Openshift Route Admissioner

Openshift operator for host whitelisting and label assignment on Route.

Environment

OpenShift 4.4.3
Kubernetes v1.17.1
Golang 1.14.3 darwin/amd64

Installation

This operator is distributed using Helm 3

helm repo add cedio https://cedricpoon.github.io/openshift-route-admissioner
helm repo update
helm search repo cedio/route-admissioner

helm install route-admissioner cedio/route-admissioner --namespace route-admissioner-operator

Usage

Domain Whitelisting

The whitelisting guard for Route host is applied based on Namespace annotation.

kind: Namespace
metadata:
  labels:
    route-admissioner/enabled: ''
  annotations:
    route-admissioner/allowed-domain: 'gongfukheunggong.hk,sidoigakming.now'

Route Labeling

Route admissioner uses Configmap/route-admissioner-label-map for labelling Route which matches the rule set.

data:
  key: "route-admissioner/factcheck"
  map: |-
    [
      {
        "domain": "721.nobody",
        "value": "True"
      },
      {
        "domain": "831.massacre",
        "value": "True"
      },
      {
        "domain": "101.gunshot",
        "value": "True"
      }
    ]

Resulting object with host yuenlong.721.nobody will be

kind: Route
metadata:
  labels:
    route-admissioner/factcheck: True

Reference

banzaicloud/admission-webhook-example, https://github.com/banzaicloud/admission-webhook-example

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Openshift Route Admissioner

Environment

Installation

Usage

Domain Whitelisting

Route Labeling

Reference

Files

README.md

Latest commit

History

README.md

File metadata and controls

Openshift Route Admissioner

Environment

Installation

Usage

Domain Whitelisting

Route Labeling

Reference