validation

Documentation

Index

• Variables
• func RunValidation(vc *WebhookParameters, kubeConfig string, ...)
• type Webhook
  • func NewWebhook(p WebhookParameters) (*Webhook, error)
  • func (wh *Webhook) Run(stopCh <-chan struct{})
• type WebhookParameters
  • func DefaultArgs() *WebhookParameters
  • func (p *WebhookParameters) String() string
  • func (args *WebhookParameters) Validate() error

Variables

var (
	// ErrorTag holds the error for the context.
	ErrorTag tag.Key

	// GroupTag holds the resource group for the context.
	GroupTag tag.Key

	// VersionTag holds the resource version for the context.
	VersionTag tag.Key

	// ResourceTag holds the resource name for the context.
	ResourceTag tag.Key

	// ReasonTag holds the error reason for the context.
	ReasonTag tag.Key

	// StatusTag holds the error code for the context.
	StatusTag tag.Key
)

Functions

func RunValidation

func RunValidation(vc *WebhookParameters, kubeConfig string,
	livenessProbeController, readinessProbeController probe.Controller)

RunValidation start running Galley validation mode

Types

type Webhook

type Webhook struct {
	// contains filtered or unexported fields
}

Webhook implements the validating admission webhook for validating Istio configuration.

func NewWebhook

func NewWebhook(p WebhookParameters) (*Webhook, error)

NewWebhook creates a new instance of the admission webhook controller.

func (*Webhook) Run

func (wh *Webhook) Run(stopCh <-chan struct{})

Run implements the webhook server

type WebhookParameters

type WebhookParameters struct {
	// MixerValidator implements the backend validator functions for mixer configuration.
	MixerValidator store.BackendValidator

	// PilotDescriptor provides a description of all pilot configuration resources.
	PilotDescriptor model.ConfigDescriptor

	// DomainSuffix is the DNS domain suffix for Pilot CRD resources,
	// e.g. cluster.local.
	DomainSuffix string

	// Port where the webhook is served. Per k8s admission
	// registration requirements this should be 443 unless there is
	// only a single port for the service.
	Port uint

	// CertFile is the path to the x509 certificate for https.
	CertFile string

	// KeyFile is the path to the x509 private key matching `CertFile`.
	KeyFile string

	// WebhookConfigFile is the path to the validatingwebhookconfiguration
	// file that should be used for self-registration.
	WebhookConfigFile string

	// CACertFile is the path to the x509 CA bundle file.
	CACertFile string

	// DeploymentAndServiceNamespace is the namespace in which the validation deployment and service resides.
	DeploymentAndServiceNamespace string

	// Name of the k8s validatingwebhookconfiguration
	WebhookName string

	// DeploymentName is the name of the validation deployment. This, along with
	// DeploymentAndServiceNamespace, is used to set the ownerReference in the
	// validatingwebhookconfiguration. This enables k8s to clean-up the cluster-scoped
	// validatingwebhookconfiguration when the deployment is deleted.
	DeploymentName string

	// ServiceName is the name of the k8s service of the validation webhook. This is
	// used to verify endpoint readiness before registering the validatingwebhookconfiguration.
	ServiceName string

	Clientset clientset.Interface

	// Enable galley validation mode
	EnableValidation bool
}

WebhookParameters contains the configuration for the Istio Pilot validation admission controller.

func DefaultArgs

func DefaultArgs() *WebhookParameters

DefaultArgs allocates an WebhookParameters struct initialized with Webhook's default configuration.

func (*WebhookParameters) String

func (p *WebhookParameters) String() string

String produces a stringified version of the arguments for debugging.

func (*WebhookParameters) Validate

func (args *WebhookParameters) Validate() error

Validate tests if the WebhookParameters has valid params.