Skip to content

Commit

Permalink
Merge pull request #31 from yshch/I-29
Browse files Browse the repository at this point in the history 
I-30 -- Implement basic validating admission webhook
  • Loading branch information
@yshch
yshch authored Oct 19, 2022
2 parents 521cf44 + cfb02e1 commit aba2f54
Show file tree
Hide file tree
Showing 288 changed files with 45,717 additions and 9 deletions.
3 changes: 3 additions & 0 deletions .dockerignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
.git/
*.md
/build
3 changes: 3 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# binaries
/build/loggo/loggo
/build/validating-webhook/validating-webhook
2 changes: 1 addition & 1 deletion .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@ before_install:
- sudo apt-get update
- sudo apt-get -y install libsystemd-dev

script: make build build-test test functional-test-redis functional-test-sla
script: make build build-validating-webhook build-test test functional-test-redis functional-test-sla
6 changes: 5 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,11 @@ cleanup-docker:

build:
mkdir -p build
GO111MODULE=on CGO_ENABLED=1 GOOS=linux go build -mod vendor -tags netgo -installsuffix cgo -o build/loggo cmd/loggo/main.go
GO111MODULE=on CGO_ENABLED=1 GOOS=linux go build -mod vendor -tags netgo -installsuffix cgo -o build/loggo/loggo cmd/loggo/main.go

build-validating-webhook:
mkdir -p build
GO111MODULE=on CGO_ENABLED=1 GOOS=linux go build -mod vendor -tags netgo -installsuffix cgo -o build/validating-webhook/validating-webhook cmd/validating-webhook/main.go

build-test:
GO111MODULE=on go build -mod vendor -o build/tests cmd/tests/main.go
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile → build/loggo/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ RUN make build

FROM debian:bullseye
RUN apt update && apt install -y ca-certificates
COPY --from=builder /src/build/loggo /loggo
COPY --from=builder /src/build/loggo/loggo /loggo
CMD ["/loggo"]
10 changes: 10 additions & 0 deletions build/validating-webhook/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
FROM golang:1.18.6-bullseye as builder
RUN apt update && apt install -y libsystemd-dev
WORKDIR /src
COPY . /src/
RUN make build-validating-webhook

FROM debian:bullseye
RUN apt update && apt install -y ca-certificates
COPY --from=builder /src/build/validating-webhook/validating-webhook /validating-webhook
CMD ["/validating-webhook"]
92 changes: 92 additions & 0 deletions cmd/validating-webhook/main.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
package main

import (
"context"
"log"
"net/http"
"os"

corev1 "k8s.io/api/core/v1"
_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/client/config"
"sigs.k8s.io/controller-runtime/pkg/healthz"
"sigs.k8s.io/controller-runtime/pkg/manager"
"sigs.k8s.io/controller-runtime/pkg/manager/signals"
"sigs.k8s.io/controller-runtime/pkg/webhook"
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"

"github.com/2gis/loggo/components/k8s"
"github.com/2gis/loggo/configuration"
"github.com/2gis/loggo/logging"
)

type validator struct {
Client client.Client
Config configuration.Config
decoder *admission.Decoder
}

func (v *validator) Handle(ctx context.Context, req admission.Request) admission.Response {
service := &corev1.Service{}

err := v.decoder.Decode(req, service)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}

if _, err := k8s.CreateService(v.Config.SLIExporterConfig, service.Annotations); err != nil {
return admission.Denied(err.Error())
}

return admission.Allowed("")
}

func (v *validator) InjectDecoder(d *admission.Decoder) error {
v.decoder = d
return nil
}

func main() {
c := configuration.GetConfig()
log.Printf("Starting with configuration: %s", c.ToString())
logger := logging.NewLogger("json", c.LogLevel, os.Stdout)

logger.Printf("Setting up controller manager")
restconfig, err := config.GetConfig()
if err != nil {
logger.Fatalln(err)
}
mgr, err := manager.New(restconfig, manager.Options{
HealthProbeBindAddress: ":8090",
MetricsBindAddress: ":8080",
Port: 9443,
})
if err != nil {
logger.Fatalln(err)
}

logger.Printf("Registering healthz and readyz checkers")
if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
logger.Fatalln(err)
}
if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil {
logger.Fatalln(err)
}

logger.Printf("Setting up webhook server")
hookServer := mgr.GetWebhookServer()

logger.Printf("Registering validating-webhook to the webhook server")
hookServer.Register("/validate", &webhook.Admission{
Handler: &validator{
Client: mgr.GetClient(),
Config: c,
},
})

logger.Printf("Starting manager")
if err := mgr.Start(signals.SetupSignalHandler()); err != nil {
logger.Fatalln(err)
}
}
4 changes: 3 additions & 1 deletion docker-compose.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
version: '2'
services:
loggo:
build: .
build:
context: .
dockerfile: build/loggo/Dockerfile
redis:
image: redis:6.2.5
ports:
Expand Down
6 changes: 6 additions & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,11 @@ require (
k8s.io/api v0.24.6
k8s.io/apimachinery v0.24.6
k8s.io/client-go v0.24.6
sigs.k8s.io/controller-runtime v0.12.3
)

require (
cloud.google.com/go v0.81.0 // indirect
github.com/OneOfOne/xxhash v1.2.6 // indirect
github.com/PuerkitoBio/purell v1.1.1 // indirect
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
Expand All @@ -40,10 +42,12 @@ require (
github.com/go-openapi/jsonreference v0.19.5 // indirect
github.com/go-openapi/swag v0.19.14 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/google/gnostic v0.5.7-v3refs // indirect
github.com/google/go-cmp v0.5.8 // indirect
github.com/google/gofuzz v1.1.0 // indirect
github.com/google/uuid v1.1.2 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
Expand All @@ -64,10 +68,12 @@ require (
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
golang.org/x/text v0.3.7 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.28.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/component-base v0.24.2 // indirect
k8s.io/klog/v2 v2.70.1 // indirect
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed // indirect
Expand Down
Loading

0 comments on commit aba2f54

Please sign in to comment.