diff --git a/deploy/helm/virtink/templates/virt-controller/manifests.yaml b/deploy/helm/virtink/templates/virt-controller/manifests.yaml index 78c7a2e..3fb8a37 100644 --- a/deploy/helm/virtink/templates/virt-controller/manifests.yaml +++ b/deploy/helm/virtink/templates/virt-controller/manifests.yaml @@ -1,11 +1,9 @@ ---- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - creationTimestamp: null - name: virt-controller annotations: - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/virt-controller-cert + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/virt-controller-cert' + name: virtink-mutating-webhook-configuration webhooks: - admissionReviewVersions: - v1 @@ -13,7 +11,7 @@ webhooks: clientConfig: service: name: virt-controller - namespace: {{ .Release.Namespace }} + namespace: '{{ .Release.Namespace }}' path: /mutate-v1alpha1-virtualmachine failurePolicy: Fail name: mutate.virtualmachine.v1alpha1.virt.virtink.smartx.com @@ -32,10 +30,9 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - creationTimestamp: null - name: virt-controller annotations: - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/virt-controller-cert + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/virt-controller-cert' + name: virtink-validating-webhook-configuration webhooks: - admissionReviewVersions: - v1 @@ -43,7 +40,7 @@ webhooks: clientConfig: service: name: virt-controller - namespace: {{ .Release.Namespace }} + namespace: '{{ .Release.Namespace }}' path: /validate-v1alpha1-virtualmachine failurePolicy: Fail name: validate.virtualmachine.v1alpha1.virt.virtink.smartx.com @@ -64,7 +61,7 @@ webhooks: clientConfig: service: name: virt-controller - namespace: {{ .Release.Namespace }} + namespace: '{{ .Release.Namespace }}' path: /validate-v1alpha1-virtualmachinemigration failurePolicy: Fail name: validate.virtualmachinemigration.v1alpha1.virt.virtink.smartx.com diff --git a/hack/Dockerfile b/hack/Dockerfile index ad48d91..d612a13 100644 --- a/hack/Dockerfile +++ b/hack/Dockerfile @@ -8,3 +8,4 @@ COPY go.sum go.sum RUN git clone --branch=v0.24.1 --depth=1 https://github.com/kubernetes/code-generator.git $GOPATH/src/k8s.io/code-generator RUN go install sigs.k8s.io/controller-tools/cmd/controller-gen RUN go install github.com/golang/mock/mockgen +RUN go install sigs.k8s.io/kustomize/kustomize/v4@latest diff --git a/hack/generate.sh b/hack/generate.sh index 8b0075d..501c676 100755 --- a/hack/generate.sh +++ b/hack/generate.sh @@ -10,25 +10,15 @@ bash "$GOPATH"/src/k8s.io/code-generator/generate-groups.sh "deepcopy,client,inf --go-header-file ./hack/boilerplate.go.txt dir="deploy/helm/virtink/templates" +webhook_dir="hack/webhook" controller-gen paths=./pkg/apis/... crd output:crd:artifacts:config=deploy/crd controller-gen paths=./cmd/virt-controller/... paths=./pkg/controller/... rbac:roleName=virt-controller \ output:rbac:artifacts:config="$dir"/virt-controller \ - webhook output:webhook:artifacts:config="$dir"/virt-controller + webhook output:webhook:artifacts:config="$webhook_dir" controller-gen paths=./cmd/virt-daemon/... paths=./pkg/daemon/... rbac:roleName=virt-daemon \ output:rbac:artifacts:config="$dir"/virt-daemon -# TODO: should use a more elegant way for editing generated manifests.yaml -replace=" name: virt-controller - annotations: - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/virt-controller-cert" - -# Replace newlines with literal \n, replace \ -> \/ for sed replace below -replace="$(echo "${replace//$'\n'/\\n}" | sed "s/\//\\\\\//g")" - -sed -i "s/ name: mutating-webhook-configuration/$replace/g; - s/ name: validating-webhook-configuration/$replace/g; - s/name: webhook-service/name: virt-controller/g; - s/namespace: system/namespace: {{ .Release.Namespace }}/g" "$dir"/virt-controller/manifests.yaml +kustomize build "$webhook_dir" > "$dir"/virt-controller/manifests.yaml go generate ./... diff --git a/hack/webhook/kustomization.yaml b/hack/webhook/kustomization.yaml new file mode 100644 index 0000000..ddfd9d9 --- /dev/null +++ b/hack/webhook/kustomization.yaml @@ -0,0 +1,19 @@ +resources: + - manifests.yaml + +patchesStrategicMerge: + - manifests-patch.yaml + +patchesJson6902: + - target: + name: mutating-webhook-configuration + patch: |- + - op: replace + path: /metadata/name + value: virtink-mutating-webhook-configuration + - target: + name: validating-webhook-configuration + patch: |- + - op: replace + path: /metadata/name + value: virtink-validating-webhook-configuration diff --git a/hack/webhook/manifests-patch.yaml b/hack/webhook/manifests-patch.yaml new file mode 100644 index 0000000..7513784 --- /dev/null +++ b/hack/webhook/manifests-patch.yaml @@ -0,0 +1,30 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: mutating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/virt-controller-cert" +webhooks: + - name: mutate.virtualmachine.v1alpha1.virt.virtink.smartx.com + clientConfig: + service: + name: virt-controller + namespace: "{{ .Release.Namespace }}" +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: validating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/virt-controller-cert" +webhooks: + - name: validate.virtualmachine.v1alpha1.virt.virtink.smartx.com + clientConfig: + service: + name: virt-controller + namespace: "{{ .Release.Namespace }}" + - name: validate.virtualmachinemigration.v1alpha1.virt.virtink.smartx.com + clientConfig: + service: + name: virt-controller + namespace: "{{ .Release.Namespace }}" diff --git a/hack/webhook/manifests.yaml b/hack/webhook/manifests.yaml new file mode 100644 index 0000000..b320940 --- /dev/null +++ b/hack/webhook/manifests.yaml @@ -0,0 +1,77 @@ +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + creationTimestamp: null + name: mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /mutate-v1alpha1-virtualmachine + failurePolicy: Fail + name: mutate.virtualmachine.v1alpha1.virt.virtink.smartx.com + rules: + - apiGroups: + - virt.virtink.smartx.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - virtualmachines + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + creationTimestamp: null + name: validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-v1alpha1-virtualmachine + failurePolicy: Fail + name: validate.virtualmachine.v1alpha1.virt.virtink.smartx.com + rules: + - apiGroups: + - virt.virtink.smartx.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - virtualmachines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: webhook-service + namespace: system + path: /validate-v1alpha1-virtualmachinemigration + failurePolicy: Fail + name: validate.virtualmachinemigration.v1alpha1.virt.virtink.smartx.com + rules: + - apiGroups: + - virt.virtink.smartx.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - virtualmachinemigrations + sideEffects: None