github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #46388 from lavalamp/whitlockjc-generic-webhook-admission

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 46239, 46627, 46346, 46388, 46524)

Dynamic webhook admission control plugin

Unit tests pass.

Needs plumbing:
* [ ] service resolver (depends on @wfender PR)
* [x] client cert (depends on ????)
* [ ] hook source (depends on @caesarxuchao PR)

Also at least one thing will need to be renamed after Chao's PR merges.

```release-note
Allow remote admission controllers to be dynamically added and removed by administrators.  External admission controllers make an HTTP POST containing details of the requested action which the service can approve or reject.
```
This commit is contained in:
Kubernetes Submit Queue
2017-06-02 23:37:42 -07:00
committed by GitHub
parent d8374eaae4 c46e231fc7
commit e837c3bbc2
37 changed files with 1708 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
test/integration/etcd/etcd_storage_path_test.go
View File

@@ -381,6 +381,10 @@ var ephemeralWhiteList = createEphemeralWhiteList(
// k8s.io/kubernetes/pkg/apis/policy/v1beta1
gvr("policy", "v1beta1", "evictions"), // not stored in etcd, deals with evicting kapiv1.Pod
// --
// k8s.io/kubernetes/pkg/apis/admission/v1alpha1
gvr("admission.k8s.io", "v1alpha1", "admissionreviews"), // not stored in etcd, call out to webhooks.
// --
)
// Only add kinds to this list when there is no mapping from GVK to GVR (and thus there is no way to create the object)