proxy

package

v2.0.0-...-1d53c46 Latest Latest Go to latest Published: Jan 25, 2024 License: Apache-2.0 Imports: 38 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/oneblock-ai/steve

Links

Open Source Insights

Documentation ¶

Overview ¶

Package proxy implements the proxy store, which is responsible for interfacing directly with Kubernetes.

Index ¶

func NewProxyStore(clientGetter ClientGetter, notifier RelationshipNotifier, ...) types.Store
type ClientGetter
type Partition
- func (p Partition) Name() string
type RelationshipNotifier
type Store
type WarningBuffer
- func (w *WarningBuffer) HandleWarningHeader(code int, agent string, text string)
type WatchRefresh
- func (w *WatchRefresh) Watch(apiOp *types.APIRequest, schema *types.APISchema, wr types.WatchRequest) (chan types.APIEvent, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewProxyStore ¶

func NewProxyStore(clientGetter ClientGetter, notifier RelationshipNotifier, lookup accesscontrol.AccessSetLookup, namespaceCache corecontrollers.NamespaceCache) types.Store

NewProxyStore returns a wrapped types.Store.

Types ¶

type ClientGetter ¶

type ClientGetter interface {
	IsImpersonating() bool
	K8sInterface(ctx *types.APIRequest) (kubernetes.Interface, error)
	AdminK8sInterface() (kubernetes.Interface, error)
	Client(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error)
	DynamicClient(ctx *types.APIRequest, warningHandler rest.WarningHandler) (dynamic.Interface, error)
	AdminClient(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error)
	TableClient(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error)
	TableAdminClient(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error)
	TableClientForWatch(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error)
	TableAdminClientForWatch(ctx *types.APIRequest, schema *types.APISchema, namespace string, warningHandler rest.WarningHandler) (dynamic.ResourceInterface, error)
}

ClientGetter is a dynamic kubernetes client factory.

type Partition ¶

type Partition struct {
	Namespace   string
	All         bool
	Passthrough bool
	Names       sets.String
}

Partition is an implementation of the partition.Partition interface that uses RBAC to determine how a set of resources should be segregated and accessed.

func (Partition) Name ¶

func (p Partition) Name() string

Name returns the name of the partition, which for this type is the namespace.

type RelationshipNotifier ¶

type RelationshipNotifier interface {
	OnInboundRelationshipChange(ctx context.Context, schema *types.APISchema, namespace string) <-chan *summary.Relationship
}

RelationshipNotifier is an interface for handling wrangler summary.Relationship events.

type Store ¶

type Store struct {
	// contains filtered or unexported fields
}

Store implements partition.UnstructuredStore directly on top of kubernetes.

func (*Store) ByID ¶

func (s *Store) ByID(apiOp *types.APIRequest, schema *types.APISchema, id string) (*unstructured.Unstructured, []types.Warning, error)

ByID looks up a single object by its ID.

func (*Store) ByNames ¶

func (s *Store) ByNames(apiOp *types.APIRequest, schema *types.APISchema, names sets.String) (*unstructured.UnstructuredList, []types.Warning, error)

ByNames filters a list of objects by an allowed set of names. In plain kubernetes, if a user has permission to 'list' or 'watch' a defined set of resource names, performing the list or watch will result in a Forbidden error, because the user does not have permission to list *all* resources. With this filter, the request can be performed successfully, and only the allowed resources will be returned in the list.

func (*Store) Create ¶

func (s *Store) Create(apiOp *types.APIRequest, schema *types.APISchema, params types.APIObject) (*unstructured.Unstructured, []types.Warning, error)

Create creates a single object in the store.

func (*Store) Delete ¶

func (s *Store) Delete(apiOp *types.APIRequest, schema *types.APISchema, id string) (*unstructured.Unstructured, []types.Warning, error)

Delete deletes an object from a store.

func (*Store) List ¶

func (s *Store) List(apiOp *types.APIRequest, schema *types.APISchema) (*unstructured.UnstructuredList, []types.Warning, error)

List returns an unstructured list of resources.

func (*Store) Update ¶

func (s *Store) Update(apiOp *types.APIRequest, schema *types.APISchema, params types.APIObject, id string) (*unstructured.Unstructured, []types.Warning, error)

Update updates a single object in the store.

func (*Store) Watch ¶

func (s *Store) Watch(apiOp *types.APIRequest, schema *types.APISchema, w types.WatchRequest) (chan watch.Event, error)

Watch returns a channel of events for a list or resource.

func (*Store) WatchNames ¶

func (s *Store) WatchNames(apiOp *types.APIRequest, schema *types.APISchema, w types.WatchRequest, names sets.String) (chan watch.Event, error)

WatchNames returns a channel of events filtered by an allowed set of names. In plain kubernetes, if a user has permission to 'list' or 'watch' a defined set of resource names, performing the list or watch will result in a Forbidden error, because the user does not have permission to list *all* resources. With this filter, the request can be performed successfully, and only the allowed resources will be returned in watch.

type WarningBuffer ¶

type WarningBuffer []types.Warning

WarningBuffer holds warnings that may be returned from the kubernetes api

func (*WarningBuffer) HandleWarningHeader ¶

func (w *WarningBuffer) HandleWarningHeader(code int, agent string, text string)

HandleWarningHeader takes the components of a kubernetes warning header and stores them

type WatchRefresh ¶

type WatchRefresh struct {
	types.Store
	// contains filtered or unexported fields
}

WatchRefresh implements types.Store with awareness of changes to the requester's access.

func (*WatchRefresh) Watch ¶

func (w *WatchRefresh) Watch(apiOp *types.APIRequest, schema *types.APISchema, wr types.WatchRequest) (chan types.APIEvent, error)

Watch performs a watch request which halts if the user's access level changes.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL