Documentation
¶
Index ¶
- func MatchTypedObjects[T client.Object](ctx context.Context, cl client.Client, selector *NamespacedSelector, list []T) ([]T, error)
- type AgeItem
- type AzureKmsItem
- type GcpKmsDataItem
- type HcVaultItem
- type KmsDataItem
- type NamespacedSelector
- func (in *NamespacedSelector) DeepCopy() *NamespacedSelector
- func (in *NamespacedSelector) DeepCopyInto(out *NamespacedSelector)
- func (s *NamespacedSelector) GetMatchingNamespaces(ctx context.Context, client client.Client) ([]corev1.Namespace, error)
- func (s *NamespacedSelector) MatchObjects(ctx context.Context, client client.Client, objects []metav1.Object) ([]metav1.Object, error)
- func (s *NamespacedSelector) MatchSecrets(ctx context.Context, cl client.Client, secrets []corev1.Secret) ([]corev1.Secret, error)
- func (s *NamespacedSelector) SingleMatch(ctx context.Context, client client.Client, obj metav1.Object) (bool, error)
- type Origin
- type PgpDataItem
- type SopsMetadata
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MatchTypedObjects ¶ added in v0.2.0
Types ¶
type AgeItem ¶
type AgeItem struct {
// Recipient which private key can be used for decription
//+optional
Recipient string `json:"recipient,omitempty"`
//+optional
EncryptedKey string `json:"enc,omitempty"`
}
AgeItem defines FiloSottile/age specific encryption details.
type AzureKmsItem ¶
type AzureKmsItem struct {
// Azure KMS vault URL
//+optional
VaultURL string `json:"vault_url,omitempty"`
//+optional
KeyName string `json:"name,omitempty"`
//+optional
Version string `json:"version,omitempty"`
//+optional
EncryptedKey string `json:"enc,omitempty"`
// Object creation date
//+optional
CreationDate string `json:"created_at,omitempty"`
}
AzureKmsItem defines Azure Keyvault Key specific encryption details.
type GcpKmsDataItem ¶
type GcpKmsDataItem struct {
//+optional
VaultURL string `json:"resource_id,omitempty"`
//+optional
EncryptedKey string `json:"enc,omitempty"`
// Object creation date
//+optional
CreationDate string `json:"created_at,omitempty"`
}
GcpKmsDataItem defines GCP KMS Key specific encryption details.
type HcVaultItem ¶
type HcVaultItem struct {
//+optional
VaultAddress string `json:"vault_address,omitempty"`
//+optional
EnginePath string `json:"engine_path,omitempty"`
//+optional
KeyName string `json:"key_name,omitempty"`
//+optional
CreationDate string `json:"created_at,omitempty"`
//+optional
EncryptedKey string `json:"enc,omitempty"`
}
HcVaultItem defines Hashicorp Vault Key specific encryption details.
type KmsDataItem ¶
type KmsDataItem struct {
// Arn - KMS key ARN to use
//+optional
Arn string `json:"arn,omitempty"`
// AWS Iam Role
//+optional
Role string `json:"role,omitempty"`
//+optional
EncryptedKey string `json:"enc,omitempty"`
// Object creation date
//+optional
CreationDate string `json:"created_at,omitempty"`
//+optional
AwsProfile string `json:"aws_profile,omitempty"`
}
KmsDataItem defines AWS KMS specific encryption details.
type NamespacedSelector ¶
type NamespacedSelector struct {
// Select Items based on their labels. If the namespaceSelector is also set, the selector is applied
// to items within the selected namespaces. Otherwise for all the items.
*metav1.LabelSelector `json:",inline"`
// NamespaceSelector for filtering namespaces by labels where items can be located in
NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty"`
}
Selector for resources and their labels or selecting origin namespaces +kubebuilder:object:generate=true
func (*NamespacedSelector) DeepCopy ¶
func (in *NamespacedSelector) DeepCopy() *NamespacedSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespacedSelector.
func (*NamespacedSelector) DeepCopyInto ¶
func (in *NamespacedSelector) DeepCopyInto(out *NamespacedSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NamespacedSelector) GetMatchingNamespaces ¶
func (s *NamespacedSelector) GetMatchingNamespaces( ctx context.Context, client client.Client, ) ([]corev1.Namespace, error)
GetMatchingNamespaces retrieves the list of namespaces that match the NamespaceSelector.
func (*NamespacedSelector) MatchObjects ¶
func (*NamespacedSelector) MatchSecrets ¶
type Origin ¶
type PgpDataItem ¶
type PgpDataItem struct {
//+optional
EncryptedKey string `json:"enc,omitempty"`
// Object creation date
//+optional
CreationDate string `json:"created_at,omitempty"`
// PGP FingerPrint of the key which can be used for decryption
//+optional
FingerPrint string `json:"fp,omitempty"`
}
PgpDataItem defines PGP specific encryption details.
type SopsMetadata ¶
type SopsMetadata struct {
// Aws KMS configuration
//+optional
AwsKms []KmsDataItem `json:"kms,omitempty"`
// PGP configuration
//+optional
Pgp []PgpDataItem `json:"pgp,omitempty"`
// Azure KMS configuration
//+optional
AzureKms []AzureKmsItem `json:"azure_kv,omitempty"`
// Hashicorp Vault KMS configurarion
//+optional
HcVault []HcVaultItem `json:"hc_vault,omitempty"`
// Gcp KMS configuration
//+optional
GcpKms []GcpKmsDataItem `json:"gcp_kms,omitempty"`
// Age configuration
//+optional
Age []AgeItem `json:"age,omitempty"`
// Mac - sops setting
//+optional
Mac string `json:"mac,omitempty"`
// LastModified date when SopsSecret was last modified
//+optional
LastModified string `json:"lastmodified,omitempty"`
// Version of the sops tool used to encrypt SopsSecret
//+optional
Version string `json:"version,omitempty"`
// Suffix used to encrypt SopsSecret resource
//+optional
EncryptedSuffix string `json:"encrypted_suffix,omitempty"`
// Regex used to encrypt SopsSecret resource
// This opstion should be used with more care, as it can make resource unapplicable to the cluster.
//+optional
EncryptedRegex string `json:"encrypted_regex,omitempty"`
}
func (*SopsMetadata) DeepCopy ¶
func (in *SopsMetadata) DeepCopy() *SopsMetadata
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SopsMetadata.
func (*SopsMetadata) DeepCopyInto ¶
func (in *SopsMetadata) DeepCopyInto(out *SopsMetadata)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.