chore: use an argument for webhook being enabled

controller/controlplane/controller.go

@@ -482,7 +482,7 @@ func (r *Reconciler) ensureWebhookResources(
 	}
 
 	log.Trace(logger, "ensuring admission webhook service", cp)
-	res, admissionWebhookService, err := r.ensureAdmissionWebhookService(ctx, logger, r.Client, cp)
+	res, admissionWebhookService, err := r.ensureAdmissionWebhookService(ctx, r.Client, cp, webhookEnabled)
 	if err != nil {
 		return "", res, fmt.Errorf("failed to ensure admission webhook service: %w", err)
 	}
@@ -496,7 +496,7 @@ func (r *Reconciler) ensureWebhookResources(
 	}
 
 	log.Trace(logger, "ensuring admission webhook certificate", cp)
-	res, admissionWebhookCertificateSecret, err := r.ensureAdmissionWebhookCertificateSecret(ctx, logger, cp, admissionWebhookService)
+	res, admissionWebhookCertificateSecret, err := r.ensureAdmissionWebhookCertificateSecret(ctx, cp, admissionWebhookService, webhookEnabled)
 	if err != nil {
 		return "", res, err
 	}
@@ -510,7 +510,7 @@ func (r *Reconciler) ensureWebhookResources(
 	}
 
 	log.Trace(logger, "ensuring admission webhook configuration", cp)
-	res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, admissionWebhookCertificateSecret, admissionWebhookService)
+	res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, admissionWebhookCertificateSecret, admissionWebhookService, webhookEnabled)
 	if err != nil {
 		return "", res, err
 	}

controller/controlplane/controller_reconciler_utils.go

@@ -452,9 +452,9 @@ func (r *Reconciler) ensureAdminMTLSCertificateSecret(
 // ControlPlane's admission webhook.
 func (r *Reconciler) ensureAdmissionWebhookCertificateSecret(
 	ctx context.Context,
-	logger logr.Logger,
 	cp *operatorv1beta1.ControlPlane,
 	admissionWebhookService *corev1.Service,
+	webhookEnabled bool,
 ) (
 	op.Result,
 	*corev1.Secret,
@@ -468,7 +468,7 @@ func (r *Reconciler) ensureAdmissionWebhookCertificateSecret(
 	matchingLabels := client.MatchingLabels{
 		consts.SecretUsedByServiceLabel: consts.ControlPlaneServiceKindWebhook,
 	}
-	if !isAdmissionWebhookEnabled(ctx, r.Client, logger, cp) {
+	if !webhookEnabled {
 		labels := k8sresources.GetManagedLabelForOwner(cp)
 		labels[consts.SecretUsedByServiceLabel] = consts.ControlPlaneServiceKindWebhook
 		secrets, err := k8sutils.ListSecretsForOwner(ctx, r.Client, cp.GetUID(), matchingLabels)
@@ -594,9 +594,9 @@ func (r *Reconciler) ensureOwnedValidatingWebhookConfigurationDeleted(ctx contex
 
 func (r *Reconciler) ensureAdmissionWebhookService(
 	ctx context.Context,
-	logger logr.Logger,
 	cl client.Client,
 	controlPlane *operatorv1beta1.ControlPlane,
+	webhookEnabled bool,
 ) (op.Result, *corev1.Service, error) {
 	matchingLabels := k8sresources.GetManagedLabelForOwner(controlPlane)
 	matchingLabels[consts.ControlPlaneServiceLabel] = consts.ControlPlaneServiceKindWebhook
@@ -612,7 +612,7 @@ func (r *Reconciler) ensureAdmissionWebhookService(
 		return op.Noop, nil, fmt.Errorf("failed listing admission webhook Services for ControlPlane %s/%s: %w", controlPlane.Namespace, controlPlane.Name, err)
 	}
 
-	if !isAdmissionWebhookEnabled(ctx, cl, logger, controlPlane) {
+	if !webhookEnabled {
 		for _, svc := range services {
 			svc := svc
 			if err := cl.Delete(ctx, &svc); err != nil && !k8serrors.IsNotFound(err) {
@@ -673,6 +673,7 @@ func (r *Reconciler) ensureValidatingWebhookConfiguration(
 	cp *operatorv1beta1.ControlPlane,
 	certSecret *corev1.Secret,
 	webhookService *corev1.Service,
+	webhookEnabled bool,
 ) (op.Result, error) {
 	logger := log.GetLogger(ctx, "controlplane.ensureValidatingWebhookConfiguration", r.DevelopmentMode)
 
@@ -696,7 +697,7 @@ func (r *Reconciler) ensureValidatingWebhookConfiguration(
 		return op.Noop, errors.New("number of validatingWebhookConfigurations reduced")
 	}
 
-	if !isAdmissionWebhookEnabled(ctx, r.Client, logger, cp) {
+	if !webhookEnabled {
 		for _, webhookConfiguration := range validatingWebhookConfigurations {
 			if err := r.Client.Delete(ctx, &webhookConfiguration); err != nil && !k8serrors.IsNotFound(err) {
 				return op.Noop, fmt.Errorf("failed deleting ControlPlane admission webhook ValidatingWebhookConfiguration %s: %w", webhookConfiguration.Name, err)

controller/controlplane/controller_reconciler_utils_test.go

@@ -83,14 +83,14 @@ func Test_ensureValidatingWebhookConfiguration(t *testing.T) {
 					},
 				}
 
-				res, err := r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc)
+				res, err := r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc, true)
 				require.NoError(t, err)
 				require.Equal(t, op.Created, res)
 
 				require.NoError(t, r.Client.List(ctx, &webhooks))
 				require.Len(t, webhooks.Items, 1)
 
-				res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc)
+				res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc, true)
 				require.NoError(t, err)
 				require.Equal(t, op.Noop, res)
 			},
@@ -146,14 +146,14 @@ func Test_ensureValidatingWebhookConfiguration(t *testing.T) {
 					},
 				}
 
-				res, err := r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc)
+				res, err := r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc, true)
 				require.NoError(t, err)
 				require.Equal(t, res, op.Created)
 
 				require.NoError(t, r.Client.List(ctx, &webhooks))
 				require.Len(t, webhooks.Items, 1, "webhook configuration should be created")
 
-				res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc)
+				res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc, true)
 				require.NoError(t, err)
 				require.Equal(t, res, op.Noop)
 
@@ -165,7 +165,7 @@ func Test_ensureValidatingWebhookConfiguration(t *testing.T) {
 				}
 
 				t.Log("running ensureValidatingWebhookConfiguration to enforce ObjectMeta")
-				res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc)
+				res, err = r.ensureValidatingWebhookConfiguration(ctx, cp, certSecret, webhookSvc, true)
 				require.NoError(t, err)
 				require.Equal(t, res, op.Updated)