palid
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Actions Activity
1,288 Commits
1 Branch
0 Tags
56 MiB
Commit Graph

4 Commits (68d82124d93c7bb65df0cf0651aaecca95d1dec6)

Author SHA1 Message Date
radex e36beba34c cluster/admitomatic: Regexp-based admission rules 
Change-Id: Ic2b1d6a952dc194c0ee2fa1673ceb91c43799308
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1723
Reviewed-by: q3k <q3k@hackerspace.pl>
 2023-10-14 12:21:46 +00:00
q3k c1f372561a cluster/admitomatic: implement opt-out namespaces 
Change-Id: I32d4b019211fa755e2b3b103b88ea3f4c14e500f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1521
Reviewed-by: informatic <informatic@hackerspace.pl>
 2023-06-19 22:54:33 +00:00
q3k 5d2c8fcda0 cluster/admitomatic: finish up ingress admission logic 
This gives us nearly everything required to run the admission
controller. In addition to checking for allowed domains, we also do some
nginx-inress-controller security checks.

Change-Id: Ib187de6d2c06c58bd8c320503d4f850df2ec8abd
 2021-01-31 12:18:16 +01:00
q3k 649565324b cluster/admitomatic: implement basic dns/ns filtering 
This is the beginning of a validating admission controller which we will
use to permit end-users access to manage Ingresses.

This first pass implements an ingressFilter, which is the main structure
through which allowed namespace/dns combinations will be allowed. The
interface is currently via a test, but in the future this will likely be
configured via a command line, or via a serialized protobuf config.

Change-Id: I22dbed633ea8d8e1fa02c2a1598f37f02ea1b309
 2021-01-30 19:19:35 +01:00