admission

package
v1.17.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 20, 2026 License: Apache-2.0 Imports: 21 Imported by: 6

Documentation

Index

Constants

View Source 
const DefaultConfigurationId = "hooks"

DefaultConfigurationId is a ConfigurationId for ValidatingWebhookConfiguration/MutatingWebhookConfiguration without suffix.

Variables

View Source 
var DefaultSettings = &WebhookSettings{
	Settings: server.Settings{
		ServerCertPath: "/validating-certs/tls.crt",
		ServerKeyPath:  "/validating-certs/tls.key",
		ServiceName:    "shell-operator-validating-svc",
		ListenAddr:     "0.0.0.0",
		ListenPort:     "9680",
	},
	CAPath:               "/validating-certs/ca.crt",
	ConfigurationName:    "shell-operator-hooks",
	DefaultFailurePolicy: "Fail",
}

DefaultSettings holds the active validating-webhook server settings. It is populated by InitFromSettings during operator initialization. Tests may use it directly; in production always call InitFromSettings first.

Functions

func InitFromSettings added in v1.17.0 

func InitFromSettings(s WebhookSettings)

InitFromSettings replaces DefaultSettings with values derived from cfg. Call this once during operator initialization, after all configuration sources (env vars and CLI flags) have been merged into cfg.

Types

type Event added in v1.4.12 

type Event struct {
	WebhookId       string
	ConfigurationId string
	Request         *v1.AdmissionRequest
}

type EventHandlerFn added in v1.4.12 

type EventHandlerFn func(ctx context.Context, event Event) (*Response, error)

type IWebhookConfig 

type IWebhookConfig interface {
	GetMeta() Metadata
	SetMeta(Metadata)
	SetClientConfig(v1.WebhookClientConfig)
	UpdateIds(string, string)
}

type Metadata 

type Metadata struct {
	Name            string
	WebhookId       string
	ConfigurationId string // A suffix to create different ValidatingWebhookConfiguration/MutatingWebhookConfiguration resources.
	DebugName       string
	LogLabels       map[string]string
	MetricLabels    map[string]string
}

type MutatingWebhookConfig 

type MutatingWebhookConfig struct {
	*v1.MutatingWebhook
	Metadata
}

func (*MutatingWebhookConfig) GetMeta 

func (c *MutatingWebhookConfig) GetMeta() Metadata

func (*MutatingWebhookConfig) SetClientConfig 

func (c *MutatingWebhookConfig) SetClientConfig(cc v1.WebhookClientConfig)

func (*MutatingWebhookConfig) SetMeta 

func (c *MutatingWebhookConfig) SetMeta(m Metadata)

func (*MutatingWebhookConfig) UpdateIds 

func (c *MutatingWebhookConfig) UpdateIds(confID, webhookID string)

type MutatingWebhookResource 

type MutatingWebhookResource struct {
	// contains filtered or unexported fields
}

func NewMutatingWebhookResource 

func NewMutatingWebhookResource(opts WebhookResourceOptions, logger *log.Logger) *MutatingWebhookResource

func (*MutatingWebhookResource) Get 

func (w *MutatingWebhookResource) Get(id string) *MutatingWebhookConfig

func (*MutatingWebhookResource) Register 

func (w *MutatingWebhookResource) Register() error

func (*MutatingWebhookResource) Set 

func (w *MutatingWebhookResource) Set(whc *MutatingWebhookConfig)

func (*MutatingWebhookResource) Unregister 

func (w *MutatingWebhookResource) Unregister() error

type Option added in v1.14.3 

type Option func(manager *WebhookManager)

func WithLogger added in v1.14.3 

func WithLogger(logger *log.Logger) Option

type Response added in v1.4.12 

type Response struct {
	Allowed  bool     `json:"allowed"`
	Message  string   `json:"message,omitempty"`
	Warnings []string `json:"warnings,omitempty"`
	Patch    []byte   `json:"patch,omitempty"`
}

func FromReader added in v1.4.12 

func FromReader(r io.Reader) (*Response, error)

func ResponseFromBytes added in v1.4.12 

func ResponseFromBytes(data []byte) (*Response, error)

func ResponseFromFile added in v1.4.12 

func ResponseFromFile(filePath string) (*Response, error)

func (*Response) Dump added in v1.4.12 

func (r *Response) Dump() string

type ValidatingWebhookConfig 

type ValidatingWebhookConfig struct {
	*v1.ValidatingWebhook
	Metadata
}

func (*ValidatingWebhookConfig) GetMeta 

func (c *ValidatingWebhookConfig) GetMeta() Metadata

func (*ValidatingWebhookConfig) SetClientConfig 

func (c *ValidatingWebhookConfig) SetClientConfig(cc v1.WebhookClientConfig)

func (*ValidatingWebhookConfig) SetMeta 

func (c *ValidatingWebhookConfig) SetMeta(m Metadata)

func (*ValidatingWebhookConfig) UpdateIds 

func (c *ValidatingWebhookConfig) UpdateIds(confID, webhookID string)

UpdateIds use confId and webhookId to set a ConfigurationId prefix and a WebhookId.

type ValidatingWebhookResource 

type ValidatingWebhookResource struct {
	// contains filtered or unexported fields
}

func NewValidatingWebhookResource 

func NewValidatingWebhookResource(opts WebhookResourceOptions, logger *log.Logger) *ValidatingWebhookResource

func (*ValidatingWebhookResource) Get 

func (w *ValidatingWebhookResource) Get(id string) *ValidatingWebhookConfig

func (*ValidatingWebhookResource) Register 

func (w *ValidatingWebhookResource) Register() error

func (*ValidatingWebhookResource) Set 

func (w *ValidatingWebhookResource) Set(whc *ValidatingWebhookConfig)

func (*ValidatingWebhookResource) Unregister 

func (w *ValidatingWebhookResource) Unregister() error

type WebhookHandler 

type WebhookHandler struct {
	Router  chi.Router
	Handler EventHandlerFn

	Logger *log.Logger
}

func NewWebhookHandler 

func NewWebhookHandler(logger *log.Logger) *WebhookHandler

type WebhookManager 

type WebhookManager struct {
	KubeClient *klient.Client

	Settings  *WebhookSettings
	Namespace string

	DefaultConfigurationId string

	Server              *server.WebhookServer
	ValidatingResources map[string]*ValidatingWebhookResource
	MutatingResources   map[string]*MutatingWebhookResource
	Handler             *WebhookHandler

	Logger *log.Logger
}

WebhookManager is a public interface to be used from operator.go.

No dynamic configuration for now. The steps are:

  • Init manager
  • Call AddWebhook for every binding in hooks
  • Start() to run server and create ValidatingWebhookConfiguration/MutatingWebhookConfiguration

func NewWebhookManager 

func NewWebhookManager(kubeClient *klient.Client, opts ...Option) *WebhookManager

func (*WebhookManager) AddMutatingWebhook 

func (m *WebhookManager) AddMutatingWebhook(config *MutatingWebhookConfig)

func (*WebhookManager) AddValidatingWebhook 

func (m *WebhookManager) AddValidatingWebhook(config *ValidatingWebhookConfig)

func (*WebhookManager) Init 

func (m *WebhookManager) Init() error

Init creates dependencies

func (*WebhookManager) Start 

func (m *WebhookManager) Start() error

func (*WebhookManager) WithAdmissionEventHandler 

func (m *WebhookManager) WithAdmissionEventHandler(handler EventHandlerFn)

type WebhookResourceOptions 

type WebhookResourceOptions struct {
	KubeClient        *klient.Client
	Namespace         string
	ConfigurationName string
	ServiceName       string
	CABundle          []byte
}

type WebhookSettings 

type WebhookSettings struct {
	server.Settings
	CAPath               string
	CABundle             []byte
	ConfigurationName    string
	DefaultFailurePolicy string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.