creds

package

v0.0.0-...-0e5b682 Latest Latest Go to latest Published: Feb 2, 2022 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Portshift/kubei

Documentation ¶

Index ¶

Constants
type BasicRegCred
- func CreateBasicRegCred(clientset kubernetes.Interface, secretNamespace string) *BasicRegCred
- func (u *BasicRegCred) Add(job *batchv1.Job)
- func (u *BasicRegCred) ShouldAdd() bool
type CredentialAdder
type ECR
- func CreateECR(clientset kubernetes.Interface, secretNamespace string) *ECR
- func (e *ECR) Add(job *batchv1.Job)
- func (e *ECR) ShouldAdd() bool
type GCR
- func CreateGCR(clientset kubernetes.Interface, secretNamespace string) *GCR
- func (g *GCR) Add(job *batchv1.Job)
- func (g *GCR) ShouldAdd() bool

Constants ¶

View Source

const (
	AwsAccessKeyId     = "AWS_ACCESS_KEY_ID"
	AwsSecretAccessKey = "AWS_SECRET_ACCESS_KEY"
	AwsDefaultRegion   = "AWS_DEFAULT_REGION"
	EcrSaSecretName    = "ecr-sa"
)

View Source

const (
	BasicRegCredSecretName = "basic-regcred"
)

View Source

const (
	GcrSaSecretName = "gcr-sa"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type BasicRegCred ¶

type BasicRegCred struct {
	// contains filtered or unexported fields
}

func CreateBasicRegCred ¶

func CreateBasicRegCred(clientset kubernetes.Interface, secretNamespace string) *BasicRegCred

func (*BasicRegCred) Add ¶

func (u *BasicRegCred) Add(job *batchv1.Job)

func (*BasicRegCred) ShouldAdd ¶

func (u *BasicRegCred) ShouldAdd() bool

type CredentialAdder ¶

type CredentialAdder interface {
	// Returns true if credentials should be added to a scanner job
	ShouldAdd() bool
	// Adds credentials to a scanner job
	Add(job *batchv1.Job)
}

type ECR ¶

type ECR struct {
	// contains filtered or unexported fields
}

func CreateECR ¶

func CreateECR(clientset kubernetes.Interface, secretNamespace string) *ECR

func (*ECR) Add ¶

func (e *ECR) Add(job *batchv1.Job)

Klar is using google SDK to pull the user name ans password required to pull the image. We need to set the following env variables from the `EcrSaSecretName` secret: 1. AWS_ACCESS_KEY_ID 2. AWS_SECRET_ACCESS_KEY 3. AWS_DEFAULT_REGION

func (*ECR) ShouldAdd ¶

func (e *ECR) ShouldAdd() bool

type GCR ¶

type GCR struct {
	// contains filtered or unexported fields
}

func CreateGCR ¶

func CreateGCR(clientset kubernetes.Interface, secretNamespace string) *GCR

func (*GCR) Add ¶

func (g *GCR) Add(job *batchv1.Job)

Klar is using google SDK to pull the user name and password required to pull the image. We need to do the following: 1. Create a volume that holds the `gcrSaSecretFileName` data 2. Mount the volume into each container to a specific path (`gcrVolumeMountPath`/`gcrSaSecretFileName`) 3. Set `GOOGLE_APPLICATION_CREDENTIALS` to point to the mounted file

func (*GCR) ShouldAdd ¶

func (g *GCR) ShouldAdd() bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL