airship/airshipctl
Code Issues Proposed changes
Files
e2c56108eef38dd83df52fcfd1fa6844e5376a56
airshipctl/pkg/document/plugin/templater/extlib/funcmap.go
Alexey Odinokov e2c56108ee Nextgen secrets implementation with separation per cluster 
1. Extending templater with kyaml functions and creating combined catalogue
to be able to request/update the existing resources.
This is based on 'everything is transformer' concept introduced in kustomize 4.x
That includes gathering all secrets into 1 variable catalogue and
special mechanism to regenerate/merge with manual secrets.

2. Implementing 'catalogue per cluster' approach for secrets.

3. Rearranging secrets so it's possible to use:
pgp (each person may have his own key), age, Hachicorp Vault and etc
and the list of people who can decrypt documents is set in a special file.
Since in some cases there should be a separate list of people who can decrypt
data - this list is set for each cluster (ephemeral and target) separatelly.

Closes: #586
Change-Id: I038f84dd138d5ad4a35f4862c61ff2124c2fd530
2021-09-03 20:46:15 +00:00

51 lines
1.6 KiB
Go
Raw Blame History

/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package extlib
import (
"text/template"
)
// GenericFuncMap returns a copy of the function map
func GenericFuncMap() template.FuncMap {
gfm := make(template.FuncMap, len(genericMap))
for k, v := range genericMap {
gfm[k] = v
}
return gfm
}
var genericMap = map[string]interface{}{
"genCAEx": generateCertificateAuthorityEx,
"genCAWithKeyEx": generateCertificateAuthorityWithPEMKeyEx,
"genSignedCertEx": generateSignedCertificateEx,
"genSignedCertWithKeyEx": generateSignedCertificateWithPEMKeyEx,
"genSSHKeyPair": genSSHKeyPair,
"regexGen": regexGen,
"toYaml": toYaml,
"toUint32": toUint32,
"YFilter": yFilter,
"YPipe": yPipe,
"YOneFilter": yOneFilter,
"YValue": yValue,
"KFilter": kFilter,
"KPipe": kPipe,
"KOneFilter": kOneFilter,
"KYFilter": newKYFilter,
"YMerge": yMerge,
"StrToY": strToY,
"YListAppend": yListAppend,
}
View Git Blame Copy Permalink