Documentation
¶
Index ¶
- Constants
- Variables
- type CredentialSpecDomainlessSchema
- type CredentialSpecResource
- func (cs *CredentialSpecResource) ApplyTransition(nextState resourcestatus.ResourceStatus) error
- func (cs *CredentialSpecResource) BuildContainerDependency(containerName string, satisfied apicontainerstatus.ContainerStatus, ...)
- func (cs *CredentialSpecResource) Cleanup() error
- func (cs *CredentialSpecResource) Create() error
- func (cs *CredentialSpecResource) DependOnTaskNetwork() bool
- func (cs *CredentialSpecResource) DesiredTerminal() bool
- func (cs *CredentialSpecResource) GetAppliedStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) GetContainerDependencies(dependent resourcestatus.ResourceStatus) []apicontainer.ContainerDependency
- func (cs *CredentialSpecResource) GetCreatedAt() time.Time
- func (cs *CredentialSpecResource) GetDesiredStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) GetKnownStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) GetName() string
- func (cs *CredentialSpecResource) GetTargetMapping(credSpecInput string) (string, error)
- func (cs *CredentialSpecResource) GetTerminalReason() string
- func (cs *CredentialSpecResource) HandleDomainlessKerberosTicketRenewal(iamCredentials credentials.IAMRoleCredentials) error
- func (cs *CredentialSpecResource) Initialize(config *config.Config, resourceFields *taskresource.ResourceFields, ...)
- func (cs *CredentialSpecResource) KnownCreated() bool
- func (cs *CredentialSpecResource) MarshalJSON() ([]byte, error)
- func (cs *CredentialSpecResource) MarshallPlatformSpecificFields(credentialSpecResourceJSON *CredentialSpecResourceJSON)
- func (cs *CredentialSpecResource) NextKnownState() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) RequiresExecutionRoleCredentials() bool
- func (cs *CredentialSpecResource) SetAppliedStatus(status resourcestatus.ResourceStatus) bool
- func (cs *CredentialSpecResource) SetCreatedAt(createdAt time.Time)
- func (cs *CredentialSpecResource) SetDesiredStatus(status resourcestatus.ResourceStatus)
- func (cs *CredentialSpecResource) SetKnownStatus(status resourcestatus.ResourceStatus)
- func (cs *CredentialSpecResource) StatusString(status resourcestatus.ResourceStatus) string
- func (cs *CredentialSpecResource) SteadyState() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) TerminalStatus() resourcestatus.ResourceStatus
- func (cs *CredentialSpecResource) UnmarshalJSON(b []byte) error
- func (cs *CredentialSpecResource) UnmarshallPlatformSpecificFields(credentialSpecResourceJSON CredentialSpecResourceJSON)
- func (cs *CredentialSpecResource) UpdateRegionFromTask() error
- type CredentialSpecResourceCommon
- type CredentialSpecResourceJSON
- type CredentialSpecResourceJSONCommon
- type CredentialSpecSchema
- type CredentialSpecStatus
- type DomainlessUserCredentials
- type ServiceAccountInfo
Constants ¶
View Source
const (
// ResourceName is the name of the credentialspec resource
ResourceName = "credentialspec"
)
Variables ¶
View Source
var CredentialSpecStatusMap = map[string]CredentialSpecStatus{ "NONE": CredentialSpecStatusNone, "CREATED": CredentialSpecCreated, "REMOVED": CredentialSpecRemoved, }
Functions ¶
This section is empty.
Types ¶
type CredentialSpecDomainlessSchema ¶
type CredentialSpecDomainlessSchema struct {
CmsPlugins []string `json:"CmsPlugins"`
DomainJoinConfig struct {
Sid string `json:"Sid"`
MachineAccountName string `json:"MachineAccountName"`
GUID string `json:"Guid"`
DNSTreeName string `json:"DnsTreeName"`
DNSName string `json:"DnsName"`
NetBiosName string `json:"NetBiosName"`
} `json:"DomainJoinConfig"`
ActiveDirectoryConfig struct {
GroupManagedServiceAccounts []struct {
Name string `json:"Name"`
Scope string `json:"Scope"`
} `json:"GroupManagedServiceAccounts"`
HostAccountConfig struct {
PortableCcgVersion string `json:"PortableCcgVersion"`
PluginGUID string `json:"PluginGUID"`
PluginInput struct {
CredentialArn string `json:"CredentialArn"`
} `json:"PluginInput"`
} `json:"HostAccountConfig"`
} `json:"ActiveDirectoryConfig"`
}
CredentialSpec domainless object schema
type CredentialSpecResource ¶
type CredentialSpecResource struct {
*CredentialSpecResourceCommon
// This stores credspec arn and the corresponding service account name, domain name
// * key := credentialspec:ssmARN, value := corresponding ServiceAccountInfo
// * key := credentialspec:asmARN, value := corresponding ServiceAccountInfo
ServiceAccountInfoMap map[string]ServiceAccountInfo
// contains filtered or unexported fields
}
CredentialSpecResource is the abstraction for credentialspec resources
func NewCredentialSpecResource ¶
func NewCredentialSpecResource(taskARN, region string, executionCredentialsID string, credentialsManager credentials.Manager, ssmClientCreator ssmfactory.SSMClientCreator, s3ClientCreator s3factory.S3ClientCreator, asmClientCreator asmfactory.ClientCreator, credentialSpecContainerMap map[string]string, ipCompatibility ipcompatibility.IPCompatibility) (*CredentialSpecResource, error)
NewCredentialSpecResource creates a new CredentialSpecResource object
func (*CredentialSpecResource) ApplyTransition ¶
func (cs *CredentialSpecResource) ApplyTransition(nextState resourcestatus.ResourceStatus) error
ApplyTransition calls the function required to move to the specified status
func (*CredentialSpecResource) BuildContainerDependency ¶
func (cs *CredentialSpecResource) BuildContainerDependency(containerName string, satisfied apicontainerstatus.ContainerStatus, dependent resourcestatus.ResourceStatus)
func (*CredentialSpecResource) Cleanup ¶
func (cs *CredentialSpecResource) Cleanup() error
Cleanup removes the credentialSpec created for the task
func (*CredentialSpecResource) Create ¶
func (cs *CredentialSpecResource) Create() error
Create is used to retrieve credentialspec resources for a given task
func (*CredentialSpecResource) DependOnTaskNetwork ¶
func (cs *CredentialSpecResource) DependOnTaskNetwork() bool
func (*CredentialSpecResource) DesiredTerminal ¶
func (cs *CredentialSpecResource) DesiredTerminal() bool
DesiredTerminal returns true if the credentialspec's desired status is REMOVED
func (*CredentialSpecResource) GetAppliedStatus ¶
func (cs *CredentialSpecResource) GetAppliedStatus() resourcestatus.ResourceStatus
GetAppliedStatus safely returns the currently applied status of the resource
func (*CredentialSpecResource) GetContainerDependencies ¶
func (cs *CredentialSpecResource) GetContainerDependencies(dependent resourcestatus.ResourceStatus) []apicontainer.ContainerDependency
func (*CredentialSpecResource) GetCreatedAt ¶
func (cs *CredentialSpecResource) GetCreatedAt() time.Time
GetCreatedAt sets the timestamp for resource's creation time
func (*CredentialSpecResource) GetDesiredStatus ¶
func (cs *CredentialSpecResource) GetDesiredStatus() resourcestatus.ResourceStatus
GetDesiredStatus safely returns the desired status of the task
func (*CredentialSpecResource) GetKnownStatus ¶
func (cs *CredentialSpecResource) GetKnownStatus() resourcestatus.ResourceStatus
GetKnownStatus safely returns the currently known status of the task
func (*CredentialSpecResource) GetName ¶
func (cs *CredentialSpecResource) GetName() string
GetName safely returns the name of the resource
func (*CredentialSpecResource) GetTargetMapping ¶
func (cs *CredentialSpecResource) GetTargetMapping(credSpecInput string) (string, error)
func (*CredentialSpecResource) GetTerminalReason ¶
func (cs *CredentialSpecResource) GetTerminalReason() string
GetTerminalReason returns an error string to propagate up through to task state change messages
func (*CredentialSpecResource) HandleDomainlessKerberosTicketRenewal ¶
func (cs *CredentialSpecResource) HandleDomainlessKerberosTicketRenewal(iamCredentials credentials.IAMRoleCredentials) error
func (*CredentialSpecResource) Initialize ¶
func (cs *CredentialSpecResource) Initialize( config *config.Config, resourceFields *taskresource.ResourceFields, _ status.TaskStatus, _ status.TaskStatus)
func (*CredentialSpecResource) KnownCreated ¶
func (cs *CredentialSpecResource) KnownCreated() bool
KnownCreated returns true if the credentialspec's known status is CREATED
func (*CredentialSpecResource) MarshalJSON ¶
func (cs *CredentialSpecResource) MarshalJSON() ([]byte, error)
MarshalJSON serialises the CredentialSpecResourceJSON struct to JSON
func (*CredentialSpecResource) MarshallPlatformSpecificFields ¶
func (cs *CredentialSpecResource) MarshallPlatformSpecificFields(credentialSpecResourceJSON *CredentialSpecResourceJSON)
func (*CredentialSpecResource) NextKnownState ¶
func (cs *CredentialSpecResource) NextKnownState() resourcestatus.ResourceStatus
NextKnownState returns the state that the resource should progress to based on its `KnownState`.
func (*CredentialSpecResource) RequiresExecutionRoleCredentials ¶
func (cs *CredentialSpecResource) RequiresExecutionRoleCredentials() bool
RequiresExecutionRoleCredentials returns true if the resource requires execution role credentials. Credential spec resource requires the task execution role credentials if the resource has ARNs that require AWS API access.
func (*CredentialSpecResource) SetAppliedStatus ¶
func (cs *CredentialSpecResource) SetAppliedStatus(status resourcestatus.ResourceStatus) bool
SetAppliedStatus sets the applied status of resource and returns whether the resource is already in a transition
func (*CredentialSpecResource) SetCreatedAt ¶
func (cs *CredentialSpecResource) SetCreatedAt(createdAt time.Time)
SetCreatedAt sets the timestamp for resource's creation time
func (*CredentialSpecResource) SetDesiredStatus ¶
func (cs *CredentialSpecResource) SetDesiredStatus(status resourcestatus.ResourceStatus)
SetDesiredStatus safely sets the desired status of the resource
func (*CredentialSpecResource) SetKnownStatus ¶
func (cs *CredentialSpecResource) SetKnownStatus(status resourcestatus.ResourceStatus)
SetKnownStatus safely sets the currently known status of the resource
func (*CredentialSpecResource) StatusString ¶
func (cs *CredentialSpecResource) StatusString(status resourcestatus.ResourceStatus) string
StatusString returns the string of the cgroup resource status
func (*CredentialSpecResource) SteadyState ¶
func (cs *CredentialSpecResource) SteadyState() resourcestatus.ResourceStatus
SteadyState returns the transition state of the resource defined as "ready"
func (*CredentialSpecResource) TerminalStatus ¶
func (cs *CredentialSpecResource) TerminalStatus() resourcestatus.ResourceStatus
TerminalStatus returns the last transition state of credentialspec
func (*CredentialSpecResource) UnmarshalJSON ¶
func (cs *CredentialSpecResource) UnmarshalJSON(b []byte) error
UnmarshalJSON deserialises the raw JSON to a CredentialSpecResourceJSON struct
func (*CredentialSpecResource) UnmarshallPlatformSpecificFields ¶
func (cs *CredentialSpecResource) UnmarshallPlatformSpecificFields(credentialSpecResourceJSON CredentialSpecResourceJSON)
func (*CredentialSpecResource) UpdateRegionFromTask ¶
func (cs *CredentialSpecResource) UpdateRegionFromTask() error
update region if is not set
type CredentialSpecResourceCommon ¶
type CredentialSpecResourceCommon struct {
// map to transform credentialspec values, key is an input credentialspec
// Examples: (windows)
// * key := credentialspec:file://credentialspec.json, value := credentialspec=file://credentialspec.json
// * key := credentialspec:s3ARN, value := credentialspec=file://CredentialSpecResourceLocation/s3_taskARN_fileName.json
// * key := credentialspec:ssmARN, value := credentialspec=file://CredentialSpecResourceLocation/ssm_taskARN_param.json
// (linux)
// * key := credentialspec:file://credentialspec.json, value := Path to kerberos tickets on the host machine
// * key := credentialspec:ssmARN, value := Path to kerberos tickets on the host machine
// * key := credentialspec:asmARN, value := Path to kerberos tickets on the host machine
CredSpecMap map[string]string
// contains filtered or unexported fields
}
type CredentialSpecResourceJSON ¶
type CredentialSpecResourceJSON struct {
*CredentialSpecResourceJSONCommon
LeaseID string `json:"leaseID"`
}
CredentialSpecResourceJSON is the json representation of the credentialspec resource
type CredentialSpecResourceJSONCommon ¶
type CredentialSpecResourceJSONCommon struct {
TaskARN string `json:"taskARN"`
CreatedAt *time.Time `json:"createdAt,omitempty"`
DesiredStatus *CredentialSpecStatus `json:"desiredStatus"`
KnownStatus *CredentialSpecStatus `json:"knownStatus"`
CredentialSpecContainerMap map[string]string `json:"CredentialSpecContainerMap"`
CredSpecMap map[string]string `json:"CredSpecMap"`
ExecutionCredentialsID string `json:"executionCredentialsID"`
}
CredentialSpecResourceJSON is the json representation of the credentialspec resource
type CredentialSpecSchema ¶
type CredentialSpecSchema struct {
CmsPlugins []string `json:"CmsPlugins"`
DomainJoinConfig struct {
Sid string `json:"Sid"`
MachineAccountName string `json:"MachineAccountName"`
GUID string `json:"Guid"`
DNSTreeName string `json:"DnsTreeName"`
DNSName string `json:"DnsName"`
NetBiosName string `json:"NetBiosName"`
} `json:"DomainJoinConfig"`
ActiveDirectoryConfig struct {
GroupManagedServiceAccounts []struct {
Name string `json:"Name"`
Scope string `json:"Scope"`
} `json:"GroupManagedServiceAccounts"`
} `json:"ActiveDirectoryConfig"`
}
CredentialSpec object schema
type CredentialSpecStatus ¶
type CredentialSpecStatus resourcestatus.ResourceStatus
const ( // is the zero state of a task resource CredentialSpecStatusNone CredentialSpecStatus = iota // represents a task resource which has been created CredentialSpecCreated // represents a task resource which has been cleaned up CredentialSpecRemoved )
func (*CredentialSpecStatus) MarshalJSON ¶
func (cs *CredentialSpecStatus) MarshalJSON() ([]byte, error)
MarshalJSON overrides the logic for JSON-encoding the ResourceStatus type
func (CredentialSpecStatus) String ¶
func (cs CredentialSpecStatus) String() string
StatusString returns a human readable string representation of this object
func (*CredentialSpecStatus) UnmarshalJSON ¶
func (cs *CredentialSpecStatus) UnmarshalJSON(b []byte) error
UnmarshalJSON overrides the logic for parsing the JSON-encoded ResourceStatus data
type DomainlessUserCredentials ¶
type DomainlessUserCredentials struct {
Username string `json:"username"`
Password string `json:"password"`
DomainName string `json:"domainName"`
}
DomainlessUserCredentials represents user credentials for accessing the gMSA principals
type ServiceAccountInfo ¶
type ServiceAccountInfo struct {
// contains filtered or unexported fields
}
ServiceAccountInfo contains account info associated to a credentialspec
Source Files
Click to show internal directories.
Click to hide internal directories.