util

package

v0.0.0-...-c77f513 Latest Latest Go to latest Published: May 17, 2026 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubev2v/forklift

Links

Documentation ¶

Index ¶

Constants
func Fingerprint(cert *x509.Certificate) string
func GenerateSSHPrivateSecretName(providerName string) (string, error)
func GenerateSSHPublicSecretName(providerName string) (string, error)
func GetCACert(secret *core.Secret) ([]byte, bool)
func GetTlsCertificate(url *liburl.URL, secret *core.Secret) (crt *x509.Certificate, err error)
func HasCACert(secret *core.Secret) bool
func InsecureProvider(secret *core.Secret) bool
func SanitizeProviderName(providerName string) (string, error)
func TestSSHConnectivity(ctx context.Context, hostIP string, privateKey []byte, log logging.LevelLogger) bool

Constants ¶

View Source

const (
	// SSHKeysSecretPrefix is the prefix used for SSH key secrets
	SSHKeysSecretPrefix = "offload-ssh-keys"

	// RestrictedSSHCommandTemplate is the inline shell command used in SSH authorized_keys
	// to restrict SSH access and route commands to the shell wrapper based on datastore.
	// Format: DS=<datastore>;CMD=<operation> <args...>
	// When DS is empty, it returns a simple success response for connectivity testing without calling the wrapper.
	RestrictedSSHCommandTemplate = `` /* 300-byte string literal not displayed */
)

Variables ¶

This section is empty.

Functions ¶

func Fingerprint ¶

func Fingerprint(cert *x509.Certificate) string

func GenerateSSHPrivateSecretName ¶

func GenerateSSHPrivateSecretName(providerName string) (string, error)

GenerateSSHPrivateSecretName generates a secret name for SSH private key

func GenerateSSHPublicSecretName ¶

func GenerateSSHPublicSecretName(providerName string) (string, error)

GenerateSSHPublicSecretName generates a secret name for SSH public key

func GetCACert ¶

func GetCACert(secret *core.Secret) ([]byte, bool)

GetCACert retrieves the CA certificate from a secret. It first checks for the standard Kubernetes field "ca.crt", then falls back to the legacy "cacert" field for backward compatibility. Returns the certificate bytes and a boolean indicating if found.

func GetTlsCertificate ¶

func GetTlsCertificate(url *liburl.URL, secret *core.Secret) (crt *x509.Certificate, err error)

func HasCACert ¶

func HasCACert(secret *core.Secret) bool

func InsecureProvider ¶

func InsecureProvider(secret *core.Secret) bool

func SanitizeProviderName ¶

func SanitizeProviderName(providerName string) (string, error)

SanitizeProviderName converts provider name to a valid Kubernetes secret name If the provider name is too long, it will be truncated to fit within Kubernetes limits and a warning will be logged

func TestSSHConnectivity ¶

func TestSSHConnectivity(ctx context.Context, hostIP string, privateKey []byte, log logging.LevelLogger) bool

TestSSHConnectivity tests if we can connect via SSH and execute a restricted command. It takes a context, hostIP, privateKey, optional testDatastore, and a logger. If testDatastore is empty, it performs a simple connectivity test expecting "SSH_OK" response. If testDatastore is provided, it will try to call the shell wrapper on that datastore. Returns true if SSH connectivity is working, false otherwise.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL