controller-runtime: sigs.k8s.io/controller-runtime/pkg/webhook Index | Files | Directories

package webhook

import "sigs.k8s.io/controller-runtime/pkg/webhook"

Package webhook provides methods to build and bootstrap a webhook server.

Currently, it only supports admission webhooks. It will support CRD conversion webhooks in the near future.

Build webhooks

// mgr is the manager that runs the server.
webhook1, err := NewWebhookBuilder().
	Name("foo.k8s.io").
	Mutating().
	Path("/mutating-pods").
	Handlers(mutatingHandler1, mutatingHandler2).
	Build()
if err != nil {
	// handle error
}

webhook2, err := NewWebhookBuilder().
	Name("bar.k8s.io").
	Validating().
	Path("/validating-deployment").
	Handlers(validatingHandler1).
	Build()
if err != nil {
	// handle error
}

Create a webhook server.

as, err := NewServer("baz-admission-server", mgr, ServerOptions{
	CertDir: "/tmp/cert",
})
if err != nil {
	// handle error
}

Register the webhooks in the server.

err = as.Register(webhook1, webhook2)
if err != nil {
	// handle error
}

Start the server by starting the manager

err := mrg.Start(signals.SetupSignalHandler())
if err != nil {
	// handle error
}

Index

Package Files

doc.go server.go

type Server Uses

type Server struct {
    // ServerOptions contains options for configuring the admission server.
    ServerOptions
    // contains filtered or unexported fields
}

Server is an admission webhook server that can serve traffic and generates related k8s resources for deploying.

func NewServer Uses

func NewServer(mgr manager.Manager, options ServerOptions) (*Server, error)

NewServer creates a new admission webhook server.

func (*Server) Handle Uses

func (s *Server) Handle(pattern string, handler http.Handler)

Handle registers a http.Handler for the given pattern.

func (*Server) InjectFunc Uses

func (s *Server) InjectFunc(f inject.Func) error

InjectFunc injects dependencies into the handlers.

func (*Server) Register Uses

func (s *Server) Register(webhooks ...Webhook) error

Register validates and registers webhook(s) in the server

func (*Server) Start Uses

func (s *Server) Start(stop <-chan struct{}) error

Start runs the server. It will install the webhook related resources depend on the server configuration.

type ServerOptions Uses

type ServerOptions struct {
    // Address that the server will listen on.
    // Defaults to "" - all addresses.
    Host string

    // Port is the port number that the server will serve.
    // It will be defaulted to 443 if unspecified.
    Port int32

    // CertDir is the directory that contains the server key and certificate.
    // If using FSCertWriter in Provisioner, the server itself will provision the certificate and
    // store it in this directory.
    // If using SecretCertWriter in Provisioner, the server will provision the certificate in a secret,
    // the user is responsible to mount the secret to the this location for the server to consume.
    CertDir string
}

ServerOptions are options for configuring an admission webhook server.

type Webhook Uses

type Webhook interface {
    http.Handler

    // GetPath returns the path that the webhook registered.
    GetPath() string
    // Handler returns a http.Handler for the webhook.
    Handler() http.Handler
    // Validate validates if the webhook itself is valid.
    // If invalid, a non-nil error will be returned.
    Validate() error
}

Webhook defines the basics that a webhook should support.

Directories

PathSynopsis
admissionPackage admission provides implementation for admission webhook and methods to implement admission webhook handlers.
admission/builderPackage builder provides methods to build admission webhooks.
admission/types
internal/certPackage cert provides functions to manage certificates for webhookClientConfiguration.
internal/cert/writerPackage writer provides method to provision and persist the certificates.
types

Package webhook imports 10 packages (graph) and is imported by 8 packages. Updated 2019-02-16. Refresh now. Tools for package owners.