lemur_kubernetes package¶
lemur_kubernetes
Module¶
plugin
Module¶
-
class
lemur.plugins.lemur_kubernetes.plugin.
K8sSession
(bearer, cert_file) Bases:
requests.sessions.Session
-
request
(method, url, params=None, data=None, headers=None, cookies=None, files=None, auth=None, timeout=30, allow_redirects=True, proxies=None, hooks=None, stream=None, verify=None, cert=None, json=None) This method overrides the default timeout to be 10s.
-
-
class
lemur.plugins.lemur_kubernetes.plugin.
KubernetesDestinationPlugin
(*args, **kwargs) Bases:
lemur.plugins.bases.destination.DestinationPlugin
-
author
= 'Mikhail Khodorovskiy'
-
author_url
= 'https://github.com/mik373/lemur'
-
description
= 'Allow the uploading of certificates to Kubernetes as secret'
-
k8s_bearer
(options)
-
k8s_cert
(options)
-
k8s_namespace
(options)
-
options
= [{'name': 'secretNameFormat', 'type': 'str', 'required': False, 'validation': '(?:[a-z0-9.-]|\\{common_name\\})+', 'helpMessage': 'Must be a valid secret name, possibly including "{common_name}"', 'default': '{common_name}'}, {'name': 'kubernetesURL', 'type': 'str', 'required': False, 'validation': 'https?://[a-zA-Z0-9.-]+(?::[0-9]+)?', 'helpMessage': 'Must be a valid Kubernetes server URL!', 'default': 'https://kubernetes.default'}, {'name': 'kubernetesAuthToken', 'type': 'str', 'required': False, 'validation': '[0-9a-zA-Z-_.]+', 'helpMessage': 'Must be a valid Kubernetes server Token!'}, {'name': 'kubernetesAuthTokenFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/token'}, {'name': 'kubernetesServerCertificate', 'type': 'textarea', 'required': False, 'validation': '-----BEGIN CERTIFICATE-----[a-zA-Z0-9/+\\s\\r\\n]+-----END CERTIFICATE-----', 'helpMessage': 'Must be a valid Kubernetes server Certificate!'}, {'name': 'kubernetesServerCertificateFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'}, {'name': 'kubernetesNamespace', 'type': 'str', 'required': False, 'validation': '[a-z0-9]([-a-z0-9]*[a-z0-9])?', 'helpMessage': 'Must be a valid Kubernetes Namespace!'}, {'name': 'kubernetesNamespaceFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/namespace'}, {'name': 'secretFormat', 'type': 'select', 'required': True, 'available': ['Full', 'TLS', 'Certificate'], 'helpMessage': 'The type of Secret to create.', 'default': 'Full'}]
-
slug
= 'kubernetes-destination'
-
title
= 'Kubernetes'
-
upload
(name, body, private_key, cert_chain, options, **kwargs)
-
-
lemur.plugins.lemur_kubernetes.plugin.
build_secret
(secret_format, secret_name, body, private_key, cert_chain)
-
lemur.plugins.lemur_kubernetes.plugin.
ensure_resource
(k8s_api, k8s_base_uri, namespace, kind, name, data)