From 79a5a497fd811174c071398961cbd56a17e9ee26 Mon Sep 17 00:00:00 2001 From: Fabrizio Sestito Date: Mon, 23 Sep 2024 09:18:40 +0200 Subject: [PATCH 1/3] fix: group resource plural name in webhook manifests Signed-off-by: Fabrizio Sestito --- config/webhook/manifests.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index 8c0ee4dc..ec2f5c9f 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -44,7 +44,7 @@ webhooks: - CREATE - UPDATE resources: - - admissionpoliciesgroup + - admissionpolicygroups sideEffects: None - admissionReviewVersions: - v1 @@ -86,7 +86,7 @@ webhooks: - CREATE - UPDATE resources: - - clusteradmissionpoliciesgroup + - clusteradmissionpolicygroups sideEffects: None - admissionReviewVersions: - v1 @@ -155,7 +155,7 @@ webhooks: - CREATE - UPDATE resources: - - admissionpoliciesgroup + - admissionpolicygroups sideEffects: None - admissionReviewVersions: - v1 @@ -197,7 +197,7 @@ webhooks: - CREATE - UPDATE resources: - - clusteradmissionpoliciesgroup + - clusteradmissionpolicygroups sideEffects: None - admissionReviewVersions: - v1 From 7b2eadb3108c9893387b4716e471637be85994f4 Mon Sep 17 00:00:00 2001 From: Fabrizio Sestito Date: Mon, 23 Sep 2024 09:21:29 +0200 Subject: [PATCH 2/3] fix: group resource plural name in webhook rbac generation Signed-off-by: Fabrizio Sestito --- api/policies/v1/admissionpolicygroup_webhook.go | 4 ++-- api/policies/v1/clusteradmissionpolicygroup_webhook.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/api/policies/v1/admissionpolicygroup_webhook.go b/api/policies/v1/admissionpolicygroup_webhook.go index df702f0f..a6084202 100644 --- a/api/policies/v1/admissionpolicygroup_webhook.go +++ b/api/policies/v1/admissionpolicygroup_webhook.go @@ -43,7 +43,7 @@ func (r *AdmissionPolicyGroup) SetupWebhookWithManager(mgr ctrl.Manager) error { return nil } -//+kubebuilder:webhook:path=/mutate-policies-kubewarden-io-v1-admissionpolicygroup,mutating=true,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=admissionpoliciesgroup,verbs=create;update,versions=v1,name=madmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} +//+kubebuilder:webhook:path=/mutate-policies-kubewarden-io-v1-admissionpolicygroup,mutating=true,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=admissionpolicygroups,verbs=create;update,versions=v1,name=madmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} var _ webhook.Defaulter = &AdmissionPolicyGroup{} @@ -59,7 +59,7 @@ func (r *AdmissionPolicyGroup) Default() { } } -//+kubebuilder:webhook:path=/validate-policies-kubewarden-io-v1-admissionpolicygroup,mutating=false,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=admissionpoliciesgroup,verbs=create;update,versions=v1,name=vadmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} +//+kubebuilder:webhook:path=/validate-policies-kubewarden-io-v1-admissionpolicygroup,mutating=false,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=admissionpolicygroups,verbs=create;update,versions=v1,name=vadmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} var _ webhook.Validator = &AdmissionPolicyGroup{} diff --git a/api/policies/v1/clusteradmissionpolicygroup_webhook.go b/api/policies/v1/clusteradmissionpolicygroup_webhook.go index 030a966a..b75c2c06 100644 --- a/api/policies/v1/clusteradmissionpolicygroup_webhook.go +++ b/api/policies/v1/clusteradmissionpolicygroup_webhook.go @@ -45,7 +45,7 @@ func (r *ClusterAdmissionPolicyGroup) SetupWebhookWithManager(mgr ctrl.Manager) return nil } -//+kubebuilder:webhook:path=/mutate-policies-kubewarden-io-v1-clusteradmissionpolicygroup,mutating=true,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=clusteradmissionpoliciesgroup,verbs=create;update,versions=v1,name=mclusteradmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} +//+kubebuilder:webhook:path=/mutate-policies-kubewarden-io-v1-clusteradmissionpolicygroup,mutating=true,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=clusteradmissionpolicygroups,verbs=create;update,versions=v1,name=mclusteradmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} var _ webhook.Defaulter = &ClusterAdmissionPolicyGroup{} @@ -60,7 +60,7 @@ func (r *ClusterAdmissionPolicyGroup) Default() { } } -//+kubebuilder:webhook:path=/validate-policies-kubewarden-io-v1-clusteradmissionpolicygroup,mutating=false,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=clusteradmissionpoliciesgroup,verbs=create;update,versions=v1,name=vclusteradmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} +//+kubebuilder:webhook:path=/validate-policies-kubewarden-io-v1-clusteradmissionpolicygroup,mutating=false,failurePolicy=fail,sideEffects=None,groups=policies.kubewarden.io,resources=clusteradmissionpolicygroups,verbs=create;update,versions=v1,name=vclusteradmissionpolicygroup.kb.io,admissionReviewVersions={v1,v1beta1} var _ webhook.Validator = &ClusterAdmissionPolicyGroup{} From 755dd7bcec32fcc1633f101c7f2bda9cb7fad0cf Mon Sep 17 00:00:00 2001 From: Fabrizio Sestito Date: Mon, 23 Sep 2024 09:22:07 +0200 Subject: [PATCH 3/3] chore: fix policy group plural variable naming Signed-off-by: Fabrizio Sestito --- internal/controller/policyserver_controller.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/internal/controller/policyserver_controller.go b/internal/controller/policyserver_controller.go index 65c53e9a..9c0f972b 100644 --- a/internal/controller/policyserver_controller.go +++ b/internal/controller/policyserver_controller.go @@ -303,17 +303,17 @@ func (r *PolicyServerReconciler) getPolicies(ctx context.Context, policyServer * return nil, err } - var admissionPoliciesGroup policiesv1.AdmissionPolicyGroupList - err = r.Client.List(ctx, &admissionPoliciesGroup, client.MatchingFields{constants.PolicyServerIndexKey: policyServer.Name}) + var admissionPolicyGroupList policiesv1.AdmissionPolicyGroupList + err = r.Client.List(ctx, &admissionPolicyGroupList, client.MatchingFields{constants.PolicyServerIndexKey: policyServer.Name}) if err != nil && apierrors.IsNotFound(err) { - err = fmt.Errorf("failed obtaining AdmissionPoliciesGroups: %w", err) + err = fmt.Errorf("failed obtaining AdmissionPolicyGroups: %w", err) return nil, err } - var clusterAdmissionPoliciesGroup policiesv1.ClusterAdmissionPolicyGroupList - err = r.Client.List(ctx, &clusterAdmissionPoliciesGroup, client.MatchingFields{constants.PolicyServerIndexKey: policyServer.Name}) + var clusterAdmissionPolicyGroupList policiesv1.ClusterAdmissionPolicyGroupList + err = r.Client.List(ctx, &clusterAdmissionPolicyGroupList, client.MatchingFields{constants.PolicyServerIndexKey: policyServer.Name}) if err != nil && apierrors.IsNotFound(err) { - err = fmt.Errorf("failed obtaining ClusterAdmissionPoliciesGroup: %w", err) + err = fmt.Errorf("failed obtaining ClusterAdmissionPolicyGroups: %w", err) return nil, err } @@ -324,10 +324,10 @@ func (r *PolicyServerReconciler) getPolicies(ctx context.Context, policyServer * for _, admissionPolicy := range admissionPolicies.Items { policies = append(policies, admissionPolicy.DeepCopy()) } - for _, admissionPolicyGroup := range admissionPoliciesGroup.Items { + for _, admissionPolicyGroup := range admissionPolicyGroupList.Items { policies = append(policies, admissionPolicyGroup.DeepCopy()) } - for _, clusterAdmissionPolicyGroup := range clusterAdmissionPoliciesGroup.Items { + for _, clusterAdmissionPolicyGroup := range clusterAdmissionPolicyGroupList.Items { policies = append(policies, clusterAdmissionPolicyGroup.DeepCopy()) } return policies, nil