The highest tagged major version is
Documentation
¶
Index ¶
- Variables
- func ValidateV1Alpha1GroupSnapshot(snapshot *groupsnapshotcrdv1alpha1.VolumeGroupSnapshot) error
- func ValidateV1Alpha1GroupSnapshotContent(groupSnapcontent *groupsnapshotcrdv1alpha1.VolumeGroupSnapshotContent) error
- func ValidateV1Snapshot(snapshot *crdv1.VolumeSnapshot) error
- func ValidateV1SnapshotContent(snapcontent *crdv1.VolumeSnapshotContent) error
- type CertWatcher
- type Config
- type GroupSnapshotAdmitter
- type SnapshotAdmitter
Constants ¶
This section is empty.
Variables ¶
var ( // GroupSnapshotV1Alpha1GVR is GroupVersionResource for v1alpha1 VolumeGroupSnapshots GroupSnapshotV1Alpha1GVR = metav1.GroupVersionResource{Group: volumegroupsnapshotv1alpha1.GroupName, Version: "v1alpha1", Resource: "volumegroupsnapshots"} // GroupSnapshotContentV1Apha1GVR is GroupVersionResource for v1alpha1 VolumeGroupSnapshotContents GroupSnapshotContentV1Apha1GVR = metav1.GroupVersionResource{Group: volumegroupsnapshotv1alpha1.GroupName, Version: "v1alpha1", Resource: "volumegroupsnapshotcontents"} // GroupSnapshotClassV1Apha1GVR is GroupVersionResource for v1alpha1 VolumeGroupSnapshotClasses GroupSnapshotClassV1Apha1GVR = metav1.GroupVersionResource{Group: volumegroupsnapshotv1alpha1.GroupName, Version: "v1alpha1", Resource: "volumegroupsnapshotclasses"} )
var ( // SnapshotV1GVR is GroupVersionResource for v1 VolumeSnapshots SnapshotV1GVR = metav1.GroupVersionResource{Group: volumesnapshotv1.GroupName, Version: "v1", Resource: "volumesnapshots"} // SnapshotContentV1GVR is GroupVersionResource for v1 VolumeSnapshotContents SnapshotContentV1GVR = metav1.GroupVersionResource{Group: volumesnapshotv1.GroupName, Version: "v1", Resource: "volumesnapshotcontents"} // SnapshotContentV1GVR is GroupVersionResource for v1 VolumeSnapshotContents SnapshotClassV1GVR = metav1.GroupVersionResource{Group: volumesnapshotv1.GroupName, Version: "v1", Resource: "volumesnapshotclasses"} )
var AdmissionfuzzerFuncs = func(codecs runtimeserializer.CodecFactory) []interface{} { return []interface{}{ func(s *runtime.RawExtension, c fuzz.Continue) { u := &unstructured.Unstructured{Object: map[string]interface{}{ "apiVersion": "unknown.group/unknown", "kind": "Something", "somekey": "somevalue", }} s.Object = u }, } }
Funcs returns the fuzzer functions for the admission api group.
var CmdWebhook = &cobra.Command{ Use: "validation-webhook", Short: "Starts a HTTPS server, uses ValidatingAdmissionWebhook to perform ratcheting validation on VolumeSnapshot and VolumeSnapshotContent", Long: `Starts a HTTPS server, uses ValidatingAdmissionWebhook to perform ratcheting validation on VolumeSnapshot and VolumeSnapshotContent. After deploying it to Kubernetes cluster, the Administrator needs to create a ValidatingWebhookConfiguration in the Kubernetes cluster to register remote webhook admission controllers. Phase one of https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/177-volume-snapshot/tighten-validation-webhook-crd.md`, Args: cobra.MaximumNArgs(0), Run: main, }
CmdWebhook is used by Cobra.
Functions ¶
func ValidateV1Alpha1GroupSnapshot ¶ added in v6.3.0
func ValidateV1Alpha1GroupSnapshot(snapshot *groupsnapshotcrdv1alpha1.VolumeGroupSnapshot) error
ValidateV1Alpha1GroupSnapshot performs additional strict validation. Do NOT rely on this function to fully validate group snapshot objects. This function will only check the additional rules provided by the webhook.
func ValidateV1Alpha1GroupSnapshotContent ¶ added in v6.3.0
func ValidateV1Alpha1GroupSnapshotContent(groupSnapcontent *groupsnapshotcrdv1alpha1.VolumeGroupSnapshotContent) error
ValidateV1Alpha1GroupSnapshotContent performs additional strict validation. Do NOT rely on this function to fully validate group snapshot content objects. This function will only check the additional rules provided by the webhook.
func ValidateV1Snapshot ¶
func ValidateV1Snapshot(snapshot *crdv1.VolumeSnapshot) error
ValidateV1Snapshot performs additional strict validation. Do NOT rely on this function to fully validate snapshot objects. This function will only check the additional rules provided by the webhook.
func ValidateV1SnapshotContent ¶
func ValidateV1SnapshotContent(snapcontent *crdv1.VolumeSnapshotContent) error
ValidateV1SnapshotContent performs additional strict validation. Do NOT rely on this function to fully validate snapshot content objects. This function will only check the additional rules provided by the webhook.
Types ¶
type CertWatcher ¶
CertWatcher watches certificate and key files for changes. When either file changes, it reads and parses both and calls an optional callback with the new certificate.
func NewCertWatcher ¶
func NewCertWatcher(certPath, keyPath string) (*CertWatcher, error)
NewCertWatcher returns a new CertWatcher watching the given certificate and key.
func (*CertWatcher) GetCertificate ¶
func (cw *CertWatcher) GetCertificate(_ *tls.ClientHelloInfo) (*tls.Certificate, error)
GetCertificate fetches the currently loaded certificate, which may be nil.
func (*CertWatcher) ReadCertificate ¶
func (cw *CertWatcher) ReadCertificate() error
ReadCertificate reads the certificate and key files from disk, parses them, and updates the current certificate on the watcher. If a callback is set, it is invoked with the new certificate.
func (*CertWatcher) Start ¶
func (cw *CertWatcher) Start(ctx context.Context) error
Start starts the watch on the certificate and key files.
func (*CertWatcher) Watch ¶
func (cw *CertWatcher) Watch()
Watch reads events from the watcher's channel and reacts to changes.
type GroupSnapshotAdmitter ¶ added in v6.3.0
type GroupSnapshotAdmitter interface {
Admit(v1.AdmissionReview) *v1.AdmissionResponse
}
func NewGroupSnapshotAdmitter ¶ added in v6.3.0
func NewGroupSnapshotAdmitter(lister groupsnapshotlisters.VolumeGroupSnapshotClassLister) GroupSnapshotAdmitter
type SnapshotAdmitter ¶
type SnapshotAdmitter interface {
Admit(v1.AdmissionReview) *v1.AdmissionResponse
}
func NewSnapshotAdmitter ¶
func NewSnapshotAdmitter(lister storagelisters.VolumeSnapshotClassLister) SnapshotAdmitter
Source Files