Version: v0.23.3 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jan 26, 2022 License: Apache-2.0 Imports: 28 Imported by: 28



Package mutating delegates admission checks to dynamically configured mutating webhooks.

Package mutating makes calls to mutating webhooks during the admission process.



View Source
const (
	// PatchAuditAnnotationPrefix is a prefix for persisting webhook patch in audit annotation.
	// Audit handler decides whether annotation with this prefix should be logged based on audit level.
	// Since mutating webhook patches the request body, audit level must be greater or equal to Request
	// for the annotation to be logged
	PatchAuditAnnotationPrefix = ""
	// MutationAuditAnnotationPrefix is a prefix for presisting webhook mutation existence in audit annotation.
	MutationAuditAnnotationPrefix = ""
	// MutationAnnotationFailedOpenKeyPrefix in an annotation indicates
	// the mutating webhook failed open when the webhook backend connection
	// failed or returned an internal server error.
	MutationAuditAnnotationFailedOpenKeyPrefix string = "failed-open." + MutationAuditAnnotationPrefix
View Source
const (
	// PluginName indicates the name of admission plug-in
	PluginName = "MutatingAdmissionWebhook"


This section is empty.


func Register

func Register(plugins *admission.Plugins)

Register registers a plugin


type MutationAuditAnnotation added in v0.16.4

type MutationAuditAnnotation struct {
	Configuration string `json:"configuration"`
	Webhook       string `json:"webhook"`
	Mutated       bool   `json:"mutated"`

MutationAuditAnnotation logs if a webhook invocation mutated the request object

type PatchAuditAnnotation added in v0.16.4

type PatchAuditAnnotation struct {
	Configuration string      `json:"configuration"`
	Webhook       string      `json:"webhook"`
	Patch         interface{} `json:"patch,omitempty"`
	PatchType     string      `json:"patchType,omitempty"`

PatchAuditAnnotation logs a patch from a mutating webhook

type Plugin

type Plugin struct {

Plugin is an implementation of admission.Interface.

func NewMutatingWebhook

func NewMutatingWebhook(configFile io.Reader) (*Plugin, error)

NewMutatingWebhook returns a generic admission webhook plugin.

func (*Plugin) Admit

Admit makes an admission decision based on the request attributes.

func (*Plugin) ValidateInitialization

func (a *Plugin) ValidateInitialization() error

ValidateInitialization implements the InitializationValidator interface.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL