DevFW-CICD/ingress-nginx-helm
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ingress-nginx-helm/images/kube-webhook-certgen/rootfs/cmd/patch.go
Mateusz Gozdek 260910c0a0
images/kube-webhook-certgen/rootfs: improvements (#7630) 
* images/kube-webhook-certgen/rootfs/README.md: remove trailing whitespace

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs: improve code formatting

Automatically using gofumpt.

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs: remove executable bits from files

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/cmd: remove unreachable code

log.Fatal(|f) will alread call os.Exit(1), so this code is never
reached.

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/pkg/k8s: fix unit tests

Right now they fail as everything else migrated from using v1beta1 to
v1.

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs: create clientset in cmd package

So one can easily mock the client, without touching unexported parts of
the code and to soften the dependency between CLI code (kubeconfig
path).

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/cmd: simplify bool logic

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/pkg/k8s: improve formatting

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/pkg/k8s: improve variable names

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/pkg/k8s: refactor a bit

Move patching logic to separate functions.

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>

* images/kube-webhook-certgen/rootfs/pkg/k8s: fix error log messages

In patchMutating() function, log messages were waying still patching
validating webhook.

Signed-off-by: Mateusz Gozdek <mgozdek@microsoft.com>
2021-09-16 13:59:26 -07:00

57 lines
2.4 KiB
Go
Raw Blame History

package cmd
import (
"github.com/jet/kube-webhook-certgen/pkg/k8s"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
admissionv1 "k8s.io/api/admissionregistration/v1"
)
var patch = &cobra.Command{
Use: "patch",
Short: "Patch a validatingwebhookconfiguration and mutatingwebhookconfiguration 'webhook-name' by using the ca from 'secret-name' in 'namespace'",
Long: "Patch a validatingwebhookconfiguration and mutatingwebhookconfiguration 'webhook-name' by using the ca from 'secret-name' in 'namespace'",
PreRun: prePatchCommand,
Run: patchCommand,
}
func prePatchCommand(cmd *cobra.Command, args []string) {
configureLogging(cmd, args)
if !cfg.patchMutating && !cfg.patchValidating {
log.Fatal("patch-validating=false, patch-mutating=false. You must patch at least one kind of webhook, otherwise this command is a no-op")
}
switch cfg.patchFailurePolicy {
case "":
break
case "Ignore":
case "Fail":
failurePolicy = admissionv1.FailurePolicyType(cfg.patchFailurePolicy)
break
default:
log.Fatalf("patch-failure-policy %s is not valid", cfg.patchFailurePolicy)
}
}
func patchCommand(_ *cobra.Command, _ []string) {
k := k8s.New(newKubernetesClient(cfg.kubeconfig))
ca := k.GetCaFromSecret(cfg.secretName, cfg.namespace)
if ca == nil {
log.Fatalf("no secret with '%s' in '%s'", cfg.secretName, cfg.namespace)
}
k.PatchWebhookConfigurations(cfg.webhookName, ca, &failurePolicy, cfg.patchMutating, cfg.patchValidating)
}
func init() {
rootCmd.AddCommand(patch)
patch.Flags().StringVar(&cfg.secretName, "secret-name", "", "Name of the secret where certificate information will be read from")
patch.Flags().StringVar(&cfg.namespace, "namespace", "", "Namespace of the secret where certificate information will be read from")
patch.Flags().StringVar(&cfg.webhookName, "webhook-name", "", "Name of validatingwebhookconfiguration and mutatingwebhookconfiguration that will be updated")
patch.Flags().BoolVar(&cfg.patchValidating, "patch-validating", true, "If true, patch validatingwebhookconfiguration")
patch.Flags().BoolVar(&cfg.patchMutating, "patch-mutating", true, "If true, patch mutatingwebhookconfiguration")
patch.Flags().StringVar(&cfg.patchFailurePolicy, "patch-failure-policy", "", "If set, patch the webhooks with this failure policy. Valid options are Ignore or Fail")
patch.MarkFlagRequired("secret-name")
patch.MarkFlagRequired("namespace")
patch.MarkFlagRequired("webhook-name")
}
Reference in a new issue View git blame Copy permalink