// New creates a new WebhookAuthorizer from the provided kubeconfig file. // // The config's cluster field is used to refer to the remote service, user refers to the returned authorizer. // // # clusters refers to the remote service. // clusters: // - name: name-of-remote-authz-service // cluster: // certificate-authority: /path/to/ca.pem # CA for verifying the remote service. // server: https://authz.example.com/authorize # URL of remote service to query. Must use 'https'. // // # users refers to the API server's webhook configuration. // users: // - name: name-of-api-server // user: // client-certificate: /path/to/cert.pem # cert for the webhook plugin to use // client-key: /path/to/key.pem # key matching the cert // // For additional HTTP configuration, refer to the kubeconfig documentation // http://kubernetes.io/v1.1/docs/user-guide/kubeconfig-file.html. func New(kubeConfigFile string) (*WebhookAuthorizer, error) { for _, groupVersion := range requireEnabled { if !registered.IsEnabledVersion(groupVersion) { return nil, fmt.Errorf("webhook authz plugin requires enabling extension resource: %s", groupVersion) } } loadingRules := clientcmd.NewDefaultClientConfigLoadingRules() loadingRules.ExplicitPath = kubeConfigFile loader := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, &clientcmd.ConfigOverrides{}) clientConfig, err := loader.ClientConfig() if err != nil { return nil, err } serializer := json.NewSerializer(json.DefaultMetaFactory, api.Scheme, runtime.ObjectTyperToTyper(api.Scheme), false) clientConfig.ContentConfig.Codec = versioning.NewCodecForScheme(api.Scheme, serializer, serializer, encodeVersions, decodeVersions) restClient, err := restclient.UnversionedRESTClientFor(clientConfig) if err != nil { return nil, err } // TODO(ericchiang): Can we ensure remote service is reachable? return &WebhookAuthorizer{restClient}, nil }
func init() { jsonSerializer := json.NewSerializer(json.DefaultMetaFactory, api.Scheme, api.Scheme, true) Codec = versioning.NewCodecForScheme( api.Scheme, jsonSerializer, jsonSerializer, []unversioned.GroupVersion{{Version: Version}}, []unversioned.GroupVersion{{Version: runtime.APIVersionInternal}}, ) }
func init() { yamlSerializer := json.NewYAMLSerializer(json.DefaultMetaFactory, api.Scheme, api.Scheme) Codec = versioning.NewCodecForScheme( api.Scheme, yamlSerializer, yamlSerializer, unversioned.GroupVersion{Version: Version}, runtime.InternalGroupVersioner, ) }
// CodecForVersions creates a codec with the provided serializer. If an object is decoded and its group is not in the list, // it will default to runtime.APIVersionInternal. If encode is not specified for an object's group, the object is not // converted. If encode or decode are nil, no conversion is performed. func (f CodecFactory) CodecForVersions(encoder runtime.Encoder, decoder runtime.Decoder, encode runtime.GroupVersioner, decode runtime.GroupVersioner) runtime.Codec { // TODO: these are for backcompat, remove them in the future if encode == nil { encode = runtime.DisabledGroupVersioner } if decode == nil { decode = runtime.InternalGroupVersioner } return versioning.NewCodecForScheme(f.scheme, encoder, decoder, encode, decode) }
func init() { yamlSerializer := json.NewYAMLSerializer(json.DefaultMetaFactory, api.Scheme, runtime.ObjectTyperToTyper(api.Scheme)) Codec = versioning.NewCodecForScheme( api.Scheme, yamlSerializer, yamlSerializer, []unversioned.GroupVersion{{Version: Version}}, []unversioned.GroupVersion{{Version: runtime.APIVersionInternal}}, ) }
func init() { Scheme = runtime.NewScheme() if err := api.AddToScheme(Scheme); err != nil { // Programmer error, detect immediately panic(err) } if err := v1.AddToScheme(Scheme); err != nil { // Programmer error, detect immediately panic(err) } yamlSerializer := json.NewYAMLSerializer(json.DefaultMetaFactory, Scheme, Scheme) Codec = versioning.NewCodecForScheme( Scheme, yamlSerializer, yamlSerializer, unversioned.GroupVersion{Version: Version}, runtime.InternalGroupVersioner, ) }
// CodecFor creates a codec with the provided serializer. If an object is decoded and its group is not in the list, // it will default to runtime.APIVersionInternal. If encode is not specified for an object's group, the object is not // converted. If encode or decode are nil, no conversion is performed. func (f CodecFactory) CodecForVersions(encoder runtime.Encoder, decoder runtime.Decoder, encode []unversioned.GroupVersion, decode []unversioned.GroupVersion) runtime.Codec { return versioning.NewCodecForScheme(f.scheme, encoder, decoder, encode, decode) }
// LegacyCodec encodes output to a given API version, and decodes output into the internal form from // any recognized source. The returned codec will always encode output to JSON. // // This method is deprecated - clients and servers should negotiate a serializer by mime-type and // invoke CodecForVersions. Callers that need only to read data should use UniversalDecoder(). func (f CodecFactory) LegacyCodec(version ...unversioned.GroupVersion) runtime.Codec { return versioning.NewCodecForScheme(f.scheme, f.legacySerializer, f.universal, version, nil) }
// CodecFor creates a codec with the provided serializer. If an object is decoded and its group is not in the list, // it will default to runtime.APIVersionInternal. If encode is not specified for an object's group, the object is not // converted. If encode or decode are nil, no conversion is performed. func (f CodecFactory) CodecForVersions(serializer runtime.Serializer, encode []unversioned.GroupVersion, decode []unversioned.GroupVersion) runtime.Codec { return versioning.NewCodecForScheme(f.scheme, serializer, serializer, encode, decode) }
import ( "k8s.io/kubernetes/pkg/api/unversioned" "k8s.io/kubernetes/pkg/runtime" "k8s.io/kubernetes/pkg/runtime/serializer/json" "k8s.io/kubernetes/pkg/runtime/serializer/versioning" "k8s.io/kubernetes/plugin/pkg/scheduler/api" _ "k8s.io/kubernetes/plugin/pkg/scheduler/api/v1" ) // Version is the string that represents the current external default version. const Version = "v1" // OldestVersion is the string that represents the oldest server version supported. const OldestVersion = "v1" // Versions is the list of versions that are recognized in code. The order provided // may be assumed to be least feature rich to most feature rich, and clients may // choose to prefer the latter items in the list over the former items when presented // with a set of versions to choose. var Versions = []string{"v1"} // Codec is the default codec for serializing input that should use // the latest supported version. It supports JSON by default. var Codec = versioning.NewCodecForScheme( api.Scheme, json.NewSerializer(json.DefaultMetaFactory, api.Scheme, runtime.ObjectTyperToTyper(api.Scheme), true), []unversioned.GroupVersion{{Version: Version}}, []unversioned.GroupVersion{{Version: runtime.APIVersionInternal}}, )