Documentation

Index

Constants

View Source
const CertificateIDCA = "ca"
View Source
const (
	// SecretNameSSHPrimary is the Name for the primary SSH key
	SecretNameSSHPrimary = "admin"
)

Variables

View Source
var LifecycleNameMap = map[string]Lifecycle{
	"Sync":                     LifecycleSync,
	"Ignore":                   LifecycleIgnore,
	"WarnIfInsufficientAccess": LifecycleWarnIfInsufficientAccess,
	"ExistsAndValidates":       LifecycleExistsAndValidates,
	"ExistsAndWarnIfChanges":   LifecycleExistsAndWarnIfChanges,
}

    LifecycleNameMap is used to validate in the UX. When a user provides a lifecycle name it then can be mapped to the actual lifecycle.

      Lifecycles are used for ux validation. When validation fails the lifecycle names are printed out.

      Functions

      func ArrayContains

      func ArrayContains(array []string, word string) bool

        ArrayContains is checking does array contain single word

        func Bool

        func Bool(v bool) *bool

          Bool returns a pointer to a bool

          func BoolValue

          func BoolValue(v *bool) bool

            BoolValue returns the value of bool pointer or false

            func BuildChanges

            func BuildChanges(a, e, changes interface{}) bool

              BuildChanges compares the values of a & e, and populates differences into changes, except that if a value is nil in e, the corresponding value in a is ignored. a, e and changes must all be of the same type a is the actual object found, e is the expected value Note that the ignore-nil-in-e logic therefore implements the idea that nil value in e means "don't care" If a is nil, all the non-nil values in e will be copied over to changes, because every field in e must be applied

              func BuildTimestampString

              func BuildTimestampString() string

              func CannotChangeField

              func CannotChangeField(key string) error

              func CopyResource

              func CopyResource(dest io.Writer, r Resource) (int64, error)

              func DebugAsJsonString

              func DebugAsJsonString(v interface{}) string

              func DebugAsJsonStringIndent

              func DebugAsJsonStringIndent(v interface{}) string

              func DebugPrint

              func DebugPrint(o interface{}) string

              func DefaultDeltaRunMethod

              func DefaultDeltaRunMethod(e Task, c *Context) error

                DefaultDeltaRunMethod implements the standard change-based run procedure: find the existing item; compare properties; call render with (actual, expected, changes)

                func DownloadURL

                func DownloadURL(url string, dest string, hash *hashing.Hash) (*hashing.Hash, error)

                func EnsureFileMode

                func EnsureFileMode(destPath string, fileMode os.FileMode) (bool, error)

                func EnsureFileOwner

                func EnsureFileOwner(destPath string, owner string, groupName string) (bool, error)

                  EnsureFileOwner will set the owner & group for a file. Empty values for owner/group will leave the owner/group unchanged.

                  func FieldIsImmutable

                  func FieldIsImmutable(newVal, oldVal interface{}, fldPath *field.Path) *field.Error

                  func FileModeToString

                  func FileModeToString(mode os.FileMode) string

                  func FindPrimary

                  func FindPrimary(keyset *kops.Keyset) *kops.KeysetItem

                    FindPrimary returns the primary KeysetItem in the Keyset

                    func FindTaskDependencies

                    func FindTaskDependencies(tasks map[string]Task) map[string][]string

                      FindTaskDependencies returns a map from each task's key to the discovered list of dependencies

                      func Float32

                      func Float32(v float32) *float32

                        Float32 returns a point to a float32

                        func Float32Value

                        func Float32Value(v *float32) float32

                          Float32Value returns the value of the float

                          func Float64

                          func Float64(v float64) *float64

                            Float64 returns a point to a float64

                            func Float64Value

                            func Float64Value(v *float64) float64

                              Float64Value returns the value of the float

                              func GuessCloudForZone

                              func GuessCloudForZone(zone string) (kops.CloudProviderID, bool)

                                GuessCloudForZone tries to infer the cloudprovider from the zone name Ali has the same zoneNames as AWS in the regions outside China, so if use AliCloud to install k8s in the regions outside China, the users need to provide parameter "--cloud". But the regions inside China can be easily identified.

                                func Int

                                func Int(v int) *int

                                func Int32

                                func Int32(v int32) *int32

                                func Int32Value

                                func Int32Value(v *int32) int32

                                func Int64

                                func Int64(v int64) *int64

                                  Int64 is a helper that builds a *int64 from an int64 value This is similar to aws.Int64, except that we use it for non-AWS values

                                  func Int64Value

                                  func Int64Value(v *int64) int64

                                  func IntValue

                                  func IntValue(v *int) int

                                  func IsNilOrEmpty

                                  func IsNilOrEmpty(s *string) bool

                                  func ParseFileMode

                                  func ParseFileMode(s string, defaultMode os.FileMode) (os.FileMode, error)

                                  func PrintCompareWithID

                                  func PrintCompareWithID(o interface{}) (string, bool)

                                  func PrintResource

                                  func PrintResource(o interface{}) (string, bool)

                                  func RequiredField

                                  func RequiredField(key string) error

                                  func ResourceAsBytes

                                  func ResourceAsBytes(r Resource) ([]byte, error)

                                  func ResourceAsString

                                  func ResourceAsString(r Resource) (string, error)

                                  func ResourcesMatch

                                  func ResourcesMatch(a, b Resource) (bool, error)

                                  func SafeClose

                                  func SafeClose(r io.Reader)

                                  func SerializeKeyset

                                  func SerializeKeyset(o *kops.Keyset) ([]byte, error)

                                  func String

                                  func String(s string) *string

                                    String is a helper that builds a *string from a string value This is similar to aws.String, except that we use it for non-AWS values

                                    func StringSlice

                                    func StringSlice(stringSlice []string) []*string

                                      StringSlice is a helper that builds a []*string from a slice of strings

                                      func StringSliceValue

                                      func StringSliceValue(stringSlice []*string) []string

                                        StringSliceValue takes a slice of string pointers and returns a slice of strings

                                        func StringValue

                                        func StringValue(s *string) string

                                        func TaskAsString

                                        func TaskAsString(t Task) string

                                          TaskAsString renders the task for debug output TODO: Use reflection to make this cleaner: don't recurse into tasks - print their names instead also print resources in a cleaner way (use the resource source information?)

                                          func ToInt64

                                          func ToInt64(s *string) *int64

                                          func ToString

                                          func ToString(v *int64) *string

                                          func TypeNameForTask

                                          func TypeNameForTask(task interface{}) string

                                          func Uint64Value

                                          func Uint64Value(v *uint64) uint64

                                          func WriteFile

                                          func WriteFile(destPath string, contents Resource, fileMode os.FileMode, dirMode os.FileMode, owner string, group string) error

                                            WriteFile writes a file to the specified path, setting the mode, owner & group.

                                            Types

                                            type AssetStore

                                            type AssetStore struct {
                                            	// contains filtered or unexported fields
                                            }

                                            func NewAssetStore

                                            func NewAssetStore(cacheDir string) *AssetStore

                                            func (*AssetStore) Add

                                            func (a *AssetStore) Add(id string) error

                                              Add an asset into the store, in one of the recognized formats (see Assets in types package)

                                              func (*AssetStore) AddForTest

                                              func (a *AssetStore) AddForTest(id string, path string, content string)

                                                Add an asset into the store, in one of the recognized formats (see Assets in types package)

                                                func (*AssetStore) Find

                                                func (a *AssetStore) Find(key string, assetPath string) (Resource, error)

                                                func (*AssetStore) FindMatch

                                                func (a *AssetStore) FindMatch(expr *regexp.Regexp) (name string, res Resource, err error)

                                                func (*AssetStore) FindMatches

                                                func (a *AssetStore) FindMatches(expr *regexp.Regexp) map[string]Resource

                                                type Authenticator

                                                type Authenticator interface {
                                                	CreateToken(body []byte) (string, error)
                                                }

                                                  Authenticator generates authentication credentials for requests.

                                                  type ByTaskKey

                                                  type ByTaskKey []*render

                                                    ByTaskKey sorts []*render by TaskKey (type/name)

                                                    func (ByTaskKey) Len

                                                    func (a ByTaskKey) Len() int

                                                    func (ByTaskKey) Less

                                                    func (a ByTaskKey) Less(i, j int) bool

                                                    func (ByTaskKey) Swap

                                                    func (a ByTaskKey) Swap(i, j int)

                                                    type BytesResource

                                                    type BytesResource struct {
                                                    	// contains filtered or unexported fields
                                                    }

                                                    func NewBytesResource

                                                    func NewBytesResource(data []byte) *BytesResource

                                                    func (*BytesResource) MarshalJSON

                                                    func (b *BytesResource) MarshalJSON() ([]byte, error)

                                                      MarshalJSON is a custom marshaller so this will be printed as a string (instead of nothing) This is used in tests to verify the expected output.

                                                      func (*BytesResource) Open

                                                      func (r *BytesResource) Open() (io.Reader, error)

                                                      type CAStore

                                                      type CAStore interface {
                                                      	Keystore
                                                      
                                                      	// FindCertificatePool returns the named CertificatePool, or (nil,nil) if not found
                                                      	FindCertificatePool(name string) (*CertificatePool, error)
                                                      
                                                      	// FindCertificateKeyset will return the keyset for a certificate
                                                      	FindCertificateKeyset(name string) (*kops.Keyset, error)
                                                      
                                                      	// FindPrivateKey returns the named private key, or (nil,nil) if not found
                                                      	FindPrivateKey(name string) (*pki.PrivateKey, error)
                                                      
                                                      	// FindPrivateKeyset will return the keyset for a private key
                                                      	FindPrivateKeyset(name string) (*kops.Keyset, error)
                                                      
                                                      	// FindCert returns the specified certificate, if it exists, or nil if not found
                                                      	FindCert(name string) (*pki.Certificate, error)
                                                      
                                                      	// ListKeysets will return all the KeySets
                                                      	// The key material is not guaranteed to be populated - metadata like the name will be.
                                                      	ListKeysets() ([]*kops.Keyset, error)
                                                      
                                                      	// AddCert adds an alternative certificate to the pool (primarily useful for CAs)
                                                      	AddCert(name string, cert *pki.Certificate) error
                                                      
                                                      	// DeleteKeysetItem will delete the specified item from the Keyset
                                                      	DeleteKeysetItem(item *kops.Keyset, id string) error
                                                      }

                                                      func NewClientsetCAStore

                                                      func NewClientsetCAStore(cluster *kops.Cluster, clientset kopsinternalversion.KopsInterface, namespace string) CAStore

                                                        NewClientsetCAStore is the constructor for ClientsetCAStore

                                                        type CertificatePool

                                                        type CertificatePool struct {
                                                        	Secondary []*pki.Certificate
                                                        	Primary   *pki.Certificate
                                                        }

                                                        func (*CertificatePool) All

                                                        func (c *CertificatePool) All() []*pki.Certificate

                                                        func (*CertificatePool) AsString

                                                        func (c *CertificatePool) AsString() (string, error)

                                                        type ClientsetCAStore

                                                        type ClientsetCAStore struct {
                                                        	// contains filtered or unexported fields
                                                        }

                                                          ClientsetCAStore is a CAStore implementation that stores keypairs in Keyset on a API server

                                                          func (*ClientsetCAStore) AddCert

                                                          func (c *ClientsetCAStore) AddCert(name string, cert *pki.Certificate) error

                                                            AddCert implements CAStore::AddCert

                                                            func (*ClientsetCAStore) AddSSHPublicKey

                                                            func (c *ClientsetCAStore) AddSSHPublicKey(name string, pubkey []byte) error

                                                              AddSSHPublicKey implements CAStore::AddSSHPublicKey

                                                              func (*ClientsetCAStore) DeleteKeysetItem

                                                              func (c *ClientsetCAStore) DeleteKeysetItem(item *kops.Keyset, id string) error

                                                                DeleteKeysetItem implements CAStore::DeleteKeysetItem

                                                                func (*ClientsetCAStore) DeleteSSHCredential

                                                                func (c *ClientsetCAStore) DeleteSSHCredential(item *kops.SSHCredential) error

                                                                  DeleteSSHCredential implements SSHCredentialStore::DeleteSSHCredential

                                                                  func (*ClientsetCAStore) FindCert

                                                                  func (c *ClientsetCAStore) FindCert(name string) (*pki.Certificate, error)

                                                                    FindCert implements CAStore::FindCert

                                                                    func (*ClientsetCAStore) FindCertificateKeyset

                                                                    func (c *ClientsetCAStore) FindCertificateKeyset(name string) (*kops.Keyset, error)

                                                                      FindCertificateKeyset implements CAStore::FindCertificateKeyset

                                                                      func (*ClientsetCAStore) FindCertificatePool

                                                                      func (c *ClientsetCAStore) FindCertificatePool(name string) (*CertificatePool, error)

                                                                        FindCertificatePool implements CAStore::FindCertificatePool

                                                                        func (*ClientsetCAStore) FindKeypair

                                                                        func (c *ClientsetCAStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, bool, error)

                                                                          FindKeypair implements CAStore::FindKeypair

                                                                          func (*ClientsetCAStore) FindPrivateKey

                                                                          func (c *ClientsetCAStore) FindPrivateKey(name string) (*pki.PrivateKey, error)

                                                                            FindPrivateKey implements CAStore::FindPrivateKey

                                                                            func (*ClientsetCAStore) FindPrivateKeyset

                                                                            func (c *ClientsetCAStore) FindPrivateKeyset(name string) (*kops.Keyset, error)

                                                                              FindPrivateKeyset implements CAStore::FindPrivateKeyset

                                                                              func (*ClientsetCAStore) FindSSHPublicKeys

                                                                              func (c *ClientsetCAStore) FindSSHPublicKeys(name string) ([]*kops.SSHCredential, error)

                                                                                FindSSHPublicKeys implements CAStore::FindSSHPublicKeys

                                                                                func (*ClientsetCAStore) ListKeysets

                                                                                func (c *ClientsetCAStore) ListKeysets() ([]*kops.Keyset, error)

                                                                                  ListKeysets implements CAStore::ListKeysets

                                                                                  func (*ClientsetCAStore) ListSSHCredentials

                                                                                  func (c *ClientsetCAStore) ListSSHCredentials() ([]*kops.SSHCredential, error)

                                                                                    ListSSHCredentials implements SSHCredentialStore::ListSSHCredentials

                                                                                    func (*ClientsetCAStore) MirrorTo

                                                                                    func (c *ClientsetCAStore) MirrorTo(basedir vfs.Path) error

                                                                                    func (*ClientsetCAStore) StoreKeypair

                                                                                    func (c *ClientsetCAStore) StoreKeypair(name string, cert *pki.Certificate, privateKey *pki.PrivateKey) error

                                                                                      StoreKeypair implements CAStore::StoreKeypair

                                                                                      type Cloud

                                                                                      type Cloud interface {
                                                                                      	ProviderID() kops.CloudProviderID
                                                                                      
                                                                                      	DNS() (dnsprovider.Interface, error)
                                                                                      
                                                                                      	// FindVPCInfo looks up the specified VPC by id, returning info if found, otherwise (nil, nil).
                                                                                      	FindVPCInfo(id string) (*VPCInfo, error)
                                                                                      
                                                                                      	// DeleteInstance deletes a cloud instance.
                                                                                      	DeleteInstance(instance *cloudinstances.CloudInstance) error
                                                                                      
                                                                                      	// DeleteGroup deletes the cloud resources that make up a CloudInstanceGroup, including the instances.
                                                                                      	DeleteGroup(group *cloudinstances.CloudInstanceGroup) error
                                                                                      
                                                                                      	// DetachInstance causes a cloud instance to no longer be counted against the group's size limits.
                                                                                      	DetachInstance(instance *cloudinstances.CloudInstance) error
                                                                                      
                                                                                      	// GetCloudGroups returns a map of cloud instances that back a kops cluster.
                                                                                      	// Detached instances must be returned in the NeedUpdate slice.
                                                                                      	GetCloudGroups(cluster *kops.Cluster, instancegroups []*kops.InstanceGroup, warnUnmatched bool, nodes []v1.Node) (map[string]*cloudinstances.CloudInstanceGroup, error)
                                                                                      
                                                                                      	// Region returns the cloud region bound to the cloud instance.
                                                                                      	// If the region concept does not apply, returns "".
                                                                                      	Region() string
                                                                                      }

                                                                                      type CompareWithID

                                                                                      type CompareWithID interface {
                                                                                      	CompareWithID() *string
                                                                                      }

                                                                                        CompareWithID indicates that the value should be compared by the returned ID value (instead of a deep comparison) Most Tasks implement this, because typically when a Task references another task, it only is concerned with being linked to that task, not the values of the task. For example, when an instance is linked to a disk, it cares that the disk is attached to that instance, not the size or speed of the disk.

                                                                                        type Context

                                                                                        type Context struct {
                                                                                        	Tmpdir string
                                                                                        
                                                                                        	Target            Target
                                                                                        	DNS               dnsprovider.Interface
                                                                                        	Cloud             Cloud
                                                                                        	Cluster           *kops.Cluster
                                                                                        	Keystore          Keystore
                                                                                        	SecretStore       SecretStore
                                                                                        	ClusterConfigBase vfs.Path
                                                                                        
                                                                                        	CheckExisting bool
                                                                                        	// contains filtered or unexported fields
                                                                                        }

                                                                                        func NewContext

                                                                                        func NewContext(target Target, cluster *kops.Cluster, cloud Cloud, keystore Keystore, secretStore SecretStore, clusterConfigBase vfs.Path, checkExisting bool, tasks map[string]Task) (*Context, error)

                                                                                        func (*Context) AddWarning

                                                                                        func (c *Context) AddWarning(task Task, message string)

                                                                                          AddWarning records a warning encountered during validation / creation. Typically this will be an error that we choose to ignore because of Lifecycle.

                                                                                          func (*Context) AllTasks

                                                                                          func (c *Context) AllTasks() map[string]Task

                                                                                          func (*Context) Close

                                                                                          func (c *Context) Close()

                                                                                          func (*Context) NewTempDir

                                                                                          func (c *Context) NewTempDir(prefix string) (string, error)

                                                                                          func (*Context) Render

                                                                                          func (c *Context) Render(a, e, changes Task) error

                                                                                            Render dispatches the creation of an object to the appropriate handler defined on the Task, it is typically called after we have checked the existing state of the Task and determined that is different from the desired state.

                                                                                            func (*Context) RunTasks

                                                                                            func (c *Context) RunTasks(options RunTasksOptions) error

                                                                                            type Deletion

                                                                                            type Deletion interface {
                                                                                            	Delete(target Target) error
                                                                                            
                                                                                            	TaskName() string
                                                                                            	Item() string
                                                                                            }

                                                                                            type DeletionByTaskName

                                                                                            type DeletionByTaskName []Deletion

                                                                                              DeletionByTaskName sorts []Deletion by TaskName

                                                                                              func (DeletionByTaskName) Len

                                                                                              func (a DeletionByTaskName) Len() int

                                                                                              func (DeletionByTaskName) Less

                                                                                              func (a DeletionByTaskName) Less(i, j int) bool

                                                                                              func (DeletionByTaskName) Swap

                                                                                              func (a DeletionByTaskName) Swap(i, j int)

                                                                                              type DryRunTarget

                                                                                              type DryRunTarget struct {
                                                                                              	// contains filtered or unexported fields
                                                                                              }

                                                                                                DryRunTarget is a special Target that does not execute anything, but instead tracks all changes. By running against a DryRunTarget, a list of changes that would be made can be easily collected, without any special support from the Tasks.

                                                                                                func NewDryRunTarget

                                                                                                func NewDryRunTarget(assetBuilder *assets.AssetBuilder, out io.Writer) *DryRunTarget

                                                                                                func (*DryRunTarget) Changes

                                                                                                func (t *DryRunTarget) Changes() (map[string]Task, map[string]Task)

                                                                                                  Changes returns tasks which is going to be created or updated

                                                                                                  func (*DryRunTarget) Delete

                                                                                                  func (t *DryRunTarget) Delete(deletion Deletion) error

                                                                                                  func (*DryRunTarget) Deletions

                                                                                                  func (t *DryRunTarget) Deletions() []string

                                                                                                    Deletions returns all task names which is going to be deleted

                                                                                                    func (*DryRunTarget) Finish

                                                                                                    func (t *DryRunTarget) Finish(taskMap map[string]Task) error

                                                                                                      Finish is called at the end of a run, and prints a list of changes to the configured Writer

                                                                                                      func (*DryRunTarget) HasChanges

                                                                                                      func (t *DryRunTarget) HasChanges() bool

                                                                                                        HasChanges returns true iff any changes would have been made

                                                                                                        func (*DryRunTarget) PrintReport

                                                                                                        func (t *DryRunTarget) PrintReport(taskMap map[string]Task, out io.Writer) error

                                                                                                        func (*DryRunTarget) ProcessDeletions

                                                                                                        func (t *DryRunTarget) ProcessDeletions() bool

                                                                                                        func (*DryRunTarget) Render

                                                                                                        func (t *DryRunTarget) Render(a, e, changes Task) error

                                                                                                        type ExistsAndWarnIfChangesError

                                                                                                        type ExistsAndWarnIfChangesError struct {
                                                                                                        	// contains filtered or unexported fields
                                                                                                        }

                                                                                                          ExistsAndWarnIfChangesError is the custom error return for fi.LifecycleExistsAndWarnIfChanges. This error is used when an object needs to fail validation, but let the user proceed with a warning.

                                                                                                          func NewExistsAndWarnIfChangesError

                                                                                                          func NewExistsAndWarnIfChangesError(message string) *ExistsAndWarnIfChangesError

                                                                                                            NewExistsAndWarnIfChangesError is a builder for ExistsAndWarnIfChangesError.

                                                                                                            func (*ExistsAndWarnIfChangesError) Error

                                                                                                              ExistsAndWarnIfChangesError implementation of the error interface.

                                                                                                              type FileResource

                                                                                                              type FileResource struct {
                                                                                                              	Path string
                                                                                                              }

                                                                                                              func NewFileResource

                                                                                                              func NewFileResource(path string) *FileResource

                                                                                                              func (*FileResource) Open

                                                                                                              func (r *FileResource) Open() (io.Reader, error)

                                                                                                              type Group

                                                                                                              type Group struct {
                                                                                                              	Name string
                                                                                                              	Gid  int
                                                                                                              }

                                                                                                              func LookupGroup

                                                                                                              func LookupGroup(name string) (*Group, error)

                                                                                                              func LookupGroupByID

                                                                                                              func LookupGroupByID(gid int) (*Group, error)

                                                                                                              type HasAddress

                                                                                                              type HasAddress interface {
                                                                                                              	Task
                                                                                                              	// IsForAPIServer indicates whether the implementation provides an address that needs to be added to the api-server server certificate.
                                                                                                              	IsForAPIServer() bool
                                                                                                              	// FindIPAddress returns the address associated with the implementor.  If there is no address, returns (nil, nil).
                                                                                                              	FindIPAddress(context *Context) (*string, error)
                                                                                                              }

                                                                                                                HasAddress is implemented by elastic/floating IP addresses in order to include relevant dynamically allocated addresses in the api-server's server TLS certificate.

                                                                                                                type HasCheckExisting

                                                                                                                type HasCheckExisting interface {
                                                                                                                	CheckExisting(c *Context) bool
                                                                                                                }

                                                                                                                type HasDependencies

                                                                                                                type HasDependencies interface {
                                                                                                                	GetDependencies(tasks map[string]Task) []Task
                                                                                                                }

                                                                                                                type HasIsReady

                                                                                                                type HasIsReady interface {
                                                                                                                	IsReady() bool
                                                                                                                }

                                                                                                                  HasIsReady is implemented by Resources that are derived (and thus may not be ready at comparison time)

                                                                                                                  type HasLifecycle

                                                                                                                  type HasLifecycle interface {
                                                                                                                  	GetLifecycle() *Lifecycle
                                                                                                                  	// SetLifecycle is used to override a tasks lifecycle. If a lifecycle override exists for a specific task name, then the
                                                                                                                  	// lifecycle is modified.
                                                                                                                  	SetLifecycle(lifecycle Lifecycle)
                                                                                                                  }

                                                                                                                    HasLifecycle indicates that the task has a Lifecycle

                                                                                                                    type HasName

                                                                                                                    type HasName interface {
                                                                                                                    	GetName() *string
                                                                                                                    }

                                                                                                                      HasName indicates that the task has a Name.

                                                                                                                      type HasSource

                                                                                                                      type HasSource interface {
                                                                                                                      	GetSource() *Source
                                                                                                                      }

                                                                                                                      type HasVFSPath

                                                                                                                      type HasVFSPath interface {
                                                                                                                      	VFSPath() vfs.Path
                                                                                                                      }

                                                                                                                        HasVFSPath is implemented by keystore & other stores that use a VFS path as their backing store

                                                                                                                        type Keystore

                                                                                                                        type Keystore interface {
                                                                                                                        	// FindKeypair finds a cert & private key, returning nil where either is not found
                                                                                                                        	// (if the certificate is found but not keypair, that is not an error: only the cert will be returned).
                                                                                                                        	// This func returns a cert, private key and a bool.  The bool value is whether the keypair is stored
                                                                                                                        	// in a legacy format. This bool is used by a keypair
                                                                                                                        	// task to convert a Legacy Keypair to the new Keypair API format.
                                                                                                                        	FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, bool, error)
                                                                                                                        
                                                                                                                        	// StoreKeypair writes the keypair to the store
                                                                                                                        	StoreKeypair(id string, cert *pki.Certificate, privateKey *pki.PrivateKey) error
                                                                                                                        
                                                                                                                        	// MirrorTo will copy secrets to a vfs.Path, which is often easier for a machine to read
                                                                                                                        	MirrorTo(basedir vfs.Path) error
                                                                                                                        }

                                                                                                                          Keystore contains just the functions we need to issue keypairs, not to list / manage them

                                                                                                                          type KeystoreItem

                                                                                                                          type KeystoreItem struct {
                                                                                                                          	Type kops.KeysetType
                                                                                                                          	Name string
                                                                                                                          	ID   string
                                                                                                                          	Data []byte
                                                                                                                          }

                                                                                                                          type Lifecycle

                                                                                                                          type Lifecycle string
                                                                                                                          const (
                                                                                                                          	// LifecycleSync should do the normal synchronization
                                                                                                                          	LifecycleSync Lifecycle = "Sync"
                                                                                                                          
                                                                                                                          	// LifecycleIgnore will skip the task
                                                                                                                          	LifecycleIgnore Lifecycle = "Ignore"
                                                                                                                          
                                                                                                                          	// LifecycleWarnIfInsufficientAccess will warn but ignore the task if there is an error during the find
                                                                                                                          	LifecycleWarnIfInsufficientAccess Lifecycle = "WarnIfInsufficientAccess"
                                                                                                                          
                                                                                                                          	// LifecycleExistsAndValidates will check that the task exists and is the same
                                                                                                                          	LifecycleExistsAndValidates Lifecycle = "ExistsAndValidates"
                                                                                                                          
                                                                                                                          	// LifecycleExistsAndWarnIfChanges will check that the task exists and will warn on changes, but then ignore them
                                                                                                                          	LifecycleExistsAndWarnIfChanges Lifecycle = "ExistsAndWarnIfChanges"
                                                                                                                          )

                                                                                                                          type ModelBuilder

                                                                                                                          type ModelBuilder interface {
                                                                                                                          	Build(context *ModelBuilderContext) error
                                                                                                                          }

                                                                                                                            ModelBuilder allows for plugins that configure an aspect of the model, based on the configuration

                                                                                                                            type ModelBuilderContext

                                                                                                                            type ModelBuilderContext struct {
                                                                                                                            	Tasks              map[string]Task
                                                                                                                            	LifecycleOverrides map[string]Lifecycle
                                                                                                                            }

                                                                                                                              ModelBuilderContext is a context object that holds state we want to pass to ModelBuilder

                                                                                                                              func (*ModelBuilderContext) AddTask

                                                                                                                              func (c *ModelBuilderContext) AddTask(task Task)

                                                                                                                              func (*ModelBuilderContext) EnsureTask

                                                                                                                              func (c *ModelBuilderContext) EnsureTask(task Task) error

                                                                                                                                EnsureTask ensures that the specified task is configured. It adds the task if it does not already exist. If it does exist, it verifies that the existing task reflect.DeepEqual the new task, if they are different an error is returned.

                                                                                                                                type NotADependency

                                                                                                                                type NotADependency struct{}

                                                                                                                                  NotADependency is a marker type to prevent FindTaskDependencies() from considering it a potential dependency.

                                                                                                                                  func (NotADependency) GetDependencies

                                                                                                                                  func (NotADependency) GetDependencies(map[string]Task) []Task

                                                                                                                                  type ProducesDeletions

                                                                                                                                  type ProducesDeletions interface {
                                                                                                                                  	FindDeletions(*Context) ([]Deletion, error)
                                                                                                                                  }

                                                                                                                                  type Resource

                                                                                                                                  type Resource interface {
                                                                                                                                  	Open() (io.Reader, error)
                                                                                                                                  }

                                                                                                                                  type RunTasksOptions

                                                                                                                                  type RunTasksOptions struct {
                                                                                                                                  	MaxTaskDuration         time.Duration
                                                                                                                                  	WaitAfterAllTasksFailed time.Duration
                                                                                                                                  }

                                                                                                                                  func (*RunTasksOptions) InitDefaults

                                                                                                                                  func (o *RunTasksOptions) InitDefaults()

                                                                                                                                  type SSHCredentialStore

                                                                                                                                  type SSHCredentialStore interface {
                                                                                                                                  	// DeleteSSHCredential deletes the specified SSH credential
                                                                                                                                  	DeleteSSHCredential(item *kops.SSHCredential) error
                                                                                                                                  
                                                                                                                                  	// ListSSHCredentials will list all the SSH credentials
                                                                                                                                  	ListSSHCredentials() ([]*kops.SSHCredential, error)
                                                                                                                                  
                                                                                                                                  	// AddSSHPublicKey adds an SSH public key
                                                                                                                                  	AddSSHPublicKey(name string, data []byte) error
                                                                                                                                  
                                                                                                                                  	// FindSSHPublicKeys retrieves the SSH public keys with the specific name
                                                                                                                                  	FindSSHPublicKeys(name string) ([]*kops.SSHCredential, error)
                                                                                                                                  }

                                                                                                                                    SSHCredentialStore holds SSHCredential objects

                                                                                                                                    func NewClientsetSSHCredentialStore

                                                                                                                                    func NewClientsetSSHCredentialStore(cluster *kops.Cluster, clientset kopsinternalversion.KopsInterface, namespace string) SSHCredentialStore

                                                                                                                                      NewClientsetSSHCredentialStore creates an SSHCredentialStore backed by an API client

                                                                                                                                      func NewVFSSSHCredentialStore

                                                                                                                                      func NewVFSSSHCredentialStore(cluster *kops.Cluster, basedir vfs.Path) SSHCredentialStore

                                                                                                                                        NewVFSSSHCredentialStore creates a SSHCredentialStore backed by VFS

                                                                                                                                        type Secret

                                                                                                                                        type Secret struct {
                                                                                                                                        	Data []byte
                                                                                                                                        }

                                                                                                                                        func CreateSecret

                                                                                                                                        func CreateSecret() (*Secret, error)

                                                                                                                                        func (*Secret) AsString

                                                                                                                                        func (s *Secret) AsString() (string, error)

                                                                                                                                        type SecretStore

                                                                                                                                        type SecretStore interface {
                                                                                                                                        	// Secret returns a secret.  Returns an error if not found
                                                                                                                                        	Secret(id string) (*Secret, error)
                                                                                                                                        	// DeleteSecret deletes the specified secret
                                                                                                                                        	DeleteSecret(id string) error
                                                                                                                                        	// FindSecret finds a secret, if exists.  Returns nil,nil if not found
                                                                                                                                        	FindSecret(id string) (*Secret, error)
                                                                                                                                        	// GetOrCreateSecret creates a secret
                                                                                                                                        	GetOrCreateSecret(id string, secret *Secret) (current *Secret, created bool, err error)
                                                                                                                                        	// ReplaceSecret will forcefully update an existing secret if it exists
                                                                                                                                        	ReplaceSecret(id string, secret *Secret) (current *Secret, err error)
                                                                                                                                        	// ListSecrets lists the ids of all known secrets
                                                                                                                                        	ListSecrets() ([]string, error)
                                                                                                                                        
                                                                                                                                        	// MirrorTo will copy secrets to a vfs.Path, which is often easier for a machine to read
                                                                                                                                        	MirrorTo(basedir vfs.Path) error
                                                                                                                                        }

                                                                                                                                        type Source

                                                                                                                                        type Source struct {
                                                                                                                                        	Parent             *Source
                                                                                                                                        	URL                string
                                                                                                                                        	Hash               *hashing.Hash
                                                                                                                                        	ExtractFromArchive string
                                                                                                                                        }

                                                                                                                                        func (*Source) Key

                                                                                                                                        func (s *Source) Key() string

                                                                                                                                          Key builds a unique key for this source

                                                                                                                                          func (*Source) String

                                                                                                                                          func (s *Source) String() string

                                                                                                                                          type StringResource

                                                                                                                                          type StringResource struct {
                                                                                                                                          	// contains filtered or unexported fields
                                                                                                                                          }

                                                                                                                                          func NewStringResource

                                                                                                                                          func NewStringResource(s string) *StringResource

                                                                                                                                          func (*StringResource) MarshalJSON

                                                                                                                                          func (r *StringResource) MarshalJSON() ([]byte, error)

                                                                                                                                          func (*StringResource) Open

                                                                                                                                          func (s *StringResource) Open() (io.Reader, error)

                                                                                                                                          type SubnetInfo

                                                                                                                                          type SubnetInfo struct {
                                                                                                                                          	ID   string
                                                                                                                                          	Zone string
                                                                                                                                          	CIDR string
                                                                                                                                          }

                                                                                                                                          type Target

                                                                                                                                          type Target interface {
                                                                                                                                          	// Lifecycle methods, called by the driver
                                                                                                                                          	Finish(taskMap map[string]Task) error
                                                                                                                                          
                                                                                                                                          	// ProcessDeletions returns true if we should delete resources
                                                                                                                                          	// Some providers (e.g. Terraform) actively keep state, and will delete resources automatically
                                                                                                                                          	ProcessDeletions() bool
                                                                                                                                          }

                                                                                                                                          type Task

                                                                                                                                          type Task interface {
                                                                                                                                          	Run(*Context) error
                                                                                                                                          }

                                                                                                                                          func FindDependencies

                                                                                                                                          func FindDependencies(tasks map[string]Task, o interface{}) []Task

                                                                                                                                            FindDependencies will try to infer dependencies for an arbitrary object

                                                                                                                                            type TaskDependentResource

                                                                                                                                            type TaskDependentResource struct {
                                                                                                                                            	Resource Resource `json:"resource,omitempty"`
                                                                                                                                            	Task     Task     `json:"task,omitempty"`
                                                                                                                                            }

                                                                                                                                            func (*TaskDependentResource) GetDependencies

                                                                                                                                            func (r *TaskDependentResource) GetDependencies(tasks map[string]Task) []Task

                                                                                                                                            func (*TaskDependentResource) IsReady

                                                                                                                                            func (r *TaskDependentResource) IsReady() bool

                                                                                                                                              IsReady implements HasIsReady::IsReady

                                                                                                                                              func (*TaskDependentResource) Open

                                                                                                                                              func (r *TaskDependentResource) Open() (io.Reader, error)

                                                                                                                                              type TaskPreRun

                                                                                                                                              type TaskPreRun interface {
                                                                                                                                              	// PreRun will be run for all TaskPreRuns, before any Run functions are invoked.
                                                                                                                                              	PreRun(*Context) error
                                                                                                                                              }

                                                                                                                                                TaskPreRun is implemented by tasks that perform some initial validation.

                                                                                                                                                type TemplateResource

                                                                                                                                                type TemplateResource interface {
                                                                                                                                                	Resource
                                                                                                                                                	Curry(args []string) TemplateResource
                                                                                                                                                }

                                                                                                                                                type TryAgainLaterError

                                                                                                                                                type TryAgainLaterError struct {
                                                                                                                                                	// contains filtered or unexported fields
                                                                                                                                                }

                                                                                                                                                  TryAgainLaterError is the custom used when a task needs to fail validation with a message and try again later

                                                                                                                                                  func NewTryAgainLaterError

                                                                                                                                                  func NewTryAgainLaterError(message string) *TryAgainLaterError

                                                                                                                                                    NewTryAgainLaterError is a builder for TryAgainLaterError.

                                                                                                                                                    func (*TryAgainLaterError) Error

                                                                                                                                                    func (e *TryAgainLaterError) Error() string

                                                                                                                                                      TryAgainLaterError implementation of the error interface.

                                                                                                                                                      type User

                                                                                                                                                      type User struct {
                                                                                                                                                      	Name    string
                                                                                                                                                      	Uid     int
                                                                                                                                                      	Gid     int
                                                                                                                                                      	Comment string
                                                                                                                                                      	Home    string
                                                                                                                                                      	Shell   string
                                                                                                                                                      }

                                                                                                                                                      func LookupUser

                                                                                                                                                      func LookupUser(name string) (*User, error)

                                                                                                                                                      func LookupUserByID

                                                                                                                                                      func LookupUserByID(uid int) (*User, error)

                                                                                                                                                      type VFSCAStore

                                                                                                                                                      type VFSCAStore struct {
                                                                                                                                                      	// contains filtered or unexported fields
                                                                                                                                                      }

                                                                                                                                                      func NewVFSCAStore

                                                                                                                                                      func NewVFSCAStore(cluster *kops.Cluster, basedir vfs.Path) *VFSCAStore

                                                                                                                                                      func (*VFSCAStore) AddCert

                                                                                                                                                      func (c *VFSCAStore) AddCert(name string, cert *pki.Certificate) error

                                                                                                                                                      func (*VFSCAStore) AddSSHPublicKey

                                                                                                                                                      func (c *VFSCAStore) AddSSHPublicKey(name string, pubkey []byte) error

                                                                                                                                                        AddSSHPublicKey stores an SSH public key

                                                                                                                                                        func (*VFSCAStore) DeleteKeysetItem

                                                                                                                                                        func (c *VFSCAStore) DeleteKeysetItem(item *kops.Keyset, id string) error

                                                                                                                                                          DeleteKeysetItem implements CAStore::DeleteKeysetItem

                                                                                                                                                          func (*VFSCAStore) DeleteSSHCredential

                                                                                                                                                          func (c *VFSCAStore) DeleteSSHCredential(item *kops.SSHCredential) error

                                                                                                                                                          func (*VFSCAStore) FindCert

                                                                                                                                                          func (c *VFSCAStore) FindCert(name string) (*pki.Certificate, error)

                                                                                                                                                          func (*VFSCAStore) FindCertificateKeyset

                                                                                                                                                          func (c *VFSCAStore) FindCertificateKeyset(name string) (*kops.Keyset, error)

                                                                                                                                                          func (*VFSCAStore) FindCertificatePool

                                                                                                                                                          func (c *VFSCAStore) FindCertificatePool(name string) (*CertificatePool, error)

                                                                                                                                                          func (*VFSCAStore) FindKeypair

                                                                                                                                                          func (c *VFSCAStore) FindKeypair(id string) (*pki.Certificate, *pki.PrivateKey, bool, error)

                                                                                                                                                          func (*VFSCAStore) FindPrivateKey

                                                                                                                                                          func (c *VFSCAStore) FindPrivateKey(id string) (*pki.PrivateKey, error)

                                                                                                                                                          func (*VFSCAStore) FindPrivateKeyset

                                                                                                                                                          func (c *VFSCAStore) FindPrivateKeyset(name string) (*kops.Keyset, error)

                                                                                                                                                          func (*VFSCAStore) FindSSHPublicKeys

                                                                                                                                                          func (c *VFSCAStore) FindSSHPublicKeys(name string) ([]*kops.SSHCredential, error)

                                                                                                                                                          func (*VFSCAStore) ListKeysets

                                                                                                                                                          func (c *VFSCAStore) ListKeysets() ([]*kops.Keyset, error)

                                                                                                                                                            ListKeysets implements CAStore::ListKeysets

                                                                                                                                                            func (*VFSCAStore) ListSSHCredentials

                                                                                                                                                            func (c *VFSCAStore) ListSSHCredentials() ([]*kops.SSHCredential, error)

                                                                                                                                                              ListSSHCredentials implements SSHCredentialStore::ListSSHCredentials

                                                                                                                                                              func (*VFSCAStore) MirrorTo

                                                                                                                                                              func (c *VFSCAStore) MirrorTo(basedir vfs.Path) error

                                                                                                                                                                MirrorTo will copy keys to a vfs.Path, which is often easier for a machine to read

                                                                                                                                                                func (*VFSCAStore) StoreKeypair

                                                                                                                                                                func (c *VFSCAStore) StoreKeypair(name string, cert *pki.Certificate, privateKey *pki.PrivateKey) error

                                                                                                                                                                func (*VFSCAStore) VFSPath

                                                                                                                                                                func (s *VFSCAStore) VFSPath() vfs.Path

                                                                                                                                                                type VFSResource

                                                                                                                                                                type VFSResource struct {
                                                                                                                                                                	Path vfs.Path
                                                                                                                                                                }

                                                                                                                                                                func NewVFSResource

                                                                                                                                                                func NewVFSResource(path vfs.Path) *VFSResource

                                                                                                                                                                func (*VFSResource) Open

                                                                                                                                                                func (r *VFSResource) Open() (io.Reader, error)

                                                                                                                                                                type VPCInfo

                                                                                                                                                                type VPCInfo struct {
                                                                                                                                                                	// CIDR is the IP address range for the VPC
                                                                                                                                                                	CIDR string
                                                                                                                                                                
                                                                                                                                                                	// Subnets is a list of subnets that are part of the VPC
                                                                                                                                                                	Subnets []*SubnetInfo
                                                                                                                                                                }

                                                                                                                                                                type Verifier

                                                                                                                                                                type Verifier interface {
                                                                                                                                                                	VerifyToken(token string, body []byte) (*VerifyResult, error)
                                                                                                                                                                }

                                                                                                                                                                  Verifier verifies authentication credentials for requests.

                                                                                                                                                                  type VerifyResult

                                                                                                                                                                  type VerifyResult struct {
                                                                                                                                                                  	// Nodename is the name that this node is authorized to use.
                                                                                                                                                                  	NodeName string
                                                                                                                                                                  }

                                                                                                                                                                    VerifyResult is the result of a successfully verified request.

                                                                                                                                                                    type Warning

                                                                                                                                                                    type Warning struct {
                                                                                                                                                                    	Task    Task
                                                                                                                                                                    	Message string
                                                                                                                                                                    }

                                                                                                                                                                      Warning holds the details of a warning encountered during validation/creation