func newAuthorizer(c *oclient.Client, cacheTTL time.Duration, cacheSize int) (kauthorizer.Authorizer, error) {
var (
authz oauthorizer.Authorizer
err error
)
// Authorize against the remote master
authz, err = authzremote.NewAuthorizer(c)
if err != nil {
return nil, err
}
// Cache results
if cacheTTL > 0 && cacheSize > 0 {
authz, err = authzcache.NewAuthorizer(authz, cacheTTL, cacheSize)
if err != nil {
return nil, err
}
}
// Adapt to the Kubernetes authorizer interface
kauthz, err := authzadapter.NewAuthorizer(authz)
if err != nil {
return nil, err
}
return kauthz, nil
}
// Initialize will check the initialization interfaces implemented by each plugin
// and provide the appropriate initialization data
func (i *PluginInitializer) Initialize(plugins []admission.Interface) {
for _, plugin := range plugins {
if wantsOpenshiftClient, ok := plugin.(WantsOpenshiftClient); ok {
wantsOpenshiftClient.SetOpenshiftClient(i.OpenshiftClient)
}
if wantsProjectCache, ok := plugin.(WantsProjectCache); ok {
wantsProjectCache.SetProjectCache(i.ProjectCache)
}
if wantsOriginQuotaRegistry, ok := plugin.(WantsOriginQuotaRegistry); ok {
wantsOriginQuotaRegistry.SetOriginQuotaRegistry(i.OriginQuotaRegistry)
}
if wantsAuthorizer, ok := plugin.(WantsAuthorizer); ok {
wantsAuthorizer.SetAuthorizer(i.Authorizer)
}
if kubeWantsAuthorizer, ok := plugin.(admission.WantsAuthorizer); ok {
kubeAuthorizer, err := adapter.NewAuthorizer(i.Authorizer)
// this shouldn't happen
if err != nil {
panic(err)
}
kubeWantsAuthorizer.SetAuthorizer(kubeAuthorizer)
}
if wantsJenkinsPipelineConfig, ok := plugin.(WantsJenkinsPipelineConfig); ok {
wantsJenkinsPipelineConfig.SetJenkinsPipelineConfig(i.JenkinsPipelineConfig)
}
if wantsRESTClientConfig, ok := plugin.(WantsRESTClientConfig); ok {
wantsRESTClientConfig.SetRESTClientConfig(i.RESTClientConfig)
}
if wantsInformers, ok := plugin.(WantsInformers); ok {
wantsInformers.SetInformers(i.Informers)
}
if wantsInformerFactory, ok := plugin.(admission.WantsInformerFactory); ok {
wantsInformerFactory.SetInformerFactory(i.Informers.KubernetesInformers())
}
if wantsClusterQuotaMapper, ok := plugin.(WantsClusterQuotaMapper); ok {
wantsClusterQuotaMapper.SetClusterQuotaMapper(i.ClusterQuotaMapper)
}
if wantsDefaultRegistryFunc, ok := plugin.(WantsDefaultRegistryFunc); ok {
wantsDefaultRegistryFunc.SetDefaultRegistryFunc(i.DefaultRegistryFn)
}
if wantsGroupCache, ok := plugin.(WantsGroupCache); ok {
wantsGroupCache.SetGroupCache(i.GroupCache)
}
}
}