diff --git a/Makefile b/Makefile index 8c5f67e..a77f445 100644 --- a/Makefile +++ b/Makefile @@ -442,4 +442,4 @@ run-with-webhook: export METRICS_PORT?=8080 run-with-webhook: export HEALTH_PORT?=8081 run-with-webhook: manifests generate fmt vet ## Run a controller from your host. /bin/bash hack/clean_local_webhook.sh - /bin/bash hack/run_with_local_webhook.sh \ No newline at end of file + /bin/bash hack/run_with_local_webhook.sh diff --git a/api/v1beta1/watcher_webhook.go b/api/v1beta1/watcher_webhook.go index 51384d2..1c9c997 100644 --- a/api/v1beta1/watcher_webhook.go +++ b/api/v1beta1/watcher_webhook.go @@ -21,6 +21,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) // log is for logging in this package. @@ -51,25 +52,25 @@ func (r *Watcher) Default() { var _ webhook.Validator = &Watcher{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *Watcher) ValidateCreate() error { +func (r *Watcher) ValidateCreate() (admission.Warnings, error) { watcherlog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. - return nil + return nil, nil } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *Watcher) ValidateUpdate(old runtime.Object) error { +func (r *Watcher) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { watcherlog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. - return nil + return nil, nil } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *Watcher) ValidateDelete() error { +func (r *Watcher) ValidateDelete() (admission.Warnings, error) { watcherlog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. - return nil + return nil, nil } diff --git a/api/v1beta1/watcherapi_webhook.go b/api/v1beta1/watcherapi_webhook.go index 73e5505..7e1c774 100644 --- a/api/v1beta1/watcherapi_webhook.go +++ b/api/v1beta1/watcherapi_webhook.go @@ -21,6 +21,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) // log is for logging in this package. @@ -51,25 +52,25 @@ func (r *WatcherAPI) Default() { var _ webhook.Validator = &WatcherAPI{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherAPI) ValidateCreate() error { +func (r *WatcherAPI) ValidateCreate() (admission.Warnings, error) { watcherapilog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. - return nil + return nil, nil } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherAPI) ValidateUpdate(old runtime.Object) error { +func (r *WatcherAPI) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { watcherapilog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. - return nil + return nil, nil } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherAPI) ValidateDelete() error { +func (r *WatcherAPI) ValidateDelete() (admission.Warnings, error) { watcherapilog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. - return nil + return nil, nil } diff --git a/api/v1beta1/watcherapplier_webhook.go b/api/v1beta1/watcherapplier_webhook.go index e26a2ac..1de0662 100644 --- a/api/v1beta1/watcherapplier_webhook.go +++ b/api/v1beta1/watcherapplier_webhook.go @@ -21,6 +21,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) // log is for logging in this package. @@ -51,25 +52,25 @@ func (r *WatcherApplier) Default() { var _ webhook.Validator = &WatcherApplier{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherApplier) ValidateCreate() error { +func (r *WatcherApplier) ValidateCreate() (admission.Warnings, error) { watcherapplierlog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. - return nil + return nil, nil } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherApplier) ValidateUpdate(old runtime.Object) error { +func (r *WatcherApplier) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { watcherapplierlog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. - return nil + return nil, nil } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherApplier) ValidateDelete() error { +func (r *WatcherApplier) ValidateDelete() (admission.Warnings, error) { watcherapplierlog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. - return nil + return nil, nil } diff --git a/api/v1beta1/watcherdecisionengine_webhook.go b/api/v1beta1/watcherdecisionengine_webhook.go index f92fb0f..21f8cca 100644 --- a/api/v1beta1/watcherdecisionengine_webhook.go +++ b/api/v1beta1/watcherdecisionengine_webhook.go @@ -21,6 +21,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) // log is for logging in this package. @@ -51,25 +52,25 @@ func (r *WatcherDecisionEngine) Default() { var _ webhook.Validator = &WatcherDecisionEngine{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherDecisionEngine) ValidateCreate() error { +func (r *WatcherDecisionEngine) ValidateCreate() (admission.Warnings, error) { watcherdecisionenginelog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. - return nil + return nil, nil } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherDecisionEngine) ValidateUpdate(old runtime.Object) error { +func (r *WatcherDecisionEngine) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { watcherdecisionenginelog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. - return nil + return nil, nil } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *WatcherDecisionEngine) ValidateDelete() error { +func (r *WatcherDecisionEngine) ValidateDelete() (admission.Warnings, error) { watcherdecisionenginelog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. - return nil + return nil, nil } diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml new file mode 100644 index 0000000..a614045 --- /dev/null +++ b/config/webhook/manifests.yaml @@ -0,0 +1,174 @@ +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + creationTimestamp: null + name: mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-watcher-openstack-org-v1beta1-watcher + failurePolicy: Fail + name: mwatcher.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watchers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-watcher-openstack-org-v1beta1-watcherapi + failurePolicy: Fail + name: mwatcherapi.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watcherapis + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-watcher-openstack-org-v1beta1-watcherapplier + failurePolicy: Fail + name: mwatcherapplier.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watcherappliers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-watcher-openstack-org-v1beta1-watcherdecisionengine + failurePolicy: Fail + name: mwatcherdecisionengine.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watcherdecisionengines + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + creationTimestamp: null + name: validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-watcher-openstack-org-v1beta1-watcher + failurePolicy: Fail + name: vwatcher.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watchers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-watcher-openstack-org-v1beta1-watcherapi + failurePolicy: Fail + name: vwatcherapi.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watcherapis + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-watcher-openstack-org-v1beta1-watcherapplier + failurePolicy: Fail + name: vwatcherapplier.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watcherappliers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-watcher-openstack-org-v1beta1-watcherdecisionengine + failurePolicy: Fail + name: vwatcherdecisionengine.kb.io + rules: + - apiGroups: + - watcher.openstack.org + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - watcherdecisionengines + sideEffects: None diff --git a/hack/clean_local_webhook.sh b/hack/clean_local_webhook.sh index 5c853e3..bd8f303 100644 --- a/hack/clean_local_webhook.sh +++ b/hack/clean_local_webhook.sh @@ -8,4 +8,4 @@ oc delete mutatingwebhookconfiguration/mwatcherapi.kb.io --ignore-not-found oc delete validatingwebhookconfiguration/vwatcherdecisionengine.kb.io --ignore-not-found oc delete mutatingwebhookconfiguration/mwatcherdecisionengine.kb.io --ignore-not-found oc delete validatingwebhookconfiguration/vwatcherapplier.kb.io --ignore-not-found -oc delete mutatingwebhookconfiguration/mwatcherapplier.kb.io --ignore-not-found \ No newline at end of file +oc delete mutatingwebhookconfiguration/mwatcherapplier.kb.io --ignore-not-found