From 14a840e850d5cd8e0da4f32c666291f1407bb303 Mon Sep 17 00:00:00 2001 From: geoffrey1330 Date: Wed, 14 Jun 2023 13:33:48 +0100 Subject: [PATCH 1/6] Removed Decoder Injector interface from webhook Signed-off-by: geoffrey1330 --- operator/main.go | 4 ++++ operator/webhooks/pod_mutator/pod_mutating_webhook.go | 6 ------ 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/operator/main.go b/operator/main.go index 809f844a86..de5a9e71e7 100644 --- a/operator/main.go +++ b/operator/main.go @@ -57,6 +57,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" ctrlWebhook "sigs.k8s.io/controller-runtime/pkg/webhook" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) var ( @@ -341,12 +342,15 @@ func main() { ) setupLog.Info("starting webhook and manager") + + decoder := admission.NewDecoder(mgr.GetScheme()) if err := webhookBuilder.Run(mgr, map[string]*ctrlWebhook.Admission{ "/mutate-v1-pod": { Handler: &pod_mutator.PodMutatingWebhook{ Client: mgr.GetClient(), Tracer: otel.Tracer("keptn/webhook"), Recorder: mgr.GetEventRecorderFor("keptn/webhook"), + Decoder: decoder, Log: ctrl.Log.WithName("Mutating Webhook"), }, }, diff --git a/operator/webhooks/pod_mutator/pod_mutating_webhook.go b/operator/webhooks/pod_mutator/pod_mutating_webhook.go index 447a4dbc77..297bc0714f 100644 --- a/operator/webhooks/pod_mutator/pod_mutating_webhook.go +++ b/operator/webhooks/pod_mutator/pod_mutating_webhook.go @@ -126,12 +126,6 @@ func (a *PodMutatingWebhook) Handle(ctx context.Context, req admission.Request) // PodMutatingWebhook implements admission.DecoderInjector. // A decoder will be automatically injected. -// InjectDecoder injects the decoder. -func (a *PodMutatingWebhook) InjectDecoder(d *admission.Decoder) error { - a.decoder = d - return nil -} - func (a *PodMutatingWebhook) isPodAnnotated(pod *corev1.Pod) bool { _, gotWorkloadAnnotation := getLabelOrAnnotation(&pod.ObjectMeta, apicommon.WorkloadAnnotation, apicommon.K8sRecommendedWorkloadAnnotations) _, gotVersionAnnotation := getLabelOrAnnotation(&pod.ObjectMeta, apicommon.VersionAnnotation, apicommon.K8sRecommendedVersionAnnotations) From e65f9bd6967595ea31e09d5843a79385a0e7e558 Mon Sep 17 00:00:00 2001 From: geoffrey1330 Date: Wed, 14 Jun 2023 14:08:28 +0100 Subject: [PATCH 2/6] changed decoder to Decoder in pod_mutating_webhook.go Signed-off-by: geoffrey1330 --- operator/webhooks/pod_mutator/pod_mutating_webhook.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/operator/webhooks/pod_mutator/pod_mutating_webhook.go b/operator/webhooks/pod_mutator/pod_mutating_webhook.go index 297bc0714f..9c3a645df8 100644 --- a/operator/webhooks/pod_mutator/pod_mutating_webhook.go +++ b/operator/webhooks/pod_mutator/pod_mutating_webhook.go @@ -39,7 +39,7 @@ import ( type PodMutatingWebhook struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -65,7 +65,7 @@ func (a *PodMutatingWebhook) Handle(ctx context.Context, req admission.Request) pod := &corev1.Pod{} - err := a.decoder.Decode(req, pod) + err := a.Decoder.Decode(req, pod) if err != nil { return admission.Errored(http.StatusBadRequest, err) } From f0349855503298080b0fcd50ff802701e534660b Mon Sep 17 00:00:00 2001 From: geoffrey1330 Date: Wed, 14 Jun 2023 14:19:06 +0100 Subject: [PATCH 3/6] changed decoder to Decoder in pod_mutating_webhook.go Signed-off-by: geoffrey1330 --- operator/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operator/main.go b/operator/main.go index de5a9e71e7..bd6098819e 100644 --- a/operator/main.go +++ b/operator/main.go @@ -343,7 +343,7 @@ func main() { setupLog.Info("starting webhook and manager") - decoder := admission.NewDecoder(mgr.GetScheme()) + decoder, _ := admission.NewDecoder(mgr.GetScheme()) if err := webhookBuilder.Run(mgr, map[string]*ctrlWebhook.Admission{ "/mutate-v1-pod": { Handler: &pod_mutator.PodMutatingWebhook{ From 3148f66c6df7c9c373e54ebb1d7f1c3b53ed2f11 Mon Sep 17 00:00:00 2001 From: geoffrey1330 Date: Wed, 14 Jun 2023 14:34:13 +0100 Subject: [PATCH 4/6] added error handling for decoder initializing Signed-off-by: geoffrey1330 --- operator/main.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/operator/main.go b/operator/main.go index bd6098819e..c1d1106ff0 100644 --- a/operator/main.go +++ b/operator/main.go @@ -343,7 +343,12 @@ func main() { setupLog.Info("starting webhook and manager") - decoder, _ := admission.NewDecoder(mgr.GetScheme()) + decoder, err := admission.NewDecoder(mgr.GetScheme()) + if err != nil { + setupLog.Error(err, "unable to initialize decoder") + os.Exit(1) + } + if err := webhookBuilder.Run(mgr, map[string]*ctrlWebhook.Admission{ "/mutate-v1-pod": { Handler: &pod_mutator.PodMutatingWebhook{ From 7e8f8a10eb9d67c0a48e517fad6dfb512b66853f Mon Sep 17 00:00:00 2001 From: geoffrey1330 Date: Wed, 14 Jun 2023 14:44:41 +0100 Subject: [PATCH 5/6] fixed pod mutating webhook failing test Signed-off-by: geoffrey1330 --- .../pod_mutator/pod_mutating_webhook_test.go | 36 +++++++++---------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/operator/webhooks/pod_mutator/pod_mutating_webhook_test.go b/operator/webhooks/pod_mutator/pod_mutating_webhook_test.go index 1babb0abd2..ab6493b247 100644 --- a/operator/webhooks/pod_mutator/pod_mutating_webhook_test.go +++ b/operator/webhooks/pod_mutator/pod_mutating_webhook_test.go @@ -28,7 +28,7 @@ func TestPodMutatingWebhook_getOwnerReference(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -86,7 +86,7 @@ func TestPodMutatingWebhook_getOwnerReference(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -101,7 +101,7 @@ func TestPodMutatingWebhook_getAppName(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -162,7 +162,7 @@ func TestPodMutatingWebhook_getAppName(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -177,7 +177,7 @@ func TestPodMutatingWebhook_getWorkloadName(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -242,7 +242,7 @@ func TestPodMutatingWebhook_getWorkloadName(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -367,7 +367,7 @@ func TestPodMutatingWebhook_isPodAnnotated(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -450,7 +450,7 @@ func TestPodMutatingWebhook_isPodAnnotated(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -538,7 +538,7 @@ func TestPodMutatingWebhook_copyAnnotationsIfParentAnnotated(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -692,7 +692,7 @@ func TestPodMutatingWebhook_copyAnnotationsIfParentAnnotated(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -708,7 +708,7 @@ func TestPodMutatingWebhook_copyResourceLabelsIfPresent(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -851,7 +851,7 @@ func TestPodMutatingWebhook_copyResourceLabelsIfPresent(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -870,7 +870,7 @@ func TestPodMutatingWebhook_isAppAnnotationPresent(t *testing.T) { type fields struct { Client client.Client Tracer trace.Tracer - decoder *admission.Decoder + Decoder *admission.Decoder Recorder record.EventRecorder Log logr.Logger } @@ -931,7 +931,7 @@ func TestPodMutatingWebhook_isAppAnnotationPresent(t *testing.T) { a := &PodMutatingWebhook{ Client: tt.fields.Client, Tracer: tt.fields.Tracer, - decoder: tt.fields.decoder, + Decoder: tt.fields.Decoder, Recorder: tt.fields.Recorder, Log: tt.fields.Log, } @@ -965,7 +965,7 @@ func TestPodMutatingWebhook_Handle_DisabledNamespace(t *testing.T) { wh := &PodMutatingWebhook{ Client: fakeClient, Tracer: tr, - decoder: decoder, + Decoder: decoder, Recorder: recorder, Log: testr.New(t), } @@ -1030,7 +1030,7 @@ func TestPodMutatingWebhook_Handle_SingleService(t *testing.T) { wh := &PodMutatingWebhook{ Client: fakeClient, Tracer: tr, - decoder: decoder, + Decoder: decoder, Recorder: recorder, Log: testr.New(t), } @@ -1153,7 +1153,7 @@ func TestPodMutatingWebhook_Handle_SingleService_AppCreationRequestAlreadyPresen wh := &PodMutatingWebhook{ Client: fakeClient, Tracer: tr, - decoder: decoder, + Decoder: decoder, Recorder: recorder, Log: testr.New(t), } @@ -1263,7 +1263,7 @@ func TestPodMutatingWebhook_Handle_MultiService(t *testing.T) { wh := &PodMutatingWebhook{ Client: fakeClient, Tracer: tr, - decoder: decoder, + Decoder: decoder, Recorder: recorder, Log: testr.New(t), } From cb10bd3f73d7e16d918334111a6d316e1ceddbca Mon Sep 17 00:00:00 2001 From: geoffrey1330 Date: Thu, 15 Jun 2023 08:14:35 +0100 Subject: [PATCH 6/6] removed unwanted comment Signed-off-by: geoffrey1330 --- operator/webhooks/pod_mutator/pod_mutating_webhook.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/operator/webhooks/pod_mutator/pod_mutating_webhook.go b/operator/webhooks/pod_mutator/pod_mutating_webhook.go index 9c3a645df8..2ba7a6cb88 100644 --- a/operator/webhooks/pod_mutator/pod_mutating_webhook.go +++ b/operator/webhooks/pod_mutator/pod_mutating_webhook.go @@ -123,9 +123,6 @@ func (a *PodMutatingWebhook) Handle(ctx context.Context, req admission.Request) return admission.PatchResponseFromRaw(req.Object.Raw, marshaledPod) } -// PodMutatingWebhook implements admission.DecoderInjector. -// A decoder will be automatically injected. - func (a *PodMutatingWebhook) isPodAnnotated(pod *corev1.Pod) bool { _, gotWorkloadAnnotation := getLabelOrAnnotation(&pod.ObjectMeta, apicommon.WorkloadAnnotation, apicommon.K8sRecommendedWorkloadAnnotations) _, gotVersionAnnotation := getLabelOrAnnotation(&pod.ObjectMeta, apicommon.VersionAnnotation, apicommon.K8sRecommendedVersionAnnotations)