Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ClusterReconciler ¶
type ClusterReconciler struct {
client.Client
Scheme *runtime.Scheme
VaultTokenSource func() (*oauth2.Token, error)
VaultAuthClient VaultPartialAuthClient
VaultSecretsClient VaultPartialSecretsClient
VaultRole string
VaultLoginMountPath string
VaultKvPath string
KeycloakClient PartialKeycloakClient
KeycloakRealm string
KeycloakLoginRealm string
KeycloakUser string
KeycloakPassword string
ClientTemplateFile string
ClientRoleMappingTemplateFile string
JsonnetImportPaths []string
KeycloakClientIgnorePaths []string
}
ClusterReconciler reconciles a Cluster object
func (*ClusterReconciler) Reconcile ¶
func (r *ClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, err error)
Reconcile reconciles the Cluster resource.
func (*ClusterReconciler) SetupWithManager ¶
func (r *ClusterReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type PartialKeycloakClient ¶
type PartialKeycloakClient interface {
LoginAdmin(ctx context.Context, username, password, realm string) (*gocloak.JWT, error)
LogoutPublicClient(ctx context.Context, clientID, realm, accessToken, refreshToken string) error
GetClients(ctx context.Context, accessToken, realm string, params gocloak.GetClientsParams) ([]*gocloak.Client, error)
CreateClient(ctx context.Context, accessToken, realm string, newClient gocloak.Client) (string, error)
UpdateClient(ctx context.Context, accessToken, realm string, updatedClient gocloak.Client) error
DeleteClient(ctx context.Context, accessToken, realm, idOfClient string) error
GetClientRoles(ctx context.Context, accessToken, realm, idOfClient string, params gocloak.GetRoleParams) ([]*gocloak.Role, error)
AddClientRolesToGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []gocloak.Role) error
CreateClientRole(ctx context.Context, accessToken, realm, idOfClient string, role gocloak.Role) (string, error)
DeleteClientRole(ctx context.Context, token, realm, idOfClient, roleName string) error
GetGroupByPath(ctx context.Context, token, realm, groupPath string) (*gocloak.Group, error)
GetGroupsByClientRole(ctx context.Context, token, realm, roleName, clientID string) ([]*gocloak.Group, error)
DeleteClientRoleFromGroup(ctx context.Context, token, realm, idOfClient, groupID string, roles []gocloak.Role) error
}
PartialKeycloakClient is a subset of the gocloak client methods that are used by the controller
type VaultPartialAuthClient ¶
type VaultPartialAuthClient interface {
KubernetesLogin(ctx context.Context, request schema.KubernetesLoginRequest, options ...vault.RequestOption) (*vault.Response[map[string]interface{}], error)
}
VaultPartialAuthClient is a subset of the vault auth methods that are used by the controller
type VaultPartialSecretsClient ¶
type VaultPartialSecretsClient interface {
KvV2Read(ctx context.Context, path string, options ...vault.RequestOption) (*vault.Response[schema.KvV2ReadResponse], error)
KvV2Write(ctx context.Context, path string, request schema.KvV2WriteRequest, options ...vault.RequestOption) (*vault.Response[schema.KvV2WriteResponse], error)
KvV2Delete(ctx context.Context, path string, options ...vault.RequestOption) (*vault.Response[map[string]interface{}], error)
}
VaultPartialSecretsClient is a subset of the vault secrets methods that are used by the controller
// Currently generics imports are not correctly resolved in the `vault.Response[]` //go:generate go run go.uber.org/mock/mockgen -destination=./mock/vault_partial_secrets_client.go -package mock . VaultPartialSecretsClient
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.