k3s/pkg/admission/interfaces.go

/*
Copyright 2014 The Kubernetes Authors All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package admission

import (
	"k8s.io/kubernetes/pkg/auth/user"
	"k8s.io/kubernetes/pkg/runtime"
)

// Attributes is an interface used by AdmissionController to get information about a request
// that is used to make an admission decision.
type Attributes interface {
	// GetName returns the name of the object as presented in the request.  On a CREATE operation, the client
	// may omit name and rely on the server to generate the name.  If that is the case, this method will return
	// the empty string
	GetName() string
	// GetNamespace is the namespace associated with the request (if any)
	GetNamespace() string
	// GetResource is the name of the resource being requested.  This is not the kind.  For example: pods
	GetResource() string
	// GetSubresource is the name of the subresource being requested.  This is a different resource, scoped to the parent resource, but it may have a different kind.
	// For instance, /pods has the resource "pods" and the kind "Pod", while /pods/foo/status has the resource "pods", the sub resource "status", and the kind "Pod"
	// (because status operates on pods). The binding resource for a pod though may be /pods/foo/binding, which has resource "pods", subresource "binding", and kind "Binding".
	GetSubresource() string
	// GetOperation is the operation being performed
	GetOperation() Operation
	// GetObject is the object from the incoming request prior to default values being applied
	GetObject() runtime.Object
	// GetKind is the type of object being manipulated.  For example: Pod
	GetKind() string
	// GetUserInfo is information about the requesting user
	GetUserInfo() user.Info
}

// Interface is an abstract, pluggable interface for Admission Control decisions.
type Interface interface {
	// Admit makes an admission decision based on the request attributes
	Admit(a Attributes) (err error)

	// Handles returns true if this admission controller can handle the given operation
	// where operation can be one of CREATE, UPDATE, DELETE, or CONNECT
	Handles(operation Operation) bool
}

// Operation is the type of resource operation being checked for admission control
type Operation string

// Operation constants
const (
	Create  Operation = "CREATE"
	Update  Operation = "UPDATE"
	Delete  Operation = "DELETE"
	Connect Operation = "CONNECT"
)
Implement basic admission control framework 2015-01-06 16:44:43 +00:00			`/*`
Make copyright ownership statement generic Instead of saying "Google Inc." (which is not always correct) say "The Kubernetes Authors", which is generic. 2015-05-01 16:19:44 +00:00			`Copyright 2014 The Kubernetes Authors All rights reserved.`
Implement basic admission control framework 2015-01-06 16:44:43 +00:00
			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package admission`

			`import (`
rewrite go imports 2015-08-05 22:03:47 +00:00			`"k8s.io/kubernetes/pkg/auth/user"`
			`"k8s.io/kubernetes/pkg/runtime"`
Implement basic admission control framework 2015-01-06 16:44:43 +00:00			`)`

			`// Attributes is an interface used by AdmissionController to get information about a request`
			`// that is used to make an admission decision.`
			`type Attributes interface {`
Admission control attributes has access to resource name 2015-06-17 20:40:36 +00:00			`// GetName returns the name of the object as presented in the request. On a CREATE operation, the client`
			`// may omit name and rely on the server to generate the name. If that is the case, this method will return`
			`// the empty string`
			`GetName() string`
Admission control exposes subresource 2015-06-18 19:00:46 +00:00			`// GetNamespace is the namespace associated with the request (if any)`
Implement basic admission control framework 2015-01-06 16:44:43 +00:00			`GetNamespace() string`
Admission control exposes subresource 2015-06-18 19:00:46 +00:00			`// GetResource is the name of the resource being requested. This is not the kind. For example: pods`
update admission control to properly indicate resource 2015-01-30 13:16:46 +00:00			`GetResource() string`
Admission control exposes subresource 2015-06-18 19:00:46 +00:00			`// GetSubresource is the name of the subresource being requested. This is a different resource, scoped to the parent resource, but it may have a different kind.`
			`// For instance, /pods has the resource "pods" and the kind "Pod", while /pods/foo/status has the resource "pods", the sub resource "status", and the kind "Pod"`
			`// (because status operates on pods). The binding resource for a pod though may be /pods/foo/binding, which has resource "pods", subresource "binding", and kind "Binding".`
			`GetSubresource() string`
			`// GetOperation is the operation being performed`
Add operation checking to admission control handlers Adds a new method to the handler interface that returns true only if the admission control handler handles that operation. 2015-05-15 14:48:33 +00:00			`GetOperation() Operation`
Admission control exposes subresource 2015-06-18 19:00:46 +00:00			`// GetObject is the object from the incoming request prior to default values being applied`
Implement basic admission control framework 2015-01-06 16:44:43 +00:00			`GetObject() runtime.Object`
Admission control exposes subresource 2015-06-18 19:00:46 +00:00			`// GetKind is the type of object being manipulated. For example: Pod`
Improve error message when name is omitted but generateName is available 2015-04-14 22:03:26 +00:00			`GetKind() string`
Admission control exposes subresource 2015-06-18 19:00:46 +00:00			`// GetUserInfo is information about the requesting user`
expose user info to admission controllers 2015-05-14 01:31:51 +00:00			`GetUserInfo() user.Info`
Implement basic admission control framework 2015-01-06 16:44:43 +00:00			`}`

			`// Interface is an abstract, pluggable interface for Admission Control decisions.`
			`type Interface interface {`
			`// Admit makes an admission decision based on the request attributes`
			`Admit(a Attributes) (err error)`
Add operation checking to admission control handlers Adds a new method to the handler interface that returns true only if the admission control handler handles that operation. 2015-05-15 14:48:33 +00:00
			`// Handles returns true if this admission controller can handle the given operation`
			`// where operation can be one of CREATE, UPDATE, DELETE, or CONNECT`
			`Handles(operation Operation) bool`
Implement basic admission control framework 2015-01-06 16:44:43 +00:00			`}`
Add operation checking to admission control handlers Adds a new method to the handler interface that returns true only if the admission control handler handles that operation. 2015-05-15 14:48:33 +00:00
			`// Operation is the type of resource operation being checked for admission control`
			`type Operation string`

			`// Operation constants`
			`const (`
			`Create Operation = "CREATE"`
			`Update Operation = "UPDATE"`
			`Delete Operation = "DELETE"`
			`Connect Operation = "CONNECT"`
			`)`