package kubeclient

tailscale.com – tailscale.com/kube/kubeclient Index | Files

package kubeclient

import "tailscale.com/kube/kubeclient"

Package kubeclient provides a client to interact with Kubernetes. This package is Tailscale-internal and not meant for external consumption. Further, the API should not be considered stable. Client is split into a separate package for consumption of non-Kubernetes shared libraries and binaries. Be mindful of not increasing dependency size for those consumers when adding anything new here.

func New(name string) (Client, error)

type FakeClient

func (fc *FakeClient) CheckSecretPermissions(ctx context.Context, name string) (bool, bool, error)
func (fc *FakeClient) CreateSecret(ctx context.Context, secret *kubeapi.Secret) error
func (fc *FakeClient) Event(context.Context, string, string, string) error
func (fc *FakeClient) GetSecret(ctx context.Context, name string) (*kubeapi.Secret, error)
func (fc *FakeClient) JSONPatchResource(ctx context.Context, resource, name string, patches []JSONPatch) error
func (fc *FakeClient) ListSecrets(ctx context.Context, selector map[string]string) (*kubeapi.SecretList, error)
func (fc *FakeClient) SetDialer(dialer func(ctx context.Context, network, addr string) (net.Conn, error))
func (fc *FakeClient) SetURL(_ string)
func (fc *FakeClient) StrategicMergePatchSecret(context.Context, string, *kubeapi.Secret, string) error
func (fc *FakeClient) UpdateSecret(ctx context.Context, secret *kubeapi.Secret) error

type JSONPatch

Constants ¶

const (
	TypeSecrets = "secrets"
)

Functions ¶

func IsNotFoundErr ¶

func IsNotFoundErr(err error) bool

func SetRootPathForTesting ¶

func SetRootPathForTesting(p string)

SetRootPathForTesting sets the path to the service account directory.

Types ¶

type Client ¶

type Client interface {
	GetSecret(context.Context, string) (*kubeapi.Secret, error)
	ListSecrets(context.Context, map[string]string) (*kubeapi.SecretList, error)
	UpdateSecret(context.Context, *kubeapi.Secret) error
	CreateSecret(context.Context, *kubeapi.Secret) error
	// Event attempts to ensure an event with the specified options associated with the Pod in which we are
	// currently running. This is best effort - if the client is not able to create events, this operation will be a
	// no-op. If there is already an Event with the given reason for the current Pod, it will get updated (only
	// count and timestamp are expected to change), else a new event will be created.
	Event(_ context.Context, typ, reason, msg string) error
	StrategicMergePatchSecret(context.Context, string, *kubeapi.Secret, string) error
	JSONPatchResource(_ context.Context, resourceName string, resourceType string, patches []JSONPatch) error
	CheckSecretPermissions(context.Context, string) (bool, bool, error)
	SetDialer(dialer func(context.Context, string, string) (net.Conn, error))
	SetURL(string)
}

Client handles connections to Kubernetes. It expects to be run inside a cluster.

func New ¶

func New(name string) (Client, error)

New returns a new client

type FakeClient ¶

type FakeClient struct {
	GetSecretImpl              func(context.Context, string) (*kubeapi.Secret, error)
	CheckSecretPermissionsImpl func(ctx context.Context, name string) (bool, bool, error)
	CreateSecretImpl           func(context.Context, *kubeapi.Secret) error
	UpdateSecretImpl           func(context.Context, *kubeapi.Secret) error
	JSONPatchResourceImpl      func(context.Context, string, string, []JSONPatch) error
	ListSecretsImpl            func(context.Context, map[string]string) (*kubeapi.SecretList, error)
}

func (*FakeClient) CheckSecretPermissions ¶

func (fc *FakeClient) CheckSecretPermissions(ctx context.Context, name string) (bool, bool, error)

func (*FakeClient) CreateSecret ¶

func (fc *FakeClient) CreateSecret(ctx context.Context, secret *kubeapi.Secret) error

func (*FakeClient) Event ¶

func (fc *FakeClient) Event(context.Context, string, string, string) error

func (*FakeClient) GetSecret ¶

func (fc *FakeClient) GetSecret(ctx context.Context, name string) (*kubeapi.Secret, error)

func (*FakeClient) JSONPatchResource ¶

func (fc *FakeClient) JSONPatchResource(ctx context.Context, resource, name string, patches []JSONPatch) error

func (*FakeClient) ListSecrets ¶

func (fc *FakeClient) ListSecrets(ctx context.Context, selector map[string]string) (*kubeapi.SecretList, error)

func (*FakeClient) SetDialer ¶

func (fc *FakeClient) SetDialer(dialer func(ctx context.Context, network, addr string) (net.Conn, error))

func (*FakeClient) SetURL ¶

func (fc *FakeClient) SetURL(_ string)

func (*FakeClient) StrategicMergePatchSecret ¶

func (fc *FakeClient) StrategicMergePatchSecret(context.Context, string, *kubeapi.Secret, string) error

func (*FakeClient) UpdateSecret ¶

func (fc *FakeClient) UpdateSecret(ctx context.Context, secret *kubeapi.Secret) error

type JSONPatch ¶

type JSONPatch struct {
	Op    string `json:"op"`
	Path  string `json:"path"`
	Value any    `json:"value,omitempty"`
}

JSONPatch is a JSON patch operation. It currently (2024-11-15) only supports "add", "remove" and "replace" operations.

https://tools.ietf.org/html/rfc6902

Source Files ¶

client.go fake_client.go

Version: v1.84.0 (latest)
Published: May 21, 2025
Platform: linux/amd64
Imports: 19 packages
Last checked: 2 days ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples