bank-vaults: github.com/banzaicloud/bank-vaults/operator/pkg/apis/vault/v1alpha1 Index | Files

package v1alpha1

import "github.com/banzaicloud/bank-vaults/operator/pkg/apis/vault/v1alpha1"

Package v1alpha1 contains API Schema definitions for the vault v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=vault.banzaicloud.com

Package v1alpha1 contains API Schema definitions for the vault v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=vault.banzaicloud.com

Index

Package Files

doc.go register.go vault_types.go zz_generated.deepcopy.go zz_generated.defaults.go

Variables

var (
    // SchemeGroupVersion is group version used to register these objects
    SchemeGroupVersion = schema.GroupVersion{Group: "vault.banzaicloud.com", Version: "v1alpha1"}

    // SchemeBuilder is used to add go types to the GroupVersionKind scheme
    SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
    // AddToScheme helper
    AddToScheme = SchemeBuilder.AddToScheme
)
var HAStorageTypes = map[string]bool{
    "consul":    true,
    "dynamodb":  true,
    "etcd":      true,
    "gcs":       true,
    "mysql":     true,
    "spanner":   true,
    "zookeeper": true,
}

HAStorageTypes is the set of storage backends supporting High Availability

func Kind Uses

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func RegisterDefaults Uses

func RegisterDefaults(scheme *runtime.Scheme) error

RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.

func Resource Uses

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

type AWSUnsealConfig Uses

type AWSUnsealConfig struct {
    KMSKeyID  string `json:"kmsKeyId"`
    KMSRegion string `json:"kmsRegion"`
    S3Bucket  string `json:"s3Bucket"`
    S3Prefix  string `json:"s3Prefix"`
    S3Region  string `json:"s3Region"`
}

AWSUnsealConfig holds the parameters for AWS KMS based unsealing

func (*AWSUnsealConfig) DeepCopy Uses

func (in *AWSUnsealConfig) DeepCopy() *AWSUnsealConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSUnsealConfig.

func (*AWSUnsealConfig) DeepCopyInto Uses

func (in *AWSUnsealConfig) DeepCopyInto(out *AWSUnsealConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AlibabaUnsealConfig Uses

type AlibabaUnsealConfig struct {
    KMSRegion   string `json:"kmsRegion"`
    KMSKeyID    string `json:"kmsKeyId"`
    OSSEndpoint string `json:"ossEndpoint"`
    OSSBucket   string `json:"ossBucket"`
    OSSPrefix   string `json:"ossPrefix"`
}

AlibabaUnsealConfig holds the parameters for Alibaba Cloud KMS based unsealing

--alibaba-kms-region eu-central-1 --alibaba-kms-key-id 9d8063eb-f9dc-421b-be80-15d195c9f148 --alibaba-oss-endpoint oss-eu-central-1.aliyuncs.com --alibaba-oss-bucket bank-vaults

func (*AlibabaUnsealConfig) DeepCopy Uses

func (in *AlibabaUnsealConfig) DeepCopy() *AlibabaUnsealConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AlibabaUnsealConfig.

func (*AlibabaUnsealConfig) DeepCopyInto Uses

func (in *AlibabaUnsealConfig) DeepCopyInto(out *AlibabaUnsealConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureUnsealConfig Uses

type AzureUnsealConfig struct {
    KeyVaultName string `json:"keyVaultName"`
}

AzureUnsealConfig holds the parameters for Azure Key Vault based unsealing

func (*AzureUnsealConfig) DeepCopy Uses

func (in *AzureUnsealConfig) DeepCopy() *AzureUnsealConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureUnsealConfig.

func (*AzureUnsealConfig) DeepCopyInto Uses

func (in *AzureUnsealConfig) DeepCopyInto(out *AzureUnsealConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsConfig Uses

type CredentialsConfig struct {
    Env        string `json:"env"`
    Path       string `json:"path"`
    SecretName string `json:"secretName"`
}

CredentialsConfig configuration for a credentials file provided as a secret

func (*CredentialsConfig) DeepCopy Uses

func (in *CredentialsConfig) DeepCopy() *CredentialsConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsConfig.

func (*CredentialsConfig) DeepCopyInto Uses

func (in *CredentialsConfig) DeepCopyInto(out *CredentialsConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GoogleUnsealConfig Uses

type GoogleUnsealConfig struct {
    KMSKeyRing    string `json:"kmsKeyRing"`
    KMSCryptoKey  string `json:"kmsCryptoKey"`
    KMSLocation   string `json:"kmsLocation"`
    KMSProject    string `json:"kmsProject"`
    StorageBucket string `json:"storageBucket"`
}

GoogleUnsealConfig holds the parameters for Google KMS based unsealing

func (*GoogleUnsealConfig) DeepCopy Uses

func (in *GoogleUnsealConfig) DeepCopy() *GoogleUnsealConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GoogleUnsealConfig.

func (*GoogleUnsealConfig) DeepCopyInto Uses

func (in *GoogleUnsealConfig) DeepCopyInto(out *GoogleUnsealConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Ingress Uses

type Ingress struct {
    Annotations map[string]string   `json:"annotations,omitempty"`
    Spec        v1beta1.IngressSpec `json:"spec,omitempty"`
}

Ingress specification for the Vault cluster

func (*Ingress) DeepCopy Uses

func (in *Ingress) DeepCopy() *Ingress

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ingress.

func (*Ingress) DeepCopyInto Uses

func (in *Ingress) DeepCopyInto(out *Ingress)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesUnsealConfig Uses

type KubernetesUnsealConfig struct {
    SecretNamespace string `json:"secretNamespace"`
    SecretName      string `json:"secretName"`
}

KubernetesUnsealConfig holds the parameters for Kubernetes based unsealing

func (*KubernetesUnsealConfig) DeepCopy Uses

func (in *KubernetesUnsealConfig) DeepCopy() *KubernetesUnsealConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesUnsealConfig.

func (*KubernetesUnsealConfig) DeepCopyInto Uses

func (in *KubernetesUnsealConfig) DeepCopyInto(out *KubernetesUnsealConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Resources Uses

type Resources struct {
    Vault              *v1.ResourceRequirements `json:"vault,omitempty"`
    BankVaults         *v1.ResourceRequirements `json:"bankVaults,omitempty"`
    Etcd               *v1.ResourceRequirements `json:"etcd,omitempty"`
    PrometheusExporter *v1.ResourceRequirements `json:"prometheusExporter,omitempty"`
}

Resources holds different container's ResourceRequirements

func (*Resources) DeepCopy Uses

func (in *Resources) DeepCopy() *Resources

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resources.

func (*Resources) DeepCopyInto Uses

func (in *Resources) DeepCopyInto(out *Resources)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type UnsealConfig Uses

type UnsealConfig struct {
    Options    UnsealOptions           `json:"options,omitempty"`
    Kubernetes *KubernetesUnsealConfig `json:"kubernetes,omitempty"`
    Google     *GoogleUnsealConfig     `json:"google,omitempty"`
    Alibaba    *AlibabaUnsealConfig    `json:"alibaba,omitempty"`
    Azure      *AzureUnsealConfig      `json:"azure,omitempty"`
    AWS        *AWSUnsealConfig        `json:"aws,omitempty"`
}

UnsealConfig represents the UnsealConfig field of a VaultSpec Kubernetes object

func (*UnsealConfig) DeepCopy Uses

func (in *UnsealConfig) DeepCopy() *UnsealConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UnsealConfig.

func (*UnsealConfig) DeepCopyInto Uses

func (in *UnsealConfig) DeepCopyInto(out *UnsealConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*UnsealConfig) ToArgs Uses

func (usc *UnsealConfig) ToArgs(vault *Vault) []string

ToArgs returns the UnsealConfig as and argument array for bank-vaults

type UnsealOptions Uses

type UnsealOptions struct {
    PreFlightChecks bool `json:"preFlightChecks,omitempty"`
}

UnsealOptions represents the common options to all unsealing backends

func (*UnsealOptions) DeepCopy Uses

func (in *UnsealOptions) DeepCopy() *UnsealOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UnsealOptions.

func (*UnsealOptions) DeepCopyInto Uses

func (in *UnsealOptions) DeepCopyInto(out *UnsealOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (UnsealOptions) ToArgs Uses

func (uso UnsealOptions) ToArgs() []string

type Vault Uses

type Vault struct {
    metav1.TypeMeta   `json:",inline"`
    metav1.ObjectMeta `json:"metadata,omitempty"`

    Spec   VaultSpec   `json:"spec,omitempty"`
    Status VaultStatus `json:"status,omitempty"`
}

+genclient +genclient:noStatus +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +k8s:openapi-gen=true

func (*Vault) DeepCopy Uses

func (in *Vault) DeepCopy() *Vault

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Vault.

func (*Vault) DeepCopyInto Uses

func (in *Vault) DeepCopyInto(out *Vault)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Vault) DeepCopyObject Uses

func (in *Vault) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Vault) GetIngress Uses

func (vault *Vault) GetIngress() *Ingress

GetIngress the Ingress configuration for Vault if any

type VaultConfig Uses

type VaultConfig map[string]interface{}

func (VaultConfig) DeepCopy Uses

func (c VaultConfig) DeepCopy() VaultConfig

func (VaultConfig) DeepCopyInto Uses

func (in VaultConfig) DeepCopyInto(out *VaultConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VaultExternalConfig Uses

type VaultExternalConfig map[string]interface{}

func (VaultExternalConfig) DeepCopy Uses

func (c VaultExternalConfig) DeepCopy() VaultExternalConfig

func (VaultExternalConfig) DeepCopyInto Uses

func (in VaultExternalConfig) DeepCopyInto(out *VaultExternalConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VaultList Uses

type VaultList struct {
    metav1.TypeMeta `json:",inline"`
    metav1.ListMeta `json:"metadata,omitempty"`
    Items           []Vault `json:"items"`
}

+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*VaultList) DeepCopy Uses

func (in *VaultList) DeepCopy() *VaultList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultList.

func (*VaultList) DeepCopyInto Uses

func (in *VaultList) DeepCopyInto(out *VaultList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VaultList) DeepCopyObject Uses

func (in *VaultList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type VaultSpec Uses

type VaultSpec struct {
    // Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file
    Size                       int32                 `json:"size"`
    Image                      string                `json:"image"`
    BankVaultsImage            string                `json:"bankVaultsImage"`
    StatsdDisabled             bool                  `json:"statsdDisabled"`
    StatsDImage                string                `json:"statsdImage"`
    FluentDEnabled             bool                  `json:"fluentdEnabled"`
    FluentDImage               string                `json:"fluentdImage"`
    FluentDConfig              string                `json:"fluentdConfig"`
    Annotations                map[string]string     `json:"annotations"`
    VaultAnnotations           map[string]string     `json:"vaultAnnotations"`
    VaultConfigurerAnnotations map[string]string     `json:"vaultConfigurerAnnotations"`
    Config                     VaultConfig           `json:"config"`
    ExternalConfig             VaultExternalConfig   `json:"externalConfig"`
    UnsealConfig               UnsealConfig          `json:"unsealConfig"`
    CredentialsConfig          CredentialsConfig     `json:"credentialsConfig"`
    EnvsConfig                 []v1.EnvVar           `json:"envsConfig"`
    SecurityContext            v1.PodSecurityContext `json:"securityContext,omitempty"`
    // This option gives us the option to workaround current StatefulSet limitations around updates
    // See: https://github.com/kubernetes/kubernetes/issues/67250
    // TODO: Should be removed once the ParallelPodManagement policy supports the broken update.
    EtcdVersion           string                        `json:"etcdVersion"`
    EtcdSize              int                           `json:"etcdSize"`
    EtcdAnnotations       map[string]string             `json:"etcdAnnotations,omitempty"`
    EtcdPodAnnotations    map[string]string             `json:"etcdPodAnnotations,omitempty"`
    EtcdPVCSpec           *v1.PersistentVolumeClaimSpec `json:"etcdPVCSpec,omitempty"`
    ServiceType           string                        `json:"serviceType"`
    ServicePorts          map[string]int32              `json:"servicePorts"`
    PodAntiAffinity       string                        `json:"podAntiAffinity"`
    NodeAffinity          v1.NodeAffinity               `json:"nodeAffinity"`
    NodeSelector          map[string]string             `json:"nodeSelector"`
    Tolerations           []v1.Toleration               `json:"tolerations"`
    ServiceAccount        string                        `json:"serviceAccount"`
    Volumes               []v1.Volume                   `json:"volumes,omitempty"`
    VolumeMounts          []v1.VolumeMount              `json:"volumeMounts,omitempty"`
    VaultEnvsConfig       []v1.EnvVar                   `json:"vaultEnvsConfig"`
    Resources             *Resources                    `json:"resources,omitempty"`
    Ingress               *Ingress                      `json:"ingress,omitempty"`
    ServiceMonitorEnabled bool                          `json:"serviceMonitorEnabled,omitempty"`
}

VaultSpec defines the desired state of Vault

func (*VaultSpec) ConfigJSON Uses

func (spec *VaultSpec) ConfigJSON() string

ConfigJSON returns the Config field as a JSON string

func (*VaultSpec) DeepCopy Uses

func (in *VaultSpec) DeepCopy() *VaultSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultSpec.

func (*VaultSpec) DeepCopyInto Uses

func (in *VaultSpec) DeepCopyInto(out *VaultSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VaultSpec) ExternalConfigJSON Uses

func (spec *VaultSpec) ExternalConfigJSON() string

ExternalConfigJSON returns the ExternalConfig field as a JSON string

func (*VaultSpec) GetAnnotations Uses

func (spec *VaultSpec) GetAnnotations() map[string]string

GetAnnotations returns the Common Annotations

func (*VaultSpec) GetBankVaultsImage Uses

func (spec *VaultSpec) GetBankVaultsImage() string

GetBankVaultsImage returns the bank-vaults image to use

func (*VaultSpec) GetEtcdSize Uses

func (spec *VaultSpec) GetEtcdSize() int

GetEtcdSize returns the number of etcd pods to use

func (*VaultSpec) GetEtcdVersion Uses

func (spec *VaultSpec) GetEtcdVersion() string

GetEtcdVersion returns the etcd version to use

func (*VaultSpec) GetFluentDImage Uses

func (spec *VaultSpec) GetFluentDImage() string

GetFluentDImage returns the FluentD image to use

func (*VaultSpec) GetServiceAccount Uses

func (spec *VaultSpec) GetServiceAccount() string

GetServiceAccount returns the Kubernetes Service Account to use for Vault

func (*VaultSpec) GetStatsDImage Uses

func (spec *VaultSpec) GetStatsDImage() string

GetStatsDImage returns the StatsD image to use

func (*VaultSpec) GetStorage Uses

func (spec *VaultSpec) GetStorage() map[string]interface{}

GetStorage returns Vault's storage stanza

func (*VaultSpec) GetStorageType Uses

func (spec *VaultSpec) GetStorageType() string

GetStorageType returns the type of Vault's storage stanza

func (*VaultSpec) GetTLSDisable Uses

func (spec *VaultSpec) GetTLSDisable() bool

GetTLSDisable returns if Vault's TLS is disabled

func (*VaultSpec) GetVaultAnnotations Uses

func (spec *VaultSpec) GetVaultAnnotations() map[string]string

GetVaultAnnotations returns the Vault Pod , Secret and ConfigMap Annotations

func (*VaultSpec) GetVaultConfigurerAnnotations Uses

func (spec *VaultSpec) GetVaultConfigurerAnnotations() map[string]string

GetVaultConfigurerAnnotations returns the Vault Configurer Pod Annotations

func (*VaultSpec) GetVersion Uses

func (spec *VaultSpec) GetVersion() (*semver.Version, error)

GetVersion returns the version of Vault

func (*VaultSpec) HasHAStorage Uses

func (spec *VaultSpec) HasHAStorage() bool

HasHAStorage detects if Vault is configured to use a storage backend which supports High Availability or if it has ha_storage stanza, then doesn't check for ha_enabled flag

func (*VaultSpec) HasStorageHAEnabled Uses

func (spec *VaultSpec) HasStorageHAEnabled() bool

HasStorageHAEnabled detects if the ha_enabled field is set to true in Vault's storage stanza

func (*VaultSpec) IsAutoUnseal Uses

func (spec *VaultSpec) IsAutoUnseal() bool

IsAutoUnseal checks if auto-unseal is configured

func (*VaultSpec) IsFluentDEnabled Uses

func (spec *VaultSpec) IsFluentDEnabled() bool

IsFluentDEnabled returns true if fluentd sidecar is to be deployed

func (*VaultSpec) IsStatsdDisabled Uses

func (spec *VaultSpec) IsStatsdDisabled() bool

IsStatsdDisabled returns false if statsd sidecar is to be deployed

type VaultStatus Uses

type VaultStatus struct {
    // Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file
    Nodes  []string `json:"nodes"`
    Leader string   `json:"leader"`
}

VaultStatus defines the observed state of Vault

func (*VaultStatus) DeepCopy Uses

func (in *VaultStatus) DeepCopy() *VaultStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultStatus.

func (*VaultStatus) DeepCopyInto Uses

func (in *VaultStatus) DeepCopyInto(out *VaultStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Package v1alpha1 imports 14 packages (graph) and is imported by 7 packages. Updated 2019-05-23. Refresh now. Tools for package owners.