kube_core::admission

Struct AdmissionResponse

Source 
#[non_exhaustive]
pub struct AdmissionResponse {
    pub types: TypeMeta,
    pub uid: String,
    pub allowed: bool,
    pub result: Status,
    pub patch: Option<Vec<u8>>,
    pub audit_annotations: HashMap<String, String>,
    pub warnings: Option<Vec<String>>,
    /* private fields */
}
Available on crate feature admission only.
Expand description

An outgoing AdmissionReview response. Constructed from the corresponding AdmissionRequest.

use kube::core::{
    admission::{AdmissionRequest, AdmissionResponse, AdmissionReview},
    DynamicObject,
};

// The incoming AdmissionReview received by the controller.
let body: AdmissionReview<DynamicObject> = todo!();
let req: AdmissionRequest<_> = body.try_into().unwrap();

// A normal response with no side effects.
let _: AdmissionReview<_> = AdmissionResponse::from(&req).into_review();

// A response rejecting the admission webhook with a provided reason.
let _: AdmissionReview<_> = AdmissionResponse::from(&req)
    .deny("Some rejection reason.")
    .into_review();

use json_patch::{AddOperation, Patch, PatchOperation};
use jsonptr::PointerBuf;

// A response adding a label to the resource.
let _: AdmissionReview<_> = AdmissionResponse::from(&req)
    .with_patch(Patch(vec![PatchOperation::Add(AddOperation {
        path: PointerBuf::from_tokens(["metadata","labels","my-label"]),
        value: serde_json::Value::String("my-value".to_owned()),
    })]))
    .unwrap()
    .into_review();

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§types: TypeMeta

Copied from the corresponding consructing AdmissionRequest.

§uid: String

Identifier for the individual request/response. This must be copied over from the corresponding AdmissionRequest.

§allowed: bool

Indicates whether or not the admission request was permitted.

§result: Status

Extra details into why an admission request was denied. This field IS NOT consulted in any way if “Allowed” is “true”.

§patch: Option<Vec<u8>>

The patch body. Currently we only support “JSONPatch” which implements RFC 6902.

§audit_annotations: HashMap<String, String>

An unstructured key value map set by remote admission controller (e.g. error=image-blacklisted). MutatingAdmissionWebhook and ValidatingAdmissionWebhook admission controller will prefix the keys with admission webhook name (e.g. imagepolicy.example.com/error=image-blacklisted). AuditAnnotations will be provided by the admission webhook to add additional context to the audit log for this request.

§warnings: Option<Vec<String>>

A list of warning messages to return to the requesting API client. Warning messages describe a problem the client making the API request should correct or be aware of. Limit warnings to 120 characters if possible. Warnings over 256 characters and large numbers of warnings may be truncated.

Implementations§

Source§

impl AdmissionResponse

Source

pub fn invalid<T: ToString>(reason: T) -> Self

Constructs an invalid AdmissionResponse. It doesn’t copy the uid from the corresponding AdmissionRequest, so should only be used when the original request cannot be read.

Source

pub fn deny<T: ToString>(self, reason: T) -> Self

Deny the request with a reason. The reason will be sent to the original caller.

Source

pub fn with_patch(self, patch: Patch) -> Result<Self, SerializePatchError>

Add JSON patches to the response, modifying the object from the request.

Source

pub fn into_review(self) -> AdmissionReview<DynamicObject>

Converts an AdmissionResponse into a generic AdmissionReview that can be used as a webhook response.

Trait Implementations§

Source§

impl Clone for AdmissionResponse

Source§

fn clone(&self) -> AdmissionResponse

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AdmissionResponse

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for AdmissionResponse

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl<T: Resource> From<&AdmissionRequest<T>> for AdmissionResponse

Source§

fn from(req: &AdmissionRequest<T>) -> Self

Converts to this type from the input type.
Source§

impl PartialEq for AdmissionResponse

Source§

fn eq(&self, other: &AdmissionResponse) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for AdmissionResponse

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for AdmissionResponse

Source§

impl StructuralPartialEq for AdmissionResponse

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,