http

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 28, 2018 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func HandlerFor 

func HandlerFor(webhook webhook.Webhook) (http.Handler, error)

HandlerFor returns a new http.Handler ready to handle admission reviews using a a webhook.

Example (ServeMultipleWebhooks)

ServeMultipleWebhooks shows how to serve multiple webhooks in the same server. 

package main

import (
	"context"
	"fmt"
	"net/http"

	corev1 "k8s.io/api/core/v1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	whhttp "github.com/slok/kubewebhook/pkg/http"
	"github.com/slok/kubewebhook/pkg/webhook/mutating"
	"github.com/slok/kubewebhook/pkg/webhook/validating"
)

func main() {
	// Create (in)validator.
	v := validating.ValidatorFunc(func(_ context.Context, obj metav1.Object) (bool, validating.ValidatorResult, error) {
		// Assume always is a pod (you should check type assertion is ok to not panic).
		pod := obj.(*corev1.Pod)

		res := validating.ValidatorResult{
			Valid:   false,
			Message: fmt.Sprintf("%s/%s denied because sll pods will be denied", pod.Namespace, pod.Name),
		}
		return false, res, nil
	})

	// Create a stub mutator.
	m := mutating.MutatorFunc(func(_ context.Context, obj metav1.Object) (bool, error) {
		return false, nil
	})

	// Create webhooks (don't check error).
	vcfg := validating.WebhookConfig{
		Name: "validatingServeWebhook",
		Obj:  &corev1.Pod{},
	}
	vwh, _ := validating.NewWebhook(vcfg, v, nil, nil)
	vwhHandler, _ := whhttp.HandlerFor(vwh)

	mcfg := mutating.WebhookConfig{
		Name: "muratingServeWebhook",
		Obj:  &corev1.Pod{},
	}
	mwh, _ := mutating.NewWebhook(mcfg, m, nil, nil)
	mwhHandler, _ := whhttp.HandlerFor(mwh)

	// Create a muxer and handle different webhooks in different paths of the server.
	mux := http.NewServeMux()
	mux.Handle("/validate-pod", vwhHandler)
	mux.Handle("/mutate-pod", mwhHandler)
	http.ListenAndServeTLS(":8080", "file.cert", "file.key", mux)
}

Output:
Example (ServeWebhook)

ServeWebhook shows how to serve a validating webhook that denies all pods. 

package main

import (
	"context"
	"fmt"
	"net/http"

	corev1 "k8s.io/api/core/v1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	whhttp "github.com/slok/kubewebhook/pkg/http"
	"github.com/slok/kubewebhook/pkg/webhook/validating"
)

func main() {
	// Create (in)validator.
	v := validating.ValidatorFunc(func(_ context.Context, obj metav1.Object) (bool, validating.ValidatorResult, error) {
		// Assume always is a pod (you should check type assertion is ok to not panic).
		pod := obj.(*corev1.Pod)

		res := validating.ValidatorResult{
			Valid:   false,
			Message: fmt.Sprintf("%s/%s denied because sll pods will be denied", pod.Namespace, pod.Name),
		}
		return false, res, nil
	})

	// Create webhook (don't check error).
	cfg := validating.WebhookConfig{
		Name: "serveWebhook",
		Obj:  &corev1.Pod{},
	}
	wh, _ := validating.NewWebhook(cfg, v, nil, nil)

	// Get webhook handler and serve (webhooks need to be server with TLS).
	whHandler, _ := whhttp.HandlerFor(wh)
	http.ListenAndServeTLS(":8080", "file.cert", "file.key", whHandler)
}

Output:

func MustHandlerFor added in v0.1.1 

func MustHandlerFor(webhook webhook.Webhook) http.Handler

MustHandlerFor it's the same as HandleFor but will panic instead of returning a error.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.