eirinix: github.com/SUSE/eirinix Index | Files | Directories

package extension

import "github.com/SUSE/eirinix"


Package Files

interface.go manager.go webhook.go webhook_configuration.go


const (
    LabelGUID        = "cloudfoundry.org/guid"
    LabelVersion     = "cloudfoundry.org/version"
    LabelAppGUID     = "cloudfoundry.org/app_guid"
    LabelProcessType = "cloudfoundry.org/process_type"
    LabelSourceType  = "cloudfoundry.org/source_type"

func AddToScheme Uses

func AddToScheme(s *runtime.Scheme) error

AddToScheme adds all Resources to the Scheme

type Config Uses

type Config struct {
    CtxTimeOut time.Duration

    // Namespace that is being watched by controllers
    Namespace         string
    WebhookServerHost string
    WebhookServerPort int32
    Fs                afero.Fs

Config controls the behaviour of different controllers

type DefaultExtensionManager Uses

type DefaultExtensionManager struct {
    // Extensions is the list of the Extensions that will be registered by the Manager
    Extensions []Extension

    // Watchers is the list of Eirini watchers handlers
    Watchers []Watcher

    // Reconcilers is the list of Eirini Reconcilers
    Reconcilers []Reconciler

    // KubeManager is the kubernetes manager object which is setted up by the Manager
    KubeManager manager.Manager

    // Logger is the logger used internally and accessible to the Extensions
    Logger *zap.SugaredLogger

    // Context is the context structure used by internal components
    Context context.Context

    // WebhookConfig is the webhook configuration used to generate certificates
    WebhookConfig *WebhookConfig

    // WebhookServer is the webhook server where the Manager registers the Extensions to.
    WebhookServer *webhook.Server

    // Credsgen is the credential generator implementation used for generating certificates
    Credsgen credsgen.Generator

    // Options are the manager options
    Options ManagerOptions
    // contains filtered or unexported fields

DefaultExtensionManager represent an implementation of Manager

func (*DefaultExtensionManager) AddExtension Uses

func (m *DefaultExtensionManager) AddExtension(v interface{}) error

AddExtension adds an Eirini extension to the manager. It accepts Eirinix.Watcher, Eirinix.Reconciler and Eirinix.Extension types.

func (*DefaultExtensionManager) AddReconciler Uses

func (m *DefaultExtensionManager) AddReconciler(r Reconciler)

AddReconciler adds an Erini reconciler Extension to the manager

func (*DefaultExtensionManager) AddWatcher Uses

func (m *DefaultExtensionManager) AddWatcher(w Watcher)

AddWatcher adds an Erini watcher Extension to the manager

func (*DefaultExtensionManager) GenWatcher Uses

func (m *DefaultExtensionManager) GenWatcher(client corev1client.CoreV1Interface) (watch.Interface, error)

GenWatcher generates a watcher from a corev1client interface

func (*DefaultExtensionManager) GenWebHookServer Uses

func (m *DefaultExtensionManager) GenWebHookServer()

GenWebHookServer prepares the webhook server structures

func (*DefaultExtensionManager) GetContext Uses

func (m *DefaultExtensionManager) GetContext() context.Context

GetContext returns the context which can be used by Extensions and Reconcilers to perform background requests

func (*DefaultExtensionManager) GetKubeClient Uses

func (m *DefaultExtensionManager) GetKubeClient() (corev1client.CoreV1Interface, error)

GetKubeClient returns a kubernetes Corev1 client interface from the rest config used.

func (*DefaultExtensionManager) GetKubeConnection Uses

func (m *DefaultExtensionManager) GetKubeConnection() (*rest.Config, error)

GetKubeConnection sets up a connection to a Kubernetes cluster if not existing.

func (*DefaultExtensionManager) GetKubeManager Uses

func (m *DefaultExtensionManager) GetKubeManager() manager.Manager

GetKubeManager returns the kubernetes manager which can be used by Reconcilers to perform direct requests

func (*DefaultExtensionManager) GetLogger Uses

func (m *DefaultExtensionManager) GetLogger() *zap.SugaredLogger

GetLogger returns the Manager injected logger

func (*DefaultExtensionManager) GetManagerOptions Uses

func (m *DefaultExtensionManager) GetManagerOptions() ManagerOptions

GetManagerOptions returns the Manager options

func (*DefaultExtensionManager) HandleEvent Uses

func (m *DefaultExtensionManager) HandleEvent(e watch.Event)

HandleEvent handles a watcher event. It propagates the event to all the registered watchers.

func (*DefaultExtensionManager) ListExtensions Uses

func (m *DefaultExtensionManager) ListExtensions() []Extension

ListExtensions returns the list of the Extensions added to the Manager

func (*DefaultExtensionManager) ListReconcilers Uses

func (m *DefaultExtensionManager) ListReconcilers() []Reconciler

ListReconcilers returns the list of the Extensions added to the Manager

func (*DefaultExtensionManager) ListWatchers Uses

func (m *DefaultExtensionManager) ListWatchers() []Watcher

ListWatchers returns the list of the Extensions added to the Manager

func (*DefaultExtensionManager) LoadExtensions Uses

func (m *DefaultExtensionManager) LoadExtensions() error

LoadExtensions generates and register webhooks from the Extensions added to the Manager

func (*DefaultExtensionManager) OperatorSetup Uses

func (m *DefaultExtensionManager) OperatorSetup() error

OperatorSetup prepares the webhook server, generates certificates and configuration. It also setups the namespace label for the operator

func (*DefaultExtensionManager) PatchFromPod Uses

func (m *DefaultExtensionManager) PatchFromPod(req admission.Request, pod *corev1.Pod) admission.Response

func (*DefaultExtensionManager) ReadWatcherEvent Uses

func (m *DefaultExtensionManager) ReadWatcherEvent(w watch.Interface)

ReadWatcherEvent tries to read events from the watcher channel. It should be run in a loop.

func (*DefaultExtensionManager) RegisterExtensions Uses

func (m *DefaultExtensionManager) RegisterExtensions() error

RegisterExtensions generates the manager and the operator setup, and loads the extensions to the webhook server

func (*DefaultExtensionManager) SetKubeClient Uses

func (m *DefaultExtensionManager) SetKubeClient(c corev1client.CoreV1Interface)

SetKubeClient sets a kube client corev1 from a given one

func (*DefaultExtensionManager) SetKubeConnection Uses

func (m *DefaultExtensionManager) SetKubeConnection(c *rest.Config)

SetKubeConnection sets a rest config from a given one

func (*DefaultExtensionManager) SetManagerOptions Uses

func (m *DefaultExtensionManager) SetManagerOptions(o ManagerOptions)

SetManagerOptions sets the ManagerOptions with the provided one

func (*DefaultExtensionManager) Start Uses

func (m *DefaultExtensionManager) Start() error

Start starts the Manager infinite loop, and returns an error on failure

func (*DefaultExtensionManager) Stop Uses

func (m *DefaultExtensionManager) Stop()

func (*DefaultExtensionManager) Watch Uses

func (m *DefaultExtensionManager) Watch() error

Watch starts the Watchers Manager infinite loop, and returns an error on failure

type DefaultMutatingWebhook Uses

type DefaultMutatingWebhook struct {

    // EiriniExtension is the Eirini extension associated with the webhook
    EiriniExtension Extension

    // EiriniExtensionManager is the Manager which will be injected into the Handle.
    EiriniExtensionManager Manager

    // FilterEiriniApps indicates if the webhook will filter Eirini apps or not.
    FilterEiriniApps bool

    // Name is the name of the webhook
    Name string
    // Path is the path this webhook will serve.
    Path string
    // Rules maps to the Rules field in admissionregistrationv1beta1.Webhook
    Rules []admissionregistrationv1beta1.RuleWithOperations
    // FailurePolicy maps to the FailurePolicy field in admissionregistrationv1beta1.Webhook
    // This optional. If not set, will be defaulted to Ignore (fail-open) by the server.
    // More details: https://github.com/kubernetes/api/blob/f5c295feaba2cbc946f0bbb8b535fc5f6a0345ee/admissionregistration/v1beta1/types.go#L144-L147
    FailurePolicy admissionregistrationv1beta1.FailurePolicyType
    // NamespaceSelector maps to the NamespaceSelector field in admissionregistrationv1beta1.Webhook
    // This optional.
    NamespaceSelector *metav1.LabelSelector
    // Handlers contains a list of handlers. Each handler may only contains the business logic for its own feature.
    // For example, feature foo and bar can be in the same webhook if all the other configurations are the same.
    // The handler will be invoked sequentially as the order in the list.
    // Note: if you are using mutating webhook with multiple handlers, it's your responsibility to
    // ensure the handlers are not generating conflicting JSON patches.
    Handler admission.Handler
    // Webhook contains the Admission webhook information that we register with the controller runtime.
    Webhook *webhook.Admission
    // contains filtered or unexported fields

DefaultMutatingWebhook is the implementation of the Webhook generated out of the Eirini Extension

func (*DefaultMutatingWebhook) GetFailurePolicy Uses

func (w *DefaultMutatingWebhook) GetFailurePolicy() admissionregistrationv1beta1.FailurePolicyType

func (*DefaultMutatingWebhook) GetHandler Uses

func (w *DefaultMutatingWebhook) GetHandler() admission.Handler

func (*DefaultMutatingWebhook) GetLabelSelector Uses

func (w *DefaultMutatingWebhook) GetLabelSelector() *metav1.LabelSelector

func (*DefaultMutatingWebhook) GetName Uses

func (w *DefaultMutatingWebhook) GetName() string

func (*DefaultMutatingWebhook) GetNamespaceSelector Uses

func (w *DefaultMutatingWebhook) GetNamespaceSelector() *metav1.LabelSelector

func (*DefaultMutatingWebhook) GetPath Uses

func (w *DefaultMutatingWebhook) GetPath() string

func (*DefaultMutatingWebhook) GetPod Uses

func (w *DefaultMutatingWebhook) GetPod(req admission.Request) (*corev1.Pod, error)

GetPod retrieves a pod from a types.Request

func (*DefaultMutatingWebhook) GetRules Uses

func (w *DefaultMutatingWebhook) GetRules() []admissionregistrationv1beta1.RuleWithOperations

func (*DefaultMutatingWebhook) GetWebhook Uses

func (w *DefaultMutatingWebhook) GetWebhook() *webhook.Admission

func (*DefaultMutatingWebhook) Handle Uses

func (w *DefaultMutatingWebhook) Handle(ctx context.Context, req admission.Request) admission.Response

Handle delegates the Handle function to the Eirini Extension

func (*DefaultMutatingWebhook) InjectClient Uses

func (w *DefaultMutatingWebhook) InjectClient(c client.Client) error

InjectClient injects the client.

func (*DefaultMutatingWebhook) InjectDecoder Uses

func (w *DefaultMutatingWebhook) InjectDecoder(d *admission.Decoder) error

InjectDecoder injects the decoder.

func (*DefaultMutatingWebhook) RegisterAdmissionWebHook Uses

func (w *DefaultMutatingWebhook) RegisterAdmissionWebHook(server *webhook.Server, opts WebhookOptions) error

RegisterAdmissionWebHook registers the Mutating WebHook to the WebHook Server and returns the generated Admission Webhook

type Extension Uses

type Extension interface {
    // Handle handles a kubernetes request.
    // It is the main entry point of the Eirini extensions and the arguments are the
    // decoded payloads from the kubeapi server.
    // The manager will attempt to decode a pod from the request if possible and passes it to the Manager.
    Handle(context.Context, Manager, *corev1.Pod, admission.Request) admission.Response

Extension is the Eirini Extension interface

An Eirini Extension must implement it by providing only an Handle method which will be used as a response to the kube api server.

The Extension typically returns a set of patches defining the difference between the pod received in the request and the wanted state from the Extension.

type Manager Uses

type Manager interface {

    // AddExtension adds an Extension to the manager
    // The manager later on, will register the Extension when Start() is being called.
    AddExtension(v interface{}) error

    // AddReconciler adds a Reconciler Extension to the manager
    // The manager later on, will register the Extension when Start() is being called.
    AddReconciler(r Reconciler)

    // Start starts the manager infinite loop.
    // Registers all the Extensions and generates
    // the respective mutating webhooks.
    // Returns error in case of failure.
    Start() error

    // ListExtensions returns a list of the current loaded Extension
    ListExtensions() []Extension

    // ListReconcilers returns a list of the current loaded Reconcilers
    ListReconcilers() []Reconciler

    // GetContext returns the context of the manager, which can be used in internall cals by extension
    GetContext() context.Context

    // GetKubeManager returns the kubernetes manager which can be used by Reconcilers to perform
    // direct requests
    GetKubeManager() manager.Manager

    // GetKubeConnection sets up a kube connection if not already present
    // Returns the rest config used to establish a connection to the kubernetes cluster.
    GetKubeConnection() (*rest.Config, error)

    // GetKubeClient sets up a kube client if not already present
    // Returns the kubernetes interface.
    GetKubeClient() (corev1client.CoreV1Interface, error)

    // GetLogger returns the logger of the application. It can be passed an already existing one
    // by using NewManager()
    GetLogger() *zap.SugaredLogger

    // Watch starts the main loop for the registered watchers
    Watch() error

    // AddWatcher register a watcher to EiriniX
    AddWatcher(w Watcher)

    // Helper to compute the patch from a pod update
    PatchFromPod(req admission.Request, pod *corev1.Pod) admission.Response

    // Register Extensions to the kubernetes cluster.
    RegisterExtensions() error

    // Stop stops the manager execution

    // SetManagerOptions it is a setter for the ManagerOptions

    // GetManagerOptions returns current ManagerOptions
    GetManagerOptions() ManagerOptions

Manager is the interface of the manager for registering Eirini extensions

It will generate webhooks that will satisfy the MutatingWebhook interface from the defined Extensions.

func NewManager Uses

func NewManager(opts ManagerOptions) Manager

NewManager returns a manager for the kubernetes cluster. the kubeconfig file and the logger are optional

type ManagerOptions Uses

type ManagerOptions struct {

    // Namespace is the namespace where pods will trigger the extension. Use empty to trigger on all namespaces.
    Namespace string

    // Host is the listening host address for the Manager
    Host string

    // Port is the listening port
    Port int32

    // Context is the context to be used for Kube requests. Leave it empty for automatic generation
    Context *context.Context

    // KubeConfig is the kubeconfig path. Optional, omit for in-cluster connection
    KubeConfig string

    // Logger is the default logger. Optional, if omitted a new one will be created
    Logger *zap.SugaredLogger

    // FailurePolicy default failure policy for the webhook server.  Optional, defaults to fail
    FailurePolicy *admissionregistrationv1beta1.FailurePolicyType

    // FilterEiriniApps enables or disables Eirini apps filters.  Optional, defaults to true
    FilterEiriniApps *bool

    // OperatorFingerprint is a unique string identifiying the Manager.  Optional, defaults to eirini-x
    OperatorFingerprint string

    // SetupCertificateName is the name of the generated certificates.  Optional, defaults uses OperatorFingerprint to generate a new one
    SetupCertificateName string

    // RegisterWebHook enables or disables automatic registering of webhooks. Defaults to true
    RegisterWebHook *bool

    // SetupCertificate enables or disables automatic certificate generation. Defaults to true
    SetupCertificate *bool

    // ServiceName registers the Extension as a MutatingWebhook reachable by a service
    ServiceName string

    // WebhookNamespace, when ServiceName is supplied, a WebhookNamespace is required to indicate in which namespace the webhook service runs on
    WebhookNamespace string

    // WatcherStartRV is the starting ResourceVersion of the PodList which is being watched (see Kubernetes #74022).
    // If omitted, it will start watching from the current RV.
    WatcherStartRV string

ManagerOptions represent the Runtime manager options

type MutatingWebhook Uses

type MutatingWebhook interface {
    Handle(context.Context, admission.Request) admission.Response
    InjectClient(c client.Client) error
    InjectDecoder(d *admission.Decoder) error
    RegisterAdmissionWebHook(*webhook.Server, WebhookOptions) error

    GetName() string
    GetPath() string
    GetRules() []admissionregistrationv1beta1.RuleWithOperations
    GetFailurePolicy() admissionregistrationv1beta1.FailurePolicyType
    GetNamespaceSelector() *metav1.LabelSelector
    GetLabelSelector() *metav1.LabelSelector
    GetHandler() admission.Handler
    GetWebhook() *webhook.Admission

MutatingWebhook is the interface of the generated webhook from the Extension

It represent the minimal set of methods that the libraries used behind the scenes expect from a structure that implements a Mutating Webhook

func NewWebhook Uses

func NewWebhook(e Extension, m Manager) MutatingWebhook

NewWebhook returns a MutatingWebhook out of an Eirini Extension

type Reconciler Uses

type Reconciler interface {
    Reconcile(request reconcile.Request) (reconcile.Result, error)
    Register(Manager) error

Reconciler is the Eirini Reconciler Extension interface

An Eirini Reconciler must implement a Reconcile method which is called when a new request is being created.

type Watcher Uses

type Watcher interface {
    Handle(Manager, watch.Event)

Watcher is the Eirini Watcher Extension interface.

An Eirini Watcher must implement a Handle method, which is called with the event that occurred in the namespace.

type WatcherChannelClosedError Uses

type WatcherChannelClosedError struct {
    // contains filtered or unexported fields

WatcherChannelClosedError can be used to filter for "watcher channel closed" in a block like this: if err, ok := err.(*extension.WatcherChannelClosedError); ok { // Do things }

func (*WatcherChannelClosedError) Error Uses

func (e *WatcherChannelClosedError) Error() string

Error implements the error Interface for WatcherChannelClosedError

type WebhookConfig Uses

type WebhookConfig struct {
    ConfigName    string
    CertDir       string
    Certificate   []byte
    Key           []byte
    CaCertificate []byte
    CaKey         []byte
    // contains filtered or unexported fields

WebhookConfig generates certificates and the configuration for the webhook server

func NewWebhookConfig Uses

func NewWebhookConfig(c client.Client, config *Config, generator credsgen.Generator, configName string, setupCertificateName string, serviceName string, webhookNamespace string) *WebhookConfig

NewWebhookConfig returns a new WebhookConfig

func (*WebhookConfig) GenerateAdmissionWebhook Uses

func (f *WebhookConfig) GenerateAdmissionWebhook(webhooks []MutatingWebhook) []admissionregistrationv1beta1.MutatingWebhook

type WebhookOptions Uses

type WebhookOptions struct {
    ID             string // Webhook path will be generated out of that
    MatchLabels    map[string]string
    Manager        manager.Manager
    ManagerOptions ManagerOptions

WebhookOptions are the options required to register a WebHook to the WebHook server


testingPackage testing contains methods to create test data.
testing/fakesCode generated by counterfeiter.

Package extension imports 39 packages (graph) and is imported by 6 packages. Updated 2020-09-16. Refresh now. Tools for package owners.