value

package

v0.30.0 Latest Latest Go to latest Published: Apr 17, 2024 License: Apache-2.0 Imports: 14 Imported by: 194

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/apiserver

Links

Open Source Insights

Documentation ¶

Overview ¶

Package value contains methods for assisting with transformation of values in storage.

Index ¶

func RecordCacheMiss()
func RecordDataKeyGeneration(start time.Time, err error)
func RecordTransformation(transformationType, transformerPrefix string, elapsed time.Duration, err error)
func RegisterMetrics()
type Context
type DefaultContext
- func (c DefaultContext) AuthenticatedData() []byte
type PrefixTransformer
type Read
type ResourceTransformers
type Transformer
- func NewPrefixTransformers(err error, transformers ...PrefixTransformer) Transformer
type Write

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func RecordCacheMiss ¶

func RecordCacheMiss()

RecordCacheMiss records a miss on Key Encryption Key(KEK) - call to KMS was required to decrypt KEK.

func RecordDataKeyGeneration ¶

func RecordDataKeyGeneration(start time.Time, err error)

RecordDataKeyGeneration records latencies and count of Data Encryption Key generation operations.

func RecordTransformation ¶

func RecordTransformation(transformationType, transformerPrefix string, elapsed time.Duration, err error)

RecordTransformation records latencies and count of TransformFromStorage and TransformToStorage operations. Note that transformation_failures_total metric is deprecated, use transformation_operations_total instead.

func RegisterMetrics ¶

func RegisterMetrics()

Types ¶

type Context ¶

type Context interface {
	// AuthenticatedData should return an array of bytes that describes the current value. If the value changes,
	// the transformer may report the value as unreadable or tampered. This may be nil if no such description exists
	// or is needed. For additional verification, set this to data that strongly identifies the value, such as
	// the key and creation version of the stored data.
	AuthenticatedData() []byte
}

Context is additional information that a storage transformation may need to verify the data at rest.

type DefaultContext ¶

type DefaultContext []byte

DefaultContext is a simple implementation of Context for a slice of bytes.

func (DefaultContext) AuthenticatedData ¶

func (c DefaultContext) AuthenticatedData() []byte

AuthenticatedData returns itself.

type PrefixTransformer ¶

type PrefixTransformer struct {
	Prefix      []byte
	Transformer Transformer
}

PrefixTransformer holds a transformer interface and the prefix that the transformation is located under.

type Read ¶ added in v0.28.0

type Read interface {
	// TransformFromStorage may transform the provided data from its underlying storage representation or return an error.
	// Stale is true if the object on disk is stale and a write to etcd should be issued, even if the contents of the object
	// have not changed.
	TransformFromStorage(ctx context.Context, data []byte, dataCtx Context) (out []byte, stale bool, err error)
}

type ResourceTransformers ¶ added in v0.28.0

type ResourceTransformers interface {
	TransformerForResource(resource schema.GroupResource) Transformer
}

ResourceTransformers returns a transformer for the provided resource.

type Transformer ¶

type Transformer interface {
	Read
	Write
}

Transformer allows a value to be transformed before being read from or written to the underlying store. The methods must be able to undo the transformation caused by the other.

func NewPrefixTransformers ¶

func NewPrefixTransformers(err error, transformers ...PrefixTransformer) Transformer

NewPrefixTransformers supports the Transformer interface by checking the incoming data against the provided prefixes in order. The first matching prefix will be used to transform the value (the prefix is stripped before the Transformer interface is invoked). The first provided transformer will be used when writing to the store.

type Write ¶ added in v0.28.0

type Write interface {
	// TransformToStorage may transform the provided data into the appropriate form in storage or return an error.
	TransformToStorage(ctx context.Context, data []byte, dataCtx Context) (out []byte, err error)
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
encrypt
aes Package aes transforms values for storage at rest using AES-GCM.	Package aes transforms values for storage at rest using AES-GCM.
envelope Package envelope transforms values for storage at rest using a Envelope provider	Package envelope transforms values for storage at rest using a Envelope provider
envelope/kmsv2 Package kmsv2 transforms values for storage at rest using a Envelope v2 provider	Package kmsv2 transforms values for storage at rest using a Envelope v2 provider
envelope/kmsv2/v2 Package v2 contains definition of kms-plugin's serialized types.	Package v2 contains definition of kms-plugin's serialized types.
envelope/metrics
envelope/testing/v1beta1
envelope/testing/v2
identity
secretbox Package secretbox transforms values for storage at rest using XSalsa20 and Poly1305.	Package secretbox transforms values for storage at rest using XSalsa20 and Poly1305.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL