mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

create policy webhookcfgs after verifying webhook status

Browse source
This commit is contained in:
Shuting Zhao 2019-11-25 18:22:05 -08:00
parent a963843245
commit f6db1b9e87
1 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
pkg/webhookconfig/registration.go
View file

@ -65,6 +65,17 @@ func (wrc *WebhookRegistrationClient) Register() error {
// webhook configurations are created dynamically based on the policy resources
wrc.removeWebhookConfigurations()
// create Verify mutating webhook configuration resource
// that is used to check if admission control is enabled or not
if err := wrc.createVerifyMutatingWebhookConfiguration(); err != nil {
return err
}
if err := wrc.waitForWebhookSuccess(); err != nil {
return fmt.Errorf("inactive webhook, not registering webhookconfigurations for policy: %v", err)
}
glog.V(4).Infof("webhook is active, registering policy webhookcofigurations")
// Static Webhook configuration on Policy CRD
// create Policy CRD validating webhook configuration resource
// used for validating Policy CR
@ -77,12 +88,6 @@ func (wrc *WebhookRegistrationClient) Register() error {
return err
}
// create Verify mutating webhook configuration resource
// that is used to check if admission control is enabled or not
if err := wrc.createVerifyMutatingWebhookConfiguration(); err != nil {
return err
}
return nil
}
@ -125,8 +130,9 @@ func (wrc *WebhookRegistrationClient) CreateResourceMutatingWebhookConfiguration
// Mutationg webhook is be used for Mutating & Validating purpose
func (wrc *WebhookRegistrationClient) createResourceMutatingWebhookConfiguration() error {
if err := wrc.waitForWebhookSuccess(); err != nil {
return fmt.Errorf("inactive webhook: %v", err)
return fmt.Errorf("inactive webhook, not registering webhookconfiguration for resource: %v", err)
}
glog.V(4).Infof("webhook is active, registering resource mutating webhookcofigurations")
var caData []byte
var config *admregapi.MutatingWebhookConfiguration
@ -342,7 +348,7 @@ func (wrc *WebhookRegistrationClient) waitForWebhookSuccess() error {
return wait.ExponentialBackoff(backoff, func() (bool, error) {
timeDiff := time.Since(wrc.LastReqTime.Time())
if timeDiff < checker.DefaultDeadline {
glog.Infof("Verified webhook status, creating resource mutating webhook configuration")
glog.Infof("Verified webhook status, creating webhook configuration")
return true, nil
}
glog.V(4).Infof("webhook is inactive, retrying #%d", count)