https://github.com/rawkode/kubernetes-semantic-image-controller
https://github.com/rawkode/kubernetes-semantic-image-controller
Last synced: about 1 year ago
JSON representation
- Host: GitHub
- URL: https://github.com/rawkode/kubernetes-semantic-image-controller
- Owner: rawkode
- License: mit
- Archived: true
- Created: 2021-02-10T12:16:14.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2021-03-07T12:59:09.000Z (about 5 years ago)
- Last Synced: 2025-02-28T22:41:45.594Z (over 1 year ago)
- Language: Go
- Size: 24.4 KB
- Stars: 2
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Kubernetes Semantic Image Controller
This is a Kubernetes Mutating Webhook Controller developed as part of the [Rawkode Live Episode on
Writing a Kubernetes Controller](https://www.youtube.com/watch?v=RLpzsAQtZ7M)
This is mostly prototyping code developed and tested against Kubernetes 1.20. It may not be quite ready for
production usage. Use at your own risk!
## What this controller does
In your manifest, you typically specify a full image path, like so
```yaml
image: nginx:1.19.7
```
What if you wanted to be more liberal with the versioning, wouldn't be nice to pick up bug fixes and improvements
as pods rotate?
What if you could provide a version range like so?
```yaml
image: "nginx: >= 1.19, <= 1.20"
```
This webhook takes the semantic version constraint and resolves it into the latest version that satisfies that
constraint as part of a [Kubernetes Mutating Webhook](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/)
## Building
A Makefile and Dockerfile has been provided to build the Controller into a Docker Image. This will compile a
Linux binary and put it into a Docker Image tagged `kubernetes-semantic-image-controller:latest`
```sh
$ make clean
$ make build
```
## Testing
You can run the tests using `go test`
```sh
$ go test -v ./...
```
## Manifests
We've included the sample manifests we used in the livestream in the `opt/kubernetes` folder. You will need to
generate a TLS key and certificate that's trusted by your Kubernetes cluster so it can call the mutating hook
with TLS support.
If you get stuck, [follow along by watching the live episode](https://www.youtube.com/watch?v=RLpzsAQtZ7M)