Documentation ¶
Index ¶
- func ConvertToGVK(obj runtime.Object, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) (runtime.Object, error)
- func ConvertVersionedAttributes(attr *VersionedAttributes, gvk schema.GroupVersionKind, ...) error
- type Dispatcher
- type Source
- type VersionedAttributes
- type Webhook
- func (a *Webhook) Dispatch(ctx context.Context, attr admission.Attributes, o admission.ObjectInterfaces) error
- func (a *Webhook) SetAuthenticationInfoResolverWrapper(wrapper webhookutil.AuthenticationInfoResolverWrapper)
- func (a *Webhook) SetExternalKubeClientSet(client clientset.Interface)
- func (a *Webhook) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)
- func (a *Webhook) SetServiceResolver(sr webhookutil.ServiceResolver)
- func (a *Webhook) ShouldCallHook(h webhook.WebhookAccessor, attr admission.Attributes, ...) (*WebhookInvocation, *apierrors.StatusError)
- func (a *Webhook) ValidateInitialization() error
- type WebhookInvocation
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ConvertToGVK ¶
func ConvertToGVK(obj runtime.Object, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) (runtime.Object, error)
ConvertToGVK converts object to the desired gvk.
func ConvertVersionedAttributes ¶
func ConvertVersionedAttributes(attr *VersionedAttributes, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) error
ConvertVersionedAttributes converts VersionedObject and VersionedOldObject to the specified kind, if needed. If attr.VersionedKind already matches the requested kind, no conversion is performed. If conversion is required: * attr.VersionedObject is used as the source for the new object if Dirty=true (and is round-tripped through attr.Attributes.Object, clearing Dirty in the process) * attr.Attributes.Object is used as the source for the new object if Dirty=false * attr.Attributes.OldObject is used as the source for the old object
Types ¶
type Dispatcher ¶
type Dispatcher interface { // Dispatch a request to the webhooks. Dispatcher may choose not to // call a hook, either because the rules of the hook does not match, or // the namespaceSelector or the objectSelector of the hook does not // match. A non-nil error means the request is rejected. Dispatch(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces, hooks []webhook.WebhookAccessor) error }
Dispatcher dispatches webhook call to a list of webhooks with admission attributes as argument.
type Source ¶
type Source interface { Webhooks() []webhook.WebhookAccessor HasSynced() bool }
Source can list dynamic webhook plugins.
type VersionedAttributes ¶
type VersionedAttributes struct { // Attributes holds the original admission attributes admission.Attributes // VersionedOldObject holds Attributes.OldObject (if non-nil), converted to VersionedKind. // It must never be mutated. VersionedOldObject runtime.Object // VersionedObject holds Attributes.Object (if non-nil), converted to VersionedKind. // If mutated, Dirty must be set to true by the mutator. VersionedObject runtime.Object // VersionedKind holds the fully qualified kind VersionedKind schema.GroupVersionKind // Dirty indicates VersionedObject has been modified since being converted from Attributes.Object Dirty bool }
VersionedAttributes is a wrapper around the original admission attributes, adding versioned variants of the object and old object.
func NewVersionedAttributes ¶
func NewVersionedAttributes(attr admission.Attributes, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) (*VersionedAttributes, error)
NewVersionedAttributes returns versioned attributes with the old and new object (if non-nil) converted to the requested kind
func (*VersionedAttributes) GetObject ¶
func (v *VersionedAttributes) GetObject() runtime.Object
GetObject overrides the Attributes.GetObject()
type Webhook ¶
Webhook is an abstract admission plugin with all the infrastructure to define Admit or Validate on-top.
func NewWebhook ¶
func NewWebhook(handler *admission.Handler, configFile io.Reader, sourceFactory sourceFactory, dispatcherFactory dispatcherFactory) (*Webhook, error)
NewWebhook creates a new generic admission webhook.
func (*Webhook) Dispatch ¶
func (a *Webhook) Dispatch(ctx context.Context, attr admission.Attributes, o admission.ObjectInterfaces) error
Dispatch is called by the downstream Validate or Admit methods.
func (*Webhook) SetAuthenticationInfoResolverWrapper ¶
func (a *Webhook) SetAuthenticationInfoResolverWrapper(wrapper webhookutil.AuthenticationInfoResolverWrapper)
SetAuthenticationInfoResolverWrapper sets the AuthenticationInfoResolverWrapper. TODO find a better way wire this, but keep this pull small for now.
func (*Webhook) SetExternalKubeClientSet ¶
SetExternalKubeClientSet implements the WantsExternalKubeInformerFactory interface. It sets external ClientSet for admission plugins that need it
func (*Webhook) SetExternalKubeInformerFactory ¶
func (a *Webhook) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)
SetExternalKubeInformerFactory implements the WantsExternalKubeInformerFactory interface.
func (*Webhook) SetServiceResolver ¶
func (a *Webhook) SetServiceResolver(sr webhookutil.ServiceResolver)
SetServiceResolver sets a service resolver for the webhook admission plugin. Passing a nil resolver does not have an effect, instead a default one will be used.
func (*Webhook) ShouldCallHook ¶
func (a *Webhook) ShouldCallHook(h webhook.WebhookAccessor, attr admission.Attributes, o admission.ObjectInterfaces) (*WebhookInvocation, *apierrors.StatusError)
ShouldCallHook returns invocation details if the webhook should be called, nil if the webhook should not be called, or an error if an error was encountered during evaluation.
type WebhookInvocation ¶
type WebhookInvocation struct { Webhook webhook.WebhookAccessor Resource schema.GroupVersionResource Subresource string Kind schema.GroupVersionKind }
WebhookInvocation describes how to call a webhook, including the resource and subresource the webhook registered for, and the kind that should be sent to the webhook.