Documentation ¶
Index ¶
Constants ¶
View Source
const (
ProviderID = `oci://{{ ds["id"] }}`
)
Variables ¶
This section is empty.
Functions ¶
func IsAllowedNamespace ¶
func IsAllowedNamespace(ctx context.Context, cli clipkg.Client, identity *CAPIIdentity, namespace string) bool
IsAllowedNamespace checks if a given identity allows access from a given namespace.
Types ¶
type AllowedNamespaces ¶
type AllowedNamespaces struct { List []string `json:"list"` Selector *metav1.LabelSelector `json:"selector"` }
type AvailabilityDomain ¶
type AvailabilityDomain struct { Name string FaultDomains []FaultDomain }
Client interface for OCI Clients
type CAPIIdentity ¶
type CAPIIdentity struct { Spec struct { Namespaces *AllowedNamespaces `json:"allowedNamespaces"` PrincipalSecret struct { Name string `json:"name"` Namespace string `json:"namespace"` } `json:"principalSecret"` } `json:"spec"` }
type Client ¶
type Client interface { GetSubnetByID(ctx context.Context, id, role string) (*Subnet, error) GetVCNByID(ctx context.Context, id string) (*core.Vcn, error) GetAvailabilityAndFaultDomains(ctx context.Context) ([]AvailabilityDomain, error) }
Client interface for OCI Clients
func NewClient ¶
func NewClient(creds *Credentials) (Client, error)
NewClient creates a new OCI Client
type ClientImpl ¶
type ClientImpl struct {
// contains filtered or unexported fields
}
ClientImpl OCI Client implementation
func (*ClientImpl) GetAvailabilityAndFaultDomains ¶
func (c *ClientImpl) GetAvailabilityAndFaultDomains(ctx context.Context) ([]AvailabilityDomain, error)
func (*ClientImpl) GetSubnetByID ¶
GetSubnetByID retrieves a subnet given that subnet's ID.
func (*ClientImpl) GetVCNByID ¶
type Credentials ¶
type Credentials struct { Region string Tenancy string User string PrivateKey string Fingerprint string Passphrase string UseInstancePrincipal string }
func (Credentials) AsConfigurationProvider ¶
func (c Credentials) AsConfigurationProvider() (common.ConfigurationProvider, error)
type CredentialsLoader ¶
type CredentialsLoader interface {
GetCredentialsIfAllowed(ctx context.Context, cli clipkg.Client, identityRef types.NamespacedName, namespace string) (*Credentials, error)
}
type CredentialsLoaderImpl ¶
type CredentialsLoaderImpl struct{}
func (CredentialsLoaderImpl) GetCredentialsIfAllowed ¶
func (c CredentialsLoaderImpl) GetCredentialsIfAllowed(ctx context.Context, cli clipkg.Client, identityRef types.NamespacedName, namespace string) (*Credentials, error)
GetCredentialsIfAllowed fetches the OCI Credentials for an OCIClusterIdentity, if that OCIClusterIdentity exists, has a principal secret, and allows access from a given namespace.
Click to show internal directories.
Click to hide internal directories.