ext

package
v0.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2025 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	AddToScheme = schemeBuilder.AddToScheme
)

Functions

func ConvertListOptions added in v0.5.2 

func ConvertListOptions(options *metainternalversion.ListOptions) (*metav1.ListOptions, error)

ConvertListOptions converts an internal ListOptions to one used by client-go.

This can be useful if wrapping Watch or List methods to client-go's equivalent.

func ConvertToTable added in v0.5.2 

func ConvertToTable[T runtime.Object](ctx context.Context, object runtime.Object, tableOptions runtime.Object, groupResource schema.GroupResource, columnDefs []metav1.TableColumnDefinition, convertFn ConvertFunc[T]) (*metav1.Table, error)

ConvertToTable helps implement rest.Lister and rest.TableConvertor.

It converts an object or a list of objects to a Table, which is used by kubectl (and Rancher UI) to display a table of the items.

func ConvertToTableDefault added in v0.5.2 

func ConvertToTableDefault[T runtime.Object](ctx context.Context, object runtime.Object, tableOptions runtime.Object, groupResource schema.GroupResource) (*metav1.Table, error)

ConvertToTableDefault helps implement rest.Lister and rest.TableConvertor.

This uses the default table conversion that displays the following two columns: Name and Created At.

func CreateOrUpdate added in v0.5.2 

func CreateOrUpdate[T runtime.Object](
	ctx context.Context,
	name string,
	objInfo rest.UpdatedObjectInfo,
	createValidation rest.ValidateObjectFunc,
	updateValidation rest.ValidateObjectUpdateFunc,
	forceAllowCreate bool,
	options *metav1.UpdateOptions,
	getFn func(ctx context.Context, name string, opts *metav1.GetOptions) (T, error),
	createFn func(ctx context.Context, obj T, opts *metav1.CreateOptions) (T, error),
	updateFn func(ctx context.Context, obj T, opts *metav1.UpdateOptions) (T, error),
) (runtime.Object, bool, error)

CreateOrUpdate helps implement rest.Updater by handling most of the logic.

It will call getFn to find the object. If not found, then createFn will be called, which should create the object. Otherwise, the updateFn will be called, which should update the object.

createValidation is called before createFn. It will do validation such as:

updateValidation is called before updateFn. It will do validation such as: - running mutating/validating webhooks (though we're not using them yet)

Types

type AccessSetAuthorizer 

type AccessSetAuthorizer struct {
	// contains filtered or unexported fields
}

func NewAccessSetAuthorizer 

func NewAccessSetAuthorizer(asl accesscontrol.AccessSetLookup) *AccessSetAuthorizer

func (*AccessSetAuthorizer) Authorize 

func (a *AccessSetAuthorizer) Authorize(ctx context.Context, attrs authorizer.Attributes) (authorized authorizer.Decision, reason string, err error)

Authorize implements authorizer.Authorizer.

type ConvertFunc added in v0.5.2 

type ConvertFunc[T runtime.Object] func(obj T) []string

ConvertFunc will convert an object to a list of cell in a metav1.Table (think kubectl get table output)

type ExtensionAPIServer 

type ExtensionAPIServer struct {
	// contains filtered or unexported fields
}

ExtensionAPIServer wraps a genericapiserver.GenericAPIServer to implement a Kubernetes extension API server.

Use NewExtensionAPIServer to create an ExtensionAPIServer.

Use ExtensionAPIServer.Install to add a new resource store onto an existing ExtensionAPIServer. Each resources will then be reachable via /apis/<group>/<version>/<resource> as defined by the Kubernetes API.

When ExtensionAPIServer.Run is called, a separate HTTPS server is started. This server is meant for the main kube-apiserver to communicate with our extension API server. We can expect the following requests from the main kube-apiserver: 

<path>                 <user>                 <groups>
/openapi/v2            system:aggregator      [system:authenticated]
/openapi/v3            system:aggregator      [system:authenticated]
/apis                  system:kube-aggregator [system:masters system:authenticated]
/apis/ext.cattle.io/v1 system:kube-aggregator [system:masters system:authenticated]

func NewExtensionAPIServer 

func NewExtensionAPIServer(scheme *runtime.Scheme, codecs serializer.CodecFactory, opts ExtensionAPIServerOptions) (*ExtensionAPIServer, error)

func (*ExtensionAPIServer) GetAuthorizer added in v0.5.2 

func (s *ExtensionAPIServer) GetAuthorizer() authorizer.Authorizer

GetAuthorizer returns the authorizer used by the extension server to authorize requests

This can be used to inject the authorizer in stores that need them.

func (*ExtensionAPIServer) Install added in v0.5.2 

func (s *ExtensionAPIServer) Install(resourceName string, gvk schema.GroupVersionKind, storage rest.Storage) error

Install adds a new store to the extension API server.

A store implements handlers for the various operations (verbs) supported for a defined GVK / GVR. For example, a store for a (apiVersion: ext.cattle.io/v1, kind: Tokens) Custom Resource could implement create and watch verbs.

A store MUST implement the following interfaces: rest.Storage, rest.Scoper, rest.GroupVersionKindProvider and rest.SingularNameProvider.

Implementing the various verbs goes as follows:

Most of these methods have a context.Context parameter that can be used to get more information about the request. Here are some examples:

For an example store implementing these, please look at the testStore type with the caveat that it is a dummy test-special purpose store.

Note that errors returned by any operations above MUST be of type k8s.io/apimachinery/pkg/api/errors.APIStatus. These can be created with k8s.io/apimachinery/pkg/api/errors.NewNotFound, etc. If an error of unknown type is returned, the library will log an error message.

func (*ExtensionAPIServer) Run 

func (s *ExtensionAPIServer) Run(ctx context.Context) error

Run prepares and runs the separate HTTPS server. It also configures the handler so that ServeHTTP can be used.

func (*ExtensionAPIServer) ServeHTTP 

func (s *ExtensionAPIServer) ServeHTTP(w http.ResponseWriter, req *http.Request)

type ExtensionAPIServerOptions 

type ExtensionAPIServerOptions struct {
	// GetOpenAPIDefinitions is collection of all definitions. Required.
	GetOpenAPIDefinitions             openapicommon.GetOpenAPIDefinitions
	OpenAPIDefinitionNameReplacements map[string]string

	// Authenticator will be used to authenticate requests coming to the
	// extension API server. Required.
	Authenticator authenticator.Request

	// Authorizer will be used to authorize requests based on the user,
	// operation and resources. Required.
	//
	// Use [NewAccessSetAuthorizer] for an authorizer that uses Steve's access set.
	Authorizer authorizer.Authorizer

	// Listener is the TCP listener that is used to listen to the extension API server
	// that is reached by the main kube-apiserver. Required.
	Listener net.Listener

	// EffectiveVersion determines which features and apis are supported
	// by our custom API server.
	//
	// This is a new alpha feature from Kubernetes, the details can be
	// found here: https://github.com/kubernetes/enhancements/tree/master/keps/sig-architecture/4330-compatibility-versions
	//
	// If nil, the default version is the version of the Kubernetes Go library
	// compiled in the final binary.
	EffectiveVersion utilversion.EffectiveVersion
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.