in

A library to simplify the implementation of webhooks for arbitrary customer resources (CR) in the operator-sdk


Documentation Test Go Report Card Coverage Status Releases License

The k8s-generic-webhook is a library to simplify the implementation of webhooks for arbitrary customer resources (CR) in the operator-sdk or controller-runtime. Furthermore, it provides full access to the AdmissionReview request and decodes the Object in the request automatically. More sophistic webhook logic is facilitated by using the injected Client of the webhook which provides full access to the Kubernetes API.

Quickstart

  1. Initialize a new manager using the operator-sdk.
  2. Create a pkg (e.g. webhooks/pod) and implement your webhook logic by embedding either the ValidatingWebhook or the MuatatingWebhook.

Example ValidatingWebhook

package pod

import (
	"context"

	corev1 "k8s.io/api/core/v1"
	"k8s.io/apimachinery/pkg/runtime"
	"sigs.k8s.io/controller-runtime/pkg/log"
	"sigs.k8s.io/controller-runtime/pkg/manager"
	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"

	"github.com/snorwin/k8s-generic-webhook/pkg/webhook"
)

type Webhook struct {
	webhook.ValidatingWebhook
}

func (w *Webhook) SetupWebhookWithManager(mgr manager.Manager) error {
	return webhook.NewGenericWebhookManagedBy(mgr).
		For(&corev1.Pod{}).
		Complete(w)
}

func (w *Webhook) ValidateCreate(ctx context.Context, request admission.Request, object runtime.Object) admission.Response {
	_ = log.FromContext(ctx)

	pod := object.(*corev1.Pod)
	// TODO add your programmatic validation logic here

	return admission.Allowed("")
}

Example MutatingWebhook

package pod

import (
	"context"

	corev1 "k8s.io/api/core/v1"
	"k8s.io/apimachinery/pkg/runtime"
	"sigs.k8s.io/controller-runtime/pkg/log"
	"sigs.k8s.io/controller-runtime/pkg/manager"
	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"

	"github.com/snorwin/k8s-generic-webhook/pkg/webhook"
)

type Webhook struct {
	webhook.MutatingWebhook
}

func (w *Webhook) SetupWebhookWithManager(mgr manager.Manager) error {
	return webhook.NewGenericWebhookManagedBy(mgr).
		For(&corev1.Pod{}).
		Complete(&w)
}

func (w *Webhook) Mutate(ctx context.Context, request admission.Request, object runtime.Object) admission.Response {
	_ = log.FromContext(ctx)

	pod := object.(*corev1.Pod)
	// TODO add your programmatic mutation logic here

	return admission.Allowed("")
}
  1. Add the following snippet to main() in main.go in order to register the webhook in the manager.
if err = (&pod.Webhook{}).SetupWebhookWithManager(mgr); err != nil {
    setupLog.Error(err, "unable to create webhook", "webhook", "Pod")
    os.Exit(1)
}

GitHub

https://github.com/snorwin/k8s-generic-webhook




Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GIPHY App Key not set. Please check settings

Shortcut Keeper — Save the keyboard shortcuts you want to remember

Cloud native – I Beginner guide