webhook

package
v1.127.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 54 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ControllerManagerServiceAccountRegex = "system:serviceaccount:[a-z0-9.-]+:cnrm-controller-manager"
	// ServicePort is the port that the webhook binary will bind to, as well as use as the service port.
	//
	// must be 443 as private GKE clusters have opened up 443 specifically
	// as a port that GKE masters can send requests to nodes to, and the requests are sent
	// directly to the targetPort of the pod rather than the service port.
	// see b/180354275
	//
	// Since the TargetPort is effectively being used as a public port,
	// standardizing public ports removes ambiguity.
	ServicePort = 443
)
View Source
const (
	Mutating   webhookType = "Mutating"
	Validating webhookType = "Validating"
)

Variables

View Source
var (
	ValidatingWebhookConfigurationName = "validating-webhook.cnrm.cloud.google.com"
	MutatingWebhookConfigurationName   = "mutating-webhook.cnrm.cloud.google.com"
	CommonWebhookServiceName           = "cnrm-validating-webhook"
)
View Source
var (
	ErrTFSchemaNotFound = fmt.Errorf("schema does not exist")
)

Functions

func GenerateWebhookManifests

func GenerateWebhookManifests(validatingWebhookConfigurationName, mutatingWebhookConfigurationName,
	serviceName string, whCfgs []Config) (*admissionregistration.ValidatingWebhookConfiguration, *admissionregistration.MutatingWebhookConfiguration)

func RegisterAbandonOnUninstallWebhook

func RegisterAbandonOnUninstallWebhook(mgr manager.Manager, nocacheClient client.Client) error

func RegisterCommonWebhooks

func RegisterCommonWebhooks(mgr manager.Manager, nocacheClient client.Client) error

Types

type Config added in v1.114.0

type Config struct {
	Type           webhookType
	Name           string
	Path           string
	HandlerFunc    func(mgr manager.Manager) admission.Handler
	FailurePolicy  admissionregistration.FailurePolicyType
	ObjectSelector *metav1.LabelSelector
	Rules          []admissionregistration.RuleWithOperations
	SideEffects    admissionregistration.SideEffectClass
}

func GetCommonWebhookConfigs

func GetCommonWebhookConfigs() ([]Config, error)

func (*Config) BuildAdmission added in v1.114.0

func (c *Config) BuildAdmission(mgr manager.Manager) *webhook.Admission

type HandlerFunc added in v1.112.0

type HandlerFunc func(mgr manager.Manager) admission.Handler

func NewAbandonOnCRDUninstallWebhook added in v1.112.0

func NewAbandonOnCRDUninstallWebhook() HandlerFunc

func NewContainerAnnotationHandler

func NewContainerAnnotationHandler(smLoader *servicemappingloader.ServiceMappingLoader, dclSchemaLoader dclschemaloader.DCLSchemaLoader, serviceMetadataLoader dclmetadata.ServiceMetadataLoader) HandlerFunc

func NewGenericDefaulter

func NewGenericDefaulter() HandlerFunc

func NewIAMDefaulter

func NewIAMDefaulter(smLoader *servicemappingloader.ServiceMappingLoader,
	serviceMetadataLoader metadata.ServiceMetadataLoader) HandlerFunc

func NewIAMValidatorHandler

func NewIAMValidatorHandler(smLoader *servicemappingloader.ServiceMappingLoader,
	serviceMetadataLoader metadata.ServiceMetadataLoader,
	schemaLoader dclschemaloader.DCLSchemaLoader) HandlerFunc

func NewImmutableFieldsValidatorHandler

func NewImmutableFieldsValidatorHandler(smLoader *servicemappingloader.ServiceMappingLoader, dclSchemaLoader dclschemaloader.DCLSchemaLoader, serviceMetadataLoader dclmetadata.ServiceMetadataLoader) HandlerFunc

func NewManagementConflictAnnotationDefaulter

func NewManagementConflictAnnotationDefaulter(smLoader *servicemappingloader.ServiceMappingLoader, dclSchemaLoader dclschemaloader.DCLSchemaLoader, serviceMetadataLoader dclmetadata.ServiceMetadataLoader) HandlerFunc

func NewNoUnknownFieldsValidatorHandler

func NewNoUnknownFieldsValidatorHandler(smLoader *servicemappingloader.ServiceMappingLoader) HandlerFunc

func NewRequestLoggingHandler

func NewRequestLoggingHandler(handlerFunc HandlerFunc, handlerName string) HandlerFunc

func NewResourceValidatorHandler

func NewResourceValidatorHandler() HandlerFunc

func NewStateIntoSpecAnnotationValidatorHandler added in v1.119.0

func NewStateIntoSpecAnnotationValidatorHandler() HandlerFunc

NewStateIntoSpecAnnotationValidatorHandler creates an instance of stateIntoSpecAnnotationValidator to handle state-into-spec annotation validation.

type RequestLoggingHandler

type RequestLoggingHandler struct {
	// contains filtered or unexported fields
}

func (*RequestLoggingHandler) Handle

Directories

Path Synopsis
Package cert provides functions to manage certificates for webhookClientConfiguration.
Package cert provides functions to manage certificates for webhookClientConfiguration.
generator
Package generator provides an interface and implementation to provision certificates.
Package generator provides an interface and implementation to provision certificates.
writer
Package writer provides method to provision and persist the certificates.
Package writer provides method to provision and persist the certificates.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL