podspec

package
v0.1.76 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 12, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	KubeconfigKey        = "kubeconfig"
	AWSCloudProviderName = "aws"
)
View Source 
const (

	// CPOImageName is the name under which components can find the CPO image in the release image..
	CPOImageName = "controlplane-operator"

	// CPPKIOImageName is the name under which components can find the CP PKI Operator image in the release image..
	CPPKIOImageName = "controlplane-pki-operator"

	// AvailabilityProberImageName is the name under which components can find the availability prober
	// image in the release image.
	AvailabilityProberImageName = "availability-prober"

	// PodTmpDirMountName is a name for a volume created in each pod by the CPO that gives the pods containers a place to mount and write temporary files to.
	PodTmpDirMountName = "tmp-dir"
	// PodTmpDirMountPath is the path that each container created by the CPO will mount the volume PodTmpDirMountName at.
	PodTmpDirMountPath = "/tmp"
)

Variables

This section is empty.

Functions

func ApplyCloudProviderCreds 

func ApplyCloudProviderCreds(
	podSpec *corev1.PodSpec,
	cloudProvider string,
	cloudProviderCreds *corev1.LocalObjectReference,
	tokenMinterImage string,
	containerName string,
)

func AvailabilityProber 

func AvailabilityProber(target string, image string, spec *corev1.PodSpec, o ...AvailabilityProberOpt)

func BuildContainer 

func BuildContainer(container *corev1.Container, buildFn func(*corev1.Container)) corev1.Container

func BuildProjectedVolume 

func BuildProjectedVolume(volume *corev1.Volume, volumeProjection []corev1.VolumeProjection, buildFn func(*corev1.Volume, []corev1.VolumeProjection)) corev1.Volume

func BuildVolume 

func BuildVolume(volume *corev1.Volume, buildFn func(*corev1.Volume)) corev1.Volume

func ContainerPort 

func ContainerPort(pod *corev1.Pod, portName string, defaultPort int32) int32

ContainerPort returns the container port matching the given name, or the default port if no matching named port is found.

func DefaultTokenMinterResources 

func DefaultTokenMinterResources() corev1.ResourceRequirements

func DeploymentAddKubevirtInfraCredentials 

func DeploymentAddKubevirtInfraCredentials(deployment *appsv1.Deployment)

func DeploymentAddOpenShiftTrustedCABundleConfigMap 

func DeploymentAddOpenShiftTrustedCABundleConfigMap(deployment *appsv1.Deployment)

func DeploymentAddTrustBundleVolume 

func DeploymentAddTrustBundleVolume(trustBundleConfigMap *corev1.LocalObjectReference, deployment *appsv1.Deployment)

func EnforceRestrictedSecurityContextToContainers 

func EnforceRestrictedSecurityContextToContainers(podSpec *corev1.PodSpec) error

EnforceRestrictedSecurityContextToContainers enforces restricted pod security standards on all containers and init containers in a PodSpec. Only NET_BIND_SERVICE capability is allowed.

func FindContainer 

func FindContainer(name string, containers []corev1.Container) *corev1.Container

func FindEnvVar 

func FindEnvVar(name string, envVars []corev1.EnvVar) *corev1.EnvVar

func FindVolume 

func FindVolume(name string, volumes []corev1.Volume) *corev1.Volume

func FindVolumeMount 

func FindVolumeMount(name string, mounts []corev1.VolumeMount) *corev1.VolumeMount

func IsDeploymentReady 

func IsDeploymentReady(_ context.Context, deployment *appsv1.Deployment) bool

func IsPodReady 

func IsPodReady(pod *corev1.Pod) bool

IsPodReady returns true if the pod has a Ready condition with status True.

func IsStatefulSetReady 

func IsStatefulSetReady(_ context.Context, statefulSet *appsv1.StatefulSet) bool

func KASReadinessCheckContainer 

func KASReadinessCheckContainer(kasLivezURL string) corev1.Container

KASReadinessCheckContainer returns a sidecar container that probes the KAS /livez endpoint. When KAS is unreachable, the readiness probe fails and the pod goes unready, which prevents PDB from treating it as healthy during eviction decisions. This uses /livez (not /readyz) to avoid a circular dependency: KAS /readyz checks aggregated API servers, which include OAS and OAuth API Server.

func RemoveContainer 

func RemoveContainer(name string, podSpec *corev1.PodSpec)

func RemoveInitContainer 

func RemoveInitContainer(name string, podSpec *corev1.PodSpec)

func UpdateContainer 

func UpdateContainer(name string, containers []corev1.Container, update func(c *corev1.Container))

func UpdateVolume 

func UpdateVolume(name string, volumes []corev1.Volume, update func(v *corev1.Volume))

func UpsertEnvVar 

func UpsertEnvVar(c *corev1.Container, envVar corev1.EnvVar)

func UpsertEnvVars 

func UpsertEnvVars(c *corev1.Container, envVars []corev1.EnvVar)

Types

type AvailabilityProberOpt 

type AvailabilityProberOpt func(*AvailabilityProberOpts)

func WithOptions 

func WithOptions(opts *AvailabilityProberOpts) AvailabilityProberOpt

type AvailabilityProberOpts 

type AvailabilityProberOpts struct {
	KubeconfigVolumeName          string
	RequiredAPIs                  []schema.GroupVersionKind
	WaitForInfrastructureResource bool
	WaitForLabeledPodsGone        string
	WaitForClusterRolebinding     string
}

type ContainerMounts 

type ContainerMounts map[string]string

type VolumeMounts 

type VolumeMounts map[string]ContainerMounts

func (VolumeMounts) ContainerMounts 

func (m VolumeMounts) ContainerMounts(container string) []corev1.VolumeMount

func (VolumeMounts) Path 

func (m VolumeMounts) Path(container, volume string) string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.