lemur_kubernetes package¶
lemur_kubernetes
Module¶
plugin
Module¶
- class lemur.plugins.lemur_kubernetes.plugin.K8sSession(bearer, cert_file)
Bases:
Session
- request(method, url, params=None, data=None, headers=None, cookies=None, files=None, auth=None, timeout=30, allow_redirects=True, proxies=None, hooks=None, stream=None, verify=None, cert=None, json=None)
This method overrides the default timeout to be 10s.
- class lemur.plugins.lemur_kubernetes.plugin.KubernetesDestinationPlugin(*args, **kwargs)
Bases:
DestinationPlugin
- author = 'Mikhail Khodorovskiy'
- author_url = 'https://github.com/mik373/lemur'
- description = 'Allow the uploading of certificates to Kubernetes as secret'
- k8s_bearer(options)
- k8s_cert(options)
- k8s_namespace(options)
- options = [{'name': 'secretNameFormat', 'type': 'str', 'required': False, 'validation': '(?:[a-z0-9.-]|\\{common_name\\})+', 'helpMessage': 'Must be a valid secret name, possibly including "{common_name}"', 'default': '{common_name}'}, {'name': 'kubernetesURL', 'type': 'str', 'required': False, 'validation': 'https?://[a-zA-Z0-9.-]+(?::[0-9]+)?', 'helpMessage': 'Must be a valid Kubernetes server URL!', 'default': 'https://kubernetes.default'}, {'name': 'kubernetesAuthToken', 'type': 'str', 'required': False, 'validation': '[0-9a-zA-Z-_.]+', 'helpMessage': 'Must be a valid Kubernetes server Token!'}, {'name': 'kubernetesAuthTokenFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/token'}, {'name': 'kubernetesServerCertificate', 'type': 'textarea', 'required': False, 'validation': '-----BEGIN CERTIFICATE-----[a-zA-Z0-9/+\\s\\r\\n]+-----END CERTIFICATE-----', 'helpMessage': 'Must be a valid Kubernetes server Certificate!'}, {'name': 'kubernetesServerCertificateFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'}, {'name': 'kubernetesNamespace', 'type': 'str', 'required': False, 'validation': '[a-z0-9]([-a-z0-9]*[a-z0-9])?', 'helpMessage': 'Must be a valid Kubernetes Namespace!'}, {'name': 'kubernetesNamespaceFile', 'type': 'str', 'required': False, 'validation': '(/[^/]+)+', 'helpMessage': 'Must be a valid file path!', 'default': '/var/run/secrets/kubernetes.io/serviceaccount/namespace'}, {'name': 'secretFormat', 'type': 'select', 'required': True, 'available': ['Full', 'TLS', 'Certificate'], 'helpMessage': 'The type of Secret to create.', 'default': 'Full'}]
- slug = 'kubernetes-destination'
- title = 'Kubernetes'
- upload(name, body, private_key, cert_chain, options, **kwargs)
- lemur.plugins.lemur_kubernetes.plugin.build_secret(secret_format, secret_name, body, private_key, cert_chain)
- lemur.plugins.lemur_kubernetes.plugin.ensure_resource(k8s_api, k8s_base_uri, namespace, kind, name, data)