controller-runtime: Index | Files | Directories

package webhook

import ""

Package webhook provides methods to build and bootstrap a webhook server.

Currently, it only supports admission webhooks. It will support CRD conversion webhooks in the near future.

Build webhooks

// mgr is the manager that runs the server.
webhook1, err := NewWebhookBuilder().
	Handlers(mutatingHandler1, mutatingHandler2).
if err != nil {
	// handle error

webhook2, err := NewWebhookBuilder().
if err != nil {
	// handle error

Create a webhook server.

as, err := NewServer("baz-admission-server", mgr, ServerOptions{
	CertDir: "/tmp/cert",
if err != nil {
	// handle error

Register the webhooks in the server.

err = as.Register(webhook1, webhook2)
if err != nil {
	// handle error

Start the server by starting the manager

err := mrg.Start(signals.SetupSignalHandler())
if err != nil {
	// handle error


Package Files

doc.go server.go

type Server Uses

type Server struct {
    // ServerOptions contains options for configuring the admission server.
    // contains filtered or unexported fields

Server is an admission webhook server that can serve traffic and generates related k8s resources for deploying.

func NewServer Uses

func NewServer(mgr manager.Manager, options ServerOptions) (*Server, error)

NewServer creates a new admission webhook server.

func (*Server) Handle Uses

func (s *Server) Handle(pattern string, handler http.Handler)

Handle registers a http.Handler for the given pattern.

func (*Server) InjectFunc Uses

func (s *Server) InjectFunc(f inject.Func) error

InjectFunc injects dependencies into the handlers.

func (*Server) Register Uses

func (s *Server) Register(webhooks ...Webhook) error

Register validates and registers webhook(s) in the server

func (*Server) Start Uses

func (s *Server) Start(stop <-chan struct{}) error

Start runs the server. It will install the webhook related resources depend on the server configuration.

type ServerOptions Uses

type ServerOptions struct {
    // Address that the server will listen on.
    // Defaults to "" - all addresses.
    Host string

    // Port is the port number that the server will serve.
    // It will be defaulted to 443 if unspecified.
    Port int32

    // CertDir is the directory that contains the server key and certificate.
    // If using FSCertWriter in Provisioner, the server itself will provision the certificate and
    // store it in this directory.
    // If using SecretCertWriter in Provisioner, the server will provision the certificate in a secret,
    // the user is responsible to mount the secret to the this location for the server to consume.
    CertDir string

ServerOptions are options for configuring an admission webhook server.

type Webhook Uses

type Webhook interface {

    // GetPath returns the path that the webhook registered.
    GetPath() string
    // Handler returns a http.Handler for the webhook.
    Handler() http.Handler
    // Validate validates if the webhook itself is valid.
    // If invalid, a non-nil error will be returned.
    Validate() error

Webhook defines the basics that a webhook should support.


admissionPackage admission provides implementation for admission webhook and methods to implement admission webhook handlers.
admission/builderPackage builder provides methods to build admission webhooks.
internal/certPackage cert provides functions to manage certificates for webhookClientConfiguration.
internal/cert/writerPackage writer provides method to provision and persist the certificates.

Package webhook imports 10 packages (graph) and is imported by 8 packages. Updated 2019-02-16. Refresh now. Tools for package owners.