hub

package
v0.0.0-...-baeb756 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2020 License: MPL-2.0 Imports: 15 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	MembershipStateCodeUnspecified stateString = "CODE_UNSPECIFIED"
	MembershipStateCreating                    = "CREATING"         // CREATING indicates the cluster is being registered.
	MembershipStateReady                       = "READY"            // READY indicates the cluster is registered.
	MembershipStateDeleting                    = "DELETING"         // DELETING indicates that the cluster is being unregistered.
	MembershipStateUpdating                    = "UPDATING"         // indicates the Membership is being updated.
	MembershipStateServiceUpdating             = "SERVICE_UPDATING" // indicates the Membership is being updated by the Hub Service.
)

Code indicating the state of the Membership resource

Variables

This section is empty.

Functions

func CreateMembership 

func CreateMembership(project string, membershipID string, description string, gkeClusterSelfLink string, issuerURL string, k8sAuth k8s.Auth) (membershipUUID string, err error)

CreateMembership creates a membership GKEHub resource

func DeleteMembership 

func DeleteMembership(project string, membershipID string, description string, gkeClusterSelfLink string, issuerURL string, k8sAuth k8s.Auth, deleteArtifacts bool) error

DeleteMembership deletes a membership GKEHub resource

func GetMembership 

func GetMembership(project string, membershipID string, description string, gkeClusterSelfLink string, issuerURL string, k8sAuth k8s.Auth) error

GetMembership gets a Membership resource from the GKEHub API

func GetOptionsWithCreds 

func GetOptionsWithCreds(project string) (option.ClientOption, error)

GetOptionsWithCreds initializes a GKEhub client object

Types

type Authority 

type Authority struct {
	// An JWT issuer URI.\nGoogle will attempt OIDC discovery on this URI,
	// and allow valid OIDC tokens\nfrom this issuer to authenticate within
	// the below identity namespace.
	Issuer string `json:"Issuer"`

	// Output only. The identity namespace in which the issuer will be recognized.
	IdentityNamespace string `json:"identityNamespace"`

	// Output only. An identity provider that reflects this issuer in the identity namespace.
	IdentityProvider string `json:"identityProvider"`
}

Authority encodes how Google will recognize identities from this Membership. A workload with a token from this oidc_issuer can call the IAM credentials API for the provided identity_namespace and identity_provider; the workload will receive a Google OAuth token that it can use for further API calls. See the workload identity documentation for more details: https:\/\/cloud.google.com\/kubernetes-engine\/docs\/how-to\/workload-identity

type Client 

type Client struct {
	Resource Resource
	K8S      K8S
	// contains filtered or unexported fields
}

Client is a Google Connect Hub client, which may be used to manage hub memberships with a project. It must be constructed via NewClient.

func NewClient 

func NewClient(ctx context.Context, projectID string, k8sAuth k8s.Auth) (*Client, error)

NewClient creates a GKE hub client

func (*Client) CallCreateMembershipAPI 

func (c *Client) CallCreateMembershipAPI(membershipID string) (HTTPResult, error)

CallCreateMembershipAPI creates a hub membership The client object should already contain the updated resource component updated in another method

func (*Client) CheckOperation 

func (c *Client) CheckOperation(operationName string) error

CheckOperation checks a hub operation status and returns true if the operation is done

func (*Client) CreateMembership 

func (c *Client) CreateMembership(membershipID string) error

CreateMembership creates a hub membership The client object should already contain the updated resource component updated in another method

func (*Client) DeleteMembership 

func (c *Client) DeleteMembership() error

DeleteMembership deletes a hub membership The client object should already contain the updated resource component updated in another method

func (*Client) GenerateConnectManifest 

func (c *Client) GenerateConnectManifest(proxy string, namespace string, version string, isUpgrade bool, registry string, imagePullSecretContent string) (k8s.ConnectManifestResponse, error)

GenerateConnectManifest asks the gkehub API for a gke-connect-agent manifest

func (*Client) GenerateExclusivity 

func (c *Client) GenerateExclusivity(membershipID string) error

GenerateExclusivity checks the cluster exclusivity against the API

func (*Client) GetKubeArtifacts 

func (c *Client) GetKubeArtifacts() error

GetKubeArtifacts grabs the K8s CRD and manifest resource if existing

func (*Client) GetKubeUUID 

func (c *Client) GetKubeUUID() error

GetKubeUUID grabs the namespace UID of the K8s cluster

func (*Client) GetMembership 

func (c *Client) GetMembership(membershipID string, checkNotExisting bool) error

GetMembership gets details of a hub membership. This method also initializes/updates the client component

func (*Client) ValidateExclusivity 

func (c *Client) ValidateExclusivity(membershipID string) error

ValidateExclusivity checks the cluster exclusivity against the API

type ConnectAgent 

type ConnectAgent struct {
	Proxy                  string
	Namespace              string
	Version                string
	IsUpgrade              bool
	Registry               string
	ImagePullSecretContent string
	Response               k8s.ConnectManifestResponse
	GCPSAKey               string
}

ConnectAgent holds info needed to request and process a gke-connect-agent object

func (ConnectAgent) InstallOrUpdateConnectAgent 

func (ca ConnectAgent) InstallOrUpdateConnectAgent(project string, membershipID string, k8sAuth k8s.Auth) error

InstallOrUpdateConnectAgent retrieves the connect-agent manifests from the gke api and installs or update them into a Kubernetes cluster

type GKECluster 

type GKECluster struct {
	// Self-link of the GCP resource for the GKE cluster. For example:
	// \/\/container.googleapis.com\/v1\/projects\/my-project\/zones\/us-west1-a\/clusters\/my-cluster
	// It can be at the most 1000 characters in length
	ResourceLink string `json:"resourceLink"`
}

GKECluster represents a k8s cluster on GKE.

type GRCPResponse 

type GRCPResponse struct {
	Status GRCPResponseStatus `json:"status"`
}

GRCPResponse follows the https://cloud.google.com/apis/design/errors Code must be one of the following https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto

type GRCPResponseStatus 

type GRCPResponseStatus struct {
	// Code contains the validation result. As such,
	// * OK means that exclusivity may be obtained if the manifest produced by
	// GenerateExclusivityManifest can successfully be applied.
	// * ALREADY_EXISTS means that the Membership CRD is already owned by another
	// Hub. See status.message for more information when this occurs
	Code    int32                  `json:"code"`
	Message string                 `json:"message"`
	Details map[string]interface{} `json:"details"`
}

GRCPResponseStatus is the inner GRCPResponse struct

type HTTPResult 

type HTTPResult map[string]interface{}

HTTPResult is used to store the result of an http request

func DecodeHTTPResult 

func DecodeHTTPResult(httpBody io.ReadCloser) (HTTPResult, error)

DecodeHTTPResult decodes an http response body

type K8S 

type K8S struct {
	CRManifest  string
	CRDManifest string
	Auth        k8s.Auth // K8s auth info
	UUID        string   // default namespace UID
}

K8S contains the membership K8S manifests

type MembershipEndpoint 

type MembershipEndpoint struct {
	// If this Membership is a Kubernetes API server hosted on GKE, this is a
	// self link to its GCP resource.
	GKECluster GKECluster `json:"gkeCluster"`
}

MembershipEndpoint contains a map with a membership's endpoint information At the moment it only has gke options

type MembershipState 

type MembershipState struct {
	Code        stateString `json:"code"`
	Description string      `json:"description"` //Human readable description of the issue.\nThis field is deprecated, and is never set by the Hub Service.
	UpdateTime  time.Time   `json:"updateTime"`
}

MembershipState contains the status of a membership

type ParentRef 

type ParentRef string

ParentRef is the resource name of the parent collection of a membership.

func GetParentRef 

func GetParentRef(project string, location string) ParentRef

GetParentRef gets the resource name of the parent collection of a membership.

type Resource 

type Resource struct {
	// Output only. The unique name of this domain resource in the format:
	// \n`projects\/[project_id]\/locations\/global\/memberships\/[membership_id]`.\n`membership_id`
	// can only be set at creation time using the `membership_id`\nfield in
	// the creation request. `membership_id` must be a valid RFC 1123\ncompliant
	// DNS label. In particular, it must be:\n  1. At most 63 characters in length\n  2. It must consist of lower case alphanumeric characters or `-`\n  3. It must start and end with an alphanumeric character\nI.e. `membership_id` must match the regex:
	// `[a-z0-9]([-a-z0-9]*[a-z0-9])?`\nwith at most 63 characters.
	Name string `json:"name"`

	// GCP labels for this membership."
	Labels string `json:"labels"`

	// Required. Description of this membership, limited to 63 characters.
	// It must match the regex: `a-zA-Z0-9*`
	Description string `json:"description"`

	Endpoint MembershipEndpoint `json:"endpoint"`

	// State is the current status of the membership
	State MembershipState `json:"state"`

	// How to identify workloads from this Membership.
	// See the documentation on workload identity for more details:
	// https:\/\/cloud.google.com\/kubernetes-engine\/docs\/how-to\/workload-identity
	Authority Authority `json:"authority"`

	// Output only. Timestamp for when the Membership was created.
	CreateTime time.Time `json:"createTime"`

	// Output only. Timestamp for when the Membership was last updated.
	UpdateTime time.Time `json:"updateTime"`

	//Output only. Timestamp for when the Membership was deleted.
	DeleteTime time.Time `json:"deleteTime"`

	// An externally-generated and managed ID for this Membership.
	// This ID may still be modified after creation but it is not
	// recommended to do so. The ID must match the regex: `a-zA-Z0-9*`
	ExternalID string `json:"externalId"`

	// Output only. For clusters using Connect, the timestamp
	// of the most recent connection established with Google Cloud.
	// This time is updated every several minutes, not continuously.
	// For clusters that do not use GKE Connect, or that have never
	// connected successfully, this field will be unset.
	LastConnectionTime string `json:"lastConnectionTime"`
}

Resource type contains specific info about a Hub membership resource

type Service 

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment
	// contains filtered or unexported fields
}

Service type contains the http client and its context info

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.