Merge pull request #55 from nirmata/46_Support_anyResourceKind

support all registered GVK for policy application in admission-contro…
2025-03-29 19:05:27 +00:00 · 2019-05-21 13:58:07 +03:00 · 2019-05-21 13:58:07 +03:00 · 65010c4178
commit 65010c4178
parent d728f363aa d606935ad3
4 changed files with 26 additions and 37 deletions
--- a/client/client.go
+++ b/client/client.go
@ -4,6 +4,7 @@ import (
 	"fmt"
 	"log"
 	"os"
+	"strings"
 	"time"

 	types "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"
@ -307,13 +308,10 @@ func (c *Client) waitUntilNamespaceIsCreated(name string) error {
 	return lastError
 }

-//GetSupportedKinds provides list of supported types
-func GetSupportedKinds() []string {
-	return supportedTypes
-}
-
-var supportedTypes = []string{
-	"ConfigMap", "Pods", "Deployment", "CronJob", "Endpoints", "HorizontalPodAutoscaler",
-	"Ingress", "Job", "LimitRange", "Namespace", "NetworkPolicy", "PersistentVolumeClaim",
-	"PodDisruptionBudget", "PodTemplate", "ResourceQuota", "Secret", "Service", "StatefulSet",
+// KindIsSupported checks if the kind is a registerd GVK
+func (c *Client) KindIsSupported(kind string) bool {
+	kind = strings.ToLower(kind) + "s"
+	buildGVKMapper(c.clientConfig, false)
+	_, ok := getValue(kind)
+	return ok
 }
--- a/client/utils.go
+++ b/client/utils.go
@ -17,26 +17,32 @@ const namespaceCreationWaitInterval time.Duration = 100 * time.Millisecond
 var groupVersionMapper map[string]schema.GroupVersionResource

 func getGrpVersionMapper(kind string, clientConfig *rest.Config, refresh bool) schema.GroupVersionResource {
-	grpVersionSchema := schema.GroupVersionResource{}
-
-	if groupVersionMapper == nil || refresh {
-		groupVersionMapper = make(map[string]schema.GroupVersionResource)
-		// refesh the mapper
-		if err := refreshRegisteredResources(groupVersionMapper, clientConfig); err != nil {
-			utilruntime.HandleError(err)
-			return grpVersionSchema
-		}
-	}
+	// build the GVK mapper
+	buildGVKMapper(clientConfig, refresh)
 	// Query mapper
 	if val, ok := getValue(kind); ok {
 		return *val
 	}
 	utilruntime.HandleError(fmt.Errorf("Resouce '%s' not registered", kind))
-	return grpVersionSchema
+	return schema.GroupVersionResource{}
+}
+
+func buildGVKMapper(clientConfig *rest.Config, refresh bool) {
+	if groupVersionMapper == nil || refresh {
+		groupVersionMapper = make(map[string]schema.GroupVersionResource)
+		// refresh the mapper
+		if err := refreshRegisteredResources(groupVersionMapper, clientConfig); err != nil {
+			utilruntime.HandleError(err)
+			return
+		}
+	}
 }

 func getValue(kind string) (*schema.GroupVersionResource, bool) {
-
+	if groupVersionMapper == nil {
+		utilruntime.HandleError(fmt.Errorf("GroupVersionKind mapper is not loaded"))
+		return nil, false
+	}
 	if val, ok := groupVersionMapper[kind]; ok {
 		return &val, true
 	}
--- a/pkg/webhooks/server.go
+++ b/pkg/webhooks/server.go
@ -87,8 +87,7 @@ func (ws *WebhookServer) serve(w http.ResponseWriter, r *http.Request) {
 	admissionReview.Response = &v1beta1.AdmissionResponse{
 		Allowed: true,
 	}
-
-	if KindIsSupported(admissionReview.Request.Kind.Kind) {
+	if ws.client.KindIsSupported(admissionReview.Request.Kind.Kind) {
 		switch r.URL.Path {
 		case config.MutatingWebhookServicePath:
 			admissionReview.Response = ws.HandleMutation(admissionReview.Request)
--- a/pkg/webhooks/utils.go
+++ b/pkg/webhooks/utils.go
@ -1,14 +0,0 @@
-package webhooks
-
-import "github.com/nirmata/kube-policy/client"
-
-// KindIsSupported checks kind to be prensent in
-// SupportedKinds defined in config
-func KindIsSupported(kind string) bool {
-	for _, k := range client.GetSupportedKinds() {
-		if k == kind {
-			return true
-		}
-	}
-	return false
-}