Documentation

Index

Constants

View Source
const PluginName = "CertificateSubjectRestriction"

    PluginName is a string with the name of the plugin

    Variables

    This section is empty.

    Functions

    func Register

    func Register(plugins *admission.Plugins)

      Register registers the plugin

      Types

      type Plugin

      type Plugin struct {
      	*admission.Handler
      }

        Plugin holds state for and implements the admission plugin.

        func NewPlugin

        func NewPlugin() *Plugin

          NewPlugin constructs a new instance of the CertificateSubjectRestrictions admission interface.

          func (*Plugin) Validate

            Validate ensures that if the signerName on a CSR is set to `kubernetes.io/kube-apiserver-client`, that its organization (group) attribute is not set to `system:masters`.

            func (*Plugin) ValidateInitialization

            func (p *Plugin) ValidateInitialization() error

              ValidateInitialization always returns nil.

              Source Files