spec

package

v0.3.12 Latest Latest Go to latest Published: May 19, 2023 License: Apache-2.0, BSD-3-Clause Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/go-tpm-tools

Links

Open Source Insights

Documentation ¶

Overview ¶

Package spec contains definition of some basic container launch specs needed to launch a container, provided by the operator.

Index ¶

type EnvVar
type LaunchPolicy
- func GetLaunchPolicy(imageLabels map[string]string) (LaunchPolicy, error)
- func (p LaunchPolicy) Verify(ls LaunchSpec) error
type LaunchSpec
- func GetLaunchSpec(client *metadata.Client) (LaunchSpec, error)
- func (s *LaunchSpec) UnmarshalJSON(b []byte) error
type RestartPolicy

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type EnvVar ¶

type EnvVar struct {
	Name  string
	Value string
}

EnvVar represent a single environment variable key/value pair.

type LaunchPolicy ¶ added in v0.3.9

type LaunchPolicy struct {
	AllowedEnvOverride []string
	AllowedCmdOverride bool
	AllowedLogRedirect logRedirectPolicy
}

LaunchPolicy contains policies on starting the container. The policy comes from the labels of the image.

func GetLaunchPolicy ¶ added in v0.3.9

func GetLaunchPolicy(imageLabels map[string]string) (LaunchPolicy, error)

GetLaunchPolicy takes in a map[string] string which should come from image labels, and will try to parse it into a LaunchPolicy. Extra fields will be ignored.

func (LaunchPolicy) Verify ¶ added in v0.3.9

func (p LaunchPolicy) Verify(ls LaunchSpec) error

Verify will use the LaunchPolicy to verify the given LaunchSpec. If the verification passed, will return nil. If there are multiple violations, the function will return the first error.

type LaunchSpec ¶ added in v0.3.10

type LaunchSpec struct {
	// MDS-based values.
	ImageRef                   string
	RestartPolicy              RestartPolicy
	Cmd                        []string
	Envs                       []EnvVar
	AttestationServiceAddr     string
	ImpersonateServiceAccounts []string
	ProjectID                  string
	Region                     string
	Hardened                   bool
	LogRedirect                bool
}

LaunchSpec contains specification set by the operator who wants to launch a container.

func GetLaunchSpec ¶ added in v0.3.10

func GetLaunchSpec(client *metadata.Client) (LaunchSpec, error)

GetLaunchSpec takes in a metadata server client, reads and parse operator's input to the GCE instance custom metadata and return a LaunchSpec. ImageRef (tee-image-reference) is required, will return an error if ImageRef is not presented in the metadata.

func (*LaunchSpec) UnmarshalJSON ¶ added in v0.3.10

func (s *LaunchSpec) UnmarshalJSON(b []byte) error

UnmarshalJSON unmarshals an instance attributes list in JSON format from the metadata server set by an operator to a LaunchSpec.

type RestartPolicy ¶

type RestartPolicy string

RestartPolicy is the enum for the container restart policy.

const (
	Always    RestartPolicy = "Always"
	OnFailure RestartPolicy = "OnFailure"
	Never     RestartPolicy = "Never"
)

Restart Policy enum values.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL