Documentation
¶
Overview ¶
Package identitymanager provides an interface, and its implementation, to handle the creation and the issue process of an identity for a remote cluster.
Index ¶
- Constants
- type AwsConfig
- type IdentityManager
- func NewCertificateIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, ...) IdentityManager
- func NewIAMIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, ...) IdentityManager
- func NewIAMIdentityReader(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, ...) IdentityManager
- type IdentityProvider
- type IdentityReader
Constants ¶
const (
// APIServerURLSecretKey key used for the api server url inside the secret.
APIServerURLSecretKey = "apiServerUrl"
)
const (
// CertificateAvailableLabel is the label used to identify the secrets containing a certificate.
CertificateAvailableLabel = "discovery.liqo.io/certificate-available"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AwsConfig ¶ added in v0.3.0
type AwsConfig struct {
AwsAccessKeyID string
AwsSecretAccessKey string
AwsRegion string
AwsClusterName string
}
AwsConfig contains the AWS configuration and access key for the Liqo user and the current EKS cluster.
type IdentityManager ¶
type IdentityManager interface {
IdentityReader
StoreIdentity(ctx context.Context, remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string, key []byte,
remoteProxyURL string, identityResponse *auth.CertificateIdentityResponse) error
}
IdentityManager interface provides the methods to manage identities for the remote clusters.
func NewCertificateIdentityManager ¶
func NewCertificateIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, namespaceManager tenantnamespace.Manager) IdentityManager
NewCertificateIdentityManager gets a new certificate identity manager.
func NewIAMIdentityManager ¶ added in v0.3.0
func NewIAMIdentityManager(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, awsConfig *AwsConfig, namespaceManager tenantnamespace.Manager) IdentityManager
NewIAMIdentityManager gets a new identity manager to handle IAM identities.
func NewIAMIdentityReader ¶ added in v0.3.0
func NewIAMIdentityReader(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, awsConfig *AwsConfig, namespaceManager tenantnamespace.Manager) IdentityManager
NewIAMIdentityReader gets a new identity reader to handle IAM identities.
type IdentityProvider ¶ added in v0.3.0
type IdentityProvider interface {
GetRemoteCertificate(cluster discoveryv1alpha1.ClusterIdentity,
namespace, signingRequest string) (response *responsetypes.SigningRequestResponse, err error)
ApproveSigningRequest(cluster discoveryv1alpha1.ClusterIdentity,
signingRequest string) (response *responsetypes.SigningRequestResponse, err error)
}
IdentityProvider provides the interface to retrieve and approve remote cluster identities.
func NewCertificateIdentityProvider ¶ added in v0.3.0
func NewCertificateIdentityProvider(ctx context.Context, client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, namespaceManager tenantnamespace.Manager) IdentityProvider
NewCertificateIdentityProvider gets a new certificate identity approver.
func NewIAMIdentityProvider ¶ added in v0.3.0
func NewIAMIdentityProvider(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, awsConfig *AwsConfig, namespaceManager tenantnamespace.Manager) IdentityProvider
NewIAMIdentityProvider gets a new identity approver to handle IAM identities.
type IdentityReader ¶ added in v0.3.0
type IdentityReader interface {
GetConfig(remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string) (*rest.Config, error)
GetConfigFromSecret(secret *corev1.Secret) (*rest.Config, error)
GetRemoteTenantNamespace(remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string) (string, error)
GetSecretNamespacedName(remoteCluster discoveryv1alpha1.ClusterIdentity, namespace string) (types.NamespacedName, error)
}
IdentityReader provides the interface to retrieve the identities for the remote clusters.
func NewCertificateIdentityReader ¶ added in v0.3.0
func NewCertificateIdentityReader(client kubernetes.Interface, localCluster discoveryv1alpha1.ClusterIdentity, namespaceManager tenantnamespace.Manager) IdentityReader
NewCertificateIdentityReader gets a new certificate identity reader.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package fake implements mock Identity interfaces for test purposes.
|
Package fake implements mock Identity interfaces for test purposes. |
|
Package responsetypes contains utils for methods responses.
|
Package responsetypes contains utils for methods responses. |
|
Package identitymanagertestutils provides utility funcition for identity manager testing.
|
Package identitymanagertestutils provides utility funcition for identity manager testing. |