k8s.io/kubernetes@v1.29.3/pkg/registry/admissionregistration/rest/storage_apiserver.go (about) 1 /* 2 Copyright 2016 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package rest 18 19 import ( 20 admissionregistrationv1 "k8s.io/api/admissionregistration/v1" 21 admissionregistrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1" 22 admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1" 23 "k8s.io/apiserver/pkg/authorization/authorizer" 24 "k8s.io/apiserver/pkg/registry/generic" 25 "k8s.io/apiserver/pkg/registry/rest" 26 genericapiserver "k8s.io/apiserver/pkg/server" 27 serverstorage "k8s.io/apiserver/pkg/server/storage" 28 "k8s.io/client-go/discovery" 29 "k8s.io/kubernetes/pkg/api/legacyscheme" 30 "k8s.io/kubernetes/pkg/apis/admissionregistration" 31 mutatingwebhookconfigurationstorage "k8s.io/kubernetes/pkg/registry/admissionregistration/mutatingwebhookconfiguration/storage" 32 "k8s.io/kubernetes/pkg/registry/admissionregistration/resolver" 33 validatingadmissionpolicystorage "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingadmissionpolicy/storage" 34 policybindingstorage "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingadmissionpolicybinding/storage" 35 validatingwebhookconfigurationstorage "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingwebhookconfiguration/storage" 36 ) 37 38 type RESTStorageProvider struct { 39 Authorizer authorizer.Authorizer 40 DiscoveryClient discovery.DiscoveryInterface 41 } 42 43 func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, error) { 44 apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(admissionregistration.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs) 45 // If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities. 46 // TODO refactor the plumbing to provide the information in the APIGroupInfo 47 48 if storageMap, err := p.v1Storage(apiResourceConfigSource, restOptionsGetter); err != nil { 49 return genericapiserver.APIGroupInfo{}, err 50 } else if len(storageMap) > 0 { 51 apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1.SchemeGroupVersion.Version] = storageMap 52 } 53 54 if storageMap, err := p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter); err != nil { 55 return genericapiserver.APIGroupInfo{}, err 56 } else if len(storageMap) > 0 { 57 apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1beta1.SchemeGroupVersion.Version] = storageMap 58 } 59 60 if storageMap, err := p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter); err != nil { 61 return genericapiserver.APIGroupInfo{}, err 62 } else if len(storageMap) > 0 { 63 apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1alpha1.SchemeGroupVersion.Version] = storageMap 64 } 65 return apiGroupInfo, nil 66 } 67 68 func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) { 69 storage := map[string]rest.Storage{} 70 71 // validatingwebhookconfigurations 72 if resource := "validatingwebhookconfigurations"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1.SchemeGroupVersion.WithResource(resource)) { 73 validatingStorage, err := validatingwebhookconfigurationstorage.NewREST(restOptionsGetter) 74 if err != nil { 75 return storage, err 76 } 77 storage[resource] = validatingStorage 78 } 79 80 // mutatingwebhookconfigurations 81 if resource := "mutatingwebhookconfigurations"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1.SchemeGroupVersion.WithResource(resource)) { 82 mutatingStorage, err := mutatingwebhookconfigurationstorage.NewREST(restOptionsGetter) 83 if err != nil { 84 return storage, err 85 } 86 storage[resource] = mutatingStorage 87 } 88 89 return storage, nil 90 } 91 92 func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) { 93 storage := map[string]rest.Storage{} 94 95 // use a simple wrapper so that initialization order won't cause a nil getter 96 var policyGetter rest.Getter 97 98 r, err := resolver.NewDiscoveryResourceResolver(p.DiscoveryClient) 99 if err != nil { 100 return storage, err 101 } 102 103 // validatingadmissionpolicies 104 if resource := "validatingadmissionpolicies"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1alpha1.SchemeGroupVersion.WithResource(resource)) { 105 policyStorage, policyStatusStorage, err := validatingadmissionpolicystorage.NewREST(restOptionsGetter, p.Authorizer, r) 106 if err != nil { 107 return storage, err 108 } 109 policyGetter = policyStorage 110 storage[resource] = policyStorage 111 storage[resource+"/status"] = policyStatusStorage 112 } 113 114 // validatingadmissionpolicybindings 115 if resource := "validatingadmissionpolicybindings"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1alpha1.SchemeGroupVersion.WithResource(resource)) { 116 policyBindingStorage, err := policybindingstorage.NewREST(restOptionsGetter, p.Authorizer, &policybindingstorage.DefaultPolicyGetter{Getter: policyGetter}, r) 117 if err != nil { 118 return storage, err 119 } 120 storage[resource] = policyBindingStorage 121 } 122 123 return storage, nil 124 } 125 126 func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) { 127 storage := map[string]rest.Storage{} 128 129 // use a simple wrapper so that initialization order won't cause a nil getter 130 var policyGetter rest.Getter 131 132 r, err := resolver.NewDiscoveryResourceResolver(p.DiscoveryClient) 133 if err != nil { 134 return storage, err 135 } 136 137 // validatingadmissionpolicies 138 if resource := "validatingadmissionpolicies"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1beta1.SchemeGroupVersion.WithResource(resource)) { 139 policyStorage, policyStatusStorage, err := validatingadmissionpolicystorage.NewREST(restOptionsGetter, p.Authorizer, r) 140 if err != nil { 141 return storage, err 142 } 143 policyGetter = policyStorage 144 storage[resource] = policyStorage 145 storage[resource+"/status"] = policyStatusStorage 146 } 147 148 // validatingadmissionpolicybindings 149 if resource := "validatingadmissionpolicybindings"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1beta1.SchemeGroupVersion.WithResource(resource)) { 150 policyBindingStorage, err := policybindingstorage.NewREST(restOptionsGetter, p.Authorizer, &policybindingstorage.DefaultPolicyGetter{Getter: policyGetter}, r) 151 if err != nil { 152 return storage, err 153 } 154 storage[resource] = policyBindingStorage 155 } 156 157 return storage, nil 158 } 159 160 func (p RESTStorageProvider) GroupName() string { 161 return admissionregistration.GroupName 162 }