Skip to content

Commit

Permalink
Merge pull request #12 from WanderaOrg/webhook
Browse files Browse the repository at this point in the history
Webhook fix & Documentation update
  • Loading branch information
coufalja authored Apr 17, 2018
2 parents 1d1d4b4 + a6ffe50 commit 9fab822
Show file tree
Hide file tree
Showing 5 changed files with 110 additions and 58 deletions.
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@ Tool for obtaining configuration from config server
The tool is released as docker image as well, check the [repository](https://hub.docker.com/r/wanderadock/scccmd/).

### Kubernetes Initializer
The tool could be used as Initializer for Kubernetes deployments.
Deployed initializer will add init container to applicable deployments,
The tool could be used as Webhook for Kubernetes deployments.
Deployed webhook will add init container to applicable deployments,
which in turn downloads configuration in deployment initialization phase.
Example k8s [manifest](docs/k8s/initializer.yaml).
Example k8s [manifest](docs/k8s/bundle.yaml).

### Tool documentation
[docs](docs/config.md) - Generated documentation for the tool
95 changes: 95 additions & 0 deletions docs/k8s/bundle.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: initializer-config
namespace: default
data:
config.yaml: |-
container-image: wanderadock/scccmd:v0.0.2
default:
label: master
profile: development
source: http://config-manager-controller.default.svc:8080
volume-mount: /config
volume-name: config
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: config-injector-cert
data:
private.key: ''
publickey.cer: ''
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: config-injector
spec:
selector:
matchLabels:
app: config-injector
template:
metadata:
labels:
app: config-injector
spec:
containers:
- name: config-injector-initializer
image: wanderadock/scccmd:v0.0.2
args:
- webhook
- --config-file
- /config/config.yaml
- --cert-file
- /keys/publickey.cer
- --key-file
- /keys/private.key
volumeMounts:
- name: config-volume
mountPath: /config
readOnly: true
- name: keys-volume
mountPath: /keys
readOnly: true
volumes:
- name: config-volume
configMap:
name: config-injector-config
- name: keys-volume
secret:
secretName: config-injector-cert
---
apiVersion: v1
kind: Service
metadata:
name: config-injector
spec:
ports:
- port: 443
name: https
selector:
app: config-injector
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: config-injector-webhook
webhooks:
- name: config.scccmd.github.com
failurePolicy: Fail
clientConfig:
service:
name: config-injector
namespace: default
path: "/inject"
caBundle: ''
rules:
- operations: [ "CREATE" ]
apiGroups: [""]
apiVersions: ["v1"]
resources: ["pods"]
namespaceSelector:
matchLabels:
inject: true
49 changes: 0 additions & 49 deletions docs/k8s/initializer.yaml

This file was deleted.

14 changes: 8 additions & 6 deletions pkg/inject/hook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ ZOQ5UvU=
-----END CERTIFICATE-----`)
)

const annotationPrefix = "config.scccmd.github.com/"
const annotationInjectKey = "config.scccmd.github.com/inject"

func TestInjectRequired(t *testing.T) {
Expand Down Expand Up @@ -189,8 +190,10 @@ func makeTestData(t testing.TB, skip bool) []byte {

pod := corev1.Pod{
ObjectMeta: metav1.ObjectMeta{
Name: "test",
Annotations: map[string]string{},
Name: "test",
Annotations: map[string]string{
annotationPrefix + "destination": "config.yaml",
},
},
Spec: corev1.PodSpec{
Volumes: []corev1.Volume{{Name: "v0"}},
Expand Down Expand Up @@ -294,6 +297,7 @@ func TestRunAndServe(t *testing.T) {
"value":{
"name":"config-init",
"image":"wanderadock/scccmd",
"args":["get","values","--source","http://config-service.default.svc:8080","--application","c1","--profile","default","--label","master","--destination","config.yaml"],
"resources":{},
"volumeMounts":[{"name":"config-volume","mountPath":"/config"}]
}
Expand All @@ -318,10 +322,8 @@ func TestRunAndServe(t *testing.T) {
},
{
"op":"add",
"path":"/metadata/annotations",
"value":{
"config.scccmd.github.com/status":"{\"initContainers\":[\"config-init\"],\"volumeMounts\":[\"config-volume\"],\"volumes\":[\"config-volume\"]}"
}
"path":"/metadata/annotations/config.scccmd.github.com~1status",
"value":"{\"initContainers\":[\"config-init\"],\"volumeMounts\":[\"config-volume\"],\"volumes\":[\"config-volume\"]}"
}
]`)

Expand Down
4 changes: 4 additions & 0 deletions pkg/inject/inject.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,10 @@ func injectionData(spec *v1.PodSpec, metadata *metav1.ObjectMeta, config *Webhoo

d, err := calculateDynamicConfig(config, metadata.GetAnnotations(), spec)

if err != nil {
return nil, "", err
}

volumeMount := corev1.VolumeMount{
Name: d.volumeName,
MountPath: d.volumeMount,
Expand Down

0 comments on commit 9fab822

Please sign in to comment.