The highest tagged major version is
Documentation
¶
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HasTemplate ¶
HasTemplate performs a simple check for the template start delimiter to indicate if the input byte slice has a template. If the startDelim argument is an empty string, the default start delimiter of "{{" will be used.
Types ¶
type Config ¶
type Config struct {
AdditionalIndentation uint
DisabledFunctions []string
KubeAPIResourceList []*metav1.APIResourceList
LookupNamespace string
StartDelim string
StopDelim string
}
Config is a struct containing configuration for the API. Some are required.
- AdditionalIndentation sets the number of additional spaces to be added to the input number to the indent method. This is useful in situations when the indentation should be relative to a logical starting point in a YAML file.
- DisabledFunctions is a slice of default template function names that should be disabled.
- KubeAPIResourceList sets the cache for the Kubernetes API resources. If this is set, template processing will not try to rediscover the Kubernetes API resources needed for dynamic client/ GVK lookups.
- LookupNamespace is the namespace to restrict "lookup" template functions (e.g. fromConfigMap) to. If this is not set (i.e. an empty string), then all namespaces can be used.
- StartDelim customizes the start delimiter used to distinguish a template action. This defaults to "{{". If StopDelim is set, this must also be set.
- StopDelim customizes the stop delimiter used to distinguish a template action. This defaults to "}}". If StartDelim is set, this must also be set.
type TemplateResolver ¶
type TemplateResolver struct {
// contains filtered or unexported fields
}
TemplateResolver is the API for processing templates. It's better to use the NewResolver function instead of instantiating this directly so that configuration defaults and validation are applied.
func NewResolver ¶
func NewResolver(kubeClient *kubernetes.Interface, kubeConfig *rest.Config, config Config) (*TemplateResolver, error)
NewResolver creates a new TemplateResolver instance, which is the API for processing templates.
- kubeClient is the Kubernetes client to be used for the template lookup functions.
- config is the Config instance for configuration for template processing.
func (*TemplateResolver) ResolveTemplate ¶
func (t *TemplateResolver) ResolveTemplate(tmplJSON []byte, context interface{}) ([]byte, error)
ResolveTemplate accepts a map marshaled as JSON. It also accepts a struct with string fields that will be made available when the template is processed. For example, if the argument is `struct{ClusterName string}{"cluster1"}`, the value `cluster1` would be available with `{{ .ClusterName }}`. This can also be `nil` if no fields should be made available.
ResolveTemplate will process any template strings in the map and return the processed map.
Example ¶
policyYAML := `
---
apiVersion: policy.open-cluster-management.io/v1
kind: ConfigurationPolicy
metadata:
name: demo-sampleapp-config
namespace: sampleapp
spec:
remediationAction: enforce
namespaceSelector:
exclude:
- kube-*
include:
- default
object-templates:
- complianceType: musthave
objectDefinition:
kind: ConfigMap
apiVersion: v1
metadata:
name: demo-sampleapp-config
namespace: test
data:
message: '{{ "VGVtcGxhdGVzIHJvY2sh" | base64dec }}'
b64-cluster-name: '{{ .ClusterName | base64enc }}'
severity: high
`
policyJSON, err := yamlToJSON([]byte(policyYAML))
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to convert the policy YAML to JSON: %v\n", err)
panic(err)
}
// This example uses the fake Kubernetes client, but in production, use a
// real Kubernetes configuration and client
var k8sClient kubernetes.Interface = fake.NewSimpleClientset()
resolver, err := NewResolver(&k8sClient, &rest.Config{}, Config{})
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to instantiate the templatesResolver struct: %v\n", err)
panic(err)
}
templateContext := struct{ ClusterName string }{ClusterName: "cluster0001"}
policyResolvedJSON, err := resolver.ResolveTemplate(policyJSON, templateContext)
if err != nil {
fmt.Fprintf(os.Stderr, "Failed to process the policy YAML: %v\n", err)
panic(err)
}
var policyResolved interface{}
err = yaml.Unmarshal(policyResolvedJSON, &policyResolved)
objTmpls := policyResolved.(map[string]interface{})["spec"].(map[string]interface{})["object-templates"]
objDef := objTmpls.([]interface{})[0].(map[string]interface{})["objectDefinition"]
data, ok := objDef.(map[string]interface{})["data"].(map[string]interface{})
if !ok {
fmt.Fprintf(os.Stderr, "Failed to process the policy YAML: %v\n", err)
panic(err)
}
message, ok := data["message"].(string)
if !ok {
fmt.Fprintf(os.Stderr, "Failed to process the policy YAML: %v\n", err)
panic(err)
}
b64ClusterName, ok := data["b64-cluster-name"].(string)
if !ok {
fmt.Fprintf(os.Stderr, "Failed to process the policy YAML: %v\n", err)
panic(err)
}
fmt.Println(message)
fmt.Println(b64ClusterName)
Output: Templates rock! Y2x1c3RlcjAwMDE=
Source Files