From 459be76eb5c40ed43656560f424aa79a3f84d50c Mon Sep 17 00:00:00 2001 From: shivdudhani Date: Mon, 20 May 2019 11:43:13 -0700 Subject: [PATCH] support all registered GVK for policy application in admission-controller --- client/client.go | 14 +++++--------- client/utils.go | 30 ++++++++++++++++++------------ pkg/webhooks/server.go | 3 +-- pkg/webhooks/utils.go | 14 -------------- 4 files changed, 24 insertions(+), 37 deletions(-) delete mode 100644 pkg/webhooks/utils.go diff --git a/client/client.go b/client/client.go index 1e49446924..6374b4be4d 100644 --- a/client/client.go +++ b/client/client.go @@ -307,13 +307,9 @@ func (c *Client) waitUntilNamespaceIsCreated(name string) error { return lastError } -//GetSupportedKinds provides list of supported types -func GetSupportedKinds() []string { - return supportedTypes -} - -var supportedTypes = []string{ - "ConfigMap", "Pods", "Deployment", "CronJob", "Endpoints", "HorizontalPodAutoscaler", - "Ingress", "Job", "LimitRange", "Namespace", "NetworkPolicy", "PersistentVolumeClaim", - "PodDisruptionBudget", "PodTemplate", "ResourceQuota", "Secret", "Service", "StatefulSet", +// KindIsSupported checks if the kind is a registerd GVK +func (c *Client) KindIsSupported(kind string) bool { + buildGVKMapper(c.clientConfig, false) + _, ok := getValue(kind) + return ok } diff --git a/client/utils.go b/client/utils.go index 8c52c2e14e..be0244e096 100644 --- a/client/utils.go +++ b/client/utils.go @@ -17,26 +17,32 @@ const namespaceCreationWaitInterval time.Duration = 100 * time.Millisecond var groupVersionMapper map[string]schema.GroupVersionResource func getGrpVersionMapper(kind string, clientConfig *rest.Config, refresh bool) schema.GroupVersionResource { - grpVersionSchema := schema.GroupVersionResource{} - - if groupVersionMapper == nil || refresh { - groupVersionMapper = make(map[string]schema.GroupVersionResource) - // refesh the mapper - if err := refreshRegisteredResources(groupVersionMapper, clientConfig); err != nil { - utilruntime.HandleError(err) - return grpVersionSchema - } - } + // build the GVK mapper + buildGVKMapper(clientConfig, refresh) // Query mapper if val, ok := getValue(kind); ok { return *val } utilruntime.HandleError(fmt.Errorf("Resouce '%s' not registered", kind)) - return grpVersionSchema + return schema.GroupVersionResource{} +} + +func buildGVKMapper(clientConfig *rest.Config, refresh bool) { + if groupVersionMapper == nil || refresh { + groupVersionMapper = make(map[string]schema.GroupVersionResource) + // refresh the mapper + if err := refreshRegisteredResources(groupVersionMapper, clientConfig); err != nil { + utilruntime.HandleError(err) + return + } + } } func getValue(kind string) (*schema.GroupVersionResource, bool) { - + if groupVersionMapper == nil { + utilruntime.HandleError(fmt.Errorf("GroupVersionKind mapper is not loaded")) + return nil, false + } if val, ok := groupVersionMapper[kind]; ok { return &val, true } diff --git a/pkg/webhooks/server.go b/pkg/webhooks/server.go index bf86be921f..489e0950e3 100644 --- a/pkg/webhooks/server.go +++ b/pkg/webhooks/server.go @@ -87,8 +87,7 @@ func (ws *WebhookServer) serve(w http.ResponseWriter, r *http.Request) { admissionReview.Response = &v1beta1.AdmissionResponse{ Allowed: true, } - - if KindIsSupported(admissionReview.Request.Kind.Kind) { + if ws.client.KindIsSupported(admissionReview.Request.Kind.Kind) { switch r.URL.Path { case config.MutatingWebhookServicePath: admissionReview.Response = ws.HandleMutation(admissionReview.Request) diff --git a/pkg/webhooks/utils.go b/pkg/webhooks/utils.go deleted file mode 100644 index ed4baa9ba3..0000000000 --- a/pkg/webhooks/utils.go +++ /dev/null @@ -1,14 +0,0 @@ -package webhooks - -import "github.com/nirmata/kube-policy/client" - -// KindIsSupported checks kind to be prensent in -// SupportedKinds defined in config -func KindIsSupported(kind string) bool { - for _, k := range client.GetSupportedKinds() { - if k == kind { - return true - } - } - return false -}