本文整理汇总了Golang中k8s/io/kubernetes/pkg/client.Client.ServiceAccounts方法的典型用法代码示例。如果您正苦于以下问题:Golang Client.ServiceAccounts方法的具体用法?Golang Client.ServiceAccounts怎么用?Golang Client.ServiceAccounts使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类k8s/io/kubernetes/pkg/client.Client
的用法示例。
在下文中一共展示了Client.ServiceAccounts方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: generateSecretsConfig
// generateSecretsConfig generates any Secret and Volume objects, such
// as SSH private keys, that are necessary for the router container.
func generateSecretsConfig(cfg *RouterConfig, kClient *kclient.Client,
namespace string) ([]*kapi.Secret, []kapi.Volume, []kapi.VolumeMount,
error) {
secrets := []*kapi.Secret{}
volumes := []kapi.Volume{}
mounts := []kapi.VolumeMount{}
if len(cfg.ExternalHostPrivateKey) != 0 {
privkeyData, err := loadKey(cfg.ExternalHostPrivateKey)
if err != nil {
return secrets, volumes, mounts, fmt.Errorf("error reading private key"+
" for external host: %v", err)
}
serviceAccount, err := kClient.ServiceAccounts(namespace).Get(cfg.ServiceAccount)
if err != nil {
return secrets, volumes, mounts, fmt.Errorf("error looking up"+
" service account %s: %v", cfg.ServiceAccount, err)
}
privkeySecret := &kapi.Secret{
ObjectMeta: kapi.ObjectMeta{
Name: privkeySecretName,
Annotations: map[string]string{
kapi.ServiceAccountNameKey: serviceAccount.Name,
kapi.ServiceAccountUIDKey: string(serviceAccount.UID),
},
},
Data: map[string][]byte{privkeyName: privkeyData},
}
secrets = append(secrets, privkeySecret)
}
// We need a secrets volume and mount iff we have secrets.
if len(secrets) != 0 {
secretsVolume := kapi.Volume{
Name: secretsVolumeName,
VolumeSource: kapi.VolumeSource{
Secret: &kapi.SecretVolumeSource{
SecretName: privkeySecretName,
},
},
}
secretsMount := kapi.VolumeMount{
Name: secretsVolumeName,
ReadOnly: true,
MountPath: secretsPath,
}
volumes = []kapi.Volume{secretsVolume}
mounts = []kapi.VolumeMount{secretsMount}
}
return secrets, volumes, mounts, nil
}
示例2: validateServiceAccount
func validateServiceAccount(c *k8sclient.Client, f *cmdutil.Factory) (Result, error) {
ns, _, err := f.DefaultNamespace()
if err != nil {
return Failure, err
}
sa, err := c.ServiceAccounts(ns).Get("fabric8")
if sa != nil {
return Success, err
}
return Failure, err
}
示例3: getReferencedServiceAccountToken
func getReferencedServiceAccountToken(c *client.Client, ns string, name string, shouldWait bool) (string, string, error) {
tokenName := ""
token := ""
findToken := func() (bool, error) {
user, err := c.ServiceAccounts(ns).Get(name)
if errors.IsNotFound(err) {
return false, nil
}
if err != nil {
return false, err
}
for _, ref := range user.Secrets {
secret, err := c.Secrets(ns).Get(ref.Name)
if errors.IsNotFound(err) {
continue
}
if err != nil {
return false, err
}
if secret.Type != api.SecretTypeServiceAccountToken {
continue
}
name := secret.Annotations[api.ServiceAccountNameKey]
uid := secret.Annotations[api.ServiceAccountUIDKey]
tokenData := secret.Data[api.ServiceAccountTokenKey]
if name == user.Name && uid == string(user.UID) && len(tokenData) > 0 {
tokenName = secret.Name
token = string(tokenData)
return true, nil
}
}
return false, nil
}
if shouldWait {
err := wait.Poll(time.Second, 10*time.Second, findToken)
if err != nil {
return "", "", err
}
} else {
ok, err := findToken()
if err != nil {
return "", "", err
}
if !ok {
return "", "", fmt.Errorf("No token found for %s/%s", ns, name)
}
}
return tokenName, token, nil
}
示例4: getServiceAccount
func getServiceAccount(c *client.Client, ns string, name string, shouldWait bool) (*api.ServiceAccount, error) {
if !shouldWait {
return c.ServiceAccounts(ns).Get(name)
}
var user *api.ServiceAccount
var err error
err = wait.Poll(time.Second, 10*time.Second, func() (bool, error) {
user, err = c.ServiceAccounts(ns).Get(name)
if errors.IsNotFound(err) {
return false, nil
}
if err != nil {
return false, err
}
return true, nil
})
return user, err
}
示例5: WaitForServiceAccounts
func WaitForServiceAccounts(client *kclient.Client, namespace string, accounts []string) error {
// Ensure the service accounts needed by build pods exist in the namespace
// The extra controllers tend to starve the service account controller
serviceAccounts := client.ServiceAccounts(namespace)
return wait.Poll(time.Second, ServiceAccountWaitTimeout, func() (bool, error) {
for _, account := range accounts {
if _, err := serviceAccounts.Get(account); err != nil {
return false, nil
}
}
return true, nil
})
}
示例6: addServiceAccount
func addServiceAccount(c *k8sclient.Client, f *cmdutil.Factory, name string) (Result, error) {
ns, _, e := f.DefaultNamespace()
if e != nil {
util.Fatal("No default namespace")
return Failure, e
}
sas := c.ServiceAccounts(ns)
_, err := sas.Get(name)
if err != nil {
sa := kapi.ServiceAccount{
ObjectMeta: kapi.ObjectMeta{
Name: name,
},
}
_, err = sas.Create(&sa)
}
r := Success
if err != nil {
r = Failure
}
return r, err
}
示例7: WaitForServiceAccounts
// WaitForServiceAccounts ensures the service accounts needed by build pods exist in the namespace
// The extra controllers tend to starve the service account controller
func WaitForServiceAccounts(client *kclient.Client, namespace string, accounts []string) error {
serviceAccounts := client.ServiceAccounts(namespace)
return wait.Poll(time.Second, ServiceAccountWaitTimeout, func() (bool, error) {
for _, account := range accounts {
if sa, err := serviceAccounts.Get(account); err != nil {
if !serviceAccountSecretsExist(client, namespace, sa) {
continue
}
return false, nil
}
}
return true, nil
})
}
示例8: getServiceAccountToken
func getServiceAccountToken(client *kclient.Client, ns, name string) (string, error) {
secrets, err := client.Secrets(ns).List(labels.Everything(), fields.Everything())
if err != nil {
return "", err
}
for _, secret := range secrets.Items {
if secret.Type == api.SecretTypeServiceAccountToken && secret.Annotations[api.ServiceAccountNameKey] == name {
sa, err := client.ServiceAccounts(ns).Get(name)
if err != nil {
return "", err
}
for _, ref := range sa.Secrets {
if ref.Name == secret.Name {
return string(secret.Data[api.ServiceAccountTokenKey]), nil
}
}
}
}
return "", nil
}