Documentation
¶
Index ¶
- Constants
- Variables
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type AESConfiguration
- type EncryptionConfiguration
- type IdentityConfiguration
- type KMSConfiguration
- type Key
- type ProviderConfiguration
- type ResourceConfiguration
- type SecretboxConfiguration
Constants ¶
const GroupName = "apiserver.config.k8s.io"
GroupName is the group name use in this package.
Variables ¶
var (
// SchemeBuilder points to a list of functions added to Scheme.
SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
// AddToScheme adds this group to a scheme.
AddToScheme = SchemeBuilder.AddToScheme
)
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
SchemeGroupVersion is group version used to register these objects.
Functions ¶
Types ¶
type AESConfiguration ¶
type AESConfiguration struct {
// keys is a list of keys to be used for creating the AES transformer.
// Each key has to be 32 bytes long for AES-CBC and 16, 24 or 32 bytes for AES-GCM.
Keys []Key
}
AESConfiguration contains the API configuration for an AES transformer.
func (*AESConfiguration) DeepCopy ¶
func (in *AESConfiguration) DeepCopy() *AESConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AESConfiguration.
func (*AESConfiguration) DeepCopyInto ¶
func (in *AESConfiguration) DeepCopyInto(out *AESConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EncryptionConfiguration ¶
type EncryptionConfiguration struct {
metav1.TypeMeta
// resources is a list containing resources, and their corresponding encryption providers.
Resources []ResourceConfiguration
}
EncryptionConfiguration stores the complete configuration for encryption providers.
func (*EncryptionConfiguration) DeepCopy ¶
func (in *EncryptionConfiguration) DeepCopy() *EncryptionConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfiguration.
func (*EncryptionConfiguration) DeepCopyInto ¶
func (in *EncryptionConfiguration) DeepCopyInto(out *EncryptionConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EncryptionConfiguration) DeepCopyObject ¶
func (in *EncryptionConfiguration) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IdentityConfiguration ¶
type IdentityConfiguration struct{}
IdentityConfiguration is an empty struct to allow identity transformer in provider configuration.
func (*IdentityConfiguration) DeepCopy ¶
func (in *IdentityConfiguration) DeepCopy() *IdentityConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityConfiguration.
func (*IdentityConfiguration) DeepCopyInto ¶
func (in *IdentityConfiguration) DeepCopyInto(out *IdentityConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KMSConfiguration ¶
type KMSConfiguration struct {
// name is the name of the KMS plugin to be used.
Name string
// cachesize is the maximum number of secrets which are cached in memory. The default value is 1000.
// Set to a negative value to disable caching.
// +optional
CacheSize *int32
// endpoint is the gRPC server listening address, for example "unix:///var/run/kms-provider.sock".
Endpoint string
// timeout for gRPC calls to kms-plugin (ex. 5s). The default is 3 seconds.
// +optional
Timeout *metav1.Duration
}
KMSConfiguration contains the name, cache size and path to configuration file for a KMS based envelope transformer.
func (*KMSConfiguration) DeepCopy ¶
func (in *KMSConfiguration) DeepCopy() *KMSConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfiguration.
func (*KMSConfiguration) DeepCopyInto ¶
func (in *KMSConfiguration) DeepCopyInto(out *KMSConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Key ¶
type Key struct {
// name is the name of the key to be used while storing data to disk.
Name string
// secret is the actual key, encoded in base64.
Secret string
}
Key contains name and secret of the provided key for a transformer.
func (*Key) DeepCopy ¶
func (in *Key) DeepCopy() *Key
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
func (*Key) DeepCopyInto ¶
func (in *Key) DeepCopyInto(out *Key)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderConfiguration ¶
type ProviderConfiguration struct {
// aesgcm is the configuration for the AES-GCM transformer.
AESGCM *AESConfiguration
// aescbc is the configuration for the AES-CBC transformer.
AESCBC *AESConfiguration
// secretbox is the configuration for the Secretbox based transformer.
Secretbox *SecretboxConfiguration
// identity is the (empty) configuration for the identity transformer.
Identity *IdentityConfiguration
// kms contains the name, cache size and path to configuration file for a KMS based envelope transformer.
KMS *KMSConfiguration
}
ProviderConfiguration stores the provided configuration for an encryption provider.
func (*ProviderConfiguration) DeepCopy ¶
func (in *ProviderConfiguration) DeepCopy() *ProviderConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfiguration.
func (*ProviderConfiguration) DeepCopyInto ¶
func (in *ProviderConfiguration) DeepCopyInto(out *ProviderConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceConfiguration ¶
type ResourceConfiguration struct {
// resources is a list of kubernetes resources which have to be encrypted.
Resources []string
// providers is a list of transformers to be used for reading and writing the resources to disk.
// eg: aesgcm, aescbc, secretbox, identity.
Providers []ProviderConfiguration
}
ResourceConfiguration stores per resource configuration.
func (*ResourceConfiguration) DeepCopy ¶
func (in *ResourceConfiguration) DeepCopy() *ResourceConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceConfiguration.
func (*ResourceConfiguration) DeepCopyInto ¶
func (in *ResourceConfiguration) DeepCopyInto(out *ResourceConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretboxConfiguration ¶
type SecretboxConfiguration struct {
// keys is a list of keys to be used for creating the Secretbox transformer.
// Each key has to be 32 bytes long.
Keys []Key
}
SecretboxConfiguration contains the API configuration for an Secretbox transformer.
func (*SecretboxConfiguration) DeepCopy ¶
func (in *SecretboxConfiguration) DeepCopy() *SecretboxConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretboxConfiguration.
func (*SecretboxConfiguration) DeepCopyInto ¶
func (in *SecretboxConfiguration) DeepCopyInto(out *SecretboxConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
|
Package validation validates EncryptionConfiguration.
|
Package validation validates EncryptionConfiguration. |