Documentation
¶
Index ¶
- func CanCanNot(b bool) string
- func CreateFakeRequestJSON(uid string, gvk metav1.GroupVersionKind, gvr metav1.GroupVersionResource, ...) ([]byte, error)
- func CreateHTTPRequest(uri, uid string, gvk metav1.GroupVersionKind, gvr metav1.GroupVersionResource, ...) (*http.Request, error)
- func SendHTTPRequest(req *http.Request, s Webhook) (*admissionv1.AdmissionResponse, error)
- type Webhook
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateFakeRequestJSON ¶
func CreateFakeRequestJSON(uid string, gvk metav1.GroupVersionKind, gvr metav1.GroupVersionResource, operation admissionv1.Operation, username string, userGroups []string, namespace string, obj, oldObject *runtime.RawExtension) ([]byte, error)
CreateFakeRequestJSON will render the []byte slice needed for the (fake) HTTP request. Inputs into this are the request UID, which GVK and GVR are being gated by this webhook, User information (username and groups), what kind of operation is being gated by this webhook and finally the runtime.RawExtension representation of the request's Object or OldObject The Object/OldObject is automatically inferred by the operation; delete operations will force OldObject To create the RawExtension:
obj := runtime.RawExtension{
Raw: []byte(rawObjString),
}
where rawObjString is a literal JSON blob, eg:
{
"metadata": {
"name": "namespace-name",
"uid": "request-userid",
"creationTimestamp": "2020-05-10T07:51:00Z"
},
"users": null
}
func CreateHTTPRequest ¶
func CreateHTTPRequest(uri, uid string, gvk metav1.GroupVersionKind, gvr metav1.GroupVersionResource, operation admissionv1.Operation, username string, userGroups []string, namespace string, obj, oldObject *runtime.RawExtension) (*http.Request, error)
CreateHTTPRequest takes all the information needed for an AdmissionReview. See also CreateFakeRequestJSON for more.
func SendHTTPRequest ¶
func SendHTTPRequest(req *http.Request, s Webhook) (*admissionv1.AdmissionResponse, error)
SendHTTPRequest will send the fake request to be handled by the Webhook
Types ¶
type Webhook ¶
type Webhook interface {
// Authorized will determine if the request is allowed
Authorized(request admissionctl.Request) admissionctl.Response
}
Webhook interface
Source Files