Options
All
  • Public
  • Public/Protected
  • All
Menu

Module "pack/k8s/kubernetes/fetch"

Index

Interfaces

Variables

Functions

Object literals

Variables

Const defaultKubernetesResourceSelectorKinds

defaultKubernetesResourceSelectorKinds: KubernetesResourceKind[] = [{ apiVersion: "v1", kind: "ConfigMap" },{ apiVersion: "v1", kind: "Namespace" },{ apiVersion: "v1", kind: "Secret" },{ apiVersion: "v1", kind: "Service" },{ apiVersion: "v1", kind: "ServiceAccount" },{ apiVersion: "v1", kind: "PersistentVolume" },{ apiVersion: "v1", kind: "PersistentVolumeClaim" },{ apiVersion: "apps/v1", kind: "DaemonSet" },{ apiVersion: "apps/v1", kind: "Deployment" },{ apiVersion: "apps/v1", kind: "StatefulSet" },{ apiVersion: "autoscaling/v1", kind: "HorizontalPodAutoscaler" },{ apiVersion: "batch/v1beta1", kind: "CronJob" },{ apiVersion: "networking.k8s.io/v1beta1", kind: "Ingress" },{ apiVersion: "networking.k8s.io/v1", kind: "NetworkPolicy" },{ apiVersion: "policy/v1beta1", kind: "PodDisruptionBudget" },{ apiVersion: "policy/v1beta1", kind: "PodSecurityPolicy" },{ apiVersion: "rbac.authorization.k8s.io/v1", kind: "ClusterRole" },{ apiVersion: "rbac.authorization.k8s.io/v1", kind: "ClusterRoleBinding" },{ apiVersion: "rbac.authorization.k8s.io/v1", kind: "Role" },{ apiVersion: "rbac.authorization.k8s.io/v1", kind: "RoleBinding" },{ apiVersion: "storage.k8s.io/v1", kind: "StorageClass" },]

Useful default set of kinds of Kubernetes resources.

Functions

apiObject

cleanKubernetesSpec

clusterResourceKinds

  • Determine all Kuberenetes cluster, i.e., not namespaced, resources that we should query based on all the selectors and return an array with each Kubernetes cluster resource type appearing no more than once. Note that uniqueness of a Kubernetes resource type is determined solely by the kind property, apiVersion is not considered since the same resource can be found with the same kind and different API versions.

    Parameters

    Returns Promise<KubernetesResourceKind[]>

    A deduplicated array of Kubernetes cluster resource kinds among the inclusion rules

filterMatch

  • filterMatch(spec: KubernetesObject, filter: (r: KubernetesObject) => boolean): boolean

  • Determine if Kubernetes resource kind property is among the kinds provided. If no kinds are provided, it is considered matching. Only the resource's kind property is considered when matching, apiVersion is ignored.

    Parameters

    • spec: KubernetesObject

      Kubernetes resource to check

    • filter: (r: KubernetesObject) => boolean
        • (r: KubernetesObject): boolean

        • Parameters

          • r: KubernetesObject

          Returns boolean

    Returns boolean

    Return true if it is a match, false otherwise

includedResourceKinds

  • Determine all Kuberenetes resources that we should query based on all the selectors and return an array with each Kubernetes resource type appearing no more than once. Note that uniqueness of a Kubernetes resource type is determined solely by the kind property, apiVersion is not considered since the same resource can be found with the same kind and different API versions.

    Parameters

    Returns KubernetesResourceKind[]

    A deduplicated array of Kubernetes resource kinds among the inclusion rules

kindMatch

  • Determine if Kubernetes resource kind property is among the kinds provided. If no kinds are provided, it is considered matching. Only the resource's kind property is considered when matching, apiVersion is ignored.

    Parameters

    • spec: KubernetesObject

      Kubernetes resource to check

    • kinds: KubernetesResourceKind[]

      Kubernetes resource selector kinds property to use for checking

    Returns boolean

    Return true if it is a match, false otherwise

kubernetesFetch

  • Fetch resource specs from a Kubernetes cluster as directed by the fetch options, removing read-only properties filled by the Kubernetes system.

    The inclusion selectors are processed to determine which resources in the Kubernetes cluster to query.

    Parameters

    Returns Promise<KubernetesObject[]>

    Kubernetes resources matching the fetch options

kubernetesResourceIdentity

  • kubernetesResourceIdentity(obj: KubernetesObject): string

  • Reduce a Kubernetes resource to its uniquely identifying properties. Note that apiVersion is not among them as identical resources can be access via different API versions, e.g., Deployment via app/v1 and extensions/v1beta1.

    Parameters

    • obj: KubernetesObject

      Kubernetes resource

    Returns string

    Stripped down resource for unique identification

namespaceResourceKinds

populateResourceSelectorDefaults

selectKubernetesResources

  • Filter provided Kubernetes resources according to the provides selectors. Each selector is applied in turn to each spec. The action of the first selector that matches a resource is applied to that resource. If no selector matches a resource, it is not returned, i.e., the default is to exclude.

    Parameters

    Returns KubernetesObject[]

    Filtered array of Kubernetes resources

selectorMatch

  • Determine if Kubernetes resource is a match against the selector. If there is a match, return the action of the selector. If there is not a match, return undefined.

    Parameters

    Returns "include" | "exclude" | undefined

    Selector action if there is a match, undefined otherwise

Object literals

Const defaultKubernetesFetchOptions

defaultKubernetesFetchOptions: object

The default options used when fetching resource from a Kubernetes cluster. By default it fetches resources whose kind is in the defaultKubernetesResourceSelectorKinds array, excluding the resources that look like Kubernetes managed resources like the kubernetes service in the default namespace, resources in namespaces that starts with "kube-", and system- and cloud-related cluster roles and cluster role bindings.

selectors

selectors: ({ action: "exclude"; namespace: RegExp } | { action: "exclude"; name: RegExp } | { action: "exclude"; kinds: { apiVersion: string; kind: string }[]; name: string } | { action: "exclude"; kinds: { apiVersion: string; kind: string }[]; name: RegExp } | { action: "exclude"; kinds: { apiVersion: string; kind: string }[]; name: string; namespace: string } | { action: "exclude"; filter: any } | { action: "include"; kinds: KubernetesResourceKind[] })[] = [{ action: "exclude", namespace: /^kube-/ },{ action: "exclude", name: /^(?:kubeadm|system):/ },{ action: "exclude", kinds: [{ apiVersion: "v1", kind: "Namespace" }], name: "default" },{ action: "exclude", kinds: [{ apiVersion: "v1", kind: "Namespace" }], name: /^kube-/ },{ action: "exclude", kinds: [{ apiVersion: "v1", kind: "Service" }], namespace: "default", name: "kubernetes" },{ action: "exclude", kinds: [{ apiVersion: "v1", kind: "ServiceAccount" }], name: "default" },{action: "exclude",kinds: [{ apiVersion: "rbac.authorization.k8s.io/v1", kind: "ClusterRole" }],name: /^(?:(?:cluster-)?admin|edit|view|cloud-provider)$/,},{action: "exclude",kinds: [{ apiVersion: "rbac.authorization.k8s.io/v1", kind: "ClusterRoleBinding" }],name: /^(?:cluster-admin(?:-binding)?|cloud-provider|kubernetes-dashboard)$/,},{ action: "exclude", kinds: [{ apiVersion: "storage.k8s.io/v1", kind: "StorageClass" }], name: "standard" },{action: "exclude",filter: (r: any) => r.kind === "Secret" && r.type === "kubernetes.io/service-account-token",},{ action: "exclude", filter: r => /^ClusterRole/.test(r.kind) && /(?:kubelet|:)/.test(r.metadata.name) },{ action: "include", kinds: defaultKubernetesResourceSelectorKinds },]

Generated using TypeDoc