forked from kubernetes-sigs/aws-load-balancer-controller
/
mutating_handler.go
87 lines (78 loc) · 2.71 KB
/
mutating_handler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package webhook
import (
"context"
"encoding/json"
admissionv1 "k8s.io/api/admission/v1"
"net/http"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
)
var mutatingHandlerLog = ctrl.Log.WithName("mutating_handler")
var _ admission.DecoderInjector = &mutatingHandler{}
var _ admission.Handler = &mutatingHandler{}
type mutatingHandler struct {
mutator Mutator
decoder *admission.Decoder
}
// InjectDecoder injects the decoder into a mutatingHandler.
func (h *mutatingHandler) InjectDecoder(d *admission.Decoder) error {
h.decoder = d
return nil
}
// Handle handles admission requests.
func (h *mutatingHandler) Handle(ctx context.Context, req admission.Request) admission.Response {
mutatingHandlerLog.V(1).Info("mutating webhook request", "request", req)
var resp admission.Response
switch req.Operation {
case admissionv1.Create:
resp = h.handleCreate(ctx, req)
case admissionv1.Update:
resp = h.handleUpdate(ctx, req)
default:
resp = admission.Allowed("")
}
mutatingHandlerLog.V(1).Info("mutating webhook response", "response", resp)
return resp
}
func (h *mutatingHandler) handleCreate(ctx context.Context, req admission.Request) admission.Response {
prototype, err := h.mutator.Prototype(req)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
obj := prototype.DeepCopyObject()
if err := h.decoder.DecodeRaw(req.Object, obj); err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
mutatedObj, err := h.mutator.MutateCreate(ContextWithAdmissionRequest(ctx, req), obj)
if err != nil {
return admission.Denied(err.Error())
}
mutatedObjPayload, err := json.Marshal(mutatedObj)
if err != nil {
return admission.Errored(http.StatusInternalServerError, err)
}
return admission.PatchResponseFromRaw(req.Object.Raw, mutatedObjPayload)
}
func (h *mutatingHandler) handleUpdate(ctx context.Context, req admission.Request) admission.Response {
prototype, err := h.mutator.Prototype(req)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
obj := prototype.DeepCopyObject()
oldObj := prototype.DeepCopyObject()
if err := h.decoder.DecodeRaw(req.Object, obj); err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
if err := h.decoder.DecodeRaw(req.OldObject, oldObj); err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
mutatedObj, err := h.mutator.MutateUpdate(ContextWithAdmissionRequest(ctx, req), obj, oldObj)
if err != nil {
return admission.Denied(err.Error())
}
mutatedObjPayload, err := json.Marshal(mutatedObj)
if err != nil {
return admission.Errored(http.StatusInternalServerError, err)
}
return admission.PatchResponseFromRaw(req.Object.Raw, mutatedObjPayload)
}