View Source BonnyPlug.AdmissionReview.Request (bonny_plug v1.0.3)
Helper functions for admission review request handling. This module is imported when using WebhookHandler.
Link to this section Summary
Functions
Adds a warning to the admission review's response.
Responds by allowing the operation
Checks the given field's value - if defined - against a list of allowed values. If the field is not defined, the request is considered valid and no error is returned. Use the CRD to define required fields.
Verifies that a given field has not been mutated.
Responds by denying the operation
Responds by denying the operation, returning response code and message
Link to this section Functions
@spec add_warning(BonnyPlug.AdmissionReview.t(), binary()) :: BonnyPlug.AdmissionReview.t()
Adds a warning to the admission review's response.
examples
Examples
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.add_warning(admission_review, "warning")
%BonnyPlug.AdmissionReview{request: %{}, response: %{"warnings" => ["warning"]}}
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{}, response: %{"warnings" => ["existing_warning"]}}
...> BonnyPlug.AdmissionReview.Request.add_warning(admission_review, "new_warning")
%BonnyPlug.AdmissionReview{request: %{}, response: %{"warnings" => ["new_warning", "existing_warning"]}}@spec allow(BonnyPlug.AdmissionReview.t()) :: BonnyPlug.AdmissionReview.t()
Responds by allowing the operation
examples
Examples
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.allow(admission_review)
%BonnyPlug.AdmissionReview{request: %{}, response: %{"allowed" => true}}@spec check_allowed_values(BonnyPlug.AdmissionReview.t(), list(), list()) :: BonnyPlug.AdmissionReview.t()
Checks the given field's value - if defined - against a list of allowed values. If the field is not defined, the request is considered valid and no error is returned. Use the CRD to define required fields.
examples
Examples
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{"object" => %{"metadata" => %{"annotations" => %{"some/annotation" => "bar"}}, "spec" => %{}}, "oldObject" => %{"spec" => %{}}}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.check_allowed_values(admission_review, ~w(metadata annotations some/annotation), ["foo", "bar"])
%BonnyPlug.AdmissionReview{request: %{"object" => %{"metadata" => %{"annotations" => %{"some/annotation" => "bar"}}, "spec" => %{}}, "oldObject" => %{"spec" => %{}}}, response: %{}}
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{"object" => %{"metadata" => %{}, "spec" => %{}}, "oldObject" => %{"spec" => %{}}}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.check_allowed_values(admission_review, ~w(metadata annotations some/annotation), ["foo", "bar"])
%BonnyPlug.AdmissionReview{request: %{"object" => %{"metadata" => %{}, "spec" => %{}}, "oldObject" => %{"spec" => %{}}}, response: %{}}
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{"object" => %{"metadata" => %{"annotations" => %{"some/annotation" => "other"}}, "spec" => %{}}, "oldObject" => %{"spec" => %{}}}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.check_allowed_values(admission_review, ~w(metadata annotations some/annotation), ["foo", "bar"])
%BonnyPlug.AdmissionReview{request: %{"object" => %{"metadata" => %{"annotations" => %{"some/annotation" => "other"}}, "spec" => %{}}, "oldObject" => %{"spec" => %{}}}, response: %{"allowed" => false, "status" => %{"code" => 400, "message" => ~S(The field .metadata.annotations.some/annotation must contain one of the values in ["foo", "bar"] but it's currently set to "other".)}}}@spec check_immutable(BonnyPlug.AdmissionReview.t(), list()) :: BonnyPlug.AdmissionReview.t()
Verifies that a given field has not been mutated.
examples
Examples
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{"object" => %{"spec" => %{"immutable" => "value"}}, "oldObject" => %{"spec" => %{"immutable" => "value"}}}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.check_immutable(admission_review, ["spec", "immutable"])
%BonnyPlug.AdmissionReview{request: %{"object" => %{"spec" => %{"immutable" => "value"}}, "oldObject" => %{"spec" => %{"immutable" => "value"}}}, response: %{}}
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{"object" => %{"spec" => %{"immutable" => "new_value"}}, "oldObject" => %{"spec" => %{"immutable" => "value"}}}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.check_immutable(admission_review, ["spec", "immutable"])
%BonnyPlug.AdmissionReview{request: %{"object" => %{"spec" => %{"immutable" => "new_value"}}, "oldObject" => %{"spec" => %{"immutable" => "value"}}}, response: %{"allowed" => false, "status" => %{"code" => 400, "message" => "The field .spec.immutable is immutable."}}}@spec deny(BonnyPlug.AdmissionReview.t()) :: BonnyPlug.AdmissionReview.t()
Responds by denying the operation
examples
Examples
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.deny(admission_review)
%BonnyPlug.AdmissionReview{request: %{}, response: %{"allowed" => false}}@spec deny(BonnyPlug.AdmissionReview.t(), integer(), binary()) :: BonnyPlug.AdmissionReview.t()
Responds by denying the operation, returning response code and message
examples
Examples
iex> admission_review = %BonnyPlug.AdmissionReview{request: %{}, response: %{}}
...> BonnyPlug.AdmissionReview.Request.deny(admission_review, 403, "foo")
%BonnyPlug.AdmissionReview{request: %{}, response: %{"allowed" => false, "status" => %{"code" => 403, "message" => "foo"}}}
iex> BonnyPlug.AdmissionReview.Request.deny(%BonnyPlug.AdmissionReview{request: %{}, response: %{}}, "foo")
%BonnyPlug.AdmissionReview{request: %{}, response: %{"allowed" => false, "status" => %{"code" => 400, "message" => "foo"}}}