From 0932e9a147f21780f5be3e7924d9f125809c1ad8 Mon Sep 17 00:00:00 2001 From: shravan Date: Mon, 27 Apr 2020 18:38:03 +0530 Subject: [PATCH 1/2] 664 tested prototype --- go.mod | 1 + go.sum | 2 ++ pkg/webhooks/server.go | 14 ++++++++------ 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index f5ba937e12..f8dcbdf549 100644 --- a/go.mod +++ b/go.mod @@ -12,6 +12,7 @@ require ( github.com/imdario/mergo v0.3.8 // indirect github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af github.com/json-iterator/go v1.1.9 // indirect + github.com/julienschmidt/httprouter v1.3.0 github.com/minio/minio v0.0.0-20200114012931-30922148fbb5 github.com/spf13/cobra v0.0.5 github.com/tevino/abool v0.0.0-20170917061928-9b9efcf221b5 diff --git a/go.sum b/go.sum index 99c5af7f3b..a8e3e37eb8 100644 --- a/go.sum +++ b/go.sum @@ -516,6 +516,8 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1 github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/julienschmidt/httprouter v1.3.0 h1:U0609e9tgbseu3rBINet9P48AI/D3oJs4dN7jwJOQ1U= +github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/karrick/godirwalk v1.7.5/go.mod h1:2c9FRhkDxdIbgkOnCEvnSWs71Bhugbl46shStcFDJ34= github.com/karrick/godirwalk v1.7.7/go.mod h1:2c9FRhkDxdIbgkOnCEvnSWs71Bhugbl46shStcFDJ34= github.com/karrick/godirwalk v1.7.8/go.mod h1:2c9FRhkDxdIbgkOnCEvnSWs71Bhugbl46shStcFDJ34= diff --git a/pkg/webhooks/server.go b/pkg/webhooks/server.go index 83d1924931..f1517ef66f 100644 --- a/pkg/webhooks/server.go +++ b/pkg/webhooks/server.go @@ -10,6 +10,8 @@ import ( "net/http" "time" + "github.com/julienschmidt/httprouter" + "github.com/nirmata/kyverno/pkg/openapi" "github.com/go-logr/logr" @@ -130,12 +132,12 @@ func NewWebhookServer( log: log, openAPIController: openAPIController, } - mux := http.NewServeMux() - mux.HandleFunc(config.MutatingWebhookServicePath, ws.handlerFunc(ws.handleMutateAdmissionRequest, true)) - mux.HandleFunc(config.ValidatingWebhookServicePath, ws.handlerFunc(ws.handleValidateAdmissionRequest, true)) - mux.HandleFunc(config.PolicyMutatingWebhookServicePath, ws.handlerFunc(ws.handlePolicyMutation, true)) - mux.HandleFunc(config.PolicyValidatingWebhookServicePath, ws.handlerFunc(ws.handlePolicyValidation, true)) - mux.HandleFunc(config.VerifyMutatingWebhookServicePath, ws.handlerFunc(ws.handleVerifyRequest, false)) + mux := httprouter.New() + mux.HandlerFunc("POST", config.MutatingWebhookServicePath, ws.handlerFunc(ws.handleMutateAdmissionRequest, true)) + mux.HandlerFunc("POST", config.ValidatingWebhookServicePath, ws.handlerFunc(ws.handleValidateAdmissionRequest, true)) + mux.HandlerFunc("POST", config.PolicyMutatingWebhookServicePath, ws.handlerFunc(ws.handlePolicyMutation, true)) + mux.HandlerFunc("POST", config.PolicyValidatingWebhookServicePath, ws.handlerFunc(ws.handlePolicyValidation, true)) + mux.HandlerFunc("POST", config.VerifyMutatingWebhookServicePath, ws.handlerFunc(ws.handleVerifyRequest, false)) ws.server = http.Server{ Addr: ":443", // Listen on port for HTTPS requests TLSConfig: &tlsConfig, From 80a02a1574592b09a680f60e8071004de66bcc89 Mon Sep 17 00:00:00 2001 From: danielnbalasoiu <46020698+danielnbalasoiu@users.noreply.github.com> Date: Wed, 29 Apr 2020 09:12:37 +0000 Subject: [PATCH 2/2] Documentation update Updated instructions with current locations of `policy-CM.yaml` and `CM.yaml`. --- documentation/testing-policies.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/documentation/testing-policies.md b/documentation/testing-policies.md index 15a91d9219..e97ee2ea64 100644 --- a/documentation/testing-policies.md +++ b/documentation/testing-policies.md @@ -12,14 +12,14 @@ To do this you should [install Kyverno to the cluster](installation.md). For example, to test the simplest Kyverno policy for `ConfigMap`, create the policy and then the resource itself via `kubectl`: ````bash -cd test/ConfigMap -kubectl create -f policy-CM.yaml -kubectl create -f CM.yaml +cd test +kubectl create -f policy/policy-CM.yaml +kubectl create -f resources/CM.yaml ```` Then compare the original resource definition in `CM.yaml` with the actual one: ````bash -kubectl get -f CM.yaml -o yaml +kubectl get -f resources/CM.yaml -o yaml ```` ## Test using Kyverno CLI