Skip to content

Commit

Permalink
Disable the webhook server by default on e2e tests
Browse files Browse the repository at this point in the history
  • Loading branch information
TheSpiritXIII committed Sep 28, 2023
1 parent da9fa62 commit c9c8194
Show file tree
Hide file tree
Showing 3 changed files with 55 additions and 30 deletions.
29 changes: 21 additions & 8 deletions e2e/operator_context_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,10 @@ type OperatorContext struct {
}

func newOperatorContext(t *testing.T) *OperatorContext {
return newOperatorContextWithOptions(t, operator.Options{})
}

func newOperatorContextWithOptions(t *testing.T, opts operator.Options) *OperatorContext {
kubeClient, err := kubernetes.NewForConfig(kubeconfig)
if err != nil {
t.Fatalf("Build Kubernetes clientset: %s", err)
Expand Down Expand Up @@ -166,14 +170,23 @@ func newOperatorContext(t *testing.T) *OperatorContext {
t.Fatalf("create test namespace: %s", err)
}

op, err := operator.New(globalLogger, kubeconfig, operator.Options{
ProjectID: projectID,
Cluster: cluster,
Location: location,
OperatorNamespace: tctx.namespace,
PublicNamespace: tctx.pubNamespace,
ListenAddr: ":10250",
})
if opts.ProjectID == "" {
opts.ProjectID = projectID
}
if opts.Cluster == "" {
opts.Cluster = cluster
}
if opts.Location == "" {
opts.Location = location
}
if opts.OperatorNamespace == "" {
opts.OperatorNamespace = tctx.namespace
}
if opts.PublicNamespace == "" {
opts.PublicNamespace = tctx.pubNamespace
}

op, err := operator.New(globalLogger, kubeconfig, opts)
if err != nil {
t.Fatalf("instantiating operator: %s", err)
}
Expand Down
5 changes: 4 additions & 1 deletion e2e/webhook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,17 @@ import (
"testing"
"time"

"github.com/GoogleCloudPlatform/prometheus-engine/pkg/operator"
arv1 "k8s.io/api/admissionregistration/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/wait"
)

// webhook configurations.
func TestWebhookCABundleInjection(t *testing.T) {
tctx := newOperatorContext(t)
tctx := newOperatorContextWithOptions(t, operator.Options{
ListenAddr: ":10250",
})

var (
whConfigName = fmt.Sprintf("gmp-operator.%s.monitoring.googleapis.com", tctx.namespace)
Expand Down
51 changes: 30 additions & 21 deletions pkg/operator/operator.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/event"
"sigs.k8s.io/controller-runtime/pkg/manager"
"sigs.k8s.io/controller-runtime/pkg/reconcile"
"sigs.k8s.io/controller-runtime/pkg/webhook"
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"

monitoringv1 "github.com/GoogleCloudPlatform/prometheus-engine/pkg/operator/apis/monitoring/v1"
Expand Down Expand Up @@ -170,29 +171,37 @@ func New(logger logr.Logger, clientConfig *rest.Config, opts Options) (*Operator
if err := opts.defaultAndValidate(logger); err != nil {
return nil, fmt.Errorf("invalid options: %w", err)
}
// Create temporary directory to store webhook serving cert files.
certDir, err := os.MkdirTemp("", "operator-cert")
if err != nil {
return nil, fmt.Errorf("create temporary certificate dir: %w", err)
}

sc, err := getScheme()
if err != nil {
return nil, fmt.Errorf("unable to initialize Kubernetes scheme: %w", err)
}

host, portStr, err := net.SplitHostPort(opts.ListenAddr)
if err != nil {
return nil, fmt.Errorf("invalid listen address: %w", err)
}
port, err := strconv.Atoi(portStr)
if err != nil {
return nil, fmt.Errorf("invalid port: %w", err)
var webhookServer *webhook.Server
if opts.ListenAddr != "" {
// Create temporary directory to store webhook serving cert files.
certDir, err := os.MkdirTemp("", "operator-cert")
if err != nil {
return nil, fmt.Errorf("create temporary certificate dir: %w", err)
}

host, portStr, err := net.SplitHostPort(opts.ListenAddr)
if err != nil {
return nil, fmt.Errorf("invalid listen address: %w", err)
}
port, err := strconv.Atoi(portStr)
if err != nil {
return nil, fmt.Errorf("invalid port: %w", err)
}
webhookServer = &webhook.Server{
Host: host,
Port: port,
CertDir: certDir,
}
}
manager, err := ctrl.NewManager(clientConfig, manager.Options{
Scheme: sc,
Host: host,
Port: port,
Scheme: sc,
WebhookServer: webhookServer,
// Don't run a metrics server with the manager. Metrics are being served
// explicitly in the main routine.
MetricsBindAddress: "0",
Expand Down Expand Up @@ -256,7 +265,6 @@ func New(logger logr.Logger, clientConfig *rest.Config, opts Options) (*Operator
},
}})
}),
CertDir: certDir,
})
if err != nil {
return nil, fmt.Errorf("create controller manager: %w", err)
Expand Down Expand Up @@ -289,7 +297,8 @@ func New(logger logr.Logger, clientConfig *rest.Config, opts Options) (*Operator
// custom resources and registers handlers with the webhook server.
func (o *Operator) setupAdmissionWebhooks(ctx context.Context) error {
// Write provided cert files.
caBundle, err := o.ensureCerts(ctx, o.manager.GetWebhookServer().CertDir)
s := o.manager.GetWebhookServer()
caBundle, err := o.ensureCerts(ctx, s.CertDir)
if err != nil {
return err
}
Expand Down Expand Up @@ -320,8 +329,6 @@ func (o *Operator) setupAdmissionWebhooks(ctx context.Context) error {
}
}()

s := o.manager.GetWebhookServer()

// Validating webhooks.
s.Register(
validatePath(monitoringv1.PodMonitoringResource()),
Expand Down Expand Up @@ -374,8 +381,10 @@ func (o *Operator) Run(ctx context.Context, registry prometheus.Registerer) erro
if err := o.cleanupOldResources(ctx); err != nil {
return fmt.Errorf("cleanup old resources: %w", err)
}
if err := o.setupAdmissionWebhooks(ctx); err != nil {
return fmt.Errorf("init admission resources: %w", err)
if o.opts.ListenAddr != "" {
if err := o.setupAdmissionWebhooks(ctx); err != nil {
return fmt.Errorf("init admission resources: %w", err)
}
}
if err := setupCollectionControllers(o); err != nil {
return fmt.Errorf("setup collection controllers: %w", err)
Expand Down

0 comments on commit c9c8194

Please sign in to comment.