knative
/
pkg
mirror of https://github.com/knative/pkg.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Eliminate the Namespace config option in favor of system.Namespace. (#817)

This commit is contained in:
Matt Moore 2019-10-28 11:41:43 -07:00 committed by Knative Prow Robot
parent 809ce573e4
commit 070396a075
3 changed files with 10 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
webhook/helper_test.go
View File

@ -31,6 +31,7 @@ import (
"k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes"
. "knative.dev/pkg/logging/testing" . "knative.dev/pkg/logging/testing"
"knative.dev/pkg/system"
. "knative.dev/pkg/testing" . "knative.dev/pkg/testing"
) )
@ -108,7 +109,7 @@ func createSecureTLSClient(t *testing.T, kubeClient kubernetes.Interface, acOpts
tlsClientConfig := &tls.Config{ tlsClientConfig := &tls.Config{
// Add knative namespace as CN // Add knative namespace as CN
ServerName: "webhook.knative-something", ServerName: "webhook." + system.Namespace(),
RootCAs: pool, RootCAs: pool,
Certificates: tlsServerConfig.Certificates, Certificates: tlsServerConfig.Certificates,
} }

12
webhook/webhook.go
View File

@ -30,6 +30,7 @@ import (
"golang.org/x/sync/errgroup" "golang.org/x/sync/errgroup"
"knative.dev/pkg/logging" "knative.dev/pkg/logging"
"knative.dev/pkg/logging/logkey" "knative.dev/pkg/logging/logkey"
"knative.dev/pkg/system"
admissionv1beta1 "k8s.io/api/admission/v1beta1" admissionv1beta1 "k8s.io/api/admission/v1beta1"
corev1 "k8s.io/api/core/v1" corev1 "k8s.io/api/core/v1"
@ -68,9 +69,6 @@ type ControllerOptions struct {
// registration. // registration.
SecretName string SecretName string
// Namespace is the namespace in which everything above lives.
Namespace string
// Port where the webhook is served. Per k8s admission // Port where the webhook is served. Per k8s admission
// registration requirements this should be 443 unless there is // registration requirements this should be 443 unless there is
// only a single port for the service. // only a single port for the service.
@ -302,7 +300,7 @@ func makeTLSConfig(serverCert, serverKey, caCert []byte, clientAuthType tls.Clie
func getOrGenerateKeyCertsFromSecret(ctx context.Context, client kubernetes.Interface, func getOrGenerateKeyCertsFromSecret(ctx context.Context, client kubernetes.Interface,
options *ControllerOptions) (serverKey, serverCert, caCert []byte, err error) { options *ControllerOptions) (serverKey, serverCert, caCert []byte, err error) {
logger := logging.FromContext(ctx) logger := logging.FromContext(ctx)
secret, err := client.CoreV1().Secrets(options.Namespace).Get(options.SecretName, metav1.GetOptions{}) secret, err := client.CoreV1().Secrets(system.Namespace()).Get(options.SecretName, metav1.GetOptions{})
if err != nil { if err != nil {
if !apierrors.IsNotFound(err) { if !apierrors.IsNotFound(err) {
return nil, nil, nil, err return nil, nil, nil, err
@ -318,7 +316,7 @@ func getOrGenerateKeyCertsFromSecret(ctx context.Context, client kubernetes.Inte
return nil, nil, nil, err return nil, nil, nil, err
} }
// OK, so something else might have created, try fetching it instead. // OK, so something else might have created, try fetching it instead.
secret, err = client.CoreV1().Secrets(options.Namespace).Get(options.SecretName, metav1.GetOptions{}) secret, err = client.CoreV1().Secrets(system.Namespace()).Get(options.SecretName, metav1.GetOptions{})
if err != nil { if err != nil {
return nil, nil, nil, err return nil, nil, nil, err
} }
@ -368,14 +366,14 @@ func makeErrorStatus(reason string, args ...interface{}) *admissionv1beta1.Admis
} }
func generateSecret(ctx context.Context, options *ControllerOptions) (*corev1.Secret, error) { func generateSecret(ctx context.Context, options *ControllerOptions) (*corev1.Secret, error) {
serverKey, serverCert, caCert, err := CreateCerts(ctx, options.ServiceName, options.Namespace) serverKey, serverCert, caCert, err := CreateCerts(ctx, options.ServiceName, system.Namespace())
if err != nil { if err != nil {
return nil, err return nil, err
} }
return &corev1.Secret{ return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{ ObjectMeta: metav1.ObjectMeta{
Name: options.SecretName, Name: options.SecretName,
Namespace: options.Namespace, Namespace: system.Namespace(),
}, },
Data: map[string][]byte{ Data: map[string][]byte{
secretServerKey: serverKey, secretServerKey: serverKey,

8
webhook/webhook_test.go
View File

@ -33,11 +33,12 @@ import (
"knative.dev/pkg/configmap" "knative.dev/pkg/configmap"
. "knative.dev/pkg/logging/testing" . "knative.dev/pkg/logging/testing"
"knative.dev/pkg/system"
_ "knative.dev/pkg/system/testing"
) )
func newDefaultOptions() ControllerOptions { func newDefaultOptions() ControllerOptions {
return ControllerOptions{ return ControllerOptions{
Namespace: "knative-something",
ServiceName: "webhook", ServiceName: "webhook",
Port: 443, Port: 443,
SecretName: "webhook-certs", SecretName: "webhook-certs",
@ -94,10 +95,9 @@ func TestRegistrationStopChanFire(t *testing.T) {
func TestCertConfigurationForAlreadyGeneratedSecret(t *testing.T) { func TestCertConfigurationForAlreadyGeneratedSecret(t *testing.T) {
secretName := "test-secret" secretName := "test-secret"
ns := "test-namespace" ns := system.Namespace()
opts := newDefaultOptions() opts := newDefaultOptions()
opts.SecretName = secretName opts.SecretName = secretName
opts.Namespace = ns
kubeClient, ac := newNonRunningTestWebhook(t, opts) kubeClient, ac := newNonRunningTestWebhook(t, opts)
ctx := TestContextWithLogger(t) ctx := TestContextWithLogger(t)
@ -139,10 +139,8 @@ func TestCertConfigurationForAlreadyGeneratedSecret(t *testing.T) {
func TestCertConfigurationForGeneratedSecret(t *testing.T) { func TestCertConfigurationForGeneratedSecret(t *testing.T) {
secretName := "test-secret" secretName := "test-secret"
ns := "test-namespace"
opts := newDefaultOptions() opts := newDefaultOptions()
opts.SecretName = secretName opts.SecretName = secretName
opts.Namespace = ns
kubeClient, ac := newNonRunningTestWebhook(t, opts) kubeClient, ac := newNonRunningTestWebhook(t, opts)
ctx := TestContextWithLogger(t) ctx := TestContextWithLogger(t)