controller

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2026 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Label and annotation prefixes for the new cloudflare.com API group
	LabelPrefix      = "cloudflare.com/"
	AnnotationPrefix = "cloudflare.com/"

	// Finalizer for cloudflare.com resources
	FinalizerCloudflare = "cloudflare.com/finalizer"

	// Legacy prefixes for backward compatibility with cloudflare-operator.io resources
	LegacyLabelPrefix      = "cloudflare-operator.io/"
	LegacyAnnotationPrefix = "cloudflare-operator.io/"
	LegacyFinalizer        = "cloudflare-operator.io/finalizer"
)

New cloudflare.com API Group constants These will be used for new CRDs (VirtualNetwork, NetworkRoute, etc.)

View Source 
const (
	VirtualNetworkFinalizer = "cloudflare.com/virtualnetwork-finalizer"

	// Labels for VirtualNetwork
	LabelVirtualNetworkName = LabelPrefix + "virtualnetwork-name"
	LabelVirtualNetworkID   = LabelPrefix + "virtualnetwork-id"
)

VirtualNetwork controller constants

View Source 
const (
	NetworkRouteFinalizer = "cloudflare.com/networkroute-finalizer"

	// Labels for NetworkRoute
	LabelNetworkRouteNetwork = LabelPrefix + "networkroute-network"
	LabelNetworkRouteTunnel  = LabelPrefix + "networkroute-tunnel"
)

NetworkRoute controller constants

View Source 
const (
	PrivateServiceFinalizer = "cloudflare.com/privateservice-finalizer"

	// Labels for PrivateService
	LabelPrivateServiceName = LabelPrefix + "privateservice-name"
)

PrivateService controller constants

View Source 
const (
	DeviceSettingsPolicyFinalizer = "cloudflare.com/devicesettingspolicy-finalizer"

	// Labels for DeviceSettingsPolicy
	LabelDeviceSettingsPolicyName = LabelPrefix + "devicesettingspolicy-name"
)

DeviceSettingsPolicy controller constants

View Source 
const (
	// AnnotationLastAppliedConfig stores the last applied configuration for drift detection
	AnnotationLastAppliedConfig = AnnotationPrefix + "last-applied-configuration"

	// AnnotationManagedBy indicates the controller managing the resource
	AnnotationManagedBy = AnnotationPrefix + "managed-by"

	// AnnotationManagedByValue is the value for AnnotationManagedBy
	AnnotationManagedByValue = "cloudflare-operator"
)

Annotations used across controllers

View Source 
const (
	ControllerNameVirtualNetwork       = "VirtualNetwork"
	ControllerNameNetworkRoute         = "NetworkRoute"
	ControllerNamePrivateService       = "PrivateService"
	ControllerNameDeviceSettingsPolicy = "DeviceSettingsPolicy"
)

Controller names for logging and events

View Source 
const (
	// Success events
	EventReasonCreated          = "Created"
	EventReasonUpdated          = "Updated"
	EventReasonDeleted          = "Deleted"
	EventReasonSynced           = "Synced"
	EventReasonReconciled       = "Reconciled"
	EventReasonFinalizerSet     = "FinalizerSet"
	EventReasonFinalizerRemoved = "FinalizerRemoved"
	EventReasonAdopted          = "Adopted"

	// Failure events
	EventReasonCreateFailed     = "CreateFailed"
	EventReasonUpdateFailed     = "UpdateFailed"
	EventReasonDeleteFailed     = "DeleteFailed"
	EventReasonSyncFailed       = "SyncFailed"
	EventReasonReconcileFailed  = "ReconcileFailed"
	EventReasonAPIError         = "APIError"
	EventReasonInvalidConfig    = "InvalidConfig"
	EventReasonDependencyError  = "DependencyError"
	EventReasonAdoptionConflict = "AdoptionConflict"
)

Event reasons

View Source 
const (
	// ManagementMarkerPrefix is the prefix for management markers in comments
	// Format: [managed:kind/namespace/name] or [managed:kind/name] for cluster-scoped
	ManagementMarkerPrefix = "[managed:"
	ManagementMarkerSuffix = "]"
)

Management tracking constants These are used to track which K8s resource manages a Cloudflare resource, preventing adoption race conditions where multiple K8s resources try to manage the same Cloudflare resource.

View Source 
const (
	// Initialization events
	EventReasonSecretNotFound  = "SecretNotFound"
	EventReasonCredentialError = "CredentialError"

	// Finalizer events
	EventReasonFinalizerAdded = "FinalizerAdded"

	// Conflict events
	EventReasonConflict         = "Conflict"
	EventReasonManagedByAnother = "ManagedByAnother"
)

Additional event reasons not defined in constants.go

View Source 
const (
	CredentialsJsonFilename string = "credentials.json"
	CloudflaredLatestImage  string = "cloudflare/cloudflared:latest"
)
View Source 
const (
	// DefaultMaxRetries is the default number of retries for status updates
	DefaultMaxRetries = 5

	// DefaultRetryDelay is the default delay between retries
	DefaultRetryDelay = 100 * time.Millisecond
)
View Source 
const (
	StatePending  = "Pending"
	StateCreating = "Creating"
	StateActive   = "Active"
	StateReady    = "Ready"
	StateError    = "Error"
	StateDeleting = "Deleting"
	StateWarning  = "Warning"
)

State constants for consistent state management across controllers

View Source 
const AdoptionAnnotation = "cloudflare-operator.io/managed-by"

AdoptionAnnotation is the annotation key for marking Cloudflare resources as managed

View Source 
const DefaultRequeueAfter = 30 * time.Second

DefaultRequeueAfter is the default requeue duration after an error

View Source 
const (
	// OperatorNamespace is the namespace where the operator is deployed.
	// Used for cluster-scoped resources to locate secrets.
	OperatorNamespace = "cloudflare-operator-system"
)

Operator namespace constant Cluster-scoped resources should use this namespace for loading secrets when using legacy inline secret references.

Variables

This section is empty.

Functions

func BuildCredentialsRef 

func BuildCredentialsRef(details networkingv1alpha2.CloudflareDetails, _ string) networkingv1alpha2.CredentialsReference

BuildCredentialsRef builds a CredentialsReference from CloudflareDetails. This is used to store the credentials reference in SyncState. Note: CredentialsReference only has Name field, so we store the CloudflareCredentials name. For legacy inline secrets, we need a fallback mechanism in Sync Controller.

func BuildManagedComment 

func BuildManagedComment(info ManagementInfo, userComment string) string

BuildManagedComment creates a comment with management marker prepended. If userComment is empty, only the marker is returned.

func CanManageResource 

func CanManageResource(comment string, info ManagementInfo) bool

CanManageResource checks if the given K8s resource can manage a Cloudflare resource. Returns true if: - The Cloudflare resource has no management marker (first claim) - The management marker matches the K8s resource (same owner) Returns false if the Cloudflare resource is managed by a different K8s resource.

func CreateCloudflareClientFromCreds 

func CreateCloudflareClientFromCreds(creds *credentials.Credentials) (*cloudflare.API, error)

CreateCloudflareClientFromCreds creates a Cloudflare API client from loaded credentials. If CLOUDFLARE_API_BASE_URL environment variable is set, it uses that as the API base URL.

func EnsureFinalizer 

func EnsureFinalizer(ctx context.Context, c client.Client, obj client.Object, finalizerName string) (bool, error)

EnsureFinalizer ensures the finalizer is present on the object. It uses UpdateWithConflictRetry to handle concurrent modifications. Returns true if the finalizer was added (object was updated), false if already present.

func ExtractUserComment 

func ExtractUserComment(comment string) string

ExtractUserComment removes the management marker from a comment and returns the user portion.

func FormatManagedByValue 

func FormatManagedByValue(namespace, name string) string

FormatManagedByValue formats the managed-by annotation value

func HasFinalizer 

func HasFinalizer(obj client.Object, finalizerName string) bool

HasFinalizer checks if the object has the specified finalizer

func IsBeingDeleted 

func IsBeingDeleted(obj client.Object) bool

IsBeingDeleted checks if the object is being deleted (has deletion timestamp)

func IsLifecyclePendingError 

func IsLifecyclePendingError(err error) bool

IsLifecyclePendingError checks if the error is a lifecycle pending error

func IsTerminalState 

func IsTerminalState(state string) bool

IsTerminalState returns true if the state is a terminal state

func QuickHandleDeletion 

func QuickHandleDeletion(
	ctx context.Context,
	c client.Client,
	log logr.Logger,
	recorder record.EventRecorder,
	obj client.Object,
	finalizerName string,
	deleteFn func() error,
) (ctrl.Result, bool, error)

QuickHandleDeletion is a convenience function for simple deletion scenarios It combines HandleDeletion with finalizer checking

func RecordError 

func RecordError(recorder record.EventRecorder, obj runtime.Object, reason string, err error)

RecordError is a shorthand for recording an error event with sanitized message Does not modify conditions

func RecordErrorEventAndCondition 

func RecordErrorEventAndCondition(
	recorder record.EventRecorder,
	obj runtime.Object,
	conditions *[]metav1.Condition,
	reason string,
	err error,
)

RecordErrorEventAndCondition records an error event and sets Ready condition to False It sanitizes the error message to remove sensitive information

func RecordEventAndSetCondition 

func RecordEventAndSetCondition(
	recorder record.EventRecorder,
	obj runtime.Object,
	conditions *[]metav1.Condition,
	eventType string,
	reason string,
	message string,
	conditionStatus metav1.ConditionStatus,
)

RecordEventAndSetCondition records an event and sets a condition on the resource This is a common pattern used throughout the controllers

func RecordSuccess 

func RecordSuccess(recorder record.EventRecorder, obj runtime.Object, reason string, message string)

RecordSuccess is a shorthand for recording a success event Does not modify conditions

func RecordSuccessEventAndCondition 

func RecordSuccessEventAndCondition(
	recorder record.EventRecorder,
	obj runtime.Object,
	conditions *[]metav1.Condition,
	reason string,
	message string,
)

RecordSuccessEventAndCondition records a success event and sets Ready condition to True

func RecordWarningEventAndCondition 

func RecordWarningEventAndCondition(
	recorder record.EventRecorder,
	obj runtime.Object,
	conditions *[]metav1.Condition,
	reason string,
	message string,
)

RecordWarningEventAndCondition records a warning event and sets Ready condition to False

func RemoveFinalizerSafely 

func RemoveFinalizerSafely(ctx context.Context, c client.Client, obj client.Object, finalizerName string) (bool, error)

RemoveFinalizerSafely removes the finalizer from the object safely. It uses UpdateWithConflictRetry to handle concurrent modifications. Returns true if the finalizer was removed (object was updated), false if not present.

func RetryOnConflict 

func RetryOnConflict(ctx context.Context, c client.Client, obj client.Object, fn func() error) error

RetryOnConflict retries a function that may return a conflict error This is useful for status updates where optimistic locking may fail

func SetCondition 

func SetCondition(conditions *[]metav1.Condition, conditionType string, status metav1.ConditionStatus, reason, message string)

SetCondition is a helper to set a condition on a resource It handles the common pattern of setting conditions with proper timestamps

func SetErrorCondition 

func SetErrorCondition(conditions *[]metav1.Condition, err error)

SetErrorCondition sets the Ready condition to False with an error reason

func SetReadyCondition 

func SetReadyCondition(conditions *[]metav1.Condition, status metav1.ConditionStatus, reason, message string)

SetReadyCondition is a shorthand for setting the Ready condition

func SetSuccessCondition 

func SetSuccessCondition(conditions *[]metav1.Condition, message string)

SetSuccessCondition sets the Ready condition to True

func ShouldReconcileDeletion 

func ShouldReconcileDeletion(obj client.Object, finalizerName string) bool

ShouldReconcileDeletion returns true if the object is being deleted and has the finalizer

func TunnelNamespacedName 

func TunnelNamespacedName(r GenericTunnelReconciler) apitypes.NamespacedName

func UpdateStatusWithConflictRetry 

func UpdateStatusWithConflictRetry(ctx context.Context, c client.Client, obj client.Object, updateFn func()) error

UpdateStatusWithConflictRetry is a convenience function that updates status with retry on conflict

func UpdateWithConflictRetry 

func UpdateWithConflictRetry(ctx context.Context, c client.Client, obj client.Object, updateFn func()) error

UpdateWithConflictRetry is a convenience function that updates object with retry on conflict

Types

type AdoptionChecker 

type AdoptionChecker struct {
	// ManagedByValue is the value to use for the managed-by annotation
	// typically in the format "namespace/name"
	ManagedByValue string
}

AdoptionChecker provides utilities for checking if Cloudflare resources are already managed by another Kubernetes object

func NewAdoptionChecker 

func NewAdoptionChecker(namespace, name string) *AdoptionChecker

NewAdoptionChecker creates a new AdoptionChecker

func (*AdoptionChecker) CheckByName 

func (c *AdoptionChecker) CheckByName(name string, lookupFn func(name string) (id string, managedBy string, err error)) AdoptionResult

CheckByName checks if a resource with the given name exists and can be adopted lookupFn should return (id, managedBy, error) for the resource with the given name If the resource is not found, lookupFn should return ("", "", nil)

func (*AdoptionChecker) ConflictError 

func (*AdoptionChecker) ConflictError(resourceType, name, existingManager string) error

ConflictError returns an error for adoption conflict

type AdoptionResult 

type AdoptionResult struct {
	// Found indicates if the resource was found in Cloudflare
	Found bool
	// CanAdopt indicates if the resource can be adopted by this controller
	CanAdopt bool
	// ExistingID is the ID of the existing resource (if found)
	ExistingID string
	// ManagedBy is the current manager of the resource (if any)
	ManagedBy string
	// Error contains any error that occurred during the check
	Error error
}

AdoptionResult represents the result of an adoption check

func (AdoptionResult) IsAvailable 

func (r AdoptionResult) IsAvailable() bool

IsAvailable returns true if the resource is available for adoption (either not found or can be adopted)

type CRDChecker 

type CRDChecker struct {
	// contains filtered or unexported fields
}

CRDChecker provides methods to check if CRDs exist in the cluster

func NewCRDChecker 

func NewCRDChecker(config *rest.Config) (*CRDChecker, error)

NewCRDChecker creates a new CRDChecker using the provided REST config

func (*CRDChecker) GetGatewayAPIStatus 

func (c *CRDChecker) GetGatewayAPIStatus() GatewayAPIStatus

GetGatewayAPIStatus returns the detailed status of Gateway API CRDs

func (*CRDChecker) HasGVK 

func (c *CRDChecker) HasGVK(gvk schema.GroupVersionKind) bool

HasGVK checks if a specific GroupVersionKind is available in the cluster

func (*CRDChecker) HasGatewayAPI 

func (c *CRDChecker) HasGatewayAPI() bool

HasGatewayAPI checks if Gateway API CRDs are installed It checks for the core Gateway and GatewayClass types

func (*CRDChecker) HasHTTPRoute 

func (c *CRDChecker) HasHTTPRoute() bool

HasHTTPRoute checks if HTTPRoute CRD is installed

func (*CRDChecker) HasTCPRoute 

func (c *CRDChecker) HasTCPRoute() bool

HasTCPRoute checks if TCPRoute CRD is installed (alpha2)

func (*CRDChecker) HasUDPRoute 

func (c *CRDChecker) HasUDPRoute() bool

HasUDPRoute checks if UDPRoute CRD is installed (alpha2)

type ClusterTunnelAdapter 

type ClusterTunnelAdapter struct {
	Tunnel    *networkingv1alpha2.ClusterTunnel
	Namespace string
}

ClusterTunnelAdapter implementation

func (ClusterTunnelAdapter) DeepCopyTunnel 

func (o ClusterTunnelAdapter) DeepCopyTunnel() Tunnel

func (ClusterTunnelAdapter) GetAnnotations 

func (o ClusterTunnelAdapter) GetAnnotations() map[string]string

func (ClusterTunnelAdapter) GetLabels 

func (o ClusterTunnelAdapter) GetLabels() map[string]string

func (ClusterTunnelAdapter) GetName 

func (o ClusterTunnelAdapter) GetName() string

func (ClusterTunnelAdapter) GetNamespace 

func (o ClusterTunnelAdapter) GetNamespace() string

func (ClusterTunnelAdapter) GetObject 

func (o ClusterTunnelAdapter) GetObject() client.Object

func (ClusterTunnelAdapter) GetSpec 

func (o ClusterTunnelAdapter) GetSpec() networkingv1alpha2.TunnelSpec

func (ClusterTunnelAdapter) GetStatus 

func (o ClusterTunnelAdapter) GetStatus() networkingv1alpha2.TunnelStatus

func (ClusterTunnelAdapter) GetUID 

func (o ClusterTunnelAdapter) GetUID() types.UID

func (ClusterTunnelAdapter) SetAnnotations 

func (o ClusterTunnelAdapter) SetAnnotations(in map[string]string)

func (ClusterTunnelAdapter) SetLabels 

func (o ClusterTunnelAdapter) SetLabels(in map[string]string)

func (ClusterTunnelAdapter) SetStatus 

func (o ClusterTunnelAdapter) SetStatus(in networkingv1alpha2.TunnelStatus)

type ClusterTunnelReconciler 

type ClusterTunnelReconciler struct {
	client.Client
	Scheme    *runtime.Scheme
	Recorder  record.EventRecorder
	Namespace string
	// contains filtered or unexported fields
}

ClusterTunnelReconciler reconciles a ClusterTunnel object

func (*ClusterTunnelReconciler) GetCfAPI 

func (r *ClusterTunnelReconciler) GetCfAPI() *cf.API

func (*ClusterTunnelReconciler) GetCfSecret 

func (r *ClusterTunnelReconciler) GetCfSecret() *corev1.Secret

func (*ClusterTunnelReconciler) GetClient 

func (r *ClusterTunnelReconciler) GetClient() client.Client

func (*ClusterTunnelReconciler) GetContext 

func (r *ClusterTunnelReconciler) GetContext() context.Context

func (*ClusterTunnelReconciler) GetLog 

func (r *ClusterTunnelReconciler) GetLog() logr.Logger

func (*ClusterTunnelReconciler) GetReconciledObject 

func (r *ClusterTunnelReconciler) GetReconciledObject() client.Object

func (*ClusterTunnelReconciler) GetReconcilerName 

func (r *ClusterTunnelReconciler) GetReconcilerName() string

func (*ClusterTunnelReconciler) GetRecorder 

func (r *ClusterTunnelReconciler) GetRecorder() record.EventRecorder

func (*ClusterTunnelReconciler) GetScheme 

func (r *ClusterTunnelReconciler) GetScheme() *runtime.Scheme

func (*ClusterTunnelReconciler) GetTunnel 

func (r *ClusterTunnelReconciler) GetTunnel() Tunnel

func (*ClusterTunnelReconciler) GetTunnelCreds 

func (r *ClusterTunnelReconciler) GetTunnelCreds() string

func (*ClusterTunnelReconciler) Reconcile 

func (r *ClusterTunnelReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. It compares the state specified by the ClusterTunnel object against the actual cluster state, and then performs operations to make the cluster state reflect the state specified by the user.

For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.10.0/pkg/reconcile

func (*ClusterTunnelReconciler) SetCfAPI 

func (r *ClusterTunnelReconciler) SetCfAPI(in *cf.API)

func (*ClusterTunnelReconciler) SetTunnelCreds 

func (r *ClusterTunnelReconciler) SetTunnelCreds(in string)

func (*ClusterTunnelReconciler) SetupWithManager 

func (r *ClusterTunnelReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

type CredentialsInfo 

type CredentialsInfo struct {
	// AccountID is the Cloudflare account ID
	AccountID string
	// Domain is the Cloudflare domain
	Domain string
	// ZoneID is the Cloudflare zone ID (if available)
	ZoneID string
	// CredentialsRef is the reference to use for Sync Controller
	CredentialsRef networkingv1alpha2.CredentialsReference
}

CredentialsInfo holds the resolved credentials information needed for SyncState registration. This follows the Unified Sync Architecture where Resource Controllers only need credential metadata (accountID, credRef) but not the actual API client.

func ResolveCredentialsForService 

func ResolveCredentialsForService(
	ctx context.Context,
	c client.Client,
	log logr.Logger,
	details networkingv1alpha2.CloudflareDetails,
	namespace string,
	statusAccountID string,
) (*CredentialsInfo, error)

ResolveCredentialsForService resolves credentials information from CloudflareDetails without creating a Cloudflare API client.

This function follows the Unified Sync Architecture: - Resource Controllers should use this to get accountID and credentialsRef - The actual API client creation is deferred to Sync Controllers

Parameters:

  • ctx: context for the operation
  • c: Kubernetes client
  • log: logger
  • details: CloudflareDetails from the resource spec
  • namespace: namespace for legacy inline secrets (use OperatorNamespace for cluster-scoped)
  • statusAccountID: accountID from status (takes precedence if set)

func ResolveCredentialsFromRef 

func ResolveCredentialsFromRef(
	ctx context.Context,
	c client.Client,
	log logr.Logger,
	credRef *networkingv1alpha2.CredentialsReference,
) (*CredentialsInfo, error)

ResolveCredentialsFromRef resolves credentials information from a simple CredentialsReference without creating a Cloudflare API client.

This function follows the Unified Sync Architecture for resources that use the simplified CredentialsReference (R2Bucket, R2BucketDomain, R2BucketNotification, RedirectRule, TransformRule, ZoneRuleset) instead of the full CloudflareDetails.

Parameters:

  • ctx: context for the operation
  • c: Kubernetes client
  • log: logger
  • credRef: simple CredentialsReference from the resource spec (may be nil for default)

Returns credentials info with AccountID and CredentialsRef for SyncState registration.

type CredentialsResult 

type CredentialsResult struct {
	// CredentialsName is the name of the CloudflareCredentials resource
	CredentialsName string
	// AccountID is the Cloudflare account ID
	AccountID string
	// ZoneID is the Cloudflare zone ID (optional, may be empty)
	ZoneID string
}

CredentialsResult holds the result of resolving credentials for a resource. Used to reduce the number of return values in resolveCredentials functions.

type DeletionHandler 

type DeletionHandler struct {
	Client        client.Client
	Log           logr.Logger
	Recorder      record.EventRecorder
	FinalizerName string
}

DeletionHandler handles the standard deletion flow for resources

func NewDeletionHandler 

func NewDeletionHandler(c client.Client, log logr.Logger, recorder record.EventRecorder, finalizerName string) *DeletionHandler

NewDeletionHandler creates a new DeletionHandler

func (*DeletionHandler) HandleDeletion 

func (h *DeletionHandler) HandleDeletion(
	ctx context.Context,
	obj client.Object,
	deleteFn func() error,
) (ctrl.Result, bool, error)

HandleDeletion performs the standard deletion workflow: 1. Check if finalizer is present 2. Execute the delete function (to clean up external resources) 3. Remove the finalizer

The deleteFn should handle NotFound errors gracefully (return nil if already deleted). Returns (result, requeue, error) where: - result is the reconcile result - requeue indicates if reconciliation should be requeued - error is any error that occurred

func (*DeletionHandler) HandleDeletionWithMultipleResources 

func (h *DeletionHandler) HandleDeletionWithMultipleResources(
	ctx context.Context,
	obj client.Object,
	deleteFns []func() error,
) (ctrl.Result, bool, error)

HandleDeletionWithMultipleResources handles deletion when multiple external resources need to be cleaned up. It aggregates errors and only removes the finalizer if all deletions succeed.

type GatewayAPIStatus 

type GatewayAPIStatus struct {
	// GatewayClassAvailable indicates if GatewayClass CRD is available
	GatewayClassAvailable bool
	// GatewayAvailable indicates if Gateway CRD is available
	GatewayAvailable bool
	// HTTPRouteAvailable indicates if HTTPRoute CRD is available
	HTTPRouteAvailable bool
	// TCPRouteAvailable indicates if TCPRoute CRD is available
	TCPRouteAvailable bool
	// UDPRouteAvailable indicates if UDPRoute CRD is available
	UDPRouteAvailable bool
}

GatewayAPIStatus contains the status of Gateway API CRDs

func (GatewayAPIStatus) CoreAvailable 

func (s GatewayAPIStatus) CoreAvailable() bool

CoreAvailable returns true if the core Gateway API CRDs are available (GatewayClass and Gateway, which are the minimum requirement)

func (GatewayAPIStatus) IsComplete 

func (s GatewayAPIStatus) IsComplete() bool

IsComplete returns true if all core Gateway API CRDs are available

type GenericTunnelReconciler 

type GenericTunnelReconciler interface {
	k8s.GenericReconciler

	GetScheme() *runtime.Scheme
	GetTunnel() Tunnel
	GetCfAPI() *cf.API
	SetCfAPI(*cf.API)
	GetCfSecret() *corev1.Secret
	GetTunnelCreds() string
	SetTunnelCreds(string)
}

type ManagementInfo 

type ManagementInfo struct {
	Kind      string
	Namespace string // Empty for cluster-scoped resources
	Name      string
}

ManagementInfo represents the K8s resource managing a Cloudflare resource

func GetConflictingManager 

func GetConflictingManager(comment string, info ManagementInfo) *ManagementInfo

GetConflictingManager returns the ManagementInfo of the resource that conflicts with the given info. Returns nil if there's no conflict.

func NewManagementInfo 

func NewManagementInfo(obj metav1.Object, kind string) ManagementInfo

NewManagementInfo creates a ManagementInfo from a K8s object

func ParseManagementMarker 

func ParseManagementMarker(comment string) *ManagementInfo

ParseManagementMarker extracts ManagementInfo from a comment string. Returns nil if no management marker is found.

func (ManagementInfo) Equals 

func (m ManagementInfo) Equals(other ManagementInfo) bool

Equals returns true if two ManagementInfo are equal

func (ManagementInfo) String 

func (m ManagementInfo) String() string

String returns the management marker string for embedding in comments

type StatusUpdater 

type StatusUpdater struct {
	Client     client.Client
	MaxRetries int
	RetryDelay time.Duration
}

StatusUpdater provides utilities for updating resource status with retry logic

func NewStatusUpdater 

func NewStatusUpdater(c client.Client) *StatusUpdater

NewStatusUpdater creates a new StatusUpdater with default settings

func (*StatusUpdater) UpdateStatusWithRetry 

func (u *StatusUpdater) UpdateStatusWithRetry(ctx context.Context, obj client.Object, updateFn func()) error

UpdateStatusWithRetry updates the status of an object with retry on conflict

func (*StatusUpdater) UpdateWithRetry 

func (u *StatusUpdater) UpdateWithRetry(ctx context.Context, obj client.Object, updateFn func()) error

UpdateWithRetry updates an object with retry on conflict

type Tunnel 

type Tunnel interface {
	GetObject() client.Object
	GetNamespace() string
	GetName() string
	GetLabels() map[string]string
	SetLabels(map[string]string)
	GetAnnotations() map[string]string
	SetAnnotations(map[string]string)
	GetSpec() networkingv1alpha2.TunnelSpec
	GetStatus() networkingv1alpha2.TunnelStatus
	SetStatus(networkingv1alpha2.TunnelStatus)
	DeepCopyTunnel() Tunnel
}

type TunnelAdapter 

type TunnelAdapter struct {
	Tunnel *networkingv1alpha2.Tunnel
}

TunnelAdapter implementation

func (TunnelAdapter) DeepCopyTunnel 

func (o TunnelAdapter) DeepCopyTunnel() Tunnel

func (TunnelAdapter) GetAnnotations 

func (o TunnelAdapter) GetAnnotations() map[string]string

func (TunnelAdapter) GetLabels 

func (o TunnelAdapter) GetLabels() map[string]string

func (TunnelAdapter) GetName 

func (o TunnelAdapter) GetName() string

func (TunnelAdapter) GetNamespace 

func (o TunnelAdapter) GetNamespace() string

func (TunnelAdapter) GetObject 

func (o TunnelAdapter) GetObject() client.Object

func (TunnelAdapter) GetSpec 

func (o TunnelAdapter) GetSpec() networkingv1alpha2.TunnelSpec

func (TunnelAdapter) GetStatus 

func (o TunnelAdapter) GetStatus() networkingv1alpha2.TunnelStatus

func (TunnelAdapter) GetUID 

func (o TunnelAdapter) GetUID() types.UID

func (TunnelAdapter) SetAnnotations 

func (o TunnelAdapter) SetAnnotations(in map[string]string)

func (TunnelAdapter) SetLabels 

func (o TunnelAdapter) SetLabels(in map[string]string)

func (TunnelAdapter) SetStatus 

func (o TunnelAdapter) SetStatus(in networkingv1alpha2.TunnelStatus)

type TunnelBindingReconciler 

type TunnelBindingReconciler struct {
	client.Client
	Scheme             *runtime.Scheme
	Recorder           record.EventRecorder
	Namespace          string
	OverwriteUnmanaged bool
	// contains filtered or unexported fields
}

TunnelBindingReconciler reconciles a TunnelBinding object

func (*TunnelBindingReconciler) Reconcile 

func (r *TunnelBindingReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.

For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.10.0/pkg/reconcile

func (*TunnelBindingReconciler) SetupWithManager 

func (r *TunnelBindingReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

type TunnelReconciler 

type TunnelReconciler struct {
	client.Client
	Scheme   *runtime.Scheme
	Recorder record.EventRecorder
	// contains filtered or unexported fields
}

TunnelReconciler reconciles a Tunnel object

func (*TunnelReconciler) GetCfAPI 

func (r *TunnelReconciler) GetCfAPI() *cf.API

func (*TunnelReconciler) GetCfSecret 

func (r *TunnelReconciler) GetCfSecret() *corev1.Secret

func (*TunnelReconciler) GetClient 

func (r *TunnelReconciler) GetClient() client.Client

func (*TunnelReconciler) GetContext 

func (r *TunnelReconciler) GetContext() context.Context

func (*TunnelReconciler) GetLog 

func (r *TunnelReconciler) GetLog() logr.Logger

func (*TunnelReconciler) GetReconciledObject 

func (r *TunnelReconciler) GetReconciledObject() client.Object

func (*TunnelReconciler) GetReconcilerName 

func (r *TunnelReconciler) GetReconcilerName() string

func (*TunnelReconciler) GetRecorder 

func (r *TunnelReconciler) GetRecorder() record.EventRecorder

func (*TunnelReconciler) GetScheme 

func (r *TunnelReconciler) GetScheme() *runtime.Scheme

func (*TunnelReconciler) GetTunnel 

func (r *TunnelReconciler) GetTunnel() Tunnel

func (*TunnelReconciler) GetTunnelCreds 

func (r *TunnelReconciler) GetTunnelCreds() string

func (*TunnelReconciler) Reconcile 

func (r *TunnelReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)

Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.

For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.10.0/pkg/reconcile

func (*TunnelReconciler) SetCfAPI 

func (r *TunnelReconciler) SetCfAPI(in *cf.API)

func (*TunnelReconciler) SetTunnelCreds 

func (r *TunnelReconciler) SetTunnelCreds(in string)

func (*TunnelReconciler) SetupWithManager 

func (r *TunnelReconciler) SetupWithManager(mgr ctrl.Manager) error

SetupWithManager sets up the controller with the Manager.

Source Files

View all Source files

Directories

Path Synopsis
Package accessapplication provides the controller for AccessApplication CRD.
 Package accessapplication provides the controller for AccessApplication CRD.
Package accessgroup provides a controller for managing Cloudflare Access Groups.
 Package accessgroup provides a controller for managing Cloudflare Access Groups.
Package accessidentityprovider provides a controller for managing Cloudflare Access Identity Providers.
 Package accessidentityprovider provides a controller for managing Cloudflare Access Identity Providers.
Package accesspolicy provides a controller for managing Cloudflare Reusable Access Policies.
 Package accesspolicy provides a controller for managing Cloudflare Reusable Access Policies.
Package accessservicetoken provides a controller for managing Cloudflare Access Service Tokens.
 Package accessservicetoken provides a controller for managing Cloudflare Access Service Tokens.
Package accesstunnel contains the code associated with the reconciliation process for the accessTunnel resource
 Package accesstunnel contains the code associated with the reconciliation process for the accessTunnel resource
Package cloudflaredomain provides a controller for managing CloudflareDomain resources.
 Package cloudflaredomain provides a controller for managing CloudflareDomain resources.
Package common provides shared utilities for controllers in the simplified 3-layer architecture.
 Package common provides shared utilities for controllers in the simplified 3-layer architecture.
Package deviceposturerule provides a controller for managing Cloudflare Device Posture Rules.
 Package deviceposturerule provides a controller for managing Cloudflare Device Posture Rules.
Package devicesettingspolicy provides a controller for managing Cloudflare Device Settings Policy.
 Package devicesettingspolicy provides a controller for managing Cloudflare Device Settings Policy.
Package dnsrecord implements the Controller for DNSRecord CRD.
 Package dnsrecord implements the Controller for DNSRecord CRD.
Package domainregistration provides a controller for managing Cloudflare Registrar domains.
 Package domainregistration provides a controller for managing Cloudflare Registrar domains.
Package gateway implements Kubernetes Gateway API controllers for cloudflared tunnels.
 Package gateway implements Kubernetes Gateway API controllers for cloudflared tunnels.
Package gatewayconfiguration provides a controller for managing Cloudflare Gateway Configuration.
 Package gatewayconfiguration provides a controller for managing Cloudflare Gateway Configuration.
Package gatewaylist provides a controller for managing Cloudflare Gateway Lists.
 Package gatewaylist provides a controller for managing Cloudflare Gateway Lists.
Package gatewayrule provides a controller for managing Cloudflare Gateway Rules.
 Package gatewayrule provides a controller for managing Cloudflare Gateway Rules.
Package ingress implements the Kubernetes Ingress Controller for Cloudflare Tunnels.
 Package ingress implements the Kubernetes Ingress Controller for Cloudflare Tunnels.
Package networkroute provides a controller for managing Cloudflare Tunnel Routes.
 Package networkroute provides a controller for managing Cloudflare Tunnel Routes.
Package origincacertificate provides a controller for managing Cloudflare Origin CA certificates.
 Package origincacertificate provides a controller for managing Cloudflare Origin CA certificates.
Package pagesdeployment implements the Controller for PagesDeployment CRD.
 Package pagesdeployment implements the Controller for PagesDeployment CRD.
Package pagesdomain implements the Controller for PagesDomain CRD.
 Package pagesdomain implements the Controller for PagesDomain CRD.
Package pagesproject implements the Controller for PagesProject CRD.
 Package pagesproject implements the Controller for PagesProject CRD.
Package pagespromotion implements the Controller for PagesPromotion CRD.
 Package pagespromotion implements the Controller for PagesPromotion CRD.
Package privateservice provides a controller for managing Cloudflare Private Services.
 Package privateservice provides a controller for managing Cloudflare Private Services.
Package r2bucket provides a controller for managing Cloudflare R2 storage buckets.
 Package r2bucket provides a controller for managing Cloudflare R2 storage buckets.
Package r2bucketdomain provides a controller for managing Cloudflare R2 bucket custom domains.
 Package r2bucketdomain provides a controller for managing Cloudflare R2 bucket custom domains.
Package r2bucketnotification provides a controller for managing R2 bucket event notifications.
 Package r2bucketnotification provides a controller for managing R2 bucket event notifications.
Package redirectrule provides a controller for managing Cloudflare Redirect Rules.
 Package redirectrule provides a controller for managing Cloudflare Redirect Rules.
Package refs provides unified reference resolution for Cloudflare resources.
 Package refs provides unified reference resolution for Cloudflare resources.
Package route provides shared utilities for building cloudflared ingress rules from various Kubernetes resources (Ingress, Gateway API routes, TunnelBinding).
 Package route provides shared utilities for building cloudflared ingress rules from various Kubernetes resources (Ingress, Gateway API routes, TunnelBinding).
Package transformrule provides a controller for managing Cloudflare Transform Rules.
 Package transformrule provides a controller for managing Cloudflare Transform Rules.
Package tunnel provides shared tunnel resolution and management utilities for controllers that work with Tunnel and ClusterTunnel resources.
 Package tunnel provides shared tunnel resolution and management utilities for controllers that work with Tunnel and ClusterTunnel resources.
Package tunnelconfig provides types and utilities for managing tunnel configuration via ConfigMaps.
 Package tunnelconfig provides types and utilities for managing tunnel configuration via ConfigMaps.
Package virtualnetwork provides a controller for managing Cloudflare Virtual Networks.
 Package virtualnetwork provides a controller for managing Cloudflare Virtual Networks.
Package warpconnector provides a controller for managing Cloudflare WARP Connectors.
 Package warpconnector provides a controller for managing Cloudflare WARP Connectors.
Package zoneruleset provides a controller for managing Cloudflare zone rulesets.
 Package zoneruleset provides a controller for managing Cloudflare zone rulesets.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.