handlers

package
v0.10.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Package handlers implements the specific business logic for Kubernetes Admission Control.

It contains implementations of the controller-runtime 'admission.Handler' interface for two primary purposes:

  1. Mutation (Defaulters): These handlers intercept CREATE and UPDATE requests to apply default values to resources. They rely heavily on the 'pkg/resolver' module to ensure that defaults applied at admission time are identical to those applied by the Reconciler during operation. (See: MultigresClusterDefaulter).

  2. Validation (Validators): These handlers intercept CREATE, UPDATE, and DELETE requests to enforce semantic rules that cannot be expressed in OpenAPI schemas (CRD Level 1) or CEL (CRD Level 2). This includes: - Stateful Validation: Checks requiring lookups of other objects (e.g., preventing deletion of a template that is in use). - Context-Aware Validation: Checks requiring access to request metadata (e.g., UserInfo) or old object states, serving as a fallback for clusters that do not support 'ValidatingAdmissionPolicy'.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ChildResourceValidator 

type ChildResourceValidator struct {
	// contains filtered or unexported fields
}

ChildResourceValidator prevents direct modification of managed child resources.

func NewChildResourceValidator 

func NewChildResourceValidator(exemptPrincipals ...string) *ChildResourceValidator

NewChildResourceValidator creates a validator that blocks direct modification of managed child resources.

func (*ChildResourceValidator) ValidateCreate 

func (v *ChildResourceValidator) ValidateCreate(
	ctx context.Context,
	obj runtime.Object,
) (admission.Warnings, error)

ValidateCreate rejects direct creation of managed child resources.

func (*ChildResourceValidator) ValidateDelete 

func (v *ChildResourceValidator) ValidateDelete(
	ctx context.Context,
	obj runtime.Object,
) (admission.Warnings, error)

ValidateDelete rejects direct deletion of managed child resources.

func (*ChildResourceValidator) ValidateUpdate 

func (v *ChildResourceValidator) ValidateUpdate(
	ctx context.Context,
	oldObj, newObj runtime.Object,
) (admission.Warnings, error)

ValidateUpdate rejects direct modification of managed child resources.

type MultigresClusterDefaulter 

type MultigresClusterDefaulter struct {
	Resolver *resolver.Resolver
}

MultigresClusterDefaulter handles the mutation of MultigresCluster resources.

func NewMultigresClusterDefaulter 

func NewMultigresClusterDefaulter(r *resolver.Resolver) *MultigresClusterDefaulter

NewMultigresClusterDefaulter creates a new defaulter handler.

func (*MultigresClusterDefaulter) Default 

func (d *MultigresClusterDefaulter) Default(ctx context.Context, obj runtime.Object) error

Default implements webhook.CustomDefaulter.

type MultigresClusterValidator 

type MultigresClusterValidator struct {
	Client client.Client
}

MultigresClusterValidator validates Create and Update events for MultigresClusters.

func NewMultigresClusterValidator 

func NewMultigresClusterValidator(c client.Client) *MultigresClusterValidator

NewMultigresClusterValidator creates a new validator for MultigresClusters.

func (*MultigresClusterValidator) ValidateCreate 

func (v *MultigresClusterValidator) ValidateCreate(
	ctx context.Context,
	obj runtime.Object,
) (admission.Warnings, error)

ValidateCreate validates a MultigresCluster on creation.

func (*MultigresClusterValidator) ValidateDelete 

func (v *MultigresClusterValidator) ValidateDelete(
	ctx context.Context,
	obj runtime.Object,
) (admission.Warnings, error)

ValidateDelete is a no-op for MultigresCluster deletion.

func (*MultigresClusterValidator) ValidateUpdate 

func (v *MultigresClusterValidator) ValidateUpdate(
	ctx context.Context,
	oldObj, newObj runtime.Object,
) (admission.Warnings, error)

ValidateUpdate validates a MultigresCluster on update, including storage shrink and etcd replica checks.

type TemplateValidator 

type TemplateValidator struct {
	Client client.Client
	Kind   string
}

TemplateValidator validates Delete events to ensure templates are not in use.

func NewTemplateValidator 

func NewTemplateValidator(c client.Client, kind string) *TemplateValidator

NewTemplateValidator creates a validator that prevents deletion of in-use templates.

func (*TemplateValidator) ValidateCreate 

func (v *TemplateValidator) ValidateCreate(
	ctx context.Context,
	obj runtime.Object,
) (admission.Warnings, error)

ValidateCreate validates pool name map keys for ShardTemplates on creation.

func (*TemplateValidator) ValidateDelete 

func (v *TemplateValidator) ValidateDelete(
	ctx context.Context,
	obj runtime.Object,
) (admission.Warnings, error)

ValidateDelete rejects deletion of templates that are referenced by a MultigresCluster.

func (*TemplateValidator) ValidateUpdate 

func (v *TemplateValidator) ValidateUpdate(
	ctx context.Context,
	oldObj, newObj runtime.Object,
) (admission.Warnings, error)

ValidateUpdate validates pool name map keys for ShardTemplates on update.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.