Safe Haskell	None
Language	Haskell2010

Kubernetes.Client.Config

Synopsis

data KubeConfigSource
- = KubeConfigFile FilePath
- | KubeConfigCluster
addCACertData :: MonadThrow m => Config -> ClientParams -> m ClientParams
addCACertFile :: Config -> FilePath -> ClientParams -> IO ClientParams
applyAuthSettings :: OIDCCache -> AuthInfo -> (ClientParams, KubernetesClientConfig) -> IO (ClientParams, KubernetesClientConfig)
clientHooksL :: Lens' ClientParams ClientHooks
defaultTLSClientParams :: IO ClientParams
disableServerCertValidation :: ClientParams -> ClientParams
disableServerNameValidation :: ClientParams -> ClientParams
disableValidateAuthMethods :: KubernetesClientConfig -> KubernetesClientConfig
loadPEMCerts :: (MonadIO m, MonadThrow m) => FilePath -> m [SignedCertificate]
mkInClusterClientConfig :: (MonadIO m, MonadThrow m) => m (Manager, KubernetesClientConfig)
mkKubeClientConfig :: OIDCCache -> KubeConfigSource -> IO (Manager, KubernetesClientConfig)
newManager :: ClientParams -> IO Manager
onCertificateRequestL :: Lens' ClientParams (([CertificateType], Maybe [HashAndSignatureAlgorithm], [DistinguishedName]) -> IO (Maybe (CertificateChain, PrivKey)))
onServerCertificateL :: Lens' ClientParams (CertificateStore -> ValidationCache -> ServiceID -> CertificateChain -> IO [FailedReason])
parsePEMCerts :: ByteString -> Either ParseCertException [SignedCertificate]
serviceAccountDir :: FilePath
setCAStore :: [SignedCertificate] -> ClientParams -> ClientParams
setClientCert :: Credential -> ClientParams -> ClientParams
setMasterURI :: Text -> KubernetesClientConfig -> KubernetesClientConfig
setTokenAuth :: Text -> KubernetesClientConfig -> KubernetesClientConfig
tlsValidation :: Config -> ClientParams -> ClientParams

Documentation

data KubeConfigSource Source #

Constructors

KubeConfigFile FilePath
KubeConfigCluster

addCACertData :: MonadThrow m => Config -> ClientParams -> m ClientParams Source #

addCACertFile :: Config -> FilePath -> ClientParams -> IO ClientParams Source #

applyAuthSettings :: OIDCCache -> AuthInfo -> (ClientParams, KubernetesClientConfig) -> IO (ClientParams, KubernetesClientConfig) Source #

clientHooksL :: Lens' ClientParams ClientHooks Source #

defaultTLSClientParams :: IO ClientParams Source #

Default TLS settings using the system CA store.

disableServerCertValidation :: ClientParams -> ClientParams Source #

Insecure mode. The client will not validate the server cert at all.

disableServerNameValidation :: ClientParams -> ClientParams Source #

Don't check whether the cert presented by the server matches the name of the server you are connecting to. This is necessary if you specify the server host by its IP address.

disableValidateAuthMethods :: KubernetesClientConfig -> KubernetesClientConfig Source #

Disables the client-side auth methods validation. This is necessary if you are using client cert authentication.

loadPEMCerts :: (MonadIO m, MonadThrow m) => FilePath -> m [SignedCertificate] Source #

Loads certificates from a PEM-encoded file.

mkInClusterClientConfig :: (MonadIO m, MonadThrow m) => m (Manager, KubernetesClientConfig) Source #

Creates Manager and KubernetesClientConfig assuming it is being executed in a pod

mkKubeClientConfig :: OIDCCache -> KubeConfigSource -> IO (Manager, KubernetesClientConfig) Source #

Creates Manager and KubernetesClientConfig for a given KubeConfigSource. It is recommended that multiple kubeClient invocations across an application share an OIDCCache, this makes sure updation of OAuth token is synchronized across all the different clients being used.

newManager :: ClientParams -> IO Manager Source #

Creates a Manager that can handle TLS.

onCertificateRequestL :: Lens' ClientParams (([CertificateType], Maybe [HashAndSignatureAlgorithm], [DistinguishedName]) -> IO (Maybe (CertificateChain, PrivKey))) Source #