client

package

v0.7.0 Latest Latest Go to latest Published: Oct 10, 2019 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Boostport/kubernetes-vault

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type ExternalRootCAsResolver
- func (e *ExternalRootCAsResolver) GetRootCAs() ([]byte, *x509.CertPool, error)
type InitContainerStatus
type Kube
- func NewKube(watchNamespace string, logger *logrus.Logger) (*Kube, error)
type Pod
type RenewalConfig
type RootCAResolver
type Vault
- func NewVault(vaultAddr string, token string, skipTokenRoleNameValidation bool, ...) (*Vault, error)
type VaultRootCAsResolver
- func (v *VaultRootCAsResolver) GetRootCAs() ([]byte, *x509.CertPool, error)

Constants ¶

View Source

const (
	RoleAnnotation                = "pod.boostport.com/vault-approle"
	InitContainerAnnotation       = "pod.boostport.com/vault-init-container"
	InitContainerStatusAnnotation = "pod.beta.kubernetes.io/init-container-statuses"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ExternalRootCAsResolver ¶

type ExternalRootCAsResolver struct {
	CAFile string
}

func (*ExternalRootCAsResolver) GetRootCAs ¶

func (e *ExternalRootCAsResolver) GetRootCAs() ([]byte, *x509.CertPool, error)

type InitContainerStatus ¶

type InitContainerStatus struct {
	Name  string
	State map[string]interface{}
}

type Kube ¶

type Kube struct {
	// contains filtered or unexported fields
}

func NewKube ¶

func NewKube(watchNamespace string, logger *logrus.Logger) (*Kube, error)

func (*Kube) Discover ¶

func (k *Kube) Discover(serviceNamespace, service string) ([]string, error)

func (*Kube) GetPods ¶

func (k *Kube) GetPods() ([]Pod, error)

func (*Kube) WatchForPods ¶

func (k *Kube) WatchForPods() (<-chan Pod, chan<- struct{}, error)

type Pod ¶

type Pod struct {
	Name string
	Role string
	Ip   string
	Port int
}

type RenewalConfig ¶

type RenewalConfig struct {
	// contains filtered or unexported fields
}

type RootCAResolver ¶

type RootCAResolver interface {
	GetRootCAs() ([]byte, *x509.CertPool, error)
}

type Vault ¶

type Vault struct {
	// contains filtered or unexported fields
}

func NewVault ¶

func NewVault(vaultAddr string, token string, skipTokenRoleNameValidation bool, kubeServiceName string, wrappingTTL string, caResolver RootCAResolver, logger *logrus.Logger) (*Vault, error)

func (*Vault) GetAndRenewCertificate ¶

func (v *Vault) GetAndRenewCertificate(ip net.IP, backend string, role string) (<-chan tls.Certificate, error)

func (*Vault) GetSecretId ¶

func (v *Vault) GetSecretId(role string) (common.WrappedSecretId, error)

func (*Vault) RootCertificates ¶

func (v *Vault) RootCertificates(roots []string) (*x509.CertPool, error)

func (*Vault) Shutdown ¶

func (v *Vault) Shutdown()

type VaultRootCAsResolver ¶

type VaultRootCAsResolver struct {
	Backends  []string
	VaultAddr string
}

func (*VaultRootCAsResolver) GetRootCAs ¶

func (v *VaultRootCAsResolver) GetRootCAs() ([]byte, *x509.CertPool, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL