Bejelentkezés
golang
/
flannel
1
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: e6edfac9cb
Branch-ok Tag-ek
flannel
/
vendor
/
k8s.io
/
kubernetes
/
pkg
/
controller
/
serviceaccount
/
tokengetter.go

tokengetter.go 3.4 KB
Előzmények Nyers

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. /*
    2. 

  2. Copyright 2014 The Kubernetes Authors.
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package serviceaccount
    18. 

  18. 

  19. import (
    20. 

  20. 	"k8s.io/kubernetes/pkg/api"
    21. 

  21. 	clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
    22. 

  22. 	"k8s.io/kubernetes/pkg/registry/generic"
    23. 

  23. 	"k8s.io/kubernetes/pkg/registry/secret"
    24. 

  24. 	secretetcd "k8s.io/kubernetes/pkg/registry/secret/etcd"
    25. 

  25. 	serviceaccountregistry "k8s.io/kubernetes/pkg/registry/serviceaccount"
    26. 

  26. 	serviceaccountetcd "k8s.io/kubernetes/pkg/registry/serviceaccount/etcd"
    27. 

  27. 	"k8s.io/kubernetes/pkg/serviceaccount"
    28. 

  28. 	"k8s.io/kubernetes/pkg/storage/storagebackend"
    29. 

  29. )
    30. 

  30. 

  31. // clientGetter implements ServiceAccountTokenGetter using a clientset.Interface
    32. 

  32. type clientGetter struct {
    33. 

  33. 	client clientset.Interface
    34. 

  34. }
    35. 

  35. 

  36. // NewGetterFromClient returns a ServiceAccountTokenGetter that
    37. 

  37. // uses the specified client to retrieve service accounts and secrets.
    38. 

  38. // The client should NOT authenticate using a service account token
    39. 

  39. // the returned getter will be used to retrieve, or recursion will result.
    40. 

  40. func NewGetterFromClient(c clientset.Interface) serviceaccount.ServiceAccountTokenGetter {
    41. 

  41. 	return clientGetter{c}
    42. 

  42. }
    43. 

  43. func (c clientGetter) GetServiceAccount(namespace, name string) (*api.ServiceAccount, error) {
    44. 

  44. 	return c.client.Core().ServiceAccounts(namespace).Get(name)
    45. 

  45. }
    46. 

  46. func (c clientGetter) GetSecret(namespace, name string) (*api.Secret, error) {
    47. 

  47. 	return c.client.Core().Secrets(namespace).Get(name)
    48. 

  48. }
    49. 

  49. 

  50. // registryGetter implements ServiceAccountTokenGetter using a service account and secret registry
    51. 

  51. type registryGetter struct {
    52. 

  52. 	serviceAccounts serviceaccountregistry.Registry
    53. 

  53. 	secrets         secret.Registry
    54. 

  54. }
    55. 

  55. 

  56. // NewGetterFromRegistries returns a ServiceAccountTokenGetter that
    57. 

  57. // uses the specified registries to retrieve service accounts and secrets.
    58. 

  58. func NewGetterFromRegistries(serviceAccounts serviceaccountregistry.Registry, secrets secret.Registry) serviceaccount.ServiceAccountTokenGetter {
    59. 

  59. 	return &registryGetter{serviceAccounts, secrets}
    60. 

  60. }
    61. 

  61. func (r *registryGetter) GetServiceAccount(namespace, name string) (*api.ServiceAccount, error) {
    62. 

  62. 	ctx := api.WithNamespace(api.NewContext(), namespace)
    63. 

  63. 	return r.serviceAccounts.GetServiceAccount(ctx, name)
    64. 

  64. }
    65. 

  65. func (r *registryGetter) GetSecret(namespace, name string) (*api.Secret, error) {
    66. 

  66. 	ctx := api.WithNamespace(api.NewContext(), namespace)
    67. 

  67. 	return r.secrets.GetSecret(ctx, name)
    68. 

  68. }
    69. 

  69. 

  70. // NewGetterFromStorageInterface returns a ServiceAccountTokenGetter that
    71. 

  71. // uses the specified storage to retrieve service accounts and secrets.
    72. 

  72. func NewGetterFromStorageInterface(config *storagebackend.Config, saPrefix, secretPrefix string) serviceaccount.ServiceAccountTokenGetter {
    73. 

  73. 	return NewGetterFromRegistries(
    74. 

  74. 		serviceaccountregistry.NewRegistry(serviceaccountetcd.NewREST(generic.RESTOptions{StorageConfig: config, Decorator: generic.UndecoratedStorage, ResourcePrefix: saPrefix})),
    75. 

  75. 		secret.NewRegistry(secretetcd.NewREST(generic.RESTOptions{StorageConfig: config, Decorator: generic.UndecoratedStorage, ResourcePrefix: secretPrefix})),
    76. 

  76. 	)
    77. 

  77. }
    78.