Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GroupVersionKind ¶
type GroupVersionKind struct {
Group string `json:"group"`
Version string `json:"version"`
Kind string `json:"kind"`
}
GroupVersionKind unambiguously identifies a kind
func (GroupVersionKind) MarshalEasyJSON ¶
func (v GroupVersionKind) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (GroupVersionKind) MarshalJSON ¶
func (v GroupVersionKind) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*GroupVersionKind) UnmarshalEasyJSON ¶
func (v *GroupVersionKind) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*GroupVersionKind) UnmarshalJSON ¶
func (v *GroupVersionKind) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
type GroupVersionResource ¶
type GroupVersionResource struct {
Group string `json:"group"`
Version string `json:"version"`
Kind string `json:"kind"`
}
GroupVersionResource unambiguously identifies a resource
func (GroupVersionResource) MarshalEasyJSON ¶
func (v GroupVersionResource) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (GroupVersionResource) MarshalJSON ¶
func (v GroupVersionResource) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*GroupVersionResource) UnmarshalEasyJSON ¶
func (v *GroupVersionResource) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*GroupVersionResource) UnmarshalJSON ¶
func (v *GroupVersionResource) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
type KubernetesAdmissionRequest ¶
type KubernetesAdmissionRequest struct {
// UID is an identifier for the individual request/response. It allows us to distinguish instances of requests which are
// otherwise identical (parallel requests, requests when earlier requests did not modify etc)
// The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
// It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
Uid string `json:"uid"`
// Kind is the fully-qualified type of object being submitted (for example, v1.Pod or autoscaling.v1.Scale)
Kind GroupVersionKind `json:"groupVersionKind"`
// Resource is the fully-qualified resource being requested (for example, v1.pods)
Resource GroupVersionResource `json:"groupVersionResource"`
// SubResource is the subresource being requested, if any (for example, "status" or "scale")
SubResource string `json:"subResource"`
// RequestKind is the fully-qualified type of the original API request (for example, v1.Pod or autoscaling.v1.Scale).
// If this is specified and differs from the value in "kind", an equivalent match and conversion was performed.
//
// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
// with `kind: {group:"apps", version:"v1", kind:"Deployment"}` (matching the rule the webhook registered for),
// and `requestKind: {group:"apps", version:"v1beta1", kind:"Deployment"}` (indicating the kind of the original API request).
//
// See documentation for the "matchPolicy" field in the webhook configuration type for more details.
RequestKind GroupVersionKind `json:"requestKind"`
// RequestResource is the fully-qualified resource of the original API request (for example, v1.pods).
// If this is specified and differs from the value in "resource", an equivalent match and conversion was performed.
//
// For example, if deployments can be modified via apps/v1 and apps/v1beta1, and a webhook registered a rule of
// `apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"]` and `matchPolicy: Equivalent`,
// an API request to apps/v1beta1 deployments would be converted and sent to the webhook
// with `resource: {group:"apps", version:"v1", resource:"deployments"}` (matching the resource the webhook registered for),
// and `requestResource: {group:"apps", version:"v1beta1", resource:"deployments"}` (indicating the resource of the original API request).
//
// See documentation for the "matchPolicy" field in the webhook configuration type.
RequestResource GroupVersionKind `json:"requestResource"`
// RequestSubResource is the name of the subresource of the original API request, if any (for example, "status" or "scale")
// If this is specified and differs from the value in "subResource", an equivalent match and conversion was performed.
// See documentation for the "matchPolicy" field in the webhook configuration type.
RequestSubResource string `json:"requestSubResource"`
// Name is the name of the object as presented in the request. On a CREATE operation, the client may omit name and
// rely on the server to generate the name. If that is the case, this field will contain an empty string.
Name string `json:"name"`
// Namespace is the namespace associated with the request (if any).
Namespace string `json:"namespace"`
// Operation is the operation being performed. This may be different than the operation
// requested. e.g. a patch can result in either a CREATE or UPDATE Operation.
Operation string `json:"operation"`
// UserInfo is information about the requesting user
UserInfo UserInfo `json:"userInfo"`
// Object is the object from the incoming request.
//
// Note, the attributes holds the unmarshalled []bytes as found inside of
// original JSON object.
// This can then be parsed using `easyjson.Unmarshal()` into a proper
// type that implements the easyjson interfaces.
Object easyjson.RawMessage `json:"object"`
// OldObject is the existing object. Only populated for DELETE and UPDATE requests.
//
// Note, the attributes holds the unmarshalled []bytes as found inside of
// original JSON object.
// This can then be parsed using `easyjson.Unmarshal()` into a proper
// type that implements the easyjson interfaces.
OldObject easyjson.RawMessage `json:"oldObject"`
// DryRun indicates that modifications will definitely not be persisted for this request.
// Defaults to false.
DryRun bool `json:"dryRun"`
// Options is the operation option structure of the operation being performed.
// e.g. `meta.k8s.io/v1.DeleteOptions` or `meta.k8s.io/v1.CreateOptions`. This may be
// different than the options the caller provided. e.g. for a patch request the performed
// Operation might be a CREATE, in which case the Options will a
// `meta.k8s.io/v1.CreateOptions` even though the caller provided `meta.k8s.io/v1.PatchOptions`.
//
// Note, the attributes holds the unmarshalled []bytes as found inside of
// original JSON object.
// This can then be parsed using `easyjson.Unmarshal()` into a proper
// type that implements the easyjson interfaces.
Options easyjson.RawMessage `json:"options"`
}
Kubernetes' [AdmissionReview](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/) request.
func (KubernetesAdmissionRequest) MarshalEasyJSON ¶
func (v KubernetesAdmissionRequest) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (KubernetesAdmissionRequest) MarshalJSON ¶
func (v KubernetesAdmissionRequest) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*KubernetesAdmissionRequest) UnmarshalEasyJSON ¶
func (v *KubernetesAdmissionRequest) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*KubernetesAdmissionRequest) UnmarshalJSON ¶
func (v *KubernetesAdmissionRequest) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
type SettingsValidationResponse ¶
type SettingsValidationResponse struct {
Valid bool `json:"valid"`
// Optional - ignored if valid
Message *string `json:"message,omitempty"`
}
The response sent by a policy when validating its settings
func (SettingsValidationResponse) MarshalEasyJSON ¶
func (v SettingsValidationResponse) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (SettingsValidationResponse) MarshalJSON ¶
func (v SettingsValidationResponse) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*SettingsValidationResponse) UnmarshalEasyJSON ¶
func (v *SettingsValidationResponse) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*SettingsValidationResponse) UnmarshalJSON ¶
func (v *SettingsValidationResponse) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
type UserInfo ¶
type UserInfo struct {
Username string `json:"username"`
Groups string `json:"groups"`
// Note, the attributes holds the unmarshalled []bytes as found inside of
// original JSON object.
// This can then be parsed using `easyjson.Unmarshal()` into a proper
// type that implements the easyjson interfaces.
Extra easyjson.RawMessage `json:"extra,omitempty"`
}
UserInfo holds information about the user who made the request
func (UserInfo) MarshalEasyJSON ¶
MarshalEasyJSON supports easyjson.Marshaler interface
func (UserInfo) MarshalJSON ¶
MarshalJSON supports json.Marshaler interface
func (*UserInfo) UnmarshalEasyJSON ¶
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*UserInfo) UnmarshalJSON ¶
UnmarshalJSON supports json.Unmarshaler interface
type ValidationRequest ¶
type ValidationRequest struct {
// The request to be evaluated
Request KubernetesAdmissionRequest `json:"request"`
// The settings to be used by the policy
//
// Note, the attributes holds the unmarshalled []bytes as found inside of
// original JSON object.
// This can then be parsed using `easyjson.Unmarshal()` into a proper
// type that implements the easyjson interfaces.
Settings easyjson.RawMessage `json:"settings"`
}
The object received by the validate() function of Kubewarden policies
func (ValidationRequest) MarshalEasyJSON ¶
func (v ValidationRequest) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (ValidationRequest) MarshalJSON ¶
func (v ValidationRequest) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*ValidationRequest) UnmarshalEasyJSON ¶
func (v *ValidationRequest) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*ValidationRequest) UnmarshalJSON ¶
func (v *ValidationRequest) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
type ValidationResponse ¶
type ValidationResponse struct {
Accepted bool `json:"accepted"`
// Optional - ignored if accepted
Message *string `json:"message,omitempty"`
// Optional - ignored if accepted
Code *uint16 `json:"code,omitempty"`
// Optional - used only by mutating policies
MutatedObject interface{} `json:"mutated_object,omitempty"`
}
Structure defining the response given when validating a request
func (ValidationResponse) MarshalEasyJSON ¶
func (v ValidationResponse) MarshalEasyJSON(w *jwriter.Writer)
MarshalEasyJSON supports easyjson.Marshaler interface
func (ValidationResponse) MarshalJSON ¶
func (v ValidationResponse) MarshalJSON() ([]byte, error)
MarshalJSON supports json.Marshaler interface
func (*ValidationResponse) UnmarshalEasyJSON ¶
func (v *ValidationResponse) UnmarshalEasyJSON(l *jlexer.Lexer)
UnmarshalEasyJSON supports easyjson.Unmarshaler interface
func (*ValidationResponse) UnmarshalJSON ¶
func (v *ValidationResponse) UnmarshalJSON(data []byte) error
UnmarshalJSON supports json.Unmarshaler interface
Source Files
Click to show internal directories.
Click to hide internal directories.