admission

package
v0.1.47 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2024 License: Apache-2.0 Imports: 19 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FlagSet 

func FlagSet() *flag.FlagSet

Get our flags as a go flag set.

func InitFlags 

func InitFlags(flagset *flag.FlagSet)

Add our flags to specified go flag set. If flagset is nil, the default flag set will be used.

func RegisterMutatingWebhook 

func RegisterMutatingWebhook[T runtime.Object](w MutatingWebhook[T], scheme *runtime.Scheme, log logr.Logger) error

Register mutating webhook to be served by Serve(). Must be called before Serve(). The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func RegisterMutatingWebhookWithRouter 

func RegisterMutatingWebhookWithRouter[T runtime.Object](w MutatingWebhook[T], scheme *runtime.Scheme, log logr.Logger, router Router) error

Register mutating webhook with router (such as http.ServeMux or gorilla's mux.Router). The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func RegisterValidatingWebhook 

func RegisterValidatingWebhook[T runtime.Object](w ValidatingWebhook[T], scheme *runtime.Scheme, log logr.Logger) error

Register validating webhook to be served by Serve(). Must be called before Serve(). The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func RegisterValidatingWebhookWithRouter 

func RegisterValidatingWebhookWithRouter[T runtime.Object](w ValidatingWebhook[T], scheme *runtime.Scheme, log logr.Logger, router Router) error

Register validating webhook with router (such as http.ServeMux or gorilla's mux.Router). The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func RegisterWebhook 

func RegisterWebhook[T runtime.Object](w Webhook[T], scheme *runtime.Scheme, log logr.Logger) error

Register a joint webhook (i.e. being validating and mutating at the same time) to be served by Serve(). Must be called before Serve(). The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func RegisterWebhookWithRouter 

func RegisterWebhookWithRouter[T runtime.Object](w Webhook[T], scheme *runtime.Scheme, log logr.Logger, router Router) error

Register a joint webhook (i.e. being validating and mutating at the same time) with router (such as http.ServeMux or gorilla's mux.Router). The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func Serve 

func Serve(ctx context.Context, options *ServeOptions) error

Start webhook server. Parameter options may be nil; if it is nil then options will be taken from flags. Note that this requires that admission.InitFlags() and flag.Parse() (or equivalent) has been already called.

Types

type MutatingWebhook 

type MutatingWebhook[T runtime.Object] interface {
	MutateCreate(ctx context.Context, obj T) error
	MutateUpdate(ctx context.Context, oldObj T, newObj T) error
}

Mutating webhook interface. There is no deletion handler because mutating before deletion is meaningless anyway.

type Router 

type Router interface {
	Handle(pattern string, handler http.Handler)
}

type ServeOptions 

type ServeOptions struct {
	// Bind address, such as :2443 or 127.0.0.1:2443
	BindAddress string
	// Path to file containing the server TLS certificate (plus intermediates if present)
	CertFile string
	// PAth to file container the server TLS key
	KeyFile string
}

Options for webhook http server. Protocol https (and therefore CertFile and KeyFile) is mandatory

type ValidatingWebhook 

type ValidatingWebhook[T runtime.Object] interface {
	ValidateCreate(ctx context.Context, obj T) error
	ValidateUpdate(ctx context.Context, oldObj T, newObj T) error
	ValidateDelete(ctx context.Context, obj T) error
}

Validating webhook interface.

type Webhook 

type Webhook[T runtime.Object] interface {
	ValidatingWebhook[T]
	MutatingWebhook[T]
}

Joint interface for a webhook which is both validating and mutating (for convenience).

type WebhookHandler 

type WebhookHandler struct {
	// contains filtered or unexported fields
}

Webhook handler. Implements the http.Handler interface.

func NewMutatingWebhookHandler 

func NewMutatingWebhookHandler[T runtime.Object](w MutatingWebhook[T], scheme *runtime.Scheme, log logr.Logger) *WebhookHandler

Create webhook handler for a mutating webhook. The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func NewValidatingWebhookHandler 

func NewValidatingWebhookHandler[T runtime.Object](w ValidatingWebhook[T], scheme *runtime.Scheme, log logr.Logger) *WebhookHandler

Create webhook handler for a validating webhook. The type parameter T can be a pointer to a concrete Kubernetes resource type (such as *corev1.Pod), a pointer to unstructured.Unstructured, or an interface type containing runtime.Object; in the first case, scheme is required and must recognize the supplied resource type; in the second and third case, scheme is ignored (can be passed as nil), and a pointer to unstructured.Unstructured will be passed to the webhook implementation.

func (*WebhookHandler) ServeHTTP 

func (h *WebhookHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

Serve admission http request.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.