admission

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 12, 2024 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Overview

Package admission contains functions to add and retrieve admission request from context

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AdmissionRequest 

func AdmissionRequest(ctx context.Context) admission.Request

AdmissionRequest returns admission request from context

func ApprovingWebhookFor added in v0.7.0 

func ApprovingWebhookFor(ctx context.Context, approval Approval, getResourceAttributes GetResourceAttributes) *admission.Webhook

ApprovingWebhookFor creates a new Webhook for Approving the provided type.

func DefaultingWebhookFor 

func DefaultingWebhookFor(ctx context.Context, defaulter Defaulter, transforms ...TransformFunc) *admission.Webhook

DefaultingWebhookFor creates a new Webhook for Defaulting the provided type.

func RegisterDefaultWebhookFor 

func RegisterDefaultWebhookFor(ctx context.Context, mgr ctrl.Manager, defaulter Defaulter, transforms ...TransformFunc) (err error)

RegisterDefaultWebhookFor registers a mutate webhook for the defaulter with transforms

func RegisterValidateWebhookFor added in v0.3.0 

func RegisterValidateWebhookFor(ctx context.Context, mgr ctrl.Manager, validator Validator, validateCreateFuncs []ValidateCreateFunc, validateUpdateFuncs []ValidateUpdateFunc, validateDeleteFuncs []ValidateDeleteFunc) (err error)

RegisterValidateWebhookFor registers a mutate webhook for the defaulter with transforms

func SubjectFromRequest 

func SubjectFromRequest(req admission.Request) *rbacv1.Subject

SubjectFromRequest returns a user based on the request information

func ValidateApproval added in v0.7.0 

func ValidateApproval(ctx context.Context, reqUser authenticationv1.UserInfo, allowRepresentOthers, isCreateOperation bool,
	approvalSpecList []*metav1alpha1.ApprovalSpec, checkList []PairOfOldNewCheck, triggeredBy *metav1alpha1.TriggeredBy) (err error)

ValidateApproval validates the approval according by the approval spec if `allowRepresentOthers` is true, the reqUser can approve on behalf of others if `isCreateOperation` is true, the approvalSpec may be nil, skip detection of additional users

func ValidatingWebhookFor added in v0.3.0 

func ValidatingWebhookFor(ctx context.Context, validator Validator, creates []ValidateCreateFunc, updates []ValidateUpdateFunc, deletes []ValidateDeleteFunc) *admission.Webhook

ValidatingWebhookFor creates a new Webhook for Validating the provided type.

func WithAdmissionRequest 

func WithAdmissionRequest(ctx context.Context, req admission.Request) context.Context

WithAdmissionRequest adds an admission request to the context

Types

type Approval added in v0.7.0 

type Approval interface {
	runtime.Object
	metav1.Object

	// ChecksGetter gets the checks from the runtime object
	ChecksGetter

	// GetApprovalSpecs returns the list of ApprovalSpecs for the given object.
	// Used to determine if advanced permissions are available
	GetApprovalSpecs(runtime.Object) []*metav1alpha1.ApprovalSpec

	// ModifiedOthers returns true if the object has also modified other content.
	ModifiedOthers(runtime.Object, runtime.Object) bool
}

Approval defines functions for approving resources

type ApprovalWithTriggeredByGetter added in v0.7.0 

type ApprovalWithTriggeredByGetter interface {
	Approval
	TriggeredByGetter
}

ApprovalWithTriggeredByGetter defines functions for approving resources and enables `requiresDifferentApprover`

type ChecksGetter added in v0.7.0 

type ChecksGetter interface {
	GetChecks(runtime.Object) []*metav1alpha1.Check
	// SkipCreateCheck represent whether should skip checking for create request
	// Whether or not skip creating check mainly depends on the developer's permission
	// If the developer can create approval in resource directly then we should not skip
	// checking and vice versa.
	SkipCreateCheck() bool
}

ChecksGetter gets the checks from the runtime object

type ContextInjector added in v0.7.0 

type ContextInjector interface {
	InjectContext(ctx context.Context) context.Context
}

ContextInjector define function to inject context, such as logger, k8s client etc.

type Defaulter 

type Defaulter interface {
	runtime.Object
	metav1.Object
	Default(context.Context)
}

Defaulter defines functions for setting defaults on resources

type DefaulterWebhook added in v0.2.0 

type DefaulterWebhook interface {
	Defaulter
	sharedmain.WebhookSetup
	sharedmain.WebhookRegisterSetup
	WithTransformer(transformers ...TransformFunc) DefaulterWebhook
	WithLoggerName(loggerName string) DefaulterWebhook
}

func NewDefaulterWebhook added in v0.2.0 

func NewDefaulterWebhook(defaulter Defaulter) DefaulterWebhook

type GetResourceAttributes added in v0.7.0 

type GetResourceAttributes func(string) authv1.ResourceAttributes

GetResourceAttributes returns the specified verb of resouce attributes.

type PairOfOldNewCheck added in v0.7.0 

type PairOfOldNewCheck [2]*metav1alpha1.Check

PairOfOldNewCheck is a pair of old and new check

type TransformFunc 

type TransformFunc func(context.Context, runtime.Object, admission.Request)

TransformFunc used to make common defaulting logic amongst multiple resource using a context, an object and a request

func WithApprovalOperator added in v0.7.0 

func WithApprovalOperator(getter ChecksGetter) TransformFunc

WithApprovalOperator adds an approval operator to the object using the request information

func WithCancelledBy added in v0.8.0 

func WithCancelledBy(scheme *runtime.Scheme, isCancelled func(oldObj runtime.Object, newObj runtime.Object) bool) TransformFunc

WithCancelledBy adds a cancelled annotation to the object using the request information when an object already has the cancelled annotation it will only increment missing data

func WithCreatedBy added in v0.2.0 

func WithCreatedBy() TransformFunc

WithCreatedBy adds a createdBy annotation to the object using the request information when an object already has the createdBy annotation it will only increment missing data

func WithTriggeredBy 

func WithTriggeredBy() TransformFunc

WithTriggeredBy adds a triggeredBy annotation to the object using the request information when an object already has the triggeredBy annotation it will only increment missing data

func WithUpdateTime added in v0.11.0 

func WithUpdateTime() TransformFunc

WithUpdateTime adds a updateTime annotation to the object

func WithUpdatedBy added in v0.8.0 

func WithUpdatedBy() TransformFunc

WithUpdatedBy adds a updatedBy annotation to the object using the request information when an object already has the updatedBy annotation it will cover old data

type TriggeredByGetter added in v0.7.0 

type TriggeredByGetter interface {
	GetTriggeredBy(runtime.Object) *metav1alpha1.TriggeredBy
}

TriggeredByGetter get the triggerd by from the runtime object This interface should be implemented when `requiresDifferentApprover` is enabled.

type ValidateApprovalFunc added in v0.7.0 

type ValidateApprovalFunc func(ctx context.Context, reqUser authenticationv1.UserInfo,
	allowRepresentOthers bool, skipAppendCheck bool, approvalSpecList []*metav1alpha1.ApprovalSpec,
	checkList []PairOfOldNewCheck, triggeredBy *metav1alpha1.TriggeredBy) error

type ValidateCreateFunc added in v0.3.0 

type ValidateCreateFunc func(ctx context.Context, obj runtime.Object, req admission.Request) error

ValidateCreateFunc function to add validation functions when operation is create using a context, an object and a request

type ValidateDeleteFunc added in v0.3.0 

type ValidateDeleteFunc func(ctx context.Context, obj runtime.Object, req admission.Request) error

ValidateDeleteFunc function to add validation functions when operation is delete using a context, an object and a request

type ValidateUpdateFunc added in v0.3.0 

type ValidateUpdateFunc func(ctx context.Context, obj runtime.Object, old runtime.Object, req admission.Request) error

ValidateUpdateFunc function to add validation functions when operation is update using a context, the current object, the old object and a request

type Validator added in v0.3.0 

type Validator interface {
	runtime.Object
	metav1.Object
	ValidateCreate(ctx context.Context) error
	ValidateUpdate(ctx context.Context, old runtime.Object) error
	ValidateDelete(ctx context.Context) error
}

Validator defines functions for validating an operation

type ValidatorWebhook added in v0.3.0 

type ValidatorWebhook interface {
	Validator
	sharedmain.WebhookSetup
	sharedmain.WebhookRegisterSetup
	WithValidateCreate(creates ...ValidateCreateFunc) ValidatorWebhook
	WithValidateUpdate(updates ...ValidateUpdateFunc) ValidatorWebhook
	WithValidateDelete(deletes ...ValidateDeleteFunc) ValidatorWebhook
	WithLoggerName(loggerName string) ValidatorWebhook
}

func NewValidatorWebhook added in v0.3.0 

func NewValidatorWebhook(validator Validator) ValidatorWebhook

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.