diff --git a/pkg/webhook/rollout/validating/webhooks.go b/pkg/webhook/rollout/validating/webhooks.go index bc21164..8eb1146 100644 --- a/pkg/webhook/rollout/validating/webhooks.go +++ b/pkg/webhook/rollout/validating/webhooks.go @@ -17,6 +17,8 @@ limitations under the License. package validating import ( + "github.com/openkruise/rollouts/pkg/webhook/types" + "sigs.k8s.io/controller-runtime/pkg/manager" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) @@ -24,7 +26,10 @@ import ( var ( // HandlerMap contains admission webhook handlers - HandlerMap = map[string]admission.Handler{ - "validate-rollouts-kruise-io-rollout": &RolloutCreateUpdateHandler{}, + HandlerMap = map[string]types.HandlerGetter{ + "validate-rollouts-kruise-io-rollout": func(mgr manager.Manager) admission.Handler { + decoder, _ := admission.NewDecoder(mgr.GetScheme()) + return &RolloutCreateUpdateHandler{Decoder: decoder, Client: mgr.GetClient()} + }, } ) diff --git a/pkg/webhook/server.go b/pkg/webhook/server.go index 3a9c9e1..e489db3 100644 --- a/pkg/webhook/server.go +++ b/pkg/webhook/server.go @@ -19,6 +19,7 @@ package webhook import ( "context" "fmt" + "github.com/openkruise/rollouts/pkg/webhook/types" "time" webhookutil "github.com/openkruise/rollouts/pkg/webhook/util" @@ -28,7 +29,6 @@ import ( "k8s.io/klog/v2" "sigs.k8s.io/controller-runtime/pkg/manager" "sigs.k8s.io/controller-runtime/pkg/webhook" - "sigs.k8s.io/controller-runtime/pkg/webhook/admission" "sigs.k8s.io/controller-runtime/pkg/webhook/conversion" ) @@ -36,15 +36,15 @@ type GateFunc func() (enabled bool) var ( // HandlerMap contains all admission webhook handlers. - HandlerMap = map[string]admission.Handler{} + HandlerMap = map[string]types.HandlerGetter{} handlerGates = map[string]GateFunc{} ) -func addHandlers(m map[string]admission.Handler) { +func addHandlers(m map[string]types.HandlerGetter) { addHandlersWithGate(m, nil) } -func addHandlersWithGate(m map[string]admission.Handler, fn GateFunc) { +func addHandlersWithGate(m map[string]types.HandlerGetter, fn GateFunc) { for path, handler := range m { if len(path) == 0 { klog.Warningf("Skip handler with empty path.") @@ -88,7 +88,7 @@ func SetupWithManager(mgr manager.Manager) error { // register admission handlers filterActiveHandlers() for path, handler := range HandlerMap { - server.Register(path, &webhook.Admission{Handler: handler}) + server.Register(path, &webhook.Admission{Handler: handler(mgr)}) klog.V(3).Infof("Registered webhook handler %s", path) } err := initialize(context.TODO(), mgr.GetConfig()) diff --git a/pkg/webhook/types/types.go b/pkg/webhook/types/types.go new file mode 100644 index 0000000..75de7e9 --- /dev/null +++ b/pkg/webhook/types/types.go @@ -0,0 +1,8 @@ +package types + +import ( + "sigs.k8s.io/controller-runtime/pkg/manager" + "sigs.k8s.io/controller-runtime/pkg/webhook/admission" +) + +type HandlerGetter = func(manager.Manager) admission.Handler diff --git a/pkg/webhook/util/configuration/configuration.go b/pkg/webhook/util/configuration/configuration.go index 3468be5..778ea53 100644 --- a/pkg/webhook/util/configuration/configuration.go +++ b/pkg/webhook/util/configuration/configuration.go @@ -23,12 +23,13 @@ import ( "net/url" "reflect" + webhooktypes "github.com/openkruise/rollouts/pkg/webhook/types" webhookutil "github.com/openkruise/rollouts/pkg/webhook/util" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" clientset "k8s.io/client-go/kubernetes" "k8s.io/klog/v2" - "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) const ( @@ -36,7 +37,7 @@ const ( ValidatingWebhookConfigurationName = "kruise-rollout-validating-webhook-configuration" ) -func Ensure(kubeClient clientset.Interface, handlers map[string]admission.Handler, caBundle []byte) error { +func Ensure(kubeClient clientset.Interface, handlers map[string]webhooktypes.HandlerGetter, caBundle []byte) error { mutatingConfig, err := kubeClient.AdmissionregistrationV1().MutatingWebhookConfigurations().Get(context.TODO(), MutatingWebhookConfigurationName, metav1.GetOptions{}) if err != nil { return fmt.Errorf("not found MutatingWebhookConfiguration %s", MutatingWebhookConfigurationName) diff --git a/pkg/webhook/util/controller/webhook_controller.go b/pkg/webhook/util/controller/webhook_controller.go index d3be627..964f7f0 100644 --- a/pkg/webhook/util/controller/webhook_controller.go +++ b/pkg/webhook/util/controller/webhook_controller.go @@ -22,6 +22,7 @@ import ( "sync" "time" + webhooktypes "github.com/openkruise/rollouts/pkg/webhook/types" webhookutil "github.com/openkruise/rollouts/pkg/webhook/util" "github.com/openkruise/rollouts/pkg/webhook/util/configuration" "github.com/openkruise/rollouts/pkg/webhook/util/crd" @@ -44,7 +45,6 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/client-go/util/workqueue" "k8s.io/klog/v2" - "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) const ( @@ -68,7 +68,7 @@ func Inited() chan struct{} { type Controller struct { kubeClient clientset.Interface - handlers map[string]admission.Handler + handlers map[string]webhooktypes.HandlerGetter informerFactory informers.SharedInformerFactory //secretLister corelisters.SecretNamespaceLister @@ -82,7 +82,7 @@ type Controller struct { queue workqueue.RateLimitingInterface } -func New(cfg *rest.Config, handlers map[string]admission.Handler) (*Controller, error) { +func New(cfg *rest.Config, handlers map[string]webhooktypes.HandlerGetter) (*Controller, error) { kubeClient, err := clientset.NewForConfig(cfg) if err != nil { return nil, err diff --git a/pkg/webhook/workload/mutating/unified_update_handler.go b/pkg/webhook/workload/mutating/unified_update_handler.go index d29cae3..e638866 100644 --- a/pkg/webhook/workload/mutating/unified_update_handler.go +++ b/pkg/webhook/workload/mutating/unified_update_handler.go @@ -38,7 +38,6 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/klog/v2" "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/runtime/inject" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) @@ -188,23 +187,6 @@ func (h *UnifiedWorkloadHandler) fetchMatchedRollout(obj client.Object) (*appsv1 return nil, nil } -var _ inject.Client = &UnifiedWorkloadHandler{} - -// InjectClient injects the client into the UnifiedWorkloadHandler -func (h *UnifiedWorkloadHandler) InjectClient(c client.Client) error { - h.Client = c - h.Finder = util.NewControllerFinder(c) - return nil -} - -var _ admission.DecoderInjector = &UnifiedWorkloadHandler{} - -// InjectDecoder injects the decoder into the UnifiedWorkloadHandler -func (h *UnifiedWorkloadHandler) InjectDecoder(d *admission.Decoder) error { - h.Decoder = d - return nil -} - func (h *UnifiedWorkloadHandler) checkWorkloadRules(ctx context.Context, req admission.Request) (bool, error) { webhook := &v1.MutatingWebhookConfiguration{} if err := h.Client.Get(ctx, types.NamespacedName{Name: configuration.MutatingWebhookConfigurationName}, webhook); err != nil { diff --git a/pkg/webhook/workload/mutating/webhooks.go b/pkg/webhook/workload/mutating/webhooks.go index c31c2c0..490e032 100644 --- a/pkg/webhook/workload/mutating/webhooks.go +++ b/pkg/webhook/workload/mutating/webhooks.go @@ -17,6 +17,9 @@ limitations under the License. package mutating import ( + "github.com/openkruise/rollouts/pkg/util" + "github.com/openkruise/rollouts/pkg/webhook/types" + "sigs.k8s.io/controller-runtime/pkg/manager" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) @@ -27,10 +30,23 @@ import ( var ( // HandlerMap contains admission webhook handlers - HandlerMap = map[string]admission.Handler{ - "mutate-apps-kruise-io-v1alpha1-cloneset": &WorkloadHandler{}, - "mutate-apps-v1-deployment": &WorkloadHandler{}, - "mutate-apps-kruise-io-v1alpha1-daemonset": &WorkloadHandler{}, - "mutate-unified-workload": &UnifiedWorkloadHandler{}, + HandlerMap = map[string]types.HandlerGetter{ + "mutate-apps-kruise-io-v1alpha1-cloneset": func(mgr manager.Manager) admission.Handler { + decoder, _ := admission.NewDecoder(mgr.GetScheme()) + return &WorkloadHandler{Decoder: decoder, Client: mgr.GetClient(), Finder: util.NewControllerFinder(mgr.GetClient())} + }, + "mutate-apps-v1-deployment": func(mgr manager.Manager) admission.Handler { + decoder, _ := admission.NewDecoder(mgr.GetScheme()) + return &WorkloadHandler{Decoder: decoder, Client: mgr.GetClient(), Finder: util.NewControllerFinder(mgr.GetClient())} + }, + + "mutate-apps-kruise-io-v1alpha1-daemonset": func(mgr manager.Manager) admission.Handler { + decoder, _ := admission.NewDecoder(mgr.GetScheme()) + return &WorkloadHandler{Decoder: decoder, Client: mgr.GetClient(), Finder: util.NewControllerFinder(mgr.GetClient())} + }, + "mutate-unified-workload": func(mgr manager.Manager) admission.Handler { + decoder, _ := admission.NewDecoder(mgr.GetScheme()) + return &UnifiedWorkloadHandler{Decoder: decoder, Client: mgr.GetClient(), Finder: util.NewControllerFinder(mgr.GetClient())} + }, } ) diff --git a/pkg/webhook/workload/mutating/workload_update_handler.go b/pkg/webhook/workload/mutating/workload_update_handler.go index 90c9d15..ea193e5 100644 --- a/pkg/webhook/workload/mutating/workload_update_handler.go +++ b/pkg/webhook/workload/mutating/workload_update_handler.go @@ -43,7 +43,6 @@ import ( "k8s.io/klog/v2" "k8s.io/utils/pointer" "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/runtime/inject" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) @@ -397,23 +396,6 @@ func (h *WorkloadHandler) fetchMatchedRollout(obj client.Object) (*appsv1beta1.R return nil, nil } -var _ inject.Client = &WorkloadHandler{} - -// InjectClient injects the client into the WorkloadHandler -func (h *WorkloadHandler) InjectClient(c client.Client) error { - h.Client = c - h.Finder = util.NewControllerFinder(c) - return nil -} - -var _ admission.DecoderInjector = &WorkloadHandler{} - -// InjectDecoder injects the decoder into the WorkloadHandler -func (h *WorkloadHandler) InjectDecoder(d *admission.Decoder) error { - h.Decoder = d - return nil -} - func isEffectiveDeploymentRevisionChange(oldObj, newObj *apps.Deployment) bool { if newObj.Annotations[appsv1beta1.RolloutIDLabel] != "" && oldObj.Annotations[appsv1beta1.RolloutIDLabel] == newObj.Annotations[appsv1beta1.RolloutIDLabel] {