mirror of
https://github.com/arangodb/kube-arangodb.git
synced 2024-12-14 11:57:37 +00:00
113 lines
3.4 KiB
Go
113 lines
3.4 KiB
Go
//
|
|
// DISCLAIMER
|
|
//
|
|
// Copyright 2024 ArangoDB GmbH, Cologne, Germany
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
//
|
|
// Copyright holder is ArangoDB GmbH, Cologne, Germany
|
|
//
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"context"
|
|
goHttp "net/http"
|
|
"os"
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
"github.com/arangodb/kube-arangodb/pkg/handlers/scheduler"
|
|
"github.com/arangodb/kube-arangodb/pkg/util"
|
|
"github.com/arangodb/kube-arangodb/pkg/util/constants"
|
|
"github.com/arangodb/kube-arangodb/pkg/util/errors"
|
|
"github.com/arangodb/kube-arangodb/pkg/util/http"
|
|
"github.com/arangodb/kube-arangodb/pkg/util/kclient"
|
|
"github.com/arangodb/kube-arangodb/pkg/webhook"
|
|
)
|
|
|
|
var (
|
|
cmdWebhook = &cobra.Command{
|
|
Use: "webhook",
|
|
Run: cmdWebhookCheck,
|
|
}
|
|
|
|
webhookInput struct {
|
|
listenAddress string
|
|
|
|
secretName, secretNamespace string
|
|
}
|
|
)
|
|
|
|
func init() {
|
|
f := cmdWebhook.PersistentFlags()
|
|
|
|
f.StringVar(&webhookInput.listenAddress, "server.address", "0.0.0.0:8828", "Address the webhook will listen on (IP:port)")
|
|
f.StringVar(&webhookInput.secretName, "ssl.secret.name", "", "Secret Name containing TLS certificate used for the metrics server")
|
|
f.StringVar(&webhookInput.secretNamespace, "ssl.secret.namespace", os.Getenv(constants.EnvOperatorPodNamespace), "Secret Name containing TLS certificate used for the metrics server")
|
|
|
|
cmdMain.AddCommand(cmdWebhook)
|
|
}
|
|
|
|
func cmdWebhookCheck(cmd *cobra.Command, args []string) {
|
|
if err := cmdWebhookCheckE(); err != nil {
|
|
logger.Err(err).Error("Fatal")
|
|
os.Exit(1)
|
|
}
|
|
}
|
|
|
|
func cmdWebhookCheckE() error {
|
|
ctx := util.CreateSignalContext(context.Background())
|
|
|
|
client, ok := kclient.GetDefaultFactory().Client()
|
|
if !ok {
|
|
return errors.Errorf("Unable to get client")
|
|
}
|
|
|
|
var admissions webhook.Admissions
|
|
|
|
admissions = append(admissions, scheduler.WebhookAdmissions(client)...)
|
|
|
|
server, err := webhookServer(ctx, client, admissions...)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
logger.Str("addr", webhookInput.listenAddress).Info("Starting Webhook Server")
|
|
|
|
return server.StartAddr(ctx, webhookInput.listenAddress)
|
|
}
|
|
|
|
func webhookServer(ctx context.Context, client kclient.Client, admissions ...webhook.Admission) (http.Server, error) {
|
|
return http.NewServer(ctx,
|
|
http.DefaultHTTPServerSettings,
|
|
http.WithTLSConfigFetcherGen(func() util.TLSConfigFetcher {
|
|
if webhookInput.secretName != "" && webhookInput.secretNamespace != "" {
|
|
return util.NewSecretTLSConfig(client.Kubernetes().CoreV1().Secrets(webhookInput.secretNamespace), webhookInput.secretName)
|
|
}
|
|
|
|
return util.NewSelfSignedTLSConfig("operator")
|
|
}),
|
|
http.WithServeMux(
|
|
func(in *goHttp.ServeMux) {
|
|
in.HandleFunc("/ready", func(writer goHttp.ResponseWriter, request *goHttp.Request) {
|
|
writer.WriteHeader(goHttp.StatusOK)
|
|
})
|
|
in.HandleFunc("/health", func(writer goHttp.ResponseWriter, request *goHttp.Request) {
|
|
writer.WriteHeader(goHttp.StatusOK)
|
|
})
|
|
},
|
|
webhook.Admissions(admissions).Register(),
|
|
),
|
|
)
|
|
}
|