Documentation
¶
Overview ¶
Package pomerium implements logic to convert K8s objects into Pomerium configuration
Index ¶
- Constants
- type ConfigReconciler
- type DataBrokerReconciler
- func (r *DataBrokerReconciler) Delete(ctx context.Context, namespacedName types.NamespacedName) (bool, error)
- func (r *DataBrokerReconciler) DeleteAll(ctx context.Context) error
- func (r *DataBrokerReconciler) Set(ctx context.Context, ics []*model.IngressConfig) (bool, error)
- func (r *DataBrokerReconciler) SetConfig(ctx context.Context, cfg *model.Config) (changes bool, err error)
- func (r *DataBrokerReconciler) Upsert(ctx context.Context, ic *model.IngressConfig) (bool, error)
- type IngressReconciler
Constants ¶
const ( // IngressControllerConfigID is configuration containing routes and their certs IngressControllerConfigID = "ingress-controller" SharedSettingsConfigID = "pomerium-crd" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConfigReconciler ¶
type ConfigReconciler interface {
// SetConfig updates just the shared config settings
SetConfig(ctx context.Context, cfg *model.Config) (changes bool, err error)
}
ConfigReconciler only updates global parameters and does not deal with individual routes
type DataBrokerReconciler ¶ added in v0.18.0
type DataBrokerReconciler struct {
ConfigID string
databroker.DataBrokerServiceClient
// DebugDumpConfigDiff dumps a diff between current and new config being applied
DebugDumpConfigDiff bool
// RemoveUnreferencedCerts would strip any certs not matched by any of the Routes SNI
RemoveUnreferencedCerts bool
}
DataBrokerReconciler updates pomerium configuration only one DataBrokerReconciler should be active and its methods are not thread-safe
func (*DataBrokerReconciler) Delete ¶ added in v0.18.0
func (r *DataBrokerReconciler) Delete(ctx context.Context, namespacedName types.NamespacedName) (bool, error)
Delete should delete pomerium routes corresponding to this ingress name
func (*DataBrokerReconciler) DeleteAll ¶ added in v0.18.0
func (r *DataBrokerReconciler) DeleteAll(ctx context.Context) error
DeleteAll cleans pomerium configuration entirely
func (*DataBrokerReconciler) Set ¶ added in v0.18.0
func (r *DataBrokerReconciler) Set(ctx context.Context, ics []*model.IngressConfig) (bool, error)
Set merges existing config with the one generated for ingress
func (*DataBrokerReconciler) SetConfig ¶ added in v0.18.0
func (r *DataBrokerReconciler) SetConfig(ctx context.Context, cfg *model.Config) (changes bool, err error)
SetConfig updates just the shared config settings
func (*DataBrokerReconciler) Upsert ¶ added in v0.18.0
func (r *DataBrokerReconciler) Upsert(ctx context.Context, ic *model.IngressConfig) (bool, error)
Upsert should update or create the pomerium routes corresponding to this ingress
type IngressReconciler ¶ added in v0.18.0
type IngressReconciler interface {
// Upsert should update or create the pomerium routes corresponding to this ingress
Upsert(ctx context.Context, ic *model.IngressConfig) (changes bool, err error)
// Set configuration to match provided ingresses and shared config settings
Set(ctx context.Context, ics []*model.IngressConfig) (changes bool, err error)
// Delete should delete pomerium routes corresponding to this ingress name
Delete(ctx context.Context, namespacedName types.NamespacedName) (changes bool, err error)
}
IngressReconciler updates pomerium configuration based on provided network resources it is not expected to be thread safe
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package ctrl converts Settings CRD into a bootstrap config
|
Package ctrl converts Settings CRD into a bootstrap config |
|
Package envoy contains functions for working with an embedded envoy binary.
|
Package envoy contains functions for working with an embedded envoy binary. |