Documentation
¶
Index ¶
Constants ¶
const ( Roles = "alpha.kubernetes.io/identity/roles" ProjectID = "alpha.kubernetes.io/identity/project/id" ProjectName = "alpha.kubernetes.io/identity/project/name" DomainID = "alpha.kubernetes.io/identity/user/domain/id" DomainName = "alpha.kubernetes.io/identity/user/domain/name" )
const ( TypeUser string = "user" TypeGroup string = "group" TypeProject string = "project" TypeRole string = "role" )
Supported types for policy match.
const ( Projects = "projects" RoleAssignments = "role_assignments" )
Variables ¶
This section is empty.
Functions ¶
func AddExtraFlags ¶ added in v1.16.0
AddExtraFlags is called by the main package to add component specific command line flags
Types ¶
type Auth ¶ added in v1.25.0
type Auth struct {
// contains filtered or unexported fields
}
Auth manages authentication and authorization
func NewKeystoneAuth ¶ added in v0.2.0
NewKeystoneAuth returns a new KeystoneAuth controller
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
Authenticator contacts openstack keystone to validate user's token passed in the request.
func (*Authenticator) AuthenticateToken ¶
AuthenticateToken checks the token via Keystone call
type Authorizer ¶
type Authorizer struct {
// contains filtered or unexported fields
}
Authorizer contacts openstack keystone to check whether the user can perform requested operations. The keystone endpoint and policy list are passed during apiserver startup
func (*Authorizer) Authorize ¶
func (a *Authorizer) Authorize(attributes authorizer.Attributes) (authorized authorizer.Decision, reason string, err error)
Authorize checks whether the user can perform an operation
type Config ¶ added in v0.2.0
type Config struct {
Address string
CertFile string
KeyFile string
KeystoneURL string
KeystoneCA string
PolicyFile string
PolicyConfigMapName string
SyncConfigFile string
SyncConfigMapName string
Kubeconfig string
}
Config configures a keystone webhook server
func (*Config) AddFlags ¶ added in v0.2.0
AddFlags adds flags for a specific AutoScaler to the specified FlagSet
func (*Config) ValidateFlags ¶ added in v0.2.0
ValidateFlags validates whether flags are set up correctly
type KeystoneAuth ¶ added in v0.2.0
type KeystoneAuth = Auth
revive:disable:exported Deprecated: use Auth instead
type Keystoner ¶ added in v1.18.0
type Keystoner struct {
// contains filtered or unexported fields
}
func NewKeystoner ¶ added in v1.18.0
func NewKeystoner(client *gophercloud.ServiceClient) *Keystoner
func (*Keystoner) GetTokenInfo ¶ added in v1.18.0
revive:disable:unexported-return
type MockIKeystone ¶ added in v1.18.0
MockIKeystone is an autogenerated mock type for the IKeystone type
func (*MockIKeystone) GetGroups ¶ added in v1.18.0
func (_m *MockIKeystone) GetGroups(_a0 string, _a1 string) ([]string, error)
GetGroups provides a mock function with given fields: _a0, _a1
func (*MockIKeystone) GetTokenInfo ¶ added in v1.18.0
func (_m *MockIKeystone) GetTokenInfo(_a0 string) (*tokenInfo, error)
GetTokenInfo provides a mock function with given fields: _a0
type Options ¶ added in v1.14.0
type Options struct {
AuthOptions gophercloud.AuthOptions
ClientCertPath string
ClientKeyPath string
ClientCAPath string
}
Source Files