webhook

package
v1.43.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 4, 2022 License: Apache-2.0, BSD-2-Clause, MIT, + 1 more Imports: 35 Imported by: 94

Documentation

Index

Constants

View Source
const (
	// ModeService is a constant for the webhook mode indicating that the controller is running inside of the Kubernetes cluster it
	// is serving.
	ModeService = "service"
	// ModeURL is a constant for the webhook mode indicating that the controller is running outside of the Kubernetes cluster it
	// is serving. If this is set then a URL is required for configuration.
	ModeURL = "url"
	// ModeURLWithServiceName is a constant for the webhook mode indicating that the controller is running outside of the Kubernetes cluster it
	// is serving but in the same cluster like the kube-apiserver. If this is set then a URL is required for configuration.
	ModeURLWithServiceName = "url-service"
)
View Source
const (
	// NamePrefix is the prefix used for {Valida,Muta}tingWebhookConfigurations of extensions.
	NamePrefix = "gardener-extension-"
	// NameSuffixShoot is the suffix used for {Valida,Muta}tingWebhookConfigurations of extensions targeting a shoot.
	NameSuffixShoot = "-shoot"
)
View Source
const (
	// TargetSeed defines that the webhook is to be installed in the seed.
	TargetSeed = "seed"
	// TargetShoot defines that the webhook is to be installed in the shoot.
	TargetShoot = "shoot"

	// ValidatorName is a common name for a validation webhook.
	ValidatorName = "validator"
	// ValidatorPath is a common path for a validation webhook.
	ValidatorPath = "/webhooks/validate"
)

Variables

This section is empty.

Functions

func AppendUniqueUnit

func AppendUniqueUnit(units *[]extensionsv1alpha1.Unit, unit extensionsv1alpha1.Unit)

AppendUniqueUnit appens a unit only if it does not exist.

func ContainerWithName

func ContainerWithName(containers []corev1.Container, name string) *corev1.Container

ContainerWithName returns the container with the given name if it exists in the given slice, nil otherwise.

func DeserializeCommandLine

func DeserializeCommandLine(s string) []string

DeserializeCommandLine de-serializes the given string to a slice of command line elements by splitting it on white space and the "\" character.

func EnsureAnnotationOrLabel

func EnsureAnnotationOrLabel(annotationOrLabelMap map[string]string, key, value string) map[string]string

EnsureAnnotationOrLabel ensures the given key/value exists in the annotationOrLabelMap map.

func EnsureContainerWithName

func EnsureContainerWithName(items []corev1.Container, item corev1.Container) []corev1.Container

EnsureContainerWithName ensures that a Container with a name equal to the name of the given Container exists in the given slice and is equal to the given Container.

func EnsureEnvVarWithName

func EnsureEnvVarWithName(items []corev1.EnvVar, item corev1.EnvVar) []corev1.EnvVar

EnsureEnvVarWithName ensures that a EnvVar with a name equal to the name of the given EnvVar exists in the given slice and is equal to the given EnvVar.

func EnsureFileWithPath

func EnsureFileWithPath(items []extensionsv1alpha1.File, item extensionsv1alpha1.File) []extensionsv1alpha1.File

EnsureFileWithPath ensures that a file with a path equal to the path of the given file exists in the given slice and is equal to the given file.

func EnsureNoContainerWithName

func EnsureNoContainerWithName(items []corev1.Container, name string) []corev1.Container

EnsureNoContainerWithName ensures that a Container with the given name does not exist in the given slice.

func EnsureNoEnvVarWithName

func EnsureNoEnvVarWithName(items []corev1.EnvVar, name string) []corev1.EnvVar

EnsureNoEnvVarWithName ensures that a EnvVar with the given name does not exist in the given slice.

func EnsureNoPVCWithName

func EnsureNoPVCWithName(items []corev1.PersistentVolumeClaim, name string) []corev1.PersistentVolumeClaim

EnsureNoPVCWithName ensures that a PVC with the given name does not exist in the given slice.

func EnsureNoStringWithPrefix

func EnsureNoStringWithPrefix(items []string, prefix string) []string

EnsureNoStringWithPrefix ensures that a string having the given prefix does not exist in the given slice.

func EnsureNoStringWithPrefixContains

func EnsureNoStringWithPrefixContains(items []string, prefix, value, sep string) []string

EnsureNoStringWithPrefixContains ensures that either a string having the given prefix does not exist in the given slice, or it doesn't contain the given value in a list separated by sep.

func EnsureNoVolumeMountWithName

func EnsureNoVolumeMountWithName(items []corev1.VolumeMount, name string) []corev1.VolumeMount

EnsureNoVolumeMountWithName ensures that a VolumeMount with the given name does not exist in the given slice.

func EnsureNoVolumeWithName

func EnsureNoVolumeWithName(items []corev1.Volume, name string) []corev1.Volume

EnsureNoVolumeWithName ensures that a Volume with the given name does not exist in the given slice.

func EnsurePVCWithName

EnsurePVCWithName ensures that a PVC with a name equal to the name of the given PVC exists in the given slice and is equal to the given PVC.

func EnsureStringWithPrefix

func EnsureStringWithPrefix(items []string, prefix, value string) []string

EnsureStringWithPrefix ensures that a string having the given prefix exists in the given slice with a value equal to prefix + value.

func EnsureStringWithPrefixContains

func EnsureStringWithPrefixContains(items []string, prefix, value, sep string) []string

EnsureStringWithPrefixContains ensures that a string having the given prefix exists in the given slice and contains the given value in a list separated by sep.

func EnsureUnitOption

func EnsureUnitOption(items []*unit.UnitOption, item *unit.UnitOption) []*unit.UnitOption

EnsureUnitOption ensures the given unit option exist in the given slice.

func EnsureVolumeMountWithName

func EnsureVolumeMountWithName(items []corev1.VolumeMount, item corev1.VolumeMount) []corev1.VolumeMount

EnsureVolumeMountWithName ensures that a VolumeMount with a name equal to the name of the given VolumeMount exists in the given slice and is equal to the given VolumeMount.

func EnsureVolumeWithName

func EnsureVolumeWithName(items []corev1.Volume, item corev1.Volume) []corev1.Volume

EnsureVolumeWithName ensures that a Volume with a name equal to the name of the given Volume exists in the given slice and is equal to the given Volume.

func FileWithPath

func FileWithPath(files []extensionsv1alpha1.File, path string) *extensionsv1alpha1.File

FileWithPath returns the file with the given path if it exists in the given slice, nil otherwise.

func GenerateCertificates

func GenerateCertificates(ctx context.Context, mgr manager.Manager, certDir, namespace, name, mode, url string) ([]byte, error)

GenerateCertificates generates the certificates that are required for a webhook. It returns the ca bundle, and it stores the server certificate and key locally on the file system.

func LogMutation

func LogMutation(logger logr.Logger, kind, namespace, name string)

LogMutation provides a log message.

func NewHandlerWithShootClient

func NewHandlerWithShootClient(mgr manager.Manager, types []Type, mutator MutatorWithShootClient, logger logr.Logger) (http.Handler, error)

NewHandlerWithShootClient creates a new handler for the given types, using the given mutator, and logger.

func PVCWithName

PVCWithName returns the PersistentVolumeClaim with the given name if it exists in the given slice, nil otherwise.

func RegisterWebhooks

func RegisterWebhooks(ctx context.Context, mgr manager.Manager, namespace, providerName string, servicePort int, mode, url string, caBundle []byte, webhooks []*Webhook) (webhooksToRegisterSeed []admissionregistrationv1.MutatingWebhook, webhooksToRegisterShoot []admissionregistrationv1.MutatingWebhook, err error)

RegisterWebhooks registers the given webhooks in the Kubernetes cluster targeted by the provided manager.

func SerializeCommandLine

func SerializeCommandLine(command []string, n int, sep string) string

SerializeCommandLine serializes the given command line elements slice to a string by joining the first n+1 elements with a space " ", and all subsequent elements with the given separator.

func StringIndex

func StringIndex(items []string, value string) int

StringIndex returns the index of the first occurrence of the given string in the given slice, or -1 if not found.

func StringWithPrefixIndex

func StringWithPrefixIndex(items []string, prefix string) int

StringWithPrefixIndex returns the index of the first occurrence of a string having the given prefix in the given slice, or -1 if not found.

func UnitOptionWithSectionAndName

func UnitOptionWithSectionAndName(opts []*unit.UnitOption, section, name string) *unit.UnitOption

UnitOptionWithSectionAndName returns the unit option with the given section and name if it exists in the given slice, nil otherwise.

func UnitWithName

func UnitWithName(units []extensionsv1alpha1.Unit, name string) *extensionsv1alpha1.Unit

UnitWithName returns the unit with the given name if it exists in the given slice, nil otherwise.

Types

type Args added in v1.4.0

type Args struct {
	Provider   string
	Name       string
	Path       string
	Predicates []predicate.Predicate
	Validators map[Validator][]Type
	Mutators   map[Mutator][]Type
}

Args contains Webhook creation arguments.

type HandlerBuilder added in v1.4.0

type HandlerBuilder struct {
	// contains filtered or unexported fields
}

HandlerBuilder contains information which are required to create an admission handler.

func NewBuilder added in v1.4.0

func NewBuilder(mgr manager.Manager, logger logr.Logger) *HandlerBuilder

NewBuilder creates a new HandlerBuilder.

func (*HandlerBuilder) Build added in v1.4.0

func (b *HandlerBuilder) Build() (admission.Handler, error)

Build creates a new admission.Handler with the settings previously specified with the HandlerBuilder's functions.

func (*HandlerBuilder) WithMutator added in v1.4.0

func (b *HandlerBuilder) WithMutator(mutator Mutator, types ...Type) *HandlerBuilder

WithMutator adds the given mutator for the given types to the HandlerBuilder.

func (*HandlerBuilder) WithPredicates added in v1.4.0

func (b *HandlerBuilder) WithPredicates(predicates ...predicate.Predicate) *HandlerBuilder

WithPredicates adds the given predicates to the HandlerBuilder.

func (*HandlerBuilder) WithValidator added in v1.4.0

func (b *HandlerBuilder) WithValidator(validator Validator, types ...Type) *HandlerBuilder

WithValidator adds the given validator for the given types to the HandlerBuilder.

type MutateFunc added in v1.4.0

type MutateFunc func(ctx context.Context, new, old client.Object) error

MutateFunc is a func to be used directly as an implementation for Mutator

func (MutateFunc) Mutate added in v1.4.0

func (mf MutateFunc) Mutate(ctx context.Context, new, old client.Object) error

Mutate validates and if needed mutates the given object.

type Mutator

type Mutator interface {
	// Mutate validates and if needed mutates the given object.
	// "old" is optional and it must always be checked for nil.
	Mutate(ctx context.Context, new, old client.Object) error
}

Mutator validates and if needed mutates objects.

type MutatorWithShootClient

type MutatorWithShootClient interface {
	// Mutate validates and if needed mutates the given object.
	// "old" is optional and it must always be checked for nil.
	Mutate(ctx context.Context, new, old client.Object, shootClient client.Client) error
}

MutatorWithShootClient validates and if needed mutates objects. It needs the shoot client.

type Type added in v1.39.0

type Type struct {
	Obj         client.Object
	Subresource *string
}

Type contains information about the Kubernetes object types and subresources the webhook acts upon.

type Validator added in v1.4.0

type Validator interface {
	Validate(ctx context.Context, new, old client.Object) error
}

Validator validates objects.

type Webhook

type Webhook struct {
	Name           string
	Kind           string
	Provider       string
	Path           string
	Target         string
	Types          []Type
	Webhook        *admission.Webhook
	Handler        http.Handler
	Selector       *metav1.LabelSelector
	ObjectSelector *metav1.LabelSelector
	FailurePolicy  *admissionregistrationv1.FailurePolicyType
	TimeoutSeconds *int32
}

Webhook is the specification of a webhook.

func New added in v1.4.0

func New(mgr manager.Manager, args Args) (*Webhook, error)

New creates a new Webhook with the given args.

Directories

Path Synopsis
mock
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.
genericmutator/mock
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL