Documentation
¶
Index ¶
- Variables
- func BuildMergedKubeconfig(bindings []*provider.BindingMeta, proxyToken string, credproxyURL string) (*provider.SandboxConfigFile, error)
- func IsPrivateIP(ip net.IP) bool
- func ParseKubeconfig(_ string, raw []byte) (*provider.UploadResult, error)
- type K8sProvider
- func (p *K8sProvider) BuildSandboxConfig(bindings []*provider.BindingMeta, proxyToken string, credproxyPublicURL string) ([]*provider.SandboxConfigFile, error)
- func (p *K8sProvider) Kind() string
- func (p *K8sProvider) ParseUpload(contentType string, raw []byte) (*provider.UploadResult, error)
- func (p *K8sProvider) ServeHTTP(w http.ResponseWriter, r *http.Request, b *provider.DecryptedBinding)
Constants ¶
This section is empty.
Variables ¶
View Source
var AllowPrivateUpstreams bool
AllowPrivateUpstreams disables the SSRF dial-time guard when true. Set by cmd/credentialproxy/main.go from config.
Functions ¶
func BuildMergedKubeconfig ¶
func BuildMergedKubeconfig( bindings []*provider.BindingMeta, proxyToken string, credproxyURL string, ) (*provider.SandboxConfigFile, error)
BuildMergedKubeconfig generates a merged kubeconfig that routes all cluster traffic through the credential proxy. Pure function: no I/O.
func IsPrivateIP ¶
IsPrivateIP reports whether ip falls in any private/reserved range.
func ParseKubeconfig ¶
func ParseKubeconfig(_ string, raw []byte) (*provider.UploadResult, error)
ParseKubeconfig validates an uploaded kubeconfig yaml and extracts the fields to persist.
Types ¶
type K8sProvider ¶
type K8sProvider struct{}
K8sProvider implements provider.Provider for Kubernetes API servers.
func (*K8sProvider) BuildSandboxConfig ¶
func (p *K8sProvider) BuildSandboxConfig( bindings []*provider.BindingMeta, proxyToken string, credproxyPublicURL string, ) ([]*provider.SandboxConfigFile, error)
func (*K8sProvider) Kind ¶
func (p *K8sProvider) Kind() string
func (*K8sProvider) ParseUpload ¶
func (p *K8sProvider) ParseUpload(contentType string, raw []byte) (*provider.UploadResult, error)
func (*K8sProvider) ServeHTTP ¶
func (p *K8sProvider) ServeHTTP(w http.ResponseWriter, r *http.Request, b *provider.DecryptedBinding)
Source Files
Click to show internal directories.
Click to hide internal directories.