docs: Fix AdmitFunc godoc (#12)

elithrar · Jul 22, 2019 · 2e7427b · 2e7427b
1 parent 23e1372
commit 2e7427b
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 8 deletions.
diff --git a/admit_funcs.go b/admit_funcs.go
@@ -90,7 +90,8 @@ func DenyIngresses(ignoredNamespaces []string) AdmitFunc {
 // The required annotations are documented at
 // https://kubernetes.io/docs/concepts/services-networking/#internal-load-balancer
 //
-// Services with a .spec.type other than LoadBalancer will NOT be rejected by this handler.
+// Services with a .spec.type other than LoadBalancer will NOT be rejected by
+// this handler.
 //
 // Providing an empty/nil list of ignoredNamespaces will reject LoadBalancers
 // across all namespaces.
@@ -117,7 +118,6 @@ func DenyPublicLoadBalancers(ignoredNamespaces []string, provider CloudProvider)
 		// Don't deny Services in whitelisted namespaces
 		for _, ns := range ignoredNamespaces {
 			if service.Namespace == ns {
-				// this namespace is whitelisted
 				resp.Allowed = true
 				resp.Result.Message = fmt.Sprintf("allowing admission: %s namespace is whitelisted", service.Namespace)
 				return resp, nil

diff --git a/handler.go b/handler.go
@@ -16,16 +16,22 @@ import (
 	log "github.com/go-kit/kit/log"
 )
 
-// AdmitFunc validates whether an admission request is valid, and should return
-// an admission response that sets Allowed to true or false as needed.
+// AdmitFunc checks whether an admission request is valid, and should return an
+// admission response that sets AdmissionResponse.Allowed to true or false as
+// needed.
+//
+// Users wishing to build their own admission handlers should satisfy the
+// AdmitFunc type, and pass it to an AdmissionHandler for serving over HTTP.
 //
 // Note: this mirrors the type in k8s source:
 // https://github.com/kubernetes/kubernetes/blob/v1.13.0/test/images/webhook/main.go#L43-L44
 type AdmitFunc func(reviewRequest *admission.AdmissionReview) (*admission.AdmissionResponse, error)
 
 // AdmissionHandler represents the configuration & associated endpoint for an
-// k8s ValidatingAdmissionController webhook. Multiple instances can be created
-// with distinct CheckFuncs to handle different admission requirements.
+// k8s ValidatingAdmissionController (or MutatingAdmissionController) webhook.
+//
+// Multiple instances can be created with distinct AdmitFuncs to handle
+// different admission requirements.
 type AdmissionHandler struct {
 	// The AdmitFunc to invoke for this handler.
 	AdmitFunc AdmitFunc

diff --git a/server.go b/server.go
@@ -120,8 +120,6 @@ func (as *AdmissionServer) Run(ctx context.Context) error {
 			}
 		}
 
-		// TODO(matt): Listen as plaintext if no TLSConfig is provided.
-
 		return
 	}()