Documentation
¶
Overview ¶
Package provider contains abstract cloud provider types and interfaces.
Index ¶
- Constants
- Variables
- func ClusterCloudProviderName(spec kubermaticv1.CloudSpec) (string, error)
- func DatacenterCloudProviderName(spec *kubermaticv1.DatacenterSpec) (string, error)
- func DatacenterFromSeedMap(userInfo *UserInfo, seedsGetter SeedsGetter, datacenterName string) (*kubermaticv1.Seed, *kubermaticv1.Datacenter, error)
- type AddonConfigProvider
- type AddonProvider
- type AddonProviderGetter
- type AdminProvider
- type AdmissionPluginsProvider
- type AlertmanagerProvider
- type AlertmanagerProviderGetter
- type BackupCredentialsProvider
- type BackupCredentialsProviderGetter
- type CloudProvider
- type ClusterGetOptions
- type ClusterListOptions
- type ClusterProvider
- type ClusterProviderGetter
- type ClusterTemplateInstanceListOptions
- type ClusterTemplateInstanceProvider
- type ClusterTemplateInstanceProviderGetter
- type ClusterTemplateProvider
- type ClusterUpdater
- type ConstraintProvider
- type ConstraintProviderGetter
- type ConstraintTemplateProvider
- type DefaultConstraintProvider
- type EtcdBackupConfigProjectProvider
- type EtcdBackupConfigProjectProviderGetter
- type EtcdBackupConfigProvider
- type EtcdBackupConfigProviderGetter
- type EtcdRestoreProjectProvider
- type EtcdRestoreProjectProviderGetter
- type EtcdRestoreProvider
- type EtcdRestoreProviderGetter
- type EventRecorderProvider
- type ExternalClusterProvider
- type FeatureGatesProvider
- type KubermaticConfigurationGetter
- type PresetProvider
- type PrivilegedAddonProvider
- type PrivilegedAlertmanagerProvider
- type PrivilegedAllowedRegistryProvider
- type PrivilegedClusterProvider
- type PrivilegedClusterTemplateInstanceProvider
- type PrivilegedConstraintProvider
- type PrivilegedEtcdBackupConfigProjectProvider
- type PrivilegedEtcdBackupConfigProvider
- type PrivilegedEtcdRestoreProjectProvider
- type PrivilegedEtcdRestoreProvider
- type PrivilegedExternalClusterProvider
- type PrivilegedMLAAdminSettingProvider
- type PrivilegedMLAAdminSettingProviderGetter
- type PrivilegedProjectMemberProvider
- type PrivilegedProjectProvider
- type PrivilegedRuleGroupProvider
- type PrivilegedSSHKeyProvider
- type PrivilegedServiceAccountProvider
- type PrivilegedServiceAccountTokenProvider
- type ProjectGetOptions
- type ProjectListOptions
- type ProjectMemberListOptions
- type ProjectMemberMapper
- type ProjectMemberProvider
- type ProjectProvider
- type ReconcilingCloudProvider
- type RuleGroupListOptions
- type RuleGroupProvider
- type RuleGroupProviderGetter
- type SSHKeyListOptions
- type SSHKeyProvider
- type SecretKeySelectorValueFunc
- type SeedClientGetter
- type SeedGetter
- type SeedKubeconfigGetter
- type SeedProvider
- type SeedsGetter
- type ServiceAccountGetOptions
- type ServiceAccountListOptions
- type ServiceAccountProvider
- type ServiceAccountTokenListOptions
- type ServiceAccountTokenProvider
- type SettingsProvider
- type UpdaterOption
- type UpdaterOptions
- type UserInfo
- type UserInfoGetter
- type UserProvider
Constants ¶
View Source
const ( DefaultSSHPort = 22 DefaultKubeletPort = 10250 DefaultKubeconfigFieldPath = "kubeconfig" )
View Source
const ( // DefaultSeedName is the name of the Seed resource that is used // in the Community Edition, which is limited to a single seed. DefaultSeedName = "kubermatic" )
Variables ¶
View Source
var ( // ErrNotFound tells that the requests resource was not found ErrNotFound = errors.New("the given resource was not found") // ErrAlreadyExists tells that the given resource already exists ErrAlreadyExists = errors.New("the given resource already exists") )
Functions ¶
func ClusterCloudProviderName ¶
func ClusterCloudProviderName(spec kubermaticv1.CloudSpec) (string, error)
ClusterCloudProviderName returns the provider name for the given CloudSpec.
func DatacenterCloudProviderName ¶
func DatacenterCloudProviderName(spec *kubermaticv1.DatacenterSpec) (string, error)
DatacenterCloudProviderName returns the provider name for the given Datacenter.
func DatacenterFromSeedMap ¶
func DatacenterFromSeedMap(userInfo *UserInfo, seedsGetter SeedsGetter, datacenterName string) (*kubermaticv1.Seed, *kubermaticv1.Datacenter, error)
DatacenterFromSeedMap returns datacenter from the seed:datacenter map.
It is needed because the cloud providers are initialized once during startup and get all DCs. We need to change the cloud providers to by dynamically initialized when needed instead once we support datacenters as CRDs.
TODO: Find a way to lift the current requirement of unique datacenter names. It is needed only because we put
the datacenter name in the cluster object but not the seed name.
Types ¶
type AddonConfigProvider ¶
type AddonConfigProvider interface {
Get(addonName string) (*kubermaticv1.AddonConfig, error)
List() (*kubermaticv1.AddonConfigList, error)
}
type AddonProvider ¶
type AddonProvider interface {
// New creates a new addon in the given cluster
New(userInfo *UserInfo, cluster *kubermaticv1.Cluster, addonName string, variables *runtime.RawExtension, labels map[string]string) (*kubermaticv1.Addon, error)
// List gets all addons that belong to the given cluster
// If you want to filter the result please take a look at ClusterListOptions
List(userInfo *UserInfo, cluster *kubermaticv1.Cluster) ([]*kubermaticv1.Addon, error)
// Get returns the given addon
Get(userInfo *UserInfo, cluster *kubermaticv1.Cluster, addonName string) (*kubermaticv1.Addon, error)
// Update updates an addon
Update(userInfo *UserInfo, cluster *kubermaticv1.Cluster, newAddon *kubermaticv1.Addon) (*kubermaticv1.Addon, error)
// Delete deletes the given addon
Delete(userInfo *UserInfo, cluster *kubermaticv1.Cluster, addonName string) error
}
AddonProvider declares the set of methods for interacting with addons
type AddonProviderGetter ¶
type AddonProviderGetter = func(seed *kubermaticv1.Seed) (AddonProvider, error)
AddonProviderGetter is used to get an AddonProvider
type AdminProvider ¶
type AdminProvider interface {
SetAdmin(userInfo *UserInfo, email string, isAdmin bool) (*kubermaticv1.User, error)
GetAdmins(userInfo *UserInfo) ([]kubermaticv1.User, error)
}
AdminProvider declares the set of methods for interacting with admin
type AdmissionPluginsProvider ¶
type AdmissionPluginsProvider interface {
List(userInfo *UserInfo) ([]kubermaticv1.AdmissionPlugin, error)
Get(userInfo *UserInfo, name string) (*kubermaticv1.AdmissionPlugin, error)
Delete(userInfo *UserInfo, name string) error
Update(userInfo *UserInfo, admissionPlugin *kubermaticv1.AdmissionPlugin) (*kubermaticv1.AdmissionPlugin, error)
ListPluginNamesFromVersion(fromVersion string) ([]string, error)
}
AdmissionPluginsProvider declares the set of methods for interacting with admission plugins
type AlertmanagerProvider ¶ added in v2.18.0
type AlertmanagerProvider interface {
// Get gets the given alertmanager and the config secret
Get(cluster *kubermaticv1.Cluster, userInfo *UserInfo) (*kubermaticv1.Alertmanager, *corev1.Secret, error)
// Update updates the given alertmanager and the config secret
Update(alertmanager *kubermaticv1.Alertmanager, configSecret *corev1.Secret, userInfo *UserInfo) (*kubermaticv1.Alertmanager, *corev1.Secret, error)
// Reset resets the given alertmanager to default
Reset(cluster *kubermaticv1.Cluster, userInfo *UserInfo) error
}
AlertmanagerProvider declares the set of method for interacting with alertmanagers
type AlertmanagerProviderGetter ¶ added in v2.18.0
type AlertmanagerProviderGetter = func(seed *kubermaticv1.Seed) (AlertmanagerProvider, error)
AlertmanagerProviderGetter is used to get an AlertmanagerProvider
type BackupCredentialsProvider ¶ added in v2.18.0
type BackupCredentialsProvider interface {
// CreateUnsecured creates the backup credentials
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(credentials *corev1.Secret) (*corev1.Secret, error)
// GetUnsecured gets the backup credentials
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(credentialName string) (*corev1.Secret, error)
// UpdateUnsecured updates the backup credentials
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(new *corev1.Secret) (*corev1.Secret, error)
}
BackupCredentialsProvider declares the set of method for interacting with etcd backup credentials using a privileged client
type BackupCredentialsProviderGetter ¶ added in v2.18.0
type BackupCredentialsProviderGetter = func(seed *kubermaticv1.Seed) (BackupCredentialsProvider, error)
BackupCredentialsProviderGetter is used to get a BackupCredentialsProvider
type CloudProvider ¶
type CloudProvider interface {
InitializeCloudProvider(*kubermaticv1.Cluster, ClusterUpdater) (*kubermaticv1.Cluster, error)
CleanUpCloudProvider(*kubermaticv1.Cluster, ClusterUpdater) (*kubermaticv1.Cluster, error)
DefaultCloudSpec(spec *kubermaticv1.CloudSpec) error
ValidateCloudSpec(spec kubermaticv1.CloudSpec) error
ValidateCloudSpecUpdate(oldSpec kubermaticv1.CloudSpec, newSpec kubermaticv1.CloudSpec) error
}
CloudProvider declares a set of methods for interacting with a cloud provider
func ClusterCloudProvider ¶
func ClusterCloudProvider(cps map[string]CloudProvider, c *kubermaticv1.Cluster) (string, CloudProvider, error)
ClusterCloudProvider returns the provider for the given cluster where one of Cluster.Spec.Cloud.* is set.
type ClusterGetOptions ¶
type ClusterGetOptions struct {
// CheckInitStatus if set to true will check if cluster is initialized. The call will return error if
// not all cluster components are running
CheckInitStatus bool
}
ClusterGetOptions allows to check the status of the cluster
type ClusterListOptions ¶
type ClusterListOptions struct {
// ClusterSpecName gets the clusters with the given name in the spec
ClusterSpecName string
}
ClusterListOptions allows to set filters that will be applied to filter the result.
type ClusterProvider ¶
type ClusterProvider interface {
// New creates a brand new cluster that is bound to the given project
New(project *kubermaticv1.Project, userInfo *UserInfo, cluster *kubermaticv1.Cluster) (*kubermaticv1.Cluster, error)
// List gets all clusters that belong to the given project
// If you want to filter the result please take a look at ClusterListOptions
//
// Note:
// After we get the list of clusters we could try to get each cluster individually using unprivileged account to see if the user have read access,
// We don't do this because we assume that if the user was able to get the project (argument) it has to have at least read access.
List(project *kubermaticv1.Project, options *ClusterListOptions) (*kubermaticv1.ClusterList, error)
// ListAll gets all clusters for the seed
ListAll() (*kubermaticv1.ClusterList, error)
// Get returns the given cluster, it uses the projectInternalName to determine the group the user belongs to
Get(userInfo *UserInfo, clusterName string, options *ClusterGetOptions) (*kubermaticv1.Cluster, error)
// Update updates a cluster
Update(project *kubermaticv1.Project, userInfo *UserInfo, newCluster *kubermaticv1.Cluster) (*kubermaticv1.Cluster, error)
// Delete deletes the given cluster
Delete(userInfo *UserInfo, clusterName string) error
// GetAdminKubeconfigForCustomerCluster returns the admin kubeconfig for the given cluster
GetAdminKubeconfigForCustomerCluster(cluster *kubermaticv1.Cluster) (*clientcmdapi.Config, error)
// GetViewerKubeconfigForCustomerCluster returns the viewer kubeconfig for the given cluster
GetViewerKubeconfigForCustomerCluster(cluster *kubermaticv1.Cluster) (*clientcmdapi.Config, error)
// RevokeViewerKubeconfig revokes viewer token and kubeconfig
RevokeViewerKubeconfig(c *kubermaticv1.Cluster) error
// RevokeAdminKubeconfig revokes the viewer token and kubeconfig
RevokeAdminKubeconfig(c *kubermaticv1.Cluster) error
// GetAdminClientForCustomerCluster returns a client to interact with all resources in the given cluster
//
// Note that the client you will get has admin privileges
GetAdminClientForCustomerCluster(context.Context, *kubermaticv1.Cluster) (ctrlruntimeclient.Client, error)
// GetClientForCustomerCluster returns a client to interact with all resources in the given cluster
//
// Note that the client doesn't use admin account instead it authn/authz as userInfo(email, group)
GetClientForCustomerCluster(context.Context, *UserInfo, *kubermaticv1.Cluster) (ctrlruntimeclient.Client, error)
// GetTokenForCustomerCluster returns a token for the given cluster with permissions granted to group that
// user belongs to.
GetTokenForCustomerCluster(context.Context, *UserInfo, *kubermaticv1.Cluster) (string, error)
// IsCluster checks if cluster exist with the given name
IsCluster(clusterName string) bool
// GetSeedName gets the seed name of the cluster
GetSeedName() string
}
ClusterProvider declares the set of methods for interacting with clusters This provider is Project and RBAC compliant
type ClusterProviderGetter ¶
type ClusterProviderGetter = func(seed *kubermaticv1.Seed) (ClusterProvider, error)
ClusterProviderGetter is used to get a clusterProvider
type ClusterTemplateInstanceListOptions ¶ added in v2.18.0
type ClusterTemplateInstanceListOptions struct {
// ProjectID list only instances with the specified ID
ProjectID string
// TemplateID list only instances with the specified ID
TemplateID string
}
ClusterTemplateInstanceListOptions allows to set filters that will be applied to filter the result.
type ClusterTemplateInstanceProvider ¶ added in v2.18.0
type ClusterTemplateInstanceProvider interface {
Create(userInfo *UserInfo, template *kubermaticv1.ClusterTemplate, project *kubermaticv1.Project, replicas int64) (*kubermaticv1.ClusterTemplateInstance, error)
Get(userInfo *UserInfo, name string) (*kubermaticv1.ClusterTemplateInstance, error)
List(userInfo *UserInfo, options ClusterTemplateInstanceListOptions) (*kubermaticv1.ClusterTemplateInstanceList, error)
Patch(userInfo *UserInfo, instance *kubermaticv1.ClusterTemplateInstance) (*kubermaticv1.ClusterTemplateInstance, error)
}
ClusterTemplateInstanceProvider declares the set of method for interacting with cluster templates
type ClusterTemplateInstanceProviderGetter ¶ added in v2.18.0
type ClusterTemplateInstanceProviderGetter = func(seed *kubermaticv1.Seed) (ClusterTemplateInstanceProvider, error)
ClusterTemplateInstanceProviderGetter is used to get a ClusterTemplateInstanceProvider
type ClusterTemplateProvider ¶ added in v2.18.0
type ClusterTemplateProvider interface {
New(userInfo *UserInfo, newClusterTemplate *kubermaticv1.ClusterTemplate, scope, projectID string) (*kubermaticv1.ClusterTemplate, error)
List(userInfo *UserInfo, projectID string) ([]kubermaticv1.ClusterTemplate, error)
Get(userInfo *UserInfo, projectID, templateID string) (*kubermaticv1.ClusterTemplate, error)
Delete(userInfo *UserInfo, projectID, templateID string) error
}
ClusterTemplateProvider declares the set of method for interacting with cluster templates
type ClusterUpdater ¶
type ClusterUpdater func(string, func(*kubermaticv1.Cluster), ...UpdaterOption) (*kubermaticv1.Cluster, error)
ClusterUpdater defines a function to persist an update to a cluster
type ConstraintProvider ¶ added in v2.16.3
type ConstraintProvider interface {
// List gets a list of constraints
//
// Note that the list is taken from the cache
List(cluster *kubermaticv1.Cluster) (*kubermaticv1.ConstraintList, error)
// Get gets the given constraints
Get(cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.Constraint, error)
// Create creates the given constraint
Create(userInfo *UserInfo, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)
// Delete deletes the given constraint
Delete(cluster *kubermaticv1.Cluster, userInfo *UserInfo, name string) error
// Update updates the given constraint
Update(userInfo *UserInfo, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)
}
ConstraintProvider declares the set of method for interacting with constraints
type ConstraintProviderGetter ¶ added in v2.17.1
type ConstraintProviderGetter = func(seed *kubermaticv1.Seed) (ConstraintProvider, error)
ConstraintProviderGetter is used to get a ConstraintProvider
type ConstraintTemplateProvider ¶ added in v2.16.3
type ConstraintTemplateProvider interface {
// List gets a list of constraint templates, by default it returns all resources.
//
// Note that the list is taken from the cache
List() (*kubermaticv1.ConstraintTemplateList, error)
// Get gets the given constraint template
Get(name string) (*kubermaticv1.ConstraintTemplate, error)
// Create a Constraint Template
Create(ct *kubermaticv1.ConstraintTemplate) (*kubermaticv1.ConstraintTemplate, error)
// Update a Constraint Template
Update(ct *kubermaticv1.ConstraintTemplate) (*kubermaticv1.ConstraintTemplate, error)
// Delete a Constraint Template
Delete(ct *kubermaticv1.ConstraintTemplate) error
}
ConstraintTemplateProvider declares the set of method for interacting with gatekeeper's constraint templates
type DefaultConstraintProvider ¶ added in v2.18.0
type DefaultConstraintProvider interface {
// List gets a list of default constraints
//
// Note that the list is taken from the cache
List() (*kubermaticv1.ConstraintList, error)
// Get gets the given default constraints
Get(name string) (*kubermaticv1.Constraint, error)
// Create creates the given default constraint
Create(constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)
// Delete deletes the given default constraint
Delete(name string) error
// Update a default constraint
Update(ct *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)
}
DefaultConstraintProvider declares the set of method for interacting with default constraints
type EtcdBackupConfigProjectProvider ¶ added in v2.18.0
type EtcdBackupConfigProjectProvider interface {
// List gets a list of etcdBackupConfig for a given project
List(userInfo *UserInfo, projectID string) ([]*kubermaticv1.EtcdBackupConfigList, error)
}
EtcdBackupConfigProjectProvider declares the set of method for interacting with etcd backup configs across projects and its seeds
type EtcdBackupConfigProjectProviderGetter ¶ added in v2.18.0
type EtcdBackupConfigProjectProviderGetter = func(seeds map[string]*kubermaticv1.Seed) (EtcdBackupConfigProjectProvider, error)
EtcdBackupConfigProjectProviderGetter is used to get a EtcdBackupConfigProjectProvider
type EtcdBackupConfigProvider ¶ added in v2.18.0
type EtcdBackupConfigProvider interface {
// Create creates the given etcdBackupConfig
Create(userInfo *UserInfo, etcdBackupConfig *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)
// Get gets the given etcdBackupConfig
Get(userInfo *UserInfo, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdBackupConfig, error)
// List gets a list of etcdBackupConfig for a given cluster
List(userInfo *UserInfo, cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdBackupConfigList, error)
// Delete deletes the given etcdBackupConfig
Delete(userInfo *UserInfo, cluster *kubermaticv1.Cluster, name string) error
// Patch updates the given etcdBackupConfig
Patch(userInfo *UserInfo, old, new *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)
}
EtcdBackupConfigProvider declares the set of method for interacting with etcd backup configs
type EtcdBackupConfigProviderGetter ¶ added in v2.18.0
type EtcdBackupConfigProviderGetter = func(seed *kubermaticv1.Seed) (EtcdBackupConfigProvider, error)
EtcdBackupConfigProviderGetter is used to get a EtcdBackupConfigProvider
type EtcdRestoreProjectProvider ¶ added in v2.18.0
type EtcdRestoreProjectProvider interface {
// List gets a list of etcdRestore for a given project
List(userInfo *UserInfo, projectID string) ([]*kubermaticv1.EtcdRestoreList, error)
}
EtcdRestoreProjectProvider declares the set of method for interacting with etcd backup restores across projects and its seeds
type EtcdRestoreProjectProviderGetter ¶ added in v2.18.0
type EtcdRestoreProjectProviderGetter = func(seeds map[string]*kubermaticv1.Seed) (EtcdRestoreProjectProvider, error)
EtcdRestoreProjectProviderGetter is used to get a EtcdRestoreProjectProvider
type EtcdRestoreProvider ¶ added in v2.18.0
type EtcdRestoreProvider interface {
// Create creates the given etcdRestore
Create(userInfo *UserInfo, etcdRestore *kubermaticv1.EtcdRestore) (*kubermaticv1.EtcdRestore, error)
// Get gets the given etcdRestore
Get(userInfo *UserInfo, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdRestore, error)
// List gets a list of etcdRestore for a given cluster
List(userInfo *UserInfo, cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdRestoreList, error)
// Delete deletes the given etcdRestore
Delete(userInfo *UserInfo, cluster *kubermaticv1.Cluster, name string) error
}
EtcdRestoreProvider declares the set of method for interacting with etcd backup restores
type EtcdRestoreProviderGetter ¶ added in v2.18.0
type EtcdRestoreProviderGetter = func(seed *kubermaticv1.Seed) (EtcdRestoreProvider, error)
EtcdRestoreProviderGetter is used to get a EtcdRestoreProvider
type EventRecorderProvider ¶
type EventRecorderProvider interface {
// ClusterRecorderFor returns a event recorder that will be able to record event for objects in the cluster
// referred by provided cluster config.
ClusterRecorderFor(client kubernetes.Interface) record.EventRecorder
}
EventRecorderProvider allows to record events for objects that can be read using K8S API.
type ExternalClusterProvider ¶
type ExternalClusterProvider interface {
New(userInfo *UserInfo, project *kubermaticv1.Project, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)
Get(userInfo *UserInfo, clusterName string) (*kubermaticv1.ExternalCluster, error)
Delete(userInfo *UserInfo, cluster *kubermaticv1.ExternalCluster) error
Update(userInfo *UserInfo, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)
List(project *kubermaticv1.Project) (*kubermaticv1.ExternalClusterList, error)
GenerateClient(cfg *clientcmdapi.Config) (ctrlruntimeclient.Client, error)
GetClient(cluster *kubermaticv1.ExternalCluster) (ctrlruntimeclient.Client, error)
CreateOrUpdateKubeconfigSecretForCluster(ctx context.Context, cluster *kubermaticv1.ExternalCluster, kubeconfig string) error
CreateOrUpdateCredentialSecretForCluster(ctx context.Context, cloud *apiv2.ExternalClusterCloudSpec, projectID, clusterID string) (*providerconfig.GlobalSecretKeySelector, error)
GetVersion(cluster *kubermaticv1.ExternalCluster) (*ksemver.Semver, error)
ListNodes(cluster *kubermaticv1.ExternalCluster) (*corev1.NodeList, error)
GetNode(cluster *kubermaticv1.ExternalCluster, nodeName string) (*corev1.Node, error)
IsMetricServerAvailable(cluster *kubermaticv1.ExternalCluster) (bool, error)
}
ExternalClusterProvider declares the set of methods for interacting with external cluster
type FeatureGatesProvider ¶ added in v2.19.0
type FeatureGatesProvider interface {
GetFeatureGates() (apiv2.FeatureGates, error)
}
FeatureGatesProvider declares the set of method for getting currently subset of provided feature gates.
type KubermaticConfigurationGetter ¶ added in v2.19.0
type KubermaticConfigurationGetter = func(ctx context.Context) (*operatorv1alpha1.KubermaticConfiguration, error)
KubermaticConfigurationGetter is a function to retrieve the currently relevant KubermaticConfiguration. That is the one in the same namespace as the running application (e.g. the seed-controller-manager). It's an error if there are none or more than one KubermaticConfiguration objects in a single namespace.
func DynamicKubermaticConfigurationGetterFactory ¶ added in v2.19.0
func DynamicKubermaticConfigurationGetterFactory(client ctrlruntimeclient.Reader, namespace string) (KubermaticConfigurationGetter, error)
DynamicKubermaticConfigurationGetterFactory returns a dynamic KubermaticConfigurationGetter, which will list all Configurations in the given namespace and return the found config or an error if 0 or more Configurations where found.
func StaticKubermaticConfigurationGetterFactory ¶ added in v2.19.0
func StaticKubermaticConfigurationGetterFactory(config *operatorv1alpha1.KubermaticConfiguration) (KubermaticConfigurationGetter, error)
StaticKubermaticConfigurationGetterFactory returns a KubermaticConfigurationGetter that returns the same Configuration on every call. This is mostly used for local development in order to provide an easy to modify configuration file. Actual production use will use the dynamic getter instead.
type PresetProvider ¶
type PresetProvider interface {
CreatePreset(preset *kubermaticv1.Preset) (*kubermaticv1.Preset, error)
UpdatePreset(preset *kubermaticv1.Preset) (*kubermaticv1.Preset, error)
GetPresets(userInfo *UserInfo) ([]kubermaticv1.Preset, error)
GetPreset(userInfo *UserInfo, name string) (*kubermaticv1.Preset, error)
DeletePreset(preset *kubermaticv1.Preset) (*kubermaticv1.Preset, error)
SetCloudCredentials(userInfo *UserInfo, presetName string, cloud kubermaticv1.CloudSpec, dc *kubermaticv1.Datacenter) (*kubermaticv1.CloudSpec, error)
}
PresetProvider declares the set of methods for interacting with presets
type PrivilegedAddonProvider ¶
type PrivilegedAddonProvider interface {
// ListUnsecured gets all addons that belong to the given cluster
// If you want to filter the result please take a look at ClusterListOptions
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resources
ListUnsecured(cluster *kubermaticv1.Cluster) ([]*kubermaticv1.Addon, error)
// NewUnsecured creates a new addon in the given cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
NewUnsecured(cluster *kubermaticv1.Cluster, addonName string, variables *runtime.RawExtension, labels map[string]string) (*kubermaticv1.Addon, error)
// GetUnsecured returns the given addon
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(cluster *kubermaticv1.Cluster, addonName string) (*kubermaticv1.Addon, error)
// UpdateUnsecured updates an addon
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(cluster *kubermaticv1.Cluster, newAddon *kubermaticv1.Addon) (*kubermaticv1.Addon, error)
// DeleteUnsecured deletes the given addon
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(cluster *kubermaticv1.Cluster, addonName string) error
}
type PrivilegedAlertmanagerProvider ¶ added in v2.18.0
type PrivilegedAlertmanagerProvider interface {
// GetUnsecured gets the given alertmanager and the config secret using a privileged client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(cluster *kubermaticv1.Cluster) (*kubermaticv1.Alertmanager, *corev1.Secret, error)
// UpdateUnsecured updates the given alertmanager and the config secret using a privileged client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(alertmanager *kubermaticv1.Alertmanager, configSecret *corev1.Secret) (*kubermaticv1.Alertmanager, *corev1.Secret, error)
// ResetUnsecured resets the given alertmanager to default using a privileged client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to reset the resource
ResetUnsecured(cluster *kubermaticv1.Cluster) error
}
PrivilegedAlertmanagerProvider declares the set of method for interacting with alertmanagers using a privileged client
type PrivilegedAllowedRegistryProvider ¶ added in v2.18.0
type PrivilegedAllowedRegistryProvider interface {
// CreateUnsecured creates the given allowed registry
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(ar *kubermaticv1.AllowedRegistry) (*kubermaticv1.AllowedRegistry, error)
// GetUnsecured gets the given allowed registry
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(name string) (*kubermaticv1.AllowedRegistry, error)
// ListUnsecured gets a list of all allowed registries
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resources
ListUnsecured() (*kubermaticv1.AllowedRegistryList, error)
// UpdateUnsecured updates the allowed registry
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(ar *kubermaticv1.AllowedRegistry) (*kubermaticv1.AllowedRegistry, error)
// DeleteUnsecured deletes the allowed registry with the given name
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(name string) error
}
PrivilegedAllowedRegistryProvider declares the set of method for interacting with allowed registries
type PrivilegedClusterProvider ¶
type PrivilegedClusterProvider interface {
// GetSeedClusterAdminRuntimeClient returns a runtime client to interact with all resources in the seed cluster
//
// Note that the client you will get has admin privileges in the seed cluster
GetSeedClusterAdminRuntimeClient() ctrlruntimeclient.Client
// GetSeedClusterAdminClient returns a kubernetes client to interact with all resources in the seed cluster
//
// Note that the client you will get has admin privileges in the seed cluster
GetSeedClusterAdminClient() kubernetes.Interface
// GetUnsecured returns a cluster for the project and given name.
//
// Note that the admin privileges are used to get cluster
GetUnsecured(project *kubermaticv1.Project, clusterName string, options *ClusterGetOptions) (*kubermaticv1.Cluster, error)
// UpdateUnsecured updates a cluster.
//
// Note that the admin privileges are used to update cluster
UpdateUnsecured(project *kubermaticv1.Project, cluster *kubermaticv1.Cluster) (*kubermaticv1.Cluster, error)
// DeleteUnsecured deletes a cluster.
//
// Note that the admin privileges are used to delete cluster
DeleteUnsecured(cluster *kubermaticv1.Cluster) error
// NewUnsecured creates a brand new cluster that is bound to the given project.
//
// Note that the admin privileges are used to create cluster
NewUnsecured(project *kubermaticv1.Project, cluster *kubermaticv1.Cluster, userEmail string) (*kubermaticv1.Cluster, error)
}
PrivilegedClusterProvider declares the set of methods for interacting with the seed clusters as an admin.
type PrivilegedClusterTemplateInstanceProvider ¶ added in v2.18.0
type PrivilegedClusterTemplateInstanceProvider interface {
// CreateUnsecured create cluster template instance
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
CreateUnsecured(template *kubermaticv1.ClusterTemplate, project *kubermaticv1.Project, replicas int64) (*kubermaticv1.ClusterTemplateInstance, error)
// GetUnsecured gets cluster template instance
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(name string) (*kubermaticv1.ClusterTemplateInstance, error)
// ListUnsecured lists cluster template instances
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
ListUnsecured(options ClusterTemplateInstanceListOptions) (*kubermaticv1.ClusterTemplateInstanceList, error)
// PatchUnsecured patches cluster template instances
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
PatchUnsecured(instance *kubermaticv1.ClusterTemplateInstance) (*kubermaticv1.ClusterTemplateInstance, error)
}
PrivilegedClusterTemplateInstanceProvider declares the set of methods for interacting with the cluster template instances as an admin.
type PrivilegedConstraintProvider ¶ added in v2.16.3
type PrivilegedConstraintProvider interface {
// CreateUnsecured creates the given constraint using a privileged client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)
// DeleteUnsecured deletes a constraint using a privileged client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(cluster *kubermaticv1.Cluster, name string) error
// UpdateUnsecured updates the given constraint using a privileged client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)
}
PrivilegedConstraintProvider declares a set of methods for interacting with constraints using a privileged client
type PrivilegedEtcdBackupConfigProjectProvider ¶ added in v2.18.0
type PrivilegedEtcdBackupConfigProjectProvider interface {
// ListUnsecured gets a list of all etcdBackupConfigs for a given project
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to list the resources
ListUnsecured(projectID string) ([]*kubermaticv1.EtcdBackupConfigList, error)
}
PrivilegedEtcdBackupConfigProjectProvider declares the set of method for interacting with etcd backup configs using a privileged client across projects and its seeds
type PrivilegedEtcdBackupConfigProvider ¶ added in v2.18.0
type PrivilegedEtcdBackupConfigProvider interface {
// CreateUnsecured creates the given etcdBackupConfig
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(etcdBackupConfig *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)
// GetUnsecured gets the given etcdBackupConfig
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdBackupConfig, error)
// ListUnsecured gets a list of all etcdBackupConfigs for a given cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to list the resources
ListUnsecured(cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdBackupConfigList, error)
// DeleteUnsecured deletes the given etcdBackupConfig
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(cluster *kubermaticv1.Cluster, name string) error
// PatchUnsecured patches the given etcdBackupConfig
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to patch the resource
PatchUnsecured(old, new *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)
}
PrivilegedEtcdBackupConfigProvider declares the set of method for interacting with etcd backup configs using a privileged client
type PrivilegedEtcdRestoreProjectProvider ¶ added in v2.18.0
type PrivilegedEtcdRestoreProjectProvider interface {
// ListUnsecured gets a list of all etcdRestores for a given project
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to list the resources
ListUnsecured(projectID string) ([]*kubermaticv1.EtcdRestoreList, error)
}
PrivilegedEtcdRestoreProjectProvider declares the set of method for interacting with etcd backup configs using a privileged client across projects and its seeds
type PrivilegedEtcdRestoreProvider ¶ added in v2.18.0
type PrivilegedEtcdRestoreProvider interface {
// CreateUnsecured creates the given etcdRestore
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(etcdRestore *kubermaticv1.EtcdRestore) (*kubermaticv1.EtcdRestore, error)
// GetUnsecured gets the given etcdRestore
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdRestore, error)
// ListUnsecured gets a list of all etcdRestores for a given cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to list the resources
ListUnsecured(cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdRestoreList, error)
// DeleteUnsecured deletes the given etcdRestore
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(cluster *kubermaticv1.Cluster, name string) error
}
PrivilegedEtcdRestoreProvider declares the set of method for interacting with etcd backup configs using a privileged client
type PrivilegedExternalClusterProvider ¶
type PrivilegedExternalClusterProvider interface {
// NewUnsecured creates an external cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resources
NewUnsecured(project *kubermaticv1.Project, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)
// DeleteUnsecured deletes an external cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resources
DeleteUnsecured(cluster *kubermaticv1.ExternalCluster) error
// GetUnsecured gets an external cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resources
GetUnsecured(clusterName string) (*kubermaticv1.ExternalCluster, error)
// UpdateUnsecured updates an external cluster
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resources
UpdateUnsecured(cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)
// GetMasterClient returns master client
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resources
GetMasterClient() ctrlruntimeclient.Client
}
ExternalClusterProvider declares the set of methods for interacting with external cluster
type PrivilegedMLAAdminSettingProvider ¶ added in v2.18.0
type PrivilegedMLAAdminSettingProvider interface {
// GetUnsecured gets the given MLAAdminSetting
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(cluster *kubermaticv1.Cluster) (*kubermaticv1.MLAAdminSetting, error)
// CreateUnsecured creates the given MLAAdminSetting
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(mlaAdminSetting *kubermaticv1.MLAAdminSetting) (*kubermaticv1.MLAAdminSetting, error)
// UpdateUnsecured updates an MLAAdminSetting
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(newMLAAdminSetting *kubermaticv1.MLAAdminSetting) (*kubermaticv1.MLAAdminSetting, error)
// DeleteUnsecured deletes the MLAAdminSetting with the given name
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(cluster *kubermaticv1.Cluster) error
}
type PrivilegedMLAAdminSettingProviderGetter ¶ added in v2.18.0
type PrivilegedMLAAdminSettingProviderGetter = func(seed *kubermaticv1.Seed) (PrivilegedMLAAdminSettingProvider, error)
PrivilegedMLAAdminSettingProviderGetter is used to get a PrivilegedMLAAdminSettingProvider
type PrivilegedProjectMemberProvider ¶
type PrivilegedProjectMemberProvider interface {
// CreateUnsecured creates a binding for the given member and the given project
// This function is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(project *kubermaticv1.Project, memberEmail, group string) (*kubermaticv1.UserProjectBinding, error)
// CreateUnsecuredForServiceAccount creates a binding for the given service account and the given project
// This function is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecuredForServiceAccount(project *kubermaticv1.Project, memberEmail, group string) (*kubermaticv1.UserProjectBinding, error)
// DeleteUnsecured deletes the given binding
// Note:
// Use List to get binding for the specific member of the given project
// This function is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(bindingName string) error
// UpdateUnsecured updates the given binding
// This function is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(binding *kubermaticv1.UserProjectBinding) (*kubermaticv1.UserProjectBinding, error)
}
PrivilegedProjectMemberProvider binds users with projects and uses privileged account for it
type PrivilegedProjectProvider ¶
type PrivilegedProjectProvider interface {
// GetUnsecured returns the project with the given name
// This function is unsafe in a sense that it uses privileged account to get project with the given name
GetUnsecured(projectInternalName string, options *ProjectGetOptions) (*kubermaticv1.Project, error)
// DeleteUnsecured deletes any given project
// This function is unsafe in a sense that it uses privileged account to delete project with the given name
DeleteUnsecured(projectInternalName string) error
// UpdateUnsecured update an existing project and returns it
// This function is unsafe in a sense that it uses privileged account to update project
UpdateUnsecured(project *kubermaticv1.Project) (*kubermaticv1.Project, error)
}
PrivilegedProjectProvider declares the set of method for interacting with kubermatic's project and uses privileged account for it
type PrivilegedRuleGroupProvider ¶ added in v2.18.0
type PrivilegedRuleGroupProvider interface {
// GetUnsecured gets the given ruleGroup
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(ruleGroupName, namespace string) (*kubermaticv1.RuleGroup, error)
// ListUnsecured gets a list of ruleGroups, by default it returns all ruleGroup objects.
// If you would like to filer the result, please set RuleGroupListOptions
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resources
ListUnsecured(namespace string, options *RuleGroupListOptions) ([]*kubermaticv1.RuleGroup, error)
// CreateUnsecured creates the given ruleGroup
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(ruleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)
// UpdateUnsecured updates an ruleGroup
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(newRuleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)
// DeleteUnsecured deletes the ruleGroup with the given name
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(ruleGroupName, namespace string) error
}
type PrivilegedSSHKeyProvider ¶
type PrivilegedSSHKeyProvider interface {
// GetUnsecured returns a key with the given name
// This function is unsafe in a sense that it uses privileged account to get the ssh key
GetUnsecured(keyName string) (*kubermaticv1.UserSSHKey, error)
// UpdateUnsecured update a specific ssh key and returns the updated ssh key
// This function is unsafe in a sense that it uses privileged account to update the ssh key
UpdateUnsecured(sshKey *kubermaticv1.UserSSHKey) (*kubermaticv1.UserSSHKey, error)
// Create creates a ssh key that belongs to the given project
// This function is unsafe in a sense that it uses privileged account to create the ssh key
CreateUnsecured(project *kubermaticv1.Project, keyName, pubKey string) (*kubermaticv1.UserSSHKey, error)
// Delete deletes the given ssh key
// This function is unsafe in a sense that it uses privileged account to delete the ssh key
DeleteUnsecured(keyName string) error
}
SSHKeyProvider declares the set of methods for interacting with ssh keys and uses privileged account for it
type PrivilegedServiceAccountProvider ¶
type PrivilegedServiceAccountProvider interface {
// CreateUnsecuredProjectServiceAccount creates a project service account
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resources
CreateUnsecuredProjectServiceAccount(project *kubermaticv1.Project, name, group string) (*kubermaticv1.User, error)
// ListUnsecuredProjectServiceAccount gets all project service accounts
// If you want to filter the result please take a look at ServiceAccountListOptions
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resources
ListUnsecuredProjectServiceAccount(project *kubermaticv1.Project, options *ServiceAccountListOptions) ([]*kubermaticv1.User, error)
// GetUnsecuredProjectServiceAccount get the project service account
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecuredProjectServiceAccount(name string, options *ServiceAccountGetOptions) (*kubermaticv1.User, error)
// UpdateUnsecuredProjectServiceAccount updates the project service account
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecuredProjectServiceAccount(serviceAccount *kubermaticv1.User) (*kubermaticv1.User, error)
// DeleteUnsecuredProjectServiceAccount deletes the project service account
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecuredProjectServiceAccount(name string) error
}
PrivilegedServiceAccountProvider declares the set of methods for interacting with kubermatic service account
type PrivilegedServiceAccountTokenProvider ¶
type PrivilegedServiceAccountTokenProvider interface {
// ListUnsecured returns all tokens in kubermatic namespace
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
// gets resources from the cache
ListUnsecured(*ServiceAccountTokenListOptions) ([]*corev1.Secret, error)
// CreateUnsecured creates a new token
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to create the resource
CreateUnsecured(sa *kubermaticv1.User, projectID, tokenName, tokenID, tokenData string) (*corev1.Secret, error)
// GetUnsecured gets the token
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
GetUnsecured(name string) (*corev1.Secret, error)
// UpdateUnsecured updates the token
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to get the resource
UpdateUnsecured(secret *corev1.Secret) (*corev1.Secret, error)
// DeleteUnsecured deletes the token
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to delete the resource
DeleteUnsecured(name string) error
}
PrivilegedServiceAccountTokenProvider declares the set of method for interacting with kubermatic's sa's tokens and uses privileged account for it
type ProjectGetOptions ¶
type ProjectGetOptions struct {
// IncludeUninitialized if set to true will skip the check if project is initialized. By default the call will return
// an error if not all project components are active
IncludeUninitialized bool
}
ProjectGetOptions allows to check the status of the Project
type ProjectListOptions ¶
type ProjectListOptions struct {
// ProjectName list only projects with the given name
ProjectName string
// OwnerUID list only project that belong to this user
OwnerUID types.UID
}
ProjectListOptions allows to set filters that will be applied to the result returned form List method
type ProjectMemberListOptions ¶
type ProjectMemberListOptions struct {
// MemberEmail set the email address of a member for the given project
MemberEmail string
// SkipPrivilegeVerification if set will not check if the user that wants to list members of the given project has sufficient privileges.
SkipPrivilegeVerification bool
}
ProjectMemberListOptions allows to set filters that will be applied to filter the result.
type ProjectMemberMapper ¶
type ProjectMemberMapper interface {
// MapUserToGroup maps the given user to a specific group of the given project
// This function is unsafe in a sense that it uses privileged account to list all members in the system
MapUserToGroup(userEmail string, projectID string) (string, error)
// MappingsFor returns the list of projects (bindings) for the given user
// This function is unsafe in a sense that it uses privileged account to list all members in the system
MappingsFor(userEmail string) ([]*kubermaticv1.UserProjectBinding, error)
}
ProjectMemberMapper exposes method that knows how to map a user to a group for a project
type ProjectMemberProvider ¶
type ProjectMemberProvider interface {
// Create creates a binding for the given member and the given project
Create(userInfo *UserInfo, project *kubermaticv1.Project, memberEmail, group string) (*kubermaticv1.UserProjectBinding, error)
// List gets all members of the given project
List(userInfo *UserInfo, project *kubermaticv1.Project, options *ProjectMemberListOptions) ([]*kubermaticv1.UserProjectBinding, error)
// Delete deletes the given binding
// Note:
// Use List to get binding for the specific member of the given project
Delete(userInfo *UserInfo, bindinName string) error
// Update updates the given binding
Update(userInfo *UserInfo, binding *kubermaticv1.UserProjectBinding) (*kubermaticv1.UserProjectBinding, error)
}
ProjectMemberProvider binds users with projects
type ProjectProvider ¶
type ProjectProvider interface {
// New creates a brand new project in the system with the given name
// Note that a user cannot own more than one project with the given name
New(users []*kubermaticv1.User, name string, labels map[string]string) (*kubermaticv1.Project, error)
// Delete deletes the given project as the given user
//
// Note:
// Before deletion project's status.phase is set to ProjectTerminating
Delete(userInfo *UserInfo, projectInternalName string) error
// Get returns the project with the given name
Get(userInfo *UserInfo, projectInternalName string, options *ProjectGetOptions) (*kubermaticv1.Project, error)
// Update update an existing project and returns it
Update(userInfo *UserInfo, newProject *kubermaticv1.Project) (*kubermaticv1.Project, error)
// List gets a list of projects, by default it returns all resources.
// If you want to filter the result please set ProjectListOptions
//
// Note that the list is taken from the cache
List(options *ProjectListOptions) ([]*kubermaticv1.Project, error)
}
ProjectProvider declares the set of method for interacting with kubermatic's project
type ReconcilingCloudProvider ¶ added in v2.19.0
type ReconcilingCloudProvider interface {
CloudProvider
ReconcileCluster(*kubermaticv1.Cluster, ClusterUpdater) (*kubermaticv1.Cluster, error)
}
ReconcilingCloudProvider is a cloud provider that can not just created resources once, but is capable of continuously reconciling annd fixing any problems with them.
type RuleGroupListOptions ¶ added in v2.18.0
type RuleGroupListOptions struct {
RuleGroupType kubermaticv1.RuleGroupType
}
type RuleGroupProvider ¶ added in v2.18.0
type RuleGroupProvider interface {
// Get gets the given ruleGroup
Get(userInfo *UserInfo, cluster *kubermaticv1.Cluster, ruleGroupName string) (*kubermaticv1.RuleGroup, error)
// List gets a list of ruleGroups, by default it returns all ruleGroup objects.
// If you would like to filer the result, please set RuleGroupListOptions
List(userInfo *UserInfo, cluster *kubermaticv1.Cluster, options *RuleGroupListOptions) ([]*kubermaticv1.RuleGroup, error)
// Create creates the given ruleGroup
Create(userInfo *UserInfo, ruleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)
// Update updates an ruleGroup
Update(userInfo *UserInfo, newRuleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)
// Delete deletes the ruleGroup with the given name
Delete(userInfo *UserInfo, cluster *kubermaticv1.Cluster, ruleGroupName string) error
}
RuleGroupProvider declares the set of methods for interacting with ruleGroups
type RuleGroupProviderGetter ¶ added in v2.18.0
type RuleGroupProviderGetter = func(seed *kubermaticv1.Seed) (RuleGroupProvider, error)
RuleGroupProviderGetter is used to get an RuleGroupProvider
type SSHKeyListOptions ¶
type SSHKeyListOptions struct {
// ClusterName gets the keys that are being used by the given cluster name
ClusterName string
// SSHKeyName gets the ssh keys with the given name in the spec
SSHKeyName string
}
SSHKeyListOptions allows to set filters that will be applied to filter the result.
type SSHKeyProvider ¶
type SSHKeyProvider interface {
// List gets a list of ssh keys, by default it will get all the keys that belong to the given project.
// If you want to filter the result please take a look at SSHKeyListOptions
//
// Note:
// After we get the list of the keys we could try to get each individually using unprivileged account to see if the user have read access,
List(project *kubermaticv1.Project, options *SSHKeyListOptions) ([]*kubermaticv1.UserSSHKey, error)
// Create creates a ssh key that belongs to the given project
Create(userInfo *UserInfo, project *kubermaticv1.Project, keyName, pubKey string) (*kubermaticv1.UserSSHKey, error)
// Delete deletes the given ssh key
Delete(userInfo *UserInfo, keyName string) error
// Get returns a key with the given name
Get(userInfo *UserInfo, keyName string) (*kubermaticv1.UserSSHKey, error)
// Update simply updates the given key
Update(userInfo *UserInfo, newKey *kubermaticv1.UserSSHKey) (*kubermaticv1.UserSSHKey, error)
}
SSHKeyProvider declares the set of methods for interacting with ssh keys This provider is Project and RBAC compliant
type SecretKeySelectorValueFunc ¶
type SecretKeySelectorValueFunc func(configVar *providerconfig.GlobalSecretKeySelector, key string) (string, error)
SecretKeySelectorValueFunc is used to fetch the value of a config var. Do not build your own implementation, use SecretKeySelectorValueFuncFactory.
func SecretKeySelectorValueFuncFactory ¶
func SecretKeySelectorValueFuncFactory(ctx context.Context, client ctrlruntimeclient.Reader) SecretKeySelectorValueFunc
type SeedClientGetter ¶
type SeedClientGetter = func(seed *kubermaticv1.Seed) (ctrlruntimeclient.Client, error)
SeedClientGetter is used to get a ctrlruntimeclient for a given seed
func SeedClientGetterFactory ¶
func SeedClientGetterFactory(kubeconfigGetter SeedKubeconfigGetter) SeedClientGetter
SeedClientGetterFactory returns a SeedClientGetter. It uses a RestMapperCache to cache the discovery data, which considerably speeds up client creation.
type SeedGetter ¶
type SeedGetter = func() (*kubermaticv1.Seed, error)
SeedGetter is a function to retrieve a single seed
func SeedGetterFactory ¶
func SeedGetterFactory(ctx context.Context, client ctrlruntimeclient.Reader, seedName string, namespace string) (SeedGetter, error)
SeedGetterFactory returns a SeedGetter. It has validation of all its arguments
type SeedKubeconfigGetter ¶
type SeedKubeconfigGetter = func(seed *kubermaticv1.Seed) (*rest.Config, error)
SeedKubeconfigGetter is used to fetch the kubeconfig for a given seed
func SeedKubeconfigGetterFactory ¶
func SeedKubeconfigGetterFactory(ctx context.Context, client ctrlruntimeclient.Client) (SeedKubeconfigGetter, error)
type SeedProvider ¶ added in v2.19.0
type SeedProvider interface {
// UpdateUnsecured updates a Seed
//
// Note that this function:
// is unsafe in a sense that it uses privileged account to update the resource
UpdateUnsecured(seed *kubermaticv1.Seed) (*kubermaticv1.Seed, error)
}
type SeedsGetter ¶
type SeedsGetter = func() (map[string]*kubermaticv1.Seed, error)
SeedsGetter is a function to retrieve a list of seeds
func SeedsGetterFactory ¶
func SeedsGetterFactory(ctx context.Context, client ctrlruntimeclient.Client, namespace string) (SeedsGetter, error)
type ServiceAccountGetOptions ¶
type ServiceAccountGetOptions struct {
// RemovePrefix when set to false will NOT remove "serviceaccount-" prefix from the ID
//
// Note:
// By default the prefix IS removed, for example given "serviceaccount-7d4b5695vb" it returns "7d4b5695vb"
RemovePrefix bool
}
ServiceAccountGetOptions allows to set filters that will be applied to filter the get result.
type ServiceAccountListOptions ¶
type ServiceAccountListOptions struct {
// ServiceAccountName list only service account with the given name
ServiceAccountName string
}
ServiceAccountListOptions allows to set filters that will be applied to filter the result.
type ServiceAccountProvider ¶
type ServiceAccountProvider interface {
CreateProjectServiceAccount(userInfo *UserInfo, project *kubermaticv1.Project, name, group string) (*kubermaticv1.User, error)
ListProjectServiceAccount(userInfo *UserInfo, project *kubermaticv1.Project, options *ServiceAccountListOptions) ([]*kubermaticv1.User, error)
GetProjectServiceAccount(userInfo *UserInfo, name string, options *ServiceAccountGetOptions) (*kubermaticv1.User, error)
UpdateProjectServiceAccount(userInfo *UserInfo, serviceAccount *kubermaticv1.User) (*kubermaticv1.User, error)
DeleteProjectServiceAccount(userInfo *UserInfo, name string) error
}
ServiceAccountProvider declares the set of methods for interacting with kubermatic service account
type ServiceAccountTokenListOptions ¶
type ServiceAccountTokenListOptions struct {
// TokenID list only tokens with the specified ID
TokenID string
// TokenName list only tokens with the specified name
TokenName string
// LabelSelector list only tokens with the specified label
LabelSelector labels.Selector
// TokenID list only tokens which belong to the SA
ServiceAccountID string
}
ServiceAccountTokenListOptions allows to set filters that will be applied to filter the result.
type ServiceAccountTokenProvider ¶
type ServiceAccountTokenProvider interface {
Create(userInfo *UserInfo, sa *kubermaticv1.User, projectID, tokenName, tokenID, tokenData string) (*corev1.Secret, error)
List(userInfo *UserInfo, project *kubermaticv1.Project, sa *kubermaticv1.User, options *ServiceAccountTokenListOptions) ([]*corev1.Secret, error)
Get(userInfo *UserInfo, name string) (*corev1.Secret, error)
Update(userInfo *UserInfo, secret *corev1.Secret) (*corev1.Secret, error)
Delete(userInfo *UserInfo, name string) error
}
ServiceAccountTokenProvider declares the set of methods for interacting with kubermatic service account token
type SettingsProvider ¶
type SettingsProvider interface {
GetGlobalSettings() (*kubermaticv1.KubermaticSetting, error)
UpdateGlobalSettings(userInfo *UserInfo, settings *kubermaticv1.KubermaticSetting) (*kubermaticv1.KubermaticSetting, error)
WatchGlobalSettings() (watch.Interface, error)
}
SettingsProvider declares the set of methods for interacting global settings
type UpdaterOption ¶ added in v2.17.1
type UpdaterOption string
UpdaterOption represent an option for the updater function.
const ( // UpdaterOptionOptimisticLock enables optimistic lock, to fail in case of // potential conflict. UpdaterOptionOptimisticLock UpdaterOption = "OptimisticLock" )
type UpdaterOptions ¶ added in v2.17.1
type UpdaterOptions struct {
OptimisticLock bool
}
UpdaterOptions holds the options for the updater function.
func (*UpdaterOptions) Apply ¶ added in v2.17.1
func (c *UpdaterOptions) Apply(opts ...UpdaterOption) *UpdaterOptions
type UserInfoGetter ¶
UserInfoGetter is a function to retrieve a UserInfo
func UserInfoGetterFactory ¶
func UserInfoGetterFactory(userProjectMapper ProjectMemberMapper) (UserInfoGetter, error)
type UserProvider ¶
type UserProvider interface {
UserByEmail(email string) (*kubermaticv1.User, error)
CreateUser(id, name, email string) (*kubermaticv1.User, error)
UpdateUser(user *kubermaticv1.User) (*kubermaticv1.User, error)
UserByID(id string) (*kubermaticv1.User, error)
AddUserTokenToBlacklist(user *kubermaticv1.User, token string, expiry apiv1.Time) error
GetUserBlacklistTokens(user *kubermaticv1.User) ([]string, error)
WatchUser() (watch.Interface, error)
List() ([]kubermaticv1.User, error)
}
UserProvider declares the set of methods for interacting with kubermatic users
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
aws
Package aws contains the Amazon Web Services (AWS) cloud provider implementation.
|
Package aws contains the Amazon Web Services (AWS) cloud provider implementation. |
|
kubevirt/kubevirtcli/client/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
|
kubevirt/kubevirtcli/client/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
|
kubevirt/kubevirtcli/client/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
|
kubevirt/kubevirtcli/client/versioned/typed/core/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
|
kubevirt/kubevirtcli/client/versioned/typed/core/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
Click to show internal directories.
Click to hide internal directories.