Documentation ¶
Overview ¶
This package capsulates the Constellation API, which is used to manage and interact with Constellation clusters.
It should be used as the main entry point for any code that needs to interact with said entities, with priority over using other internal packages directly.
Index ¶
- func MarshalServiceAccountURI(provider cloudprovider.Provider, payload ServiceAccountPayload) (string, error)
- type Applier
- func (a *Applier) ApplyJoinConfig(ctx context.Context, newAttestConfig config.AttestationCfg, ...) error
- func (a *Applier) BackupCRDs(ctx context.Context, fileHandler file.Handler, upgradeDir string) ([]apiextensionsv1.CustomResourceDefinition, error)
- func (a *Applier) BackupCRs(ctx context.Context, fileHandler file.Handler, ...) error
- func (a *Applier) CheckLicense(ctx context.Context, csp cloudprovider.Provider, initRequest bool, ...) (int, error)
- func (a *Applier) ExtendClusterConfigCertSANs(ctx context.Context, clusterEndpoint, customEndpoint string, ...) error
- func (a *Applier) GenerateMasterSecret() (uri.MasterSecret, error)
- func (a *Applier) GenerateMeasurementSalt() ([]byte, error)
- func (a *Applier) GetClusterAttestationConfig(ctx context.Context, variant variant.Variant) (config.AttestationCfg, error)
- func (a *Applier) Init(ctx context.Context, validator atls.Validator, state *state.State, ...) (InitOutput, error)
- func (a *Applier) PrepareHelmCharts(flags helm.Options, state *state.State, serviceAccURI string, ...) (helm.Applier, bool, error)
- func (a *Applier) SetKubeConfig(kubeConfig []byte) error
- func (a *Applier) UpgradeKubernetesVersion(ctx context.Context, kubernetesVersion versions.ValidK8sVersion, force bool) error
- func (a *Applier) UpgradeNodeImage(ctx context.Context, imageVersion semver.Semver, imageReference string, ...) error
- type ApplyContext
- type GrpcDialer
- type InitOutput
- type InitPayload
- type NonRetriableInitError
- type ServiceAccountPayload
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MarshalServiceAccountURI ¶
func MarshalServiceAccountURI(provider cloudprovider.Provider, payload ServiceAccountPayload) (string, error)
MarshalServiceAccountURI returns the service account URI for the given cloud provider.
Types ¶
type Applier ¶
type Applier struct {
// contains filtered or unexported fields
}
An Applier handles applying a specific configuration to a Constellation cluster with existing Infrastructure. In Particular, this involves Initialization and Upgrading of the cluster.
func NewApplier ¶
func NewApplier( log debugLog, spinner spinnerInterf, applyContext ApplyContext, newDialer func(validator atls.Validator) *dialer.Dialer, ) *Applier
NewApplier creates a new Applier.
func (*Applier) ApplyJoinConfig ¶
func (a *Applier) ApplyJoinConfig(ctx context.Context, newAttestConfig config.AttestationCfg, measurementSalt []byte) error
ApplyJoinConfig creates or updates the Constellation cluster's join-config ConfigMap.
func (*Applier) BackupCRDs ¶
func (a *Applier) BackupCRDs(ctx context.Context, fileHandler file.Handler, upgradeDir string) ([]apiextensionsv1.CustomResourceDefinition, error)
BackupCRDs backs up all CRDs to the upgrade workspace.
func (*Applier) BackupCRs ¶
func (a *Applier) BackupCRs(ctx context.Context, fileHandler file.Handler, crds []apiextensionsv1.CustomResourceDefinition, upgradeDir string) error
BackupCRs backs up all CRs to the upgrade workspace.
func (*Applier) CheckLicense ¶
func (a *Applier) CheckLicense(ctx context.Context, csp cloudprovider.Provider, initRequest bool, licenseID string) (int, error)
CheckLicense checks the given Constellation license with the license server and returns the allowed quota for the license.
func (*Applier) ExtendClusterConfigCertSANs ¶
func (a *Applier) ExtendClusterConfigCertSANs(ctx context.Context, clusterEndpoint, customEndpoint string, additionalAPIServerCertSANs []string) error
ExtendClusterConfigCertSANs extends the ClusterConfig stored under "kube-system/kubeadm-config" with the given SANs.
func (*Applier) GenerateMasterSecret ¶
func (a *Applier) GenerateMasterSecret() (uri.MasterSecret, error)
GenerateMasterSecret generates a new master secret.
func (*Applier) GenerateMeasurementSalt ¶
GenerateMeasurementSalt generates a new measurement salt.
func (*Applier) GetClusterAttestationConfig ¶
func (a *Applier) GetClusterAttestationConfig(ctx context.Context, variant variant.Variant) (config.AttestationCfg, error)
GetClusterAttestationConfig returns the attestation config currently set for the cluster.
func (*Applier) Init ¶
func (a *Applier) Init( ctx context.Context, validator atls.Validator, state *state.State, clusterLogWriter io.Writer, payload InitPayload, ) ( InitOutput, error, )
Init performs the init RPC.
func (*Applier) PrepareHelmCharts ¶
func (a *Applier) PrepareHelmCharts( flags helm.Options, state *state.State, serviceAccURI string, masterSecret uri.MasterSecret, ) (helm.Applier, bool, error)
PrepareHelmCharts loads Helm charts for Constellation and returns an executor to apply them.
func (*Applier) SetKubeConfig ¶
SetKubeConfig sets the config file to use for creating Kubernetes clients.
func (*Applier) UpgradeKubernetesVersion ¶
func (a *Applier) UpgradeKubernetesVersion(ctx context.Context, kubernetesVersion versions.ValidK8sVersion, force bool) error
UpgradeKubernetesVersion upgrades the Kubernetes version of the cluster to the given version.
type ApplyContext ¶ added in v2.14.3
type ApplyContext string
ApplyContext denotes the context in which the apply command is run.
const ( // ApplyContextCLI is used when the Applier is used by the CLI. ApplyContextCLI ApplyContext = "cli" // ApplyContextTerraform is used when the Applier is used by Terraform. ApplyContextTerraform ApplyContext = "terraform" )
type GrpcDialer ¶
GrpcDialer dials a gRPC server.
type InitOutput ¶
type InitOutput struct { // ClusterID is the hex encoded ID of the cluster. ClusterID string // OwnerID is the hex encoded ID of the owner of the cluster. OwnerID string // Kubeconfig is the kubeconfig for the cluster. Kubeconfig []byte }
InitOutput contains the output of the init RPC.
type InitPayload ¶
type InitPayload struct { MasterSecret uri.MasterSecret MeasurementSalt []byte K8sVersion versions.ValidK8sVersion ConformanceMode bool ServiceCIDR string }
InitPayload contains the configurable data for the init RPC.
type NonRetriableInitError ¶
NonRetriableInitError is returned when the init RPC fails and the error is not retriable.
func (*NonRetriableInitError) Error ¶
func (e *NonRetriableInitError) Error() string
Error returns the error message.
func (*NonRetriableInitError) Unwrap ¶
func (e *NonRetriableInitError) Unwrap() error
Unwrap returns the wrapped error.
type ServiceAccountPayload ¶
type ServiceAccountPayload struct { GCP gcpshared.ServiceAccountKey Azure azureshared.ApplicationCredentials OpenStack openstack.AccountKey }
ServiceAccountPayload is data a service account URI can be built from for a given cloud provider.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
package featureset provides a way to check whether a feature is enabled in the current build.
|
package featureset provides a way to check whether a feature is enabled in the current build. |
Package helm provides a higher level interface to the Helm Go SDK.
|
Package helm provides a higher level interface to the Helm Go SDK. |
imageversion
Package imageversion contains the pinned container images for the helm charts.
|
Package imageversion contains the pinned container images for the helm charts. |
Package kubecmd provides functions to interact with a Kubernetes cluster to the CLI.
|
Package kubecmd provides functions to interact with a Kubernetes cluster to the CLI. |
package state defines the structure of the Constellation state file.
|
package state defines the structure of the Constellation state file. |