Documentation ¶
Index ¶
- Constants
- func ToContext(ctx context.Context, c Flags) context.Context
- func ValidateAPIFields(ctx context.Context, featureName string, object interface{}, ...) (errs *apis.FieldError)
- func ValidateAnnotations(ctx context.Context, featureName string, object metav1.Object, ...) (errs *apis.FieldError)
- type Flag
- type Flags
- func (e Flags) IsAllowed(featureName string) bool
- func (e Flags) IsAuthorizationDefaultModeAllowAll() bool
- func (e Flags) IsAuthorizationDefaultModeDenyAll() bool
- func (e Flags) IsAuthorizationDefaultModeSameNamespace() bool
- func (e Flags) IsCrossNamespaceEventLinks() bool
- func (e Flags) IsDisabled(featureName string) bool
- func (e Flags) IsDisabledTransportEncryption() bool
- func (e Flags) IsEnabled(featureName string) bool
- func (e Flags) IsOIDCAuthentication() bool
- func (e Flags) IsPermissiveTransportEncryption() bool
- func (e Flags) IsStrictTransportEncryption() bool
- func (e Flags) NodeSelector() map[string]string
- func (e Flags) String() string
- type Store
Constants ¶
const ( KReferenceGroup = "kreference-group" DeliveryRetryAfter = "delivery-retryafter" DeliveryTimeout = "delivery-timeout" KReferenceMapping = "kreference-mapping" TransportEncryption = "transport-encryption" EvenTypeAutoCreate = "eventtype-auto-create" OIDCAuthentication = "authentication-oidc" NodeSelectorLabel = "apiserversources-nodeselector-" CrossNamespaceEventLinks = "cross-namespace-event-links" NewAPIServerFilters = "new-apiserversource-filters" AuthorizationDefaultMode = "default-authorization-mode" )
const (
// FlagsConfigName is the name of config map containing the experimental features flags
FlagsConfigName = "config-features"
)
Variables ¶
This section is empty.
Functions ¶
func ToContext ¶
ToContext attaches the provided Flags to the provided context, returning the new context with the Flags attached.
func ValidateAPIFields ¶
func ValidateAPIFields(ctx context.Context, featureName string, object interface{}, experimentalFields ...string) (errs *apis.FieldError)
ValidateAPIFields checks that the experimental features fields are disabled if the experimental flag is disabled. experimentalFields can contain a string with dots, to identify sub-structs, like "Destination.Ref.APIVersion"
func ValidateAnnotations ¶
func ValidateAnnotations(ctx context.Context, featureName string, object metav1.Object, experimentalAnnotations ...string) (errs *apis.FieldError)
ValidateAnnotations checks that the experimental features annotations are disabled if the experimental flag is disabled
Types ¶
type Flag ¶
type Flag string
Flag is a string value which can be either Enabled, Disabled, or Allowed.
const ( // Enabled turns on an optional behavior. Enabled Flag = "Enabled" // Disabled turns off an optional behavior. Disabled Flag = "Disabled" // Allowed neither explicitly disables or enables a behavior. // eg. allow a client to control behavior with an annotation or allow a new value through validation. Allowed Flag = "Allowed" // Strict is only applicable to the TransportEncryption feature. // The following applies: // - Addressables must not accept events to non-HTTPS endpoints // - Addressables must only advertise HTTPS endpoints Strict Flag = "Strict" // Permissive is only applicable to the TransportEncryption feature. // The following applies: // - Addressables should accept events at both HTTP and HTTPS endpoints // - Addressables should advertise both HTTP and HTTPS endpoints // - Producers should prefer to send events to HTTPS endpoints, if available Permissive Flag = "Permissive" // AuthorizationAllowAll is a value for AuthorizationDefaultMode that indicates to allow all // OIDC subjects by default. // This configuration is applied when there is no EventPolicy with a "to" referencing a given // resource. AuthorizationAllowAll Flag = "Allow-All" // AuthorizationDenyAll is a value for AuthorizationDefaultMode that indicates to deny all // OIDC subjects by default. // This configuration is applied when there is no EventPolicy with a "to" referencing a given // resource. AuthorizationDenyAll Flag = "Deny-All" // AuthorizationAllowSameNamespace is a value for AuthorizationDefaultMode that indicates to allow // OIDC subjects with the same namespace as a given resource. // This configuration is applied when there is no EventPolicy with a "to" referencing a given // resource. AuthorizationAllowSameNamespace Flag = "Allow-Same-Namespace" )
type Flags ¶
Flags is a map containing all the enabled/disabled flags for the experimental features. Missing entry in the map means feature is equal to feature not enabled.
func FromContext ¶
FromContext extracts a Config from the provided context.
func FromContextOrDefaults ¶
FromContextOrDefaults is like FromContext, but when no Flags is attached it returns default Flags.
func NewFlagsConfigFromConfigMap ¶
NewFlagsConfigFromConfigMap creates a Flags from the supplied configMap
func NewFlagsConfigFromMap ¶
NewFlagsConfigFromMap creates a Flags from the supplied Map
func (Flags) IsAuthorizationDefaultModeAllowAll ¶ added in v0.42.0
func (Flags) IsAuthorizationDefaultModeDenyAll ¶ added in v0.42.0
func (Flags) IsAuthorizationDefaultModeSameNamespace ¶ added in v0.42.0
func (Flags) IsCrossNamespaceEventLinks ¶ added in v0.41.0
func (Flags) IsDisabled ¶ added in v0.37.5
IsDisabled returns true if the feature is disabled
func (Flags) IsDisabledTransportEncryption ¶ added in v0.38.0
IsDisabledTransportEncryption returns true if the TransportEncryption feature is in Disabled mode.
func (Flags) IsOIDCAuthentication ¶ added in v0.39.0
func (Flags) IsPermissiveTransportEncryption ¶ added in v0.37.0
IsPermissiveTransportEncryption returns true if the TransportEncryption feature is in Permissive mode.
func (Flags) IsStrictTransportEncryption ¶ added in v0.37.0
IsStrictTransportEncryption returns true if the TransportEncryption feature is in Strict mode.
func (Flags) NodeSelector ¶ added in v0.41.0
type Store ¶
type Store struct {
*configmap.UntypedStore
}
Store is a typed wrapper around configmap.Untyped store to handle our configmaps. +k8s:deepcopy-gen=false
func NewStore ¶
NewStore creates a new store of Configs and optionally calls functions when ConfigMaps are updated.