package loader

import "k8s.io/apiserver/pkg/admission/plugin/policy/manifest/loader"

Package loader provides generic functionality to load policy and binding configurations from manifest files. It handles file reading, YAML/JSON decoding, manifest name validation (suffix + uniqueness), policy-specific manifest constraints, and binding-reference checking. Type-specific defaulting and validation (e.g., scheme-based defaulting via internal types) are injected by callers through the AcceptObjectFunc callbacks.

Index

Variables 

var ErrUnrecognizedType = fmt.Errorf("unrecognized resource type")

ErrUnrecognizedType is returned by AcceptObjectFunc when the object type is not handled. This allows callers with multiple accept functions to try the next one.

Functions

func LoadPolicyManifests 

func LoadPolicyManifests[P, B metav1.Object](
	dir string,
	decoder runtime.Decoder,
	acceptPolicy AcceptObjectFunc[P],
	acceptBinding AcceptObjectFunc[B],
	getBindingPolicyName func(B) string,
) ([]P, []B, string, error)

LoadPolicyManifests is a generic helper that loads policy and binding manifests from a directory. It handles file I/O, decoding, v1.List unwrapping, manifest name validation, policy-specific manifest constraints, binding-reference checking, and deterministic sorting by name. The decoder should be created by the caller with whatever scheme is appropriate (e.g., with full internal type install for kube-apiserver, or a minimal v1-only scheme for other consumers).

Types

type AcceptObjectFunc 

type AcceptObjectFunc[T metav1.Object] func(obj runtime.Object) ([]T, error)

AcceptObjectFunc extracts typed items from a decoded runtime.Object, applying defaulting and validation. Returns ErrUnrecognizedType if the object type is not handled by this function.

Source Files

loader.go

Version
v0.36.0 (latest)
Published
Apr 22, 2026
Platform
linux/amd64
Imports
9 packages
Last checked
3 hours ago

Tools for package owners.