forked from kubernetes/kubernetes
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request kubernetes#30241 from Q-Lee/webhook
Automatic merge from submit-queue Adding types file for image admission controller. <!-- Checklist for submitting a Pull Request Please remove this comment block before submitting. 1. Please read our [contributor guidelines](https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md). 2. See our [developer guide](https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md). 3. If you want this PR to automatically close an issue when it is merged, add `fixes #<issue number>` or `fixes #<issue number>, fixes #<issue number>` to close multiple issues (see: https://github.com/blog/1506-closing-issues-via-pull-requests). 4. Follow the instructions for [labeling and writing a release note for this PR](https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes) in the block below. --> ```release-note Adding container image verification webhook API. ```
- Loading branch information
Showing
18 changed files
with
5,285 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
/* | ||
Copyright 2016 The Kubernetes Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
// +k8s:deepcopy-gen=package,register | ||
// +groupName=imagepolicy.k8s.io | ||
|
||
package imagepolicy // import "k8s.io/kubernetes/pkg/apis/imagepolicy" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,123 @@ | ||
/* | ||
Copyright 2016 The Kubernetes Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
// Package install installs the experimental API group, making it available as | ||
// an option to all of the API encoding/decoding machinery. | ||
package install | ||
|
||
import ( | ||
"fmt" | ||
|
||
"github.com/golang/glog" | ||
|
||
"k8s.io/kubernetes/pkg/api" | ||
"k8s.io/kubernetes/pkg/api/meta" | ||
"k8s.io/kubernetes/pkg/api/unversioned" | ||
"k8s.io/kubernetes/pkg/apimachinery" | ||
"k8s.io/kubernetes/pkg/apimachinery/registered" | ||
"k8s.io/kubernetes/pkg/apis/imagepolicy" | ||
"k8s.io/kubernetes/pkg/apis/imagepolicy/v1alpha1" | ||
"k8s.io/kubernetes/pkg/runtime" | ||
"k8s.io/kubernetes/pkg/util/sets" | ||
) | ||
|
||
const importPrefix = "k8s.io/kubernetes/pkg/apis/imagepolicy" | ||
|
||
var accessor = meta.NewAccessor() | ||
|
||
// availableVersions lists all known external versions for this group from most preferred to least preferred | ||
var availableVersions = []unversioned.GroupVersion{v1alpha1.SchemeGroupVersion} | ||
|
||
func init() { | ||
registered.RegisterVersions(availableVersions) | ||
externalVersions := []unversioned.GroupVersion{} | ||
for _, v := range availableVersions { | ||
if registered.IsAllowedVersion(v) { | ||
externalVersions = append(externalVersions, v) | ||
} | ||
} | ||
if len(externalVersions) == 0 { | ||
glog.V(4).Infof("No version is registered for group %v", imagepolicy.GroupName) | ||
return | ||
} | ||
|
||
if err := registered.EnableVersions(externalVersions...); err != nil { | ||
glog.V(4).Infof("%v", err) | ||
return | ||
} | ||
if err := enableVersions(externalVersions); err != nil { | ||
glog.V(4).Infof("%v", err) | ||
return | ||
} | ||
} | ||
|
||
// TODO: enableVersions should be centralized rather than spread in each API | ||
// group. | ||
// We can combine registered.RegisterVersions, registered.EnableVersions and | ||
// registered.RegisterGroup once we have moved enableVersions there. | ||
func enableVersions(externalVersions []unversioned.GroupVersion) error { | ||
addVersionsToScheme(externalVersions...) | ||
preferredExternalVersion := externalVersions[0] | ||
|
||
groupMeta := apimachinery.GroupMeta{ | ||
GroupVersion: preferredExternalVersion, | ||
GroupVersions: externalVersions, | ||
RESTMapper: newRESTMapper(externalVersions), | ||
SelfLinker: runtime.SelfLinker(accessor), | ||
InterfacesFor: interfacesFor, | ||
} | ||
|
||
if err := registered.RegisterGroup(groupMeta); err != nil { | ||
return err | ||
} | ||
api.RegisterRESTMapper(groupMeta.RESTMapper) | ||
return nil | ||
} | ||
|
||
func addVersionsToScheme(externalVersions ...unversioned.GroupVersion) { | ||
// add the internal version to Scheme | ||
imagepolicy.AddToScheme(api.Scheme) | ||
// add the enabled external versions to Scheme | ||
for _, v := range externalVersions { | ||
if !registered.IsEnabledVersion(v) { | ||
glog.Errorf("Version %s is not enabled, so it will not be added to the Scheme.", v) | ||
continue | ||
} | ||
switch v { | ||
case v1alpha1.SchemeGroupVersion: | ||
v1alpha1.AddToScheme(api.Scheme) | ||
} | ||
} | ||
} | ||
|
||
func newRESTMapper(externalVersions []unversioned.GroupVersion) meta.RESTMapper { | ||
rootScoped := sets.NewString("ImageReview") | ||
ignoredKinds := sets.NewString() | ||
return api.NewDefaultRESTMapper(externalVersions, interfacesFor, importPrefix, ignoredKinds, rootScoped) | ||
} | ||
|
||
func interfacesFor(version unversioned.GroupVersion) (*meta.VersionInterfaces, error) { | ||
switch version { | ||
case v1alpha1.SchemeGroupVersion: | ||
return &meta.VersionInterfaces{ | ||
ObjectConvertor: api.Scheme, | ||
MetadataAccessor: accessor, | ||
}, nil | ||
default: | ||
g, _ := registered.Group(imagepolicy.GroupName) | ||
return nil, fmt.Errorf("unsupported storage version: %s (valid: %v)", version, g.GroupVersions) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
/* | ||
Copyright 2016 The Kubernetes Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
package imagepolicy | ||
|
||
import ( | ||
"k8s.io/kubernetes/pkg/api" | ||
"k8s.io/kubernetes/pkg/api/unversioned" | ||
"k8s.io/kubernetes/pkg/runtime" | ||
) | ||
|
||
// GroupName is the group name use in this package | ||
const GroupName = "imagepolicy.k8s.io" | ||
|
||
// SchemeGroupVersion is group version used to register these objects | ||
var SchemeGroupVersion = unversioned.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} | ||
|
||
// Kind takes an unqualified kind and returns back a Group qualified GroupKind | ||
func Kind(kind string) unversioned.GroupKind { | ||
return SchemeGroupVersion.WithKind(kind).GroupKind() | ||
} | ||
|
||
// Resource takes an unqualified resource and returns back a Group qualified GroupResource | ||
func Resource(resource string) unversioned.GroupResource { | ||
return SchemeGroupVersion.WithResource(resource).GroupResource() | ||
} | ||
|
||
var ( | ||
SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) | ||
AddToScheme = SchemeBuilder.AddToScheme | ||
) | ||
|
||
func addKnownTypes(scheme *runtime.Scheme) error { | ||
scheme.AddKnownTypes(SchemeGroupVersion, | ||
&api.ListOptions{}, | ||
&api.DeleteOptions{}, | ||
&api.ExportOptions{}, | ||
|
||
&ImageReview{}, | ||
) | ||
// versioned.AddToGroupVersion(scheme, SchemeGroupVersion) | ||
return nil | ||
} |
Oops, something went wrong.