Source file src/github.com/linkerd/linkerd2/controller/identity/domain.go

Documentation: github.com/linkerd/linkerd2/controller/identity

     1  package identity
     2  
     3  import (
     4  	"fmt"
     5  
     6  	"k8s.io/apimachinery/pkg/util/validation"
     7  )
     8  
     9  // TrustDomain is a namespace for identities.
    10  type TrustDomain struct {
    11  	controlNS, domain string
    12  }
    13  
    14  // NewTrustDomain creates a new identity namespace.
    15  func NewTrustDomain(controlNS, domain string) (*TrustDomain, error) {
    16  	if errs := validation.IsDNS1123Label(controlNS); len(errs) > 0 {
    17  		return nil, fmt.Errorf("invalid label '%s': %s", controlNS, errs[0])
    18  	}
    19  	if errs := validation.IsDNS1123Subdomain(domain); len(errs) > 0 {
    20  		return nil, fmt.Errorf("invalid domain '%s': %s", domain, errs[0])
    21  	}
    22  
    23  	return &TrustDomain{controlNS, domain}, nil
    24  }
    25  
    26  // Identity formats the identity for a K8s user.
    27  func (d *TrustDomain) Identity(typ, nm, ns string) (string, error) {
    28  	for _, l := range []string{typ, nm, ns} {
    29  		if errs := validation.IsDNS1123Label(l); len(errs) > 0 {
    30  			return "", fmt.Errorf("invalid label '%s': %s", l, errs[0])
    31  		}
    32  	}
    33  
    34  	id := fmt.Sprintf("%s.%s.%s.identity.%s.%s", nm, ns, typ, d.controlNS, d.domain)
    35  	return id, nil
    36  }
    37  

View as plain text