From ba4413b25c1e1c62197cd1f6083f39e4c3dc8aa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?= Date: Mon, 9 May 2022 17:54:20 +0200 Subject: [PATCH] refactor: webhookconfig package (part 4) (#3835) --- pkg/webhookconfig/common.go | 5 ++-- pkg/webhookconfig/registration.go | 45 +++++++++++-------------------- 2 files changed, 18 insertions(+), 32 deletions(-) diff --git a/pkg/webhookconfig/common.go b/pkg/webhookconfig/common.go index 27c93f363c..c12d8a33ad 100644 --- a/pkg/webhookconfig/common.go +++ b/pkg/webhookconfig/common.go @@ -85,13 +85,14 @@ func extractCA(config *rest.Config) (result []byte) { return config.TLSClientConfig.CAData } -func getHealthyPodsIP(pods []corev1.Pod) (ips []string, errs []error) { +func getHealthyPodsIP(pods []corev1.Pod) []string { + var ips []string for _, pod := range pods { if pod.Status.Phase == "Running" { ips = append(ips, pod.Status.PodIP) } } - return + return ips } func (wrc *Register) GetKubePolicyClusterRoleName() (*rbacv1.ClusterRole, error) { diff --git a/pkg/webhookconfig/registration.go b/pkg/webhookconfig/registration.go index 195ec17553..66b4980ab7 100644 --- a/pkg/webhookconfig/registration.go +++ b/pkg/webhookconfig/registration.go @@ -49,15 +49,16 @@ type Register struct { vwcLister admlisters.ValidatingWebhookConfigurationLister kDeplLister listers.DeploymentLister + // channels + stopCh <-chan struct{} + UpdateWebhookChan chan bool + createDefaultWebhook chan string + serverIP string // when running outside a cluster timeoutSeconds int32 log logr.Logger debug bool autoUpdateWebhooks bool - stopCh <-chan struct{} - - UpdateWebhookChan chan bool - createDefaultWebhook chan string // manage implements methods to manage webhook configurations manage @@ -86,14 +87,14 @@ func NewRegister( mwcLister: mwcInformer.Lister(), vwcLister: vwcInformer.Lister(), kDeplLister: kDeplInformer.Lister(), + UpdateWebhookChan: make(chan bool), + createDefaultWebhook: make(chan string), + stopCh: stopCh, serverIP: serverIP, timeoutSeconds: webhookTimeout, log: log.WithName("Register"), debug: debug, autoUpdateWebhooks: autoUpdateWebhooks, - UpdateWebhookChan: make(chan bool), - createDefaultWebhook: make(chan string), - stopCh: stopCh, } register.manage = newWebhookConfigManager(client.Discovery(), kubeClient, kyvernoClient, pInformer, npInformer, mwcInformer, vwcInformer, serverIP, register.autoUpdateWebhooks, register.createDefaultWebhook, stopCh, log.WithName("WebhookConfigManager")) @@ -112,37 +113,29 @@ func (wrc *Register) Register() error { return err } } - caData := wrc.readCaData() if caData == nil { return errors.New("Unable to extract CA data from configuration") } - - errors := make([]string, 0) + var errors []string if err := wrc.createVerifyMutatingWebhookConfiguration(caData); err != nil { errors = append(errors, err.Error()) } - if err := wrc.createPolicyValidatingWebhookConfiguration(caData); err != nil { errors = append(errors, err.Error()) } - if err := wrc.createPolicyMutatingWebhookConfiguration(caData); err != nil { errors = append(errors, err.Error()) } - if err := wrc.createResourceValidatingWebhookConfiguration(caData); err != nil { errors = append(errors, err.Error()) } - if err := wrc.createResourceMutatingWebhookConfiguration(caData); err != nil { errors = append(errors, err.Error()) } - if len(errors) > 0 { return fmt.Errorf("%s", strings.Join(errors, ",")) } - go wrc.manage.start() return nil } @@ -152,23 +145,18 @@ func (wrc *Register) Check() error { if _, err := wrc.mwcLister.Get(getVerifyMutatingWebhookConfigName(wrc.serverIP)); err != nil { return err } - if _, err := wrc.mwcLister.Get(getResourceMutatingWebhookConfigName(wrc.serverIP)); err != nil { return err } - if _, err := wrc.vwcLister.Get(getResourceValidatingWebhookConfigName(wrc.serverIP)); err != nil { return err } - if _, err := wrc.mwcLister.Get(getPolicyMutatingWebhookConfigName(wrc.serverIP)); err != nil { return err } - if _, err := wrc.vwcLister.Get(getPolicyValidatingWebhookConfigName(wrc.serverIP)); err != nil { return err } - return nil } @@ -185,6 +173,11 @@ func (wrc *Register) Remove(cleanUp chan<- struct{}) { } } +// GetWebhookTimeOut returns the value of webhook timeout +func (wrc *Register) GetWebhookTimeOut() time.Duration { + return time.Duration(wrc.timeoutSeconds) +} + // UpdateWebhookConfigurations updates resource webhook configurations dynamically // based on the UPDATEs of Kyverno ConfigMap defined in INIT_CONFIG env // @@ -321,11 +314,6 @@ func (wrc *Register) createVerifyMutatingWebhookConfiguration(caData []byte) err return wrc.createMutatingWebhookConfiguration(config) } -// GetWebhookTimeOut returns the value of webhook timeout -func (wrc *Register) GetWebhookTimeOut() time.Duration { - return time.Duration(wrc.timeoutSeconds) -} - func (wrc *Register) checkEndpoint() error { endpoint, err := wrc.kubeClient.CoreV1().Endpoints(config.KyvernoNamespace).Get(context.TODO(), config.KyvernoServiceName, metav1.GetOptions{}) if err != nil { @@ -340,10 +328,7 @@ func (wrc *Register) checkEndpoint() error { if err != nil { return fmt.Errorf("failed to list Kyverno Pod: %v", err) } - ips, errs := getHealthyPodsIP(pods.Items) - if len(errs) != 0 { - return fmt.Errorf("error getting pod's IP: %v", errs) - } + ips := getHealthyPodsIP(pods.Items) if len(ips) == 0 { return fmt.Errorf("pod is not assigned to any node yet") }