server

Documentation

Index

• func Run(ctx context.Context)
• type Config
• type Policy
• type PolicySettings
• type Server
  • func (s *Server) LogAndPrintError(user string, err error)
  • func (s *Server) ValidatingWebhook(w http.ResponseWriter, r *http.Request)

Functions

func Run

func Run(ctx context.Context)

Run starts the API server

Types

type Config

type Config struct {
	LogLevel              string   `json:"log_level"`
	ClusterName           string   `json:"cluster_name"`
	BlacklistedNamespaces []string `json:"blacklisted_namespaces"`
	TLS                   struct {
		Cert string
		Key  string
	}
	GlobalReportOnly     bool `json:"global_report_only"`
	GlobalMetricsEnabled bool `json:"global_metrics_enabled"`
	Policies             []PolicySettings
	PolicyConfig         policies.Config        `json:"policy_config"`
	PluginConfig         map[string]interface{} `json:"plugin_config"`
}

type Policy

type Policy interface {
	Name() string
	Validate(ctx context.Context,
		config policies.Config,
		ar *admissionv1.AdmissionRequest,
	) ([]policies.ResourceViolation, []policies.PatchOperation)
}

Policy specifies how a Policy is implemented Returns a slice of violations and an optional slice of patch operations if mutation is desired.

type PolicySettings

type PolicySettings struct {
	Name       string
	Enabled    bool
	ReportOnly bool `json:"report_only"`
}

type Server

type Server struct {
	Config             Config
	RequestedShutdown  bool
	EnforcedPolicies   []Policy
	ReportOnlyPolicies []Policy
	Exemptions         []policies.CompiledExemption
	Plugins            []plugins.Plugin
}

Server contains configuration state needed for the API server

func (*Server) LogAndPrintError

func (s *Server) LogAndPrintError(user string, err error)

func (*Server) ValidatingWebhook

func (s *Server) ValidatingWebhook(w http.ResponseWriter, r *http.Request)

ValidatingWebhook is a ValidatingWebhook endpoint that accepts K8s resources to process