From 4c029f75a8012945d2760bf90c85d0d32370c503 Mon Sep 17 00:00:00 2001 From: Maciej Zimnoch Date: Tue, 3 Nov 2020 19:43:59 +0100 Subject: [PATCH] kubebuilder: fix autogeneration of operator rbac webhook For some reason formatting affected generator and it didn't produce any output without any warning. We should drop it to avoid spending time on such issues. --- Makefile | 5 ++++- .../operator/default/webhookcainjection_patch.yaml | 4 ++-- config/operator/webhook/kustomizeconfig.yaml | 4 ++-- pkg/api/v1alpha1/cluster_webhook.go | 9 +++------ pkg/controllers/cluster/cluster_controller.go | 13 +++++++------ 5 files changed, 18 insertions(+), 17 deletions(-) diff --git a/Makefile b/Makefile index 10eb4dafa8..76baaf724a 100644 --- a/Makefile +++ b/Makefile @@ -50,7 +50,10 @@ deploy: manifests cert-manager # Generate manifests e.g. CRD, RBAC etc. manifests: - controller-gen $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="$(PKG)" output:crd:artifacts:config=config/operator/crd/bases output:rbac:artifacts:config=config/operator/rbac/bases + controller-gen $(CRD_OPTIONS) paths="$(PKG)" output:crd:dir=config/operator/crd/bases \ + rbac:roleName=manager-role output:rbac:artifacts:config=config/operator/rbac \ + webhook output:webhook:artifacts:config=config/operator/webhook + kustomize build config/operator/default > examples/generic/operator.yaml kustomize build config/operator/default > examples/gke/operator.yaml kustomize build config/operator/default > examples/eks/operator.yaml diff --git a/config/operator/default/webhookcainjection_patch.yaml b/config/operator/default/webhookcainjection_patch.yaml index cad464bb02..3d15b2d194 100644 --- a/config/operator/default/webhookcainjection_patch.yaml +++ b/config/operator/default/webhookcainjection_patch.yaml @@ -3,13 +3,13 @@ apiVersion: admissionregistration.k8s.io/v1beta1 kind: ValidatingWebhookConfiguration metadata: - name: cluster-webhook + name: validating-webhook-configuration annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) --- apiVersion: admissionregistration.k8s.io/v1beta1 kind: MutatingWebhookConfiguration metadata: - name: cluster-webhook + name: mutating-webhook-configuration annotations: cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) diff --git a/config/operator/webhook/kustomizeconfig.yaml b/config/operator/webhook/kustomizeconfig.yaml index a83141d4c6..f06d78e288 100644 --- a/config/operator/webhook/kustomizeconfig.yaml +++ b/config/operator/webhook/kustomizeconfig.yaml @@ -8,8 +8,8 @@ nameReference: group: admissionregistration.k8s.io path: webhooks/clientConfig/service/name - kind: MutatingWebhookConfiguration - group: admissionregistration.k8s.io - path: webhooks/clientConfig/service/name + group: admissionregistration.k8s.io + path: webhooks/clientConfig/service/name namespace: - kind: ValidatingWebhookConfiguration diff --git a/pkg/api/v1alpha1/cluster_webhook.go b/pkg/api/v1alpha1/cluster_webhook.go index 8c9bb54ce6..10bf4fad3d 100644 --- a/pkg/api/v1alpha1/cluster_webhook.go +++ b/pkg/api/v1alpha1/cluster_webhook.go @@ -33,14 +33,11 @@ func (r *ScyllaCluster) SetupWebhookWithManager(mgr ctrl.Manager) error { Complete() } -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -// +// +kubebuilder:webhook:verbs=create;update,path=/mutate-scylla-scylladb-com-v1alpha1-scyllacluster,mutating=true,failurePolicy=fail,groups=scylla.scylladb.com,resources=scyllaclusters,versions=v1alpha1,name=webhook.scylla.scylladb.com +// +kubebuilder:webhook:verbs=create;update,path=/validate-scylla-scylladb-com-v1alpha1-scyllacluster,mutating=false,failurePolicy=fail,groups=scylla.scylladb.com,resources=scyllaclusters,versions=v1alpha1,name=webhook.scylla.scylladb.com -// +kubebuilder:webhook:path=/validate-scylla-scylladb-com-v1alpha1-cluster,failurePolicy=fail,groups=scylla.scylladb.com,resources=clusters,verbs=create;update,versions=v1alpha1,name=webhook.scylla.scylladb.com,mutating=false -var _ webhook.Validator = &ScyllaCluster{} - -// +kubebuilder:webhook:path=/mutate-scylla-scylladb-com-v1alpha1-cluster,failurePolicy=fail,groups=scylla.scylladb.com,resources=clusters,verbs=create;update,versions=v1alpha1,name=webhook.scylla.scylladb.com,mutating=true var _ webhook.Defaulter = &ScyllaCluster{} +var _ webhook.Validator = &ScyllaCluster{} func (c *ScyllaCluster) Default() { for i, repairTask := range c.Spec.Repairs { diff --git a/pkg/controllers/cluster/cluster_controller.go b/pkg/controllers/cluster/cluster_controller.go index 0780eadd07..87355d172e 100644 --- a/pkg/controllers/cluster/cluster_controller.go +++ b/pkg/controllers/cluster/cluster_controller.go @@ -83,13 +83,14 @@ func New(ctx context.Context, mgr ctrl.Manager, logger log.Logger) (*ClusterReco }, nil } -// +kubebuilder:rbac:groups=,resources=pods,verbs=get;list;watch;delete -// +kubebuilder:rbac:groups=,resources=services,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=,resources=persistentvolumeclaims,verbs=get;list;watch;delete -// +kubebuilder:rbac:groups=,resources=events,verbs=create;update;patch +// +kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch;delete +// +kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups="",resources=persistentvolumeclaims,verbs=get;list;watch;delete +// +kubebuilder:rbac:groups="",resources=events,verbs=create;update;patch // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=scylla.scylla.scylladb.com,resources=clusters,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=scylla.scylla.scylladb.com,resources=clusters/status,verbs=update;get;patch +// +kubebuilder:rbac:groups=scylla.scylladb.com,resources=scyllaclusters,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=scylla.scylladb.com,resources=scyllaclusters/status,verbs=update;get;patch + func (cc *ClusterReconciler) Reconcile(request ctrl.Request) (ctrl.Result, error) { ctx := log.WithNewTraceID(context.Background()) cc.Logger.Debug(ctx, "Reconcile request", "request", request.String())