webhook.go

Documentation: github.com/linkerd/linkerd2/controller/sp-validator

     1  package validator
     2  
     3  import (
     4  	"context"
     5  
     6  	"github.com/linkerd/linkerd2/controller/k8s"
     7  	"github.com/linkerd/linkerd2/pkg/profiles"
     8  	admissionv1beta1 "k8s.io/api/admission/v1beta1"
     9  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    10  	"k8s.io/client-go/tools/record"
    11  )
    12  
    13  // AdmitSP verifies that the received Admission Request contains a valid
    14  // Service Profile definition
    15  func AdmitSP(
    16  	_ context.Context, _ *k8s.MetadataAPI, request *admissionv1beta1.AdmissionRequest, _ record.EventRecorder,
    17  ) (*admissionv1beta1.AdmissionResponse, error) {
    18  	admissionResponse := &admissionv1beta1.AdmissionResponse{
    19  		UID:     request.UID,
    20  		Allowed: true,
    21  	}
    22  	if err := profiles.Validate(request.Object.Raw); err != nil {
    23  		admissionResponse.Allowed = false
    24  		admissionResponse.Result = &metav1.Status{Message: err.Error(), Code: 400}
    25  	}
    26  	return admissionResponse, nil
    27  }
    28

View as plain text