Merge pull request #23883 from liggitt/attis

Externalize immortal namespaces
2025-07-27 21:47:07 +00:00 · 2016-04-08 20:56:04 -07:00 · 2016-04-08 20:56:04 -07:00 · 524bfde377
commit 524bfde377
parent cd85b06465 bef1d6e82e
2 changed files with 8 additions and 5 deletions
--- a/plugin/pkg/admission/namespace/lifecycle/admission.go
+++ b/plugin/pkg/admission/namespace/lifecycle/admission.go
@ -32,9 +32,11 @@ import (
 	"k8s.io/kubernetes/pkg/watch"
 )
 const PluginName = "NamespaceLifecycle"
 func init() {
-	admission.RegisterPlugin("NamespaceLifecycle", func(client clientset.Interface, config io.Reader) (admission.Interface, error) {
+	admission.RegisterPlugin(PluginName, func(client clientset.Interface, config io.Reader) (admission.Interface, error) {
-		return NewLifecycle(client), nil
+		return NewLifecycle(client, sets.NewString(api.NamespaceDefault)), nil
 	})
 }
@ -109,7 +111,7 @@ func (l *lifecycle) Admit(a admission.Attributes) (err error) {
 }
 // NewLifecycle creates a new namespace lifecycle admission control handler
-func NewLifecycle(c clientset.Interface) admission.Interface {
+func NewLifecycle(c clientset.Interface, immortalNamespaces sets.String) admission.Interface {
 	store := cache.NewStore(cache.MetaNamespaceKeyFunc)
 	reflector := cache.NewReflector(
 		&cache.ListWatch{
@ -129,6 +131,6 @@ func NewLifecycle(c clientset.Interface) admission.Interface {
 		Handler:            admission.NewHandler(admission.Create, admission.Update, admission.Delete),
 		client:             c,
 		store:              store,
-		immortalNamespaces: sets.NewString(api.NamespaceDefault),
+		immortalNamespaces: immortalNamespaces,
 	}
 }
--- a/plugin/pkg/admission/namespace/lifecycle/admission_test.go
+++ b/plugin/pkg/admission/namespace/lifecycle/admission_test.go
@ -28,6 +28,7 @@ import (
 	"k8s.io/kubernetes/pkg/client/testing/core"
 	"k8s.io/kubernetes/pkg/client/unversioned/testclient"
 	"k8s.io/kubernetes/pkg/runtime"
 	"k8s.io/kubernetes/pkg/util/sets"
 )
 // TestAdmission
@ -60,7 +61,7 @@ func TestAdmission(t *testing.T) {
 		return true, &api.NamespaceList{Items: []api.Namespace{*namespaceObj}}, nil
 	})
-	lfhandler := NewLifecycle(mockClient).(*lifecycle)
+	lfhandler := NewLifecycle(mockClient, sets.NewString("default")).(*lifecycle)
 	lfhandler.store = store
 	handler := admission.NewChainHandler(lfhandler)
 	pod := api.Pod{