gcp

package
v0.1.76 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 12, 2026 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultSubnetCIDR = "10.0.0.0/24"
)

Variables

This section is empty.

Functions

func NewCreateCommand added in v0.1.71 

func NewCreateCommand() *cobra.Command

NewCreateCommand creates a new cobra command for creating GCP infrastructure

func NewCreateIAMCommand 

func NewCreateIAMCommand() *cobra.Command

func NewDestroyCommand added in v0.1.71 

func NewDestroyCommand() *cobra.Command

NewDestroyCommand creates a new cobra command for destroying GCP infrastructure

func NewDestroyIAMCommand added in v0.1.72 

func NewDestroyIAMCommand() *cobra.Command

Types

type CreateIAMOptions 

type CreateIAMOptions struct {
	ProjectID           string
	InfraID             string
	ClusterOIDCJWKSFile string
	OutputFile          string
	OIDCIssuerURL       string
}

func (*CreateIAMOptions) CreateIAM 

func (o *CreateIAMOptions) CreateIAM(ctx context.Context, logger logr.Logger) (*CreateIAMOutput, error)

func (*CreateIAMOptions) Output 

func (o *CreateIAMOptions) Output(results *CreateIAMOutput, logger logr.Logger) error

func (*CreateIAMOptions) Run 

func (o *CreateIAMOptions) Run(ctx context.Context, logger logr.Logger) error

func (*CreateIAMOptions) ValidateInputs 

func (o *CreateIAMOptions) ValidateInputs() error

func (*CreateIAMOptions) ValidateJWKSFile 

func (o *CreateIAMOptions) ValidateJWKSFile() error

type CreateIAMOutput 

type CreateIAMOutput struct {
	ProjectID            string                 `json:"projectId"`
	ProjectNumber        string                 `json:"projectNumber"`
	InfraID              string                 `json:"infraId"`
	WorkloadIdentityPool WorkloadIdentityConfig `json:"workloadIdentityPool"`
	ServiceAccounts      map[string]string      `json:"serviceAccounts"`
}

type CreateInfraOptions added in v0.1.71 

type CreateInfraOptions struct {
	// Required flags
	ProjectID string
	Region    string
	InfraID   string

	// Optional flags
	VPCCidr    string
	OutputFile string
}

CreateInfraOptions contains options for creating GCP infrastructure

func (*CreateInfraOptions) CreateInfra added in v0.1.71 

func (o *CreateInfraOptions) CreateInfra(ctx context.Context, logger logr.Logger) (*CreateInfraOutput, error)

CreateInfra creates the GCP infrastructure resources

func (*CreateInfraOptions) Output added in v0.1.71 

func (o *CreateInfraOptions) Output(result *CreateInfraOutput) error

Output writes the infrastructure output to stdout or a file

func (*CreateInfraOptions) Run added in v0.1.71 

func (o *CreateInfraOptions) Run(ctx context.Context, logger logr.Logger) error

Run executes the infrastructure creation

func (*CreateInfraOptions) Validate added in v0.1.71 

func (o *CreateInfraOptions) Validate() error

Validate validates the create infrastructure options

type CreateInfraOutput added in v0.1.71 

type CreateInfraOutput struct {
	Region           string `json:"region"`
	ProjectID        string `json:"projectId"`
	InfraID          string `json:"infraId"`
	NetworkName      string `json:"networkName"`
	NetworkSelfLink  string `json:"networkSelfLink"`
	SubnetName       string `json:"subnetName"`
	SubnetSelfLink   string `json:"subnetSelfLink"`
	SubnetCIDR       string `json:"subnetCidr"`
	RouterName       string `json:"routerName"`
	NATName          string `json:"natName"`
	FirewallRuleName string `json:"firewallRuleName"`
}

CreateInfraOutput contains the output from infrastructure creation

type DestroyIAMOptions added in v0.1.72 

type DestroyIAMOptions struct {
	ProjectID string
	InfraID   string
}

func (*DestroyIAMOptions) DestroyIAM added in v0.1.72 

func (o *DestroyIAMOptions) DestroyIAM(ctx context.Context, logger logr.Logger) error

func (*DestroyIAMOptions) Run added in v0.1.72 

func (o *DestroyIAMOptions) Run(ctx context.Context, logger logr.Logger) error

func (*DestroyIAMOptions) ValidateInputs added in v0.1.72 

func (o *DestroyIAMOptions) ValidateInputs() error

type DestroyInfraOptions added in v0.1.71 

type DestroyInfraOptions struct {
	// Required flags
	ProjectID string
	Region    string
	InfraID   string
}

DestroyInfraOptions contains options for destroying GCP infrastructure

func (*DestroyInfraOptions) Run added in v0.1.71 

func (o *DestroyInfraOptions) Run(ctx context.Context, logger logr.Logger) error

Run executes the infrastructure destruction

func (*DestroyInfraOptions) Validate added in v0.1.71 

func (o *DestroyInfraOptions) Validate() error

Validate validates the destroy infrastructure options

type IAMManager 

type IAMManager struct {
	// contains filtered or unexported fields
}

IAMManager encapsulates all GCP API interactions used by the GCP IAM creation flow.

func NewIAMManager 

func NewIAMManager(ctx context.Context, projectID string, infraID string, jwksFile string, logger logr.Logger) (*IAMManager, error)

func (*IAMManager) CreateOIDCProvider 

func (c *IAMManager) CreateOIDCProvider(ctx context.Context) (string, string, error)

func (*IAMManager) CreateServiceAccounts added in v0.1.71 

func (c *IAMManager) CreateServiceAccounts(ctx context.Context) (map[string]string, error)

CreateServiceAccounts creates all Google Service Accounts defined in the template, assigns their roles, and creates WIF bindings.

func (*IAMManager) CreateWorkloadIdentityPool 

func (c *IAMManager) CreateWorkloadIdentityPool(ctx context.Context) (string, error)

func (*IAMManager) DeleteOIDCProvider added in v0.1.72 

func (c *IAMManager) DeleteOIDCProvider(ctx context.Context) error

DeleteOIDCProvider deletes the OIDC Provider for this cluster.

func (*IAMManager) DeleteServiceAccounts added in v0.1.72 

func (c *IAMManager) DeleteServiceAccounts(ctx context.Context) error

DeleteServiceAccounts deletes all Google Service Accounts created for this cluster.

func (*IAMManager) DeleteWorkloadIdentityPool added in v0.1.72 

func (c *IAMManager) DeleteWorkloadIdentityPool(ctx context.Context) error

DeleteWorkloadIdentityPool deletes the Workload Identity Pool for this cluster.

func (*IAMManager) GetProjectNumber 

func (c *IAMManager) GetProjectNumber(ctx context.Context) (string, error)

func (*IAMManager) SetOIDCIssuerURL 

func (c *IAMManager) SetOIDCIssuerURL(url string)

SetOIDCIssuerURL sets a custom OIDC issuer URL.

type K8sServiceAccountRef added in v0.1.71 

type K8sServiceAccountRef struct {
	Namespace string `json:"namespace"`
	Name      string `json:"name"`
}

K8sServiceAccountRef identifies a Kubernetes ServiceAccount for WIF binding.

type NetworkManager added in v0.1.71 

type NetworkManager struct {
	// contains filtered or unexported fields
}

NetworkManager encapsulates all GCP Compute API interactions for network infrastructure.

func NewNetworkManager added in v0.1.71 

func NewNetworkManager(ctx context.Context, projectID, infraID, region string, logger logr.Logger) (*NetworkManager, error)

NewNetworkManager creates a new NetworkManager for GCP network operations.

func (*NetworkManager) CreateFirewallRule added in v0.1.74 

func (n *NetworkManager) CreateFirewallRule(ctx context.Context, networkSelfLink string) (*compute.Firewall, error)

CreateFirewallRule creates a firewall rule to allow kubelet API access.

func (*NetworkManager) CreateNAT added in v0.1.71 

func (n *NetworkManager) CreateNAT(ctx context.Context, routerName, subnetSelfLink string) (string, error)

CreateNAT creates a Cloud NAT configuration on the specified router.

func (*NetworkManager) CreateNetwork added in v0.1.71 

func (n *NetworkManager) CreateNetwork(ctx context.Context) (*compute.Network, error)

CreateNetwork creates a VPC network with custom subnet mode.

func (*NetworkManager) CreateRouter added in v0.1.71 

func (n *NetworkManager) CreateRouter(ctx context.Context, networkSelfLink string) (*compute.Router, error)

CreateRouter creates a Cloud Router for NAT gateway.

func (*NetworkManager) CreateSubnet added in v0.1.71 

func (n *NetworkManager) CreateSubnet(ctx context.Context, networkSelfLink, cidr string) (*compute.Subnetwork, error)

CreateSubnet creates a subnet in the specified VPC network.

func (*NetworkManager) DeleteFirewallRule added in v0.1.74 

func (n *NetworkManager) DeleteFirewallRule(ctx context.Context) error

DeleteFirewallRule deletes the firewall rule for kubelet access.

func (*NetworkManager) DeleteNAT added in v0.1.71 

func (n *NetworkManager) DeleteNAT(ctx context.Context) error

DeleteNAT deletes the Cloud NAT configuration from the router.

func (*NetworkManager) DeleteNetwork added in v0.1.71 

func (n *NetworkManager) DeleteNetwork(ctx context.Context) error

DeleteNetwork deletes the VPC network.

func (*NetworkManager) DeleteRouter added in v0.1.71 

func (n *NetworkManager) DeleteRouter(ctx context.Context) error

DeleteRouter deletes the Cloud Router.

func (*NetworkManager) DeleteSubnet added in v0.1.71 

func (n *NetworkManager) DeleteSubnet(ctx context.Context) error

DeleteSubnet deletes the subnet.

type ServiceAccountDefinition added in v0.1.71 

type ServiceAccountDefinition struct {
	// Name is the component name (used for GSA email: {infraID}-{Name}@{project}.iam.gserviceaccount.com)
	Name string `json:"name"`

	// DisplayName is the human-readable name for the GSA
	DisplayName string `json:"displayName"`

	// Description provides context about the GSA's purpose
	Description string `json:"description"`

	// Roles are the GCP IAM roles to assign to this GSA
	Roles []string `json:"roles"`

	// K8sServiceAccounts contains the namespace and name of each K8s SA for WIF binding
	K8sServiceAccounts []K8sServiceAccountRef `json:"k8sServiceAccounts,omitempty"`
}

ServiceAccountDefinition defines a Google Service Account to be created and its role bindings.

type ServiceAccountsConfig added in v0.1.71 

type ServiceAccountsConfig struct {
	ServiceAccounts []ServiceAccountDefinition `json:"serviceAccounts"`
}

ServiceAccountsConfig is the root structure for the service accounts JSON file.

type WorkloadIdentityConfig 

type WorkloadIdentityConfig struct {
	PoolID     string `json:"poolId"`
	ProviderID string `json:"providerId"`
	Audience   string `json:"audience"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.