webhook

package
v1.106.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 11, 2023 License: Apache-2.0 Imports: 56 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ControllerManagerServiceAccountRegex = "system:serviceaccount:[a-z0-9.-]+:cnrm-controller-manager"
	// ServicePort is the port that the webhook binary will bind to, as well as use as the service port.
	//
	// must be 443 as private GKE clusters have opened up 443 specifically
	// as a port that GKE masters can send requests to nodes to, and the requests are sent
	// directly to the targetPort of the pod rather than the service port.
	// see b/180354275
	//
	// Since the TargetPort is effectively being used as a public port,
	// standardizing public ports removes ambiguity.
	ServicePort = 443
)
View Source
const (
	Mutating   webhookType = "Mutating"
	Validating webhookType = "Validating"
)

Variables

View Source
var (
	ValidatingWebhookConfigurationName = "validating-webhook.cnrm.cloud.google.com"
	MutatingWebhookConfigurationName   = "mutating-webhook.cnrm.cloud.google.com"
	CommonWebhookServiceName           = "cnrm-validating-webhook"
)
View Source
var (
	TFSchemaNotFound = fmt.Errorf("schema does not exist")
)

Functions

func GenerateWebhookManifests

func GenerateWebhookManifests(validatingWebhookConfigurationName, mutatingWebhookConfigurationName,
	serviceName string, whCfgs []WebhookConfig) (*admissionregistration.ValidatingWebhookConfiguration, *admissionregistration.MutatingWebhookConfiguration)

func NewContainerAnnotationHandler

func NewContainerAnnotationHandler(smLoader *servicemappingloader.ServiceMappingLoader, dclSchemaLoader dclschemaloader.DCLSchemaLoader, serviceMetadataLoader dclmetadata.ServiceMetadataLoader) *containerAnnotationHandler

func NewGenericDefaulter

func NewGenericDefaulter() *genericDefaulter

func NewIAMDefaulter

func NewIAMDefaulter(smLoader *servicemappingloader.ServiceMappingLoader,
	serviceMetadataLoader metadata.ServiceMetadataLoader) *iamDefaulter

func NewIAMValidatorHandler

func NewIAMValidatorHandler(smLoader *servicemappingloader.ServiceMappingLoader,
	serviceMetadataLoader metadata.ServiceMetadataLoader,
	schemaLoader dclschemaloader.DCLSchemaLoader) *iamValidatorHandler

func NewImmutableFieldsValidatorHandler

func NewImmutableFieldsValidatorHandler(smLoader *servicemappingloader.ServiceMappingLoader, dclSchemaLoader dclschemaloader.DCLSchemaLoader, serviceMetadataLoader dclmetadata.ServiceMetadataLoader) *immutableFieldsValidatorHandler

func NewManagementConflictAnnotationDefaulter

func NewManagementConflictAnnotationDefaulter(smLoader *servicemappingloader.ServiceMappingLoader, dclSchemaLoader dclschemaloader.DCLSchemaLoader, serviceMetadataLoader dclmetadata.ServiceMetadataLoader) *managementConflictAnnotationDefaulter

func NewNoUnknownFieldsValidatorHandler

func NewNoUnknownFieldsValidatorHandler(smLoader *servicemappingloader.ServiceMappingLoader) *noUnknownFieldsValidatorHandler

func NewResourceValidatorHandler

func NewResourceValidatorHandler() *resourceValidatorHandler

func RegisterAbandonOnUninstallWebhook

func RegisterAbandonOnUninstallWebhook(mgr manager.Manager, nocacheClient client.Client) error

func RegisterCommonWebhooks

func RegisterCommonWebhooks(mgr manager.Manager, nocacheClient client.Client) error

Types

type RequestLoggingHandler

type RequestLoggingHandler struct {
	// contains filtered or unexported fields
}

func NewRequestLoggingHandler

func NewRequestLoggingHandler(handler admission.Handler, handlerName string) *RequestLoggingHandler

func (*RequestLoggingHandler) Handle

func (*RequestLoggingHandler) InjectClient

func (a *RequestLoggingHandler) InjectClient(c client.Client) error

InjectClient is called by controller-runtime to inject a client into the handler

type WebhookConfig

type WebhookConfig struct {
	Type           webhookType
	Name           string
	Path           string
	Handler        admission.Handler
	FailurePolicy  admissionregistration.FailurePolicyType
	ObjectSelector *metav1.LabelSelector
	Rules          []admissionregistration.RuleWithOperations
	SideEffects    admissionregistration.SideEffectClass
}

func GetCommonWebhookConfigs

func GetCommonWebhookConfigs() ([]WebhookConfig, error)

Directories

Path Synopsis
Package cert provides functions to manage certificates for webhookClientConfiguration.
Package cert provides functions to manage certificates for webhookClientConfiguration.
generator
Package generator provides an interface and implementation to provision certificates.
Package generator provides an interface and implementation to provision certificates.
writer
Package writer provides method to provision and persist the certificates.
Package writer provides method to provision and persist the certificates.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL