Version: v0.0.0-...-9a03d5f Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Sep 17, 2021 License: AGPL-3.0 Imports: 25 Imported by: 0




View Source
const (
	ExpectedContentType = "application/json"
	HeaderContentType   = "Content-Type"
View Source
const (
	// Component describes a sub zone to use on the juju tld for unique resource
	// ids. For example using this component "admission" with "" would
	// yield
	Component = "admission"
View Source
const (
	// DefaultModelOperatorPort
	DefaultModelOperatorPort = int32(17071)


View Source
var (
	AdmissionGVK = schema.GroupVersionKind{
		Group:   admission.SchemeGroupVersion.Group,
		Version: admission.SchemeGroupVersion.Version,
		Kind:    "AdmissionReview",


func AdmissionPathForModel

func AdmissionPathForModel(modelUUID string) string

func Manifold

func Manifold(config ManifoldConfig) dependency.Manifold

Manifold returns a Manifold that encapsulates a Kubernetes mutating admission controller. Manifold has no outputs.


type AdmissionCreator

type AdmissionCreator interface {
	EnsureMutatingWebhookConfiguration() (func(), error)

AdmissionCreator represents a creator of mutating webhooks that is context aware of the current controller.

func NewAdmissionCreator

func NewAdmissionCreator(
	authority pki.Authority,
	namespace, modelName string,
	legacyLabels bool,
	ensureConfig func(*admission.MutatingWebhookConfiguration) (func(), error),
	service *admission.ServiceReference) (AdmissionCreator, error)

NewAdmissionCreator instantiates a new AdmissionCreator for the supplied context arguments.

type AdmissionCreatorFunc

type AdmissionCreatorFunc func() (func(), error)

AdmissionCreatorFunc is the func type of AdmissionCreator.

func (AdmissionCreatorFunc) EnsureMutatingWebhookConfiguration

func (a AdmissionCreatorFunc) EnsureMutatingWebhookConfiguration() (func(), error)

EnsureMutatingWebhookConfiguration implements AdmissionCreator interface for func type.

type Controller

type Controller struct {
	// contains filtered or unexported fields

Kubernetes controller responsible

func NewController

func NewController(
	logger Logger,
	mux Mux,
	path string,
	legacyLabels bool,
	admissionCreator AdmissionCreator,
	rbacMapper RBACMapper) (*Controller, error)

func (*Controller) Kill

func (c *Controller) Kill()

func (*Controller) Wait

func (c *Controller) Wait() error

type K8sBroker

type K8sBroker interface {
	// CurrentModel returns the current model the broker is targeting
	CurrentModel() string

	// GetCurrentNamespace returns the current namespace being targeted on the
	// broker
	GetCurrentNamespace() string

	// EnsureMutatingWebhookConfiguration make the supplied webhook config exist
	// inside the k8s cluster if it currently does not. Return values is a
	// cleanup function that will destroy the webhook configuration from k8s
	// when called and a subsequent error if there was a problem. If error is
	// not nil then no other return values should be considered valid.
	EnsureMutatingWebhookConfiguration(*admission.MutatingWebhookConfiguration) (func(), error)

	// IsLegacyLabels reports if the k8s broker requires legacy labels to be
	// used for the broker model/namespace
	IsLegacyLabels() bool

K8sBroker describes a Kubernetes broker interface this worker needs to function.

type Logger

type Logger interface {
	Debugf(string, ...interface{})
	Errorf(string, ...interface{})
	Infof(string, ...interface{})

Logger represents the methods used by the worker to log details

type ManifoldConfig

type ManifoldConfig struct {
	AgentName        string
	AuthorityName    string
	Authority        pki.Authority
	BrokerName       string
	Logger           Logger
	MuxName          string
	RBACMapperName   string
	ServerInfoName   string
	ServiceName      string
	ServiceNamespace string

ManifoldConfig describes the resources used by the admission worker

func (ManifoldConfig) Start

func (c ManifoldConfig) Start(context dependency.Context) (worker.Worker, error)

Start is used to start the manifold an extract a worker from the supplied configuration.

func (ManifoldConfig) Validate

func (c ManifoldConfig) Validate() error

Validate is used to to establish if the configuration is valid for use when creating new workers.

type Mux

type Mux interface {
	AddHandler(string, string, http.Handler) error
	RemoveHandler(string, string)

type RBACMapper

type RBACMapper interface {
	// AppNameForServiceAccount fetches the juju application name associated
	// with a given kubernetes service account UID. If no result is found
	// errors.NotFound is returned. All other errors should be considered
	// internal to the interface operation.
	AppNameForServiceAccount(types.UID) (string, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL