constellation

package

v2.16.3 Latest Latest Go to latest Published: Apr 11, 2024 License: AGPL-3.0 Imports: 35 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edgelesssys/constellation

Links

Open Source Insights

Documentation ¶

Overview ¶

This package capsulates the Constellation API, which is used to manage and interact with Constellation clusters.

It should be used as the main entry point for any code that needs to interact with said entities, with priority over using other internal packages directly.

Index ¶

func MarshalServiceAccountURI(provider cloudprovider.Provider, payload ServiceAccountPayload) (string, error)
type Applier
- func NewApplier(log debugLog, spinner spinnerInterf, applyContext ApplyContext, ...) *Applier
type ApplyContext
type GrpcDialer
type InitOutput
type InitPayload
type NonRetriableInitError
- func (e *NonRetriableInitError) Error() string
- func (e *NonRetriableInitError) Unwrap() error
type ServiceAccountPayload

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func MarshalServiceAccountURI ¶

func MarshalServiceAccountURI(provider cloudprovider.Provider, payload ServiceAccountPayload) (string, error)

MarshalServiceAccountURI returns the service account URI for the given cloud provider.

Types ¶

type Applier ¶

type Applier struct {
	// contains filtered or unexported fields
}

An Applier handles applying a specific configuration to a Constellation cluster with existing Infrastructure. In Particular, this involves Initialization and Upgrading of the cluster.

func NewApplier ¶

func NewApplier(
	log debugLog, spinner spinnerInterf,
	applyContext ApplyContext,
	newDialer func(validator atls.Validator) *dialer.Dialer,
) *Applier

NewApplier creates a new Applier.

func (*Applier) ApplyJoinConfig ¶

func (a *Applier) ApplyJoinConfig(ctx context.Context, newAttestConfig config.AttestationCfg, measurementSalt []byte) error

ApplyJoinConfig creates or updates the Constellation cluster's join-config ConfigMap.

func (*Applier) BackupCRDs ¶

func (a *Applier) BackupCRDs(ctx context.Context, fileHandler file.Handler, upgradeDir string) ([]apiextensionsv1.CustomResourceDefinition, error)

BackupCRDs backs up all CRDs to the upgrade workspace.

func (*Applier) BackupCRs ¶

func (a *Applier) BackupCRs(ctx context.Context, fileHandler file.Handler, crds []apiextensionsv1.CustomResourceDefinition, upgradeDir string) error

BackupCRs backs up all CRs to the upgrade workspace.

func (*Applier) CheckLicense ¶

func (a *Applier) CheckLicense(ctx context.Context, csp cloudprovider.Provider, initRequest bool, licenseID string) (int, error)

CheckLicense checks the given Constellation license with the license server and returns the allowed quota for the license.

func (*Applier) ExtendClusterConfigCertSANs ¶

func (a *Applier) ExtendClusterConfigCertSANs(ctx context.Context, clusterEndpoint, customEndpoint string, additionalAPIServerCertSANs []string) error

ExtendClusterConfigCertSANs extends the ClusterConfig stored under "kube-system/kubeadm-config" with the given SANs.

func (*Applier) GenerateMasterSecret ¶

func (a *Applier) GenerateMasterSecret() (uri.MasterSecret, error)

GenerateMasterSecret generates a new master secret.

func (*Applier) GenerateMeasurementSalt ¶

func (a *Applier) GenerateMeasurementSalt() ([]byte, error)

GenerateMeasurementSalt generates a new measurement salt.

func (*Applier) GetClusterAttestationConfig ¶

func (a *Applier) GetClusterAttestationConfig(ctx context.Context, variant variant.Variant) (config.AttestationCfg, error)

GetClusterAttestationConfig returns the attestation config currently set for the cluster.

func (*Applier) Init ¶

func (a *Applier) Init(
	ctx context.Context,
	validator atls.Validator,
	state *state.State,
	clusterLogWriter io.Writer,
	payload InitPayload,
) (
	InitOutput,
	error,
)

Init performs the init RPC.

func (*Applier) PrepareHelmCharts ¶

func (a *Applier) PrepareHelmCharts(
	flags helm.Options, state *state.State, serviceAccURI string, masterSecret uri.MasterSecret,
) (helm.Applier, bool, error)

PrepareHelmCharts loads Helm charts for Constellation and returns an executor to apply them.

func (*Applier) SetKubeConfig ¶

func (a *Applier) SetKubeConfig(kubeConfig []byte) error

SetKubeConfig sets the config file to use for creating Kubernetes clients.

func (*Applier) UpgradeKubernetesVersion ¶

func (a *Applier) UpgradeKubernetesVersion(ctx context.Context, kubernetesVersion versions.ValidK8sVersion, force bool) error

UpgradeKubernetesVersion upgrades the Kubernetes version of the cluster to the given version.

func (*Applier) UpgradeNodeImage ¶

func (a *Applier) UpgradeNodeImage(ctx context.Context, imageVersion semver.Semver, imageReference string, force bool) error

UpgradeNodeImage upgrades the node image of the cluster to the given version.

type ApplyContext ¶ added in v2.14.3

type ApplyContext string

ApplyContext denotes the context in which the apply command is run.

const (
	// ApplyContextCLI is used when the Applier is used by the CLI.
	ApplyContextCLI ApplyContext = "cli"
	// ApplyContextTerraform is used when the Applier is used by Terraform.
	ApplyContextTerraform ApplyContext = "terraform"
)

type GrpcDialer ¶

type GrpcDialer interface {
	Dial(ctx context.Context, target string) (*grpc.ClientConn, error)
}

GrpcDialer dials a gRPC server.

type InitOutput ¶

type InitOutput struct {
	// ClusterID is the hex encoded ID of the cluster.
	ClusterID string
	// OwnerID is the hex encoded ID of the owner of the cluster.
	OwnerID string
	// Kubeconfig is the kubeconfig for the cluster.
	Kubeconfig []byte
}

InitOutput contains the output of the init RPC.

type InitPayload ¶

type InitPayload struct {
	MasterSecret    uri.MasterSecret
	MeasurementSalt []byte
	K8sVersion      versions.ValidK8sVersion
	ConformanceMode bool
	ServiceCIDR     string
}

InitPayload contains the configurable data for the init RPC.

type NonRetriableInitError ¶

type NonRetriableInitError struct {
	LogCollectionErr error
	Err              error
}

NonRetriableInitError is returned when the init RPC fails and the error is not retriable.

func (*NonRetriableInitError) Error ¶

func (e *NonRetriableInitError) Error() string

Error returns the error message.

func (*NonRetriableInitError) Unwrap ¶

func (e *NonRetriableInitError) Unwrap() error

Unwrap returns the wrapped error.

type ServiceAccountPayload ¶

type ServiceAccountPayload struct {
	GCP       gcpshared.ServiceAccountKey
	Azure     azureshared.ApplicationCredentials
	OpenStack openstack.AccountKey
}

ServiceAccountPayload is data a service account URI can be built from for a given cloud provider.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
featureset package featureset provides a way to check whether a feature is enabled in the current build.	package featureset provides a way to check whether a feature is enabled in the current build.
helm Package helm provides a higher level interface to the Helm Go SDK.	Package helm provides a higher level interface to the Helm Go SDK.
imageversion Package imageversion contains the pinned container images for the helm charts.	Package imageversion contains the pinned container images for the helm charts.
kubecmd Package kubecmd provides functions to interact with a Kubernetes cluster to the CLI.	Package kubecmd provides functions to interact with a Kubernetes cluster to the CLI.
state package state defines the structure of the Constellation state file.	package state defines the structure of the Constellation state file.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL