package generic

import "k8s.io/apiserver/pkg/admission/plugin/webhook/generic"

Index

Functions

func ConvertToGVK 

func ConvertToGVK(obj runtime.Object, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) (runtime.Object, error)

ConvertToGVK converts object to the desired gvk.

func ConvertVersionedAttributes 

func ConvertVersionedAttributes(attr *VersionedAttributes, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) error

ConvertVersionedAttributes converts VersionedObject and VersionedOldObject to the specified kind, if needed. If attr.VersionedKind already matches the requested kind, no conversion is performed. If conversion is required: * attr.VersionedObject is used as the source for the new object if Dirty=true (and is round-tripped through attr.Attributes.Object, clearing Dirty in the process) * attr.Attributes.Object is used as the source for the new object if Dirty=false * attr.Attributes.OldObject is used as the source for the old object

Types

type Dispatcher 

type Dispatcher interface {
	// Dispatch a request to the webhooks. Dispatcher may choose not to
	// call a hook, either because the rules of the hook does not match, or
	// the namespaceSelector or the objectSelector of the hook does not
	// match. A non-nil error means the request is rejected.
	Dispatch(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces, hooks []webhook.WebhookAccessor) error
}

Dispatcher dispatches webhook call to a list of webhooks with admission attributes as argument.

type Source 

type Source interface {
	Webhooks() []webhook.WebhookAccessor
	HasSynced() bool
}

Source can list dynamic webhook plugins.

type VersionedAttributes 

type VersionedAttributes struct {
	// Attributes holds the original admission attributes
	admission.Attributes
	// VersionedOldObject holds Attributes.OldObject (if non-nil), converted to VersionedKind.
	// It must never be mutated.
	VersionedOldObject runtime.Object
	// VersionedObject holds Attributes.Object (if non-nil), converted to VersionedKind.
	// If mutated, Dirty must be set to true by the mutator.
	VersionedObject runtime.Object
	// VersionedKind holds the fully qualified kind
	VersionedKind schema.GroupVersionKind
	// Dirty indicates VersionedObject has been modified since being converted from Attributes.Object
	Dirty bool
}

VersionedAttributes is a wrapper around the original admission attributes, adding versioned variants of the object and old object.

func NewVersionedAttributes 

func NewVersionedAttributes(attr admission.Attributes, gvk schema.GroupVersionKind, o admission.ObjectInterfaces) (*VersionedAttributes, error)

NewVersionedAttributes returns versioned attributes with the old and new object (if non-nil) converted to the requested kind

func (*VersionedAttributes) GetObject 

func (v *VersionedAttributes) GetObject() runtime.Object

GetObject overrides the Attributes.GetObject()

type Webhook 

type Webhook struct {
	*admission.Handler
	// contains filtered or unexported fields
}

Webhook is an abstract admission plugin with all the infrastructure to define Admit or Validate on-top.

func NewWebhook 

func NewWebhook(handler *admission.Handler, configFile io.Reader, sourceFactory sourceFactory, dispatcherFactory dispatcherFactory) (*Webhook, error)

NewWebhook creates a new generic admission webhook.

func (*Webhook) Dispatch 

func (a *Webhook) Dispatch(ctx context.Context, attr admission.Attributes, o admission.ObjectInterfaces) error

Dispatch is called by the downstream Validate or Admit methods.

func (*Webhook) SetAuthenticationInfoResolverWrapper 

func (a *Webhook) SetAuthenticationInfoResolverWrapper(wrapper webhookutil.AuthenticationInfoResolverWrapper)

SetAuthenticationInfoResolverWrapper sets the AuthenticationInfoResolverWrapper. TODO find a better way wire this, but keep this pull small for now.

func (*Webhook) SetExternalKubeClientSet 

func (a *Webhook) SetExternalKubeClientSet(client clientset.Interface)

SetExternalKubeClientSet implements the WantsExternalKubeInformerFactory interface. It sets external ClientSet for admission plugins that need it

func (*Webhook) SetExternalKubeInformerFactory 

func (a *Webhook) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)

SetExternalKubeInformerFactory implements the WantsExternalKubeInformerFactory interface.

func (*Webhook) SetServiceResolver 

func (a *Webhook) SetServiceResolver(sr webhookutil.ServiceResolver)

SetServiceResolver sets a service resolver for the webhook admission plugin. Passing a nil resolver does not have an effect, instead a default one will be used.

func (*Webhook) ShouldCallHook 

func (a *Webhook) ShouldCallHook(h webhook.WebhookAccessor, attr admission.Attributes, o admission.ObjectInterfaces) (*WebhookInvocation, *apierrors.StatusError)

ShouldCallHook returns invocation details if the webhook should be called, nil if the webhook should not be called, or an error if an error was encountered during evaluation.

func (*Webhook) ValidateInitialization 

func (a *Webhook) ValidateInitialization() error

ValidateInitialization implements the InitializationValidator interface.

type WebhookInvocation 

type WebhookInvocation struct {
	Webhook     webhook.WebhookAccessor
	Resource    schema.GroupVersionResource
	Subresource string
	Kind        schema.GroupVersionKind
}

WebhookInvocation describes how to call a webhook, including the resource and subresource the webhook registered for, and the kind that should be sent to the webhook.

Source Files

conversion.go interfaces.go webhook.go

Version
v0.20.5
Published
Mar 18, 2021
Platform
windows/amd64
Imports
19 packages
Last checked
1 second ago

Tools for package owners.