webhooks

package
v0.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 9, 2019 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	BlockChanges    = "enforce"
	ReportViolation = "audit"
)

Policy Reporting Modes

Variables

This section is empty.

Functions

func StringInSlice added in v0.4.0 

func StringInSlice(kind string, list []string) bool

StringInSlice checks if string is present in slice of strings

Types

type ArrayFlags added in v0.4.0 

type ArrayFlags []string

ArrayFlags to store filterkinds

func (*ArrayFlags) Set added in v0.4.0 

func (i *ArrayFlags) Set(value string) error

Set setter for array flags

func (*ArrayFlags) String added in v0.4.0 

func (i *ArrayFlags) String() string

type WebhookRegistrationClient 

type WebhookRegistrationClient struct {
	// contains filtered or unexported fields
}

WebhookRegistrationClient is client for registration webhooks on cluster

func NewWebhookRegistrationClient 

func NewWebhookRegistrationClient(clientConfig *rest.Config, client *client.Client, serverIP string, webhookTimeout int32) (*WebhookRegistrationClient, error)

NewWebhookRegistrationClient creates new WebhookRegistrationClient instance

func (*WebhookRegistrationClient) Deregister 

func (wrc *WebhookRegistrationClient) Deregister()

Deregister deletes webhook configs from cluster This function does not fail on error: Register will fail if the config exists, so there is no need to fail on error

func (*WebhookRegistrationClient) Register 

func (wrc *WebhookRegistrationClient) Register() error

Register creates admission webhooks configs on cluster

type WebhookServer 

type WebhookServer struct {
	// contains filtered or unexported fields
}

WebhookServer contains configured TLS server with MutationWebhook. MutationWebhook gets policies from policyController and takes control of the cluster with kubeclient.

func NewWebhookServer 

func NewWebhookServer(
	client *client.Client,
	tlsPair *tlsutils.TlsPemPair,
	shareInformer sharedinformer.PolicyInformer,
	eventController event.Generator,
	violationBuilder violation.Generator,
	annotationsController annotations.Controller,
	filterK8Resources string) (*WebhookServer, error)

NewWebhookServer creates new instance of WebhookServer accordingly to given configuration Policy Controller and Kubernetes Client should be initialized in configuration

func (*WebhookServer) HandleMutation 

func (ws *WebhookServer) HandleMutation(request *v1beta1.AdmissionRequest) *v1beta1.AdmissionResponse

HandleMutation handles mutating webhook admission request

func (*WebhookServer) HandlePolicyValidation added in v0.6.0 

func (ws *WebhookServer) HandlePolicyValidation(request *v1beta1.AdmissionRequest) *v1beta1.AdmissionResponse

HandlePolicyValidation performs the validation check on policy resource

func (*WebhookServer) HandleValidation 

func (ws *WebhookServer) HandleValidation(request *v1beta1.AdmissionRequest) *v1beta1.AdmissionResponse

HandleValidation handles validating webhook admission request If there are no errors in validating rule we apply generation rules

func (*WebhookServer) RunAsync 

func (ws *WebhookServer) RunAsync()

RunAsync TLS server in separate thread and returns control immediately

func (*WebhookServer) Stop 

func (ws *WebhookServer) Stop()

Stop TLS server and returns control after the server is shut down

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.