Update the godoc on the encryption config API on how to specify group/resources to be encrypted
Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com> Kubernetes-commit: c085031a8f3f366708f9b7aa7ab1695d802d9f5a
This commit is contained in:
Rita Zhang
Kubernetes Publisher
parent
609c6147bb
commit
911df25617
|
|
@ -24,7 +24,23 @@ import (
|
|||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// EncryptionConfiguration stores the complete configuration for encryption providers.
|
||||
/*
|
||||
EncryptionConfiguration stores the complete configuration for encryption providers.
|
||||
example:
|
||||
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
resources:
|
||||
- resources:
|
||||
- secrets
|
||||
- configmaps
|
||||
- pandas.awesome.bears.example
|
||||
providers:
|
||||
- aescbc:
|
||||
keys:
|
||||
- name: key1
|
||||
secret: c2VjcmV0IGlzIHNlY3VyZQ==
|
||||
*/
|
||||
type EncryptionConfiguration struct {
|
||||
metav1.TypeMeta
|
||||
// resources is a list containing resources, and their corresponding encryption providers.
|
||||
|
|
@ -33,7 +49,8 @@ type EncryptionConfiguration struct {
|
|||
|
||||
// ResourceConfiguration stores per resource configuration.
|
||||
type ResourceConfiguration struct {
|
||||
// resources is a list of kubernetes resources which have to be encrypted.
|
||||
// resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from `resource` or `resource.group` of the group/version/resource.
|
||||
// eg: pandas.awesome.bears.example is a custom resource with 'group': awesome.bears.example, 'resource': pandas)
|
||||
Resources []string
|
||||
// providers is a list of transformers to be used for reading and writing the resources to disk.
|
||||
// eg: aesgcm, aescbc, secretbox, identity.
|
||||
|
|
|
|||
|
|
@ -24,7 +24,23 @@ import (
|
|||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// EncryptionConfiguration stores the complete configuration for encryption providers.
|
||||
/*
|
||||
EncryptionConfiguration stores the complete configuration for encryption providers.
|
||||
example:
|
||||
|
||||
kind: EncryptionConfiguration
|
||||
apiVersion: apiserver.config.k8s.io/v1
|
||||
resources:
|
||||
- resources:
|
||||
- secrets
|
||||
- configmaps
|
||||
- pandas.awesome.bears.example
|
||||
providers:
|
||||
- aescbc:
|
||||
keys:
|
||||
- name: key1
|
||||
secret: c2VjcmV0IGlzIHNlY3VyZQ==
|
||||
*/
|
||||
type EncryptionConfiguration struct {
|
||||
metav1.TypeMeta
|
||||
// resources is a list containing resources, and their corresponding encryption providers.
|
||||
|
|
@ -33,7 +49,8 @@ type EncryptionConfiguration struct {
|
|||
|
||||
// ResourceConfiguration stores per resource configuration.
|
||||
type ResourceConfiguration struct {
|
||||
// resources is a list of kubernetes resources which have to be encrypted.
|
||||
// resources is a list of kubernetes resources which have to be encrypted. The resource names are derived from `resource` or `resource.group` of the group/version/resource.
|
||||
// eg: pandas.awesome.bears.example is a custom resource with 'group': awesome.bears.example, 'resource': pandas)
|
||||
Resources []string `json:"resources"`
|
||||
// providers is a list of transformers to be used for reading and writing the resources to disk.
|
||||
// eg: aesgcm, aescbc, secretbox, identity.
|
||||
|
|
|
|||
Loading…
Reference in New Issue