admission

package
v0.5.0-rc5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 13, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package admission holds definitions and functions for admissionWebhook.

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrInvalidRequest error returned when the requested operation with the requested fields are invalid.
	ErrInvalidRequest = fmt.Errorf("invalid request")
	// ErrUnsupportedOperation error returned when a validator is unable to validate the received operation.
	ErrUnsupportedOperation = fmt.Errorf("unsupported operation")
	// SlowTraceDuration duration to use when determining if a webhookHandler is slow.
	SlowTraceDuration = time.Second * 2
)

Functions

func CreateWebhookName

func CreateWebhookName(handler WebhookHandler, suffix string) string

CreateWebhookName returns a new name for the given webhook handler with the given suffix.

func NewDefaultMutatingWebhook

func NewDefaultMutatingWebhook(handler WebhookHandler, clientConfig v1.WebhookClientConfig, scope v1.ScopeType, ops []v1.OperationType) *v1.MutatingWebhook

NewDefaultMutatingWebhook creates a new MutatingWebhook based on the WebhookHandler provided. The path set on the client config will be appended with the webhooks path. The return webhook will not be nil.

func NewDefaultValidatingWebhook

func NewDefaultValidatingWebhook(handler WebhookHandler, clientConfig v1.WebhookClientConfig, scope v1.ScopeType, ops []v1.OperationType) *v1.ValidatingWebhook

NewDefaultValidatingWebhook creates a new ValidatingWebhook based on the WebhookHandler provided. The path set on the client config will be appended with the webhooks path. The return webhook will not be nil.

func NewMutatingHandlerFunc added in v0.3.4

func NewMutatingHandlerFunc(handler MutatingAdmissionHandler) http.HandlerFunc

NewMutatingHandlerFunc returns a new HandlerFunc that will call the function returned by the MutatingAdmissionHandler's AdmitFunc() call.

func NewValidatingHandlerFunc added in v0.3.4

func NewValidatingHandlerFunc(handler ValidatingAdmissionHandler) http.HandlerFunc

NewValidatingHandlerFunc returns a new HandlerFunc that will call the functions returned by the ValidatingAdmissionHandler's AdmitFuncs() call. If it encounters a failure or an error, it short-circuts and returns immediately.

func Path

func Path(basePath string, handler WebhookHandler) string

Path returns the path of the webhook joined with the given basePath.

func Ptr

func Ptr[T any](value T) *T

Ptr is a generic function that returns the pointer of T.

func ResponseAllowed

func ResponseAllowed() *admissionv1.AdmissionResponse

ResponseAllowed returns a minimal AdmissionResponse in which Allowed is true

func ResponseBadRequest

func ResponseBadRequest(message string) *admissionv1.AdmissionResponse

ResponseBadRequest returns an AdmissionResponse for BadRequest(err code 400) the message is used as the message in the response

func ResponseFailedEscalation added in v0.3.6

func ResponseFailedEscalation(message string) *admissionv1.AdmissionResponse

ResponseFailedEscalation returns an AdmissionResponse a failed escalation check.

func SubPath

func SubPath(gvr schema.GroupVersionResource) string

SubPath returns the subpath to use for the given gvr.

Types

type Admitter added in v0.3.4

type Admitter interface {
	Admit(*Request) (*admissionv1.AdmissionResponse, error)
}

Admitter handles webhook admission requests sent to this webhook. The response returned by the WebhookHandler will be forwarded to the kube-api server. If the WebhookHandler can not accurately evaluate the request it should return an error.

type MutatingAdmissionHandler

type MutatingAdmissionHandler interface {
	WebhookHandler
	// Since mutators can change a resource, each MutatingAdmissionHandler can only use 1 admit function.
	Admitter

	// MutatingWebhook returns a list of configurations to route to this handler.
	//
	// MutatingWebhook functions allows MutatingAdmissionHandler to perform modifications to the default configuration if needed.
	// A default configuration can be made using NewDefaultMutatingWebhook(...)
	// Most Webhooks implementing MutatingWebhook will only return one configuration.
	MutatingWebhook(clientConfig v1.WebhookClientConfig) []v1.MutatingWebhook
}

MutatingAdmissionHandler is a handler used for creating a MutatingAdmission Webhook.

type Request

type Request struct {
	admissionv1.AdmissionRequest
	Context context.Context
}

Request is a simple wrapper for an AdmissionRequest that includes the context from the original http.Request.

type ValidatingAdmissionHandler

type ValidatingAdmissionHandler interface {
	WebhookHandler

	// ValidatingWebhook returns a list of configurations to route to this handler.
	//
	// This functions allows ValidatingAdmissionHandler to perform modifications to the default configuration if needed.
	// A default configuration can be made using NewDefaultValidatingWebhook(...)
	// Most Webhooks implementing ValidatingWebhook will only return one configuration.
	ValidatingWebhook(clientConfig v1.WebhookClientConfig) []v1.ValidatingWebhook

	// Admitters returns the admitters that this handler will call when evaluating a resource. If any one of these
	// fails or encounters an error, the failure/error is immediately returned and the rest are short-circuted.
	Admitters() []Admitter
}

ValidatingAdmissionHandler is a handler used for creating a ValidationAdmission Webhook.

type WebhookHandler

type WebhookHandler interface {
	// GVR returns GroupVersionResource that the Webhook reviews.
	// The returned GVR is used to define the route for accessing this webhook as well as creating the Webhooks Name.
	// Thus the GVR returned must be unique from other WebhookHandlers of the same type e.g.(Mutating or Validating).
	// If a WebhookHandler desires to monitor all resources in a group the Resource defined int he GVR should be "*".
	// If a WebhookHandler desires to monitor a core type the Group can be left empty "".
	GVR() schema.GroupVersionResource

	// Operations returns list of operations that this WebhookHandler supports.
	// Handlers will only be sent request with operations that are contained in the provided list.
	Operations() []v1.OperationType
}

WebhookHandler base interface for both ValidatingAdmissionHandler and MutatingAdmissionHandler. WebhookHandler is used for creating new http.HandlerFunc for each Webhook.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL