當前位置: 首頁>>代碼示例>>Golang>>正文


Golang ServiceAccount.Secrets方法代碼示例

本文整理匯總了Golang中github.com/GoogleCloudPlatform/kubernetes/pkg/api.ServiceAccount.Secrets方法的典型用法代碼示例。如果您正苦於以下問題:Golang ServiceAccount.Secrets方法的具體用法?Golang ServiceAccount.Secrets怎麽用?Golang ServiceAccount.Secrets使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在github.com/GoogleCloudPlatform/kubernetes/pkg/api.ServiceAccount的用法示例。


在下文中一共展示了ServiceAccount.Secrets方法的4個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。

示例1: removeSecretReferenceIfNeeded

// removeSecretReferenceIfNeeded updates the given ServiceAccount to remove a reference to the given secretName if needed.
// Returns whether an update was performed, and any error that occurred
func (e *TokensController) removeSecretReferenceIfNeeded(serviceAccount *api.ServiceAccount, secretName string) (bool, error) {
	// See if the account even referenced the secret
	if !getSecretReferences(serviceAccount).Has(secretName) {
		return false, nil
	}

	// We don't want to update the cache's copy of the service account
	// so remove the secret from a freshly retrieved copy of the service account
	serviceAccounts := e.client.ServiceAccounts(serviceAccount.Namespace)
	serviceAccount, err := serviceAccounts.Get(serviceAccount.Name)
	if err != nil {
		return false, err
	}

	// Double-check to see if the account still references the secret
	if !getSecretReferences(serviceAccount).Has(secretName) {
		return false, nil
	}

	secrets := []api.ObjectReference{}
	for _, s := range serviceAccount.Secrets {
		if s.Name != secretName {
			secrets = append(secrets, s)
		}
	}
	serviceAccount.Secrets = secrets

	_, err = serviceAccounts.Update(serviceAccount)
	if err != nil {
		return false, err
	}

	return true, nil
}
開發者ID:Ima8,項目名稱:kubernetes,代碼行數:36,代碼來源:tokens_controller.go

示例2: addSecretsToServiceAccount

// TODO: when Secrets in kapi.ServiceAccount get changed to MountSecrets and represented by LocalObjectReferences, this can be
// refactored to reuse the addition code better
// addSecretsToServiceAccount adds secrets to the service account, either as pull secrets, mount secrets, or both.
func (o AddSecretOptions) addSecretsToServiceAccount(serviceaccount *kapi.ServiceAccount) error {
	updated := false
	newSecrets, err := o.getSecrets()
	if err != nil {
		return err
	}
	newSecretNames := getSecretNames(newSecrets)

	if o.ForMount {
		currentSecrets := getMountSecretNames(serviceaccount)
		secretsToAdd := newSecretNames.Difference(currentSecrets)
		for _, secretName := range secretsToAdd.List() {
			serviceaccount.Secrets = append(serviceaccount.Secrets, kapi.ObjectReference{Name: secretName})
			updated = true
		}
	}
	if o.ForPull {
		currentSecrets := getPullSecretNames(serviceaccount)
		secretsToAdd := newSecretNames.Difference(currentSecrets)
		for _, secretName := range secretsToAdd.List() {
			serviceaccount.ImagePullSecrets = append(serviceaccount.ImagePullSecrets, kapi.LocalObjectReference{Name: secretName})
			updated = true
		}
	}
	if updated {
		_, err = o.ClientInterface.ServiceAccounts(o.Namespace).Update(serviceaccount)
		return err
	}
	return nil
}
開發者ID:cjnygard,項目名稱:origin,代碼行數:33,代碼來源:add_secret_to_obj.go

示例3: AddSecretsToSAMountableSecrets

func (o AddSecretOptions) AddSecretsToSAMountableSecrets(serviceAccount *api.ServiceAccount) (*api.ServiceAccount, error) {
	secrets, err := o.getSecrets()
	if err != nil {
		return nil, err
	}
	if len(secrets) == 0 {
		return nil, errors.New("no secrets found")
	}

	currentSecrets := util.StringSet{}
	for _, secretRef := range serviceAccount.Secrets {
		currentSecrets.Insert(secretRef.Name)
	}

	for _, secret := range secrets {
		if currentSecrets.Has(secret.Name) {
			continue
		}

		serviceAccount.Secrets = append(serviceAccount.Secrets, api.ObjectReference{Name: secret.Name})
		currentSecrets.Insert(secret.Name)
	}

	return o.ClientInterface.ServiceAccounts(o.Namespace).Update(serviceAccount)
}
開發者ID:pombredanne,項目名稱:atomic-enterprise,代碼行數:25,代碼來源:addsecret_to_obj.go

示例4: createSecret

// createSecret creates a secret of type ServiceAccountToken for the given ServiceAccount
func (e *TokensController) createSecret(serviceAccount *api.ServiceAccount) error {
	// Build the secret
	secret := &api.Secret{
		ObjectMeta: api.ObjectMeta{
			Name:      secret.Strategy.GenerateName(fmt.Sprintf("%s-token-", serviceAccount.Name)),
			Namespace: serviceAccount.Namespace,
			Annotations: map[string]string{
				api.ServiceAccountNameKey: serviceAccount.Name,
				api.ServiceAccountUIDKey:  string(serviceAccount.UID),
			},
		},
		Type: api.SecretTypeServiceAccountToken,
		Data: map[string][]byte{},
	}

	// Generate the token
	token, err := e.token.GenerateToken(*serviceAccount, *secret)
	if err != nil {
		return err
	}
	secret.Data[api.ServiceAccountTokenKey] = []byte(token)
	if e.rootCA != nil && len(e.rootCA) > 0 {
		secret.Data[api.ServiceAccountRootCAKey] = e.rootCA
	}

	// Save the secret
	if _, err := e.client.Secrets(serviceAccount.Namespace).Create(secret); err != nil {
		return err
	}

	// We don't want to update the cache's copy of the service account
	// so add the secret to a freshly retrieved copy of the service account
	serviceAccounts := e.client.ServiceAccounts(serviceAccount.Namespace)
	serviceAccount, err = serviceAccounts.Get(serviceAccount.Name)
	if err != nil {
		return err
	}
	serviceAccount.Secrets = append(serviceAccount.Secrets, api.ObjectReference{Name: secret.Name})

	_, err = serviceAccounts.Update(serviceAccount)
	if err != nil {
		// we weren't able to use the token, try to clean it up.
		glog.V(2).Infof("Deleting secret %s/%s because reference couldn't be added (%v)", secret.Namespace, secret.Name, err)
		if err := e.client.Secrets(secret.Namespace).Delete(secret.Name); err != nil {
			glog.Error(err) // if we fail, just log it
		}
	}
	if apierrors.IsConflict(err) {
		// nothing to do.  We got a conflict, that means that the service account was updated.  We simply need to return because we'll get an update notification later
		return nil
	}

	return err
}
開發者ID:Ima8,項目名稱:kubernetes,代碼行數:55,代碼來源:tokens_controller.go


注:本文中的github.com/GoogleCloudPlatform/kubernetes/pkg/api.ServiceAccount.Secrets方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。