validating

package

v0.1.1 Latest Latest Go to latest Published: Jul 28, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/urossimovic/kubewebhook

Links

Open Source Insights

Documentation ¶

Index ¶

func NewWebhook(cfg WebhookConfig, validator Validator, recorder metrics.Recorder, ...) (webhook.Webhook, error)
type Chain
- func NewChain(logger log.Logger, validators ...Validator) *Chain
- func (c *Chain) Validate(ctx context.Context, obj metav1.Object) (bool, ValidatorResult, error)
type Validator
type ValidatorFunc
- func (f ValidatorFunc) Validate(ctx context.Context, obj metav1.Object) (stop bool, valid ValidatorResult, err error)
type ValidatorResult
type WebhookConfig

Examples ¶

Validator (IngressHostValidatingWebhook)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewWebhook ¶

func NewWebhook(cfg WebhookConfig, validator Validator, recorder metrics.Recorder, logger log.Logger) (webhook.Webhook, error)

NewWebhook is a validating webhook and will return a webhook ready for a type of resource it will validate the received resources.

Types ¶

type Chain ¶

type Chain struct {
	// contains filtered or unexported fields
}

Chain is a chain of validators that will execute secuentially all the validators that have been added to it. It satisfies Mutator interface.

func (*Chain) Validate ¶

func (c *Chain) Validate(ctx context.Context, obj metav1.Object) (bool, ValidatorResult, error)

Validate will execute all the validation chain.

type Validator ¶

type Validator interface {
	// Validate will received a pointer to an object, validators can be
	// grouped in chains, that's why a stop boolean to stop executing the chain
	// can be returned the validator, the valid parameter will denotate if the
	// object is valid (if not valid the chain will be stopped also) and a error.
	Validate(context.Context, metav1.Object) (stop bool, valid ValidatorResult, err error)
}

Validator knows how to validate the received kubernetes object.

Example (IngressHostValidatingWebhook) ¶

IngressHostValidatingWebhook shows how you would create a ingress validating webhook that checks if an ingress has any rule with an invalid host that doesn't match the valid host regex and if is invalid will not accept the ingress.

package main

import (
	"context"
	"fmt"
	"regexp"

	extensionsv1beta1 "k8s.io/api/extensions/v1beta1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	"github.com/slok/kubewebhook/pkg/webhook/validating"
)

func main() {
	// Create the regex to validate the hosts.
	validHost := regexp.MustCompile(`^.*\.batman\.best\.superhero\.io$`)

	// Create our validator that will check the host on each rule of the received ingress to
	// allow or disallow the ingress.
	ivh := validating.ValidatorFunc(func(_ context.Context, obj metav1.Object) (bool, validating.ValidatorResult, error) {
		ingress, ok := obj.(*extensionsv1beta1.Ingress)

		if !ok {
			return false, validating.ValidatorResult{}, fmt.Errorf("not an ingress")
		}

		for _, r := range ingress.Spec.Rules {
			if !validHost.MatchString(r.Host) {
				res := validating.ValidatorResult{
					Valid:   false,
					Message: fmt.Sprintf("%s ingress host doesn't match %s regex", r.Host, validHost),
				}
				return false, res, nil
			}
		}

		res := validating.ValidatorResult{
			Valid:   true,
			Message: "all hosts in the ingress are valid",
		}
		return false, res, nil
	})

	// Create webhook (usage of webhook not in this example).
	cfg := validating.WebhookConfig{
		Name: "example",
		Obj:  &extensionsv1beta1.Ingress{},
	}
	validating.NewWebhook(cfg, ivh, nil, nil)
}

Output:

type ValidatorFunc ¶

type ValidatorFunc func(context.Context, metav1.Object) (stop bool, valid ValidatorResult, err error)

ValidatorFunc is a helper type to create validators from functions.

func (ValidatorFunc) Validate ¶

func (f ValidatorFunc) Validate(ctx context.Context, obj metav1.Object) (stop bool, valid ValidatorResult, err error)

Validate satisfies Validator interface.

type ValidatorResult ¶

type ValidatorResult struct {
	Valid   bool
	Message string
}

ValidatorResult is the result of a validator.

type WebhookConfig ¶

type WebhookConfig struct {
	Name string
	Obj  metav1.Object
}

WebhookConfig is the Validating webhook configuration.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL