Skip to content

Latest commit

 

History

History
11 lines (7 loc) · 4.01 KB

V1alpha1JSONPatch.md

File metadata and controls

11 lines (7 loc) · 4.01 KB

V1alpha1JSONPatch

JSONPatch defines a JSON Patch.

Properties

Name Type Description Notes
expression str expression will be evaluated by CEL to create a JSON patch. ref: /~https://github.com/google/cel-spec expression must return an array of JSONPatch values. For example, this CEL expression returns a JSON patch to conditionally modify a value: [ JSONPatch{op: &quot;test&quot;, path: &quot;/spec/example&quot;, value: &quot;Red&quot;}, JSONPatch{op: &quot;replace&quot;, path: &quot;/spec/example&quot;, value: &quot;Green&quot;} ] To define an object for the patch value, use Object types. For example: [ JSONPatch{ op: &quot;add&quot;, path: &quot;/spec/selector&quot;, value: Object.spec.selector{matchLabels: {&quot;environment&quot;: &quot;test&quot;}} } ] To use strings containing '/' and '' as JSONPatch path keys, use &quot;jsonpatch.escapeKey&quot;. For example: [ JSONPatch{ op: &quot;add&quot;, path: &quot;/metadata/labels/&quot; + jsonpatch.escapeKey(&quot;example.com/environment&quot;), value: &quot;test&quot; }, ] CEL expressions have access to the types needed to create JSON patches and objects: - 'JSONPatch' - CEL type of JSON Patch operations. JSONPatch has the fields 'op', 'from', 'path' and 'value'. See JSON patch for more details. The 'value' field may be set to any of: string, integer, array, map or object. If set, the 'path' and 'from' fields must be set to a JSON pointer string, where the 'jsonpatch.escapeKey()' CEL function may be used to escape path keys containing '/' and ''. - 'Object' - CEL type of the resource object. - 'Object.<fieldName>' - CEL type of object field (such as 'Object.spec') - 'Object.<fieldName1>.<fieldName2>...<fieldNameN>` - CEL type of nested field (such as 'Object.spec.containers') CEL expressions have access to the contents of the API request, organized into CEL variables as well as some other useful variables: - 'object' - The object from the incoming request. The value is null for DELETE requests. - 'oldObject' - The existing object. The value is null for CREATE requests. - 'request' - Attributes of the API request(ref). - 'params' - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind. - 'namespaceObject' - The namespace object that the incoming object belongs to. The value is null for cluster-scoped resources. - 'variables' - Map of composited variables, from its name to its lazily evaluated value. For example, a variable named 'foo' can be accessed as 'variables.foo'. - 'authorizer' - A CEL Authorizer. May be used to perform authorization checks for the principal (user or service account) of the request. See https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz - 'authorizer.requestResource' - A CEL ResourceCheck constructed from the 'authorizer' and configured with the request resource. CEL expressions have access to Kubernetes CEL function libraries as well as: - 'jsonpatch.escapeKey' - Performs JSONPatch key escaping. '~' and '/' are escaped as '~0' and `~1' respectively). Only property names of the form `[a-zA-Z_.-/][a-zA-Z0-9_.-/]*` are accessible. Required. [optional]

[Back to Model list] [Back to API list] [Back to README]