lemur_kubernetes package

lemur_kubernetes Module

plugin Module

class lemur.plugins.lemur_kubernetes.plugin.K8sSession(bearer, cert_file)

Bases: requests.sessions.Session

request(method, url, params=None, data=None, headers=None, cookies=None, files=None, auth=None, timeout=30, allow_redirects=True, proxies=None, hooks=None, stream=None, verify=None, cert=None, json=None)

This method overrides the default timeout to be 10s.

class lemur.plugins.lemur_kubernetes.plugin.KubernetesDestinationPlugin(*args, **kwargs)

Bases: lemur.plugins.bases.destination.DestinationPlugin

author = 'Mikhail Khodorovskiy'
author_url = 'https://github.com/mik373/lemur'
description = 'Allow the uploading of certificates to Kubernetes as secret'
k8s_bearer(options)
k8s_cert(options)
k8s_namespace(options)
options = [{'name': 'secretNameFormat', 'type': 'str', 'required': False, 'validation': '(?:[a-z0-9.-]|\\{common_name\\})+', 'helpMessage': 'Must be a valid secret name, possibly including "{common_name}"', 'default': '{common_name}'}, {'name': 'kubernetesURL', 'type': 'str', 'required': False, 'validation': 'https?://[a-zA-Z0-9.-]+(?::[0-9]+)?', 'helpMessage': 'Must be a valid Kubernetes server URL!', 'default': 'https://kubernetes.default'}, {'name': 'kubernetesAuthToken', 'type': 'str', 'required': False, 'validation': '[0-9a-zA-Z-_.]+', 'helpMessage': 'Must be a valid Kubernetes server Token!'}, {'name': 'kubernetesAuthTokenFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/token'}, {'name': 'kubernetesServerCertificate', 'type': 'textarea', 'required': False, 'validation': '-----BEGIN CERTIFICATE-----[a-zA-Z0-9/+\\s\\r\\n]+-----END CERTIFICATE-----', 'helpMessage': 'Must be a valid Kubernetes server Certificate!'}, {'name': 'kubernetesServerCertificateFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'}, {'name': 'kubernetesNamespace', 'type': 'str', 'required': False, 'validation': '[a-z0-9]([-a-z0-9]*[a-z0-9])?', 'helpMessage': 'Must be a valid Kubernetes Namespace!'}, {'name': 'kubernetesNamespaceFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/namespace'}, {'name': 'secretFormat', 'type': 'select', 'required': True, 'available': ['Full', 'TLS', 'Certificate'], 'helpMessage': 'The type of Secret to create.', 'default': 'Full'}]
slug = 'kubernetes-destination'
title = 'Kubernetes'
upload(name, body, private_key, cert_chain, options, **kwargs)
lemur.plugins.lemur_kubernetes.plugin.build_secret(secret_format, secret_name, body, private_key, cert_chain)
lemur.plugins.lemur_kubernetes.plugin.ensure_resource(k8s_api, k8s_base_uri, namespace, kind, name, data)