README
¶
ezadmis
Tools for building and registering Kubernetes admission webhooks
Usage
The library ezadmis can reduce the complexity of writing a kubernetes admission webhook
.
All things you have to do is to implement a handler function.
type WebhookHandler func(ctx context.Context, req *admissionv1.AdmissionRequest, rw WebhookResponseWriter) (err error)
- Parameters
ctx, context of incoming requestrequest, incomingAdmissionRequestpatches, an optional output of JSONPatch operations for mutating webhook
- Return Values
deny, if not empty, indicating thisAdmissionRequestshould be denied, and a message will be returnederr, error occurred
Example
Tools
This repository provides two important tools
-
Reduce the complexity of installing an admission webhook
-
Print the incoming
AdmissionReviewrequest for debugging
Extra Tools
See https://github.com/yankeguo/ezadmis-extra
Credits
GUO YANKE, MIT License
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func WrapWebhookHandler ¶
func WrapWebhookHandler(opts WrapWebhookHandlerOptions, handler WebhookHandler) http.HandlerFunc
WrapWebhookHandler wrap WebhookHandler to http.HandlerFunc
Types ¶
type WebhookHandler ¶
type WebhookHandler func(ctx context.Context, req *admissionv1.AdmissionRequest, rw WebhookResponseWriter) (err error)
WebhookHandler function to modify incoming kubernetes resource;
type WebhookResponseWriter ¶
type WebhookResponseWriter interface {
// Deny deny this admission request
Deny(deny string)
// PatchRaw append a raw JSONPatch operation
PatchRaw(patch map[string]any)
// PatchAdd append a JSONPatch 'add' operation
PatchAdd(path string, value any)
// PatchRemove append a JSONPatch 'remove' operation
PatchRemove(path string)
// PatchReplace append a JSONPatch 'replace' operation
PatchReplace(path string, value any)
// PatchCopy append a JSONPatch 'copy' operation
PatchCopy(path string, from string)
// PatchMove append a JSONPatch 'move' operation
PatchMove(path string, from string)
// PatchTest append a JSONPatch 'test' operation
PatchTest(path string, value any)
// Build build a admission response
Build(uid types.UID) (res *admissionv1.AdmissionResponse, err error)
}
WebhookResponseWriter response writer for WebhookHandler
type WebhookServer ¶
type WebhookServer interface {
// ListenAndServe wraps internal http.Server#ListenAndServeTLS()
ListenAndServe() error
// ListenAndServeGracefully ListenAndServe() with signal handling, perfect for using
// inside main() as the only component
ListenAndServeGracefully() error
// Shutdown wraps internal http.Server#Shutdown()
Shutdown(ctx context.Context) error
}
WebhookServer webhook server abstraction
func NewWebhookServer ¶
func NewWebhookServer(opts WebhookServerOptions) WebhookServer
NewWebhookServer create a WebhookServer
type WebhookServerOptions ¶
type WebhookServerOptions struct {
Port int
CertFile string
KeyFile string
Debug bool
Handler WebhookHandler
}
WebhookServerOptions options for WebhookServer
func DefaultWebhookServerOptions ¶
func DefaultWebhookServerOptions() WebhookServerOptions
DefaultWebhookServerOptions returns default options for WebhookServer
type WrapWebhookHandlerOptions ¶
type WrapWebhookHandlerOptions struct {
Debug bool
}
WrapWebhookHandlerOptions options for wrapping WebhookHandler
Source Files
Directories