README
¶
Specification of the third party object used to issue random keys secret for Kubernetes clusters running on the Giantnetes platform from Giant Swarm.
License
randomkeytpr is under the Apache 2.0 license. See the LICENSE file for details.
Documentation
¶
Index ¶
Constants ¶
const ( // Name represents the name of the third party resource within Kubernetes. Name = "randomkey.giantswarm.io" // VersionV1 is the v1 version of this resource. VersionV1 = "v1" // Description is the description of this resource. Description = "Random keys used as secret in the cluster." )
const ( // KeyLabel is the label used in the secret to identify a cluster // key. KeyLabel string = "clusterKey" // ClusterIDLabel is the label used in the secret to identify a cluster. ClusterIDLabel string = "clusterID" )
These constants are used when filtering the secrets, to only retrieve the ones we are interested in.
const ( // WatchTimeOut is the time to wait on watches against the Kubernetes API // before giving up and throwing an error. WatchTimeOut = 90 * time.Second )
Variables ¶
var RandomKeyTypes = []Key{ EncryptionKey, }
RandomKeyTypes is a slice enumerating all the Random Key assets we need to boot the cluster.
Functions ¶
func IsInvalidConfig ¶
IsInvalidConfig asserts invalidConfigError.
func IsSecretsRetrievalFailed ¶
IsSecretsRetrievalFailed asserts secretsRetrievalFailedError.
Types ¶
type ClusterComponent ¶
type ClusterComponent string
ClusterComponent represents the individual component of a k8s cluster, e.g. the API server, or etcd These are used when getting a secret from the k8s API, to identify the component the secret belongs to.
func (ClusterComponent) String ¶
func (c ClusterComponent) String() string
type CompactRandomKeyAssets ¶
type CompactRandomKeyAssets struct {
APIServerEncryptionKey string
}
CompactRandomKeyAssets is a struct used by operators to store stringified Random Key assets.
type CustomObject ¶
type CustomObject struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata" yaml:"metadata"`
Spec Spec `json:"spec" yaml:"spec"`
}
CustomObject represents the Random Key TPR's custom object. It holds the specifications of the resource the operator is interested in.
type Key ¶
type Key string
Key represents the type of Random Key asset, e.g. a encryption key. These are used when getting a secret from the k8s API, to identify the specific type of Random Key asset that is contained in the secret.
const ( // EncryptionKey is the key for the kubernetes encryption. EncryptionKey Key = "encryption" )
These constants are used to match each asset in the secret.
type List ¶
type List struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata" yaml:"metadata"`
Items []CustomObject `json:"items" yaml:"items"`
}
List represents a list of CustomObject resources.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service implements the certificate TPR service.
func NewService ¶
func NewService(config ServiceConfig) (*Service, error)
NewService creates a new configured certificate TPR service.
func (*Service) SearchKeys ¶
SearchKeys watches for keys secrets of a cluster
type ServiceConfig ¶
type ServiceConfig struct {
// Dependencies.
K8sClient kubernetes.Interface
Logger micrologger.Logger
}
ServiceConfig represents the configuration used to create a certificate TPR service.
func DefaultServiceConfig ¶
func DefaultServiceConfig() ServiceConfig
DefaultServiceConfig provides a default configuration to create a new certificate TPR service by best effort.
Source Files
Directories