Skip to content
Permalink
Browse files

Made Makefile customizable and moved `webhook` out of the `controllers`

directory

I also removed the `install` make target because I didn't find a way
of replacing `bookingcom/shipper:latest` with the specified
environment variable reliably. If people want to install Shipper on
their cluster, they can always modify the file and do `kubectl apply
-f kubernetes/deployment.shipper.yaml`.

I left `webhook` in the list of controllers in `cmd/shipper/main.go`
because it already provides a lot of boilerplate to allow users to
specify if they want to have a webhook running or not. I can't think
of a way to have the ability of enabling/disabling the webhook on the command
line without introducing a lot of repeated code.

Apart from that, I also added the check to `webhook.go` to check if
the error returned from `listenAndServe` was caused by a server close,
or if it was an actual error.
  • Loading branch information...
parhamdoustdar committed Apr 15, 2019
1 parent ad05272 commit 51c1f5a5f5bdebb63480bd6d13d37e2a22d068b7
@@ -1,30 +1,24 @@
SHIPPER_IMAGE = bookingcom/shipper:latest
METRICS_IMAGE = bookingcom/shipper-state-metrics:latest
SHIPPER_NAMESPACE = shipper-system
KUBECTL = kubectl -n $(SHIPPER_NAMESPACE)

.PHONY: shipper

shipper:
GOARCH=amd64 CGO_ENABLED=0 GOOS=linux go build -o shipper ./cmd/shipper/*.go
docker build -f Dockerfile.shipper -t localhost:32000/shipper:latest --build-arg HTTP_PROXY=$(HTTP_PROXY) --build-arg HTTPS_PROXY=$(HTTPS_PROXY) .
docker push localhost:32000/shipper:latest
docker build -f Dockerfile.shipper -t $SHIPPER_IMAGE --build-arg HTTP_PROXY=$(HTTP_PROXY) --build-arg HTTPS_PROXY=$(HTTPS_PROXY) .
docker push $SHIPPER_IMAGE

shipper-state-metrics:
GOARCH=amd64 CGO_ENABLED=0 GOOS=linux go build -o shipper-state-metrics ./cmd/shipper-state-metrics/*.go
docker build -f Dockerfile.shipper-state-metrics -t localhost:32000/shipper-state-metrics:latest --build-arg HTTP_PROXY=$(HTTP_PROXY) --build-arg HTTPS_PROXY=$(HTTPS_PROXY) .
docker push localhost:32000/shipper-state-metrics:latest
docker build -f Dockerfile.shipper-state-metrics -t $METRICS_IMAGE --build-arg HTTP_PROXY=$(HTTP_PROXY) --build-arg HTTPS_PROXY=$(HTTPS_PROXY) .
docker push $METRICS_IMAGE

restart:
# Delete all Pods in namespace, to force the ReplicaSet to spawn new ones
# with the new latest image (assuming that imagePullPolicy is set to Always).
$(KUBECTL) delete pods --all

certs:
./hack/webhook/webhook-create-signed-cert.sh --namespace $(SHIPPER_NAMESPACE)

install:
$(KUBECTL) apply -f kubernetes/shipper.service.yaml
$(KUBECTL) apply -f kubernetes/shipper.deployment.yaml
cat kubernetes/validating-webhook-configuration.yaml | hack/webhook/webhook-patch-ca-bundle.sh | $(KUBECTL) apply -f -

logs:
$(KUBECTL) get po -o jsonpath='{.items[*].metadata.name}' | xargs $(KUBECTL) logs --follow
@@ -40,9 +40,9 @@ import (
"github.com/bookingcom/shipper/pkg/controller/janitor"
"github.com/bookingcom/shipper/pkg/controller/release"
"github.com/bookingcom/shipper/pkg/controller/traffic"
"github.com/bookingcom/shipper/pkg/controller/webhook"
"github.com/bookingcom/shipper/pkg/metrics/instrumentedclient"
shippermetrics "github.com/bookingcom/shipper/pkg/metrics/prometheus"
"github.com/bookingcom/shipper/pkg/webhook"
)

var controllers = []string{
@@ -369,7 +369,7 @@ func buildInitializers() map[string]initFunc {
controllers["capacity"] = startCapacityController
controllers["traffic"] = startTrafficController
controllers["janitor"] = startJanitorController
controllers["webhook"] = startWebhookController
controllers["webhook"] = startWebhook
return controllers
}

@@ -522,13 +522,13 @@ func startTrafficController(cfg *cfg) (bool, error) {
return true, nil
}

func startWebhookController(cfg *cfg) (bool, error) {
func startWebhook(cfg *cfg) (bool, error) {
enabled := cfg.enabledControllers["webhook"]
if !enabled {
return false, nil
}

c := webhook.NewController(cfg.webhookBindAddr, cfg.webhookBindPort, cfg.webhookKeyPath, cfg.webhookCertPath)
c := webhook.NewWebhook(cfg.webhookBindAddr, cfg.webhookBindPort, cfg.webhookKeyPath, cfg.webhookCertPath)

cfg.wg.Add(1)
go func() {
@@ -16,7 +16,7 @@ spec:
spec:
containers:
- name: shipper
image: localhost:32000/shipper:latest
image: bookingcom/shipper:latest
imagePullPolicy: Always
args:
- "-webhook-cert"
@@ -14,10 +14,12 @@ import (
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/serializer"

"mime"

shipper "github.com/bookingcom/shipper/pkg/apis/shipper/v1alpha1"
)

type Controller struct {
type Webhook struct {
bindAddr string
bindPort string

@@ -31,16 +33,16 @@ var (
deserializer = codecs.UniversalDeserializer()
)

func NewController(bindAddr, bindPort, tlsPrivateKeyFile, tlsCertFile string) *Controller {
return &Controller{
func NewWebhook(bindAddr, bindPort, tlsPrivateKeyFile, tlsCertFile string) *Webhook {
return &Webhook{
bindAddr: bindAddr,
bindPort: bindPort,
tlsPrivateKeyFile: tlsPrivateKeyFile,
tlsCertFile: tlsCertFile,
}
}

func (c *Controller) Run(stopCh <-chan struct{}) {
func (c *Webhook) Run(stopCh <-chan struct{}) {
addr := c.bindAddr + ":" + c.bindPort
mux := c.initializeHandlers()
server := &http.Server{
@@ -56,23 +58,23 @@ func (c *Controller) Run(stopCh <-chan struct{}) {
serverError = server.ListenAndServeTLS(c.tlsCertFile, c.tlsPrivateKeyFile)
}

if serverError != nil {
glog.Fatalf("failed to start shipper-webhook-controller: %v", serverError)
if serverError != nil && serverError != http.ErrServerClosed {
glog.Fatalf("failed to start shipper-webhook: %v", serverError)
}
}()

glog.V(2).Info("Started WebHook controller")
glog.V(2).Info("Started the WebHook")

<-stopCh

glog.V(2).Info("Shutting down WebHook controller")
glog.V(2).Info("Shutting down the WebHook")

if err := server.Shutdown(context.Background()); err != nil {
glog.Errorf(`HTTP server Shutdown: %v`, err)
}
}

func (c *Controller) initializeHandlers() *http.ServeMux {
func (c *Webhook) initializeHandlers() *http.ServeMux {
mux := http.NewServeMux()
mux.HandleFunc("/validate", adaptHandler(c.validateHandlerFunc))
return mux
@@ -93,9 +95,13 @@ func adaptHandler(handler func(*admission_v1beta1.AdmissionReview) *admission_v1
return
}

contentType := r.Header.Get("Content-Type")
mediaType, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
if err != nil {
http.Error(w, "Invalid content-type", http.StatusUnsupportedMediaType)
return
}

if contentType != "application/json" {
if mediaType != "application/json" {
http.Error(w, "invalid Content-Type, expect `application/json`", http.StatusUnsupportedMediaType)
return
}
@@ -131,7 +137,7 @@ func adaptHandler(handler func(*admission_v1beta1.AdmissionReview) *admission_v1
}
}

func (c *Controller) validateHandlerFunc(review *admission_v1beta1.AdmissionReview) *admission_v1beta1.AdmissionResponse {
func (c *Webhook) validateHandlerFunc(review *admission_v1beta1.AdmissionReview) *admission_v1beta1.AdmissionResponse {
request := review.Request
var err error

0 comments on commit 51c1f5a

Please sign in to comment.
You can’t perform that action at this time.