policyhelper

package

v1.1.5 Latest Latest Go to latest Published: Sep 28, 2025 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aws/aws-application-networking-k8s

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func GroupKindToObj(gk GroupKind) (client.Object, bool)
type ConditionReason
type ConditionType
type GroupKind
- func ObjToGroupKind(obj client.Object) GroupKind
- func TargetRefGroupKind(tr *TargetRef) GroupKind
type GroupKindSet
- func NewGroupKindSet(objs ...k8sclient.Object) *GroupKindSet
type IAP
type IAPL
type Policy
type PolicyClient
type PolicyHandler
- func NewIAMAuthPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandler[*IAP]
- func NewPolicyHandler[T, TL any, P policyPtr[T], PL policyListPtr[TL, P]](cfg PolicyHandlerConfig) *PolicyHandler[P]
- func NewTargetGroupPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandler[*TGP]
- func NewVpcAssociationPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandler[*VAP]
- func (h *PolicyHandler[P]) AddWatchers(b *builder.Builder, objs ...k8sclient.Object)
- func (h *PolicyHandler[P]) FindPolicyForService(ctx context.Context, serviceName, serviceNamespace string) (P, error)
- func (h *PolicyHandler[P]) ObjPolicies(ctx context.Context, obj k8sclient.Object) ([]P, error)
- func (h *PolicyHandler[P]) ObjResolvedPolicy(ctx context.Context, obj k8sclient.Object) (P, error)
- func (h *PolicyHandler[P]) UpdateAcceptedCondition(ctx context.Context, policy P, reason ConditionReason, msg string) error
- func (h *PolicyHandler[P]) ValidateAndUpdateCondition(ctx context.Context, policy P) (ConditionReason, error)
- func (h *PolicyHandler[P]) ValidateTargetRef(ctx context.Context, policy P) error
type PolicyHandlerConfig
type PolicyList
type TGP
type TGPL
type TargetRef
type VAP
type VAPL

Constants ¶

View Source

const (
	ConditionTypeAccepted = gwv1alpha2.PolicyConditionAccepted

	ReasonAccepted       = gwv1alpha2.PolicyReasonAccepted
	ReasonInvalid        = gwv1alpha2.PolicyReasonInvalid
	ReasonTargetNotFound = gwv1alpha2.PolicyReasonTargetNotFound
	ReasonConflicted     = gwv1alpha2.PolicyReasonConflicted

	ReasonUnknown = ConditionReason("Unknown")
)

Variables ¶

View Source

var (
	ErrGroupKind         = errors.New("group/kind error")
	ErrTargetRefNotFound = errors.New("targetRef not found")
	ErrTargetRefConflict = errors.New("targetRef has conflict")
)

Functions ¶

func GroupKindToObj ¶ added in v1.0.2

func GroupKindToObj(gk GroupKind) (client.Object, bool)

Types ¶

type ConditionReason ¶ added in v1.0.2

type ConditionReason = gwv1alpha2.PolicyConditionReason

type ConditionType ¶ added in v1.0.2

type ConditionType = gwv1alpha2.PolicyConditionType

type GroupKind ¶ added in v1.0.2

type GroupKind struct {
	Group string
	Kind  string
}

func ObjToGroupKind ¶ added in v1.0.2

func ObjToGroupKind(obj client.Object) GroupKind

func TargetRefGroupKind ¶ added in v1.0.2

func TargetRefGroupKind(tr *TargetRef) GroupKind

type GroupKindSet ¶ added in v1.0.2

type GroupKindSet = utils.Set[GroupKind]

func NewGroupKindSet ¶ added in v1.0.2

func NewGroupKindSet(objs ...k8sclient.Object) *GroupKindSet

type IAP ¶ added in v1.0.2

type IAP = anv1alpha1.IAMAuthPolicy

type IAPL ¶ added in v1.0.2

type IAPL = anv1alpha1.IAMAuthPolicyList

type Policy ¶ added in v1.0.2

type Policy interface {
	k8sclient.Object
	GetTargetRef() *TargetRef
	GetStatusConditions() *[]metav1.Condition
}

Policy with PolicyTargetReference

type PolicyClient ¶ added in v1.0.2

type PolicyClient[P Policy] interface {
	List(ctx context.Context, namespace string) ([]P, error)
	Get(ctx context.Context, nsname types.NamespacedName) (P, error)
	TargetRefObj(ctx context.Context, policy P) (k8sclient.Object, error)
	UpdateStatus(ctx context.Context, policy P) error
}

Strong-typed interface to work with k8s client

type PolicyHandler ¶ added in v1.0.2

type PolicyHandler[P Policy] struct {
	// contains filtered or unexported fields
}

A generic handler for common operations on particular policy type

func NewIAMAuthPolicyHandler ¶ added in v1.0.2

func NewIAMAuthPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandler[*IAP]

func NewPolicyHandler ¶ added in v1.0.2

func NewPolicyHandler[T, TL any, P policyPtr[T], PL policyListPtr[TL, P]](cfg PolicyHandlerConfig) *PolicyHandler[P]

Creates policy handler for specific policy. T and TL are type and list-type for Policy (struct type, not reference). P and PL are reference types and should derive from T and TL. P and PL do not require explicit declaration. For example:

ph := NewPolicyHandler[IAMAuthPolicy, IAMAuthPolicyList](cfg)

func NewTargetGroupPolicyHandler ¶ added in v1.0.2

func NewTargetGroupPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandler[*TGP]

func NewVpcAssociationPolicyHandler ¶ added in v1.0.2

func NewVpcAssociationPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandler[*VAP]

func (*PolicyHandler[P]) AddWatchers ¶ added in v1.0.2

func (h *PolicyHandler[P]) AddWatchers(b *builder.Builder, objs ...k8sclient.Object)

Add Watchers for configured Kinds to controller builder

func (*PolicyHandler[P]) FindPolicyForService ¶ added in v1.1.4

func (h *PolicyHandler[P]) FindPolicyForService(ctx context.Context, serviceName, serviceNamespace string) (P, error)

FindPolicyForService locates applicable TargetGroupPolicy resources for a given service name and namespace. This method looks for policies that target either: - The Service directly (if the policy targets Service objects) - The ServiceExport with the same name and namespace (if the policy targets ServiceExport objects) Returns the resolved policy with conflict resolution and Accepted status, or nil if no applicable policy is found.

func (*PolicyHandler[P]) ObjPolicies ¶ added in v1.0.2

func (h *PolicyHandler[P]) ObjPolicies(ctx context.Context, obj k8sclient.Object) ([]P, error)

Get all policies for given object, filtered by targetRef match and sorted by conflict resolution rules. First policy in the list is not-conflicting policy, but it might be in Accepted or Invalid state. Conflict resolution order uses CreationTimestamp and Name.

func (*PolicyHandler[P]) ObjResolvedPolicy ¶ added in v1.0.2

func (h *PolicyHandler[P]) ObjResolvedPolicy(ctx context.Context, obj k8sclient.Object) (P, error)

Get Accepted policy for given object. Returns policy with conflict resolution and status Accepted. Will return at most single policy.

func (*PolicyHandler[P]) UpdateAcceptedCondition ¶ added in v1.0.2

func (h *PolicyHandler[P]) UpdateAcceptedCondition(ctx context.Context, policy P, reason ConditionReason, msg string) error

func (*PolicyHandler[P]) ValidateAndUpdateCondition ¶ added in v1.0.2

func (h *PolicyHandler[P]) ValidateAndUpdateCondition(ctx context.Context, policy P) (ConditionReason, error)

Validate Policy and update Accepted status condition.

func (*PolicyHandler[P]) ValidateTargetRef ¶ added in v1.0.2

func (h *PolicyHandler[P]) ValidateTargetRef(ctx context.Context, policy P) error

type PolicyHandlerConfig ¶ added in v1.0.2

type PolicyHandlerConfig struct {
	Log            gwlog.Logger
	Client         k8sclient.Client
	TargetRefKinds *GroupKindSet
}

type PolicyList ¶ added in v1.0.2

type PolicyList[P Policy] interface {
	k8sclient.ObjectList
	GetItems() []P
}

type TGP ¶ added in v1.0.2

type TGP = anv1alpha1.TargetGroupPolicy

type TGPL ¶ added in v1.0.2

type TGPL = anv1alpha1.TargetGroupPolicyList

type TargetRef ¶ added in v1.0.2

type TargetRef = gwv1alpha2.NamespacedPolicyTargetReference

type VAP ¶ added in v1.0.2

type VAP = anv1alpha1.VpcAssociationPolicy

type VAPL ¶ added in v1.0.2

type VAPL = anv1alpha1.VpcAssociationPolicyList

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL