Skip to content

Commit

Permalink
enhancement(CollaSet): add validation and defaulting for CollaSet
Browse files Browse the repository at this point in the history
  • Loading branch information
wu8685 committed Aug 28, 2023
1 parent 571abdc commit 757d300
Show file tree
Hide file tree
Showing 9 changed files with 1,130 additions and 12 deletions.
62 changes: 52 additions & 10 deletions config/webhook/webhook.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ kind: MutatingWebhookConfiguration
metadata:
name: controller-manager-mutating
webhooks:
- name: mutating-generic.apps.kusionstack.io
- name: mutating-pod.apps.kusionstack.io
sideEffects: NoneOnDryRun
admissionReviewVersions: ["v1", "v1beta1"]
clientConfig:
Expand All @@ -27,18 +27,39 @@ webhooks:
scope: '*'
objectSelector:
matchExpressions:
- key: podopslifecycle.kusionstack.io/control
operator: In
values:
- 'true'
- key: podopslifecycle.kusionstack.io/control
operator: In
values:
- 'true'
- name: mutating-generic.apps.kusionstack.io
sideEffects: NoneOnDryRun
admissionReviewVersions: ["v1", "v1beta1"]
clientConfig:
service:
namespace: kusionstack-system
name: controller-manager
path: /mutating-generic
failurePolicy: Fail
rules:
- apiGroups:
- "apps.kusionstack.io"
apiVersions:
- "*"
operations:
- CREATE
- UPDATE
- DELETE
resources:
- "*/*"
scope: '*'
---

apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: controller-manager-validating
webhooks:
- name: validating-generic.apps.kusionstack.io
- name: validating-pod.apps.kusionstack.io
sideEffects: NoneOnDryRun
admissionReviewVersions: ["v1", "v1beta1"]
clientConfig:
Expand All @@ -60,7 +81,28 @@ webhooks:
scope: '*'
objectSelector:
matchExpressions:
- key: podopslifecycle.kusionstack.io/control
operator: In
values:
- 'true'
- key: podopslifecycle.kusionstack.io/control
operator: In
values:
- 'true'
- name: validating-generic.apps.kusionstack.io
sideEffects: NoneOnDryRun
admissionReviewVersions: ["v1", "v1beta1"]
clientConfig:
service:
namespace: kusionstack-system
name: controller-manager
path: /validating-generic
failurePolicy: Fail
rules:
- apiGroups:
- "apps.kusionstack.io"
apiVersions:
- "*"
operations:
- CREATE
- UPDATE
- DELETE
resources:
- "*/*"
scope: '*'
26 changes: 25 additions & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,9 @@ require (
k8s.io/apimachinery v0.22.6
k8s.io/client-go v0.22.6
k8s.io/component-base v0.22.6
k8s.io/component-helpers v0.0.0-00010101000000-000000000000
k8s.io/component-helpers v0.22.6
k8s.io/klog/v2 v2.80.1
k8s.io/kubernetes v0.0.0-00010101000000-000000000000
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
sigs.k8s.io/controller-runtime v0.10.3
)
Expand All @@ -46,6 +47,7 @@ require (
github.com/beorn7/perks v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/clbanning/mxj/v2 v2.5.5 // indirect
github.com/cyphar/filepath-securejoin v0.2.2 // indirect
github.com/evanphx/json-patch v4.11.0+incompatible // indirect
github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect
github.com/fsnotify/fsnotify v1.4.9 // indirect
Expand All @@ -63,6 +65,7 @@ require (
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/runc v1.0.2 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.3.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
Expand All @@ -86,6 +89,7 @@ require (
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/apiextensions-apiserver v0.22.2 // indirect
k8s.io/apiserver v0.22.6 // indirect
k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
sigs.k8s.io/yaml v1.2.0 // indirect
Expand All @@ -98,9 +102,29 @@ replace (
k8s.io/api => k8s.io/api v0.22.6
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.22.6
k8s.io/apimachinery => k8s.io/apimachinery v0.22.6
k8s.io/apiserver => k8s.io/apiserver v0.22.6
k8s.io/cli-runtime => k8s.io/cli-runtime v0.22.6
k8s.io/client-go => k8s.io/client-go v0.22.6
k8s.io/cloud-provider => k8s.io/cloud-provider v0.22.6
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.22.6
k8s.io/code-generator => k8s.io/code-generator v0.22.6
k8s.io/component-base => k8s.io/component-base v0.22.6
k8s.io/component-helpers => k8s.io/component-helpers v0.22.6
k8s.io/controller-manager => k8s.io/controller-manager v0.22.6
k8s.io/cri-api => k8s.io/cri-api v0.22.6
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.22.6
k8s.io/klog/v2 => k8s.io/klog/v2 v2.9.0
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.22.6
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.22.6
k8s.io/kube-proxy => k8s.io/kube-proxy v0.22.6
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.22.6
k8s.io/kubectl => k8s.io/kubectl v0.22.6
k8s.io/kubelet => k8s.io/kubelet v0.22.6
k8s.io/kubernetes => k8s.io/kubernetes v1.22.6
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.22.6
k8s.io/metrics => k8s.io/metrics v0.22.6
k8s.io/mount-utils => k8s.io/mount-utils v0.22.6
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.22.6
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.22.6
sigs.k8s.io/controller-runtime => sigs.k8s.io/controller-runtime v0.10.3
)
Loading

0 comments on commit 757d300

Please sign in to comment.