dynamic

package

v0.0.0-...-a2a38d8 Latest Latest Go to latest Published: Apr 17, 2026 License: Apache-2.0 Imports: 32 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Azure/ARO-RP

Links

Open Source Insights

Documentation ¶

Index ¶

type AuthorizerType
type Dynamic
- func NewValidator(log *logrus.Entry, env env.Interface, azEnv *azureclient.AROEnvironment, ...) (Dynamic, error)
type ServicePrincipalValidator
- func NewServicePrincipalValidator(log *logrus.Entry, azEnv *azureclient.AROEnvironment, ...) ServicePrincipalValidator
type Subnet

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthorizerType ¶

type AuthorizerType string

const (
	AuthorizerFirstParty                  AuthorizerType = "resource provider"
	AuthorizerClusterServicePrincipal     AuthorizerType = "cluster"
	AuthorizerClusterUserAssignedIdentity AuthorizerType = "cluster user assigned identity"
	AuthorizerWorkloadIdentity            AuthorizerType = "platform workload identity"
)

type Dynamic ¶

type Dynamic interface {
	ServicePrincipalValidator

	ValidateVnet(ctx context.Context, location string, subnets []Subnet, additionalCIDRs ...string) error
	ValidateSubnets(ctx context.Context, oc *api.OpenShiftCluster, subnets []Subnet) error
	ValidateDiskEncryptionSets(ctx context.Context, oc *api.OpenShiftCluster) error
	ValidateLoadBalancerProfile(ctx context.Context, oc *api.OpenShiftCluster) error
	ValidatePreConfiguredNSGs(ctx context.Context, oc *api.OpenShiftCluster, subnets []Subnet) error
	ValidateClusterUserAssignedIdentity(ctx context.Context, platformIdentities map[string]api.PlatformWorkloadIdentity, roleDefinitions armauthorization.RoleDefinitionsClient) error
	ValidatePlatformWorkloadIdentityProfile(
		ctx context.Context,
		oc *api.OpenShiftCluster,
		platformWorkloadIdentityRolesByRoleName map[string][]api.PlatformWorkloadIdentityRole,
		roleDefinitions armauthorization.RoleDefinitionsClient,
		clusterMsiFederatedIdentityCredentials armmsi.FederatedIdentityCredentialsClient,
		platformWorkloadIdentities map[string]api.PlatformWorkloadIdentity,
	) error
}

Dynamic validate in the operator context.

func NewValidator ¶

func NewValidator(
	log *logrus.Entry,
	env env.Interface,
	azEnv *azureclient.AROEnvironment,
	subscriptionID string,
	authorizer autorest.Authorizer,
	appID *string,
	authorizerType AuthorizerType,
	cred azcore.TokenCredential,
	pdpClient client.RemotePDPClient,
) (Dynamic, error)

type ServicePrincipalValidator ¶

type ServicePrincipalValidator interface {
	ValidateServicePrincipal(ctx context.Context, spTokenCredential azcore.TokenCredential) error
}

func NewServicePrincipalValidator ¶

func NewServicePrincipalValidator(
	log *logrus.Entry,
	azEnv *azureclient.AROEnvironment,
	authorizerType AuthorizerType,
) ServicePrincipalValidator

type Subnet ¶

type Subnet struct {
	// ID is a resource id of the subnet
	ID string

	// Path is a path in the cluster document. For example, properties.workerProfiles[0].subnetId
	Path string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL