tenantwh

package

v0.0.0-...-2e8aeb9 Latest Latest Go to latest Published: Jul 26, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/netgroup-polito/CrownLabs

Documentation ¶

Overview ¶

Package tenantwh groups the functionalities related to the Tenant webhook.

Index ¶

Constants
func CalculateWorkspacesDiff(a, b *clv1alpha2.Tenant) map[string]bool
func MakeTenantMutator(c client.Client, webhookBypassGroups []string, ...) *webhook.Admission
func MakeTenantValidator(c client.Client, webhookBypassGroups []string) *webhook.Admission
type TenantMutator
type TenantValidator
type TenantWebhook

Constants ¶

View Source

const LastLoginToleration = time.Hour * 24

LastLoginToleration defines the maximum skew with respect to the current time that is accepted by the webhook for the LastLogin field.

Variables ¶

This section is empty.

Functions ¶

func CalculateWorkspacesDiff ¶

func CalculateWorkspacesDiff(a, b *clv1alpha2.Tenant) map[string]bool

CalculateWorkspacesDiff returns the list of workspaces that are different between two tenants.

func MakeTenantMutator ¶

func MakeTenantMutator(c client.Client, webhookBypassGroups []string, opSelectorKey, opSelectorValue string, baseWorkspaces []string) *webhook.Admission

MakeTenantMutator creates a new webhook handler suitable for controller runtime based on TenantMutator.

func MakeTenantValidator ¶

func MakeTenantValidator(c client.Client, webhookBypassGroups []string) *webhook.Admission

MakeTenantValidator creates a new webhook handler suitable for controller runtime based on TenantValidator.

Types ¶

type TenantMutator ¶

type TenantMutator struct {
	TenantWebhook
	// contains filtered or unexported fields
}

TenantMutator labels Tenants.

func (*TenantMutator) CreatePatchResponse ¶

func (tm *TenantMutator) CreatePatchResponse(ctx context.Context, req *admission.Request, tenant *clv1alpha2.Tenant) admission.Response

CreatePatchResponse creates and admission response with the given tenant.

func (*TenantMutator) EnforceTenantBaseWorkspaces ¶

func (tm *TenantMutator) EnforceTenantBaseWorkspaces(ctx context.Context, tenant *clv1alpha2.Tenant)

EnforceTenantBaseWorkspaces ensure base workspaces are present in the given tenant.

func (*TenantMutator) EnforceTenantLabels ¶

func (tm *TenantMutator) EnforceTenantLabels(ctx context.Context, req *admission.Request, oldLabels map[string]string) (labels map[string]string, warnings []string, err error)

EnforceTenantLabels sets operator selector labels.

func (*TenantMutator) Handle ¶

func (tm *TenantMutator) Handle(ctx context.Context, req admission.Request) admission.Response

Handle on TenantMutator adds operator selector labels to new tenants and prevents possible changes - this method is used by controller runtime.

type TenantValidator ¶

type TenantValidator struct{ TenantWebhook }

TenantValidator validates Tenants.

func (*TenantValidator) Handle ¶

func (tv *TenantValidator) Handle(ctx context.Context, req admission.Request) admission.Response

Handle admits a tenant if user is editing its own tenant or a user is adding/removing workspaces they own to/from another user - this method is used by controller runtime.

func (*TenantValidator) HandleSelfEdit ¶

func (tv *TenantValidator) HandleSelfEdit(ctx context.Context, newTenant, oldTenant *clv1alpha2.Tenant) admission.Response

HandleSelfEdit checks every field but public keys for changes through DeepEqual.

func (*TenantValidator) HandleWorkspaceEdit ¶

func (tv *TenantValidator) HandleWorkspaceEdit(ctx context.Context, newTenant, oldTenant, manager *clv1alpha2.Tenant, operation admissionv1.Operation) admission.Response

HandleWorkspaceEdit checks that changes made to the workspaces have been made by a valid manager, then checks other fields not to have been modified through DeepEqual.

type TenantWebhook ¶

type TenantWebhook struct {
	Client client.Client

	BypassGroups []string // current ns SAs group: system:serviceaccounts:NAMESPACE
	// contains filtered or unexported fields
}

TenantWebhook holds data needed by webhooks.

func (*TenantWebhook) CheckWebhookOverride ¶

func (twh *TenantWebhook) CheckWebhookOverride(req *admission.Request) bool

CheckWebhookOverride verifies the subject who triggered the request can override the webhooks behavior.

func (*TenantWebhook) DecodeTenant ¶

func (twh *TenantWebhook) DecodeTenant(obj runtime.RawExtension) (tenant *clv1alpha2.Tenant, err error)

DecodeTenant decodes the tenant from the incoming request.

func (*TenantWebhook) GetClusterTenant ¶

func (twh *TenantWebhook) GetClusterTenant(ctx context.Context, name string) (tenant *clv1alpha2.Tenant, err error)

GetClusterTenant retrieves the tenant from the cluster given the name.

func (*TenantWebhook) InjectDecoder ¶

func (twh *TenantWebhook) InjectDecoder(d *admission.Decoder) error

InjectDecoder injects the decoder - this method is used by controller runtime.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL