mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 04:06:03 +00:00
switch admission serialized config to an apiserver type
This commit is contained in:
deads2k
parent
ce86ef5518
commit
75841dc4f1
@ -270,6 +270,8 @@ staging/src/k8s.io/apimachinery/pkg/util/json
|
||||
staging/src/k8s.io/apimachinery/pkg/util/validation/field
|
||||
staging/src/k8s.io/apimachinery/pkg/version
|
||||
staging/src/k8s.io/apimachinery/pkg/watch
|
||||
staging/src/k8s.io/apiserver/pkg/apis
|
||||
staging/src/k8s.io/apiserver/pkg/apis/apiserver/install
|
||||
staging/src/k8s.io/apiserver/pkg/apis/example/install
|
||||
staging/src/k8s.io/apiserver/pkg/authentication/authenticator
|
||||
staging/src/k8s.io/apiserver/pkg/authentication/request/union
|
||||
|
||||
@ -48,7 +48,6 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
||||
&KubeProxyConfiguration{},
|
||||
&KubeSchedulerConfiguration{},
|
||||
&KubeletConfiguration{},
|
||||
&AdmissionConfiguration{},
|
||||
)
|
||||
return nil
|
||||
}
|
||||
@ -56,4 +55,3 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
||||
func (obj *KubeProxyConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
func (obj *KubeSchedulerConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
func (obj *KubeletConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
func (obj *AdmissionConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
|
||||
@ -22,7 +22,6 @@ import (
|
||||
"strings"
|
||||
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/kubernetes/pkg/api"
|
||||
)
|
||||
|
||||
@ -841,31 +840,6 @@ type PersistentVolumeRecyclerConfiguration struct {
|
||||
IncrementTimeoutHostPath int32
|
||||
}
|
||||
|
||||
// AdmissionConfiguration provides versioned configuration for admission controllers.
|
||||
type AdmissionConfiguration struct {
|
||||
metav1.TypeMeta
|
||||
|
||||
// Plugins allows specifying a configuration per admission control plugin.
|
||||
Plugins []AdmissionPluginConfiguration
|
||||
}
|
||||
|
||||
// AdmissionPluginConfiguration provides the configuration for a single plug-in.
|
||||
type AdmissionPluginConfiguration struct {
|
||||
// Name is the name of the admission controller.
|
||||
// It must match the registered admission plugin name.
|
||||
Name string
|
||||
|
||||
// Path is the path to a configuration file that contains the plugin's
|
||||
// configuration
|
||||
// +optional
|
||||
Path string
|
||||
|
||||
// Configuration is an embedded configuration object to be used as the plugin's
|
||||
// configuration. If present, it will be used instead of the path to the configuration file.
|
||||
// +optional
|
||||
Configuration runtime.Object
|
||||
}
|
||||
|
||||
type ConfigurationMap map[string]string
|
||||
|
||||
func (m *ConfigurationMap) String() string {
|
||||
|
||||
@ -37,7 +37,6 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
||||
&KubeProxyConfiguration{},
|
||||
&KubeSchedulerConfiguration{},
|
||||
&KubeletConfiguration{},
|
||||
&AdmissionConfiguration{},
|
||||
)
|
||||
return nil
|
||||
}
|
||||
@ -45,4 +44,3 @@ func addKnownTypes(scheme *runtime.Scheme) error {
|
||||
func (obj *KubeProxyConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
func (obj *KubeSchedulerConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
func (obj *KubeletConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
func (obj *AdmissionConfiguration) GetObjectKind() schema.ObjectKind { return &obj.TypeMeta }
|
||||
|
||||
@ -18,7 +18,6 @@ package v1alpha1
|
||||
|
||||
import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/kubernetes/pkg/api/v1"
|
||||
)
|
||||
|
||||
@ -580,29 +579,3 @@ type KubeletAnonymousAuthentication struct {
|
||||
// Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated.
|
||||
Enabled *bool `json:"enabled"`
|
||||
}
|
||||
|
||||
// AdmissionConfiguration provides versioned configuration for admission controllers.
|
||||
type AdmissionConfiguration struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
|
||||
// Plugins allows specifying a configuration per admission control plugin.
|
||||
// +optional
|
||||
Plugins []AdmissionPluginConfiguration `json:"plugins"`
|
||||
}
|
||||
|
||||
// AdmissionPluginConfiguration provides the configuration for a single plug-in.
|
||||
type AdmissionPluginConfiguration struct {
|
||||
// Name is the name of the admission controller.
|
||||
// It must match the registered admission plugin name.
|
||||
Name string `json:"name"`
|
||||
|
||||
// Path is the path to a configuration file that contains the plugin's
|
||||
// configuration
|
||||
// +optional
|
||||
Path string `json:"path"`
|
||||
|
||||
// Configuration is an embedded configuration object to be used as the plugin's
|
||||
// configuration. If present, it will be used instead of the path to the configuration file.
|
||||
// +optional
|
||||
Configuration runtime.RawExtension `json:"configuration"`
|
||||
}
|
||||
|
||||
@ -37,10 +37,6 @@ func init() {
|
||||
// Public to allow building arbitrary schemes.
|
||||
func RegisterConversions(scheme *runtime.Scheme) error {
|
||||
return scheme.AddGeneratedConversionFuncs(
|
||||
Convert_v1alpha1_AdmissionConfiguration_To_componentconfig_AdmissionConfiguration,
|
||||
Convert_componentconfig_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration,
|
||||
Convert_v1alpha1_AdmissionPluginConfiguration_To_componentconfig_AdmissionPluginConfiguration,
|
||||
Convert_componentconfig_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration,
|
||||
Convert_v1alpha1_KubeProxyConfiguration_To_componentconfig_KubeProxyConfiguration,
|
||||
Convert_componentconfig_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration,
|
||||
Convert_v1alpha1_KubeSchedulerConfiguration_To_componentconfig_KubeSchedulerConfiguration,
|
||||
@ -64,70 +60,6 @@ func RegisterConversions(scheme *runtime.Scheme) error {
|
||||
)
|
||||
}
|
||||
|
||||
func autoConvert_v1alpha1_AdmissionConfiguration_To_componentconfig_AdmissionConfiguration(in *AdmissionConfiguration, out *componentconfig.AdmissionConfiguration, s conversion.Scope) error {
|
||||
if in.Plugins != nil {
|
||||
in, out := &in.Plugins, &out.Plugins
|
||||
*out = make([]componentconfig.AdmissionPluginConfiguration, len(*in))
|
||||
for i := range *in {
|
||||
if err := Convert_v1alpha1_AdmissionPluginConfiguration_To_componentconfig_AdmissionPluginConfiguration(&(*in)[i], &(*out)[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.Plugins = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func Convert_v1alpha1_AdmissionConfiguration_To_componentconfig_AdmissionConfiguration(in *AdmissionConfiguration, out *componentconfig.AdmissionConfiguration, s conversion.Scope) error {
|
||||
return autoConvert_v1alpha1_AdmissionConfiguration_To_componentconfig_AdmissionConfiguration(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_componentconfig_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(in *componentconfig.AdmissionConfiguration, out *AdmissionConfiguration, s conversion.Scope) error {
|
||||
if in.Plugins != nil {
|
||||
in, out := &in.Plugins, &out.Plugins
|
||||
*out = make([]AdmissionPluginConfiguration, len(*in))
|
||||
for i := range *in {
|
||||
if err := Convert_componentconfig_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(&(*in)[i], &(*out)[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.Plugins = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func Convert_componentconfig_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(in *componentconfig.AdmissionConfiguration, out *AdmissionConfiguration, s conversion.Scope) error {
|
||||
return autoConvert_componentconfig_AdmissionConfiguration_To_v1alpha1_AdmissionConfiguration(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1alpha1_AdmissionPluginConfiguration_To_componentconfig_AdmissionPluginConfiguration(in *AdmissionPluginConfiguration, out *componentconfig.AdmissionPluginConfiguration, s conversion.Scope) error {
|
||||
out.Name = in.Name
|
||||
out.Path = in.Path
|
||||
if err := runtime.Convert_runtime_RawExtension_To_runtime_Object(&in.Configuration, &out.Configuration, s); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func Convert_v1alpha1_AdmissionPluginConfiguration_To_componentconfig_AdmissionPluginConfiguration(in *AdmissionPluginConfiguration, out *componentconfig.AdmissionPluginConfiguration, s conversion.Scope) error {
|
||||
return autoConvert_v1alpha1_AdmissionPluginConfiguration_To_componentconfig_AdmissionPluginConfiguration(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_componentconfig_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(in *componentconfig.AdmissionPluginConfiguration, out *AdmissionPluginConfiguration, s conversion.Scope) error {
|
||||
out.Name = in.Name
|
||||
out.Path = in.Path
|
||||
if err := runtime.Convert_runtime_Object_To_runtime_RawExtension(&in.Configuration, &out.Configuration, s); err != nil {
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func Convert_componentconfig_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(in *componentconfig.AdmissionPluginConfiguration, out *AdmissionPluginConfiguration, s conversion.Scope) error {
|
||||
return autoConvert_componentconfig_AdmissionPluginConfiguration_To_v1alpha1_AdmissionPluginConfiguration(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1alpha1_KubeProxyConfiguration_To_componentconfig_KubeProxyConfiguration(in *KubeProxyConfiguration, out *componentconfig.KubeProxyConfiguration, s conversion.Scope) error {
|
||||
out.BindAddress = in.BindAddress
|
||||
out.ClusterCIDR = in.ClusterCIDR
|
||||
|
||||
@ -35,8 +35,6 @@ func init() {
|
||||
// to allow building arbitrary schemes.
|
||||
func RegisterDeepCopies(scheme *runtime.Scheme) error {
|
||||
return scheme.AddGeneratedDeepCopyFuncs(
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_AdmissionConfiguration, InType: reflect.TypeOf(&AdmissionConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_AdmissionPluginConfiguration, InType: reflect.TypeOf(&AdmissionPluginConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_KubeProxyConfiguration, InType: reflect.TypeOf(&KubeProxyConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_KubeSchedulerConfiguration, InType: reflect.TypeOf(&KubeSchedulerConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_v1alpha1_KubeletAnonymousAuthentication, InType: reflect.TypeOf(&KubeletAnonymousAuthentication{})},
|
||||
@ -50,38 +48,6 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
|
||||
)
|
||||
}
|
||||
|
||||
func DeepCopy_v1alpha1_AdmissionConfiguration(in interface{}, out interface{}, c *conversion.Cloner) error {
|
||||
{
|
||||
in := in.(*AdmissionConfiguration)
|
||||
out := out.(*AdmissionConfiguration)
|
||||
*out = *in
|
||||
if in.Plugins != nil {
|
||||
in, out := &in.Plugins, &out.Plugins
|
||||
*out = make([]AdmissionPluginConfiguration, len(*in))
|
||||
for i := range *in {
|
||||
if err := DeepCopy_v1alpha1_AdmissionPluginConfiguration(&(*in)[i], &(*out)[i], c); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func DeepCopy_v1alpha1_AdmissionPluginConfiguration(in interface{}, out interface{}, c *conversion.Cloner) error {
|
||||
{
|
||||
in := in.(*AdmissionPluginConfiguration)
|
||||
out := out.(*AdmissionPluginConfiguration)
|
||||
*out = *in
|
||||
if newVal, err := c.DeepCopy(&in.Configuration); err != nil {
|
||||
return err
|
||||
} else {
|
||||
out.Configuration = *newVal.(*runtime.RawExtension)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func DeepCopy_v1alpha1_KubeProxyConfiguration(in interface{}, out interface{}, c *conversion.Cloner) error {
|
||||
{
|
||||
in := in.(*KubeProxyConfiguration)
|
||||
|
||||
@ -35,8 +35,6 @@ func init() {
|
||||
// to allow building arbitrary schemes.
|
||||
func RegisterDeepCopies(scheme *runtime.Scheme) error {
|
||||
return scheme.AddGeneratedDeepCopyFuncs(
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_componentconfig_AdmissionConfiguration, InType: reflect.TypeOf(&AdmissionConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_componentconfig_AdmissionPluginConfiguration, InType: reflect.TypeOf(&AdmissionPluginConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_componentconfig_IPVar, InType: reflect.TypeOf(&IPVar{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_componentconfig_KubeControllerManagerConfiguration, InType: reflect.TypeOf(&KubeControllerManagerConfiguration{})},
|
||||
conversion.GeneratedDeepCopyFunc{Fn: DeepCopy_componentconfig_KubeProxyConfiguration, InType: reflect.TypeOf(&KubeProxyConfiguration{})},
|
||||
@ -55,41 +53,6 @@ func RegisterDeepCopies(scheme *runtime.Scheme) error {
|
||||
)
|
||||
}
|
||||
|
||||
func DeepCopy_componentconfig_AdmissionConfiguration(in interface{}, out interface{}, c *conversion.Cloner) error {
|
||||
{
|
||||
in := in.(*AdmissionConfiguration)
|
||||
out := out.(*AdmissionConfiguration)
|
||||
*out = *in
|
||||
if in.Plugins != nil {
|
||||
in, out := &in.Plugins, &out.Plugins
|
||||
*out = make([]AdmissionPluginConfiguration, len(*in))
|
||||
for i := range *in {
|
||||
if err := DeepCopy_componentconfig_AdmissionPluginConfiguration(&(*in)[i], &(*out)[i], c); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func DeepCopy_componentconfig_AdmissionPluginConfiguration(in interface{}, out interface{}, c *conversion.Cloner) error {
|
||||
{
|
||||
in := in.(*AdmissionPluginConfiguration)
|
||||
out := out.(*AdmissionPluginConfiguration)
|
||||
*out = *in
|
||||
// in.Configuration is kind 'Interface'
|
||||
if in.Configuration != nil {
|
||||
if newVal, err := c.DeepCopy(&in.Configuration); err != nil {
|
||||
return err
|
||||
} else {
|
||||
out.Configuration = *newVal.(*runtime.Object)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func DeepCopy_componentconfig_IPVar(in interface{}, out interface{}, c *conversion.Cloner) error {
|
||||
{
|
||||
in := in.(*IPVar)
|
||||
|
||||
@ -8971,76 +8971,6 @@ func GetOpenAPIDefinitions(ref openapi.ReferenceCallback) map[string]openapi.Ope
|
||||
},
|
||||
Dependencies: []string{},
|
||||
},
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1.AdmissionConfiguration": {
|
||||
Schema: spec.Schema{
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "AdmissionConfiguration provides versioned configuration for admission controllers.",
|
||||
Properties: map[string]spec.Schema{
|
||||
"kind": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#types-kinds",
|
||||
Type: []string{"string"},
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"apiVersion": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#resources",
|
||||
Type: []string{"string"},
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"plugins": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Plugins allows specifying a configuration per admission control plugin.",
|
||||
Type: []string{"array"},
|
||||
Items: &spec.SchemaOrArray{
|
||||
Schema: &spec.Schema{
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Ref: ref("k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1.AdmissionPluginConfiguration"),
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1.AdmissionPluginConfiguration"},
|
||||
},
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1.AdmissionPluginConfiguration": {
|
||||
Schema: spec.Schema{
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "AdmissionPluginConfiguration provides the configuration for a single plug-in.",
|
||||
Properties: map[string]spec.Schema{
|
||||
"name": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Name is the name of the admission controller. It must match the registered admission plugin name.",
|
||||
Type: []string{"string"},
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"path": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Path is the path to a configuration file that contains the plugin's configuration",
|
||||
Type: []string{"string"},
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
"configuration": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Configuration is an embedded configuration object to be used as the plugin's configuration. If present, it will be used instead of the path to the configuration file.",
|
||||
Ref: ref("k8s.io/apimachinery/pkg/runtime.RawExtension"),
|
||||
},
|
||||
},
|
||||
},
|
||||
Required: []string{"name"},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
"k8s.io/apimachinery/pkg/runtime.RawExtension"},
|
||||
},
|
||||
"k8s.io/kubernetes/pkg/apis/rbac/v1alpha1.ClusterRole": {
|
||||
Schema: spec.Schema{
|
||||
SchemaProps: spec.SchemaProps{
|
||||
|
||||
@ -17,9 +17,9 @@ go_test(
|
||||
library = ":go_default_library",
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//pkg/apis/componentconfig:go_default_library",
|
||||
"//pkg/apis/componentconfig/install:go_default_library",
|
||||
"//vendor:k8s.io/apiserver/pkg/admission",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
"//vendor:k8s.io/apiserver/pkg/authorization/authorizer",
|
||||
],
|
||||
)
|
||||
@ -32,9 +32,6 @@ go_library(
|
||||
],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//pkg/api:go_default_library",
|
||||
"//pkg/apis/componentconfig:go_default_library",
|
||||
"//pkg/apis/componentconfig/v1alpha1:go_default_library",
|
||||
"//pkg/client/clientset_generated/internalclientset:go_default_library",
|
||||
"//pkg/controller/informers:go_default_library",
|
||||
"//vendor:github.com/ghodss/yaml",
|
||||
@ -42,6 +39,10 @@ go_library(
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/sets",
|
||||
"//vendor:k8s.io/apiserver/pkg/admission",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/v1alpha1",
|
||||
"//vendor:k8s.io/apiserver/pkg/authorization/authorizer",
|
||||
],
|
||||
)
|
||||
|
||||
@ -31,9 +31,11 @@ import (
|
||||
|
||||
"k8s.io/apimachinery/pkg/util/sets"
|
||||
"k8s.io/apiserver/pkg/admission"
|
||||
"k8s.io/kubernetes/pkg/api"
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
||||
componentconfigv1alpha1 "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
|
||||
"k8s.io/apiserver/pkg/apis"
|
||||
"k8s.io/apiserver/pkg/apis/apiserver"
|
||||
apiserverv1alpha1 "k8s.io/apiserver/pkg/apis/apiserver/v1alpha1"
|
||||
|
||||
_ "k8s.io/apiserver/pkg/apis/apiserver/install"
|
||||
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
@ -60,18 +62,18 @@ func makeAbs(path, base string) (string, error) {
|
||||
// It returns an error if the file did not exist.
|
||||
func ReadAdmissionConfiguration(pluginNames []string, configFilePath string) (admission.ConfigProvider, error) {
|
||||
if configFilePath == "" {
|
||||
return configProvider{config: &componentconfig.AdmissionConfiguration{}}, nil
|
||||
return configProvider{config: &apiserver.AdmissionConfiguration{}}, nil
|
||||
}
|
||||
// a file was provided, so we just read it.
|
||||
data, err := ioutil.ReadFile(configFilePath)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("unable to read admission control configuration from %q [%v]", configFilePath, err)
|
||||
}
|
||||
decoder := api.Codecs.UniversalDecoder()
|
||||
decoder := apis.Codecs.UniversalDecoder()
|
||||
decodedObj, err := runtime.Decode(decoder, data)
|
||||
// we were able to decode the file successfully
|
||||
if err == nil {
|
||||
decodedConfig, ok := decodedObj.(*componentconfig.AdmissionConfiguration)
|
||||
decodedConfig, ok := decodedObj.(*apiserver.AdmissionConfiguration)
|
||||
if !ok {
|
||||
return nil, fmt.Errorf("unexpected type: %T", decodedObj)
|
||||
}
|
||||
@ -98,29 +100,29 @@ func ReadAdmissionConfiguration(pluginNames []string, configFilePath string) (ad
|
||||
// previously read input from a non-versioned file configuration to the
|
||||
// current input file.
|
||||
legacyPluginsWithUnversionedConfig := sets.NewString("ImagePolicyWebhook", "PodNodeSelector")
|
||||
externalConfig := &componentconfigv1alpha1.AdmissionConfiguration{}
|
||||
externalConfig := &apiserverv1alpha1.AdmissionConfiguration{}
|
||||
for _, pluginName := range pluginNames {
|
||||
if legacyPluginsWithUnversionedConfig.Has(pluginName) {
|
||||
externalConfig.Plugins = append(externalConfig.Plugins,
|
||||
componentconfigv1alpha1.AdmissionPluginConfiguration{
|
||||
apiserverv1alpha1.AdmissionPluginConfiguration{
|
||||
Name: pluginName,
|
||||
Path: configFilePath})
|
||||
}
|
||||
}
|
||||
api.Scheme.Default(externalConfig)
|
||||
internalConfig := &componentconfig.AdmissionConfiguration{}
|
||||
if err := api.Scheme.Convert(externalConfig, internalConfig, nil); err != nil {
|
||||
apis.Scheme.Default(externalConfig)
|
||||
internalConfig := &apiserver.AdmissionConfiguration{}
|
||||
if err := apis.Scheme.Convert(externalConfig, internalConfig, nil); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return configProvider{config: internalConfig}, nil
|
||||
}
|
||||
|
||||
type configProvider struct {
|
||||
config *componentconfig.AdmissionConfiguration
|
||||
config *apiserver.AdmissionConfiguration
|
||||
}
|
||||
|
||||
// GetAdmissionPluginConfigurationFor returns a reader that holds the admission plugin configuration.
|
||||
func GetAdmissionPluginConfigurationFor(pluginCfg componentconfig.AdmissionPluginConfiguration) (io.Reader, error) {
|
||||
func GetAdmissionPluginConfigurationFor(pluginCfg apiserver.AdmissionPluginConfiguration) (io.Reader, error) {
|
||||
// if there is nothing nested in the object, we return the named location
|
||||
obj := pluginCfg.Configuration
|
||||
if obj != nil {
|
||||
@ -168,7 +170,7 @@ func (p configProvider) ConfigFor(pluginName string) (io.Reader, error) {
|
||||
|
||||
// writeYAML writes the specified object to a byte array as yaml.
|
||||
func writeYAML(obj runtime.Object) ([]byte, error) {
|
||||
json, err := runtime.Encode(api.Codecs.LegacyCodec(), obj)
|
||||
json, err := runtime.Encode(apis.Codecs.LegacyCodec(), obj)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -22,8 +22,8 @@ import (
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
||||
_ "k8s.io/kubernetes/pkg/apis/componentconfig/install"
|
||||
"k8s.io/apiserver/pkg/apis/apiserver"
|
||||
_ "k8s.io/apiserver/pkg/apis/apiserver/install"
|
||||
)
|
||||
|
||||
func TestReadAdmissionConfiguration(t *testing.T) {
|
||||
@ -44,19 +44,19 @@ func TestReadAdmissionConfiguration(t *testing.T) {
|
||||
// individual test scenarios
|
||||
testCases := map[string]struct {
|
||||
ConfigBody string
|
||||
ExpectedAdmissionConfig *componentconfig.AdmissionConfiguration
|
||||
ExpectedAdmissionConfig *apiserver.AdmissionConfiguration
|
||||
PluginNames []string
|
||||
}{
|
||||
"v1Alpha1 configuration - path fixup": {
|
||||
ConfigBody: `{
|
||||
"apiVersion": "componentconfig/v1alpha1",
|
||||
"apiVersion": "apiserver.k8s.io/v1alpha1",
|
||||
"kind": "AdmissionConfiguration",
|
||||
"plugins": [
|
||||
{"name": "ImagePolicyWebhook", "path": "image-policy-webhook.json"},
|
||||
{"name": "ResourceQuota"}
|
||||
]}`,
|
||||
ExpectedAdmissionConfig: &componentconfig.AdmissionConfiguration{
|
||||
Plugins: []componentconfig.AdmissionPluginConfiguration{
|
||||
ExpectedAdmissionConfig: &apiserver.AdmissionConfiguration{
|
||||
Plugins: []apiserver.AdmissionPluginConfiguration{
|
||||
{
|
||||
Name: "ImagePolicyWebhook",
|
||||
Path: imagePolicyWebhookFile,
|
||||
@ -70,14 +70,14 @@ func TestReadAdmissionConfiguration(t *testing.T) {
|
||||
},
|
||||
"v1Alpha1 configuration - abspath": {
|
||||
ConfigBody: `{
|
||||
"apiVersion": "componentconfig/v1alpha1",
|
||||
"apiVersion": "apiserver.k8s.io/v1alpha1",
|
||||
"kind": "AdmissionConfiguration",
|
||||
"plugins": [
|
||||
{"name": "ImagePolicyWebhook", "path": "/tmp/image-policy-webhook.json"},
|
||||
{"name": "ResourceQuota"}
|
||||
]}`,
|
||||
ExpectedAdmissionConfig: &componentconfig.AdmissionConfiguration{
|
||||
Plugins: []componentconfig.AdmissionPluginConfiguration{
|
||||
ExpectedAdmissionConfig: &apiserver.AdmissionConfiguration{
|
||||
Plugins: []apiserver.AdmissionPluginConfiguration{
|
||||
{
|
||||
Name: "ImagePolicyWebhook",
|
||||
Path: "/tmp/image-policy-webhook.json",
|
||||
@ -102,8 +102,8 @@ func TestReadAdmissionConfiguration(t *testing.T) {
|
||||
"clusterDefaultNodeSelector": ""
|
||||
}
|
||||
}`,
|
||||
ExpectedAdmissionConfig: &componentconfig.AdmissionConfiguration{
|
||||
Plugins: []componentconfig.AdmissionPluginConfiguration{
|
||||
ExpectedAdmissionConfig: &apiserver.AdmissionConfiguration{
|
||||
Plugins: []apiserver.AdmissionPluginConfiguration{
|
||||
{
|
||||
Name: "ImagePolicyWebhook",
|
||||
Path: configFileName,
|
||||
@ -129,7 +129,7 @@ func TestReadAdmissionConfiguration(t *testing.T) {
|
||||
"clusterDefaultNodeSelector": ""
|
||||
}
|
||||
}`,
|
||||
ExpectedAdmissionConfig: &componentconfig.AdmissionConfiguration{},
|
||||
ExpectedAdmissionConfig: &apiserver.AdmissionConfiguration{},
|
||||
PluginNames: []string{"NamespaceLifecycle", "InitialResources"},
|
||||
},
|
||||
}
|
||||
|
||||
@ -18,7 +18,7 @@ package apiserver
|
||||
|
||||
import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
// AdmissionConfiguration provides versioned configuration for admission controllers.
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
Copyright 2016 The Kubernetes Authors.
|
||||
Copyright 2017 The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
|
||||
@ -18,7 +18,7 @@ package v1alpha1
|
||||
|
||||
import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
// AdmissionConfiguration provides versioned configuration for admission controllers.
|
||||
|
||||
@ -25,6 +25,8 @@ import (
|
||||
"k8s.io/apimachinery/pkg/runtime/serializer"
|
||||
)
|
||||
|
||||
// TODO all of these fall out when we move the admission read back into apiserver
|
||||
|
||||
// GroupFactoryRegistry is the APIGroupFactoryRegistry (overlaps a bit with Registry, see comments in package for details)
|
||||
var GroupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
|
||||
|
||||
@ -33,10 +35,6 @@ var GroupFactoryRegistry = make(announced.APIGroupFactoryRegistry)
|
||||
var Registry = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS"))
|
||||
|
||||
// Scheme is the default instance of runtime.Scheme to which types in the Kubernetes API are already registered.
|
||||
// NOTE: If you are copying this file to start a new api group, STOP! Copy the
|
||||
// extensions group instead. This Scheme is special and should appear ONLY in
|
||||
// the api group, unless you really know what you're doing.
|
||||
// TODO(lavalamp): make the above error impossible.
|
||||
var Scheme = runtime.NewScheme()
|
||||
|
||||
// Codecs provides access to encoding and decoding for the scheme
|
||||
|
||||
64
vendor/BUILD
vendored
64
vendor/BUILD
vendored
@ -9073,6 +9073,7 @@ go_library(
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/validation",
|
||||
"//vendor:k8s.io/apimachinery/pkg/version",
|
||||
"//vendor:k8s.io/apiserver/pkg/admission",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
"//vendor:k8s.io/apiserver/pkg/authentication/authenticator",
|
||||
"//vendor:k8s.io/apiserver/pkg/authentication/authenticatorfactory",
|
||||
"//vendor:k8s.io/apiserver/pkg/authentication/request/union",
|
||||
@ -15192,3 +15193,66 @@ go_library(
|
||||
"//vendor:github.com/ghodss/yaml",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "k8s.io/apiserver/pkg/apis",
|
||||
srcs = ["k8s.io/apiserver/pkg/apis/register.go"],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/announced",
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/registered",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/serializer",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "k8s.io/apiserver/pkg/apis/apiserver",
|
||||
srcs = [
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/doc.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/register.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/types.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go",
|
||||
],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apimachinery/pkg/apis/meta/v1",
|
||||
"//vendor:k8s.io/apimachinery/pkg/conversion",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/schema",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "k8s.io/apiserver/pkg/apis/apiserver/install",
|
||||
srcs = ["k8s.io/apiserver/pkg/apis/apiserver/install/install.go"],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/announced",
|
||||
"//vendor:k8s.io/apimachinery/pkg/apimachinery/registered",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/util/sets",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver/v1alpha1",
|
||||
],
|
||||
)
|
||||
|
||||
go_library(
|
||||
name = "k8s.io/apiserver/pkg/apis/apiserver/v1alpha1",
|
||||
srcs = [
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/doc.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/register.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go",
|
||||
"k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.deepcopy.go",
|
||||
],
|
||||
tags = ["automanaged"],
|
||||
deps = [
|
||||
"//vendor:k8s.io/apimachinery/pkg/apis/meta/v1",
|
||||
"//vendor:k8s.io/apimachinery/pkg/conversion",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime",
|
||||
"//vendor:k8s.io/apimachinery/pkg/runtime/schema",
|
||||
"//vendor:k8s.io/apiserver/pkg/apis/apiserver",
|
||||
],
|
||||
)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user