v0.0.0-...-c4b7760 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Feb 21, 2024 License: Apache-2.0 Imports: 24 Imported by: 1




View Source
const (

	// GCPAuthJSONKey is the key name in GCP credentials secrets where the json auth
	// contents will be stored.
	GCPAuthJSONKey = "service_account.json"


This section is empty.


func Add

func Add(mgr, rootCredMgr manager.Manager, r reconcile.Reconciler) error

func NewReconciler

func NewReconciler(c client.Client, mgr manager.Manager, projectName string) reconcile.Reconciler


type ReconcileCloudCredSecret

type ReconcileCloudCredSecret struct {
	Client           client.Client
	RootCredClient   client.Client
	ProjectName      string
	Logger           log.FieldLogger
	GCPClientBuilder func(projectName string, authJSON []byte) (ccgcp.Client, error)

func (*ReconcileCloudCredSecret) Reconcile

func (r *ReconcileCloudCredSecret) Reconcile(ctx context.Context, request reconcile.Request) (returnResult reconcile.Result, returnErr error)

Reconcile will typically annotate the cloud cred secret to indicate the capabilities of the cloud credentials: 1) 'mint' for indicating that the creds can be used to create new sub-creds 2) 'passthrough' for indicating that the creds are capable enough to potentially be used as-is 3) 'insufficient' for indicating that the creds are not usable for the cluster In the event that the operator config resource has specified a mode to operate under (mint/passthrough) then skip trying to determine the capabilities, and just annotate the secret. +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;update

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL