Merge pull request #328 from mengqiy/simplifywhif

⚠️ Simplify the webhook interface

Author: k8s-ci-robot

Gopkg.lock

@@ -51,7 +51,7 @@ func (a *podAnnotator) Handle(ctx context.Context, req admission.Request) admiss
 		return admission.Errored(http.StatusInternalServerError, err)
 	}
 
-	return admission.PatchResponseFromRaw(req.AdmissionRequest.Object.Raw, marshaledPod)
+	return admission.PatchResponseFromRaw(req.Object.Raw, marshaledPod)
 }
 
 // podAnnotator implements inject.Client.
@@ -63,7 +63,7 @@ func (a *podAnnotator) InjectClient(c client.Client) error {
 	return nil
 }
 
-// podAnnotator implements inject.Decoder.
+// podAnnotator implements admission.DecoderInjector.
 // A decoder will be automatically injected.
 
 // InjectDecoder injects the decoder.

example/controller.go renamed to examples/builtins/controller.go

@@ -62,7 +62,7 @@ func (v *podValidator) InjectClient(c client.Client) error {
 	return nil
 }
 
-// podValidator implements inject.Decoder.
+// podValidator implements admission.DecoderInjector.
 // A decoder will be automatically injected.
 
 // InjectDecoder injects the decoder.

example/main.go renamed to examples/builtins/main.go

@@ -0,0 +1,139 @@
+/*
+Copyright 2019 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"context"
+	"math/rand"
+	"os"
+	"time"
+
+	corev1 "k8s.io/api/core/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
+	ctrl "sigs.k8s.io/controller-runtime"
+	api "sigs.k8s.io/controller-runtime/examples/crd/pkg"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log/zap"
+)
+
+var (
+	setupLog = ctrl.Log.WithName("setup")
+	recLog   = ctrl.Log.WithName("reconciler")
+)
+
+type reconciler struct {
+	client.Client
+	scheme *runtime.Scheme
+}
+
+func (r *reconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
+	log := recLog.WithValues("chaospod", req.NamespacedName)
+	log.V(1).Info("reconciling chaos pod")
+	ctx := context.Background()
+
+	var chaospod api.ChaosPod
+	if err := r.Get(ctx, req.NamespacedName, &chaospod); err != nil {
+		log.Error(err, "unable to get chaosctl")
+		return ctrl.Result{}, err
+	}
+
+	var pod corev1.Pod
+	podFound := true
+	if err := r.Get(ctx, req.NamespacedName, &pod); err != nil {
+		if !apierrors.IsNotFound(err) {
+			log.Error(err, "unable to get pod")
+			return ctrl.Result{}, err
+		}
+		podFound = false
+	}
+
+	if podFound {
+		shouldStop := chaospod.Spec.NextStop.Time.Before(time.Now())
+		if !shouldStop {
+			return ctrl.Result{RequeueAfter: chaospod.Spec.NextStop.Sub(time.Now()) + 1*time.Second}, nil
+		}
+
+		if err := r.Delete(ctx, &pod); err != nil {
+			log.Error(err, "unable to delete pod")
+			return ctrl.Result{}, err
+		}
+
+		return ctrl.Result{Requeue: true}, nil
+	}
+
+	templ := chaospod.Spec.Template.DeepCopy()
+	pod.ObjectMeta = templ.ObjectMeta
+	pod.Name = req.Name
+	pod.Namespace = req.Namespace
+	pod.Spec = templ.Spec
+
+	if err := ctrl.SetControllerReference(&chaospod, &pod, r.scheme); err != nil {
+		log.Error(err, "unable to set pod's owner reference")
+		return ctrl.Result{}, err
+	}
+
+	if err := r.Create(ctx, &pod); err != nil {
+		log.Error(err, "unable to create pod")
+		return ctrl.Result{}, err
+	}
+
+	chaospod.Spec.NextStop.Time = time.Now().Add(time.Duration(10*(rand.Int63n(2)+1)) * time.Second)
+	chaospod.Status.LastRun = pod.CreationTimestamp
+	if err := r.Update(ctx, &chaospod); err != nil {
+		log.Error(err, "unable to update chaosctl status")
+		return ctrl.Result{}, err
+	}
+	return ctrl.Result{}, nil
+}
+
+func main() {
+	ctrl.SetLogger(zap.Logger(true))
+
+	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{})
+	if err != nil {
+		setupLog.Error(err, "unable to start manager")
+		os.Exit(1)
+	}
+
+	// in a real controller, we'd create a new scheme for this
+	err = api.AddToScheme(mgr.GetScheme())
+	if err != nil {
+		setupLog.Error(err, "unable to add scheme")
+		os.Exit(1)
+	}
+
+	err = ctrl.NewControllerManagedBy(mgr).
+		For(&api.ChaosPod{}).
+		Owns(&corev1.Pod{}).
+		Complete(&reconciler{
+			Client: mgr.GetClient(),
+			scheme: mgr.GetScheme(),
+		})
+
+	if err != nil {
+		setupLog.Error(err, "unable to create controller")
+		os.Exit(1)
+	}
+
+	setupLog.Info("starting manager")
+	if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {
+		setupLog.Error(err, "problem running manager")
+		os.Exit(1)
+	}
+}

example/mutatingwebhook.go renamed to examples/builtins/mutatingwebhook.go

@@ -0,0 +1,23 @@
+/*
+Copyright 2018 The Kubernetes authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package pkg
+
+import (
+	logf "sigs.k8s.io/controller-runtime/pkg/runtime/log"
+)
+
+var log = logf.Log.WithName("chaospod-resource")

example/validatingwebhook.go renamed to examples/builtins/validatingwebhook.go

@@ -0,0 +1,119 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package pkg
+
+import (
+	"fmt"
+	"time"
+
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
+)
+
+// ChaosPodSpec defines the desired state of ChaosPod
+type ChaosPodSpec struct {
+	Template corev1.PodTemplateSpec `json:"template"`
+	// +optional
+	NextStop metav1.Time `json:"nextStop,omitempty"`
+}
+
+// ChaosPodStatus defines the observed state of ChaosPod.
+// It should always be reconstructable from the state of the cluster and/or outside world.
+type ChaosPodStatus struct {
+	LastRun metav1.Time `json:"lastRun,omitempty"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ChaosPod is the Schema for the randomjobs API
+// +kubebuilder:printcolumn:name="next stop",type="string",JSONPath=".spec.nextStop",format="date"
+// +kubebuilder:printcolumn:name="last run",type="string",JSONPath=".status.lastRun",format="date"
+// +k8s:openapi-gen=true
+type ChaosPod struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   ChaosPodSpec   `json:"spec,omitempty"`
+	Status ChaosPodStatus `json:"status,omitempty"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ChaosPodList contains a list of ChaosPod
+type ChaosPodList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []ChaosPod `json:"items"`
+}
+
+// ValidateCreate implements webhookutil.validator so a webhook will be registered for the type
+func (c *ChaosPod) ValidateCreate() error {
+	log.Info("validate create", "name", c.Name)
+
+	if c.Spec.NextStop.Before(&metav1.Time{Time: time.Now()}) {
+		return fmt.Errorf(".spec.nextStop must be later than current time")
+	}
+	return nil
+}
+
+// ValidateUpdate implements webhookutil.validator so a webhook will be registered for the type
+func (c *ChaosPod) ValidateUpdate(old runtime.Object) error {
+	log.Info("validate update", "name", c.Name)
+
+	if c.Spec.NextStop.Before(&metav1.Time{Time: time.Now()}) {
+		return fmt.Errorf(".spec.nextStop must be later than current time")
+	}
+
+	oldC, ok := old.(*ChaosPod)
+	if !ok {
+		return fmt.Errorf("expect old object to be a %T instead of %T", oldC, old)
+	}
+	if c.Spec.NextStop.After(oldC.Spec.NextStop.Add(time.Hour)) {
+		return fmt.Errorf("it is not allowed to delay.spec.nextStop for more than 1 hour")
+	}
+	return nil
+}
+
+var _ webhook.Defaulter = &ChaosPod{}
+
+// Default implements webhookutil.defaulter so a webhook will be registered for the type
+func (c *ChaosPod) Default() {
+	log.Info("default", "name", c.Name)
+
+	if c.Spec.NextStop.Before(&metav1.Time{Time: time.Now()}) {
+		c.Spec.NextStop = metav1.Time{Time: time.Now().Add(time.Minute)}
+	}
+}
+
+func init() {
+	SchemeBuilder.Register(&ChaosPod{}, &ChaosPodList{})
+}
+
+var (
+	// SchemeGroupVersion is group version used to register these objects
+	SchemeGroupVersion = schema.GroupVersion{Group: "chaosapps.metamagical.io", Version: "v1"}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
+	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
+
+	// AddToScheme is required by pkg/client/...
+	AddToScheme = SchemeBuilder.AddToScheme
+)