(secrets ...ContainerSecret) *ECSContainerResources

AddSecrets adds new secrets to the existing ones associated with the container.

func (*ECSContainerResources) SetContainerID 

func (r *ECSContainerResources) SetContainerID(id string) *ECSContainerResources

SetContainerID sets the ECS container ID associated with the container.

func (*ECSContainerResources) SetName 

func (r *ECSContainerResources) SetName(name string) *ECSContainerResources

SetName sets the friendly name for the container.

func (*ECSContainerResources) SetSecrets 

func (r *ECSContainerResources) SetSecrets(secrets []ContainerSecret) *ECSContainerResources

SetSecrets sets the secrets associated with the container. This overwrites any existing secrets.

func (*ECSContainerResources) Validate 

func (r *ECSContainerResources) Validate() error

Validate checks that the container ID is given and that all given container secrets are valid.

type ECSContainerStatusInfo 

type ECSContainerStatusInfo struct {
	// ContainerID is the resource identifier for the container.
	ContainerID *string
	// Name is the friendly name of the container.
	Name *string
	// Status is the current status of the container.
	Status ECSStatus
}

ECSContainerStatusInfo represents the current status of a container in ECS.

func NewECSContainerStatusInfo 

func NewECSContainerStatusInfo() *ECSContainerStatusInfo

NewECSContainerStatusInfo returns a new uninitialized set of status information for a container.

func (*ECSContainerStatusInfo) SetContainerID 

func (i *ECSContainerStatusInfo) SetContainerID(id string) *ECSContainerStatusInfo

SetContainerID sets the ECS container ID.

func (*ECSContainerStatusInfo) SetName 

func (i *ECSContainerStatusInfo) SetName(name string) *ECSContainerStatusInfo

SetName sets the friendly name for the container.

func (*ECSContainerStatusInfo) SetStatus 

func (i *ECSContainerStatusInfo) SetStatus(status ECSStatus) *ECSContainerStatusInfo

SetStatus sets the status of the container.

func (*ECSContainerStatusInfo) Validate 

func (i *ECSContainerStatusInfo) Validate() error

Validate checks that the required container status information is populated and the container status is valid.

type ECSNetworkMode 

type ECSNetworkMode string

ECSNetworkMode represents possible kinds of networking configuration for a pod in ECS. 

const (
	// NetworkModeNone indicates that networking is disabled entirely. The pod
	// does not allow any external network connectivity and container ports
	// cannot be mapped.
	NetworkModeNone ECSNetworkMode = "none"
	// NetworkModeAWSVPC indicates that the pod will be allocated its own
	// virtual network interface and IPv4 address. This is supported for Linux
	// and Window containers.
	NetworkModeAWSVPC ECSNetworkMode = "awsvpc"
	// NetworkModeBridge indicates that the container will use Docker's built-in
	// virtual network inside the container instance running the pod. This is
	// only supported for Linux containers.
	NetworkModeBridge ECSNetworkMode = "bridge"
	// NetworkModeHost indicates that the container will directly map its ports
	// to the underlying container instance's network interface.
	// This is only supported for Linux containers.
	NetworkModeHost ECSNetworkMode = "host"
)

func (ECSNetworkMode) Validate 

func (m ECSNetworkMode) Validate() error

Validate checks that the ECS network mode is one of the recognized modes.

type ECSOverrideContainerDefinition 

type ECSOverrideContainerDefinition struct {
	// Name is the friendly name of the container whose options should be
	// overridden. This is required.
	Name *string
	// Command is the command to run, overriding any existing container command.
	Command []string
	// MemoryMB is the amount of memory (in MB) to allocate.
	MemoryMB *int
	// CPU is the number of CPU units to allocate.
	CPU *int
	// EnvVars are the environment variables to override for this container. If
	// there is an existing environment variable with the same name, it is
	// overridden; otherwise, the environment variable is appended to the
	// existing ones.
	EnvVars []KeyValue
}

ECSOverrideContainerDefinition are container-level options that can be specified when starting a pod that override those in the pod's definition. Each specified field will override the corresponding field in the pod definition.

func NewECSOverrideContainerDefinition 

func NewECSOverrideContainerDefinition() *ECSOverrideContainerDefinition

NewECSOverrideContainerDefinition returns new uninitialized options to override a container definition.

func (*ECSOverrideContainerDefinition) AddEnvironmentVariables 

func (d *ECSOverrideContainerDefinition) AddEnvironmentVariables(envVars ...KeyValue) *ECSOverrideContainerDefinition

AddEnvironmentVariables adds environment variables to override existing ones or append new ones for the container.

func (*ECSOverrideContainerDefinition) SetCPU 

func (d *ECSOverrideContainerDefinition) SetCPU(cpu int) *ECSOverrideContainerDefinition

SetCPU sets the overriding number of CPU units to allocate for the container.

func (*ECSOverrideContainerDefinition) SetCommand 

func (d *ECSOverrideContainerDefinition) SetCommand(cmd []string) *ECSOverrideContainerDefinition

SetCommand sets the overriding command for the container to run.

func (*ECSOverrideContainerDefinition) SetEnvironmentVariables 

func (d *ECSOverrideContainerDefinition) SetEnvironmentVariables(envVars []KeyValue) *ECSOverrideContainerDefinition

SetEnvironmentVariables sets the environment variables to override existing ones or append new ones for the container.

func (*ECSOverrideContainerDefinition) SetMemoryMB 

func (d *ECSOverrideContainerDefinition) SetMemoryMB(mem int) *ECSOverrideContainerDefinition

SetMemoryMB sets the overriding amount of memory (in MB) to allocate for the container.

func (*ECSOverrideContainerDefinition) SetName 

func (d *ECSOverrideContainerDefinition) SetName(name string) *ECSOverrideContainerDefinition

SetName sets the friendly name of the container to override.

func (*ECSOverrideContainerDefinition) Validate 

func (d *ECSOverrideContainerDefinition) Validate() error

Validate checks that all specified container definition overrides are valid.

type ECSOverridePodDefinitionOptions 

type ECSOverridePodDefinitionOptions struct {
	// ContainerDefinitions defines settings that apply to individual containers
	// within the pod.
	ContainerDefinitions []ECSOverrideContainerDefinition
	// MemoryMB overrides the pod definition's hard memory limit (in MB) across
	// all containers in the pod. This is ignored for pods running Windows
	// containers.
	MemoryMB *int
	// CPU overrides the pod definition's hard CPU limit (in CPU units) across
	// all containers in the pod. 1024 CPU units is equivalent to 1 vCPU on a
	// machine. This is ignored for pods running Windows containers.
	CPU *int
	// TaskRole overrides the task role that the pod can use.
	TaskRole *string
	// ExecutionRole overrides the execution role that ECS container agent can
	// use.
	ExecutionRole *string
}

ECSOverridePodDefinitionOptions are options that can be specified when starting a pod that override those in the pod's definition.

func NewECSOverridePodDefinitionOptions 

func NewECSOverridePodDefinitionOptions() *ECSOverridePodDefinitionOptions

NewECSOverridePodDefinitionOptions returns new uninitialized options to override a pod definition.

func (*ECSOverridePodDefinitionOptions) AddContainerDefinitions 

func (o *ECSOverridePodDefinitionOptions) AddContainerDefinitions(defs ...ECSOverrideContainerDefinition) *ECSOverridePodDefinitionOptions

AddContainerDefinitions adds container definitions to override the existing ones for the pod.

func (*ECSOverridePodDefinitionOptions) SetCPU 

func (o *ECSOverridePodDefinitionOptions) SetCPU(cpu int) *ECSOverridePodDefinitionOptions

SetCPU sets the overriding CPU limit (in CPU units) that applies across the entire pod's containers.

func (*ECSOverridePodDefinitionOptions) SetContainerDefinitions 

func (o *ECSOverridePodDefinitionOptions) SetContainerDefinitions(defs []ECSOverrideContainerDefinition) *ECSOverridePodDefinitionOptions

SetContainerDefinitions sets the container definitions to override for the pod. This overwrites any existing container definitions.

func (*ECSOverridePodDefinitionOptions) SetExecutionRole 

func (o *ECSOverridePodDefinitionOptions) SetExecutionRole(role string) *ECSOverridePodDefinitionOptions

SetExecutionRole sets the overriding execution role that the pod can use.

func (*ECSOverridePodDefinitionOptions) SetMemoryMB 

func (o *ECSOverridePodDefinitionOptions) SetMemoryMB(mem int) *ECSOverridePodDefinitionOptions

SetMemoryMB sets the overriding memory limit (in MB) that applies across the entire pod's containers.

func (*ECSOverridePodDefinitionOptions) SetTaskRole 

func (o *ECSOverridePodDefinitionOptions) SetTaskRole(role string) *ECSOverridePodDefinitionOptions

SetTaskRole sets the overriding task role that the pod can use.

func (*ECSOverridePodDefinitionOptions) Validate 

func (o *ECSOverridePodDefinitionOptions) Validate() error

Validate checks that all specified override options are valid.

type ECSPlacementStrategy 

type ECSPlacementStrategy string

ECSPlacementStrategy represents a placement strategy for ECS pods. 

const (
	// StrategySpread indicates that the ECS pod will be assigned in such a way
	// to achieve an even spread based on the given ECSStrategyParameter.
	StrategySpread ECSPlacementStrategy = ECSPlacementStrategy(types.PlacementStrategyTypeSpread)
	// StrategyRandom indicates that the ECS pod should be assigned to a
	// container instance randomly.
	StrategyRandom ECSPlacementStrategy = ECSPlacementStrategy(types.PlacementStrategyTypeRandom)
	// StrategyBinpack indicates that the the ECS pod will be placed on a
	// container instance with the least amount of memory or CPU that will be
	// sufficient for the pod's requirements if possible.
	StrategyBinpack ECSPlacementStrategy = ECSPlacementStrategy(types.PlacementStrategyTypeBinpack)
)

func (ECSPlacementStrategy) Validate 

func (s ECSPlacementStrategy) Validate() error

Validate checks that the ECS pod status is one of the recognized placement strategies.

type ECSPod 

type ECSPod interface {
	// Resources returns information about the current resources being used by
	// the pod.
	Resources() ECSPodResources
	// StatusInfo returns the current cached status information for the pod.
	StatusInfo() ECSPodStatusInfo
	// LatestStatusInfo returns the latest non-cached status information for the
	// pod. Implementations should query ECS directly for its most up-to-date
	// status.
	LatestStatusInfo(ctx context.Context) (*ECSPodStatusInfo, error)
	// Stop stops the running pod without cleaning up any of its underlying
	// resources.
	Stop(ctx context.Context) error
	// Delete deletes the pod and its owned resources.
	Delete(ctx context.Context) error
}

ECSPod provides an abstraction of a pod backed by AWS ECS.

type ECSPodCreationOptions 

type ECSPodCreationOptions struct {
	// DefinitionOpts specify options to configure the pod's definition.
	DefinitionOpts ECSPodDefinitionOptions
	// ExecutionOpts specify options to configure how the pod executes.
	ExecutionOpts *ECSPodExecutionOptions
}

ECSPodCreationOptions provide options to create a pod backed by ECS.

func MergeECSPodCreationOptions 

func MergeECSPodCreationOptions(opts ...ECSPodCreationOptions) ECSPodCreationOptions

MergeECSPodCreationOptions merges all the given options to create an ECS pod. Options are applied in the order that they're specified and conflicting options are overwritten.

func NewECSPodCreationOptions 

func NewECSPodCreationOptions() *ECSPodCreationOptions

NewECSPodCreationOptions returns new uninitialized options to create a pod.

func (*ECSPodCreationOptions) SetDefinitionOptions 

func (o *ECSPodCreationOptions) SetDefinitionOptions(opts ECSPodDefinitionOptions) *ECSPodCreationOptions

SetDefinitionOptions sets the options to configure the pod definition.

func (*ECSPodCreationOptions) SetExecutionOptions 

func (o *ECSPodCreationOptions) SetExecutionOptions(opts ECSPodExecutionOptions) *ECSPodCreationOptions

SetExecutionOptions sets the options to configure how the pod executes.

func (*ECSPodCreationOptions) Validate 

func (o *ECSPodCreationOptions) Validate() error

Validate checks that all the required parameters are given and the values are valid. It sets defaults where possible.

type ECSPodCreator 

type ECSPodCreator interface {
	// CreatePod creates a new pod backed by ECS with the given options. Options
	// are applied in the order they're specified and conflicting options are
	// overwritten.
	CreatePod(ctx context.Context, opts ...ECSPodCreationOptions) (ECSPod, error)
	// CreatePodFromExistingDefinition creates a new pod backed by ECS from an
	// existing task definition.
	CreatePodFromExistingDefinition(ctx context.Context, def ECSTaskDefinition, opts ...ECSPodExecutionOptions) (ECSPod, error)
}

ECSPodCreator provides a means to create a new pod backed by AWS ECS.

type ECSPodDefinitionCache 

type ECSPodDefinitionCache interface {
	// Put adds a new pod definition item or or updates an existing pod
	// definition item.
	Put(ctx context.Context, item ECSPodDefinitionItem) error
	// Delete deletes by its unique identifier in ECS.
	Delete(ctx context.Context, id string) error
	// GetTag returns the name of the tracking tag to use for the pod
	// definition. Implementations are allowed to return an empty string.
	GetTag() string
}

ECSPodDefinitionCache represents an external cache that tracks pod definitions.

type ECSPodDefinitionItem 

type ECSPodDefinitionItem struct {
	// ID is the unique identifier in ECS for pod definition represented by the
	// item.
	ID string
	// DefinitionOpts are the options used to create the pod definition.
	DefinitionOpts ECSPodDefinitionOptions
}

ECSPodDefinitionItem represents an item that can be cached in a ECSPodDefinitionCache.

type ECSPodDefinitionManager 

type ECSPodDefinitionManager interface {
	// CreatePodDefinition creates a pod definition.
	CreatePodDefinition(ctx context.Context, opts ...ECSPodDefinitionOptions) (*ECSPodDefinitionItem, error)
	// DeletePodDefinition deletes an existing pod definition. Implementations
	// should ensure that deletion is idempotent.
	DeletePodDefinition(ctx context.Context, id string) error
}

ECSPodDefinitionManager manages pod definitions, which are configuration templates used to run pods.

type ECSPodDefinitionOptions 

type ECSPodDefinitionOptions struct {
	// Name is the friendly name of the pod. By default, this is a random
	// string.
	Name *string
	// ContainerDefinitions defines settings that apply to individual containers
	// within the pod. This is required.
	ContainerDefinitions []ECSContainerDefinition
	// MemoryMB is the hard memory limit (in MB) across all containers in the
	// pod. If this is not specified, then each container is required to specify
	// its own memory. This is ignored for pods running Windows containers.
	MemoryMB *int
	// CPU is the hard CPU limit (in CPU units) across all containers in the
	// pod. 1024 CPU units is equivalent to 1 vCPU on a machine. If this is not
	// specified, then each container is required to specify its own CPU.
	// This is ignored for pods running Windows containers.
	CPU *int
	// NetworkMode describes the networking capabilities of the pod's
	// containers. If the NetworkMode is unspecified for a pod running Linux
	// containers, the default value is NetworkModeBridge. If the NetworkMode is
	// unspecified for a pod running Windows containers, the default network
	// mode is to use the Windows NAT network.
	NetworkMode *ECSNetworkMode
	// TaskRole is the role that the pod can use. Depending on the
	// configuration, this may be required if
	// (ECSPodExecutionOptions).SupportsDebugMode is true.
	TaskRole *string
	// ExecutionRole is the role that ECS container agent can use. Depending on
	// the configuration, this may be required if the container uses secrets.
	ExecutionRole *string
	// Tags are resource tags to apply to the pod definition.
	Tags map[string]string
}

ECSPodDefinitionOptions represent options to configure a template for running a pod.

func MergeECSPodDefinitionOptions 

func MergeECSPodDefinitionOptions(opts ...ECSPodDefinitionOptions) ECSPodDefinitionOptions

MergeECSPodDefinitionOptions merges all the given options to create an ECS pod definition. Options are applied in the order that they're specified and conflicting options are overwritten.

func NewECSPodDefinitionOptions 

func NewECSPodDefinitionOptions() *ECSPodDefinitionOptions

NewECSPodDefinitionOptions returns new uninitialized options to create a pod definition.

func (*ECSPodDefinitionOptions) AddContainerDefinitions 

func (o *ECSPodDefinitionOptions) AddContainerDefinitions(defs ...ECSContainerDefinition) *ECSPodDefinitionOptions

AddContainerDefinitions add new container definitions to the existing ones for the pod.

func (*ECSPodDefinitionOptions) AddTags 

func (o *ECSPodDefinitionOptions) AddTags(tags map[string]string) *ECSPodDefinitionOptions

AddTags adds new tags to the existing ones for the pod definition.

func (*ECSPodDefinitionOptions) Hash 

func (o *ECSPodDefinitionOptions) Hash() string

Hash returns the hash digest of the pod definition.

func (*ECSPodDefinitionOptions) SetCPU 

func (o *ECSPodDefinitionOptions) SetCPU(cpu int) *ECSPodDefinitionOptions

SetCPU sets the CPU limit (in CPU units) that applies across the entire pod's containers.

func (*ECSPodDefinitionOptions) SetContainerDefinitions 

func (o *ECSPodDefinitionOptions) SetContainerDefinitions(defs []ECSContainerDefinition) *ECSPodDefinitionOptions

SetContainerDefinitions sets the container definitions for the pod. This overwrites any existing container definitions.

func (*ECSPodDefinitionOptions) SetExecutionRole 

func (o *ECSPodDefinitionOptions) SetExecutionRole(role string) *ECSPodDefinitionOptions

SetExecutionRole sets the execution role that the pod can use.

func (*ECSPodDefinitionOptions) SetMemoryMB 

func (o *ECSPodDefinitionOptions) SetMemoryMB(mem int) *ECSPodDefinitionOptions

SetMemoryMB sets the memory limit (in MB) that applies across the entire pod's containers.

func (*ECSPodDefinitionOptions) SetName 

func (o *ECSPodDefinitionOptions) SetName(name string) *ECSPodDefinitionOptions

SetName sets the friendly name of the pod.

func (*ECSPodDefinitionOptions) SetNetworkMode 

func (o *ECSPodDefinitionOptions) SetNetworkMode(mode ECSNetworkMode) *ECSPodDefinitionOptions

SetNetworkMode sets the network mode that applies for all the pod's containers.

func (*ECSPodDefinitionOptions) SetTags 

func (o *ECSPodDefinitionOptions) SetTags(tags map[string]string) *ECSPodDefinitionOptions

SetTags sets the tags for the pod definition. This overwrites any existing tags.

func (*ECSPodDefinitionOptions) SetTaskRole 

func (o *ECSPodDefinitionOptions) SetTaskRole(role string) *ECSPodDefinitionOptions

SetTaskRole sets the task role that the pod can use.

func (*ECSPodDefinitionOptions) Validate 

func (o *ECSPodDefinitionOptions) Validate() error

Validate checks that all the required parameters are given and the values are valid. It sets default values where possible.

type ECSPodExecutionOptions 

type ECSPodExecutionOptions struct {
	// Cluster is the name of the cluster where the pod will run. If none is
	// specified, this will run in the default cluster.
	Cluster *string
	// CapacityProvider is the name of the capacity provider that the pod will
	// use, which in turn determines the infrastructure that the pod will run
	// on. If none is specified, this will run in the default capacity provider.
	CapacityProvider *string
	// OverrideOpts specify options that override the settings in the pod's
	// definition.
	// Warning: the size of the options when serialized to JSON cannot exceed 8
	// kB, so care should be taken to not rely too heavily on overriding the
	// pod definition's settings.
	OverrideOpts *ECSOverridePodDefinitionOptions
	// PlacementOptions specify options that determine how a pod is assigned to
	// a container instance.
	PlacementOpts *ECSPodPlacementOptions
	// AWSVPCOpts specify additional networking configuration when using
	// NetworkModeAWSVPC.
	AWSVPCOpts *AWSVPCOptions
	// SupportsDebugMode indicates that the ECS pod should support debugging, so
	// you can run exec in the pod's containers. In order for this to work, the
	// pod must have the correct permissions to perform this operation when it's
	// defined. By default, this is false.
	SupportsDebugMode *bool
	// Tags are any tags to apply to the running pods.
	Tags map[string]string
}

ECSPodExecutionOptions represent options to configure how a pod is started.

func MergeECSPodExecutionOptions 

func MergeECSPodExecutionOptions(opts ...ECSPodExecutionOptions) ECSPodExecutionOptions

MergeECSPodExecutionOptions merges all the given options to run an ECS pod. Options are applied in the order that they're specified and conflicting options are overwritten.

func NewECSPodExecutionOptions 

func NewECSPodExecutionOptions() *ECSPodExecutionOptions

NewECSPodExecutionOptions returns new uninitialized options to run a pod.

func (*ECSPodExecutionOptions) AddTags 

func (o *ECSPodExecutionOptions) AddTags(tags map[string]string) *ECSPodExecutionOptions

AddTags adds new tags to the existing ones for the pod itself when it is run.

func (*ECSPodExecutionOptions) SetAWSVPCOptions 

func (o *ECSPodExecutionOptions) SetAWSVPCOptions(opts AWSVPCOptions) *ECSPodExecutionOptions

SetAWSVPCOptions sets the options that configure a pod using NetworkModeAWSVPC.

func (*ECSPodExecutionOptions) SetCapacityProvider 

func (o *ECSPodExecutionOptions) SetCapacityProvider(provider string) *ECSPodExecutionOptions

SetCapacityProvider sets the name of the capacity provider that the pod will use.

func (*ECSPodExecutionOptions) SetCluster 

func (o *ECSPodExecutionOptions) SetCluster(cluster string) *ECSPodExecutionOptions

SetCluster sets the name of the cluster where the pod will run.

func (*ECSPodExecutionOptions) SetOverrideOptions 

func (o *ECSPodExecutionOptions) SetOverrideOptions(opts ECSOverridePodDefinitionOptions) *ECSPodExecutionOptions

SetOverrideOptions sets the options that override the pod definition.

func (*ECSPodExecutionOptions) SetPlacementOptions 

func (o *ECSPodExecutionOptions) SetPlacementOptions(opts ECSPodPlacementOptions) *ECSPodExecutionOptions

SetPlacementOptions sets the options that determine how a pod is assigned to a container instance.

func (*ECSPodExecutionOptions) SetSupportsDebugMode 

func (o *ECSPodExecutionOptions) SetSupportsDebugMode(supported bool) *ECSPodExecutionOptions

SetSupportsDebugMode sets whether or not the pod can run with debug mode enabled.

func (*ECSPodExecutionOptions) SetTags 

func (o *ECSPodExecutionOptions) SetTags(tags map[string]string) *ECSPodExecutionOptions

SetTags sets the tags for the pod itself when it is run. This overwrites any existing tags.

func (*ECSPodExecutionOptions) Validate 

func (o *ECSPodExecutionOptions) Validate() error

Validate checks that the placement options are valid.

type ECSPodPlacementOptions 

type ECSPodPlacementOptions struct {
	// Group is the name of a logical collection of ECS pods. Pods within the
	// same group can support additional placement configuration.
	Group *string

	// Strategy is the overall placement strategy. By default, it uses the
	// binpack strategy.
	Strategy *ECSPlacementStrategy

	// StrategyParameter is the parameter that determines how the placement
	// strategy optimizes pod placement. The default value depends on the
	// strategy:
	// If the strategy is spread, it defaults to "host".
	// If the strategy is binpack, it defaults to "memory".
	// If the strategy is random, this does not apply.
	StrategyParameter *ECSStrategyParameter

	// InstanceFilter is a set of query expressions that restrict the placement
	// of the pod to a set of container instances in the cluster that match the
	// query filter. As a special case, if ConstraintDistinctInstance is the
	// specified filter, it will place each pod in the pod's group on a
	// different instance. Otherwise, all filters are assumed to use the ECS
	// cluster query language to filter the candidate set of instances for a
	// pod. Docs:
	// https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html
	InstanceFilters []string
}

ECSPodPlacementOptions represent options to control how an ECS pod is assigned to a container instance.

func NewECSPodPlacementOptions 

func NewECSPodPlacementOptions() *ECSPodPlacementOptions

NewECSPodPlacementOptions creates new options to specify how an ECS pod should be assigned to a container instance.

func (*ECSPodPlacementOptions) AddInstanceFilters 

func (o *ECSPodPlacementOptions) AddInstanceFilters(filters ...string) *ECSPodPlacementOptions

AddInstanceFilters adds new instance filters to the existing ones to constrain pod placement to one in the set of matching container instances.

func (*ECSPodPlacementOptions) SetGroup 

func (o *ECSPodPlacementOptions) SetGroup(group string) *ECSPodPlacementOptions

SetGroup sets the name of the group that the pod belongs to.

func (*ECSPodPlacementOptions) SetInstanceFilters 

func (o *ECSPodPlacementOptions) SetInstanceFilters(filters []string) *ECSPodPlacementOptions

SetInstanceFilters sets the instance filters to constrain pod placement to one in the set of matching container instances.

func (*ECSPodPlacementOptions) SetStrategy 

func (o *ECSPodPlacementOptions) SetStrategy(s ECSPlacementStrategy) *ECSPodPlacementOptions

SetStrategy sets the strategy for placing the pod on a container instance.

func (*ECSPodPlacementOptions) SetStrategyParameter 

func (o *ECSPodPlacementOptions) SetStrategyParameter(p ECSStrategyParameter) *ECSPodPlacementOptions

SetStrategyParameter sets the parameter to optimize for when placing the pod on a container instance.

func (*ECSPodPlacementOptions) Validate 

func (o *ECSPodPlacementOptions) Validate() error

Validate checks that the the strategy and its parameter to optimize are a valid combination.

type ECSPodResources 

type ECSPodResources struct {
	// TaskID is the resource identifier for the pod.
	TaskID *string `bson:"-" json:"-" yaml:"-"`
	// TaskDefinition is the resource identifier for the definition template
	// that created the pod.
	TaskDefinition *ECSTaskDefinition `bson:"-" json:"-" yaml:"-"`
	// Cluster is the name of the cluster namespace in which the pod is running.
	Cluster *string `bson:"-" json:"-" yaml:"-"`
	// Containers represent the resources associated with each individual
	// container in the pod.
	Containers []ECSContainerResources `bson:"-" json:"-" yaml:"-"`
}

ECSPodResources are ECS-specific resources associated with a pod.

func NewECSPodResources 

func NewECSPodResources() *ECSPodResources

NewECSPodResources returns a new uninitialized set of resources used by a pod.

func (*ECSPodResources) AddContainers 

func (r *ECSPodResources) AddContainers(containers ...ECSContainerResources) *ECSPodResources

AddContainers adds new containers to the existing ones associated with the pod.

func (*ECSPodResources) SetCluster 

func (r *ECSPodResources) SetCluster(cluster string) *ECSPodResources

SetCluster sets the cluster associated with the pod.

func (*ECSPodResources) SetContainers 

func (r *ECSPodResources) SetContainers(containers []ECSContainerResources) *ECSPodResources

SetContainers sets the containers associated with the pod. This overwrites any existing containers.

func (*ECSPodResources) SetTaskDefinition 

func (r *ECSPodResources) SetTaskDefinition(def ECSTaskDefinition) *ECSPodResources

SetTaskDefinition sets the ECS task definition associated with the pod.

func (*ECSPodResources) SetTaskID 

func (r *ECSPodResources) SetTaskID(id string) *ECSPodResources

SetTaskID sets the ECS task ID associated with the pod.

func (*ECSPodResources) Validate 

func (r *ECSPodResources) Validate() error

Validate checks that the task ID is set, the task definition is valid, and all container resources are valid.

type ECSPodStatusInfo 

type ECSPodStatusInfo struct {
	// Status is the status of the pod as a whole.
	Status ECSStatus `bson:"-" json:"-" yaml:"-"`
	// Containers represent the status information of the individual containers
	// within the pod.
	Containers []ECSContainerStatusInfo `bson:"-" json:"-" yaml:"-"`
}

ECSPodStatusInfo represents the current status of a pod and its containers in ECS.

func NewECSPodStatusInfo 

func NewECSPodStatusInfo() *ECSPodStatusInfo

NewECSPodStatusInfo returns a new uninitialized set of status information for a pod.

func (*ECSPodStatusInfo) AddContainers 

func (i *ECSPodStatusInfo) AddContainers(containers ...ECSContainerStatusInfo) *ECSPodStatusInfo

AddContainers adds new container status information to the existing ones associated with the pod.

func (*ECSPodStatusInfo) SetContainers 

func (i *ECSPodStatusInfo) SetContainers(containers []ECSContainerStatusInfo) *ECSPodStatusInfo

SetContainers sets the status information of the individual containers associated with the pod. This overwrites any existing container status information.

func (*ECSPodStatusInfo) SetStatus 

func (i *ECSPodStatusInfo) SetStatus(status ECSStatus) *ECSPodStatusInfo

SetStatus sets the status of the pod as a whole.

func (*ECSPodStatusInfo) Validate 

func (i *ECSPodStatusInfo) Validate() error

Validate checks that the required pod status information is populated and the pod status is valid.

type ECSStatus 

type ECSStatus string

ECSStatus represents the different statuses possible for an ECS pod or container. 

const (
	// StatusUnknown indicates that the ECS pod or container status cannot be
	// determined.
	StatusUnknown ECSStatus = "unknown"
	// StatusStarting indicates that the ECS pod or container is being prepared
	// to run.
	StatusStarting ECSStatus = "starting"
	// StatusRunning indicates that the ECS pod or container is actively
	// running.
	StatusRunning ECSStatus = "running"
	// StatusStopping indicates that the ECS pod or container is in the process
	// of stopping but is not stopped yet.
	StatusStopping ECSStatus = "stopping"
	// StatusStopped indicates that the ECS pod or container is stopped. For a
	// pod, all of its resources are still available even if it's stopped.
	StatusStopped ECSStatus = "stopped"
	// StatusDeleted indicates that the ECS pod or container has been cleaned up
	// completely, including all of its resources.
	StatusDeleted ECSStatus = "deleted"
)

func (ECSStatus) Validate 

func (s ECSStatus) Validate() error

Validate checks that the ECS status is one of the recognized statuses.

type ECSStrategyParameter 

type ECSStrategyParameter = string

ECSStrategyParameter represents the parameter that ECS will use with its strategy to schedule pods on container instances. 

const (
	// StrategyParamBinpackMemory indicates ECS should optimize its binpacking
	// strategy based on memory usage.
	StrategyParamBinpackMemory ECSStrategyParameter = "memory"
	// StrategyParamBinpackCPU indicates ECS should optimize its binpacking
	// strategy based on CPU usage.
	StrategyParamBinpackCPU ECSStrategyParameter = "cpu"
	// StrategyParamSpreadHost indicates the ECS should spread pods evenly
	// across all container instances (i.e. hosts).
	StrategyParamSpreadHost ECSStrategyParameter = "host"
)

type ECSTaskDefinition 

type ECSTaskDefinition struct {
	// ID is the ID of the task definition, which should already exist.
	ID *string
	// Owned determines whether or not the task definition is owned by its pod
	// or not.
	Owned *bool
}

ECSTaskDefinition represents options for an existing ECS task definition.

func NewECSTaskDefinition 

func NewECSTaskDefinition() *ECSTaskDefinition

NewECSTaskDefinition returns a new uninitialized task definition.

func (*ECSTaskDefinition) SetID 

func (d *ECSTaskDefinition) SetID(id string) *ECSTaskDefinition

SetID sets the task definition ID.

func (*ECSTaskDefinition) SetOwned 

func (d *ECSTaskDefinition) SetOwned(owned bool) *ECSTaskDefinition

SetOwned sets if the task definition is owned by its pod.

func (*ECSTaskDefinition) Validate 

func (d *ECSTaskDefinition) Validate() error

Validate checsk that the task definition ID is given.

type ECSTaskNotFoundError 

type ECSTaskNotFoundError struct {
	ARN string
}

ECSTaskNotFoundError indicates that the reason for an error or failure in an ECS request is because the task with the specified ARN could not be found.

func NewECSTaskNotFoundError 

func NewECSTaskNotFoundError(arn string) *ECSTaskNotFoundError

NewECSTaskNotFoundError returns a new error with the given ARN indicating that the task could not be found in ECS.

func (*ECSTaskNotFoundError) Error 

func (e *ECSTaskNotFoundError) Error() string

Error returns the formatted error message including the ARN of the task.

type EnvironmentVariable 

type EnvironmentVariable struct {
	// KeyValue represents the environment variable's name and plaintext value.
	// The plaintext value is required if SecretOpts is not given.
	KeyValue
	// SecretOpts are options to define a stored secret that the environment
	// variable refers to. This is required if the non-secret Value is not
	// given.
	SecretOpts *SecretOptions
}

EnvironmentVariable represents an environment variable, which can be optionally backed by a secret.

func NewEnvironmentVariable 

func NewEnvironmentVariable() *EnvironmentVariable

NewEnvironmentVariable returns a new uninitialized environment variable.

func (*EnvironmentVariable) SetName 

func (e *EnvironmentVariable) SetName(name string) *EnvironmentVariable

SetName sets the environment variable name.

func (*EnvironmentVariable) SetSecretOptions 

func (e *EnvironmentVariable) SetSecretOptions(opts SecretOptions) *EnvironmentVariable

SetSecretOptions sets the environment variable's secret options. This is mutually exclusive with setting the non-secret (EnvironmentVariable).Value.

func (*EnvironmentVariable) SetValue 

func (e *EnvironmentVariable) SetValue(val string) *EnvironmentVariable

SetValue sets the environment variable's value. This is mutually exclusive with setting the (EnvironmentVariable).SecretOptions.

func (*EnvironmentVariable) Validate 

func (e *EnvironmentVariable) Validate() error

Validate checks that the environment variable name is given and that either the raw environment variable value or the referenced secret is given.

type KeyValue 

type KeyValue struct {
	// Name is the name of the key-value pair.
	Name *string
	// Value is the plaintext value associated with the name.
	Value *string
}

KeyValue represents a key-value pair of strings.

func NewKeyValue 

func NewKeyValue() *KeyValue

NewKeyValue returns a new uninitialized key-value pair.

func (*KeyValue) SetName 

func (kv *KeyValue) SetName(name string) *KeyValue

SetName sets the name of the key.

func (*KeyValue) SetValue 

func (kv *KeyValue) SetValue(value string) *KeyValue

SetValue sets the value associated with the key.

func (*KeyValue) Validate 

func (kv *KeyValue) Validate() error

Validate checks that the key name is set.

type LogConfiguration 

type LogConfiguration struct {
	// LogDriver is the logging driver to use.
	LogDriver *string
	// Options are the logging driver options.
	Options map[string]string
}

LogConfiguration represents the configuration for a container's logging.

func NewLogConfiguration 

func NewLogConfiguration() *LogConfiguration

NewLogConfiguration returns a new uninitialized log configuration.

func (*LogConfiguration) SetLogDriver 

func (c *LogConfiguration) SetLogDriver(ld string) *LogConfiguration

SetLogDriver sets the logging driver to use.

func (*LogConfiguration) SetOptions 

func (c *LogConfiguration) SetOptions(o map[string]string) *LogConfiguration

SetOptions sets the logging driver options.

func (*LogConfiguration) Validate 

func (c *LogConfiguration) Validate() error

Validate checks that the log driver as well as required groups "awslogs-group" and "awslogs-region" are both set.

type NamedSecret 

type NamedSecret struct {
	// Name is either the friendly human-readable name to assign to the secret
	// or the resource identifier if the secret already exists.
	Name *string
	// Value is the stored value of the secret.
	Value *string
}

NamedSecret represents a secret with a name.

func NewNamedSecret 

func NewNamedSecret() *NamedSecret

NewNamedSecret returns a new uninitialized named secret.

func (*NamedSecret) SetName 

func (s *NamedSecret) SetName(name string) *NamedSecret

SetName sets the friendly name for the secret.

func (*NamedSecret) SetValue 

func (s *NamedSecret) SetValue(value string) *NamedSecret

SetValue sets the secret value.

func (*NamedSecret) Validate 

func (s *NamedSecret) Validate() error

Validate checks that both the name and value for the secret are set.

type PortMapping 

type PortMapping struct {
	// ContainerPort is the port within the container to expose to network
	// traffic.
	ContainerPort *int
	// HostPort is the port within the container instance to which the container
	// port will be bound.
	// If the pod's network mode is NetworkModeAWSVPC or NetworkModeHost, then
	// this will be set to the same value as ContainerPort.
	// If the pod's network mode is NetworkModeBridge, this can either be
	// explicitly set or omitted to be assigned a port at random.
	HostPort *int
}

PortMapping represents a mapping from a container port to a port in the container instance. The transport protocol is TCP.

func NewPortMapping 

func NewPortMapping() *PortMapping

NewPortMapping returns a new uninitialized port mapping.

func (*PortMapping) SetContainerPort 

func (m *PortMapping) SetContainerPort(port int) *PortMapping

SetContainerPort sets the port within the container to expose to network traffic.

func (*PortMapping) SetHostPort 

func (m *PortMapping) SetHostPort(port int) *PortMapping

SetHostPort sets the port within the container instance to which the container port will be bound.

func (*PortMapping) Validate 

func (m *PortMapping) Validate() error

Validate checks that the required port mapping settings are given. It does not check that the pod-level network mode is valid with the port mapping.

type RepositoryCredentials 

type RepositoryCredentials struct {
	// ID is the unique resource identifier for an existing secret containing
	// the credentials for a private repository.
	ID *string
	// Name is the friendly name of the secret containing the credentials
	// for a private repository.
	Name *string
	// NewCreds are the new credentials to be stored. If this is unspecified,
	// the secrets are assumed to already exist.
	NewCreds *StoredRepositoryCredentials
	// Owned determines whether or not the secret is owned by its pod or not.
	Owned *bool
}

RepositoryCredentials are credentials for using images from private repositories. The credentials must be stored in a secret vault.

func NewRepositoryCredentials 

func NewRepositoryCredentials() *RepositoryCredentials

NewRepositoryCredentials returns a new uninitialized set of repository credentials.

func (*RepositoryCredentials) SetID 

func (c *RepositoryCredentials) SetID(id string) *RepositoryCredentials

SetID sets the unique resource identifier for an existing secret.

func (*RepositoryCredentials) SetName 

func (c *RepositoryCredentials) SetName(name string) *RepositoryCredentials

SetName sets the friendly name of the secret containing the credentials.

func (*RepositoryCredentials) SetNewCredentials 

func (c *RepositoryCredentials) SetNewCredentials(creds StoredRepositoryCredentials) *RepositoryCredentials

SetNewCredentials sets the new credentials to be stored.

func (*RepositoryCredentials) SetOwned 

func (c *RepositoryCredentials) SetOwned(owned bool) *RepositoryCredentials

SetOwned sets whether or not the secret credentials are owned by its pod or not.

func (*RepositoryCredentials) Validate 

func (c *RepositoryCredentials) Validate() error

Validate check that the secret options are given and that either the new credentials to create are specified, or the secret already exists.

type SecretCache 

type SecretCache interface {
	// Put adds a new secret with the given name and external resource
	// identifier in the cache.
	Put(ctx context.Context, item SecretCacheItem) error
	// Delete deletes an existing secret with the given external resource
	// identifier from the cache.
	Delete(ctx context.Context, id string) error
	// GetTag returns the name of the tracking tag to use for the secret.
	// Implementations are allowed to return an empty string.
	GetTag() string
}

SecretCache represents an external cache that tracks secrets.

type SecretCacheItem 

type SecretCacheItem struct {
	// ID is the unique resource identifier for the stored secret.
	ID string
	// Name is the friendly name of the secret.
	Name string
}

SecretCacheItem represents an item that can be cached in a SecretCache.

type SecretOptions 

type SecretOptions struct {
	// ID is the unique resource identfier for an existing secret.
	ID *string
	// Name is the friendly name of the secret.
	Name *string
	// NewValue is the value of the secret if it must be created.
	NewValue *string
	// Owned determines whether or not the secret is owned by its container or
	// not.
	Owned *bool
}

SecretOptions represents a secret with a name and value that may or may not be owned by its container.

func NewSecretOptions 

func NewSecretOptions() *SecretOptions

NewSecretOptions returns new uninitialized options for a secret.

func (*SecretOptions) SetID 

func (s *SecretOptions) SetID(id string) *SecretOptions

SetID sets the unique resource identifier for an existing secret.

func (*SecretOptions) SetName 

func (s *SecretOptions) SetName(name string) *SecretOptions

SetName sets the friendly name of the secret.

func (*SecretOptions) SetNewValue 

func (s *SecretOptions) SetNewValue(val string) *SecretOptions

SetNewValue sets the value of the new secret to be created.

func (*SecretOptions) SetOwned 

func (s *SecretOptions) SetOwned(owned bool) *SecretOptions

SetOwned returns whether or not the secret is owned by its container.

func (*SecretOptions) Validate 

func (s *SecretOptions) Validate() error

Validate validates that the secret name is given and that either the secret already exists or the new secret's value is given.

type SecretsManagerClient 

type SecretsManagerClient interface {
	// CreateSecret creates a new secret.
	CreateSecret(ctx context.Context, in *secretsmanager.CreateSecretInput) (*secretsmanager.CreateSecretOutput, error)
	// GetSecretValue gets the decrypted value of a secret.
	GetSecretValue(ctx context.Context, in *secretsmanager.GetSecretValueInput) (*secretsmanager.GetSecretValueOutput, error)
	// DescribeSecret gets metadata information about a secret.
	DescribeSecret(ctx context.Context, in *secretsmanager.DescribeSecretInput) (*secretsmanager.DescribeSecretOutput, error)
	// ListSecrets lists all metadata information for secrets matching the
	// filters.
	ListSecrets(ctx context.Context, in *secretsmanager.ListSecretsInput) (*secretsmanager.ListSecretsOutput, error)
	// UpdateSecret updates the value of an existing secret.
	UpdateSecretValue(ctx context.Context, in *secretsmanager.UpdateSecretInput) (*secretsmanager.UpdateSecretOutput, error)
	// DeleteSecret deletes an existing secret.
	DeleteSecret(ctx context.Context, in *secretsmanager.DeleteSecretInput) (*secretsmanager.DeleteSecretOutput, error)
	// TagResource adds tags to an existing secret.
	TagResource(ctx context.Context, in *secretsmanager.TagResourceInput) (*secretsmanager.TagResourceOutput, error)
	// Close closes the client and cleans up its resources. Implementations
	// should ensure that this is idempotent.
	Close(ctx context.Context) error
}

SecretsManagerClient provides a common interface to interact with a client backed by AWS Secrets Manager. Implementations must handle retrying and backoff.

type StoredRepositoryCredentials 

type StoredRepositoryCredentials struct {
	// Username is the username for authentication.
	Username *string `json:"username"`
	// Password is the password for authentication.
	Password *string `json:"password"`
}

StoredRepositoryCredentials represents the storage format of repository credentials for using images from private repositories.

func NewStoredRepositoryCredentials 

func NewStoredRepositoryCredentials() *StoredRepositoryCredentials

NewStoredRepositoryCredentials returns a new uninitialized set of repository credentials for storage.

func (*StoredRepositoryCredentials) SetPassword 

func (c *StoredRepositoryCredentials) SetPassword(pwd string) *StoredRepositoryCredentials

SetPassword sets the stored repository credential's password.

func (*StoredRepositoryCredentials) SetUsername 

func (c *StoredRepositoryCredentials) SetUsername(name string) *StoredRepositoryCredentials

SetUsername sets the stored repository credential's username.

func (*StoredRepositoryCredentials) Validate 

func (c *StoredRepositoryCredentials) Validate() error

Validate checks that the username and password are set.

type TagClient 

type TagClient interface {
	// GetResources lists arbitrary AWS resources matching the input.
	GetResources(ctx context.Context, in *resourcegroupstaggingapi.GetResourcesInput) (*resourcegroupstaggingapi.GetResourcesOutput, error)
	// Close closes the client and cleans up its resources. Implementations
	// should ensure that this is idempotent.
	Close(ctx context.Context) error
}

TagClient provides a common interface to interact with a client backed by the AWS Resource Groups Tagging API. Implementations must handle retrying and backoff.

type Vault 

type Vault interface {
	// CreateSecret creates a new secret and returns the unique identifier for
	// the stored secret. If the secret already exists, it just returns the
	// unique identifier for the existing secret without modifying its value. To
	// update the secret's value, see UpdateValue.
	CreateSecret(ctx context.Context, s NamedSecret) (id string, err error)
	// GetValue returns the value of the secret identified by ID.
	GetValue(ctx context.Context, id string) (val string, err error)
	// UpdateValue updates an existing secret's value by ID.
	UpdateValue(ctx context.Context, s NamedSecret) error
	// DeleteSecret deletes a secret by ID.
	DeleteSecret(ctx context.Context, id string) error
}

Vault allows you to interact with a secrets storage service.

Source Files

View all Source files

Directories

Path Synopsis
Package awsutil provide common helper utilities to interact with AWS.
 Package awsutil provide common helper utilities to interact with AWS.
cmd
run-linter
verify-mod-tidy
Package ecs provides implementations of interfaces to interact with and manage ECS-backed pods and pod definitions.
 Package ecs provides implementations of interfaces to interact with and manage ECS-backed pods and pod definitions.
internal
testcase
testutil
Package mock provides mock implementations of interfaces for testing purposes.
 Package mock provides mock implementations of interfaces for testing purposes.
Package secret provides implementations of interfaces to interact with ancillary secrets management services that integrate with pods.
 Package secret provides implementations of interfaces to interact with ancillary secrets management services that integrate with pods.
Package tag provides an interface to manage arbitrary tagged resources in AWS.
 Package tag provides an interface to manage arbitrary tagged resources in AWS.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.