k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/pkg/registry/admissionregistration/rest/storage_apiserver.go

k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/pkg/registry/admissionregistration/rest/storage_apiserver.go (about)

     1  /*
     2  Copyright 2016 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package rest
    18  
    19  import (
    20  	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
    21  	admissionregistrationv1alpha1 "k8s.io/api/admissionregistration/v1alpha1"
    22  	admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1"
    23  	"k8s.io/apiserver/pkg/authorization/authorizer"
    24  	"k8s.io/apiserver/pkg/registry/generic"
    25  	"k8s.io/apiserver/pkg/registry/rest"
    26  	genericapiserver "k8s.io/apiserver/pkg/server"
    27  	serverstorage "k8s.io/apiserver/pkg/server/storage"
    28  	"k8s.io/client-go/discovery"
    29  	"k8s.io/kubernetes/pkg/api/legacyscheme"
    30  	"k8s.io/kubernetes/pkg/apis/admissionregistration"
    31  	mutatingwebhookconfigurationstorage "k8s.io/kubernetes/pkg/registry/admissionregistration/mutatingwebhookconfiguration/storage"
    32  	"k8s.io/kubernetes/pkg/registry/admissionregistration/resolver"
    33  	validatingadmissionpolicystorage "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingadmissionpolicy/storage"
    34  	policybindingstorage "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingadmissionpolicybinding/storage"
    35  	validatingwebhookconfigurationstorage "k8s.io/kubernetes/pkg/registry/admissionregistration/validatingwebhookconfiguration/storage"
    36  )
    37  
    38  type RESTStorageProvider struct {
    39  	Authorizer      authorizer.Authorizer
    40  	DiscoveryClient discovery.DiscoveryInterface
    41  }
    42  
    43  func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, error) {
    44  	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(admissionregistration.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
    45  	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
    46  	// TODO refactor the plumbing to provide the information in the APIGroupInfo
    47  
    48  	if storageMap, err := p.v1Storage(apiResourceConfigSource, restOptionsGetter); err != nil {
    49  		return genericapiserver.APIGroupInfo{}, err
    50  	} else if len(storageMap) > 0 {
    51  		apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1.SchemeGroupVersion.Version] = storageMap
    52  	}
    53  
    54  	if storageMap, err := p.v1beta1Storage(apiResourceConfigSource, restOptionsGetter); err != nil {
    55  		return genericapiserver.APIGroupInfo{}, err
    56  	} else if len(storageMap) > 0 {
    57  		apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1beta1.SchemeGroupVersion.Version] = storageMap
    58  	}
    59  
    60  	if storageMap, err := p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter); err != nil {
    61  		return genericapiserver.APIGroupInfo{}, err
    62  	} else if len(storageMap) > 0 {
    63  		apiGroupInfo.VersionedResourcesStorageMap[admissionregistrationv1alpha1.SchemeGroupVersion.Version] = storageMap
    64  	}
    65  	return apiGroupInfo, nil
    66  }
    67  
    68  func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) {
    69  	storage := map[string]rest.Storage{}
    70  
    71  	// use a simple wrapper so that initialization order won't cause a nil getter
    72  	var policyGetter rest.Getter
    73  
    74  	r, err := resolver.NewDiscoveryResourceResolver(p.DiscoveryClient)
    75  	if err != nil {
    76  		return storage, err
    77  	}
    78  
    79  	// validatingwebhookconfigurations
    80  	if resource := "validatingwebhookconfigurations"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1.SchemeGroupVersion.WithResource(resource)) {
    81  		validatingStorage, err := validatingwebhookconfigurationstorage.NewREST(restOptionsGetter)
    82  		if err != nil {
    83  			return storage, err
    84  		}
    85  		storage[resource] = validatingStorage
    86  	}
    87  
    88  	// mutatingwebhookconfigurations
    89  	if resource := "mutatingwebhookconfigurations"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1.SchemeGroupVersion.WithResource(resource)) {
    90  		mutatingStorage, err := mutatingwebhookconfigurationstorage.NewREST(restOptionsGetter)
    91  		if err != nil {
    92  			return storage, err
    93  		}
    94  		storage[resource] = mutatingStorage
    95  	}
    96  
    97  	// validatingadmissionpolicies
    98  	if resource := "validatingadmissionpolicies"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1.SchemeGroupVersion.WithResource(resource)) {
    99  		policyStorage, policyStatusStorage, err := validatingadmissionpolicystorage.NewREST(restOptionsGetter, p.Authorizer, r)
   100  		if err != nil {
   101  			return storage, err
   102  		}
   103  		policyGetter = policyStorage
   104  		storage[resource] = policyStorage
   105  		storage[resource+"/status"] = policyStatusStorage
   106  	}
   107  
   108  	// validatingadmissionpolicybindings
   109  	if resource := "validatingadmissionpolicybindings"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1.SchemeGroupVersion.WithResource(resource)) {
   110  		policyBindingStorage, err := policybindingstorage.NewREST(restOptionsGetter, p.Authorizer, &policybindingstorage.DefaultPolicyGetter{Getter: policyGetter}, r)
   111  		if err != nil {
   112  			return storage, err
   113  		}
   114  		storage[resource] = policyBindingStorage
   115  	}
   116  
   117  	return storage, nil
   118  }
   119  
   120  func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) {
   121  	storage := map[string]rest.Storage{}
   122  
   123  	// use a simple wrapper so that initialization order won't cause a nil getter
   124  	var policyGetter rest.Getter
   125  
   126  	r, err := resolver.NewDiscoveryResourceResolver(p.DiscoveryClient)
   127  	if err != nil {
   128  		return storage, err
   129  	}
   130  
   131  	// validatingadmissionpolicies
   132  	if resource := "validatingadmissionpolicies"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1alpha1.SchemeGroupVersion.WithResource(resource)) {
   133  		policyStorage, policyStatusStorage, err := validatingadmissionpolicystorage.NewREST(restOptionsGetter, p.Authorizer, r)
   134  		if err != nil {
   135  			return storage, err
   136  		}
   137  		policyGetter = policyStorage
   138  		storage[resource] = policyStorage
   139  		storage[resource+"/status"] = policyStatusStorage
   140  	}
   141  
   142  	// validatingadmissionpolicybindings
   143  	if resource := "validatingadmissionpolicybindings"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1alpha1.SchemeGroupVersion.WithResource(resource)) {
   144  		policyBindingStorage, err := policybindingstorage.NewREST(restOptionsGetter, p.Authorizer, &policybindingstorage.DefaultPolicyGetter{Getter: policyGetter}, r)
   145  		if err != nil {
   146  			return storage, err
   147  		}
   148  		storage[resource] = policyBindingStorage
   149  	}
   150  
   151  	return storage, nil
   152  }
   153  
   154  func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) {
   155  	storage := map[string]rest.Storage{}
   156  
   157  	// use a simple wrapper so that initialization order won't cause a nil getter
   158  	var policyGetter rest.Getter
   159  
   160  	r, err := resolver.NewDiscoveryResourceResolver(p.DiscoveryClient)
   161  	if err != nil {
   162  		return storage, err
   163  	}
   164  
   165  	// validatingadmissionpolicies
   166  	if resource := "validatingadmissionpolicies"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1beta1.SchemeGroupVersion.WithResource(resource)) {
   167  		policyStorage, policyStatusStorage, err := validatingadmissionpolicystorage.NewREST(restOptionsGetter, p.Authorizer, r)
   168  		if err != nil {
   169  			return storage, err
   170  		}
   171  		policyGetter = policyStorage
   172  		storage[resource] = policyStorage
   173  		storage[resource+"/status"] = policyStatusStorage
   174  	}
   175  
   176  	// validatingadmissionpolicybindings
   177  	if resource := "validatingadmissionpolicybindings"; apiResourceConfigSource.ResourceEnabled(admissionregistrationv1beta1.SchemeGroupVersion.WithResource(resource)) {
   178  		policyBindingStorage, err := policybindingstorage.NewREST(restOptionsGetter, p.Authorizer, &policybindingstorage.DefaultPolicyGetter{Getter: policyGetter}, r)
   179  		if err != nil {
   180  			return storage, err
   181  		}
   182  		storage[resource] = policyBindingStorage
   183  	}
   184  
   185  	return storage, nil
   186  }
   187  
   188  func (p RESTStorageProvider) GroupName() string {
   189  	return admissionregistration.GroupName
   190  }