Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewArgoCDApplicationValidator

func NewArgoCDApplicationValidator(c client.Client, dec *admission.Decoder, config *ArgoCDApplicationValidatorConfig) http.Handler

NewArgoCDApplicationValidator creates a webhook handler for ArgoCD Application.

func NewCalicoNetworkPolicyValidator

func NewCalicoNetworkPolicyValidator(c client.Client, dec *admission.Decoder, minOrder float64) http.Handler

NewCalicoNetworkPolicyValidator creates a webhook handler for Calico NetworkPolicy. The validator denies policies whose order is less than or equal to the given order. The default order is minOrder. This default can be changed per Namespace by annotating the namespace with "admission.cybozu.com/min-policy-order".

func NewContourHTTPProxyMutator

func NewContourHTTPProxyMutator(c client.Client, dec *admission.Decoder, defaultClass string) http.Handler

NewContourHTTPProxyMutator creates a webhook handler for Contour HTTPProxy.

func NewContourHTTPProxyValidator

func NewContourHTTPProxyValidator(c client.Client, dec *admission.Decoder) http.Handler

NewContourHTTPProxyValidator creates a webhook handler for Contour HTTPProxy.

func NewDeleteValidator

func NewDeleteValidator(c client.Client, dec *admission.Decoder) http.Handler

NewDeleteValidator creates a webhook handler to validate DELETE requests.

func NewGrafanaDashboardValidator

func NewGrafanaDashboardValidator(c client.Client, dec *admission.Decoder) http.Handler

NewGrafanaDashboardValidator creates a webhook handler for GrafanaDashboard.

func NewPodMutator

func NewPodMutator(c client.Client, dec *admission.Decoder) http.Handler

NewPodMutator creates a webhook handler for Pod.

func NewServiceValidator

func NewServiceValidator(c client.Client, dec *admission.Decoder) http.Handler

NewServiceValidator creates a webhook handler to reject Service with the externalIPs field filled. Please refer to CVE-2020-8554 https://github.com/kubernetes/kubernetes/issues/97076 for details.

Types

type ArgoCDApplicationRule

type ArgoCDApplicationRule struct {
	Repository string   `json:"repository"`
	Projects   []string `json:"projects"`
}

ArgoCDApplicationRule is a rule for applications

type ArgoCDApplicationValidatorConfig

type ArgoCDApplicationValidatorConfig struct {
	Rules []ArgoCDApplicationRule `json:"rules"`
}

ArgoCDApplicationValidatorConfig is a config for application validator

type Config

type Config struct {
	ArgoCDApplicationValidatorConfig ArgoCDApplicationValidatorConfig `json:"ArgoCDApplicationValidator"`
}

Config is a config for neco-admission