-
Notifications
You must be signed in to change notification settings - Fork 0
/
objectbuckets.go
73 lines (57 loc) · 2.58 KB
/
objectbuckets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
package webhooks
import (
"context"
"fmt"
"github.com/go-logr/logr"
appcatv1 "github.com/vshn/appcat/v4/apis/v1"
"k8s.io/apimachinery/pkg/runtime"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/webhook"
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
)
//+kubebuilder:webhook:verbs=delete,path=/validate-appcat-vshn-io-v1-xobjectbucket,mutating=false,failurePolicy=fail,groups=appcat.vshn.io,resources=xobjectbuckets,versions=v1,name=xobjectbuckets.vshn.appcat.vshn.io,sideEffects=None,admissionReviewVersions=v1
var _ webhook.CustomValidator = &ObjectbucketDeletionProtectionHandler{}
// ObjectbucketDeletionProtectionHandler
type ObjectbucketDeletionProtectionHandler struct {
client client.Client
log logr.Logger
}
// SetupObjectbucketCDeletionProtectionHandlerWithManager registers the validation webhook with the manager.
func SetupObjectbucketCDeletionProtectionHandlerWithManager(mgr ctrl.Manager) error {
return ctrl.NewWebhookManagedBy(mgr).
For(&appcatv1.XObjectBucket{}).
WithValidator(&ObjectbucketDeletionProtectionHandler{
client: mgr.GetClient(),
log: mgr.GetLogger().WithName("webhook").WithName("objectbucket"),
}).
Complete()
}
// ValidateCreate implements webhook.CustomValidator so a webhook will be registered for the type
func (p *ObjectbucketDeletionProtectionHandler) ValidateCreate(_ context.Context, _ runtime.Object) (admission.Warnings, error) {
// NOOP for now
return nil, nil
}
// ValidateUpdate implements webhook.CustomValidator so a webhook will be registered for the type
func (p *ObjectbucketDeletionProtectionHandler) ValidateUpdate(_ context.Context, _, _ runtime.Object) (admission.Warnings, error) {
// NOOP for now
return nil, nil
}
// ValidateDelete implements webhook.CustomValidator so a webhook will be registered for the type
func (p *ObjectbucketDeletionProtectionHandler) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
bucket, ok := obj.(client.Object)
if !ok {
return nil, fmt.Errorf("object is not valid")
}
l := p.log.WithValues("object", bucket.GetName(), "namespace", bucket.GetNamespace(), "GVK", bucket.GetObjectKind().GroupVersionKind().String())
compInfo, err := checkManagedObject(ctx, bucket, p.client, l)
if err != nil {
return nil, err
}
if compInfo.Exists {
l.Info("Blocking deletion of XObjectBucket", "parent", compInfo.Name)
return nil, fmt.Errorf(protectedMessage, "XObjectBucket", compInfo.Name)
}
l.Info("Allowing deletion of XObjectBucket", "parent", compInfo.Name)
return nil, nil
}