rest

package
v0.0.0-test Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 11, 2024 License: Apache-2.0 Imports: 82 Imported by: 8

Documentation

Index

Constants

View Source 
const (
	OPERATION_CREATE = iota
	OPERATION_UPDATE
	OPERATION_DELETE
)
View Source 
const (
	K8sKindReplicationController = "ReplicationController"

	K8sKindStatefulSet        = "StatefulSet"
	K8sKindRole               = "Role"
	K8sKindClusterRole        = "ClusterRole"
	K8sKindRoleBinding        = "RoleBinding"
	K8sKindClusterRoleBinding = "ClusterRoleBinding"
)
View Source 
const (
	FedRoleAny         = "*"
	FedRoleMasterJoint = "~"
)
View Source 
const DEFAULT_CERTMANAGER_EXPIRY_CHECK_PERIOD = time.Minute * 30
View Source 
const DEFAULT_CERTMANAGER_RENEW_THRESHOLD = time.Hour * 24 * 30
View Source 
const DEFAULT_JWTCERT_VALIDITY_DAYS = 90
View Source 
const DEFAULT_TLSCERT_VALIDITY_DAYS = 365
View Source 
const DefaultLDAPServerPort uint16 = 389
View Source 
const MaxFilelds int = 8
View Source 
const MaxPerDomainLoginUsers int = 32

Variables

View Source 
var CertManager *kv.CertManager
View Source 
var TESTApikeySpecifiedCretionTime bool

Functions

func AdmissionRestServer 

func AdmissionRestServer(port uint, clientAuth, debug bool)

func CLUSRootToRESTRoot_GET 

func CLUSRootToRESTRoot_GET(clusRoot *share.CLUSSigstoreRootOfTrust) api.REST_SigstoreRootOfTrust_GET

func CLUSVerifierToRESTVerifier 

func CLUSVerifierToRESTVerifier(clusVerifier *share.CLUSSigstoreVerifier) api.REST_SigstoreVerifier

func CleanupSessCfgCache 

func CleanupSessCfgCache()

func CrdDelAll 

func CrdDelAll(k8sKind, kvCrdKind, lockKey string) []string

func CrdValidateReqManager 

func CrdValidateReqManager()

func CrdValidateRestServer 

func CrdValidateRestServer(port uint, clientAuth, debug bool)

func CreatePredefaultSensor 

func CreatePredefaultSensor()

lock is alreay hold when call this function clusHelper.AcquireLock(share.CLUSLockPolicyKey, clusterLockWait)

func CreateQuerySession 

func CreateQuerySession(qsr *api.QuerySessionRequest) error

called by KV watcher when a query session request being added

func CrossCheckCrd 

func CrossCheckCrd(kind, rscType, kvCrdKind, lockKey string, kvOnly bool) error

kvOnly: true means the checking is triggered by kv change(ex: import). false means the check is triggered by k8s(ex: startup)

func DeleteQuerySession 

func DeleteQuerySession(queryToken string) error

func FedPollingClient 

func FedPollingClient(leader, purgeFedRulesOnJoint bool)

func HandleAdminUserUpdate 

func HandleAdminUserUpdate()

func InitContext 

func InitContext(ctx *Context)

InitContext() must be called before StartRESTServer(), StartFedRestServer or AdmissionRestServer()

func IsCertNearExpired 

func IsCertNearExpired(certPath string, expireThresholdDay int) (bool, error)

func KickLoginSessions 

func KickLoginSessions(kickInfo *share.CLUSKickLoginSessionsRequest)

for one controller to call other controllers' grpc service, which calls this function, to kick login sessions

func KickLoginSessionsForRoleChange 

func KickLoginSessionsForRoleChange(name, domain string)

for openshift/rancher login only

func LeadChangeNotify 

func LeadChangeNotify(leader bool)

func LoadInitCfg 

func LoadInitCfg(load bool, platform string) bool

func NewLongPollManyMgr 

func NewLongPollManyMgr(timeout, linger time.Duration, max int) *longpollManyMgr

func NewLongPollOnceMgr 

func NewLongPollOnceMgr(timeout, linger time.Duration, max int) *longpollOnceMgr

func PreInitContext 

func PreInitContext(ctx *Context)

PreInitContext() must be called before orch connector starts in main()

func ReportK8SResToOPA 

func ReportK8SResToOPA(info *share.CLUSKubernetesResInfo)

func ResetLoginTokenTimer 

func ResetLoginTokenTimer(tokenInfo *share.CLUSLoginTokenInfo)

for one controller to call other controllers' grpc service, which calls this function, to reset a login session

func RestConfig 

func RestConfig(cmd, interval uint32, param1 interface{}, param2 interface{}) error

func StartRESTServer 

func StartRESTServer(isNewCluster bool, isLead bool)

func StartStopFedPingPoll 

func StartStopFedPingPoll(cmd, interval uint32, param1 interface{}) error

func ValidProcessProfilePath 

func ValidProcessProfilePath(path string) (string, bool)

Types

type ApiVersion 

type ApiVersion int
const (
	ApiVersion1 ApiVersion = iota
	ApiVersion2
)

type ContainerImage 

type ContainerImage struct {
	// contains filtered or unexported fields
}

type Context 

type Context struct {
	LocalDev           *common.LocalDevice
	EvQueue            cluster.ObjectQueueInterface
	AuditQueue         cluster.ObjectQueueInterface
	Messenger          cluster.MessengerInterface
	Cacher             cache.CacheInterface
	Scanner            scan.ScanInterface
	SearchRegistries   string
	FedPort            uint
	RESTPort           uint
	PwdValidUnit       uint
	TeleNeuvectorURL   string
	TeleFreq           uint
	NvAppFullVersion   string
	NvSemanticVersion  string
	CspType            share.TCspType
	CspPauseInterval   uint   // in minutes
	CustomCheckControl string // disable / strict / loose
	CheckCrdSchemaFunc func(lead, init, crossCheck bool, cspType share.TCspType) []string
}

type HttpServerErrorWriter 

type HttpServerErrorWriter struct{}

func (*HttpServerErrorWriter) Write 

func (*HttpServerErrorWriter) Write(b []byte) (int, error)

type JWTCertificateState 

type JWTCertificateState struct {
	// contains filtered or unexported fields
}

JWT token related

func GetJWTSigningKey 

func GetJWTSigningKey() JWTCertificateState

type RoleRquired 

type RoleRquired int

type SignalFunc 

type SignalFunc func()

type SsoSession 

type SsoSession struct {
	SAMLNameID       string
	SAMLSessionIndex string
}

Extra information of Single Sign-On session

type WebhookServer 

type WebhookServer struct {
	// contains filtered or unexported fields
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.