fi

package
v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2018 License: Apache-2.0 Imports: 46 Imported by: 0

Documentation

Index

Constants

View Source 
const CertificateId_CA = "ca"
View Source 
const (
	// SecretNameSSHPrimary is the Name for the primary SSH key
	SecretNameSSHPrimary = "admin"
)

Variables

View Source 
var LifecycleNameMap = map[string]Lifecycle{
	"Sync":                     LifecycleSync,
	"Ignore":                   LifecycleIgnore,
	"WarnIfInsufficientAccess": LifecycleWarnIfInsufficientAccess,
	"ExistsAndValidates":       LifecycleExistsAndValidates,
	"ExistsAndWarnIfChanges":   LifecycleExistsAndWarnIfChanges,
}

LifecycleNameMap is used to validate in the UX. When a user provides a lifecycle name it then can be mapped to the actual lifecycle.

View Source 
var Lifecycles = sets.NewString(
	string(LifecycleSync),
	string(LifecycleIgnore),
	string(LifecycleWarnIfInsufficientAccess),
	string(LifecycleExistsAndValidates),
	string(LifecycleExistsAndWarnIfChanges),
)

Lifecycles are used for ux validation. When validation fails the lifecycle names are printed out.

Functions

func Bool 

func Bool(v bool) *bool

func BoolValue 

func BoolValue(v *bool) bool

func BuildCAX509Template added in v1.10.0 

func BuildCAX509Template() *x509.Certificate

func BuildChanges 

func BuildChanges(a, e, changes interface{}) bool

BuildChanges compares the values of a & e, and populates differences into changes, except that if a value is nil in e, the corresponding value in a is ignored. a, e and changes must all be of the same type a is the actual object found, e is the expected value Note that the ignore-nil-in-e logic therefore implements the idea that nil value in e means "don't care" If a is nil, all the non-nil values in e will be copied over to changes, because every field in e must be applied

func BuildTimestampString 

func BuildTimestampString() string

func CannotChangeField 

func CannotChangeField(key string) error

func CopyResource 

func CopyResource(dest io.Writer, r Resource) (int64, error)

func DebugAsJsonString 

func DebugAsJsonString(v interface{}) string

func DebugAsJsonStringIndent 

func DebugAsJsonStringIndent(v interface{}) string

func DebugPrint 

func DebugPrint(o interface{}) string

func DefaultDeltaRunMethod 

func DefaultDeltaRunMethod(e Task, c *Context) error

DefaultDeltaRunMethod implements the standard change-based run procedure: find the existing item; compare properties; call render with (actual, expected, changes)

func DeleteKeysetItem added in v1.10.0 

func DeleteKeysetItem(client kopsinternalversion.KeysetInterface, name string, keysetType kops.KeysetType, id string) error

DeleteKeysetItem deletes the specified key from the registry; deleting the whole keyset if it was the last one

func DownloadURL 

func DownloadURL(url string, dest string, hash *hashing.Hash) (*hashing.Hash, error)

func EnsureFileMode 

func EnsureFileMode(destPath string, fileMode os.FileMode) (bool, error)

func EnsureFileOwner 

func EnsureFileOwner(destPath string, owner string, groupName string) (bool, error)

func FieldIsImmutable added in v1.10.0 

func FieldIsImmutable(newVal, oldVal interface{}, fldPath *field.Path) *field.Error

func FileModeToString 

func FileModeToString(mode os.FileMode) string

func FindPrimary added in v1.10.0 

func FindPrimary(keyset *kops.Keyset) *kops.KeysetItem

FindPrimary returns the primary KeysetItem in the Keyset

func FindTaskDependencies 

func FindTaskDependencies(tasks map[string]Task) map[string][]string

FindTaskDependencies returns a map from each task's key to the discovered list of dependencies

func GuessCloudForZone 

func GuessCloudForZone(zone string) (kops.CloudProviderID, bool)

GuessCloudForZone tries to infer the cloudprovider from the zone name Ali has the same zoneNames as AWS in the regions outside China, so if use AliCloud to install k8s in the regions outside China, the users need to provide parameter "--cloud". But the regions inside China can be easily identified.

func Int 

func Int(v int) *int

func Int32 added in v1.10.0 

func Int32(v int32) *int32

func Int32Value added in v1.10.0 

func Int32Value(v *int32) int32

func Int64 

func Int64(v int64) *int64

Int64 is a helper that builds a *int64 from an int64 value This is similar to aws.Int64, except that we use it for non-AWS values

func Int64Value 

func Int64Value(v *int64) int64

func IntValue 

func IntValue(v *int) int

func IsNilOrEmpty 

func IsNilOrEmpty(s *string) bool

func ParseFileMode 

func ParseFileMode(s string, defaultMode os.FileMode) (os.FileMode, error)

func RequiredField 

func RequiredField(key string) error

func ResourceAsBytes 

func ResourceAsBytes(r Resource) ([]byte, error)

func ResourceAsString 

func ResourceAsString(r Resource) (string, error)

func ResourcesMatch 

func ResourcesMatch(a, b Resource) (bool, error)

func SafeClose 

func SafeClose(r io.Reader)

func SerializeKeyset added in v1.10.0 

func SerializeKeyset(o *kops.Keyset) ([]byte, error)

func String 

func String(s string) *string

String is a helper that builds a *string from a string value This is similar to aws.String, except that we use it for non-AWS values

func StringValue 

func StringValue(s *string) string

func TaskAsString 

func TaskAsString(t Task) string

TaskAsString renders the task for debug output TODO: Use reflection to make this cleaner: don't recurse into tasks - print their names instead also print resources in a cleaner way (use the resource source information?)

func TypeNameForTask added in v1.10.0 

func TypeNameForTask(task interface{}) string

func Uint64Value 

func Uint64Value(v *uint64) uint64

func ValueAsString 

func ValueAsString(value reflect.Value) string

ValueAsString returns a human-readable string representation of the passed value

func WriteFile 

func WriteFile(destPath string, contents Resource, fileMode os.FileMode, dirMode os.FileMode) error

Types

type AssetStore 

type AssetStore struct {
	// contains filtered or unexported fields
}

func NewAssetStore 

func NewAssetStore(cacheDir string) *AssetStore

func (*AssetStore) Add 

func (a *AssetStore) Add(id string) error

Add an asset into the store, in one of the recognized formats (see Assets in types package)

func (*AssetStore) Find 

func (a *AssetStore) Find(key string, assetPath string) (Resource, error)

type ByTaskKey added in v1.10.0 

type ByTaskKey []*render

ByTaskKey sorts []*render by TaskKey (type/name)

func (ByTaskKey) Len added in v1.10.0 

func (a ByTaskKey) Len() int

func (ByTaskKey) Less added in v1.10.0 

func (a ByTaskKey) Less(i, j int) bool

func (ByTaskKey) Swap added in v1.10.0 

func (a ByTaskKey) Swap(i, j int)

type BytesResource 

type BytesResource struct {
	// contains filtered or unexported fields
}

func NewBytesResource 

func NewBytesResource(data []byte) *BytesResource

func (*BytesResource) Open 

func (r *BytesResource) Open() (io.Reader, error)

type CAStore 

type CAStore interface {
	Keystore

	// CertificatePool returns all active certificates with the specified id
	// Deprecated: prefer FindCertificatePool
	CertificatePool(name string, createIfMissing bool) (*CertificatePool, error)

	// FindCertificatePool returns the named CertificatePool, or (nil,nil) if not found
	FindCertificatePool(name string) (*CertificatePool, error)

	// FindCertificateKeyset will return the keyset for a certificate
	FindCertificateKeyset(name string) (*kops.Keyset, error)

	// FindPrivateKey returns the named private key, or (nil,nil) if not found
	FindPrivateKey(name string) (*pki.PrivateKey, error)

	// FindPrivateKeyset will return the keyset for a private key
	FindPrivateKeyset(name string) (*kops.Keyset, error)

	// FindCert returns the specified certificate, if it exists, or nil if not found
	FindCert(name string) (*pki.Certificate, error)

	// ListKeysets will return all the KeySets
	// The key material is not guaranteed to be populated - metadata like the name will be.
	ListKeysets() ([]*kops.Keyset, error)

	// AddCert adds an alternative certificate to the pool (primarily useful for CAs)
	AddCert(name string, cert *pki.Certificate) error

	// DeleteKeysetItem will delete the specified item from the Keyset
	DeleteKeysetItem(item *kops.Keyset, id string) error
}

func NewClientsetCAStore added in v1.10.0 

func NewClientsetCAStore(cluster *kops.Cluster, clientset kopsinternalversion.KopsInterface, namespace string) CAStore

NewClientsetCAStore is the constructor for ClientsetCAStore

type CertificatePool 

type CertificatePool struct {
	Secondary []*pki.Certificate
	Primary   *pki.Certificate
}

func (*CertificatePool) All added in v1.10.0 

func (c *CertificatePool) All() []*pki.Certificate

func (*CertificatePool) AsString 

func (c *CertificatePool) AsString() (string, error)

type ClientsetCAStore added in v1.10.0 

type ClientsetCAStore struct {
	// contains filtered or unexported fields
}

ClientsetCAStore is a CAStore implementation that stores keypairs in Keyset on a API server

func (*ClientsetCAStore) AddCert added in v1.10.0 

func (c *ClientsetCAStore) AddCert(name string, cert *pki.Certificate) error

AddCert implements CAStore::AddCert

func (*ClientsetCAStore) AddSSHPublicKey added in v1.10.0 

func (c *ClientsetCAStore) AddSSHPublicKey(name string, pubkey []byte) error

AddSSHPublicKey implements CAStore::AddSSHPublicKey

func (*ClientsetCAStore) CertificatePool added in v1.10.0 

func (c *ClientsetCAStore) CertificatePool(id string, createIfMissing bool) (*CertificatePool, error)

CertificatePool implements CAStore::CertificatePool

func (*ClientsetCAStore) CreateKeypair added in v1.10.0 

func (c *ClientsetCAStore) CreateKeypair(signer string, id string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error)

CreateKeypair implements CAStore::CreateKeypair

func (*ClientsetCAStore) DeleteKeysetItem added in v1.10.0 

func (c *ClientsetCAStore) DeleteKeysetItem(item *kops.Keyset, id string) error

DeleteKeysetItem implements CAStore::DeleteKeysetItem

func (*ClientsetCAStore) DeleteSSHCredential added in v1.10.0 

func (c *ClientsetCAStore) DeleteSSHCredential(item *kops.SSHCredential) error

DeleteSSHCredential implements SSHCredentialStore::DeleteSSHCredential

func (*ClientsetCAStore) FindCert added in v1.10.0 

func (c *ClientsetCAStore) FindCert(name string) (*pki.Certificate, error)

FindCert implements CAStore::FindCert

func (*ClientsetCAStore) FindCertificateKeyset added in v1.10.0 

func (c *ClientsetCAStore) FindCertificateKeyset(name string) (*kops.Keyset, error)

FindCertificateKeyset implements CAStore::FindCertificateKeyset

func (*ClientsetCAStore) FindCertificatePool added in v1.10.0 

func (c *ClientsetCAStore) FindCertificatePool(name string) (*CertificatePool, error)

FindCertificatePool implements CAStore::FindCertificatePool

func (*ClientsetCAStore) FindKeypair added in v1.10.0 

func (c *ClientsetCAStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, KeysetFormat, error)

FindKeypair implements CAStore::FindKeypair

func (*ClientsetCAStore) FindPrivateKey added in v1.10.0 

func (c *ClientsetCAStore) FindPrivateKey(name string) (*pki.PrivateKey, error)

FindPrivateKey implements CAStore::FindPrivateKey

func (*ClientsetCAStore) FindPrivateKeyset added in v1.10.0 

func (c *ClientsetCAStore) FindPrivateKeyset(name string) (*kops.Keyset, error)

FindPrivateKeyset implements CAStore::FindPrivateKeyset

func (*ClientsetCAStore) FindSSHPublicKeys added in v1.10.0 

func (c *ClientsetCAStore) FindSSHPublicKeys(name string) ([]*kops.SSHCredential, error)

FindSSHPublicKeys implements CAStore::FindSSHPublicKeys

func (*ClientsetCAStore) IssueCert added in v1.10.0 

func (c *ClientsetCAStore) IssueCert(signer string, name string, serial *big.Int, privateKey *pki.PrivateKey, template *x509.Certificate) (*pki.Certificate, error)

IssueCert implements CAStore::IssueCert

func (*ClientsetCAStore) ListKeysets added in v1.10.0 

func (c *ClientsetCAStore) ListKeysets() ([]*kops.Keyset, error)

ListKeysets implements CAStore::ListKeysets

func (*ClientsetCAStore) ListSSHCredentials added in v1.10.0 

func (c *ClientsetCAStore) ListSSHCredentials() ([]*kops.SSHCredential, error)

ListSSHCredentials implements SSHCredentialStore::ListSSHCredentials

func (*ClientsetCAStore) MirrorTo added in v1.10.0 

func (c *ClientsetCAStore) MirrorTo(basedir vfs.Path) error

func (*ClientsetCAStore) StoreKeypair added in v1.10.0 

func (c *ClientsetCAStore) StoreKeypair(name string, cert *pki.Certificate, privateKey *pki.PrivateKey) error

StoreKeypair implements CAStore::StoreKeypair

type Cloud 

type Cloud interface {
	ProviderID() kops.CloudProviderID

	DNS() (dnsprovider.Interface, error)

	// FindVPCInfo looks up the specified VPC by id, returning info if found, otherwise (nil, nil)
	FindVPCInfo(id string) (*VPCInfo, error)

	// DeleteInstance deletes a cloud instance
	DeleteInstance(instance *cloudinstances.CloudInstanceGroupMember) error

	// DeleteGroup deletes the cloud resources that make up a CloudInstanceGroup, including the instances
	DeleteGroup(group *cloudinstances.CloudInstanceGroup) error

	// GetCloudGroups returns a map of cloud instances that back a kops cluster
	GetCloudGroups(cluster *kops.Cluster, instancegroups []*kops.InstanceGroup, warnUnmatched bool, nodes []v1.Node) (map[string]*cloudinstances.CloudInstanceGroup, error)
}

type CompareWithID 

type CompareWithID interface {
	CompareWithID() *string
}

CompareWithID indicates that the value should be compared by the returned ID value (instead of a deep comparison) Most Tasks implement this, because typically when a Task references another task, it only is concerned with being linked to that task, not the values of the task. For example, when an instance is linked to a disk, it cares that the disk is attached to that instance, not the size or speed of the disk.

type Context 

type Context struct {
	Tmpdir string

	Target            Target
	DNS               dnsprovider.Interface
	Cloud             Cloud
	Cluster           *kops.Cluster
	Keystore          Keystore
	SecretStore       SecretStore
	ClusterConfigBase vfs.Path

	CheckExisting bool
	// contains filtered or unexported fields
}

func NewContext 

func NewContext(target Target, cluster *kops.Cluster, cloud Cloud, keystore Keystore, secretStore SecretStore, clusterConfigBase vfs.Path, checkExisting bool, tasks map[string]Task) (*Context, error)

func (*Context) AddWarning added in v1.10.0 

func (c *Context) AddWarning(task Task, message string)

AddWarning records a warning encountered during validation / creation. Typically this will be an error that we choose to ignore because of Lifecycle.

func (*Context) AllTasks 

func (c *Context) AllTasks() map[string]Task

func (*Context) Close 

func (c *Context) Close()

func (*Context) NewTempDir 

func (c *Context) NewTempDir(prefix string) (string, error)

func (*Context) Render 

func (c *Context) Render(a, e, changes Task) error

Render dispatches the creation of an object to the appropriate handler defined on the Task, it is typically called after we have checked the existing state of the Task and determined that is different from the desired state.

func (*Context) RunTasks 

func (c *Context) RunTasks(options RunTasksOptions) error

type Deletion 

type Deletion interface {
	Delete(target Target) error

	TaskName() string
	Item() string
}

type DeletionByTaskName added in v1.10.0 

type DeletionByTaskName []Deletion

DeletionByTaskName sorts []Deletion by TaskName

func (DeletionByTaskName) Len added in v1.10.0 

func (a DeletionByTaskName) Len() int

func (DeletionByTaskName) Less added in v1.10.0 

func (a DeletionByTaskName) Less(i, j int) bool

func (DeletionByTaskName) Swap added in v1.10.0 

func (a DeletionByTaskName) Swap(i, j int)

type DryRunTarget 

type DryRunTarget struct {
	// contains filtered or unexported fields
}

DryRunTarget is a special Target that does not execute anything, but instead tracks all changes. By running against a DryRunTarget, a list of changes that would be made can be easily collected, without any special support from the Tasks.

func NewDryRunTarget 

func NewDryRunTarget(assetBuilder *assets.AssetBuilder, out io.Writer) *DryRunTarget

func (*DryRunTarget) Delete 

func (t *DryRunTarget) Delete(deletion Deletion) error

func (*DryRunTarget) Finish 

func (t *DryRunTarget) Finish(taskMap map[string]Task) error

Finish is called at the end of a run, and prints a list of changes to the configured Writer

func (*DryRunTarget) HasChanges 

func (t *DryRunTarget) HasChanges() bool

HasChanges returns true iff any changes would have been made

func (*DryRunTarget) PrintReport 

func (t *DryRunTarget) PrintReport(taskMap map[string]Task, out io.Writer) error

func (*DryRunTarget) ProcessDeletions added in v1.10.0 

func (t *DryRunTarget) ProcessDeletions() bool

func (*DryRunTarget) Render 

func (t *DryRunTarget) Render(a, e, changes Task) error

type ExistsAndWarnIfChangesError added in v1.10.0 

type ExistsAndWarnIfChangesError struct {
	// contains filtered or unexported fields
}

ExistsAndWarnIfChangesError is the custom error return for fi.LifecycleExistsAndWarnIfChanges. This error is used when an object needs to fail validation, but let the user proceed with a warning.

func NewExistsAndWarnIfChangesError added in v1.10.0 

func NewExistsAndWarnIfChangesError(message string) *ExistsAndWarnIfChangesError

NewWarnIfInsufficientAccessError is a builder for ExistsAndWarnIfChangesError.

func (*ExistsAndWarnIfChangesError) Error added in v1.10.0 

func (e *ExistsAndWarnIfChangesError) Error() string

ExistsAndWarnIfChangesError implementation of the error interface.

type FileResource 

type FileResource struct {
	Path string
}

func NewFileResource 

func NewFileResource(path string) *FileResource

func (*FileResource) Open 

func (r *FileResource) Open() (io.Reader, error)

type Group 

type Group struct {
	Name string
	Gid  int
}

func LookupGroup 

func LookupGroup(name string) (*Group, error)

func LookupGroupById 

func LookupGroupById(gid int) (*Group, error)

type HasAddress 

type HasAddress interface {
	// FindIPAddress returns the address associated with the implementor.  If there is no address, returns (nil, nil)
	FindIPAddress(context *Context) (*string, error)
}

HasAddress is implemented by elastic/floating IP addresses, to expose the address For example, this is used so that the master SSL certificate can be configured with the dynamically allocated IP

type HasCheckExisting 

type HasCheckExisting interface {
	CheckExisting(c *Context) bool
}

type HasDependencies 

type HasDependencies interface {
	GetDependencies(tasks map[string]Task) []Task
}

type HasLifecycle added in v1.10.0 

type HasLifecycle interface {
	GetLifecycle() *Lifecycle
	// SetLifecycle is used to override a tasks lifecycle. If a lifecycle override exists for a specific task name, then the
	// lifecycle is modified.
	SetLifecycle(lifecycle Lifecycle)
}

HasLifecycle indicates that the task has a Lifecycle

type HasName 

type HasName interface {
	GetName() *string
	SetName(name string)
}

HasName indicates that the task has a Name

type HasSource 

type HasSource interface {
	GetSource() *Source
}

type HasVFSPath added in v1.10.0 

type HasVFSPath interface {
	VFSPath() vfs.Path
}

HasVFSPath is implemented by keystore & other stores that use a VFS path as their backing store

type KeysetFormat added in v1.10.0 

type KeysetFormat string
const (
	KeysetFormatLegacy   KeysetFormat = "legacy"
	KeysetFormatV1Alpha2 KeysetFormat = "v1alpha2"
)

type Keystore added in v1.10.0 

type Keystore interface {
	// FindKeypair finds a cert & private key, returning nil where either is not found
	// (if the certificate is found but not keypair, that is not an error: only the cert will be returned).
	// This func returns a cert, private key and a string.  The string value is the Format of the keystore which is either
	// an empty string, which denotes a Legacy Keypair, or a value of "Keypair".  This string is used by a keypair
	// task convert a Legacy Keypair to the new Keypair API format.
	FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, KeysetFormat, error)

	CreateKeypair(signer string, name string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error)

	// StoreKeypair writes the keypair to the store
	StoreKeypair(id string, cert *pki.Certificate, privateKey *pki.PrivateKey) error

	// MirrorTo will copy secrets to a vfs.Path, which is often easier for a machine to read
	MirrorTo(basedir vfs.Path) error
}

Keystore contains just the functions we need to issue keypairs, not to list / manage them

type KeystoreItem 

type KeystoreItem struct {
	Type kops.KeysetType
	Name string
	Id   string
	Data []byte
}

type Lifecycle added in v1.10.0 

type Lifecycle string
const (
	// LifecycleSync should do the normal synchronization
	LifecycleSync Lifecycle = "Sync"

	// LifecycleIgnore will skip the task
	LifecycleIgnore Lifecycle = "Ignore"

	// LifecycleWarnIfInsufficientAccess will warn but ignore the task if there is an error during the find
	LifecycleWarnIfInsufficientAccess Lifecycle = "WarnIfInsufficientAccess"

	// LifecycleExistsAndValidates will check that the task exists and is the same
	LifecycleExistsAndValidates Lifecycle = "ExistsAndValidates"

	// LifecycleExistsAndWarnIfChanges will check that the task exists and will warn on changes, but then ignore them
	LifecycleExistsAndWarnIfChanges Lifecycle = "ExistsAndWarnIfChanges"
)

type ModelBuilder added in v1.10.0 

type ModelBuilder interface {
	Build(context *ModelBuilderContext) error
}

ModelBuilder allows for plugins that configure an aspect of the model, based on the configuration

type ModelBuilderContext added in v1.10.0 

type ModelBuilderContext struct {
	Tasks              map[string]Task
	LifecycleOverrides map[string]Lifecycle
}

ModelBuilderContext is a context object that holds state we want to pass to ModelBuilder

func (*ModelBuilderContext) AddTask added in v1.10.0 

func (c *ModelBuilderContext) AddTask(task Task)

func (*ModelBuilderContext) EnsureTask added in v1.10.0 

func (c *ModelBuilderContext) EnsureTask(task Task) error

EnsureTask ensures that the specified task is configured. It adds the task if it does not already exist. If it does exist, it verifies that the existing task reflect.DeepEqual the new task, if they are different an error is returned.

type ProducesDeletions 

type ProducesDeletions interface {
	FindDeletions(*Context) ([]Deletion, error)
}

type Resource 

type Resource interface {
	Open() (io.Reader, error)
}

type ResourceHolder 

type ResourceHolder struct {
	Name     string
	Resource Resource
}

ResourceHolder is used in JSON/YAML models; it holds a resource but renders to/from a string After unmarshalling, the resource should be found by Name, and set on Resource

func WrapResource 

func WrapResource(r Resource) *ResourceHolder

WrapResource creates a ResourceHolder for the specified resource

func (*ResourceHolder) AsBytes 

func (o *ResourceHolder) AsBytes() ([]byte, error)

AsString returns the value of the resource as a byte-slice

func (*ResourceHolder) AsString 

func (o *ResourceHolder) AsString() (string, error)

AsString returns the value of the resource as a string

func (*ResourceHolder) Open 

func (o *ResourceHolder) Open() (io.Reader, error)

Open implements the Open method of the Resource interface

func (*ResourceHolder) UnmarshalJSON 

func (o *ResourceHolder) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the special JSON marshalling for the resource, rendering the name

func (*ResourceHolder) Unwrap 

func (o *ResourceHolder) Unwrap() Resource

Unwrap returns the underlying resource

type RunTasksOptions added in v1.10.0 

type RunTasksOptions struct {
	MaxTaskDuration         time.Duration
	WaitAfterAllTasksFailed time.Duration
}

func (*RunTasksOptions) InitDefaults added in v1.10.0 

func (o *RunTasksOptions) InitDefaults()

type SSHCredentialStore added in v1.10.0 

type SSHCredentialStore interface {
	// DeleteSSHCredential deletes the specified SSH credential
	DeleteSSHCredential(item *kops.SSHCredential) error

	// ListSSHCredentials will list all the SSH credentials
	ListSSHCredentials() ([]*kops.SSHCredential, error)

	// AddSSHPublicKey adds an SSH public key
	AddSSHPublicKey(name string, data []byte) error

	// FindSSHPublicKeys retrieves the SSH public keys with the specific name
	FindSSHPublicKeys(name string) ([]*kops.SSHCredential, error)
}

SSHCredentialStore holds SSHCredential objects

func NewClientsetSSHCredentialStore added in v1.10.0 

func NewClientsetSSHCredentialStore(cluster *kops.Cluster, clientset kopsinternalversion.KopsInterface, namespace string) SSHCredentialStore

NewClientsetSSHCredentialStore creates an SSHCredentialStore backed by an API client

func NewVFSSSHCredentialStore added in v1.10.0 

func NewVFSSSHCredentialStore(cluster *kops.Cluster, basedir vfs.Path) SSHCredentialStore

NewVFSSSHCredentialStore creates a SSHCredentialStore backed by VFS

type Secret 

type Secret struct {
	Data []byte
}

func CreateSecret 

func CreateSecret() (*Secret, error)

func (*Secret) AsString 

func (s *Secret) AsString() (string, error)

type SecretStore 

type SecretStore interface {
	// Secret returns a secret.  Returns an error if not found
	Secret(id string) (*Secret, error)
	// DeleteSecret deletes the specified secret
	DeleteSecret(id string) error
	// FindSecret finds a secret, if exists.  Returns nil,nil if not found
	FindSecret(id string) (*Secret, error)
	// GetOrCreateSecret creates a secret
	GetOrCreateSecret(id string, secret *Secret) (current *Secret, created bool, err error)
	// ReplaceSecret will forcefully update an existing secret if it exists
	ReplaceSecret(id string, secret *Secret) (current *Secret, err error)
	// ListSecrets lists the ids of all known secrets
	ListSecrets() ([]string, error)

	// MirrorTo will copy secrets to a vfs.Path, which is often easier for a machine to read
	MirrorTo(basedir vfs.Path) error
}

type Source 

type Source struct {
	Parent             *Source
	URL                string
	Hash               *hashing.Hash
	ExtractFromArchive string
}

func (*Source) Key 

func (s *Source) Key() string

Builds a unique key for this source

func (*Source) String 

func (s *Source) String() string

type StringResource 

type StringResource struct {
	// contains filtered or unexported fields
}

func NewStringResource 

func NewStringResource(s string) *StringResource

func (*StringResource) MarshalJSON added in v1.10.0 

func (r *StringResource) MarshalJSON() ([]byte, error)

func (*StringResource) Open 

func (s *StringResource) Open() (io.Reader, error)

type SubnetInfo added in v1.10.0 

type SubnetInfo struct {
	ID   string
	Zone string
	CIDR string
}

type Target 

type Target interface {
	// Lifecycle methods, called by the driver
	Finish(taskMap map[string]Task) error

	// ProcessDeletions returns true if we should delete resources
	// Some providers (e.g. Terraform) actively keep state, and will delete resources automatically
	ProcessDeletions() bool
}

type Task 

type Task interface {
	Run(*Context) error
}

type TemplateResource 

type TemplateResource interface {
	Resource
	Curry(args []string) TemplateResource
}

type User 

type User struct {
	Name    string
	Uid     int
	Gid     int
	Comment string
	Home    string
	Shell   string
}

func LookupUser 

func LookupUser(name string) (*User, error)

func LookupUserById 

func LookupUserById(uid int) (*User, error)

type VFSCAStore 

type VFSCAStore struct {

	// SerialGenerator is the function for generating certificate serial numbers
	// It can be replaced for testing purposes.
	SerialGenerator func() *big.Int
	// contains filtered or unexported fields
}

func NewVFSCAStore 

func NewVFSCAStore(cluster *kops.Cluster, basedir vfs.Path, allowList bool) *VFSCAStore

func (*VFSCAStore) AddCert 

func (c *VFSCAStore) AddCert(name string, cert *pki.Certificate) error

func (*VFSCAStore) AddSSHPublicKey 

func (c *VFSCAStore) AddSSHPublicKey(name string, pubkey []byte) error

AddSSHPublicKey stores an SSH public key

func (*VFSCAStore) CertificatePool 

func (c *VFSCAStore) CertificatePool(id string, createIfMissing bool) (*CertificatePool, error)

func (*VFSCAStore) CreateKeypair 

func (c *VFSCAStore) CreateKeypair(signer string, id string, template *x509.Certificate, privateKey *pki.PrivateKey) (*pki.Certificate, error)

func (*VFSCAStore) DeleteKeysetItem added in v1.10.0 

func (c *VFSCAStore) DeleteKeysetItem(item *kops.Keyset, id string) error

DeleteKeysetItem implements CAStore::DeleteKeysetItem

func (*VFSCAStore) DeleteSSHCredential added in v1.10.0 

func (c *VFSCAStore) DeleteSSHCredential(item *kops.SSHCredential) error

func (*VFSCAStore) FindCert 

func (c *VFSCAStore) FindCert(name string) (*pki.Certificate, error)

func (*VFSCAStore) FindCertificateKeyset added in v1.10.0 

func (c *VFSCAStore) FindCertificateKeyset(name string) (*kops.Keyset, error)

func (*VFSCAStore) FindCertificatePool 

func (c *VFSCAStore) FindCertificatePool(name string) (*CertificatePool, error)

func (*VFSCAStore) FindKeypair added in v1.10.0 

func (c *VFSCAStore) FindKeypair(id string) (*pki.Certificate, *pki.PrivateKey, KeysetFormat, error)

func (*VFSCAStore) FindPrivateKey 

func (c *VFSCAStore) FindPrivateKey(id string) (*pki.PrivateKey, error)

func (*VFSCAStore) FindPrivateKeyset added in v1.10.0 

func (c *VFSCAStore) FindPrivateKeyset(name string) (*kops.Keyset, error)

func (*VFSCAStore) FindSSHPublicKeys 

func (c *VFSCAStore) FindSSHPublicKeys(name string) ([]*kops.SSHCredential, error)

func (*VFSCAStore) IssueCert 

func (c *VFSCAStore) IssueCert(signer string, id string, serial *big.Int, privateKey *pki.PrivateKey, template *x509.Certificate) (*pki.Certificate, error)

func (*VFSCAStore) ListKeysets added in v1.10.0 

func (c *VFSCAStore) ListKeysets() ([]*kops.Keyset, error)

ListKeysets implements CAStore::ListKeysets

func (*VFSCAStore) ListSSHCredentials added in v1.10.0 

func (c *VFSCAStore) ListSSHCredentials() ([]*kops.SSHCredential, error)

ListSSHCredentials implements SSHCredentialStore::ListSSHCredentials

func (*VFSCAStore) MirrorTo added in v1.10.0 

func (c *VFSCAStore) MirrorTo(basedir vfs.Path) error

MirrorTo will copy keys to a vfs.Path, which is often easier for a machine to read

func (*VFSCAStore) StoreKeypair added in v1.10.0 

func (c *VFSCAStore) StoreKeypair(name string, cert *pki.Certificate, privateKey *pki.PrivateKey) error

func (*VFSCAStore) VFSPath 

func (s *VFSCAStore) VFSPath() vfs.Path

type VFSResource 

type VFSResource struct {
	Path vfs.Path
}

func NewVFSResource 

func NewVFSResource(path vfs.Path) *VFSResource

func (*VFSResource) Open 

func (r *VFSResource) Open() (io.Reader, error)

type VPCInfo added in v1.10.0 

type VPCInfo struct {
	// CIDR is the IP address range for the VPC
	CIDR string

	// Subnets is a list of subnets that are part of the VPC
	Subnets []*SubnetInfo
}

type Warning added in v1.10.0 

type Warning struct {
	Task    Task
	Message string
}

Warning holds the details of a warning encountered during validation/creation

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.
JackTT - Gopher 🇻🇳