subjectrestriction

package
v0.0.0-...-d88c8b5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 9, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source
const PluginName = "CertificateSubjectRestriction"

PluginName is a string with the name of the plugin

Variables

This section is empty.

Functions

func Register

func Register(plugins *admission.Plugins)

Register registers the plugin

Types

type Plugin

type Plugin struct {
	*admission.Handler
}

Plugin holds state for and implements the admission plugin.

func NewPlugin

func NewPlugin() *Plugin

NewPlugin constructs a new instance of the CertificateSubjectRestrictions admission interface.

func (*Plugin) Validate

Validate ensures that if the signerName on a CSR is set to `kubernetes.io/kube-apiserver-client`, that its organization (group) attribute is not set to `system:masters`.

func (*Plugin) ValidateInitialization

func (p *Plugin) ValidateInitialization() error

ValidateInitialization always returns nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL