Skip to content

Commit

Permalink
Support deletion of ValidatingWebhookConfiguration
Browse files Browse the repository at this point in the history
  • Loading branch information
mpatlasov committed Jul 9, 2024
1 parent b941412 commit 8bdcc1d
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 0 deletions.
12 changes: 12 additions & 0 deletions pkg/operator/resource/resourceapply/admissionregistration.go
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,18 @@ func ApplyValidatingWebhookConfigurationImproved(ctx context.Context, client adm
return actual, true, nil
}

func DeleteValidatingWebhookConfiguration(ctx context.Context, client admissionregistrationclientv1.ValidatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionregistrationv1.ValidatingWebhookConfiguration) (*admissionregistrationv1.ValidatingWebhookConfiguration, bool, error) {
err := client.ValidatingWebhookConfigurations().Delete(ctx, required.Name, metav1.DeleteOptions{})
if err != nil && apierrors.IsNotFound(err) {
return nil, false, nil
}
if err != nil {
return nil, false, err
}
reportDeleteEvent(recorder, required, err)
return nil, true, nil
}

// copyValidatingWebhookCABundle populates webhooks[].clientConfig.caBundle fields from existing resource if it was set before
// and is not set in present. This provides upgrade compatibility with service-ca-bundle operator.
func copyValidatingWebhookCABundle(from, to *admissionregistrationv1.ValidatingWebhookConfiguration) {
Expand Down
64 changes: 64 additions & 0 deletions pkg/operator/resource/resourceapply/admissionregistration_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -382,6 +382,70 @@ func TestApplyValidatingConfiguration(t *testing.T) {
}
}

func TestDeleteValidatingConfiguration(t *testing.T) {
defaultHook := &admissionregistrationv1.ValidatingWebhookConfiguration{}
defaultHook.SetName("test")
deleteEvent := "ValidatingWebhookConfigurationDeleted"

tests := []struct {
name string
expectModified bool
existing func() *admissionregistrationv1.ValidatingWebhookConfiguration
input func() *admissionregistrationv1.ValidatingWebhookConfiguration
expectedEvents []string
}{
{
name: "Should delete webhook if it exists",
expectModified: true,
input: func() *admissionregistrationv1.ValidatingWebhookConfiguration {
hook := defaultHook.DeepCopy()
return hook
},
existing: func() *admissionregistrationv1.ValidatingWebhookConfiguration {
hook := defaultHook.DeepCopy()
return hook
},
expectedEvents: []string{deleteEvent},
},
{
name: "Should do nothing if webhook does not exist",
expectModified: false,
input: func() *admissionregistrationv1.ValidatingWebhookConfiguration {
hook := defaultHook.DeepCopy()
return hook
},
expectedEvents: []string{},
},
}

for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
existingHooks := []runtime.Object{}
if test.existing != nil {
existingHooks = append(existingHooks, test.existing())
}
client := fake.NewSimpleClientset(existingHooks...)
recorder := events.NewInMemoryRecorder("test")

testApply := func(expectModify bool) {
updatedHook, modified, err := DeleteValidatingWebhookConfiguration(
context.TODO(),
client.AdmissionregistrationV1(),
recorder, test.input())
if err != nil {
t.Fatal(err)
}
if expectModify != modified {
t.Errorf("expected modified to be equal %v, got %v: %#v", expectModify, modified, updatedHook)
}
}

testApply(test.expectModified)
assertEvents(t, test.name, test.expectedEvents, recorder.Events())
})
}
}

func TestApplyValidatingAdmissionPolicyConfiguration(t *testing.T) {
defaultPolicy := &admissionregistrationv1beta1.ValidatingAdmissionPolicy{}
defaultPolicy.SetName("test")
Expand Down
6 changes: 6 additions & 0 deletions pkg/operator/resource/resourceapply/generic.go
Original file line number Diff line number Diff line change
Expand Up @@ -335,6 +335,12 @@ func DeleteAll(ctx context.Context, clients *ClientHolder, recorder events.Recor
} else {
_, result.Changed, result.Error = DeleteStorageClass(ctx, clients.kubeClient.StorageV1(), recorder, t)
}
case *admissionregistrationv1.ValidatingWebhookConfiguration:
if clients.kubeClient == nil {
result.Error = fmt.Errorf("missing kubeClient")
} else {
_, result.Changed, result.Error = DeleteValidatingWebhookConfiguration(ctx, clients.kubeClient.AdmissionregistrationV1(), recorder, t)
}
case *storagev1.CSIDriver:
if clients.kubeClient == nil {
result.Error = fmt.Errorf("missing kubeClient")
Expand Down

0 comments on commit 8bdcc1d

Please sign in to comment.