Merge pull request #34850 from kalexand-rh/BZ1867690

kalexand-rh · web-flow · commit 409422aa4c45 · 2021-08-16T10:30:21.000-04:00
BZ1867690: adding default admission plug-ins
diff --git a/modules/admission-plug-ins-default.adoc b/modules/admission-plug-ins-default.adoc
@@ -6,4 +6,73 @@
 = Default admission plug-ins
 
 //Future xref - A set of default admission plug-ins is enabled in {product-title} {product-version}. These default plug-ins contribute to fundamental control plane functionality, such as ingress policy, xref:../nodes/clusters/nodes-cluster-overcommit.adoc#nodes-cluster-resource-override_nodes-cluster-overcommit[cluster resource limit override] and quota policy.
-A set of default admission plug-ins is enabled in {product-title} {product-version}. These default plug-ins contribute to fundamental control plane functionality, such as ingress policy, cluster resource limit override and quota policy.
+Default validating and admission plug-ins are enabled in {product-title} {product-version}. These default plug-ins contribute to fundamental control plane functionality, such as ingress policy, cluster resource limit override and quota policy. The following lists contain the default admission plug-ins:
+
+.Validating admission plug-ins
+[%collapsible]
+====
+* `LimitRanger`
+* `ServiceAccount`
+* `PodNodeSelector`
+* `Priority`
+* `PodTolerationRestriction`
+* `OwnerReferencesPermissionEnforcement`
+* `PersistentVolumeClaimResize`
+* `RuntimeClass`
+* `CertificateApproval`
+* `CertificateSigning`
+* `CertificateSubjectRestriction`
+* `autoscaling.openshift.io/ManagementCPUsOverride`
+* `authorization.openshift.io/RestrictSubjectBindings`
+* `scheduling.openshift.io/OriginPodNodeEnvironment`
+* `network.openshift.io/ExternalIPRanger`
+* `network.openshift.io/RestrictedEndpointsAdmission`
+* `image.openshift.io/ImagePolicy`
+* `security.openshift.io/SecurityContextConstraint`
+* `security.openshift.io/SCCExecRestrictions`
+* `route.openshift.io/IngressAdmission`
+* `config.openshift.io/ValidateAPIServer`
+* `config.openshift.io/ValidateAuthentication`
+* `config.openshift.io/ValidateFeatureGate`
+* `config.openshift.io/ValidateConsole`
+* `operator.openshift.io/ValidateDNS`
+* `config.openshift.io/ValidateImage`
+* `config.openshift.io/ValidateOAuth`
+* `config.openshift.io/ValidateProject`
+* `config.openshift.io/DenyDeleteClusterConfiguration`
+* `config.openshift.io/ValidateScheduler`
+* `quota.openshift.io/ValidateClusterResourceQuota`
+* `security.openshift.io/ValidateSecurityContextConstraints`
+* `authorization.openshift.io/ValidateRoleBindingRestriction`
+* `config.openshift.io/ValidateNetwork`
+* `operator.openshift.io/ValidateKubeControllerManager`
+* `ValidatingAdmissionWebhook`
+* `ResourceQuota`
+* `quota.openshift.io/ClusterResourceQuota`
+====
+
+
+.Mutating admission plug-ins
+[%collapsible]
+====
+* `NamespaceLifecycle`
+* `LimitRanger`
+* `ServiceAccount`
+* `NodeRestriction`
+* `TaintNodesByCondition`
+* `PodNodeSelector`
+* `Priority`
+* `DefaultTolerationSeconds`
+* `PodTolerationRestriction`
+* `PersistentVolumeLabel`
+* `DefaultStorageClass`
+* `StorageObjectInUseProtection`
+* `RuntimeClass`
+* `DefaultIngressClass`
+* `autoscaling.openshift.io/ManagementCPUsOverride`
+* `scheduling.openshift.io/OriginPodNodeEnvironment`
+* `image.openshift.io/ImagePolicy`
+* `security.openshift.io/SecurityContextConstraint`
+* `security.openshift.io/DefaultSecurityContextConstraints`
+* `MutatingAdmissionWebhook`
+====
