webhook

package

v0.1.0 Latest Latest Go to latest Published: Dec 23, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitlab.com/gauntletwizard_net/kubetls

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func Mutate(admReview v1beta1.AdmissionReview, pod *corev1.Pod, secretName string, ...) (mutated v1beta1.AdmissionReview)
type TLSController
- func NewTLSController() TLSController

Constants ¶

View Source

const (
	// SecretMountPath is a location that the KubeTLS server will automount secrets to.
	// It matches other automatically generated secrets, like the ServiceAccountToken and
	// AWS's OAUTH implementation.
	SecretMountPath = "/var/run/secrets/gauntletwizard.net/tls"
)

Variables ¶

This section is empty.

Functions ¶

func Mutate ¶

func Mutate(admReview v1beta1.AdmissionReview, pod *corev1.Pod, secretName string, generatedName bool) (mutated v1beta1.AdmissionReview)

Types ¶

type TLSController ¶

type TLSController struct {
	Ss   serviceService.ServiceService
	Tlss tlsService.TlsService
	// contains filtered or unexported fields
}

TLSController is a controller that implements our Webhooks

This assumes that the requests have come just from within the cluster,
which should be enforced by checking the client certificate

func NewTLSController ¶

func NewTLSController() TLSController

NewTLSController is deprecated; instantiation is done in cmd/ instead

func (TLSController) AcceptWebhook ¶

func (s TLSController) AcceptWebhook(w http.ResponseWriter, r *http.Request)

AcceptWebhook handles a Kubernetes AdmissionRequest https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#request

func (TLSController) DebugAcceptWebhook ¶

func (s TLSController) DebugAcceptWebhook(w http.ResponseWriter, r *http.Request)

DebugAcceptWebhook parses the request, prints it to stdout, and returns an "allow" review.

func (TLSController) DebugCopyWebhook ¶

func (s TLSController) DebugCopyWebhook(w http.ResponseWriter, r *http.Request)

DebugCopyWebhook simply writes the HTTP Request body back to the response

func (TLSController) DebugParseWebhook ¶

func (s TLSController) DebugParseWebhook(w http.ResponseWriter, r *http.Request)

DebugParseWebhook does a roundtrip Unmarshal -> Marshall of the received

func (TLSController) ServicesAcceptWebhook ¶

func (s TLSController) ServicesAcceptWebhook(w http.ResponseWriter, r *http.Request)

ServicesAcceptWebhook handles a Kubernetes AdmissionRequest It differs from the "standard" webhook in that it creates a secret for a set of (serviceaccount, []services), potentially speeding up admission time (but forefeiting the per-pod hostname)

Source Files ¶

View all Source files

TLSController.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL