constants

package
v0.15.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 3, 2025 License: AGPL-3.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	EnvNameSSHAuthSock   = "SSH_AUTH_SOCK"
	EnvNameSSHKnownHosts = "SSH_KNOWN_HOSTS"

	EnvNameAWSAccessKey            = "AWS_ACCESS_KEY_ID"
	EnvNameAWSSecretKey            = "AWS_SECRET_ACCESS_KEY"
	EnvNameAWSSessionToken         = "AWS_SESSION_TOKEN"
	EnvNameAWSRegion               = "AWS_REGION"
	EnvNameAWSB64EcodedCredentials = "AWS_B64ENCODED_CREDENTIALS"

	EnvNameHCloudToken   = "HCLOUD_TOKEN"
	EnvNameRobotUser     = "ROBOT_USER"
	EnvNameRobotPassword = "ROBOT_PASSWORD"

	EnvNameKubeconfig = "KUBECONFIG"

	EnvNameHomeDirectory = "HOME"
)

Environment variable names.

View Source 
const (
	FlagNameDebug = "debug"

	FlagNameKubeAidVersion = "kubeaid-version"

	FlagNameManagementClusterName             = "management-cluster-name"
	FlagNameManagementClusterNameDefaultValue = "kubeaid-bootstrapper"

	FlagNameConfigsDirectory             = "configs-directory"
	FlagNameConfigsDirectoryDefaultValue = "outputs/configs"

	FlagNameSkipMonitoringSetup = "skip-monitoring-setup"
	FlagNameSkipPRWorkflow      = "skip-pr-workflow"
	FlagNameSkipClusterctlMove  = "skip-clusterctl-move"

	FlagNameAWSAccessKeyID     = "aws-access-key-id"
	FlagNameAWSSecretAccessKey = "aws-secret-access-key"
	FlagNameAWSSessionToken    = "aws-session-token"
	FlagNameAWSRegion          = "aws-region"
	FlagNameAMIID              = "ami-id"

	FlagNameAzureClientSecret = "azure-client-secret"
	FlagNameNewImageOffer     = "new-image-offer"

	FlagNameHetznerAPIToken      = "hetzner-cloud-api-token"
	FlagNameHetznerRobotUsername = "hetzner-robot-username"
	FlagNameHetznerRobotPassword = "hetzner-robot-password"

	FlagNameNewK8sVersion = "new-k8s-version"
)

CLI flags.

View Source 
const (
	KubeAPIServerFlagAuditPolicyFile = "audit-policy-file"
	KubeAPIServerFlagAuditLogPath    = "audit-log-path"
)

Kube API server CLI flags.

View Source 
const (
	CloudProviderAWS       = "aws"
	CloudProviderHetzner   = "hetzner"
	CloudProviderAzure     = "azure"
	CloudProviderBareMetal = "bare-metal"
	CloudProviderLocal     = "local"
)

Cloud providers.

View Source 
const (
	ReleaseNameArgoCD = "argocd"

	ArgoCDProjectKubeAid   = "kubeaid"
	ArgoCDRoleKubeAidAgent = "kubeaid-agent"

	// Apps.
	ArgoCDAppArgoCD            = "argocd"
	ArgoCDAppRoot              = "root"
	ArgoCDAppCapiCluster       = "capi-cluster"
	ArgoCDAppHetznerRobot      = "hetzner-robot"
	ArgoCDAppClusterAutoscaler = "cluster-autoscaler"
	ArgoCDAppVelero            = "velero"
	ArgoCDAppKubePrometheus    = "kube-prometheus"
	ArgoCDExternalSnapshotter  = "external-snapshotter"
	ArgoCDAppCilium            = "cilium"

	ArgoCDProjectRolePolicyFmt = "p, proj:%s:%s, %s, %s, %s/*, %s" // Inputs: project-name, role-name, resource, action, project-name, effect
	ArgoCDLabelKeyManagedBy    = "kubeaid.io/managed-by"

	ArgoCDRBACEffectAllow = "allow"
	ArgoCDRBACEffectDeny  = "deny"

	ArgoCDProjectRoleSecretName = "argocd-project-role-kubeaid-agent"
)

ArgoCD.

View Source 
const (
	ReleaseNameSealedSecrets    = "sealed-secrets"
	SealedSecretsControllerName = ReleaseNameSealedSecrets + "-controller"

	CRONJobNameBackupSealedSecrets = "backup-sealed-secrets"
)

Sealed Secrets.

View Source 
const (
	BlobContainerNameOIDCProvider = "oidc-provider"

	AzureBlobNameOpenIDConfiguration = ".well-known/openid-configuration"
	AzureBlobNameJWKSDocument        = "openid/v1/jwks"

	// Grants full access to manage all resources, but does not allow you to assign roles in Azure
	// RBAC, manage assignments in Azure Blueprints, or share image galleries.
	AzureRoleIDContributor = "b24988ac-6180-42a0-ab88-20f7382dd24c"
	// Provides full access to Azure Storage blob containers and data, including assigning POSIX
	// access control.
	AzureRoleIDStorageBlobDataOwner = "b7e6dc6d-f1e8-4753-8033-0f276bb0955b"

	AzureResponseStatusCodeResourceAlreadyExists = 409
)

Azure

View Source 
const (
	HetznerModeBareMetal = "bare-metal"
	HetznerModeHCloud    = "hcloud"
	HetznerModeHybrid    = "hybrid"

	HetznerRobotWebServiceAPI = "https://robot-ws.your-server.de"
)

Hetzner

View Source 
const (
	// Namespaces.
	NamespaceArgoCD        = "argocd"
	NamespaceVelero        = "velero"
	NamespaceSealedSecrets = "sealed-secrets"
	NamespaceCrossPlane    = "crossplane"
	NamespaceCilium        = "cilium"
	NamespaceCiliumTest    = "cilium-test"

	// Service Accounts.
	ServiceAccountCAPZ          = "capz-manager"
	ServiceAccountASO           = "azureserviceoperator-default"
	ServiceAccountVelero        = "velero"
	ServiceAccountSealedSecrets = "sealed-secrets"
)
View Source 
const (
	SSHPrivateKeyPrefixOpenSSH = "-----BEGIN OPENSSH PRIVATE KEY-----"
	SSHPublicKeyPrefixOpenSSH  = "ssh-rsa "

	SSHPrivateKeyPrefixPEM = "-----BEGIN PRIVATE KEY-----"
	SSHPublicKeyPrefixPEM  = "-----BEGIN PUBLIC KEY-----"
)

SSH keys.

View Source 
const (
	ClusterTypeManagement = "management"
	ClusterTypeMain       = "main"
)

Cluster types.

View Source 
const (
	RepoURLObmondoKubeAid = "https://github.com/Obmondo/KubeAid"

	GzippedFilenameSuffix = ".gz"
)

Miscellaneous.

View Source 
const (
	OneDay   = 24 * time.Hour
	OneMonth = 30 * OneDay
)

Time durations

View Source 
const (
	TemplateNameK3DConfig = "templates/k3d.config.yaml.tmpl"

	// For KubePrometheus.
	TemplateNameKubePrometheusArgoCDApp = "argocd-apps/templates/kube-prometheus.yaml.tmpl"
	TemplateNameKubePrometheusVars      = "cluster-vars.jsonnet.tmpl"
)

Miscellaneous.

Variables

View Source 
var (
	TempDirectory = "/tmp/kubeaid-core"

	KubeAidDirectory       = path.Join(TempDirectory, "KubeAid")
	KubeAidConfigDirectory = path.Join(TempDirectory, "kubeaid-config")
	KnownHostsDirectory    = path.Join(os.Getenv("HOME"), "/.ssh/known_hosts")
	ContainerKnownHostsDir = "/home/root/.ssh/known_hosts"

	// ArgoCD known hosts.
	CommonArgoCDKnownHosts = []string{
		"github.com",
		"gitlab.com",
		"bitbucket.org",
		"ssh.dev.azure.com",
		"azure.com",
		"dev.azure.com",
	}
)
View Source 
var (
	OutputsDirectory = "outputs"

	OutputPathLogFile = path.Join(OutputsDirectory, ".log")

	OutputPathManagementClusterK3DConfig = path.Join(OutputsDirectory, "k3d.config.yaml")

	OutputPathManagementClusterHostKubeconfig = path.Join(
		OutputsDirectory,
		"kubeconfigs/clusters/management/host.yaml",
	)
	OutputPathManagementClusterContainerKubeconfig = path.Join(
		OutputsDirectory,
		"kubeconfigs/clusters/management/container.yaml",
	)

	OutputPathMainClusterKubeconfig = path.Join(OutputsDirectory, "kubeconfigs/clusters/main.yaml")

	OutputPathJWKSDocument = path.Join(
		OutputsDirectory,
		"workload-identity/openid-provider/jwks.json",
	)
)

Output paths.

View Source 
var (
	CommonNonSecretTemplateNames = []string{

		"kubeaid-bootstrap-script.general.yaml.tmpl",

		"argocd-apps/templates/argocd.yaml.tmpl",
		"argocd-apps/values-argocd.yaml.tmpl",

		"argocd-apps/Chart.yaml",
		"argocd-apps/templates/root.yaml.tmpl",

		"argocd-apps/templates/cert-manager.yaml.tmpl",
		"argocd-apps/values-cert-manager.yaml.tmpl",

		"argocd-apps/templates/sealed-secrets.yaml.tmpl",
		"argocd-apps/values-sealed-secrets.yaml.tmpl",
		"argocd-apps/templates/secrets.yaml.tmpl",
	}

	CommonSecretTemplateNames = []string{

		"sealed-secrets/argocd/kubeaid-config.yaml.tmpl",
		"sealed-secrets/argocd/kubeaid.yaml.tmpl",
	}
)

Common template names.

View Source 
var (
	AWSSpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/ccm-aws.yaml.tmpl",
		"argocd-apps/values-ccm-aws.yaml.tmpl",

		"argocd-apps/templates/cluster-autoscaler.yaml.tmpl",
		"argocd-apps/values-cluster-autoscaler.yaml.tmpl",

		"argocd-apps/templates/external-snapshotter.yaml.tmpl",
	}

	AWSSpecificSecretTemplateNames = []string{

		"sealed-secrets/capi-cluster/cloud-credentials.yaml.tmpl",
	}

	AWSDisasterRecoverySpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/kube2iam.yaml.tmpl",
		"argocd-apps/values-kube2iam.yaml.tmpl",

		"argocd-apps/templates/velero.yaml.tmpl",
		"argocd-apps/values-velero.yaml.tmpl",

		"argocd-apps/templates/k8s-configs.yaml.tmpl",
		"k8s-configs/sealed-secrets.namespace.yaml.tmpl",
		"k8s-configs/velero.namespace.yaml.tmpl",
	}
)

AWS specific template names.

View Source 
var (
	TemplateNameOpenIDConfig = "templates/openid-configuration.json.tmpl"

	AzureSpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/crossplane.yaml.tmpl",
		"argocd-apps/values-crossplane.yaml.tmpl",
		"argocd-apps/templates/crossplane-providers-and-functions.yaml.tmpl",
		"argocd-apps/values-crossplane-providers-and-functions.yaml.tmpl",
		"argocd-apps/templates/crossplane-compositions.yaml.tmpl",
		"argocd-apps/values-crossplane-compositions.yaml.tmpl",
		"argocd-apps/templates/infrastructure.yaml.tmpl",
		"infrastructure/azure/workload-identity-infrastructure.yaml.tmpl",

		"argocd-apps/templates/ccm-azure.yaml.tmpl",
		"argocd-apps/values-ccm-azure.yaml.tmpl",

		"argocd-apps/templates/azuredisk-csi-driver.yaml.tmpl",
		"argocd-apps/values-azuredisk-csi-driver.yaml.tmpl",

		"argocd-apps/templates/azure-workload-identity-webhook.yaml.tmpl",
		"argocd-apps/values-azure-workload-identity-webhook.yaml.tmpl",

		"argocd-apps/templates/cluster-autoscaler.yaml.tmpl",
		"argocd-apps/values-cluster-autoscaler.yaml.tmpl",

		"argocd-apps/templates/external-snapshotter.yaml.tmpl",
	}

	AzureSpecificSecretTemplateNames = []string{

		"sealed-secrets/crossplane/azure-credentials.yaml.tmpl",

		"sealed-secrets/capi-cluster/service-account-issuer-keys.yaml.tmpl",
	}

	AzureDisasterRecoverySpecificNonSecretTemplateNames = []string{

		"infrastructure/azure/disaster-recovery-infrastructure.yaml.tmpl",

		"argocd-apps/templates/velero.yaml.tmpl",
		"argocd-apps/values-velero.yaml.tmpl",
	}

	AzureDisasterRecoverySpecificSecretTemplateNames = []string{

		"sealed-secrets/sealed-secrets/backup-sealed-secrets-pod-env.yaml.tmpl",
	}
)

Azure specific template names.

View Source 
var (
	CommonHetznerSpecificSecretTemplateNames = []string{

		"sealed-secrets/kube-system/cloud-credentials.yaml.tmpl",

		"sealed-secrets/capi-cluster/cloud-credentials.yaml.tmpl",
	}

	HCloudSpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/ccm-hcloud.yaml.tmpl",
		"argocd-apps/values-ccm-hcloud.yaml.tmpl",

		"argocd-apps/templates/hcloud-csi-driver.yaml.tmpl",
		"argocd-apps/values-hcloud-csi-driver.yaml.tmpl",

		"argocd-apps/templates/cluster-autoscaler.yaml.tmpl",
		"argocd-apps/values-cluster-autoscaler.yaml.tmpl",
	}

	HetznerBareMetalSpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/ccm-hetzner.yaml.tmpl",
		"argocd-apps/values-ccm-hetzner.yaml.tmpl",

		"argocd-apps/templates/localpv-provisioner.yaml.tmpl",
		"argocd-apps/values-localpv-provisioner.yaml.tmpl",
	}

	HetznerBareMetalSpecificSecretTemplateNames = []string{

		"sealed-secrets/capi-cluster/hetzner-ssh-keypair.yaml.tmpl",
	}
)

Hetzner specific template names.

View Source 
var (
	CustomerSpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/teleport-kube-agent.yaml.tmpl",
		"argocd-apps/values-teleport-kube-agent.yaml.tmpl",

		"argocd-apps/templates/teleport-kube-agent.yaml.tmpl",
		"argocd-apps/values-teleport-kube-agent.yaml.tmpl",
	}

	CustomerSpecificSecretTemplateNames = []string{
		"sealed-secrets/obmondo/teleport-kube-agent-join-token.yaml.tmpl",
	}
)

Obmondo customer specific template names.

View Source 
var (
	TemplateNameAWSGeneralConfig = "templates/aws/general.config.yaml.tmpl"
	TemplateNameAWSSecretsConfig = "templates/aws/secrets.config.yaml.tmpl"

	TemplateNameAzureGeneralConfig = "templates/azure/general.config.yaml.tmpl"
	TemplateNameAzureSecretsConfig = "templates/azure/secrets.config.yaml.tmpl"

	TemplateNameHetznerHCloudGeneralConfig = "templates/hetzner/hcloud/general.config.yaml.tmpl"
	TemplateNameHetznerHCloudSecretsConfig = "templates/hetzner/hcloud/secrets.config.yaml.tmpl"

	TemplateNameHetznerBareMetalGeneralConfig = "templates/hetzner/bare-metal/general.config.yaml.tmpl"
	TemplateNameHetznerBareMetalSecretsConfig = "templates/hetzner/bare-metal/secrets.config.yaml.tmpl"

	TemplateNameHetznerHybridGeneralConfig = "templates/hetzner/hybrid/general.config.yaml.tmpl"
	TemplateNameHetznerHybridSecretsConfig = "templates/hetzner/hybrid/secrets.config.yaml.tmpl"

	TemplateNameBareMetalGeneralConfig = "templates/bare-metal/general.config.yaml.tmpl"
	TemplateNameBareMetalSecretsConfig = "templates/bare-metal/secrets.config.yaml.tmpl"

	TemplateNameLocalGeneralConfig = "templates/local/general.config.yaml.tmpl"
	TemplateNameLocalSecretsConfig = "templates/local/secrets.config.yaml.tmpl"
)

Config template names.

View Source 
var BareMetalSpecificNonSecretTemplateNames = []string{

	"kubeone/kubeone-cluster.yaml.tmpl",

	"argocd-apps/templates/cilium.yaml.tmpl",
	"argocd-apps/values-cilium.yaml.tmpl",

	"argocd-apps/templates/localpv-provisioner.yaml.tmpl",
	"argocd-apps/values-localpv-provisioner.yaml.tmpl",
}

Bare metal specific template names.

View Source 
var (
	CommonCloudSpecificNonSecretTemplateNames = []string{

		"argocd-apps/templates/cilium.yaml.tmpl",
		"argocd-apps/values-cilium.yaml.tmpl",

		"argocd-apps/templates/cluster-api-operator.yaml.tmpl",
		"argocd-apps/values-cluster-api-operator.yaml.tmpl",
		"argocd-apps/templates/capi-cluster.yaml.tmpl",
		"argocd-apps/values-capi-cluster.yaml.tmpl",
	}
)

Common template names (for clusters being provisioned in any of the supported cloud providers).

View Source 
var CommonRuntimeDependencies = []string{

	"jsonnet",
	"jb",
	"jq",
	"gojsontoyaml",

	"kubectl",
}

Functions

This section is empty.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.