registration

package

v0.0.0-...-e26eaeb Latest Latest Go to latest Published: Aug 14, 2025 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation ¶

Index ¶

Variables
func SetAdvanceWarning(recorder record.EventRecorder, object client.Object, ...)
func SetRequiredWarning(recorder record.EventRecorder, object client.Object, ...)
type Registration
type RegistrationFunc
- func (fn RegistrationFunc) Required(rec record.EventRecorder, obj client.Object, conds *[]metav1.Condition) bool
type Runner
- func NewRunner(publicKey, tokenPath string, changed func()) (*Runner, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var URL = os.Getenv("REGISTRATION_URL")

Functions ¶

func SetAdvanceWarning ¶

func SetAdvanceWarning(recorder record.EventRecorder, object client.Object, conditions *[]metav1.Condition)

func SetRequiredWarning ¶

func SetRequiredWarning(recorder record.EventRecorder, object client.Object, conditions *[]metav1.Condition)

Types ¶

type Registration ¶

type Registration interface {
	// Required returns true when registration is required but the token is missing or invalid.
	Required(record.EventRecorder, client.Object, *[]metav1.Condition) bool
}

type RegistrationFunc ¶

type RegistrationFunc func(record.EventRecorder, client.Object, *[]metav1.Condition) bool

func (RegistrationFunc) Required ¶

func (fn RegistrationFunc) Required(rec record.EventRecorder, obj client.Object, conds *[]metav1.Condition) bool

type Runner ¶

type Runner struct {
	// contains filtered or unexported fields
}

Runner implements Registration by loading and validating the token at a fixed path. Its methods are safe to call concurrently.

func NewRunner ¶

func NewRunner(publicKey, tokenPath string, changed func()) (*Runner, error)

NewRunner creates a Runner that periodically checks the validity of the token at tokenPath. It calls changed when the validity of the token changes.

func (*Runner) CheckToken ¶

func (r *Runner) CheckToken() (*jwt.Token, error)

CheckToken loads and verifies the configured token, returning an error when the file exists but cannot be verified, and returning the token if it can be verified. NOTE(upgradecheck): return the token/nil so that we can use the token in upgradecheck; currently a refresh of the token will cause a restart of the pod meaning that the token used in upgradecheck is always the current token. But if the restart behavior changes, we might drop the token return in main.go and change upgradecheck to retrieve the token itself

func (*Runner) NeedLeaderElection ¶

func (r *Runner) NeedLeaderElection() bool

NeedLeaderElection returns true so that r runs only on the single manager.Manager that is elected leader in the Kubernetes namespace.

func (*Runner) Required ¶

func (r *Runner) Required(
	recorder record.EventRecorder, object client.Object, conditions *[]metav1.Condition,
) bool

Required returns true when registration is required but the token is missing or invalid.

func (*Runner) Start ¶

func (r *Runner) Start(ctx context.Context) error

Start watches for a mounted registration token when enabled. It blocks until ctx is cancelled.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL