admission

package
v5.0.0-preview.1+incom... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2022 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	UriAdmCtrlPrefix   = "/v1"
	UriAdmCtrlNvStatus = "nvstatus"
)
View Source 
const (
	K8sResOpCreate = "create"
	K8sResOpUpdate = "update"
	K8sResOpDelete = "delete"
)
View Source 
const (
	TestSucceeded = iota
	TestFailedAtRead
	TestFailedAtWrite
	TestFailed
	TestAborted
)
View Source 
const (
	AdmRuleCatK8s = "Kubernetes"
)
View Source 
const (
	//NvAdmMutateType   = "mutate" // for Kubernetes
	NvAdmValidateType = "validate" // for Kubernetes
)

Variables

This section is empty.

Functions

func ConfigK8sAdmissionControl 

func ConfigK8sAdmissionControl(k8sResInfo ValidatingWebhookConfigInfo, ctrlState *share.CLUSAdmCtrlState) (bool, error)

func EchoAdmWebhookConnection 

func EchoAdmWebhookConnection(tagExpected, svcname string)

func GetAdmissionCtrlTypes 

func GetAdmissionCtrlTypes(platform string) []string

func GetSvcLabelKeysForTest 

func GetSvcLabelKeysForTest(svcname string) (string, string)

func InitK8sNsSelectorInfo 

func InitK8sNsSelectorInfo(allowedNS, allowedNsWild utils.Set, selectorValue string, admCtrlEnabled bool)

func IsNsSelectorSupported 

func IsNsSelectorSupported() bool

func ResetCABundle 

func ResetCABundle(svcName string, caBundle []byte) bool

func SetCABundle 

func SetCABundle(svcName string, caBundle []byte)

func TestAdmWebhookConnection 

func TestAdmWebhookConnection(svcname string) (int, error)

func UnregK8sAdmissionControl 

func UnregK8sAdmissionControl(admType, nvAdmName string) error

func UpdateAllowedK8sNs 

func UpdateAllowedK8sNs(isLead, admCtrlEnabled bool, newAllowedNS, newAllowedNsWild utils.Set)

func ValidateK8sSetting 

func ValidateK8sSetting(k8sResInfo ValidatingWebhookConfigInfo) bool

func VerifyAdmClusterRole 

func VerifyAdmClusterRole() (bool, error)

https://kubernetes.io/docs/reference/using-api/deprecation-guide/ The rbac.authorization.k8s.io/v1beta1 API version of ClusterRole, ClusterRoleBinding, Role, and RoleBinding is no longer served as of v1.22.

func VerifyAdmClusterRoleBinding 

func VerifyAdmClusterRoleBinding() (bool, error)

func VerifyK8sNs 

func VerifyK8sNs(admCtrlEnabled bool, nsName string, nsLabels map[string]string)

Types

type ClientConfig 

type ClientConfig struct {
	ClientMode  string // "service" or "url"
	ServiceName string
	Path        string // uri
	Port        int32
}

type ValidateWebhookSvcInfo 

type ValidateWebhookSvcInfo struct {
	Status      int
	SvcNodePort int32
	SvcType     string
	LabelTag    string
	LabelEcho   string
}

func GetValidateWebhookSvcInfo 

func GetValidateWebhookSvcInfo(svcname string) (error, *ValidateWebhookSvcInfo)

type ValidatingWebhookConfigInfo 

type ValidatingWebhookConfigInfo struct {
	Name         string
	WebhooksInfo []*WebhookInfo
}

type WebhookInfo 

type WebhookInfo struct {
	Name           string
	ClientConfig   ClientConfig
	FailurePolicy  string
	TimeoutSeconds int32
}

type WebhookSvcLabelKey 

type WebhookSvcLabelKey struct {
	TagKey  string
	EchoKey string
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.