Documentation
¶
Index ¶
- Constants
- Variables
- func EnsureVolumeMountPresent(volumeMounts []corev1.VolumeMount, newVolMount corev1.VolumeMount) []corev1.VolumeMount
- func GenerateCNCFClusterInfo(cl client.Client, dc *discovery.DiscoveryClient, ctx context.Context, ...) (err error)
- func GenerateOCPClusterInfo(cl client.Client, dc *discovery.DiscoveryClient, ctx context.Context, ...) (err error)
- func GetAppsDomain(cl client.Client, ctx context.Context, authCR *operatorv1alpha1.Authentication) (domain string, err error)
- func GetCNCFDomain(ctx context.Context, cl client.Client, authCR *operatorv1alpha1.Authentication) (domainName string, err error)
- func GetFunctionName(fn any) string
- func GetK8sAPIHostAndPort() (host, port string)
- func GetLdapBindPwdVolumeMount() corev1.VolumeMount
- func GetZenHost(cl client.Client, ctx context.Context, authCR *operatorv1alpha1.Authentication) (zenHost string, err error)
- func IsEmptyMatchListError(err error) bool
- func IsFailingIMHasSAMLError(err error) bool
- func IsJobMissingResultError(err error) bool
- func IsLabelConflictError(err error) (ok bool)
- func IsMissingKeyError(err error) bool
- func IsRouteEqual(ctx context.Context, oldRoute, newRoute *routev1.Route) bool
- func NewIMHasSAMLError(rc int32, objKey client.ObjectKey) *failedJobError
- func NewInvalidMatchListError(length int, gvk schema.GroupVersionKind) *invalidMatchListError
- func ReturnCodeForError(err error) int32
- func ReturnNameForError(err error) string
- func ReturnNamespaceForError(err error) string
- func ShouldUseCPDHost(authCR *operatorv1alpha1.Authentication, dc *discovery.DiscoveryClient) bool
- type AuthenticationReconciler
- func (r *AuthenticationReconciler) Reconcile(rootCtx context.Context, req ctrl.Request) (result ctrl.Result, err error)
- func (r *AuthenticationReconciler) RunningOnCNCFCluster() bool
- func (r *AuthenticationReconciler) RunningOnOpenShiftCluster() bool
- func (r *AuthenticationReconciler) RunningOnUnknownCluster() bool
- func (r *AuthenticationReconciler) SetupWithManager(mgr ctrl.Manager) error
- func (r *AuthenticationReconciler) UpdateDeploymentReplicas(ctx context.Context, deploymentName, namespace string, fixedReplicas int32) error
- type Keyed
- type LabelConflictError
- type Lengthed
- type ReturnCoded
- type ZenExtensionWithSpec
Constants ¶
View Source
const ( // ClusterConfigName ... ibmcloud-cluster-info ClusterAddr string = "cluster_address" ClusterEP string = "cluster_endpoint" IMCrtAuthRouteName string = "im-certauth-passthrough" IMCrtAuthRoutePrefix string = "passthrough" RouteHTTPPort string = "cluster_router_http_port" RouteHTTPSPort string = "cluster_router_https_port" RouteHTTPPortValue string = "80" RouteHTTPSPortValue string = "443" ClusterName string = "cluster_name" ClusterNameValue string = "mycluster" ClusterAPIServerHost string = "cluster_kube_apiserver_host" ClusterAPIServerPort string = "cluster_kube_apiserver_port" ClusterSecretName string = "ibmcloud-cluster-ca-cert" ProxyAddress string = "proxy_address" ProviderSVC string = "im_idprovider_endpoint" IDMgmtSVC string = "im_idmgmt_endpoint" )
View Source
const ( UnknownAPIVersion string = "Unknown" ResourceReadyState string = "Ready" ResourceNotReadyState string = "NotReady" )
View Source
const AnnotationSHA1Sum string = "authentication.operator.ibm.com/sha1sum"
View Source
const AuditTLSSecretName string = "audit-tls"
Name of Secret containing certificates for Common Audit Logging
View Source
const Certv1alpha1APIVersion = "certmanager.k8s.io/v1alpha1"
View Source
const ClusterInfoConfigmapName = "ibmcloud-cluster-info"
View Source
const DefaultClusterIssuer = "cs-ca-issuer"
View Source
const DefaultHTTPBackendServiceName = "default-http-backend"
View Source
const FinalizerMigration string = "authentication.operator.ibm.com/migration"
FinalizerMigration is the finalizer appended to resources that are being retained during migration
View Source
const IMAuditTLSVolume string = "audit-volume"
View Source
const ImZenExtName = "iam-zen-extension"
View Source
const MigrationJobName string = "ibm-im-db-migration"
View Source
const PlatformAuthServiceName = "platform-auth-service"
View Source
const PlatformIdentityManagementServiceName = "platform-identity-management"
View Source
const PlatformIdentityProviderServiceName = "platform-identity-provider"
View Source
const RestartAnnotation string = "authentications.operator.ibm.com/restartedAt"
View Source
const SecretProviderClassAsVolumeLabel string = "authentication.operator.ibm.com/as-volume"
View Source
const URL_PREFIX = "URL_PREFIX"
View Source
const ZenProductConfigmapName = "product-configmap"
Variables ¶
View Source
var ArchList = []string{
"amd64",
"ppc64le",
"s390x",
}
Functions ¶
func EnsureVolumeMountPresent ¶
func EnsureVolumeMountPresent(volumeMounts []corev1.VolumeMount, newVolMount corev1.VolumeMount) []corev1.VolumeMount
EnsureVolumeMountPresent checks if a volumeMount exists If not, it appends the new volume and returns the updated slice.
func GenerateCNCFClusterInfo ¶
func GenerateCNCFClusterInfo(cl client.Client, dc *discovery.DiscoveryClient, ctx context.Context, authCR *operatorv1alpha1.Authentication, domainName string, generated *corev1.ConfigMap) (err error)
func GenerateOCPClusterInfo ¶
func GenerateOCPClusterInfo(cl client.Client, dc *discovery.DiscoveryClient, ctx context.Context, authCR *operatorv1alpha1.Authentication, generated *corev1.ConfigMap) (err error)
func GetAppsDomain ¶
func GetAppsDomain(cl client.Client, ctx context.Context, authCR *operatorv1alpha1.Authentication) (domain string, err error)
GetAppsDomain obtains the OCP appsDomain by attempting to create a dummy Route in the services namespace.
func GetCNCFDomain ¶
func GetCNCFDomain(ctx context.Context, cl client.Client, authCR *operatorv1alpha1.Authentication) (domainName string, err error)
GetCNCFDomain returns the CNCF domain name set in the global ConfigMap, if present. Returns an error when the ConfigMap is not found and returns an empty string whenever the ConfigMap is found but the CNCF domain name is not set.
func GetFunctionName ¶
func GetK8sAPIHostAndPort ¶
func GetK8sAPIHostAndPort() (host, port string)
func GetLdapBindPwdVolumeMount ¶
func GetLdapBindPwdVolumeMount() corev1.VolumeMount
func GetZenHost ¶
func GetZenHost(cl client.Client, ctx context.Context, authCR *operatorv1alpha1.Authentication) (zenHost string, err error)
func IsEmptyMatchListError ¶
func IsFailingIMHasSAMLError ¶
func IsJobMissingResultError ¶
func IsLabelConflictError ¶
func IsMissingKeyError ¶
func IsRouteEqual ¶
Use DeepEqual to determine if 2 routes are equal. Check annotations and Spec. If there are any differences, return false. Otherwise, return true.
func NewIMHasSAMLError ¶
func NewInvalidMatchListError ¶
func NewInvalidMatchListError(length int, gvk schema.GroupVersionKind) *invalidMatchListError
func ReturnCodeForError ¶
func ReturnNameForError ¶
func ReturnNamespaceForError ¶
func ShouldUseCPDHost ¶
func ShouldUseCPDHost(authCR *operatorv1alpha1.Authentication, dc *discovery.DiscoveryClient) bool
Types ¶
type AuthenticationReconciler ¶
type AuthenticationReconciler struct {
client.Client
Scheme *k8sRuntime.Scheme
DiscoveryClient discovery.DiscoveryClient
Mutex sync.Mutex
common.ByteGenerator
// contains filtered or unexported fields
}
AuthenticationReconciler reconciles a Authentication object
func (*AuthenticationReconciler) Reconcile ¶
func (r *AuthenticationReconciler) Reconcile(rootCtx context.Context, req ctrl.Request) (result ctrl.Result, err error)
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.
func (*AuthenticationReconciler) RunningOnCNCFCluster ¶
func (r *AuthenticationReconciler) RunningOnCNCFCluster() bool
RunningOnCNCFCluster returns whether the Operator is running on a CNCF cluster
func (*AuthenticationReconciler) RunningOnOpenShiftCluster ¶
func (r *AuthenticationReconciler) RunningOnOpenShiftCluster() bool
RunningOnOpenShiftCluster returns whether the Operator is running on an OpenShift cluster
func (*AuthenticationReconciler) RunningOnUnknownCluster ¶
func (r *AuthenticationReconciler) RunningOnUnknownCluster() bool
RunningOnUnknownCluster returns whether the Operator is running on an unknown cluster type
func (*AuthenticationReconciler) SetupWithManager ¶
func (r *AuthenticationReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
func (*AuthenticationReconciler) UpdateDeploymentReplicas ¶
type LabelConflictError ¶
type LabelConflictError struct {
// contains filtered or unexported fields
}
func (*LabelConflictError) Error ¶
func (e *LabelConflictError) Error() string
func (*LabelConflictError) GetLabel ¶
func (e *LabelConflictError) GetLabel() string
func (*LabelConflictError) GetObjects ¶
func (e *LabelConflictError) GetObjects() []client.Object
func (*LabelConflictError) GetValue ¶
func (e *LabelConflictError) GetValue() string
type ReturnCoded ¶
type ReturnCoded interface {
GetRC() int32
}
type ZenExtensionWithSpec ¶
type ZenExtensionWithSpec struct {
metav1.ObjectMeta
metav1.TypeMeta
Status zenv1.ZenExtensionStatus
Spec map[string]any
}
func (*ZenExtensionWithSpec) ToUnstructured ¶
func (zs *ZenExtensionWithSpec) ToUnstructured(s *runtime.Scheme) (u *unstructured.Unstructured, err error)
Source Files
¶
- authentication_controller.go
- certificate.go
- client.go
- clusterrole.go
- clusterrolebinding.go
- configmap.go
- constants.go
- containers.go
- deployment.go
- hpa.go
- ingress.go
- job.go
- matcher.go
- migration.go
- operandbindinfo.go
- operandrequest.go
- resourcestatus.go
- role.go
- rolebinding.go
- routes.go
- sacc.go
- secret.go
- service.go
- zenextension.go
Click to show internal directories.
Click to hide internal directories.