cluster/admitomatic: implement basic dns/ns filtering
This is the beginning of a validating admission controller which we will
use to permit end-users access to manage Ingresses.
This first pass implements an ingressFilter, which is the main structure
through which allowed namespace/dns combinations will be allowed. The
interface is currently via a test, but in the future this will likely be
configured via a command line, or via a serialized protobuf config.
Change-Id: I22dbed633ea8d8e1fa02c2a1598f37f02ea1b309
diff --git a/cluster/admitomatic/BUILD.bazel b/cluster/admitomatic/BUILD.bazel
new file mode 100644
index 0000000..5cb23ab
--- /dev/null
+++ b/cluster/admitomatic/BUILD.bazel
@@ -0,0 +1,28 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
+
+go_library(
+ name = "go_default_library",
+ srcs = [
+ "ingress.go",
+ "main.go",
+ ],
+ importpath = "code.hackerspace.pl/hscloud/cluster/admitomatic",
+ visibility = ["//visibility:private"],
+ deps = [
+ "//go/mirko:go_default_library",
+ "@com_github_golang_glog//:go_default_library",
+ "@io_k8s_api//admission/v1beta1:go_default_library",
+ ],
+)
+
+go_binary(
+ name = "admitomatic",
+ embed = [":go_default_library"],
+ visibility = ["//visibility:public"],
+)
+
+go_test(
+ name = "go_default_test",
+ srcs = ["ingress_test.go"],
+ embed = [":go_default_library"],
+)