Documentation
¶
Index ¶
- Constants
- func CompileOIDCProviders(providers []apiv1.OIDCProvider) error
- func IndexReceiverWebhookPath(o client.Object) []string
- func ValidateOIDCProvidersSpec(providers []apiv1.OIDCProvider) error
- func ValidateResourceFilter(s string, opts ...ResourceFilterOption) error
- type EventServer
- type ReceiverServer
- type ResourceFilterOption
Constants ¶
const (
WebhookPathIndexKey string = ".metadata.webhookPath"
)
Variables ¶
This section is empty.
Functions ¶
func CompileOIDCProviders ¶ added in v1.9.0
func CompileOIDCProviders(providers []apiv1.OIDCProvider) error
CompileOIDCProviders compiles every CEL expression configured on every provider and returns the first error encountered. Errors are intended to be surfaced under InvalidCELExpressionReason. ValidateOIDCProvidersSpec must have been called first.
func IndexReceiverWebhookPath ¶ added in v1.0.0
IndexReceiverWebhookPath is a client.IndexerFunc that returns the Receiver's webhook path, if present in its status.
func ValidateOIDCProvidersSpec ¶ added in v1.9.0
func ValidateOIDCProvidersSpec(providers []apiv1.OIDCProvider) error
ValidateOIDCProvidersSpec mirrors the CRD schema constraints on OIDCProviders (required fields, IssuerURL pattern, uniqueness, validation cardinality) for clusters whose API server does not enforce the kubebuilder markers. Errors are intended to be surfaced under ValidationFailedReason.
func ValidateResourceFilter ¶ added in v1.5.0
func ValidateResourceFilter(s string, opts ...ResourceFilterOption) error
ValidateResourceFilter accepts a CEL expression and will parse and check that it's valid, if it's not valid an error is returned.
Types ¶
type EventServer ¶
type EventServer struct {
kuberecorder.EventRecorder
// contains filtered or unexported fields
}
EventServer handles event POST requests
func NewEventServer ¶
func NewEventServer(port string, logger logr.Logger, kubeClient client.Client, eventRecorder kuberecorder.EventRecorder, noCrossNamespaceRefs bool, exportHTTPPathMetrics bool, tokenCache *cache.TokenCache) *EventServer
NewEventServer returns an HTTP server that handles events
func (*EventServer) ListenAndServe ¶
func (s *EventServer) ListenAndServe(stopCh <-chan struct{}, mdlw middleware.Middleware, store limiter.Store)
ListenAndServe starts the HTTP server on the specified port
type ReceiverServer ¶
type ReceiverServer struct {
// contains filtered or unexported fields
}
ReceiverServer handles webhook POST requests
func NewReceiverServer ¶
func NewReceiverServer(port string, logger logr.Logger, kubeClient client.Client, noCrossNamespaceRefs bool, exportHTTPPathMetrics bool) *ReceiverServer
NewReceiverServer returns an HTTP server that handles webhooks
func (*ReceiverServer) ListenAndServe ¶
func (s *ReceiverServer) ListenAndServe(stopCh <-chan struct{}, mdlw middleware.Middleware)
ListenAndServe starts the HTTP server on the specified port
type ResourceFilterOption ¶ added in v1.9.0
type ResourceFilterOption func(*resourceFilterOptions)
ResourceFilterOption configures the CEL environment used to compile and evaluate a Receiver resource filter expression.
func WithClaims ¶ added in v1.9.0
func WithClaims() ResourceFilterOption
WithClaims declares the claims variable in the filter CEL environment. It is used by generic-oidc receivers to expose the verified OIDC token claims to the expression.
Source Files