-
Notifications
You must be signed in to change notification settings - Fork 7
/
controller.go
79 lines (66 loc) · 2.54 KB
/
controller.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package webhook
import (
"context"
"k8s.io/apimachinery/pkg/types"
"k8s.io/client-go/tools/cache"
kubeclient "knative.dev/pkg/client/injection/kube/client"
vwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration"
"knative.dev/pkg/controller"
secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret"
"knative.dev/pkg/logging"
pkgreconciler "knative.dev/pkg/reconciler"
"knative.dev/pkg/system"
"knative.dev/pkg/webhook"
)
func NewAdmissionController(ctx context.Context,
name, path string,
wc func(context.Context) context.Context,
disallowUnknownFields bool,
) *controller.Impl {
client := kubeclient.Get(ctx)
vwhInformer := vwhinformer.Get(ctx)
secretInformer := secretinformer.Get(ctx)
options := webhook.GetOptions(ctx)
key := types.NamespacedName{
Namespace: system.Namespace(),
Name: name,
}
c := &reconciler{
LeaderAwareFuncs: pkgreconciler.LeaderAwareFuncs{
// Have this reconciler enqueue our singleton whenever it becomes leader.
PromoteFunc: func(bkt pkgreconciler.Bucket, enq func(pkgreconciler.Bucket, types.NamespacedName)) error {
enq(bkt, key)
return nil
},
},
key: key,
path: path,
withContext: wc,
disallowUnknownFields: disallowUnknownFields,
secretName: options.SecretName,
client: client,
vwhlister: vwhInformer.Lister(),
secretlister: secretInformer.Lister(),
}
logger := logging.FromContext(ctx)
cont := controller.NewContext(ctx, c, controller.ControllerOptions{WorkQueueName: "ValidatingWebhook", Logger: logger})
// Reconcile when the named ValidatingWebhookConfiguration changes.
if _, err := vwhInformer.Informer().AddEventHandler(cache.FilteringResourceEventHandler{
FilterFunc: controller.FilterWithName(name),
// It doesn't matter what we enqueue because we will always Reconcile
// the named MWH resource.
Handler: controller.HandleAll(cont.Enqueue),
}); err != nil {
logger.Panicf("couldn't register ValidatingWebhookConfiguration informer event handler: %w", err)
}
// Reconcile when the cert bundle changes.
if _, err := secretInformer.Informer().AddEventHandler(cache.FilteringResourceEventHandler{
FilterFunc: controller.FilterWithNameAndNamespace(system.Namespace(), c.secretName),
// It doesn't matter what we enqueue because we will always Reconcile
// the named MWH resource.
Handler: controller.HandleAll(cont.Enqueue),
}); err != nil {
logger.Panicf("couldn't register Secret informer event handler: %w", err)
}
return cont
}