Skip to content

Commit

Permalink
improve error message send as part of kubernetes admission response
Browse files Browse the repository at this point in the history
  • Loading branch information
Yusuf Kanchwala committed Mar 30, 2021
1 parent 5045296 commit 6a7b26c
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions pkg/k8s/admission-webhook/validating-webhook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -268,6 +268,8 @@ func (w ValidatingWebhook) createResponseAdmissionReview(
output runtime.Output,
logPath string) *admissionv1.AdmissionReview {

errMsg := fmt.Sprintf("For more details please visit %q", logPath)

// create an admission review request to be sent as response
responseAdmissionReview := &admissionv1.AdmissionReview{}
responseAdmissionReview.SetGroupVersionKind(requestedAdmissionReview.GroupVersionKind())
Expand All @@ -283,11 +285,11 @@ func (w ValidatingWebhook) createResponseAdmissionReview(
if allowed {
if len(output.Violations.ViolationStore.Violations) > 0 {
// In case there are no denial violations, just return the log URL as a warning
responseAdmissionReview.Response.Warnings = []string{logPath}
responseAdmissionReview.Response.Warnings = []string{errMsg}
}
} else {
// In case the request was denied, return 403 and the log URL as an error message
responseAdmissionReview.Response.Result = &metav1.Status{Message: logPath, Code: 403}
responseAdmissionReview.Response.Result = &metav1.Status{Message: errMsg, Code: 403}
}
}

Expand Down

0 comments on commit 6a7b26c

Please sign in to comment.