mutatorplugin

package

v0.0.0-...-4d19ac6 Latest Latest Go to latest Published: Nov 23, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation ¶

Index ¶

Constants
Variables
func TokenVolumeSource(secret *corev1.Secret) *corev1.ProjectedVolumeSource
type Interface
type PodKubeAPIAccessMutatorPlugin
- func NewPodKubeAPIAccessMutatorPlugin(ctx *uplugin.InitContext) (*PodKubeAPIAccessMutatorPlugin, error)
- func (pl *PodKubeAPIAccessMutatorPlugin) MutateAutoKubeAPIAccessVolumeMounts(old, new string, pod *corev1.Pod)
- func (pl *PodKubeAPIAccessMutatorPlugin) Mutator() conversion.PodMutator
type PodMountServiceAccountTokenMutatorPlugin
- func (pl *PodMountServiceAccountTokenMutatorPlugin) Mutator() conversion.PodMutator
type PodRootCACertMutatorPlugin
- func (pl *PodRootCACertMutatorPlugin) Mutator() conversion.PodMutator
type PodServiceLinkMutatorPlugin
- func (pl *PodServiceLinkMutatorPlugin) Mutator() conversion.PodMutator

Constants ¶

const (
	// DefaultServiceAccountName is the name of the default service account to set on pods which do not specify a service account
	DefaultServiceAccountName = "default" // #nosec G101

	// ServiceAccountVolumeName is the prefix name that will be added to volumes that mount ServiceAccount secrets
	ServiceAccountVolumeName = "kube-api-access" // #nosec G101

	// DefaultAPITokenMountPath is the path that ServiceAccountToken secrets are automounted to.
	// The token file would then be accessible at /var/run/secrets/kubernetes.io/serviceaccount
	DefaultAPITokenMountPath = "/var/run/secrets/kubernetes.io/serviceaccount" // #nosec G101
)

Variables ¶

View Source

var MutatorRegister uplugin.ResourceRegister

Functions ¶

func TokenVolumeSource ¶

func TokenVolumeSource(secret *corev1.Secret) *corev1.ProjectedVolumeSource

TokenVolumeSource returns the projected volume source for service account token.

Types ¶

type Interface ¶

type Interface interface {
	Mutator() conversion.PodMutator
}

type PodKubeAPIAccessMutatorPlugin ¶

type PodKubeAPIAccessMutatorPlugin struct {
	// contains filtered or unexported fields
}

func NewPodKubeAPIAccessMutatorPlugin ¶

func NewPodKubeAPIAccessMutatorPlugin(ctx *uplugin.InitContext) (*PodKubeAPIAccessMutatorPlugin, error)

func (*PodKubeAPIAccessMutatorPlugin) MutateAutoKubeAPIAccessVolumeMounts ¶

func (pl *PodKubeAPIAccessMutatorPlugin) MutateAutoKubeAPIAccessVolumeMounts(old, new string, pod *corev1.Pod)

func (*PodKubeAPIAccessMutatorPlugin) Mutator ¶

func (pl *PodKubeAPIAccessMutatorPlugin) Mutator() conversion.PodMutator

type PodMountServiceAccountTokenMutatorPlugin ¶

type PodMountServiceAccountTokenMutatorPlugin struct {
	// contains filtered or unexported fields
}

func (*PodMountServiceAccountTokenMutatorPlugin) Mutator ¶

func (pl *PodMountServiceAccountTokenMutatorPlugin) Mutator() conversion.PodMutator

type PodRootCACertMutatorPlugin ¶

type PodRootCACertMutatorPlugin struct{}

func (*PodRootCACertMutatorPlugin) Mutator ¶

func (pl *PodRootCACertMutatorPlugin) Mutator() conversion.PodMutator

Mutator will automatically reassign configmap references for configmaps named kube-root-ca.crt in the pod spec, these places are * volumes * env * envFrom

type PodServiceLinkMutatorPlugin ¶

type PodServiceLinkMutatorPlugin struct {
	// contains filtered or unexported fields
}

func (*PodServiceLinkMutatorPlugin) Mutator ¶

func (pl *PodServiceLinkMutatorPlugin) Mutator() conversion.PodMutator

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL