Skip to content
/ secroute Public

Dynamic Admission Controller WebHooks server for enforce secure route creation

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Dimss/secroute

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
cmd
cmd
 
 
demos
demos
 
 
deploy
deploy
 
 
ocp
ocp
 
 
pkg/routewebhook
pkg/routewebhook
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
config.json
config.json
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

SECRouter - Admission Controller Webhook Server for Securing OCP Routes and Services

Development environment setup

Write your POST handlers

Use case 1 - Simple Validation

# Deploy Webhook Configuration 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/block-insecure-route.yaml
# Create insecure route 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/routes/insecure-route.yaml
# Create secure route
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/routes/secure-route.yaml
 
# Cleanup route
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/routes/secure-route.yaml
# Cleanup webhook configuration
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/block-insecure-route.yaml

Use case 2 - Simple Mutation

# Deploy Webhook Configuration 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-secure-route.yaml
# Create insecure route 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/routes/insecure-route.yaml
# Check created route
oc get route -o yaml demo-insecure-route 
# Cleanup route 
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/routes/insecure-route.yaml
# Cleanup webhook configuration
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-secure-route.yaml

Use case 3 - Mutation Side effects

# Deploy Webhooks configuration
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-route-for-service.yaml
# Create service 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/services/service.yaml

# Cleanup service
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/services/service.yaml
# Cleanup webhook
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-route-for-service.yaml

Use case 4 - Webhooks chain

# Deploy block insecure route Webhook Configuration 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/block-insecure-route.yaml
# Deploy create-route-for-service Webhooks configuration
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-route-for-service.yaml
# Create service 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/services/service.yaml
# Create mutate admission webhook 
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-secure-route.yaml
# Create service again
oc create -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/services/service.yaml

# Cleanup service
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/services/service.yaml
# Cleanup webhook for routes 
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/create-route-for-service.yaml
# Deploy block insecure route Webhook Configuration 
oc delete -f https://raw.githubusercontent.com/Dimss/secroute/master/ocp/webhooks/block-insecure-route.yaml

About

Dynamic Admission Controller WebHooks server for enforce secure route creation

Topics

demo openshift examples samples admission-webhook

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages