removes k8s.io/kubernetes/pkg/api dependency from the webhook plugin.

Kubernetes-commit: fa96700b76de3df759b3dddb747da575c909acec
2017-10-09 22:15:25 +02:00 · 2017-10-09 22:15:25 +02:00 · 136304ddb2
parent 31b3593a1f
commit 136304ddb2
6 changed files with 65 additions and 11 deletions
--- a/pkg/admission/initializer/BUILD
+++ b/pkg/admission/initializer/BUILD
@ -13,6 +13,7 @@ go_library(
        "interfaces.go",
    ],
    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
        "//vendor/k8s.io/client-go/informers:go_default_library",
@ -24,6 +25,7 @@ go_test(
    name = "go_default_xtest",
    srcs = ["initializer_test.go"],
    deps = [
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/admission/initializer:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
--- a/pkg/admission/initializer/initializer.go
+++ b/pkg/admission/initializer/initializer.go
@ -17,6 +17,7 @@ limitations under the License.
 package initializer

 import (
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
 	"k8s.io/client-go/informers"
@ -31,17 +32,26 @@ type pluginInitializer struct {
 	serverIdentifyingClientCert []byte
 	// serverIdentifyingClientKey private key for the client certificate used when calling out to admission plugins
 	serverIdentifyingClientKey []byte
+	scheme                     *runtime.Scheme
 }

 // New creates an instance of admission plugins initializer.
 // TODO(p0lyn0mial): make the parameters public, this construction seems to be redundant.
-func New(extClientset kubernetes.Interface, extInformers informers.SharedInformerFactory, authz authorizer.Authorizer, serverIdentifyingClientCert, serverIdentifyingClientKey []byte) (pluginInitializer, error) {
+func New(
+	extClientset kubernetes.Interface,
+	extInformers informers.SharedInformerFactory,
+	authz authorizer.Authorizer,
+	serverIdentifyingClientCert,
+	serverIdentifyingClientKey []byte,
+	scheme *runtime.Scheme,
+) (pluginInitializer, error) {
 	return pluginInitializer{
 		externalClient:              extClientset,
 		externalInformers:           extInformers,
 		authorizer:                  authz,
 		serverIdentifyingClientCert: serverIdentifyingClientCert,
 		serverIdentifyingClientKey:  serverIdentifyingClientKey,
+		scheme: scheme,
 	}, nil
 }

@ -63,6 +73,10 @@ func (i pluginInitializer) Initialize(plugin admission.Interface) {
 	if wants, ok := plugin.(WantsClientCert); ok {
 		wants.SetClientCert(i.serverIdentifyingClientCert, i.serverIdentifyingClientKey)
 	}
+
+	if wants, ok := plugin.(WantsScheme); ok {
+		wants.SetScheme(i.scheme)
+	}
 }

 var _ admission.PluginInitializer = pluginInitializer{}
--- a/pkg/admission/initializer/initializer_test.go
+++ b/pkg/admission/initializer/initializer_test.go
@ -20,6 +20,7 @@ import (
 	"testing"
 	"time"

+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/admission/initializer"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
@ -28,12 +29,27 @@ import (
 	"k8s.io/client-go/kubernetes/fake"
 )

+// TestWantsScheme ensures that the scheme is injected when
+// the WantsScheme interface is implemented by a plugin.
+func TestWantsScheme(t *testing.T) {
+	scheme := runtime.NewScheme()
+	target, err := initializer.New(nil, nil, nil, nil, nil, scheme)
+	if err != nil {
+		t.Fatal(err)
+	}
+	wantSchemeAdmission := &WantSchemeAdmission{}
+	target.Initialize(wantSchemeAdmission)
+	if wantSchemeAdmission.scheme != scheme {
+		t.Errorf("expected scheme to be initialized")
+	}
+}
+
 // TestWantsAuthorizer ensures that the authorizer is injected
 // when the WantsAuthorizer interface is implemented by a plugin.
 func TestWantsAuthorizer(t *testing.T) {
-	target, err := initializer.New(nil, nil, &TestAuthorizer{}, nil, nil)
+	target, err := initializer.New(nil, nil, &TestAuthorizer{}, nil, nil, nil)
 	if err != nil {
-		t.Fatalf("expected to create an instance of initializer but got an error = %s", err.Error())
+		t.Fatal(err)
 	}
 	wantAuthorizerAdmission := &WantAuthorizerAdmission{}
 	target.Initialize(wantAuthorizerAdmission)
@ -46,9 +62,9 @@ func TestWantsAuthorizer(t *testing.T) {
 // when the WantsExternalKubeClientSet interface is implemented by a plugin.
 func TestWantsExternalKubeClientSet(t *testing.T) {
 	cs := &fake.Clientset{}
-	target, err := initializer.New(cs, nil, &TestAuthorizer{}, nil, nil)
+	target, err := initializer.New(cs, nil, &TestAuthorizer{}, nil, nil, nil)
 	if err != nil {
-		t.Fatalf("expected to create an instance of initializer but got an error = %s", err.Error())
+		t.Fatal(err)
 	}
 	wantExternalKubeClientSet := &WantExternalKubeClientSet{}
 	target.Initialize(wantExternalKubeClientSet)
@ -62,9 +78,9 @@ func TestWantsExternalKubeClientSet(t *testing.T) {
 func TestWantsExternalKubeInformerFactory(t *testing.T) {
 	cs := &fake.Clientset{}
 	sf := informers.NewSharedInformerFactory(cs, time.Duration(1)*time.Second)
-	target, err := initializer.New(cs, sf, &TestAuthorizer{}, nil, nil)
+	target, err := initializer.New(cs, sf, &TestAuthorizer{}, nil, nil, nil)
 	if err != nil {
-		t.Fatalf("expected to create an instance of initializer but got an error = %s", err.Error())
+		t.Fatal(err)
 	}
 	wantExternalKubeInformerFactory := &WantExternalKubeInformerFactory{}
 	target.Initialize(wantExternalKubeInformerFactory)
@ -76,9 +92,9 @@ func TestWantsExternalKubeInformerFactory(t *testing.T) {
 // TestWantsClientCert ensures that the client certificate and key are injected
 // when the WantsClientCert interface is implemented by a plugin.
 func TestWantsClientCert(t *testing.T) {
-	target, err := initializer.New(nil, nil, nil, []byte("cert"), []byte("key"))
+	target, err := initializer.New(nil, nil, nil, []byte("cert"), []byte("key"), nil)
 	if err != nil {
-		t.Fatalf("expected to create an instance of initializer but got an error = %s", err.Error())
+		t.Fatal(err)
 	}
 	wantClientCert := &clientCertWanter{}
 	target.Initialize(wantClientCert)
@ -144,3 +160,16 @@ func (s *clientCertWanter) SetClientCert(cert, key []byte)     { s.gotCert, s.go
 func (s *clientCertWanter) Admit(a admission.Attributes) error { return nil }
 func (s *clientCertWanter) Handles(o admission.Operation) bool { return false }
 func (s *clientCertWanter) Validate() error                    { return nil }
+
+// WantSchemeAdmission is a test stub that fulfills the WantsScheme interface.
+type WantSchemeAdmission struct {
+	scheme *runtime.Scheme
+}
+
+func (self *WantSchemeAdmission) SetScheme(s *runtime.Scheme)        { self.scheme = s }
+func (self *WantSchemeAdmission) Admit(a admission.Attributes) error { return nil }
+func (self *WantSchemeAdmission) Handles(o admission.Operation) bool { return false }
+func (self *WantSchemeAdmission) Validate() error                    { return nil }
+
+var _ admission.Interface = &WantSchemeAdmission{}
+var _ initializer.WantsScheme = &WantSchemeAdmission{}
--- a/pkg/admission/initializer/interfaces.go
+++ b/pkg/admission/initializer/interfaces.go
@ -17,6 +17,7 @@ limitations under the License.
 package initializer

 import (
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/authorization/authorizer"
 	"k8s.io/client-go/informers"
@ -47,3 +48,9 @@ type WantsClientCert interface {
 	SetClientCert(cert, key []byte)
 	admission.Validator
 }
+
+// WantsScheme defines a function that accepts runtime.Scheme for admission plugins that need it.
+type WantsScheme interface {
+	SetScheme(*runtime.Scheme)
+	admission.Validator
+}
--- a/pkg/admission/plugin/namespace/lifecycle/admission_test.go
+++ b/pkg/admission/plugin/namespace/lifecycle/admission_test.go
@ -48,7 +48,7 @@ func newHandlerForTestWithClock(c clientset.Interface, cacheClock clock.Clock) (
 	if err != nil {
 		return nil, f, err
 	}
-	pluginInitializer, err := kubeadmission.New(c, f, nil, nil, nil)
+	pluginInitializer, err := kubeadmission.New(c, f, nil, nil, nil, nil)
 	if err != nil {
 		return handler, f, err
 	}
--- a/pkg/server/options/admission.go
+++ b/pkg/server/options/admission.go
@ -21,6 +21,7 @@ import (
 	"strings"

 	"github.com/spf13/pflag"
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/admission/initializer"
 	"k8s.io/apiserver/pkg/admission/plugin/initialization"
@ -82,6 +83,7 @@ func (a *AdmissionOptions) ApplyTo(
 	serverIdentifyingClientCert []byte,
 	serverIdentifyingClientKey []byte,
 	clientConfig *rest.Config,
+	scheme *runtime.Scheme,
 	pluginInitializers ...admission.PluginInitializer,
 ) error {
 	pluginNames := a.PluginNames
@ -98,7 +100,7 @@ func (a *AdmissionOptions) ApplyTo(
 	if err != nil {
 		return err
 	}
-	genericInitializer, err := initializer.New(clientset, informers, c.Authorizer, serverIdentifyingClientCert, serverIdentifyingClientKey)
+	genericInitializer, err := initializer.New(clientset, informers, c.Authorizer, serverIdentifyingClientCert, serverIdentifyingClientKey, scheme)
 	if err != nil {
 		return err
 	}