knative
/
pkg
mirror of https://github.com/knative/pkg.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
pkg/test/webhook-apicoverage/webhook
History
Mike Petersen a2e3b66654
Renews a webhook cert before it expires (#1101) 
* Renews a webhook cert before it expires

* Moved checks out of webhook and into certificate

* Updated error messages and others from review

* Updated error messages and changed time comparison

* Added two tests cases for checking expiration

* Fixed issue with missing "." in webhook.go
 		2020-02-22 12:33:08 -08:00
..
README.md Move webhook apicoverage to knative/pkg (#555) 2019-08-06 07:16:55 -07:00
apicoverage_recorder.go This refactors our core webhook logic to be reconciler-based. (#833) 2019-10-31 10:17:13 -07:00
webhook.go Renews a webhook cert before it expires (#1101) 2020-02-22 12:33:08 -08:00

README.md

Webhook

Webhook based API-Coverage tool uses ValidatingAdmissionWebhook which is a web-server that the K8 API-Server calls into for every API-Object update to verify if the object is valid before storing it into its datastore. Each validation request has the json representation of the object being created/modified, that the tool uses to capture coverage data. webhook package inside this folder provides a mechanism for individual repos to setup ValidatingAdmissionWebhook.

APICoverageWebhook type inside the package encapsulates necessary configuration details and helper methods required to setup the webhook. Each repo is expected to call into SetupWebhook() providing following three parameters:

  1. http.Handler: This is the http handler (that implements ServeHTTP( w http.ResponseWriter, r *http.Request)) that the web server created by APICoverageWebhook uses.
  2. rules: This is an array of RuleWithOperations objects from the k8s.io/api/admissionregistration/v1beta1 package that the webhook uses for validation on each API Object update. e.g: knative-serving while calling this method would provide rules that will handle API Objects like Service, Configuration, Route and Revision.
  3. namespace: Namespace name where the webhook would be installed.
  4. stop channel: Channel to terminate webhook's web server.

SetupWebhook() method in its implementation creates a TLS based web server and registers the webhook by creating a ValidatingWebhookConfiguration object inside the K8 cluster.

APICoverageRecorder type inside the package encapsulates the apicoverage recording capabilities. Repo using this type is expected to set:

  1. ResourceForest: Specifying the version and initializing the ResourceTrees
  2. ResourceMap: Identifying the resources whose APICoverage needs to be calculated.
  3. NodeRules: NodeRules that are applicable for the repo.
  4. FieldRules: FieldRules that are applicable for the repo.
  5. DisplayRules: DisplayRules to be used by GetResourceCoverage method.