Skip to content

Commit

Permalink
Make webhook mode configurable.
Browse files Browse the repository at this point in the history
  • Loading branch information
Gerrit91 committed Nov 8, 2023
1 parent a8b71e2 commit 3c1ef36
Show file tree
Hide file tree
Showing 5 changed files with 79 additions and 636 deletions.
3 changes: 2 additions & 1 deletion example/shoot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,12 @@ spec:
providerConfig:
apiVersion: audit.metal.extensions.gardener.cloud/v1alpha1
kind: AuditConfig
webhookMode: blocking
backends:
log:
enabled: true
clusterForwarding:
enabled: true
enabled: false
# persistence:
# size: 10Gi
# auditPolicy: |
Expand Down
12 changes: 12 additions & 0 deletions pkg/apis/audit/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,16 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

const (
AuditWebhookModeBatch AuditWebhookMode = "batch"
AuditWebhookModeBlocking AuditWebhookMode = "blocking"
AuditWebhookModeBlockingStrict AuditWebhookMode = "blocking-strict"
)

type (
AuditWebhookMode string
)

// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

// AuditConfig configuration resource
Expand All @@ -12,6 +22,8 @@ type AuditConfig struct {

Persistence *AuditPersistence

WebhookMode AuditWebhookMode

AuditPolicy *string

Backends *AuditBackends
Expand Down
10 changes: 10 additions & 0 deletions pkg/apis/audit/v1alpha1/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,14 @@ const (
ShootAuditResourceName = "extension-audit-shoot"

ShootAudittailerNamespace = "audit"

AuditWebhookModeBatch AuditWebhookMode = "batch"
AuditWebhookModeBlocking AuditWebhookMode = "blocking"
AuditWebhookModeBlockingStrict AuditWebhookMode = "blocking-strict"
)

type (
AuditWebhookMode string
)

// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
Expand All @@ -19,6 +27,8 @@ type AuditConfig struct {

Persistence *AuditPersistence `json:"persistence,omitempty"`

WebhookMode AuditWebhookMode `json:"webhookMode,omitempty"`

AuditPolicy *string `json:"auditPolicy,omitempty"`

Backends *AuditBackends `json:"backends,omitempty"`
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/audit/v1alpha1/zz_generated.conversion.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 3c1ef36

Please sign in to comment.