From 9aca37fe9f37204ed74f87c6766815d61fd72586 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?=
 <charled.breteche@gmail.com>
Date: Fri, 30 Sep 2022 13:56:47 +0200
Subject: [PATCH] refactor: use context in openapi controller (#4760)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Prateek Pandey <prateek.pandey@nirmata.com>
---
 cmd/kyverno/main.go    |  6 +++---
 pkg/openapi/crdSync.go |  8 ++++----
 pkg/policy/validate.go | 13 +++++++------
 3 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/cmd/kyverno/main.go b/cmd/kyverno/main.go
index c1ec62e94b..2da19a14a7 100644
--- a/cmd/kyverno/main.go
+++ b/cmd/kyverno/main.go
@@ -402,7 +402,7 @@ func main() {
 	}
 
 	// the webhook server runs across all instances
-	openAPIController := startOpenAPIController(logger, dynamicClient, stopCh)
+	openAPIController := startOpenAPIController(signalCtx, logger, dynamicClient)
 
 	// WEBHOOK
 	// - https server to provide endpoints called based on rules defined in Mutating & Validation webhook configuration
@@ -536,7 +536,7 @@ func main() {
 	logger.V(2).Info("Kyverno shutdown successful")
 }
 
-func startOpenAPIController(logger logr.Logger, client dclient.Interface, stopCh <-chan struct{}) *openapi.Controller {
+func startOpenAPIController(ctx context.Context, logger logr.Logger, client dclient.Interface) *openapi.Controller {
 	logger = logger.WithName("open-api")
 	openAPIController, err := openapi.NewOpenAPIController()
 	if err != nil {
@@ -547,7 +547,7 @@ func startOpenAPIController(logger logr.Logger, client dclient.Interface, stopCh
 	openAPISync := openapi.NewCRDSync(client, openAPIController)
 	// start openAPI controller, this is used in admission review
 	// thus is required in each instance
-	openAPISync.Run(1, stopCh)
+	openAPISync.Run(ctx, 1)
 	return openAPIController
 }
 
diff --git a/pkg/openapi/crdSync.go b/pkg/openapi/crdSync.go
index ec00c00247..247042d8ce 100644
--- a/pkg/openapi/crdSync.go
+++ b/pkg/openapi/crdSync.go
@@ -70,7 +70,7 @@ func NewCRDSync(client dclient.Interface, controller *Controller) *crdSync {
 	}
 }
 
-func (c *crdSync) Run(workers int, stopCh <-chan struct{}) {
+func (c *crdSync) Run(ctx context.Context, workers int) {
 	if err := c.updateInClusterKindToAPIVersions(); err != nil {
 		log.Log.Error(err, "failed to update in-cluster api versions")
 	}
@@ -87,7 +87,7 @@ func (c *crdSync) Run(workers int, stopCh <-chan struct{}) {
 	// Sync CRD before kyverno starts
 	c.sync()
 	for i := 0; i < workers; i++ {
-		go wait.Until(c.CheckSync, 15*time.Second, stopCh)
+		go wait.UntilWithContext(ctx, c.CheckSync, 15*time.Second)
 	}
 }
 
@@ -249,12 +249,12 @@ func addingDefaultFieldsToSchema(crdName string, schemaRaw []byte) ([]byte, erro
 	return schemaWithDefaultFields, nil
 }
 
-func (c *crdSync) CheckSync() {
+func (c *crdSync) CheckSync(ctx context.Context) {
 	crds, err := c.client.GetDynamicInterface().Resource(runtimeSchema.GroupVersionResource{
 		Group:    "apiextensions.k8s.io",
 		Version:  "v1",
 		Resource: "customresourcedefinitions",
-	}).List(context.TODO(), metav1.ListOptions{})
+	}).List(ctx, metav1.ListOptions{})
 	if err != nil {
 		log.Log.Error(err, "could not fetch crd's from server")
 		return
diff --git a/pkg/policy/validate.go b/pkg/policy/validate.go
index e188d9d6c2..4e802d570f 100644
--- a/pkg/policy/validate.go
+++ b/pkg/policy/validate.go
@@ -1,6 +1,7 @@
 package policy
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"reflect"
@@ -16,7 +17,7 @@ import (
 	"github.com/kyverno/kyverno/cmd/cli/kubectl-kyverno/utils/common"
 	"github.com/kyverno/kyverno/pkg/autogen"
 	"github.com/kyverno/kyverno/pkg/clients/dclient"
-	"github.com/kyverno/kyverno/pkg/engine/context"
+	enginecontext "github.com/kyverno/kyverno/pkg/engine/context"
 	"github.com/kyverno/kyverno/pkg/engine/variables"
 	"github.com/kyverno/kyverno/pkg/openapi"
 	"github.com/kyverno/kyverno/pkg/utils"
@@ -84,7 +85,7 @@ func Validate(policy kyvernov1.PolicyInterface, client dclient.Interface, mock b
 	background := spec.BackgroundProcessingEnabled()
 	onPolicyUpdate := spec.GetMutateExistingOnPolicyUpdate()
 	if !mock {
-		openapi.NewCRDSync(client, openAPIController).CheckSync()
+		openapi.NewCRDSync(client, openAPIController).CheckSync(context.TODO())
 	}
 
 	var errs field.ErrorList
@@ -488,9 +489,9 @@ func objectHasVariables(object interface{}) error {
 	return nil
 }
 
-func buildContext(rule *kyvernov1.Rule, background bool) *context.MockContext {
+func buildContext(rule *kyvernov1.Rule, background bool) *enginecontext.MockContext {
 	re := getAllowedVariables(background)
-	ctx := context.NewMockContext(re)
+	ctx := enginecontext.NewMockContext(re)
 
 	addContextVariables(rule.Context, ctx)
 
@@ -513,7 +514,7 @@ func getAllowedVariables(background bool) *regexp.Regexp {
 	return allowedVariables
 }
 
-func addContextVariables(entries []kyvernov1.ContextEntry, ctx *context.MockContext) {
+func addContextVariables(entries []kyvernov1.ContextEntry, ctx *enginecontext.MockContext) {
 	for _, contextEntry := range entries {
 		if contextEntry.APICall != nil || contextEntry.ImageRegistry != nil || contextEntry.Variable != nil {
 			ctx.AddVariable(contextEntry.Name + "*")
@@ -530,7 +531,7 @@ func checkNotFoundErr(err error) bool {
 		switch err.(type) {
 		case jmespath.NotFoundError:
 			return true
-		case context.InvalidVariableError:
+		case enginecontext.InvalidVariableError:
 			return false
 		default:
 			return false