Documentation
¶
Overview ¶
Package v1beta1 contains API Schema definitions for the vault.infra.doodle.com v1beta1 API group +kubebuilder:object:generate=true +groupName=vault.infra.doodle.com
Index ¶
- Constants
- Variables
- type FieldMapping
- type VaultAuthSpec
- type VaultBinding
- type VaultBindingList
- type VaultBindingSpec
- type VaultBindingStatus
- type VaultBindingVaultStatus
- type VaultMirror
- type VaultMirrorList
- type VaultMirrorSpec
- type VaultMirrorStatus
- type VaultMirrorVaultStatus
- type VaultSpec
- type VaultTLSSpec
Constants ¶
const ( VaultConnectionFailedReason = "VaultConnectionFailed" VaultUpdateFailedReason = "VaultUpdateFailed" VaultUpdateSuccessfulReason = "VaultUpdateSuccessful" VaultReadSourceFailedReason = "VaultReadSourceFailed" SecretNotFoundReason = "SecretNotFoundFailed" )
Status reasons
const (
BoundCondition = "Bound"
)
Status conditions
Variables ¶
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "vault.infra.doodle.com", Version: "v1beta1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type FieldMapping ¶
type FieldMapping struct {
// Name is the kubernetes secret field name
// +required
Name string `json:"name"`
// Rename is no required. Hovever it may be used to rewrite the field name
// +optional
Rename string `json:"rename,omitempty"`
}
FieldMapping maps a secret field to the vault path
func (*FieldMapping) DeepCopy ¶
func (in *FieldMapping) DeepCopy() *FieldMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FieldMapping.
func (*FieldMapping) DeepCopyInto ¶
func (in *FieldMapping) DeepCopyInto(out *FieldMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultAuthSpec ¶
type VaultAuthSpec struct {
// Type is by default kubernetes authentication. The vault needs to be equipped with
// the kubernetes auth method. Currently only kubernetes is supported.
// +optional
Type string `json:"type,omitempty"`
// TokenPath allows to use a different token path used for kubernetes authentication.
// +optional
TokenPath string `json:"tokenPath,omitempty"`
// Role is used to map the kubernetes serviceAccount to a vault role.
// A default VAULT_ROLE might be set for the controller. If neither is set
// the VaultMirror can not authenticate.
// +optional
Role string `json:"role,omitempty"`
}
VaultAuthSpec is the confuguration for vault authentication which by default is kubernetes auth (And the only supported one in the current state)
func (*VaultAuthSpec) DeepCopy ¶
func (in *VaultAuthSpec) DeepCopy() *VaultAuthSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuthSpec.
func (*VaultAuthSpec) DeepCopyInto ¶
func (in *VaultAuthSpec) DeepCopyInto(out *VaultAuthSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultBinding ¶
type VaultBinding struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec VaultBindingSpec `json:"spec,omitempty"`
Status VaultBindingStatus `json:"status,omitempty"`
}
VaultBinding is the Schema for the vaultbindings API
func VaultBindingBound ¶
func VaultBindingBound(binding VaultBinding, reason, message string) VaultBinding
VaultBindingBound de
func VaultBindingNotBound ¶
func VaultBindingNotBound(binding VaultBinding, reason, message string) VaultBinding
VaultBindingNotBound de
func (*VaultBinding) DeepCopy ¶
func (in *VaultBinding) DeepCopy() *VaultBinding
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultBinding.
func (*VaultBinding) DeepCopyInto ¶
func (in *VaultBinding) DeepCopyInto(out *VaultBinding)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultBinding) DeepCopyObject ¶
func (in *VaultBinding) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*VaultBinding) GetStatusConditions ¶
func (in *VaultBinding) GetStatusConditions() *[]metav1.Condition
GetStatusConditions returns a pointer to the Status.Conditions slice
type VaultBindingList ¶
type VaultBindingList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []VaultBinding `json:"items"`
}
VaultBindingList contains a list of VaultBinding
func (*VaultBindingList) DeepCopy ¶
func (in *VaultBindingList) DeepCopy() *VaultBindingList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultBindingList.
func (*VaultBindingList) DeepCopyInto ¶
func (in *VaultBindingList) DeepCopyInto(out *VaultBindingList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultBindingList) DeepCopyObject ¶
func (in *VaultBindingList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type VaultBindingSpec ¶
type VaultBindingSpec struct {
*VaultSpec `json:",inline"`
// Define the secrets which must be mapped to vault
// +optional
Fields []FieldMapping `json:"fields,omitempty"`
// By default existing matching fields in vault do not get overwritten
// +optional
ForceApply bool `json:"forceApply,omitempty"`
// The kubernetes secret the VaultBinding is referring to
// +required
Secret *corev1.SecretReference `json:"secret"`
}
VaultBindingSpec defines the desired state of VaultBinding
func (*VaultBindingSpec) DeepCopy ¶
func (in *VaultBindingSpec) DeepCopy() *VaultBindingSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultBindingSpec.
func (*VaultBindingSpec) DeepCopyInto ¶
func (in *VaultBindingSpec) DeepCopyInto(out *VaultBindingSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultBindingSpec) GetFieldMapping ¶
func (in *VaultBindingSpec) GetFieldMapping() []FieldMapping
func (*VaultBindingSpec) GetPath ¶
func (in *VaultBindingSpec) GetPath() string
func (*VaultBindingSpec) IsForceApply ¶
func (in *VaultBindingSpec) IsForceApply() bool
type VaultBindingStatus ¶
type VaultBindingStatus struct {
// Conditions holds the conditions for the VaultBinding.
// +optional
Conditions []metav1.Condition `json:"conditions,omitempty"`
// ObservedGeneration is the last generation reconciled by the controller
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
// Vault Status (not implemented yet)
Vault VaultBindingVaultStatus `json:",inline"`
}
VaultBindingStatus defines the observed state of VaultBinding
func (*VaultBindingStatus) DeepCopy ¶
func (in *VaultBindingStatus) DeepCopy() *VaultBindingStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultBindingStatus.
func (*VaultBindingStatus) DeepCopyInto ¶
func (in *VaultBindingStatus) DeepCopyInto(out *VaultBindingStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultBindingVaultStatus ¶
type VaultBindingVaultStatus struct {
Address string `json:"address,omitempty"`
Path string `json:"path,omitempty"`
Fields string `json:"fields,omitempty"`
}
func (*VaultBindingVaultStatus) DeepCopy ¶
func (in *VaultBindingVaultStatus) DeepCopy() *VaultBindingVaultStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultBindingVaultStatus.
func (*VaultBindingVaultStatus) DeepCopyInto ¶
func (in *VaultBindingVaultStatus) DeepCopyInto(out *VaultBindingVaultStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultMirror ¶
type VaultMirror struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec VaultMirrorSpec `json:"spec,omitempty"`
Status VaultMirrorStatus `json:"status,omitempty"`
}
VaultMirror is the Schema for the vaultmirrors API
func VaultMirrorBound ¶
func VaultMirrorBound(mirror VaultMirror, reason, message string) VaultMirror
VaultMirrorBound de
func VaultMirrorNotBound ¶
func VaultMirrorNotBound(mirror VaultMirror, reason, message string) VaultMirror
VaultMirrorNotBound de
func (*VaultMirror) DeepCopy ¶
func (in *VaultMirror) DeepCopy() *VaultMirror
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultMirror.
func (*VaultMirror) DeepCopyInto ¶
func (in *VaultMirror) DeepCopyInto(out *VaultMirror)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultMirror) DeepCopyObject ¶
func (in *VaultMirror) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*VaultMirror) GetStatusConditions ¶
func (in *VaultMirror) GetStatusConditions() *[]metav1.Condition
GetStatusConditions returns a pointer to the Status.Conditions slice
type VaultMirrorList ¶
type VaultMirrorList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []VaultMirror `json:"items"`
}
VaultMirrorList contains a list of VaultMirror
func (*VaultMirrorList) DeepCopy ¶
func (in *VaultMirrorList) DeepCopy() *VaultMirrorList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultMirrorList.
func (*VaultMirrorList) DeepCopyInto ¶
func (in *VaultMirrorList) DeepCopyInto(out *VaultMirrorList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultMirrorList) DeepCopyObject ¶
func (in *VaultMirrorList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type VaultMirrorSpec ¶
type VaultMirrorSpec struct {
// Source vault server to mirror
// +required
Source *VaultSpec `json:"source"`
// Destination vault server
// +required
Destination *VaultSpec `json:"destination"`
// Vault does not provide a watch api, therefore the controller may reconcile a mirror in a specified interval
// +optional
Interval *metav1.Duration `json:"interval,omitempty"`
// By default existing matching fields in vault do not get overwritten
// +optional
ForceApply bool `json:"forceApply,omitempty"`
// Define the secrets which must be mapped to vault
// +optional
Fields []FieldMapping `json:"fields,omitempty"`
}
VaultMirrorSpec defines the desired state of VaultMirror
func (*VaultMirrorSpec) DeepCopy ¶
func (in *VaultMirrorSpec) DeepCopy() *VaultMirrorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultMirrorSpec.
func (*VaultMirrorSpec) DeepCopyInto ¶
func (in *VaultMirrorSpec) DeepCopyInto(out *VaultMirrorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VaultMirrorSpec) GetFieldMapping ¶
func (in *VaultMirrorSpec) GetFieldMapping() []FieldMapping
func (*VaultMirrorSpec) GetPath ¶
func (in *VaultMirrorSpec) GetPath() string
func (*VaultMirrorSpec) IsForceApply ¶
func (in *VaultMirrorSpec) IsForceApply() bool
type VaultMirrorStatus ¶
type VaultMirrorStatus struct {
// Conditions holds the conditions for the VaultMirror.
// +optional
Conditions []metav1.Condition `json:"conditions,omitempty"`
// ObservedGeneration is the last generation reconciled by the controller
ObservedGeneration int64 `json:"observedGeneration,omitempty"`
// Vault Status (not implemented yet)
Vault VaultMirrorVaultStatus `json:",inline"`
}
VaultMirrorStatus defines the observed state of VaultMirror
func (*VaultMirrorStatus) DeepCopy ¶
func (in *VaultMirrorStatus) DeepCopy() *VaultMirrorStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultMirrorStatus.
func (*VaultMirrorStatus) DeepCopyInto ¶
func (in *VaultMirrorStatus) DeepCopyInto(out *VaultMirrorStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultMirrorVaultStatus ¶
type VaultMirrorVaultStatus struct {
Address string `json:"address,omitempty"`
Path string `json:"path,omitempty"`
Fields string `json:"fields,omitempty"`
}
func (*VaultMirrorVaultStatus) DeepCopy ¶
func (in *VaultMirrorVaultStatus) DeepCopy() *VaultMirrorVaultStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultMirrorVaultStatus.
func (*VaultMirrorVaultStatus) DeepCopyInto ¶
func (in *VaultMirrorVaultStatus) DeepCopyInto(out *VaultMirrorVaultStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultSpec ¶
type VaultSpec struct {
// The http URL for the vault server
// By default the global VAULT_ADDRESS gets used.
// +optional
Address string `json:"address,omitempty"`
// Vault TLS configuration
// +optional
TLSConfig VaultTLSSpec `json:"tlsConfig"`
// Vault authentication parameters
// +optional
Auth VaultAuthSpec `json:"auth,omitempty"`
// The vault path, for example: /secret/myapp
// +required
Path string `json:"path"`
}
VaultSpec defines how to connect to a vault
func (*VaultSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultSpec.
func (*VaultSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VaultTLSSpec ¶
type VaultTLSSpec struct {
// +optional
CACert string `json:"caCert,omitempty"`
// +optional
CAPath string `json:"caPath,omitempty"`
// +optional
ClientCert string `json:"clientCert,omitempty"`
// +optional
ClientKey string `json:"clientKey,omitempty"`
// +optional
ServerName string `json:"serverName,omitempty"`
// +optional
Insecure bool `json:"insecure,omitempty"`
}
VaultTLSSpec Vault TLS options
func (*VaultTLSSpec) DeepCopy ¶
func (in *VaultTLSSpec) DeepCopy() *VaultTLSSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultTLSSpec.
func (*VaultTLSSpec) DeepCopyInto ¶
func (in *VaultTLSSpec) DeepCopyInto(out *VaultTLSSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files