kubernetes

package
v2.21.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 22, 2022 License: Apache-2.0 Imports: 74 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	ClusterTemplateLabelKey         = "template-id"
	ClusterTemplateInstanceLabelKey = "template-instance-id"
)
View Source 
const (
	// NamespacePrefix is the prefix for the cluster namespace.
	NamespacePrefix = "cluster-"
)
View Source 
const (
	ServiceAccountLabelGroup = "initialGroup"
)

Variables

This section is empty.

Functions

func AddonProviderFactory 

func AddonProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter, configGetter provider.KubermaticConfigurationGetter) provider.AddonProviderGetter

func AlertmanagerProviderFactory added in v2.18.0 

func AlertmanagerProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.AlertmanagerProviderGetter

func BackupCredentialsProviderFactory added in v2.18.0 

func BackupCredentialsProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.BackupCredentialsProviderGetter

func ClusterFromNamespace added in v2.21.0 

func ClusterFromNamespace(ctx context.Context, client ctrlruntimeclient.Client, namespace string) (*kubermaticv1.Cluster, error)

ClusterFromNamespace filters all Cluster objects and returns the one where status.namespaceName matches the given namespace. If no such cluster exists, nil is returned (no error).

func ClusterTemplateInstanceProviderFactory added in v2.18.0 

func ClusterTemplateInstanceProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.ClusterTemplateInstanceProviderGetter

func ConstraintProviderFactory added in v2.17.1 

func ConstraintProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.ConstraintProviderGetter

func CreateOrUpdateCredentialSecretForCluster 

func CreateOrUpdateCredentialSecretForCluster(ctx context.Context, seedClient ctrlruntimeclient.Client, cluster *kubermaticv1.Cluster) error

CreateOrUpdateCredentialSecretForCluster creates a new secret for a credential.

func CreateOrUpdateCredentialSecretForClusterWithValidation added in v2.20.0 

func CreateOrUpdateCredentialSecretForClusterWithValidation(ctx context.Context, seedClient ctrlruntimeclient.Client, cluster *kubermaticv1.Cluster, validate *ValidateCredentials) (bool, error)

CreateOrUpdateCredentialSecretForClusterWithValidation creates a new secret for a credential.

func EtcdBackupConfigProjectProviderFactory added in v2.18.0 

func EtcdBackupConfigProjectProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.EtcdBackupConfigProjectProviderGetter

func EtcdBackupConfigProviderFactory added in v2.18.0 

func EtcdBackupConfigProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.EtcdBackupConfigProviderGetter

func EtcdRestoreProjectProviderFactory added in v2.18.0 

func EtcdRestoreProjectProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.EtcdRestoreProjectProviderGetter

func EtcdRestoreProviderFactory added in v2.18.0 

func EtcdRestoreProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.EtcdRestoreProviderGetter

func GetClusterTemplateInstanceName added in v2.18.0 

func GetClusterTemplateInstanceName(projectID, templateID string) string

func GetKubeOneCredentialsSecretName added in v2.21.0 

func GetKubeOneCredentialsSecretName(cloud apiv2.KubeOneCloudSpec) string

func GetKubeOneNamespaceName added in v2.21.0 

func GetKubeOneNamespaceName(externalClusterName string) string

func NamespaceName 

func NamespaceName(clusterName string) string

NamespaceName returns the namespace name for a cluster.

func NewFeatureGatesProvider added in v2.19.0 

func NewFeatureGatesProvider(featureGates features.FeatureGate) provider.FeatureGatesProvider

NewFeatureGatesProvider returns a new provider for feature gates.

func PrivilegedIPAMPoolProviderFactory added in v2.21.0 

func PrivilegedIPAMPoolProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.PrivilegedIPAMPoolProviderGetter

func PrivilegedMLAAdminSettingProviderFactory added in v2.18.0 

func PrivilegedMLAAdminSettingProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.PrivilegedMLAAdminSettingProviderGetter

func PrivilegedOperatingSystemProfileProviderFactory added in v2.21.0 

func PrivilegedOperatingSystemProfileProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.PrivilegedOperatingSystemProfileProviderGetter

func RuleGroupProviderFactory added in v2.18.0 

func RuleGroupProviderFactory(mapper meta.RESTMapper, seedKubeconfigGetter provider.SeedKubeconfigGetter) provider.RuleGroupProviderGetter

Types

type AddonConfigProvider 

type AddonConfigProvider struct {
	// contains filtered or unexported fields
}

AddonConfigProvider struct that holds required components of the AddonConfigProvider.

func NewAddonConfigProvider 

func NewAddonConfigProvider(client ctrlruntimeclient.Client) *AddonConfigProvider

NewAddonConfigProvider returns a new AddonConfigProvider.

func (*AddonConfigProvider) Get 

func (p *AddonConfigProvider) Get(ctx context.Context, addonName string) (*kubermaticv1.AddonConfig, error)

Get addon configuration.

func (*AddonConfigProvider) List 

func (p *AddonConfigProvider) List(ctx context.Context) (*kubermaticv1.AddonConfigList, error)

List available addon configurations.

type AddonProvider 

type AddonProvider struct {
	// contains filtered or unexported fields
}

AddonProvider struct that holds required components of the AddonProvider implementation.

func NewAddonProvider 

func NewAddonProvider(
	clientPrivileged ctrlruntimeclient.Client,
	createSeedImpersonatedClient ImpersonationClient,
	configGetter provider.KubermaticConfigurationGetter) *AddonProvider

NewAddonProvider returns a new addon provider that respects RBAC policies it uses createSeedImpersonatedClient to create a connection that uses user impersonation.

func (*AddonProvider) Delete 

func (p *AddonProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, addonName string) error

Delete deletes the given addon.

func (*AddonProvider) DeleteUnsecured 

func (p *AddonProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, addonName string) error

DeleteUnsecured deletes the given addon

Note that this function: is unsafe in a sense that it uses privileged account to delete the resource.

func (*AddonProvider) Get 

func (p *AddonProvider) Get(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, addonName string) (*kubermaticv1.Addon, error)

Get returns the given addon, it uses the projectInternalName to determine the group the user belongs to.

func (*AddonProvider) GetUnsecured 

func (p *AddonProvider) GetUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, addonName string) (*kubermaticv1.Addon, error)

GetUnsecured returns the given addon

Note that this function: is unsafe in a sense that it uses privileged account to get the resource.

func (*AddonProvider) List 

func (p *AddonProvider) List(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster) ([]*kubermaticv1.Addon, error)

List returns all addons in the given cluster.

func (*AddonProvider) ListUnsecured 

func (p *AddonProvider) ListUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) ([]*kubermaticv1.Addon, error)

func (*AddonProvider) New 

func (p *AddonProvider) New(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, addonName string, variables *runtime.RawExtension, labels map[string]string) (*kubermaticv1.Addon, error)

New creates a new addon in the given cluster.

func (*AddonProvider) NewUnsecured 

func (p *AddonProvider) NewUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, addonName string, variables *runtime.RawExtension, labels map[string]string) (*kubermaticv1.Addon, error)

NewUnsecured creates a new addon in the given cluster

Note that this function: is unsafe in a sense that it uses privileged account to create the resource.

func (*AddonProvider) Update 

func (p *AddonProvider) Update(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, addon *kubermaticv1.Addon) (*kubermaticv1.Addon, error)

Update updates an addon.

func (*AddonProvider) UpdateUnsecured 

func (p *AddonProvider) UpdateUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, addon *kubermaticv1.Addon) (*kubermaticv1.Addon, error)

UpdateUnsecured updates an addon

Note that this function: is unsafe in a sense that it uses privileged account to update the resource.

type AdminProvider 

type AdminProvider struct {
	// contains filtered or unexported fields
}

AdminProvider manages admin resources.

func NewAdminProvider 

func NewAdminProvider(client ctrlruntimeclient.Client) *AdminProvider

NewAdminProvider returns a admin provider.

func (*AdminProvider) GetAdmins 

func (a *AdminProvider) GetAdmins(ctx context.Context, userInfo *provider.UserInfo) ([]kubermaticv1.User, error)

GetAdmins return all users with admin rights.

func (*AdminProvider) SetAdmin 

func (a *AdminProvider) SetAdmin(ctx context.Context, userInfo *provider.UserInfo, email string, isAdmin bool) (*kubermaticv1.User, error)

SetAdmin set/clear admin rights.

type AdmissionPluginsProvider 

type AdmissionPluginsProvider struct {
	// contains filtered or unexported fields
}

AdmissionPluginsProvider is a object to handle admission plugins.

func NewAdmissionPluginsProvider 

func NewAdmissionPluginsProvider(client ctrlruntimeclient.Client) *AdmissionPluginsProvider

func (*AdmissionPluginsProvider) Delete 

func (p *AdmissionPluginsProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, name string) error

func (*AdmissionPluginsProvider) Get 

func (p *AdmissionPluginsProvider) Get(ctx context.Context, userInfo *provider.UserInfo, name string) (*kubermaticv1.AdmissionPlugin, error)

func (*AdmissionPluginsProvider) List 

func (p *AdmissionPluginsProvider) List(ctx context.Context, userInfo *provider.UserInfo) ([]kubermaticv1.AdmissionPlugin, error)

func (*AdmissionPluginsProvider) ListPluginNamesFromVersion 

func (p *AdmissionPluginsProvider) ListPluginNamesFromVersion(ctx context.Context, fromVersion string) ([]string, error)

func (*AdmissionPluginsProvider) Update 

func (p *AdmissionPluginsProvider) Update(ctx context.Context, userInfo *provider.UserInfo, admissionPlugin *kubermaticv1.AdmissionPlugin) (*kubermaticv1.AdmissionPlugin, error)

type AlertmanagerProvider added in v2.18.0 

type AlertmanagerProvider struct {
	// contains filtered or unexported fields
}

AlertmanagerProvider struct that holds required components in order to manage alertmanager objects.

func NewAlertmanagerProvider added in v2.18.0 

func NewAlertmanagerProvider(createSeedImpersonatedClient ImpersonationClient, privilegedClient ctrlruntimeclient.Client) *AlertmanagerProvider

NewAlertmanagerProvider returns an alertmanager provider.

func (*AlertmanagerProvider) Get added in v2.18.0 

func (p *AlertmanagerProvider) Get(ctx context.Context, cluster *kubermaticv1.Cluster, userInfo *provider.UserInfo) (*kubermaticv1.Alertmanager, *corev1.Secret, error)

Get gets an Alertmanager object and Secret which contains the configuration of this Alertmanager.

func (*AlertmanagerProvider) GetUnsecured added in v2.18.0 

func (p *AlertmanagerProvider) GetUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) (*kubermaticv1.Alertmanager, *corev1.Secret, error)

GetUnsecured gets an Alertmanager object and Secret which contains the configuration of this Alertmanager by using a privileged client.

func (*AlertmanagerProvider) Reset added in v2.18.0 

func (p *AlertmanagerProvider) Reset(ctx context.Context, cluster *kubermaticv1.Cluster, userInfo *provider.UserInfo) error

Reset resets corresponding config Secret of Alertmanager object to the default config. This will not remove Alertmanager object, it will only delete the config secret, and alertmanager controller will create default config secret.

func (*AlertmanagerProvider) ResetUnsecured added in v2.18.0 

func (p *AlertmanagerProvider) ResetUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) error

ResetUnsecured resets corresponding config Secret of Alertmanager object to the default config by using a privileged client.

func (*AlertmanagerProvider) Update added in v2.18.0 

func (p *AlertmanagerProvider) Update(ctx context.Context, expectedAlertmanager *kubermaticv1.Alertmanager, expectedSecret *corev1.Secret, userInfo *provider.UserInfo) (*kubermaticv1.Alertmanager, *corev1.Secret, error)

Update updates an Alertmanager object and corresponding config Secret since Alertmanager and Secret will be created by alertmanager configuration controller.

func (*AlertmanagerProvider) UpdateUnsecured added in v2.18.0 

func (p *AlertmanagerProvider) UpdateUnsecured(ctx context.Context, expectedAlertmanager *kubermaticv1.Alertmanager, expectedSecret *corev1.Secret) (*kubermaticv1.Alertmanager, *corev1.Secret, error)

UpdateUnsecured updates an Alertmanager object and corresponding config Secret by using a privileged client.

type ApplicationDefinitionProvider added in v2.21.0 

type ApplicationDefinitionProvider struct {
	// contains filtered or unexported fields
}

After refactoring the master-rbac controller, this provider can make use of the impersonated master client (see https://github.com/kubermatic/kubermatic/pull/10341/commits/42a2df1820e06a4eec354ced7f07e4d3833e5b70 for implementation). However at the writing of this, it would require a large overhaul in the master-rbac-controller for it to handle kubernetes cluster-scoped objects, that have no reference to kubermatic clusters and/or projects. Therefore it was decided to make use of the master client directly for now.

func NewApplicationDefinitionProvider added in v2.21.0 

func NewApplicationDefinitionProvider(privilegedClient ctrlruntimeclient.Client) *ApplicationDefinitionProvider

func (*ApplicationDefinitionProvider) ListUnsecured added in v2.21.0 

func (p *ApplicationDefinitionProvider) ListUnsecured(ctx context.Context) (*appskubermaticv1.ApplicationDefinitionList, error)

type BackupCredentialsProvider added in v2.18.0 

type BackupCredentialsProvider struct {
	// contains filtered or unexported fields
}

BackupCredentialsProvider struct that holds required components in order manage backup credentials.

func NewBackupCredentialsProvider added in v2.18.0 

func NewBackupCredentialsProvider(client ctrlruntimeclient.Client) *BackupCredentialsProvider

NewBackupCredentialsProvider returns a backup credential provider.

func (*BackupCredentialsProvider) CreateUnsecured added in v2.18.0 

func (p *BackupCredentialsProvider) CreateUnsecured(ctx context.Context, credentials *corev1.Secret) (*corev1.Secret, error)

func (*BackupCredentialsProvider) GetUnsecured added in v2.18.0 

func (p *BackupCredentialsProvider) GetUnsecured(ctx context.Context, credentialName string) (*corev1.Secret, error)

func (*BackupCredentialsProvider) UpdateUnsecured added in v2.18.0 

func (p *BackupCredentialsProvider) UpdateUnsecured(ctx context.Context, newSecret *corev1.Secret) (*corev1.Secret, error)

type ClusterProvider 

type ClusterProvider struct {
	// contains filtered or unexported fields
}

ClusterProvider struct that holds required components in order to provide cluster provided that is RBAC compliant.

func NewClusterProvider 

func NewClusterProvider(
	cfg *restclient.Config,
	createSeedImpersonatedClient ImpersonationClient,
	userClusterConnProvider UserClusterConnectionProvider,
	workerName string,
	extractGroupPrefix extractGroupPrefixFunc,
	client ctrlruntimeclient.Client,
	k8sClient kubernetes.Interface,
	oidcKubeConfEndpoint bool,
	versions kubermatic.Versions,
	seed *kubermaticv1.Seed) *ClusterProvider

NewClusterProvider returns a new cluster provider that respects RBAC policies it uses createSeedImpersonatedClient to create a connection that uses user impersonation.

func (*ClusterProvider) Delete 

func (p *ClusterProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster) error

Delete deletes the given cluster.

func (*ClusterProvider) DeleteUnsecured 

func (p *ClusterProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) error

DeleteUnsecured deletes a cluster.

Note that the admin privileges are used to delete cluster.

func (*ClusterProvider) Get 

func (p *ClusterProvider) Get(ctx context.Context, userInfo *provider.UserInfo, clusterName string, options *provider.ClusterGetOptions) (*kubermaticv1.Cluster, error)

Get returns the given cluster, it uses the projectInternalName to determine the group the user belongs to.

func (*ClusterProvider) GetAdminClientConfigForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetAdminClientConfigForUserCluster(ctx context.Context, c *kubermaticv1.Cluster) (*restclient.Config, error)

GetAdminClientConfigForUserCluster returns a client config

Note that the client you will get has admin privileges.

func (*ClusterProvider) GetAdminClientForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetAdminClientForUserCluster(ctx context.Context, c *kubermaticv1.Cluster) (ctrlruntimeclient.Client, error)

GetAdminClientForUserCluster returns a client to interact with all resources in the given cluster

Note that the client you will get has admin privileges.

func (*ClusterProvider) GetAdminK8sClientForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetAdminK8sClientForUserCluster(ctx context.Context, c *kubermaticv1.Cluster) (kubernetes.Interface, error)

GetAdminK8sClientForUserCluster returns a k8s go client to interact with all resources in the given cluster

Note that the client you will get has admin privileges.

func (*ClusterProvider) GetAdminKubeconfigForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetAdminKubeconfigForUserCluster(ctx context.Context, c *kubermaticv1.Cluster) (*clientcmdapi.Config, error)

GetAdminKubeconfigForUserCluster returns the admin kubeconfig for the given cluster.

func (*ClusterProvider) GetClientForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetClientForUserCluster(ctx context.Context, userInfo *provider.UserInfo, c *kubermaticv1.Cluster) (ctrlruntimeclient.Client, error)

GetClientForUserCluster returns a client to interact with all resources in the given cluster

Note that the client doesn't use admin account instead it authn/authz as userInfo(email, group) This implies that you have to make sure the user has the appropriate permissions inside the user cluster.

func (*ClusterProvider) GetSeedClusterAdminClient 

func (p *ClusterProvider) GetSeedClusterAdminClient() kubernetes.Interface

GetSeedClusterAdminClient returns a kubernetes client to interact with the seed cluster resources.

Note that this client has admin privileges in the seed cluster.

func (*ClusterProvider) GetSeedClusterAdminRuntimeClient 

func (p *ClusterProvider) GetSeedClusterAdminRuntimeClient() ctrlruntimeclient.Client

GetSeedClusterAdminRuntimeClient returns a runtime client to interact with the seed cluster resources.

Note that this client has admin privileges in the seed cluster.

func (*ClusterProvider) GetSeedName added in v2.19.0 

func (p *ClusterProvider) GetSeedName() string

GetSeedName gets the seed name of the cluster.

func (*ClusterProvider) GetTokenForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetTokenForUserCluster(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster) (string, error)

func (*ClusterProvider) GetUnsecured 

func (p *ClusterProvider) GetUnsecured(ctx context.Context, project *kubermaticv1.Project, clusterName string, options *provider.ClusterGetOptions) (*kubermaticv1.Cluster, error)

GetUnsecured returns a cluster for the project and given name.

Note that the admin privileges are used to get cluster.

func (*ClusterProvider) GetViewerKubeconfigForUserCluster added in v2.21.0 

func (p *ClusterProvider) GetViewerKubeconfigForUserCluster(ctx context.Context, c *kubermaticv1.Cluster) (*clientcmdapi.Config, error)

GetViewerKubeconfigForUserCluster returns the viewer kubeconfig for the given cluster.

func (*ClusterProvider) IsCluster added in v2.16.3 

func (p *ClusterProvider) IsCluster(ctx context.Context, clusterName string) bool

IsCluster checks if cluster exist with the given name.

func (*ClusterProvider) List 

func (p *ClusterProvider) List(ctx context.Context, project *kubermaticv1.Project, options *provider.ClusterListOptions) (*kubermaticv1.ClusterList, error)

List gets all clusters that belong to the given project If you want to filter the result please take a look at ClusterListOptions

Note: After we get the list of clusters we could try to get each cluster individually using unprivileged account to see if the user have read access, We don't do this because we assume that if the user was able to get the project (argument) it has to have at least read access.

func (*ClusterProvider) ListAll 

func (p *ClusterProvider) ListAll(ctx context.Context, labelSelector labels.Selector) (*kubermaticv1.ClusterList, error)

ListAll gets all clusters

Note that the admin privileges are used to list all clusters.

func (*ClusterProvider) New 

func (p *ClusterProvider) New(ctx context.Context, project *kubermaticv1.Project, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster) (*kubermaticv1.Cluster, error)

New creates a brand new cluster that is bound to the given project.

Note that the admin privileges are used to set the cluster status.

func (*ClusterProvider) NewUnsecured 

func (p *ClusterProvider) NewUnsecured(ctx context.Context, project *kubermaticv1.Project, cluster *kubermaticv1.Cluster, userEmail string) (*kubermaticv1.Cluster, error)

NewUnsecured creates a brand new cluster that is bound to the given project.

Note that the admin privileges are used to create cluster.

func (*ClusterProvider) RevokeAdminKubeconfig 

func (p *ClusterProvider) RevokeAdminKubeconfig(ctx context.Context, c *kubermaticv1.Cluster) error

RevokeAdminKubeconfig revokes the viewer token and kubeconfig.

func (*ClusterProvider) RevokeViewerKubeconfig 

func (p *ClusterProvider) RevokeViewerKubeconfig(ctx context.Context, c *kubermaticv1.Cluster) error

RevokeViewerKubeconfig revokes the viewer token and kubeconfig.

func (*ClusterProvider) SeedAdminConfig 

func (p *ClusterProvider) SeedAdminConfig() *restclient.Config

SeedAdminConfig return an admin kubeconfig for the seed. This function does not perform any kind of access control. Try to not use it.

func (*ClusterProvider) Update 

func (p *ClusterProvider) Update(ctx context.Context, project *kubermaticv1.Project, userInfo *provider.UserInfo, newCluster *kubermaticv1.Cluster) (*kubermaticv1.Cluster, error)

Update updates a cluster.

func (*ClusterProvider) UpdateUnsecured 

func (p *ClusterProvider) UpdateUnsecured(ctx context.Context, project *kubermaticv1.Project, cluster *kubermaticv1.Cluster) (*kubermaticv1.Cluster, error)

UpdateUnsecured updates a cluster.

Note that the admin privileges are used to update cluster.

type ClusterTemplateInstanceProvider added in v2.18.0 

type ClusterTemplateInstanceProvider struct {
	// contains filtered or unexported fields
}

AlertmanagerProvider struct that holds required components in order to manage alertmanager objects.

func NewClusterTemplateInstanceProvider added in v2.18.0 

func NewClusterTemplateInstanceProvider(createSeedImpersonatedClient ImpersonationClient, privilegedClient ctrlruntimeclient.Client) *ClusterTemplateInstanceProvider

ClusterTemplateInstanceProvider returns provider.

func (ClusterTemplateInstanceProvider) Create added in v2.18.0 

func (r ClusterTemplateInstanceProvider) Create(ctx context.Context, userInfo *provider.UserInfo, template *kubermaticv1.ClusterTemplate, project *kubermaticv1.Project, replicas int64) (*kubermaticv1.ClusterTemplateInstance, error)

func (ClusterTemplateInstanceProvider) CreateUnsecured added in v2.18.0 

func (r ClusterTemplateInstanceProvider) CreateUnsecured(ctx context.Context, userInfo *provider.UserInfo, template *kubermaticv1.ClusterTemplate, project *kubermaticv1.Project, replicas int64) (*kubermaticv1.ClusterTemplateInstance, error)

func (ClusterTemplateInstanceProvider) Get added in v2.18.0 

func (r ClusterTemplateInstanceProvider) Get(ctx context.Context, userInfo *provider.UserInfo, name string) (*kubermaticv1.ClusterTemplateInstance, error)

func (ClusterTemplateInstanceProvider) GetUnsecured added in v2.18.0 

func (r ClusterTemplateInstanceProvider) GetUnsecured(ctx context.Context, name string) (*kubermaticv1.ClusterTemplateInstance, error)

func (ClusterTemplateInstanceProvider) List added in v2.18.0 

func (r ClusterTemplateInstanceProvider) List(ctx context.Context, userInfo *provider.UserInfo, options provider.ClusterTemplateInstanceListOptions) (*kubermaticv1.ClusterTemplateInstanceList, error)

func (ClusterTemplateInstanceProvider) ListUnsecured added in v2.18.0 

func (r ClusterTemplateInstanceProvider) ListUnsecured(ctx context.Context, options provider.ClusterTemplateInstanceListOptions) (*kubermaticv1.ClusterTemplateInstanceList, error)

func (ClusterTemplateInstanceProvider) Patch added in v2.18.0 

func (r ClusterTemplateInstanceProvider) Patch(ctx context.Context, userInfo *provider.UserInfo, instance *kubermaticv1.ClusterTemplateInstance) (*kubermaticv1.ClusterTemplateInstance, error)

func (ClusterTemplateInstanceProvider) PatchUnsecured added in v2.18.0 

func (r ClusterTemplateInstanceProvider) PatchUnsecured(ctx context.Context, instance *kubermaticv1.ClusterTemplateInstance) (*kubermaticv1.ClusterTemplateInstance, error)

type ClusterTemplateProvider added in v2.18.0 

type ClusterTemplateProvider struct {
	// contains filtered or unexported fields
}

ClusterTemplateProvider struct that holds required components in order manage cluster templates.

func NewClusterTemplateProvider added in v2.18.0 

func NewClusterTemplateProvider(createMasterImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) (*ClusterTemplateProvider, error)

NewClusterTemplateProvider returns a cluster template provider.

func (*ClusterTemplateProvider) Delete added in v2.18.0 

func (p *ClusterTemplateProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, projectID, templateID string) error

func (*ClusterTemplateProvider) Get added in v2.18.0 

func (p *ClusterTemplateProvider) Get(ctx context.Context, userInfo *provider.UserInfo, projectID, templateID string) (*kubermaticv1.ClusterTemplate, error)

func (*ClusterTemplateProvider) List added in v2.18.0 

func (p *ClusterTemplateProvider) List(ctx context.Context, userInfo *provider.UserInfo, projectID string) ([]kubermaticv1.ClusterTemplate, error)

func (*ClusterTemplateProvider) ListALL added in v2.21.0 

func (p *ClusterTemplateProvider) ListALL(ctx context.Context, labelSelector labels.Selector) ([]kubermaticv1.ClusterTemplate, error)

func (*ClusterTemplateProvider) New added in v2.18.0 

func (p *ClusterTemplateProvider) New(ctx context.Context, userInfo *provider.UserInfo, newClusterTemplate *kubermaticv1.ClusterTemplate, scope, projectID string) (*kubermaticv1.ClusterTemplate, error)

type ConstraintProvider added in v2.16.3 

type ConstraintProvider struct {
	// contains filtered or unexported fields
}

ConstraintProvider struct that holds required components in order manage constraints.

func NewConstraintProvider added in v2.16.3 

func NewConstraintProvider(createSeedImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) (*ConstraintProvider, error)

NewConstraintProvider returns a constraint provider.

func (*ConstraintProvider) Create added in v2.16.3 

func (p *ConstraintProvider) Create(ctx context.Context, userInfo *provider.UserInfo, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)

func (*ConstraintProvider) CreateUnsecured added in v2.16.3 

func (p *ConstraintProvider) CreateUnsecured(ctx context.Context, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)

func (*ConstraintProvider) Delete added in v2.16.3 

func (p *ConstraintProvider) Delete(ctx context.Context, cluster *kubermaticv1.Cluster, userInfo *provider.UserInfo, name string) error

Delete deletes a constraint.

func (*ConstraintProvider) DeleteUnsecured added in v2.16.3 

func (p *ConstraintProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, name string) error

DeleteUnsecured deletes a constraint using a privileged client.

func (*ConstraintProvider) Get added in v2.16.3 

func (p *ConstraintProvider) Get(ctx context.Context, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.Constraint, error)

Get gets a constraint using a privileged client.

func (*ConstraintProvider) List added in v2.16.3 

func (p *ConstraintProvider) List(ctx context.Context, cluster *kubermaticv1.Cluster) (*kubermaticv1.ConstraintList, error)

List gets all constraints.

func (*ConstraintProvider) Update added in v2.16.3 

func (p *ConstraintProvider) Update(ctx context.Context, userInfo *provider.UserInfo, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)

func (*ConstraintProvider) UpdateUnsecured added in v2.16.3 

func (p *ConstraintProvider) UpdateUnsecured(ctx context.Context, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)

type ConstraintTemplateProvider added in v2.16.3 

type ConstraintTemplateProvider struct {
	// contains filtered or unexported fields
}

ConstraintTemplateProvider struct that holds required components in order manage constraint templates.

func NewConstraintTemplateProvider added in v2.16.3 

func NewConstraintTemplateProvider(createMasterImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) (*ConstraintTemplateProvider, error)

NewConstraintTemplateProvider returns a constraint template provider.

func (*ConstraintTemplateProvider) Create added in v2.16.3 

func (p *ConstraintTemplateProvider) Create(ctx context.Context, ct *kubermaticv1.ConstraintTemplate) (*kubermaticv1.ConstraintTemplate, error)

Create creates a constraint template.

func (*ConstraintTemplateProvider) Delete added in v2.16.3 

func (p *ConstraintTemplateProvider) Delete(ctx context.Context, ct *kubermaticv1.ConstraintTemplate) error

Delete deletes a constraint template.

func (*ConstraintTemplateProvider) Get added in v2.16.3 

func (p *ConstraintTemplateProvider) Get(ctx context.Context, name string) (*kubermaticv1.ConstraintTemplate, error)

Get gets a constraint template.

func (*ConstraintTemplateProvider) List added in v2.16.3 

func (p *ConstraintTemplateProvider) List(ctx context.Context) (*kubermaticv1.ConstraintTemplateList, error)

List gets all constraint templates.

func (*ConstraintTemplateProvider) Update added in v2.16.3 

func (p *ConstraintTemplateProvider) Update(ctx context.Context, ct *kubermaticv1.ConstraintTemplate) (*kubermaticv1.ConstraintTemplate, error)

Update updates a constraint template.

type DefaultConstraintProvider added in v2.18.0 

type DefaultConstraintProvider struct {
	// contains filtered or unexported fields
}

DefaultConstraintProvider struct that holds required components in order manage constraints.

func NewDefaultConstraintProvider added in v2.18.0 

func NewDefaultConstraintProvider(createMasterImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client, namespace string) (*DefaultConstraintProvider, error)

NewDefaultConstraintProvider returns a default constraint provider.

func (*DefaultConstraintProvider) Create added in v2.18.0 

func (p *DefaultConstraintProvider) Create(ctx context.Context, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)

func (*DefaultConstraintProvider) Delete added in v2.18.0 

func (p *DefaultConstraintProvider) Delete(ctx context.Context, name string) error

func (*DefaultConstraintProvider) Get added in v2.18.0 

func (p *DefaultConstraintProvider) Get(ctx context.Context, name string) (*kubermaticv1.Constraint, error)

func (*DefaultConstraintProvider) List added in v2.18.0 

func (p *DefaultConstraintProvider) List(ctx context.Context) (*kubermaticv1.ConstraintList, error)

func (*DefaultConstraintProvider) Update added in v2.18.0 

func (p *DefaultConstraintProvider) Update(ctx context.Context, constraint *kubermaticv1.Constraint) (*kubermaticv1.Constraint, error)

type DefaultImpersonationClient 

type DefaultImpersonationClient struct {
	// contains filtered or unexported fields
}

DefaultImpersonationClient knows how to create impersonated client set.

func NewImpersonationClient 

func NewImpersonationClient(cfg *restclient.Config, restMapper meta.RESTMapper) *DefaultImpersonationClient

NewImpersonationClient creates a new default impersonation client that knows how to create Interface client for a impersonated user.

func (*DefaultImpersonationClient) CreateImpersonatedClient 

func (d *DefaultImpersonationClient) CreateImpersonatedClient(impCfg restclient.ImpersonationConfig) (ctrlruntimeclient.Client, error)

CreateImpersonatedClient actually creates impersonated client set for the given user.

type EtcdBackupConfigProjectProvider added in v2.18.0 

type EtcdBackupConfigProjectProvider struct {
	// contains filtered or unexported fields
}

EtcdBackupConfigProjectProvider struct that holds required components in order manage etcd backup backupConfigs across projects.

func NewEtcdBackupConfigProjectProvider added in v2.18.0 

func NewEtcdBackupConfigProjectProvider(createSeedImpersonatedClients map[string]ImpersonationClient, clients map[string]ctrlruntimeclient.Client) *EtcdBackupConfigProjectProvider

NewEtcdBackupConfigProjectProvider returns an etcd backupConfig global provider.

func (*EtcdBackupConfigProjectProvider) List added in v2.18.0 

func (p *EtcdBackupConfigProjectProvider) List(ctx context.Context, userInfo *provider.UserInfo, projectID string) ([]*kubermaticv1.EtcdBackupConfigList, error)

func (*EtcdBackupConfigProjectProvider) ListUnsecured added in v2.18.0 

func (p *EtcdBackupConfigProjectProvider) ListUnsecured(ctx context.Context, projectID string) ([]*kubermaticv1.EtcdBackupConfigList, error)

type EtcdBackupConfigProvider added in v2.18.0 

type EtcdBackupConfigProvider struct {
	// contains filtered or unexported fields
}

EtcdBackupConfigProvider struct that holds required components in order manage etcd backup configs.

func NewEtcdBackupConfigProvider added in v2.18.0 

func NewEtcdBackupConfigProvider(createSeedImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) *EtcdBackupConfigProvider

NewEtcdBackupConfigProvider returns a constraint provider.

func (*EtcdBackupConfigProvider) Create added in v2.18.0 

func (p *EtcdBackupConfigProvider) Create(ctx context.Context, userInfo *provider.UserInfo, etcdBackupConfig *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)

func (*EtcdBackupConfigProvider) CreateUnsecured added in v2.18.0 

func (p *EtcdBackupConfigProvider) CreateUnsecured(ctx context.Context, etcdBackupConfig *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)

func (*EtcdBackupConfigProvider) Delete added in v2.18.0 

func (p *EtcdBackupConfigProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, name string) error

func (*EtcdBackupConfigProvider) DeleteUnsecured added in v2.18.0 

func (p *EtcdBackupConfigProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, name string) error

func (*EtcdBackupConfigProvider) Get added in v2.18.0 

func (p *EtcdBackupConfigProvider) Get(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdBackupConfig, error)

func (*EtcdBackupConfigProvider) GetUnsecured added in v2.18.0 

func (p *EtcdBackupConfigProvider) GetUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdBackupConfig, error)

func (*EtcdBackupConfigProvider) List added in v2.18.0 

func (p *EtcdBackupConfigProvider) List(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdBackupConfigList, error)

func (*EtcdBackupConfigProvider) ListUnsecured added in v2.18.0 

func (p *EtcdBackupConfigProvider) ListUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdBackupConfigList, error)

func (*EtcdBackupConfigProvider) Patch added in v2.18.0 

func (p *EtcdBackupConfigProvider) Patch(ctx context.Context, userInfo *provider.UserInfo, oldConfig, newConfig *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)

func (*EtcdBackupConfigProvider) PatchUnsecured added in v2.18.0 

func (p *EtcdBackupConfigProvider) PatchUnsecured(ctx context.Context, oldConfig, newConfig *kubermaticv1.EtcdBackupConfig) (*kubermaticv1.EtcdBackupConfig, error)

type EtcdRestoreProjectProvider added in v2.18.0 

type EtcdRestoreProjectProvider struct {
	// contains filtered or unexported fields
}

EtcdRestoreProjectProvider struct that holds required components in order manage etcd backup restores across projects.

func NewEtcdRestoreProjectProvider added in v2.18.0 

func NewEtcdRestoreProjectProvider(createSeedImpersonatedClients map[string]ImpersonationClient, clients map[string]ctrlruntimeclient.Client) *EtcdRestoreProjectProvider

NewEtcdRestoreProjectProvider returns an etcd restore global provider.

func (*EtcdRestoreProjectProvider) List added in v2.18.0 

func (p *EtcdRestoreProjectProvider) List(ctx context.Context, userInfo *provider.UserInfo, projectID string) ([]*kubermaticv1.EtcdRestoreList, error)

func (*EtcdRestoreProjectProvider) ListUnsecured added in v2.18.0 

func (p *EtcdRestoreProjectProvider) ListUnsecured(ctx context.Context, projectID string) ([]*kubermaticv1.EtcdRestoreList, error)

type EtcdRestoreProvider added in v2.18.0 

type EtcdRestoreProvider struct {
	// contains filtered or unexported fields
}

EtcdRestoreProvider struct that holds required components in order manage etcd backup configs.

func NewEtcdRestoreProvider added in v2.18.0 

func NewEtcdRestoreProvider(createSeedImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) *EtcdRestoreProvider

NewEtcdRestoreProvider returns a etcd restore provider.

func (*EtcdRestoreProvider) Create added in v2.18.0 

func (p *EtcdRestoreProvider) Create(ctx context.Context, userInfo *provider.UserInfo, etcdRestore *kubermaticv1.EtcdRestore) (*kubermaticv1.EtcdRestore, error)

func (*EtcdRestoreProvider) CreateUnsecured added in v2.18.0 

func (p *EtcdRestoreProvider) CreateUnsecured(ctx context.Context, etcdRestore *kubermaticv1.EtcdRestore) (*kubermaticv1.EtcdRestore, error)

func (*EtcdRestoreProvider) Delete added in v2.18.0 

func (p *EtcdRestoreProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, name string) error

func (*EtcdRestoreProvider) DeleteUnsecured added in v2.18.0 

func (p *EtcdRestoreProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, name string) error

func (*EtcdRestoreProvider) Get added in v2.18.0 

func (p *EtcdRestoreProvider) Get(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdRestore, error)

func (*EtcdRestoreProvider) GetUnsecured added in v2.18.0 

func (p *EtcdRestoreProvider) GetUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster, name string) (*kubermaticv1.EtcdRestore, error)

func (*EtcdRestoreProvider) List added in v2.18.0 

func (p *EtcdRestoreProvider) List(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdRestoreList, error)

func (*EtcdRestoreProvider) ListUnsecured added in v2.18.0 

func (p *EtcdRestoreProvider) ListUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) (*kubermaticv1.EtcdRestoreList, error)

type EventRecorder 

type EventRecorder struct {
	// contains filtered or unexported fields
}

EventRecorder gives option to record events for objects. They can be then read from them using K8S API.

func NewEventRecorder 

func NewEventRecorder() *EventRecorder

NewEventRecorder returns a new event recorder provider object. See EventRecorder for more information.

func (*EventRecorder) ClusterRecorderFor 

func (e *EventRecorder) ClusterRecorderFor(client kubernetes.Interface) record.EventRecorder

ClusterRecorderFor returns an event recorder that will be able to record events for objects in the cluster accessible using provided client.

type ExternalClusterProvider 

type ExternalClusterProvider struct {
	// contains filtered or unexported fields
}

ExternalClusterProvider struct that holds required components in order to provide connection to the cluster.

func NewExternalClusterProvider 

func NewExternalClusterProvider(createMasterImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) (*ExternalClusterProvider, error)

NewExternalClusterProvider returns an external cluster provider.

func (*ExternalClusterProvider) CreateKubeOneClusterNamespace added in v2.21.0 

func (p *ExternalClusterProvider) CreateKubeOneClusterNamespace(ctx context.Context, externalCluster *kubermaticv1.ExternalCluster) error

func (*ExternalClusterProvider) CreateOrUpdateCredentialSecretForCluster added in v2.19.0 

func (p *ExternalClusterProvider) CreateOrUpdateCredentialSecretForCluster(ctx context.Context, cloud *apiv2.ExternalClusterCloudSpec, projectID, clusterID string) (*providerconfig.GlobalSecretKeySelector, error)

func (*ExternalClusterProvider) CreateOrUpdateKubeOneCredentialSecret added in v2.21.0 

func (p *ExternalClusterProvider) CreateOrUpdateKubeOneCredentialSecret(ctx context.Context, cloud apiv2.KubeOneCloudSpec, externalCluster *kubermaticv1.ExternalCluster) error

CreateOrUpdateKubeOneCredentialSecret creates a new secret for a credential.

func (*ExternalClusterProvider) CreateOrUpdateKubeOneManifestSecret added in v2.21.0 

func (p *ExternalClusterProvider) CreateOrUpdateKubeOneManifestSecret(ctx context.Context, encodedManifest string, externalCluster *kubermaticv1.ExternalCluster) error

func (*ExternalClusterProvider) CreateOrUpdateKubeOneSSHSecret added in v2.21.0 

func (p *ExternalClusterProvider) CreateOrUpdateKubeOneSSHSecret(ctx context.Context, sshKey apiv2.KubeOneSSHKey, externalCluster *kubermaticv1.ExternalCluster) error

func (*ExternalClusterProvider) CreateOrUpdateKubeconfigSecretForCluster 

func (p *ExternalClusterProvider) CreateOrUpdateKubeconfigSecretForCluster(ctx context.Context, cluster *kubermaticv1.ExternalCluster, kubeconfig []byte) error

func (*ExternalClusterProvider) Delete 

func (p *ExternalClusterProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.ExternalCluster) error

Delete deletes the given cluster.

func (*ExternalClusterProvider) DeleteUnsecured 

func (p *ExternalClusterProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.ExternalCluster) error

DeleteUnsecured deletes an external cluster.

Note that the admin privileges are used to delete cluster.

func (*ExternalClusterProvider) GenerateClient 

func (p *ExternalClusterProvider) GenerateClient(cfg *clientcmdapi.Config) (ctrlruntimeclient.Client, error)

func (*ExternalClusterProvider) Get 

func (p *ExternalClusterProvider) Get(ctx context.Context, userInfo *provider.UserInfo, clusterName string) (*kubermaticv1.ExternalCluster, error)

Get returns the given cluster.

func (*ExternalClusterProvider) GetClient 

func (p *ExternalClusterProvider) GetClient(ctx context.Context, cluster *kubermaticv1.ExternalCluster) (ctrlruntimeclient.Client, error)

func (*ExternalClusterProvider) GetMasterClient added in v2.19.0 

func (p *ExternalClusterProvider) GetMasterClient() ctrlruntimeclient.Client

func (*ExternalClusterProvider) GetNode 

func (p *ExternalClusterProvider) GetNode(ctx context.Context, cluster *kubermaticv1.ExternalCluster, nodeName string) (*corev1.Node, error)

func (*ExternalClusterProvider) GetProviderPoolNodes added in v2.21.0 

func (p *ExternalClusterProvider) GetProviderPoolNodes(ctx context.Context,
	cluster *kubermaticv1.ExternalCluster,
	providerNodeLabel, providerNodePoolName string,
) ([]corev1.Node, error)

func (*ExternalClusterProvider) GetUnsecured 

func (p *ExternalClusterProvider) GetUnsecured(ctx context.Context, clusterName string) (*kubermaticv1.ExternalCluster, error)

GetUnsecured returns an external cluster for the project and given name.

Note that the admin privileges are used to get cluster.

func (*ExternalClusterProvider) GetVersion 

func (p *ExternalClusterProvider) GetVersion(ctx context.Context, cluster *kubermaticv1.ExternalCluster) (*ksemver.Semver, error)

func (*ExternalClusterProvider) IsMetricServerAvailable 

func (p *ExternalClusterProvider) IsMetricServerAvailable(ctx context.Context, cluster *kubermaticv1.ExternalCluster) (bool, error)

func (*ExternalClusterProvider) List 

func (p *ExternalClusterProvider) List(ctx context.Context, project *kubermaticv1.Project) (*kubermaticv1.ExternalClusterList, error)

List gets all external clusters that belong to the given project.

func (*ExternalClusterProvider) ListNodes 

func (p *ExternalClusterProvider) ListNodes(ctx context.Context, cluster *kubermaticv1.ExternalCluster) (*corev1.NodeList, error)

func (*ExternalClusterProvider) New 

func (p *ExternalClusterProvider) New(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)

New creates a brand new external cluster in the system with the given name.

func (*ExternalClusterProvider) NewUnsecured 

func (p *ExternalClusterProvider) NewUnsecured(ctx context.Context, project *kubermaticv1.Project, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)

NewUnsecured creates a brand new external cluster in the system with the given name

Note that this function: is unsafe in a sense that it uses privileged account to create the resource.

func (*ExternalClusterProvider) Update 

func (p *ExternalClusterProvider) Update(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)

Update updates the given cluster.

func (*ExternalClusterProvider) UpdateUnsecured 

func (p *ExternalClusterProvider) UpdateUnsecured(ctx context.Context, cluster *kubermaticv1.ExternalCluster) (*kubermaticv1.ExternalCluster, error)

Update updates the given cluster.

func (*ExternalClusterProvider) ValidateKubeconfig added in v2.21.0 

func (p *ExternalClusterProvider) ValidateKubeconfig(ctx context.Context, kubeconfig []byte) error

func (*ExternalClusterProvider) VersionsEndpoint added in v2.21.0 

func (p *ExternalClusterProvider) VersionsEndpoint(ctx context.Context, configGetter provider.KubermaticConfigurationGetter, providerType kubermaticv1.ExternalClusterProviderType) ([]apiv1.MasterVersion, error)

type ImpersonationClient added in v2.18.0 

type ImpersonationClient func(impCfg restclient.ImpersonationConfig) (ctrlruntimeclient.Client, error)

ImpersonationClient gives runtime controller client that uses user impersonation.

type PresetProvider added in v2.19.0 

type PresetProvider struct {
	// contains filtered or unexported fields
}

PresetProvider is a object to handle presets from a predefined config.

func NewPresetProvider added in v2.19.0 

func NewPresetProvider(client ctrlruntimeclient.Client) (*PresetProvider, error)

func (*PresetProvider) CreatePreset added in v2.19.0 

func (m *PresetProvider) CreatePreset(ctx context.Context, preset *kubermaticv1.Preset) (*kubermaticv1.Preset, error)

func (*PresetProvider) DeletePreset added in v2.19.0 

func (m *PresetProvider) DeletePreset(ctx context.Context, preset *kubermaticv1.Preset) (*kubermaticv1.Preset, error)

DeletePreset delete Preset.

func (*PresetProvider) GetPreset added in v2.19.0 

func (m *PresetProvider) GetPreset(ctx context.Context, userInfo *provider.UserInfo, name string) (*kubermaticv1.Preset, error)

GetPreset returns preset with the name which belong to the specific email group.

func (*PresetProvider) GetPresets added in v2.19.0 

func (m *PresetProvider) GetPresets(ctx context.Context, userInfo *provider.UserInfo) ([]kubermaticv1.Preset, error)

GetPresets returns presets which belong to the specific email group and for all users.

func (*PresetProvider) SetCloudCredentials added in v2.19.0 

func (m *PresetProvider) SetCloudCredentials(ctx context.Context, userInfo *provider.UserInfo, presetName string, cloud kubermaticv1.CloudSpec, dc *kubermaticv1.Datacenter) (*kubermaticv1.CloudSpec, error)

func (*PresetProvider) UpdatePreset added in v2.19.0 

func (m *PresetProvider) UpdatePreset(ctx context.Context, preset *kubermaticv1.Preset) (*kubermaticv1.Preset, error)

type PrivilegedAllowedRegistryProvider added in v2.18.0 

type PrivilegedAllowedRegistryProvider struct {
	// contains filtered or unexported fields
}

PrivilegedAllowedRegistryProvider struct that holds required components in order manage allowed registries.

func NewAllowedRegistryPrivilegedProvider added in v2.18.0 

func NewAllowedRegistryPrivilegedProvider(client ctrlruntimeclient.Client) (*PrivilegedAllowedRegistryProvider, error)

NewAllowedRegistryProvider returns a allowed registry provider.

func (*PrivilegedAllowedRegistryProvider) CreateUnsecured added in v2.18.0 

func (p *PrivilegedAllowedRegistryProvider) CreateUnsecured(ctx context.Context, wr *kubermaticv1.AllowedRegistry) (*kubermaticv1.AllowedRegistry, error)

CreateUnsecured creates a allowed registry.

func (*PrivilegedAllowedRegistryProvider) DeleteUnsecured added in v2.18.0 

func (p *PrivilegedAllowedRegistryProvider) DeleteUnsecured(ctx context.Context, name string) error

DeleteUnsecured deletes a allowed registry.

func (*PrivilegedAllowedRegistryProvider) GetUnsecured added in v2.18.0 

func (p *PrivilegedAllowedRegistryProvider) GetUnsecured(ctx context.Context, name string) (*kubermaticv1.AllowedRegistry, error)

GetUnsecured gets a allowed registry.

func (*PrivilegedAllowedRegistryProvider) ListUnsecured added in v2.18.0 

func (p *PrivilegedAllowedRegistryProvider) ListUnsecured(ctx context.Context) (*kubermaticv1.AllowedRegistryList, error)

ListUnsecured lists a allowed registries.

func (*PrivilegedAllowedRegistryProvider) UpdateUnsecured added in v2.18.0 

func (p *PrivilegedAllowedRegistryProvider) UpdateUnsecured(ctx context.Context, ar *kubermaticv1.AllowedRegistry) (*kubermaticv1.AllowedRegistry, error)

UpdateUnsecured updates the allowed registry.

type PrivilegedIPAMPoolProvider added in v2.21.0 

type PrivilegedIPAMPoolProvider struct {
	// contains filtered or unexported fields
}

PrivilegedIPAMPoolProvider struct that holds required components of the PrivilegedIPAMPoolProvider.

func NewPrivilegedIPAMPoolProvider added in v2.21.0 

func NewPrivilegedIPAMPoolProvider(privilegedClient ctrlruntimeclient.Client) *PrivilegedIPAMPoolProvider

NewPrivilegedIPAMPoolProvider returns a new PrivilegedIPAMPoolProvider.

func (*PrivilegedIPAMPoolProvider) CreateUnsecured added in v2.21.0 

func (p *PrivilegedIPAMPoolProvider) CreateUnsecured(ctx context.Context, ipamPool *kubermaticv1.IPAMPool) error

CreateUnsecured creates a IPAM pool.

func (*PrivilegedIPAMPoolProvider) DeleteUnsecured added in v2.21.0 

func (p *PrivilegedIPAMPoolProvider) DeleteUnsecured(ctx context.Context, ipamPoolName string) error

DeleteUnsecured deletes IPAM pool by name.

func (*PrivilegedIPAMPoolProvider) GetUnsecured added in v2.21.0 

func (p *PrivilegedIPAMPoolProvider) GetUnsecured(ctx context.Context, ipamPoolName string) (*kubermaticv1.IPAMPool, error)

GetUnsecured gets IPAM pool by name.

func (*PrivilegedIPAMPoolProvider) ListUnsecured added in v2.21.0 

func (p *PrivilegedIPAMPoolProvider) ListUnsecured(ctx context.Context) (*kubermaticv1.IPAMPoolList, error)

ListUnsecured lists available IPAM pools.

func (*PrivilegedIPAMPoolProvider) PatchUnsecured added in v2.21.0 

func (p *PrivilegedIPAMPoolProvider) PatchUnsecured(ctx context.Context, oldIPAMPool *kubermaticv1.IPAMPool, newIPAMPool *kubermaticv1.IPAMPool) error

PatchUnsecured patches a IPAM pool.

type PrivilegedMLAAdminSettingProvider added in v2.18.0 

type PrivilegedMLAAdminSettingProvider struct {
	// contains filtered or unexported fields
}

PrivilegedMLAAdminSettingProvider struct that holds required components in order to manage MLAAdminSetting objects.

func NewPrivilegedMLAAdminSettingProvider added in v2.18.0 

func NewPrivilegedMLAAdminSettingProvider(privilegedClient ctrlruntimeclient.Client) *PrivilegedMLAAdminSettingProvider

NewPrivilegedMLAAdminSettingProvider returns a MLAAdminSetting provider.

func (*PrivilegedMLAAdminSettingProvider) CreateUnsecured added in v2.18.0 

func (p *PrivilegedMLAAdminSettingProvider) CreateUnsecured(ctx context.Context, mlaAdminSetting *kubermaticv1.MLAAdminSetting) (*kubermaticv1.MLAAdminSetting, error)

func (*PrivilegedMLAAdminSettingProvider) DeleteUnsecured added in v2.18.0 

func (p *PrivilegedMLAAdminSettingProvider) DeleteUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) error

func (*PrivilegedMLAAdminSettingProvider) GetUnsecured added in v2.18.0 

func (p *PrivilegedMLAAdminSettingProvider) GetUnsecured(ctx context.Context, cluster *kubermaticv1.Cluster) (*kubermaticv1.MLAAdminSetting, error)

func (*PrivilegedMLAAdminSettingProvider) UpdateUnsecured added in v2.18.0 

func (p *PrivilegedMLAAdminSettingProvider) UpdateUnsecured(ctx context.Context, newMLAAdminSetting *kubermaticv1.MLAAdminSetting) (*kubermaticv1.MLAAdminSetting, error)

type PrivilegedOperatingSystemProfileProvider added in v2.21.0 

type PrivilegedOperatingSystemProfileProvider struct {
	// contains filtered or unexported fields
}

PrivilegedOperatingSystemProfileProvider struct that holds required components of the PrivilegedOperatingSystemProfileProvider.

func NewPrivilegedOperatingSystemProfileProvider added in v2.21.0 

func NewPrivilegedOperatingSystemProfileProvider(privilegedClient ctrlruntimeclient.Client, namespace string) *PrivilegedOperatingSystemProfileProvider

NewPrivilegedOperatingSystemProfileProvider returns a new PrivilegedOperatingSystemProfileProvider.

func (*PrivilegedOperatingSystemProfileProvider) ListUnsecured added in v2.21.0 

func (p *PrivilegedOperatingSystemProfileProvider) ListUnsecured(ctx context.Context) (*osmv1alpha1.OperatingSystemProfileList, error)

ListUnsecured lists available OSPs from seed namespace.

func (*PrivilegedOperatingSystemProfileProvider) ListUnsecuredForUserClusterNamespace added in v2.21.0 

func (p *PrivilegedOperatingSystemProfileProvider) ListUnsecuredForUserClusterNamespace(ctx context.Context, namespace string) (*osmv1alpha1.OperatingSystemProfileList, error)

ListUnsecuredForUserClusterNamespace lists available OSPs for the user cluster namespace.

type PrivilegedProjectProvider 

type PrivilegedProjectProvider struct {
	// contains filtered or unexported fields
}

PrivilegedProjectProvider represents a data structure that knows how to manage projects in a privileged way.

func NewPrivilegedProjectProvider 

func NewPrivilegedProjectProvider(client ctrlruntimeclient.Client) (*PrivilegedProjectProvider, error)

NewPrivilegedProjectProvider returns a privileged project provider.

func (*PrivilegedProjectProvider) DeleteUnsecured 

func (p *PrivilegedProjectProvider) DeleteUnsecured(ctx context.Context, projectInternalName string) error

DeleteUnsecured deletes any given project This function is unsafe in a sense that it uses privileged account to delete project with the given name.

func (*PrivilegedProjectProvider) GetUnsecured 

func (p *PrivilegedProjectProvider) GetUnsecured(ctx context.Context, projectInternalName string, options *provider.ProjectGetOptions) (*kubermaticv1.Project, error)

GetUnsecured returns the project with the given name This function is unsafe in a sense that it uses privileged account to get project with the given name.

func (*PrivilegedProjectProvider) UpdateUnsecured 

func (p *PrivilegedProjectProvider) UpdateUnsecured(ctx context.Context, project *kubermaticv1.Project) (*kubermaticv1.Project, error)

UpdateUnsecured update a specific project and returns the updated project This function is unsafe in a sense that it uses privileged account to update the project.

type PrivilegedSSHKeyProvider 

type PrivilegedSSHKeyProvider struct {
	// contains filtered or unexported fields
}

PrivilegedSSHKeyProvider represents a data structure that knows how to manage ssh keys in a privileged way.

func NewPrivilegedSSHKeyProvider 

func NewPrivilegedSSHKeyProvider(client ctrlruntimeclient.Client) (*PrivilegedSSHKeyProvider, error)

NewPrivilegedSSHKeyProvider returns a privileged ssh key provider.

func (*PrivilegedSSHKeyProvider) CreateUnsecured 

func (p *PrivilegedSSHKeyProvider) CreateUnsecured(ctx context.Context, project *kubermaticv1.Project, keyName, pubKey string) (*kubermaticv1.UserSSHKey, error)

Create creates a ssh key that belongs to the given project This function is unsafe in a sense that it uses privileged account to create the ssh key.

func (*PrivilegedSSHKeyProvider) DeleteUnsecured 

func (p *PrivilegedSSHKeyProvider) DeleteUnsecured(ctx context.Context, keyName string) error

Delete deletes the given ssh key This function is unsafe in a sense that it uses privileged account to delete the ssh key.

func (*PrivilegedSSHKeyProvider) GetUnsecured 

func (p *PrivilegedSSHKeyProvider) GetUnsecured(ctx context.Context, keyName string) (*kubermaticv1.UserSSHKey, error)

GetUnsecured returns a key with the given name This function is unsafe in a sense that it uses privileged account to get the ssh key.

func (*PrivilegedSSHKeyProvider) UpdateUnsecured 

func (p *PrivilegedSSHKeyProvider) UpdateUnsecured(ctx context.Context, sshKey *kubermaticv1.UserSSHKey) (*kubermaticv1.UserSSHKey, error)

UpdateUnsecured update a specific ssh key and returns the updated ssh key This function is unsafe in a sense that it uses privileged account to update the ssh key.

type ProjectMemberProvider 

type ProjectMemberProvider struct {
	// contains filtered or unexported fields
}

ProjectMemberProvider binds users with projects.

func NewProjectMemberProvider 

func NewProjectMemberProvider(createMasterImpersonatedClient ImpersonationClient, clientPrivileged ctrlruntimeclient.Client) *ProjectMemberProvider

NewProjectMemberProvider returns a project members provider.

func (*ProjectMemberProvider) Create 

func (p *ProjectMemberProvider) Create(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, memberEmail, group string) (*kubermaticv1.UserProjectBinding, error)

Create creates a binding for the given member and the given project.

func (*ProjectMemberProvider) CreateUnsecured 

func (p *ProjectMemberProvider) CreateUnsecured(ctx context.Context, project *kubermaticv1.Project, memberEmail, group string) (*kubermaticv1.UserProjectBinding, error)

CreateUnsecured creates a binding for the given member and the given project This function is unsafe in a sense that it uses privileged account to create the resource.

func (*ProjectMemberProvider) CreateUnsecuredForServiceAccount added in v2.17.2 

func (p *ProjectMemberProvider) CreateUnsecuredForServiceAccount(ctx context.Context, project *kubermaticv1.Project, memberEmail, group string) (*kubermaticv1.UserProjectBinding, error)

CreateUnsecuredForServiceAccount creates a binding for the given service account and the given project This function is unsafe in a sense that it uses privileged account to create the resource.

func (*ProjectMemberProvider) Delete 

func (p *ProjectMemberProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, bindingName string) error

Delete deletes the given binding Note: Use List to get binding for the specific member of the given project.

func (*ProjectMemberProvider) DeleteUnsecured 

func (p *ProjectMemberProvider) DeleteUnsecured(ctx context.Context, bindingName string) error

DeleteUnsecured deletes the given binding Note: Use List to get binding for the specific member of the given project This function is unsafe in a sense that it uses privileged account to delete the resource.

func (*ProjectMemberProvider) GroupMappingsFor added in v2.21.0 

func (p *ProjectMemberProvider) GroupMappingsFor(ctx context.Context, groups []string) ([]*kubermaticv1.GroupProjectBinding, error)

GroupMappingsFor returns the list of projects (bindings) for the given set of groups. This function is unsafe in a sense that it uses privileged account to list all members in the system.

func (*ProjectMemberProvider) List 

func (p *ProjectMemberProvider) List(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, options *provider.ProjectMemberListOptions) ([]*kubermaticv1.UserProjectBinding, error)

List gets all members of the given project.

func (*ProjectMemberProvider) MapUserToGroup 

func (p *ProjectMemberProvider) MapUserToGroup(ctx context.Context, userEmail string, projectID string) (string, error)

MapUserToGroup maps the given user to a specific group of the given project This function is unsafe in a sense that it uses privileged account to list all members in the system.

func (*ProjectMemberProvider) MapUserToGroups added in v2.21.0 

func (p *ProjectMemberProvider) MapUserToGroups(ctx context.Context, user *kubermaticv1.User, projectID string) (sets.String, error)

MapUserToGroups returns the groups of the user in the project. It combines identity provider groups with group from UserProjectBinding (if exists). Groups returned by this function are suffixed with project's ID to avoid leaking permissions among projects having binding with the same group but different roles. This function is unsafe in a sense that it uses privileged account to list all userProjectBindings in the system.

func (*ProjectMemberProvider) MapUserToRoles added in v2.21.0 

func (p *ProjectMemberProvider) MapUserToRoles(ctx context.Context, user *kubermaticv1.User, projectID string) (sets.String, error)

MapUserToRoles returns the roles of the user in the project. It searches across the user project bindings and the group project bindings for the user and returns the role set. This function is unsafe in a sense that it uses privileged account to list all userProjectBindings and groupProjectBindings in the system.

func (*ProjectMemberProvider) MappingsFor 

func (p *ProjectMemberProvider) MappingsFor(ctx context.Context, userEmail string) ([]*kubermaticv1.UserProjectBinding, error)

MappingsFor returns the list of projects (bindings) for the given user This function is unsafe in a sense that it uses privileged account to list all members in the system.

func (*ProjectMemberProvider) Update 

func (p *ProjectMemberProvider) Update(ctx context.Context, userInfo *provider.UserInfo, binding *kubermaticv1.UserProjectBinding) (*kubermaticv1.UserProjectBinding, error)

Update updates the given binding.

func (*ProjectMemberProvider) UpdateUnsecured 

func (p *ProjectMemberProvider) UpdateUnsecured(ctx context.Context, binding *kubermaticv1.UserProjectBinding) (*kubermaticv1.UserProjectBinding, error)

UpdateUnsecured updates the given binding This function is unsafe in a sense that it uses privileged account to update the resource.

type ProjectProvider 

type ProjectProvider struct {
	// contains filtered or unexported fields
}

ProjectProvider represents a data structure that knows how to manage projects.

func NewProjectProvider 

func NewProjectProvider(createMasterImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) (*ProjectProvider, error)

NewProjectProvider returns a project provider.

func (*ProjectProvider) Delete 

func (p *ProjectProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, projectInternalName string) error

Delete deletes the given project as the given user.

func (*ProjectProvider) Get 

func (p *ProjectProvider) Get(ctx context.Context, userInfo *provider.UserInfo, projectInternalName string, options *provider.ProjectGetOptions) (*kubermaticv1.Project, error)

Get returns the project with the given name.

func (*ProjectProvider) List 

func (p *ProjectProvider) List(ctx context.Context, options *provider.ProjectListOptions) ([]*kubermaticv1.Project, error)

List gets a list of projects, by default it returns all resources. If you want to filter the result please set ProjectListOptions

Note that the list is taken from the cache.

func (*ProjectProvider) New 

func (p *ProjectProvider) New(ctx context.Context, projectName string, labels map[string]string) (*kubermaticv1.Project, error)

New creates a brand new project in the system with the given name.

func (*ProjectProvider) Update 

func (p *ProjectProvider) Update(ctx context.Context, userInfo *provider.UserInfo, newProject *kubermaticv1.Project) (*kubermaticv1.Project, error)

Update update a specific project for a specific user and returns the updated project.

type RuleGroupProvider added in v2.18.0 

type RuleGroupProvider struct {
	// contains filtered or unexported fields
}

RuleGroupProvider struct that holds required components in order to manage RuleGroup objects.

func NewRuleGroupProvider added in v2.18.0 

func NewRuleGroupProvider(createSeedImpersonatedClient ImpersonationClient, privilegedClient ctrlruntimeclient.Client) *RuleGroupProvider

NewRuleGroupProvider returns a ruleGroup provider.

func (RuleGroupProvider) Create added in v2.18.0 

func (r RuleGroupProvider) Create(ctx context.Context, userInfo *provider.UserInfo, ruleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) CreateUnsecured added in v2.18.0 

func (r RuleGroupProvider) CreateUnsecured(ctx context.Context, ruleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) Delete added in v2.18.0 

func (r RuleGroupProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, ruleGroupName string) error

func (RuleGroupProvider) DeleteUnsecured added in v2.18.0 

func (r RuleGroupProvider) DeleteUnsecured(ctx context.Context, ruleGroupName, namespace string) error

func (RuleGroupProvider) Get added in v2.18.0 

func (r RuleGroupProvider) Get(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, ruleGroupName string) (*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) GetUnsecured added in v2.18.0 

func (r RuleGroupProvider) GetUnsecured(ctx context.Context, ruleGroupName, namespace string) (*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) List added in v2.18.0 

func (r RuleGroupProvider) List(ctx context.Context, userInfo *provider.UserInfo, cluster *kubermaticv1.Cluster, options *provider.RuleGroupListOptions) ([]*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) ListUnsecured added in v2.18.0 

func (r RuleGroupProvider) ListUnsecured(ctx context.Context, namespace string, options *provider.RuleGroupListOptions) ([]*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) Update added in v2.18.0 

func (r RuleGroupProvider) Update(ctx context.Context, userInfo *provider.UserInfo, newRuleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)

func (RuleGroupProvider) UpdateUnsecured added in v2.18.0 

func (r RuleGroupProvider) UpdateUnsecured(ctx context.Context, newRuleGroup *kubermaticv1.RuleGroup) (*kubermaticv1.RuleGroup, error)

type SSHKeyProvider 

type SSHKeyProvider struct {
	// contains filtered or unexported fields
}

SSHKeyProvider struct that holds required components in order to provide ssh key provider that is RBAC compliant.

func NewSSHKeyProvider 

func NewSSHKeyProvider(createMasterImpersonatedClient ImpersonationClient, client ctrlruntimeclient.Client) *SSHKeyProvider

NewSSHKeyProvider returns a new ssh key provider that respects RBAC policies it uses createMasterImpersonatedClient to create a connection that uses User Impersonation.

func (*SSHKeyProvider) Create 

func (p *SSHKeyProvider) Create(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, keyName, pubKey string) (*kubermaticv1.UserSSHKey, error)

Create creates a ssh key that will belong to the given project.

func (*SSHKeyProvider) Delete 

func (p *SSHKeyProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, keyName string) error

Delete simply deletes the given key.

func (*SSHKeyProvider) Get 

func (p *SSHKeyProvider) Get(ctx context.Context, userInfo *provider.UserInfo, keyName string) (*kubermaticv1.UserSSHKey, error)

Get returns a key with the given name.

func (*SSHKeyProvider) List 

func (p *SSHKeyProvider) List(ctx context.Context, project *kubermaticv1.Project, options *provider.SSHKeyListOptions) ([]*kubermaticv1.UserSSHKey, error)

List gets a list of ssh keys, by default it will get all the keys that belong to the given project. If you want to filter the result please take a look at SSHKeyListOptions

Note: After we get the list of the keys we could try to get each individually using unprivileged account to see if the user have read access, We don't do this because we assume that if the user was able to get the project (argument) it has to have at least read access.

func (*SSHKeyProvider) Update 

func (p *SSHKeyProvider) Update(ctx context.Context, userInfo *provider.UserInfo, newKey *kubermaticv1.UserSSHKey) (*kubermaticv1.UserSSHKey, error)

Update simply updates the given key.

type SeedProvider added in v2.19.0 

type SeedProvider struct {
	// contains filtered or unexported fields
}

SeedProvider struct that holds required components in order seeds.

func NewSeedProvider added in v2.19.0 

func NewSeedProvider(client ctrlruntimeclient.Client) *SeedProvider

func (*SeedProvider) CreateOrUpdateKubeconfigSecretForSeed added in v2.21.0 

func (p *SeedProvider) CreateOrUpdateKubeconfigSecretForSeed(ctx context.Context, seed *kubermaticv1.Seed, kubeconfig []byte) error

func (*SeedProvider) CreateUnsecured added in v2.21.0 

func (p *SeedProvider) CreateUnsecured(ctx context.Context, seed *kubermaticv1.Seed) (*kubermaticv1.Seed, error)

func (*SeedProvider) UpdateUnsecured added in v2.19.0 

func (p *SeedProvider) UpdateUnsecured(ctx context.Context, seed *kubermaticv1.Seed) (*kubermaticv1.Seed, error)

type ServiceAccountProvider 

type ServiceAccountProvider struct {
	// contains filtered or unexported fields
}

ServiceAccountProvider manages service account resources.

func NewServiceAccountProvider 

func NewServiceAccountProvider(createMasterImpersonatedClient ImpersonationClient, clientPrivileged ctrlruntimeclient.Client, domain string) *ServiceAccountProvider

NewServiceAccountProvider returns a service account provider.

func (*ServiceAccountProvider) CreateProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) CreateProjectServiceAccount(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, name, group string) (*kubermaticv1.User, error)

CreateProjectServiceAccount creates a new service account for the project.

func (*ServiceAccountProvider) CreateUnsecuredProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) CreateUnsecuredProjectServiceAccount(ctx context.Context, project *kubermaticv1.Project, name, group string) (*kubermaticv1.User, error)

CreateUnsecuredProjectServiceAccount creates a new service accounts

Note that this function: is unsafe in a sense that it uses privileged account to create the resources.

func (*ServiceAccountProvider) DeleteProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) DeleteProjectServiceAccount(ctx context.Context, userInfo *provider.UserInfo, name string) error

DeleteProjectServiceAccount simply deletes the given project service account.

func (*ServiceAccountProvider) DeleteUnsecuredProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) DeleteUnsecuredProjectServiceAccount(ctx context.Context, name string) error

DeleteUnsecuredProjectServiceAccount deletes project service account

Note that this function: is unsafe in a sense that it uses privileged account to delete the resource.

func (*ServiceAccountProvider) GetProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) GetProjectServiceAccount(ctx context.Context, userInfo *provider.UserInfo, name string, options *provider.ServiceAccountGetOptions) (*kubermaticv1.User, error)

GetProjectServiceAccount method returns project service account with given name.

func (*ServiceAccountProvider) GetUnsecuredProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) GetUnsecuredProjectServiceAccount(ctx context.Context, name string, options *provider.ServiceAccountGetOptions) (*kubermaticv1.User, error)

GetUnsecuredProjectServiceAccount gets the project service account

Note that this function: is unsafe in a sense that it uses privileged account to get the resource.

func (*ServiceAccountProvider) ListProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) ListProjectServiceAccount(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, options *provider.ServiceAccountListOptions) ([]*kubermaticv1.User, error)

ListProjectServiceAccount gets service accounts for the project.

func (*ServiceAccountProvider) ListUnsecuredProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) ListUnsecuredProjectServiceAccount(ctx context.Context, project *kubermaticv1.Project, options *provider.ServiceAccountListOptions) ([]*kubermaticv1.User, error)

ListUnsecuredProjectServiceAccount gets all service accounts for the project If you want to filter the result please take a look at ServiceAccountListOptions

Note that this function: is unsafe in a sense that it uses privileged account to get the resources.

func (*ServiceAccountProvider) UpdateProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) UpdateProjectServiceAccount(ctx context.Context, userInfo *provider.UserInfo, serviceAccount *kubermaticv1.User) (*kubermaticv1.User, error)

UpdateProjectServiceAccount simply updates the given project service account.

func (*ServiceAccountProvider) UpdateUnsecuredProjectServiceAccount added in v2.17.0 

func (p *ServiceAccountProvider) UpdateUnsecuredProjectServiceAccount(ctx context.Context, serviceAccount *kubermaticv1.User) (*kubermaticv1.User, error)

UpdateUnsecuredProjectServiceAccount updated the project service account

Note that this function: is unsafe in a sense that it uses privileged account to update the resource.

type ServiceAccountTokenProvider 

type ServiceAccountTokenProvider struct {
	// contains filtered or unexported fields
}

ServiceAccountProvider manages service account resources.

func NewServiceAccountTokenProvider 

func NewServiceAccountTokenProvider(impersonationClient ImpersonationClient, clientPrivileged ctrlruntimeclient.Client) (*ServiceAccountTokenProvider, error)

NewServiceAccountProvider returns a service account provider.

func (*ServiceAccountTokenProvider) Create 

func (p *ServiceAccountTokenProvider) Create(ctx context.Context, userInfo *provider.UserInfo, sa *kubermaticv1.User, projectID, tokenName, tokenID, token string) (*corev1.Secret, error)

Create creates a new token for service account.

func (*ServiceAccountTokenProvider) CreateUnsecured 

func (p *ServiceAccountTokenProvider) CreateUnsecured(ctx context.Context, sa *kubermaticv1.User, projectID, tokenName, tokenID, token string) (*corev1.Secret, error)

CreateUnsecured creates a new token

Note that this function: is unsafe in a sense that it uses privileged account to create the resource.

func (*ServiceAccountTokenProvider) Delete 

func (p *ServiceAccountTokenProvider) Delete(ctx context.Context, userInfo *provider.UserInfo, name string) error

Delete method deletes given token.

func (*ServiceAccountTokenProvider) DeleteUnsecured 

func (p *ServiceAccountTokenProvider) DeleteUnsecured(ctx context.Context, name string) error

DeleteUnsecured deletes the token

Note that this function: is unsafe in a sense that it uses privileged account to delete the resource.

func (*ServiceAccountTokenProvider) Get 

func (p *ServiceAccountTokenProvider) Get(ctx context.Context, userInfo *provider.UserInfo, name string) (*corev1.Secret, error)

Get method returns token by name.

func (*ServiceAccountTokenProvider) GetUnsecured 

func (p *ServiceAccountTokenProvider) GetUnsecured(ctx context.Context, name string) (*corev1.Secret, error)

GetUnsecured gets the token by name

Note that this function: is unsafe in a sense that it uses privileged account to get the resource.

func (*ServiceAccountTokenProvider) List 

func (p *ServiceAccountTokenProvider) List(ctx context.Context, userInfo *provider.UserInfo, project *kubermaticv1.Project, sa *kubermaticv1.User, options *provider.ServiceAccountTokenListOptions) ([]*corev1.Secret, error)

List gets tokens for the given service account and project.

func (*ServiceAccountTokenProvider) ListUnsecured 

func (p *ServiceAccountTokenProvider) ListUnsecured(ctx context.Context, options *provider.ServiceAccountTokenListOptions) ([]*corev1.Secret, error)

ListUnsecured returns all tokens in kubermatic namespace

Note that this function: is unsafe in a sense that it uses privileged account to get the resource gets resources from the cache.

func (*ServiceAccountTokenProvider) Update 

func (p *ServiceAccountTokenProvider) Update(ctx context.Context, userInfo *provider.UserInfo, secret *corev1.Secret) (*corev1.Secret, error)

Update method updates given token.

func (*ServiceAccountTokenProvider) UpdateUnsecured 

func (p *ServiceAccountTokenProvider) UpdateUnsecured(ctx context.Context, secret *corev1.Secret) (*corev1.Secret, error)

UpdateUnsecured updates the token

Note that this function: is unsafe in a sense that it uses privileged account to get the resource.

type SettingsProvider 

type SettingsProvider struct {
	// contains filtered or unexported fields
}

UserProvider manages user resources.

func NewSettingsProvider 

func NewSettingsProvider(runtimeClient ctrlruntimeclient.Client) *SettingsProvider

NewUserProvider returns a user provider.

func (*SettingsProvider) GetGlobalSettings 

func (s *SettingsProvider) GetGlobalSettings(ctx context.Context) (*kubermaticv1.KubermaticSetting, error)

func (*SettingsProvider) UpdateGlobalSettings 

func (s *SettingsProvider) UpdateGlobalSettings(ctx context.Context, userInfo *provider.UserInfo, settings *kubermaticv1.KubermaticSetting) (*kubermaticv1.KubermaticSetting, error)

type UserClusterConnectionProvider 

type UserClusterConnectionProvider interface {
	GetClient(context.Context, *kubermaticv1.Cluster, ...k8cuserclusterclient.ConfigOption) (ctrlruntimeclient.Client, error)
	GetK8sClient(context.Context, *kubermaticv1.Cluster, ...k8cuserclusterclient.ConfigOption) (kubernetes.Interface, error)
	GetClientConfig(context.Context, *kubermaticv1.Cluster, ...k8cuserclusterclient.ConfigOption) (*restclient.Config, error)
}

UserClusterConnectionProvider offers functions to interact with an user cluster.

type UserProvider 

type UserProvider struct {
	// contains filtered or unexported fields
}

UserProvider manages user resources.

func NewUserProvider 

func NewUserProvider(runtimeClient ctrlruntimeclient.Client) *UserProvider

NewUserProvider returns a user provider.

func (*UserProvider) CreateUser 

func (p *UserProvider) CreateUser(ctx context.Context, name, email string, groups []string) (*kubermaticv1.User, error)

func (*UserProvider) GetInvalidatedTokens added in v2.20.0 

func (p *UserProvider) GetInvalidatedTokens(ctx context.Context, user *kubermaticv1.User) ([]string, error)

func (*UserProvider) InvalidateToken added in v2.20.0 

func (p *UserProvider) InvalidateToken(ctx context.Context, user *kubermaticv1.User, token string, expiry apiv1.Time) error

func (*UserProvider) List added in v2.19.0 

func (p *UserProvider) List(ctx context.Context) ([]kubermaticv1.User, error)

func (*UserProvider) UpdateUser 

func (p *UserProvider) UpdateUser(ctx context.Context, user *kubermaticv1.User) (*kubermaticv1.User, error)

UpdateUser updates user.

func (*UserProvider) UserByEmail 

func (p *UserProvider) UserByEmail(ctx context.Context, email string) (*kubermaticv1.User, error)

UserByEmail returns a user by the given email.

func (*UserProvider) UserByID 

func (p *UserProvider) UserByID(ctx context.Context, id string) (*kubermaticv1.User, error)

UserByID returns a user by the given ID.

type ValidateCredentials added in v2.20.0 

type ValidateCredentials struct {
	Datacenter *kubermaticv1.Datacenter
	CABundle   *x509.CertPool
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.