mutating

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2021 License: Apache-2.0 Imports: 9 Imported by: 29

Documentation

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewWebhook 

func NewWebhook(cfg WebhookConfig) (webhook.Webhook, error)

NewWebhook is a mutating webhook and will return a webhook ready for a type of resource. It will mutate the received resources. This webhook will always allow the admission of the resource, only will deny in case of error.

Types

type Chain 

type Chain struct {
	// contains filtered or unexported fields
}

Chain is a chain of mutators that will execute secuentially all the mutators that have been added to it. It satisfies Mutator interface.

func NewChain 

func NewChain(logger log.Logger, mutators ...Mutator) *Chain

NewChain returns a new chain.

func (*Chain) Mutate 

func (c *Chain) Mutate(ctx context.Context, ar *model.AdmissionReview, obj metav1.Object) (*MutatorResult, error)

Mutate will execute all the mutation chain.

type Mutator 

type Mutator interface {
	// Mutate receives a Kubernetes resource object to be mutated, it must
	// return an error or a mutation result. What the mutator returns
	// as result.MutatedObject is the object that will be used as the mutation.
	// It must be of the same type of the received one (if is a Pod, it must return a Pod)
	// if no object is returned, it will be used the received one as the mutated one.
	// Also receives the webhook admission review in case it wants more context and
	// information of the review.
	// Mutators can be grouped in chains, that's why we have a `StopChain` boolean
	// in the result, to stop executing the validators chain.
	Mutate(ctx context.Context, ar *model.AdmissionReview, obj metav1.Object) (result *MutatorResult, err error)
}

Mutator knows how to mutate the received kubernetes object.

Example (ChainMutatingWebhook)

chainMutatingWebhook shows how you would create a mutator chain. 

package main

import (
	"context"

	corev1 "k8s.io/api/core/v1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	"github.com/slok/kubewebhook/v2/pkg/log"
	"github.com/slok/kubewebhook/v2/pkg/model"
	"github.com/slok/kubewebhook/v2/pkg/webhook/mutating"
)

func main() {
	fakeMut := mutating.MutatorFunc(func(_ context.Context, _ *model.AdmissionReview, obj metav1.Object) (*mutating.MutatorResult, error) {
		return &mutating.MutatorResult{}, nil
	})

	fakeMut2 := mutating.MutatorFunc(func(_ context.Context, _ *model.AdmissionReview, obj metav1.Object) (*mutating.MutatorResult, error) {
		return &mutating.MutatorResult{}, nil
	})

	fakeMut3 := mutating.MutatorFunc(func(_ context.Context, _ *model.AdmissionReview, obj metav1.Object) (*mutating.MutatorResult, error) {
		return &mutating.MutatorResult{}, nil
	})

	// Create webhook using a mutator chain.
	_, _ = mutating.NewWebhook(mutating.WebhookConfig{
		ID:      "podWebhook",
		Obj:     &corev1.Pod{},
		Mutator: mutating.NewChain(log.Noop, fakeMut, fakeMut2, fakeMut3),
	})
}

Output:
Example (PodAnnotateMutatingWebhook)

PodAnnotateMutatingWebhook shows how you would create a pod mutating webhook that adds annotations to every pod received. 

package main

import (
	"context"

	corev1 "k8s.io/api/core/v1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	"github.com/slok/kubewebhook/v2/pkg/model"
	"github.com/slok/kubewebhook/v2/pkg/webhook/mutating"
)

func main() {
	// Annotations to add.
	annotations := map[string]string{
		"mutated":   "true",
		"example":   "ExamplePodAnnotateMutatingWebhook",
		"framework": "kubewebhook",
	}
	// Create our mutator that will add annotations to every pod.
	pam := mutating.MutatorFunc(func(_ context.Context, _ *model.AdmissionReview, obj metav1.Object) (*mutating.MutatorResult, error) {
		pod, ok := obj.(*corev1.Pod)
		if !ok {
			return &mutating.MutatorResult{}, nil
		}

		// Mutate our object with the required annotations.
		if pod.Annotations == nil {
			pod.Annotations = make(map[string]string)
		}

		for k, v := range annotations {
			pod.Annotations[k] = v
		}

		return &mutating.MutatorResult{MutatedObject: pod}, nil
	})

	// Create webhook.
	_, _ = mutating.NewWebhook(mutating.WebhookConfig{
		ID:      "podAnnotateMutatingWebhook",
		Obj:     &corev1.Pod{},
		Mutator: pam,
	})
}

Output:

type MutatorFunc 

type MutatorFunc func(context.Context, *model.AdmissionReview, metav1.Object) (*MutatorResult, error)

MutatorFunc is a helper type to create mutators from functions.

func (MutatorFunc) Mutate 

func (f MutatorFunc) Mutate(ctx context.Context, ar *model.AdmissionReview, obj metav1.Object) (*MutatorResult, error)

Mutate satisfies Mutator interface.

type MutatorResult 

type MutatorResult struct {
	// StopChain will stop the chain of validators in case there is a chain set.
	StopChain bool
	// MutatedObject is the object that has been mutated. If is nil, it will be used the one
	// received by the Mutator.
	MutatedObject metav1.Object
	// Warnings are special messages that can be set to warn the user (e.g deprecation messages, almost invalid resources...).
	Warnings []string
}

MutatorResult is the result of a mutator.

type WebhookConfig 

type WebhookConfig struct {
	// ID is the id of the webhook.
	ID string
	// Object is the object of the webhook, to use multiple types on the same webhook or
	// type inference, don't set this field (will be `nil`).
	Obj metav1.Object
	// Mutator is the webhook mutator.
	Mutator Mutator
	// Logger is the app logger.
	Logger log.Logger
}

WebhookConfig is the Mutating webhook configuration.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.