shardingsphere-operator/pkg/webhook/webhook.go - shardingsphere-on-cloud - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package webhook

 import (
 	"errors"
 	"net/http"
 	"net/url"
 	"strings"

 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/conversion"
 )

 var log = logf.Log.WithName("builder")

 // Do additional hacks for apiService
 const apiPath = "/apis/admission.shardingsphere.apache.org/v1alpha1"

 // WebhookBuilder builds a Webhook.
 type WebhookBuilder struct {
 	apiType       runtime.Object
 	withDefaulter admission.CustomDefaulter
 	withValidator admission.CustomValidator
 	gvk           schema.GroupVersionKind
 	mgr           manager.Manager
 	config        *rest.Config
 }

 // NewWebhookManagedBy allows inform its manager.Manager.
 func NewWebhookManagedBy(m manager.Manager) *WebhookBuilder {
 	return &WebhookBuilder{mgr: m}
 }

 // For takes a runtime.Object which should be a CR.
 // If the given object implements the admission.Defaulter interface, a MutatingWebhook will be wired for this type.
 // If the given object implements the admission.Validator interface, a ValidatingWebhook will be wired for this type.
 func (blder *WebhookBuilder) For(apiType runtime.Object) *WebhookBuilder {
 	blder.apiType = apiType
 	return blder
 }

 // WithDefaulter takes a admission.WithDefaulter interface, a MutatingWebhook will be wired for this type.
 func (blder *WebhookBuilder) WithDefaulter(defaulter admission.CustomDefaulter) *WebhookBuilder {
 	blder.withDefaulter = defaulter
 	return blder
 }

 // WithValidator takes a admission.WithValidator interface, a ValidatingWebhook will be wired for this type.
 func (blder *WebhookBuilder) WithValidator(validator admission.CustomValidator) *WebhookBuilder {
 	blder.withValidator = validator
 	return blder
 }

 // Complete builds the webhook.
 func (blder *WebhookBuilder) Complete() error {
 	// Set the Config
 	blder.loadRestConfig()

 	// Set the Webhook if needed
 	return blder.registerWebhooks()
 }

 func (blder *WebhookBuilder) loadRestConfig() {
 	if blder.config == nil {
 		blder.config = blder.mgr.GetConfig()
 	}
 }

 func (blder *WebhookBuilder) registerWebhooks() error {
 	typ, err := blder.getType()
 	if err != nil {
 		return err
 	}

 	// Create webhook(s) for each type
 	blder.gvk, err = apiutil.GVKForObject(typ, blder.mgr.GetScheme())
 	if err != nil {
 		return err
 	}
 	blder.registerApiservice()
 	blder.registerDefaultingWebhook()
 	blder.registerValidatingWebhook()

 	err = blder.registerConversionWebhook()
 	if err != nil {
 		return err
 	}
 	return nil
 }

 // registerDefaultingWebhook registers a defaulting webhook if th.
 func (blder *WebhookBuilder) registerDefaultingWebhook() {
 	mwh := blder.getDefaultingWebhook()
 	if mwh != nil {
 		path := generateMutatePath(blder.gvk)

 		// Checking if the path is already registered.
 		// If so, just skip it.
 		if !blder.isAlreadyHandled(path) {
 			log.Info("Registering a mutating webhook",
 				"GVK", blder.gvk,
 				"path", path)
 			blder.mgr.GetWebhookServer().Register(path, mwh)
 		}
 	}
 }

 func (blder *WebhookBuilder) getDefaultingWebhook() *admission.Webhook {
 	if defaulter := blder.withDefaulter; defaulter != nil {
 		return admission.WithCustomDefaulter(blder.apiType, defaulter)
 	}
 	if defaulter, ok := blder.apiType.(admission.Defaulter); ok {
 		return admission.DefaultingWebhookFor(defaulter)
 	}
 	log.Info(
 		"skip registering a mutating webhook, object does not implement admission.Defaulter or WithDefaulter wasn't called",
 		"GVK", blder.gvk)
 	return nil
 }

 func (blder *WebhookBuilder) registerValidatingWebhook() {
 	vwh := blder.getValidatingWebhook()
 	if vwh != nil {
 		path := generateValidatePath(blder.gvk)

 		// Checking if the path is already registered.
 		// If so, just skip it.
 		if !blder.isAlreadyHandled(path) {
 			log.Info("Registering a validating webhook",
 				"GVK", blder.gvk,
 				"path", path)
 			blder.mgr.GetWebhookServer().Register(path, vwh)
 		}
 	}
 }

 func (blder *WebhookBuilder) getValidatingWebhook() *admission.Webhook {
 	if validator := blder.withValidator; validator != nil {
 		return admission.WithCustomValidator(blder.apiType, validator)
 	}
 	if validator, ok := blder.apiType.(admission.Validator); ok {
 		return admission.ValidatingWebhookFor(validator)
 	}
 	log.Info(
 		"skip registering a validating webhook, object does not implement admission.Validator or WithValidator wasn't called",
 		"GVK", blder.gvk)
 	return nil
 }

 func (blder *WebhookBuilder) registerConversionWebhook() error {
 	ok, err := conversion.IsConvertible(blder.mgr.GetScheme(), blder.apiType)
 	if err != nil {
 		log.Error(err, "conversion check failed", "GVK", blder.gvk)
 		return err
 	}
 	if ok {
 		if !blder.isAlreadyHandled("/convert") {
 			blder.mgr.GetWebhookServer().Register("/convert", &conversion.Webhook{})
 		}
 		log.Info("Conversion webhook enabled", "GVK", blder.gvk)
 	}

 	return nil
 }

 func (blder *WebhookBuilder) getType() (runtime.Object, error) {
 	if blder.apiType != nil {
 		return blder.apiType, nil
 	}
 	return nil, errors.New("For() must be called with a valid object")
 }

 func (blder *WebhookBuilder) isAlreadyHandled(path string) bool {
 	if blder.mgr.GetWebhookServer().WebhookMux == nil {
 		return false
 	}
 	h, p := blder.mgr.GetWebhookServer().WebhookMux.Handler(&http.Request{URL: &url.URL{Path: path}})
 	if p == path && h != nil {
 		return true
 	}
 	return false
 }

 func (blder *WebhookBuilder) registerApiservice() {
 	blder.mgr.GetWebhookServer().Register(apiPath, getAPIService())
 }

 func getAPIService() http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("Content-Type", "application/json")
 		_, _ = w.Write([]byte("{}"))
 		w.WriteHeader(http.StatusOK)
 	}
 }

 func generateMutatePath(gvk schema.GroupVersionKind) string {
 	return apiPath + "/mutate-" + strings.ReplaceAll(gvk.Group, ".", "-") + "-" +
 		gvk.Version + "-" + strings.ToLower(gvk.Kind)
 }

 func generateValidatePath(gvk schema.GroupVersionKind) string {
 	return apiPath + "/validate-" + strings.ReplaceAll(gvk.Group, ".", "-") + "-" +
 		gvk.Version + "-" + strings.ToLower(gvk.Kind)
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package webhook

	import (
	"errors"
	"net/http"
	"net/url"
	"strings"

	"k8s.io/apimachinery/pkg/runtime"
	"k8s.io/apimachinery/pkg/runtime/schema"
	"k8s.io/client-go/rest"
	"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
	logf "sigs.k8s.io/controller-runtime/pkg/log"
	"sigs.k8s.io/controller-runtime/pkg/manager"
	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
	"sigs.k8s.io/controller-runtime/pkg/webhook/conversion"
	)

	var log = logf.Log.WithName("builder")

	// Do additional hacks for apiService
	const apiPath = "/apis/admission.shardingsphere.apache.org/v1alpha1"

	// WebhookBuilder builds a Webhook.
	type WebhookBuilder struct {
	apiType runtime.Object
	withDefaulter admission.CustomDefaulter
	withValidator admission.CustomValidator
	gvk schema.GroupVersionKind
	mgr manager.Manager
	config *rest.Config
	}

	// NewWebhookManagedBy allows inform its manager.Manager.
	func NewWebhookManagedBy(m manager.Manager) *WebhookBuilder {
	return &WebhookBuilder{mgr: m}
	}

	// For takes a runtime.Object which should be a CR.
	// If the given object implements the admission.Defaulter interface, a MutatingWebhook will be wired for this type.
	// If the given object implements the admission.Validator interface, a ValidatingWebhook will be wired for this type.
	func (blder WebhookBuilder) For(apiType runtime.Object) WebhookBuilder {
	blder.apiType = apiType
	return blder
	}

	// WithDefaulter takes a admission.WithDefaulter interface, a MutatingWebhook will be wired for this type.
	func (blder WebhookBuilder) WithDefaulter(defaulter admission.CustomDefaulter) WebhookBuilder {
	blder.withDefaulter = defaulter
	return blder
	}

	// WithValidator takes a admission.WithValidator interface, a ValidatingWebhook will be wired for this type.
	func (blder WebhookBuilder) WithValidator(validator admission.CustomValidator) WebhookBuilder {
	blder.withValidator = validator
	return blder
	}

	// Complete builds the webhook.
	func (blder *WebhookBuilder) Complete() error {
	// Set the Config
	blder.loadRestConfig()

	// Set the Webhook if needed
	return blder.registerWebhooks()
	}

	func (blder *WebhookBuilder) loadRestConfig() {
	if blder.config == nil {
	blder.config = blder.mgr.GetConfig()
	}
	}

	func (blder *WebhookBuilder) registerWebhooks() error {
	typ, err := blder.getType()
	if err != nil {
	return err
	}

	// Create webhook(s) for each type
	blder.gvk, err = apiutil.GVKForObject(typ, blder.mgr.GetScheme())
	if err != nil {
	return err
	}
	blder.registerApiservice()
	blder.registerDefaultingWebhook()
	blder.registerValidatingWebhook()

	err = blder.registerConversionWebhook()
	if err != nil {
	return err
	}
	return nil
	}

	// registerDefaultingWebhook registers a defaulting webhook if th.
	func (blder *WebhookBuilder) registerDefaultingWebhook() {
	mwh := blder.getDefaultingWebhook()
	if mwh != nil {
	path := generateMutatePath(blder.gvk)

	// Checking if the path is already registered.
	// If so, just skip it.
	if !blder.isAlreadyHandled(path) {
	log.Info("Registering a mutating webhook",
	"GVK", blder.gvk,
	"path", path)
	blder.mgr.GetWebhookServer().Register(path, mwh)
	}
	}
	}

	func (blder WebhookBuilder) getDefaultingWebhook() admission.Webhook {
	if defaulter := blder.withDefaulter; defaulter != nil {
	return admission.WithCustomDefaulter(blder.apiType, defaulter)
	}
	if defaulter, ok := blder.apiType.(admission.Defaulter); ok {
	return admission.DefaultingWebhookFor(defaulter)
	}
	log.Info(
	"skip registering a mutating webhook, object does not implement admission.Defaulter or WithDefaulter wasn't called",
	"GVK", blder.gvk)
	return nil
	}

	func (blder *WebhookBuilder) registerValidatingWebhook() {
	vwh := blder.getValidatingWebhook()
	if vwh != nil {
	path := generateValidatePath(blder.gvk)

	// Checking if the path is already registered.
	// If so, just skip it.
	if !blder.isAlreadyHandled(path) {
	log.Info("Registering a validating webhook",
	"GVK", blder.gvk,
	"path", path)
	blder.mgr.GetWebhookServer().Register(path, vwh)
	}
	}
	}

	func (blder WebhookBuilder) getValidatingWebhook() admission.Webhook {
	if validator := blder.withValidator; validator != nil {
	return admission.WithCustomValidator(blder.apiType, validator)
	}
	if validator, ok := blder.apiType.(admission.Validator); ok {
	return admission.ValidatingWebhookFor(validator)
	}
	log.Info(
	"skip registering a validating webhook, object does not implement admission.Validator or WithValidator wasn't called",
	"GVK", blder.gvk)
	return nil
	}

	func (blder *WebhookBuilder) registerConversionWebhook() error {
	ok, err := conversion.IsConvertible(blder.mgr.GetScheme(), blder.apiType)
	if err != nil {
	log.Error(err, "conversion check failed", "GVK", blder.gvk)
	return err
	}
	if ok {
	if !blder.isAlreadyHandled("/convert") {
	blder.mgr.GetWebhookServer().Register("/convert", &conversion.Webhook{})
	}
	log.Info("Conversion webhook enabled", "GVK", blder.gvk)
	}

	return nil
	}

	func (blder *WebhookBuilder) getType() (runtime.Object, error) {
	if blder.apiType != nil {
	return blder.apiType, nil
	}
	return nil, errors.New("For() must be called with a valid object")
	}

	func (blder *WebhookBuilder) isAlreadyHandled(path string) bool {
	if blder.mgr.GetWebhookServer().WebhookMux == nil {
	return false
	}
	h, p := blder.mgr.GetWebhookServer().WebhookMux.Handler(&http.Request{URL: &url.URL{Path: path}})
	if p == path && h != nil {
	return true
	}
	return false
	}

	func (blder *WebhookBuilder) registerApiservice() {
	blder.mgr.GetWebhookServer().Register(apiPath, getAPIService())
	}

	func getAPIService() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
	w.Header().Set("Content-Type", "application/json")
	_, _ = w.Write([]byte("{}"))
	w.WriteHeader(http.StatusOK)
	}
	}

	func generateMutatePath(gvk schema.GroupVersionKind) string {
	return apiPath + "/mutate-" + strings.ReplaceAll(gvk.Group, ".", "-") + "-" +
	gvk.Version + "-" + strings.ToLower(gvk.Kind)
	}

	func generateValidatePath(gvk schema.GroupVersionKind) string {
	return apiPath + "/validate-" + strings.ReplaceAll(gvk.Group, ".", "-") + "-" +
	gvk.Version + "-" + strings.ToLower(gvk.Kind)
	}