config

package

v1.0.0 Latest Latest Go to latest Published: Mar 2, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/nstance-dev/nstance

Links

Open Source Insights

Documentation ¶

Overview ¶

Package config provides configuration loading for the nstance-operator from Kubernetes secrets and environment.

Index ¶

func BuildTLSConfig(certPEM, keyPEM, caCertPEM []byte) (*tls.Config, error)
func GetEnv(key, fallback string) string
type Config
type Loader
- func NewLoader(c client.Client, namespace string) *Loader
type OperatorConfig
- func LoadConfigFromFile(path string) (*OperatorConfig, error)
- func (c *OperatorConfig) CAPIClusterName() string
type ShardEndpoints

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuildTLSConfig ¶

func BuildTLSConfig(certPEM, keyPEM, caCertPEM []byte) (*tls.Config, error)

BuildTLSConfig builds a TLS config from certificate and key PEM data with CA verification

func GetEnv ¶

func GetEnv(key, fallback string) string

GetEnv gets environment variable with fallback

Types ¶

type Config ¶

type Config struct {
	// ShardEndpoints maps zone shard IDs to gRPC endpoints
	// Example: {"us-west-2a": "[2600::a]:8992"}
	ShardEndpoints map[string]string

	// TLSConfig for mTLS with nstance-server
	TLSConfig *tls.Config

	// PrivateKey is the operator's Ed25519 private key
	PrivateKey ed25519.PrivateKey

	// Namespace where the operator is running
	Namespace string
}

Config holds the operator configuration loaded from ConfigMap and Secrets

type Loader ¶

type Loader struct {
	// contains filtered or unexported fields
}

Loader handles loading operator configuration from Kubernetes resources

func NewLoader ¶

func NewLoader(c client.Client, namespace string) *Loader

NewLoader creates a new config loader

func (*Loader) LoadCertificate ¶

func (l *Loader) LoadCertificate(ctx context.Context, secretName string, caCert []byte) (*tls.Config, ed25519.PrivateKey, error)

LoadCertificate loads the client certificate from Secret and builds TLS config with CA verification

func (*Loader) LoadNonce ¶

func (l *Loader) LoadNonce(ctx context.Context, secretName string) (string, error)

LoadNonce loads the registration nonce JWT from Secret

func (*Loader) LoadOrGenerateKeypair ¶

func (l *Loader) LoadOrGenerateKeypair(ctx context.Context, secretName string) (ed25519.PrivateKey, bool, error)

LoadOrGenerateKeypair loads existing keypair from Secret or generates a new one

func (*Loader) LoadShardCA ¶

func (l *Loader) LoadShardCA(ctx context.Context, configMapName string) ([]byte, error)

LoadShardCA loads the cluster CA certificate from ConfigMap

func (*Loader) StoreCertificate ¶

func (l *Loader) StoreCertificate(ctx context.Context, secretName string, certPEM, keyPEM []byte) error

StoreCertificate stores the client certificate in Secret

type OperatorConfig ¶

type OperatorConfig struct {
	ClusterID string                    `json:"cluster_id" yaml:"cluster_id"`
	Tenant    string                    `json:"tenant" yaml:"tenant"`
	Shards    map[string]ShardEndpoints `json:"shards" yaml:"shards"`
}

OperatorConfig represents the structure of the configuration file

func LoadConfigFromFile ¶

func LoadConfigFromFile(path string) (*OperatorConfig, error)

LoadConfigFromFile reads the operator configuration from a local file

func (*OperatorConfig) CAPIClusterName ¶

func (c *OperatorConfig) CAPIClusterName() string

CAPIClusterName returns the CAPI Cluster resource name for this operator, combining the cluster ID and tenant with a double-hyphen separator.

type ShardEndpoints ¶

type ShardEndpoints struct {
	RegistrationAddr string `json:"registration_addr" yaml:"registration_addr"`
	OperatorAddr     string `json:"operator_addr" yaml:"operator_addr"`
}

ShardEndpoints contains the endpoints for a single shard

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL