apiserver: k8s.io/apiserver/pkg/util/webhook Index | Files

package webhook

import "k8s.io/apiserver/pkg/util/webhook"

Package webhook implements a generic HTTP webhook plugin.


Package Files

authentication.go client.go error.go serviceresolver.go validation.go webhook.go

func DefaultRetryBackoffWithInitialDelay Uses

func DefaultRetryBackoffWithInitialDelay(initialBackoffDelay time.Duration) wait.Backoff

DefaultRetryBackoffWithInitialDelay returns the default backoff parameters for webhook retry from a given initial delay. Handy for the client that provides a custom initial delay only.

func DefaultShouldRetry Uses

func DefaultShouldRetry(err error) bool

DefaultShouldRetry is a default implementation for the GenericWebhook ShouldRetry function property. If the error reason is one of: networking (connection reset) or http (InternalServerError (500), GatewayTimeout (504), TooManyRequests (429)), or apierrors.SuggestsClientDelay() returns true, then the function advises a retry. Otherwise it returns false for an immediate fail.

func ValidateWebhookService Uses

func ValidateWebhookService(fldPath *field.Path, namespace, name string, path *string, port int32) field.ErrorList

func ValidateWebhookURL Uses

func ValidateWebhookURL(fldPath *field.Path, URL string, forceHttps bool) field.ErrorList

ValidateWebhookURL validates webhook's URL.

func WithExponentialBackoff Uses

func WithExponentialBackoff(ctx context.Context, retryBackoff wait.Backoff, webhookFn func() error, shouldRetry func(error) bool) error

WithExponentialBackoff will retry webhookFn up to 5 times with exponentially increasing backoff when it returns an error for which shouldRetry returns true, confirming it to be retriable.

type AuthenticationInfoResolver Uses

type AuthenticationInfoResolver interface {
    // ClientConfigFor builds rest.Config based on the hostPort.
    ClientConfigFor(hostPort string) (*rest.Config, error)
    // ClientConfigForService builds rest.Config based on the serviceName and
    // serviceNamespace.
    ClientConfigForService(serviceName, serviceNamespace string, servicePort int) (*rest.Config, error)

AuthenticationInfoResolver builds rest.Config base on the server or service name and service namespace.

func NewDefaultAuthenticationInfoResolver Uses

func NewDefaultAuthenticationInfoResolver(kubeconfigFile string) (AuthenticationInfoResolver, error)

NewDefaultAuthenticationInfoResolver generates an AuthenticationInfoResolver that builds rest.Config based on the kubeconfig file. kubeconfigFile is the path to the kubeconfig.

type AuthenticationInfoResolverDelegator Uses

type AuthenticationInfoResolverDelegator struct {
    ClientConfigForFunc        func(hostPort string) (*rest.Config, error)
    ClientConfigForServiceFunc func(serviceName, serviceNamespace string, servicePort int) (*rest.Config, error)

AuthenticationInfoResolverDelegator implements AuthenticationInfoResolver.

func (*AuthenticationInfoResolverDelegator) ClientConfigFor Uses

func (a *AuthenticationInfoResolverDelegator) ClientConfigFor(hostPort string) (*rest.Config, error)

ClientConfigFor returns client config for given hostPort.

func (*AuthenticationInfoResolverDelegator) ClientConfigForService Uses

func (a *AuthenticationInfoResolverDelegator) ClientConfigForService(serviceName, serviceNamespace string, servicePort int) (*rest.Config, error)

ClientConfigForService returns client config for given service.

type AuthenticationInfoResolverWrapper Uses

type AuthenticationInfoResolverWrapper func(AuthenticationInfoResolver) AuthenticationInfoResolver

AuthenticationInfoResolverWrapper can be used to inject Dial function to the rest.Config generated by the resolver.

func NewDefaultAuthenticationInfoResolverWrapper Uses

func NewDefaultAuthenticationInfoResolverWrapper(
    proxyTransport *http.Transport,
    egressSelector *egressselector.EgressSelector,
    kubeapiserverClientConfig *rest.Config) AuthenticationInfoResolverWrapper

NewDefaultAuthenticationInfoResolverWrapper builds a default authn resolver wrapper

type ClientConfig Uses

type ClientConfig struct {
    Name     string
    URL      string
    CABundle []byte
    Service  *ClientConfigService

ClientConfig defines parameters required for creating a hook client.

type ClientConfigService Uses

type ClientConfigService struct {
    Name      string
    Namespace string
    Path      string
    Port      int32

ClientConfigService defines service discovery parameters of the webhook.

type ClientManager Uses

type ClientManager struct {
    // contains filtered or unexported fields

ClientManager builds REST clients to talk to webhooks. It caches the clients to avoid duplicate creation.

func NewClientManager Uses

func NewClientManager(gvs []schema.GroupVersion, addToSchemaFuncs ...func(s *runtime.Scheme) error) (ClientManager, error)

NewClientManager creates a clientManager.

func (*ClientManager) HookClient Uses

func (cm *ClientManager) HookClient(cc ClientConfig) (*rest.RESTClient, error)

HookClient get a RESTClient from the cache, or constructs one based on the webhook configuration.

func (*ClientManager) SetAuthenticationInfoResolver Uses

func (cm *ClientManager) SetAuthenticationInfoResolver(resolver AuthenticationInfoResolver)

SetAuthenticationInfoResolver sets the AuthenticationInfoResolver.

func (*ClientManager) SetAuthenticationInfoResolverWrapper Uses

func (cm *ClientManager) SetAuthenticationInfoResolverWrapper(wrapper AuthenticationInfoResolverWrapper)

SetAuthenticationInfoResolverWrapper sets the AuthenticationInfoResolverWrapper.

func (*ClientManager) SetServiceResolver Uses

func (cm *ClientManager) SetServiceResolver(sr ServiceResolver)

SetServiceResolver sets the ServiceResolver.

func (*ClientManager) Validate Uses

func (cm *ClientManager) Validate() error

Validate checks if ClientManager is properly set up.

type ErrCallingWebhook Uses

type ErrCallingWebhook struct {
    WebhookName string
    Reason      error

ErrCallingWebhook is returned for transport-layer errors calling webhooks. It represents a failure to talk to the webhook, not the webhook rejecting a request.

func (*ErrCallingWebhook) Error Uses

func (e *ErrCallingWebhook) Error() string

type ErrWebhookRejection Uses

type ErrWebhookRejection struct {
    Status *apierrors.StatusError

ErrWebhookRejection represents a webhook properly rejecting a request.

func (*ErrWebhookRejection) Error Uses

func (e *ErrWebhookRejection) Error() string

type GenericWebhook Uses

type GenericWebhook struct {
    RestClient   *rest.RESTClient
    RetryBackoff wait.Backoff
    ShouldRetry  func(error) bool

GenericWebhook defines a generic client for webhooks with commonly used capabilities, such as retry requests.

func NewGenericWebhook Uses

func NewGenericWebhook(scheme *runtime.Scheme, codecFactory serializer.CodecFactory, kubeConfigFile string, groupVersions []schema.GroupVersion, retryBackoff wait.Backoff, customDial utilnet.DialFunc) (*GenericWebhook, error)

NewGenericWebhook creates a new GenericWebhook from the provided kubeconfig file.

func (*GenericWebhook) WithExponentialBackoff Uses

func (g *GenericWebhook) WithExponentialBackoff(ctx context.Context, webhookFn func() rest.Result) rest.Result

WithExponentialBackoff will retry webhookFn() as specified by the given backoff parameters with exponentially increasing backoff when it returns an error for which this GenericWebhook's ShouldRetry function returns true, confirming it to be retriable. If no ShouldRetry has been defined for the webhook, then the default one is used (DefaultShouldRetry).

type ServiceResolver Uses

type ServiceResolver interface {
    ResolveEndpoint(namespace, name string, port int32) (*url.URL, error)

ServiceResolver knows how to convert a service reference into an actual location.

func NewDefaultServiceResolver Uses

func NewDefaultServiceResolver() ServiceResolver

NewDefaultServiceResolver creates a new default server resolver.

Package webhook imports 26 packages (graph) and is imported by 77 packages. Updated 2020-11-02. Refresh now. Tools for package owners.