Skip to content

Commit

Permalink
Investigate strict checks (gardener#955)
Browse files Browse the repository at this point in the history 
* logging for webhook errors (run-int-tests)
  • Loading branch information
@achimweigel
achimweigel authored Jan 24, 2024
1 parent 7fbb243 commit e2e40a0
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 7 deletions.
3 changes: 2 additions & 1 deletion cmd/landscaper-agent/app/options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ import (
"errors"
goflag "flag"
"fmt"
"k8s.io/utils/pointer"
"os"
"time"

"k8s.io/utils/pointer"

flag "github.com/spf13/pflag"
"k8s.io/apimachinery/pkg/runtime/serializer"
"k8s.io/client-go/tools/clientcmd"
Expand Down
3 changes: 2 additions & 1 deletion cmd/landscaper-controller/app/app.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,11 @@ package app
import (
"context"
"fmt"
"k8s.io/utils/pointer"
"os"
"time"

"k8s.io/utils/pointer"

"github.com/mandelsoft/vfs/pkg/osfs"
"github.com/spf13/cobra"
"golang.org/x/sync/errgroup"
Expand Down
3 changes: 2 additions & 1 deletion pkg/deployer/lib/cmd/default.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,11 @@ import (
"errors"
goflag "flag"
"fmt"
"k8s.io/utils/pointer"
"os"
"time"

"k8s.io/utils/pointer"

flag "github.com/spf13/pflag"
"golang.org/x/sync/errgroup"
v1 "k8s.io/api/core/v1"
Expand Down
26 changes: 22 additions & 4 deletions pkg/utils/webhook/webhook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,17 @@ import (
// INSTALLATION

var InstallationWebhookLogic webhooklib.WebhookLogic = func(ctx context.Context, req admission.Request, dec runtime.Decoder) admission.Response {
logger, _ := logging.FromContextOrNew(ctx, []interface{}{lc.KeyMethod, "InstallationWebhookLogic"})
inst := &lscore.Installation{}
if _, _, err := dec.Decode(req.Object.Raw, nil, inst); err != nil {
logger.Debug("Decoding failed: " + err.Error())
return admission.Errored(http.StatusBadRequest, err)
}

if errs := validation.ValidateInstallation(inst); len(errs) > 0 {
return admission.Denied(errs.ToAggregate().Error())
aggErr := errs.ToAggregate().Error()
logger.Debug("Validation failed: " + aggErr)
return admission.Denied(aggErr)
}

return admission.Allowed("Installation is valid")
Expand All @@ -44,17 +48,21 @@ var DeployItemWebhookLogic webhooklib.WebhookLogic = func(ctx context.Context, r

di := &lscore.DeployItem{}
if _, _, err := dec.Decode(req.Object.Raw, nil, di); err != nil {
logger.Debug("Decoding failed: " + err.Error())
return admission.Errored(http.StatusBadRequest, err)
}

if errs := validation.ValidateDeployItem(di); len(errs) > 0 {
return admission.Denied(errs.ToAggregate().Error())
aggErr := errs.ToAggregate().Error()
logger.Debug("Validation failed: " + aggErr)
return admission.Denied(aggErr)
}

// check if the type was updated for update events
if req.Operation == admissionv1.Update {
oldDi := &lscore.DeployItem{}
if _, _, err := dec.Decode(req.OldObject.Raw, nil, oldDi); err != nil {
logger.Debug("Decoding old failed: " + err.Error())
return admission.Errored(http.StatusBadRequest, err)
}
if oldDi.Spec.Type != di.Spec.Type {
Expand All @@ -69,13 +77,18 @@ var DeployItemWebhookLogic webhooklib.WebhookLogic = func(ctx context.Context, r
// EXECUTION

var ExecutionWebhookLogic webhooklib.WebhookLogic = func(ctx context.Context, req admission.Request, dec runtime.Decoder) admission.Response {
logger, _ := logging.FromContextOrNew(ctx, []interface{}{lc.KeyMethod, "ExecutionWebhookLogic"})

exec := &lscore.Execution{}
if _, _, err := dec.Decode(req.Object.Raw, nil, exec); err != nil {
logger.Debug("Decoding failed: " + err.Error())
return admission.Errored(http.StatusBadRequest, err)
}

if errs := validation.ValidateExecution(exec); len(errs) > 0 {
return admission.Denied(errs.ToAggregate().Error())
aggErr := errs.ToAggregate().Error()
logger.Debug("Validation failed: " + aggErr)
return admission.Denied(aggErr)
}

return admission.Allowed("Execution is valid")
Expand All @@ -84,13 +97,18 @@ var ExecutionWebhookLogic webhooklib.WebhookLogic = func(ctx context.Context, re
// TARGET

var TargetWebhookLogic webhooklib.WebhookLogic = func(ctx context.Context, req admission.Request, dec runtime.Decoder) admission.Response {
logger, _ := logging.FromContextOrNew(ctx, []interface{}{lc.KeyMethod, "ExecutionWebhookLogic"})

t := &lscore.Target{}
if _, _, err := dec.Decode(req.Object.Raw, nil, t); err != nil {
logger.Debug("Decoding failed: " + err.Error())
return admission.Errored(http.StatusBadRequest, err)
}

if errs := validation.ValidateTarget(t); len(errs) > 0 {
return admission.Denied(errs.ToAggregate().Error())
aggErr := errs.ToAggregate().Error()
logger.Debug("Validation failed: " + aggErr)
return admission.Denied(aggErr)
}

return admission.Allowed("Target is valid")
Expand Down

0 comments on commit e2e40a0

Please sign in to comment.