From 4ae4f03901dc84e11d93099c7702563df725d046 Mon Sep 17 00:00:00 2001 From: dashanji Date: Mon, 3 Apr 2023 20:21:06 +0800 Subject: [PATCH] Add an option for enable/disable webhook for a standard operator generated by kubebuilder Signed-off-by: dashanji --- README.md | 2 ++ cmd/helmify/flags.go | 1 + pkg/config/config.go | 2 ++ pkg/processor/deployment/deployment.go | 29 ++++++++++++++++++++++++-- pkg/processor/pod/pod.go | 3 ++- pkg/processor/service/service.go | 4 ++++ pkg/processor/webhook/cert.go | 27 ++++++++++++++++++------ pkg/processor/webhook/issuer.go | 19 ++++++++++++++--- pkg/processor/webhook/mutating.go | 21 +++++++++++++++---- pkg/processor/webhook/validating.go | 17 +++++++++++---- 10 files changed, 105 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 123867b2..364b2dc4 100644 --- a/README.md +++ b/README.md @@ -87,6 +87,8 @@ Usage: | -crd-dir | Place crds in their own folder per Helm 3 [docs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#method-1-let-helm-do-it-for-you). Caveat: CRDs templating is not supported by Helm. | `helmify -crd-dir`| | -image-pull-secrets| Allows the user to use existing secrets as imagePullSecrets | `helmify -image-pull-secrets`| | -cert-manager-as-subchart | Allows the user to install cert-manager as a subchart | `helmify -cert-manager-as-subchart`| +| -add-webhook-option | Adds an option to enable/disable webhook installation | `helmify -add-webhook-option`| + ## Status Supported k8s resources: - Deployment, DaemonSet, StatefulSet diff --git a/cmd/helmify/flags.go b/cmd/helmify/flags.go index 0d998e23..64abc937 100644 --- a/cmd/helmify/flags.go +++ b/cmd/helmify/flags.go @@ -39,6 +39,7 @@ func ReadFlags() config.Config { flag.BoolVar(&result.ImagePullSecrets, "image-pull-secrets", false, "Allows the user to use existing secrets as imagePullSecrets in values.yaml") flag.BoolVar(&result.GenerateDefaults, "generate-defaults", false, "Allows the user to add empty placeholders for tipical customization options in values.yaml. Currently covers: topology constraints, node selectors, tolerances") flag.BoolVar(&result.CertManagerAsSubchart, "cert-manager-as-subchart", false, "Allows the user to add cert-manager as a subchart") + flag.BoolVar(&result.AddWebhookOption, "add-webhook-option", false, "Allows the user to add webhook option in values.yaml") flag.Parse() if h || help { diff --git a/pkg/config/config.go b/pkg/config/config.go index 7fa4c313..b079f37e 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -28,6 +28,8 @@ type Config struct { GenerateDefaults bool // CertManagerAsSubchart enables the generation of a subchart for cert-manager CertManagerAsSubchart bool + // AddWebhookOption enables the generation of a webhook option in values.yamlß + AddWebhookOption bool } func (c *Config) Validate() error { diff --git a/pkg/processor/deployment/deployment.go b/pkg/processor/deployment/deployment.go index 23c2e750..0f8232f3 100644 --- a/pkg/processor/deployment/deployment.go +++ b/pkg/processor/deployment/deployment.go @@ -2,11 +2,12 @@ package deployment import ( "fmt" - "github.com/arttor/helmify/pkg/processor/pod" "io" "strings" "text/template" + "github.com/arttor/helmify/pkg/processor/pod" + "github.com/arttor/helmify/pkg/helmify" "github.com/arttor/helmify/pkg/processor" yamlformat "github.com/arttor/helmify/pkg/yaml" @@ -119,9 +120,11 @@ func (d deployment) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstr if err != nil { return true, nil, err } + if appMeta.Config().AddWebhookOption { + spec = addWebhookOption(spec) + } spec = strings.ReplaceAll(spec, "'", "") - return true, &result{ values: values, data: struct { @@ -142,6 +145,28 @@ func (d deployment) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstr }, nil } +func addWebhookOption(manifest string) string { + webhookOptionHeader := " {{- if .Values.webhook.enabled }}" + webhookOptionFooter := " {{- end }}" + volumes := ` - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert` + volumeMounts := ` - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true` + webhookPort := ` - containerPort: 9443 + name: webhook-server + protocol: TCP` + manifest = strings.ReplaceAll(manifest, volumes, fmt.Sprintf("%s\n%s\n%s", + webhookOptionHeader, volumes, webhookOptionFooter)) + manifest = strings.ReplaceAll(manifest, volumeMounts, fmt.Sprintf("%s\n%s\n%s", + webhookOptionHeader, volumeMounts, webhookOptionFooter)) + manifest = strings.ReplaceAll(manifest, webhookPort, fmt.Sprintf("%s\n%s\n%s", + webhookOptionHeader, webhookPort, webhookOptionFooter)) + return manifest +} + func processReplicas(name string, deployment *appsv1.Deployment, values *helmify.Values) (string, error) { if deployment.Spec.Replicas == nil { return "", nil diff --git a/pkg/processor/pod/pod.go b/pkg/processor/pod/pod.go index a541b89d..205e2f73 100644 --- a/pkg/processor/pod/pod.go +++ b/pkg/processor/pod/pod.go @@ -2,6 +2,8 @@ package pod import ( "fmt" + "strings" + "github.com/arttor/helmify/pkg/cluster" "github.com/arttor/helmify/pkg/helmify" securityContext "github.com/arttor/helmify/pkg/processor/security-context" @@ -9,7 +11,6 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" - "strings" ) const imagePullPolicyTemplate = "{{ .Values.%[1]s.%[2]s.imagePullPolicy }}" diff --git a/pkg/processor/service/service.go b/pkg/processor/service/service.go index 72557f1d..57edabce 100644 --- a/pkg/processor/service/service.go +++ b/pkg/processor/service/service.go @@ -95,8 +95,12 @@ func (r svc) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructured } ports[i] = pMap } + _ = unstructured.SetNestedSlice(values, ports, shortNameCamel, "ports") res := meta + fmt.Sprintf(svcTempSpec, shortNameCamel, selector, appMeta.ChartName()) + if shortNameCamel == "webhookService" && appMeta.Config().AddWebhookOption { + res = fmt.Sprintf("{{- if .Values.webhook.enabled }}\n%s\n{{- end }}", res) + } return true, &result{ name: shortName, data: res, diff --git a/pkg/processor/webhook/cert.go b/pkg/processor/webhook/cert.go index e067f592..7dd2541e 100644 --- a/pkg/processor/webhook/cert.go +++ b/pkg/processor/webhook/cert.go @@ -16,7 +16,9 @@ import ( ) const ( - certTempl = `apiVersion: cert-manager.io/v1 + WebhookHeader = `{{- if .Values.webhook.enabled }}` + WebhookFooter = `{{- end }}` + certTempl = `apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: {{ include "%[1]s.fullname" . }}-%[2]s @@ -57,6 +59,10 @@ func (c cert) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructure } name := appMeta.TrimName(obj.GetName()) + // Add webhook.enabled value to values.yaml + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + dnsNames, _, err := unstructured.NestedSlice(obj.Object, "spec", "dnsNames") if err != nil { return true, nil, errors.Wrap(err, "unable get cert dnsNames") @@ -93,16 +99,25 @@ func (c cert) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructure } else { tmpl = certTempl } + if appMeta.Config().AddWebhookOption { + // Add webhook.enabled value to values.yaml + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + + tmpl = fmt.Sprintf("%s\n%s\n%s", WebhookHeader, tmpl, WebhookFooter) + } res := fmt.Sprintf(tmpl, appMeta.ChartName(), name, string(spec)) return true, &certResult{ - name: name, - data: []byte(res), + name: name, + data: []byte(res), + values: values, }, nil } type certResult struct { - name string - data []byte + name string + data []byte + values helmify.Values } func (r *certResult) Filename() string { @@ -110,7 +125,7 @@ func (r *certResult) Filename() string { } func (r *certResult) Values() helmify.Values { - return helmify.Values{} + return r.values } func (r *certResult) Write(writer io.Writer) error { diff --git a/pkg/processor/webhook/issuer.go b/pkg/processor/webhook/issuer.go index 196c11ed..6a63c515 100644 --- a/pkg/processor/webhook/issuer.go +++ b/pkg/processor/webhook/issuer.go @@ -53,6 +53,11 @@ func (i issuer) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructu return false, nil, nil } name := appMeta.TrimName(obj.GetName()) + + // Add webhook.enabled to values + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + spec, _ := yaml.Marshal(obj.Object["spec"]) spec = yamlformat.Indent(spec, 2) spec = bytes.TrimRight(spec, "\n ") @@ -62,6 +67,13 @@ func (i issuer) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructu } else { tmpl = issuerTempl } + if appMeta.Config().AddWebhookOption { + // Add webhook.enabled value to values.yaml + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + + tmpl = fmt.Sprintf("%s\n%s\n%s", WebhookHeader, tmpl, WebhookFooter) + } res := fmt.Sprintf(tmpl, appMeta.ChartName(), name, string(spec)) return true, &issResult{ name: name, @@ -70,8 +82,9 @@ func (i issuer) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructu } type issResult struct { - name string - data []byte + name string + data []byte + values helmify.Values } func (r *issResult) Filename() string { @@ -79,7 +92,7 @@ func (r *issResult) Filename() string { } func (r *issResult) Values() helmify.Values { - return helmify.Values{} + return r.values } func (r *issResult) Write(writer io.Writer) error { diff --git a/pkg/processor/webhook/mutating.go b/pkg/processor/webhook/mutating.go index 77099008..7387ec75 100644 --- a/pkg/processor/webhook/mutating.go +++ b/pkg/processor/webhook/mutating.go @@ -48,6 +48,10 @@ func (w mwh) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructured } name := appMeta.TrimName(obj.GetName()) + // Add webhook.enabled value to values.yaml + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + whConf := v1.MutatingWebhookConfiguration{} err := runtime.DefaultUnstructuredConverter.FromUnstructured(obj.Object, &whConf) if err != nil { @@ -66,7 +70,15 @@ func (w mwh) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructured } certName = strings.TrimPrefix(certName, appMeta.Namespace()+"/") certName = appMeta.TrimName(certName) - res := fmt.Sprintf(mwhTempl, appMeta.ChartName(), name, certName, string(webhooks)) + tmpl := mwhTempl + if appMeta.Config().AddWebhookOption { + // Add webhook.enabled value to values.yaml + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + + tmpl = fmt.Sprintf("%s\n%s\n%s", WebhookHeader, mwhTempl, WebhookFooter) + } + res := fmt.Sprintf(tmpl, appMeta.ChartName(), name, certName, string(webhooks)) return true, &mwhResult{ name: name, data: []byte(res), @@ -74,8 +86,9 @@ func (w mwh) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructured } type mwhResult struct { - name string - data []byte + name string + data []byte + values helmify.Values } func (r *mwhResult) Filename() string { @@ -83,7 +96,7 @@ func (r *mwhResult) Filename() string { } func (r *mwhResult) Values() helmify.Values { - return helmify.Values{} + return r.values } func (r *mwhResult) Write(writer io.Writer) error { diff --git a/pkg/processor/webhook/validating.go b/pkg/processor/webhook/validating.go index f35a2281..d1c95813 100644 --- a/pkg/processor/webhook/validating.go +++ b/pkg/processor/webhook/validating.go @@ -66,7 +66,15 @@ func (w vwh) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructured } certName = strings.TrimPrefix(certName, appMeta.Namespace()+"/") certName = appMeta.TrimName(certName) - res := fmt.Sprintf(vwhTempl, appMeta.ChartName(), name, certName, string(webhooks)) + tmpl := vwhTempl + if appMeta.Config().AddWebhookOption { + // Add webhook.enabled value to values.yaml + values := helmify.Values{} + values.Add(true, "webhook", "enabled") + + tmpl = fmt.Sprintf("%s\n%s\n%s", WebhookHeader, mwhTempl, WebhookFooter) + } + res := fmt.Sprintf(tmpl, appMeta.ChartName(), name, certName, string(webhooks)) return true, &vwhResult{ name: name, data: []byte(res), @@ -74,8 +82,9 @@ func (w vwh) Process(appMeta helmify.AppMetadata, obj *unstructured.Unstructured } type vwhResult struct { - name string - data []byte + name string + data []byte + values helmify.Values } func (r *vwhResult) Filename() string { @@ -83,7 +92,7 @@ func (r *vwhResult) Filename() string { } func (r *vwhResult) Values() helmify.Values { - return helmify.Values{} + return r.values } func (r *vwhResult) Write(writer io.Writer) error {