Added MaxScale validation webhook

2025-08-02 23:55:01 +00:00 · 2024-01-21 11:58:42 +01:00
parent 9d849cddc5
commit a0e92d83ac
10 changed files with 107 additions and 75 deletions
--- a/3
+++ b/3
@ -122,4 +122,7 @@ resources:
  kind: MaxScale
  path: github.com/mariadb-operator/mariadb-operator/api/v1alpha1
  version: v1alpha1
+  webhooks:
+    validation: true
+    webhookVersion: v1
 version: "3"
--- a/api/v1alpha1/mariadb_webhook.go
+++ b/api/v1alpha1/mariadb_webhook.go
@ -11,7 +11,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )

-var logger = log.Log.WithName("mariadb")
+var mariadbLogger = log.Log.WithName("mariadb")

 func (r *MariaDB) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
@ -19,7 +19,6 @@ func (r *MariaDB) SetupWebhookWithManager(mgr ctrl.Manager) error {
 		Complete()
 }

-//nolint
 //+kubebuilder:webhook:path=/mutate-mariadb-mmontes-io-v1alpha1-mariadb,mutating=true,failurePolicy=fail,sideEffects=None,groups=mariadb.mmontes.io,resources=mariadbs,verbs=create;update,versions=v1alpha1,name=mmariadb.kb.io,admissionReviewVersions=v1

 var _ webhook.Defaulter = &MariaDB{}
@ -27,31 +26,30 @@ var _ webhook.Defaulter = &MariaDB{}
 // Default implements webhook.Defaulter so a webhook will be registered for the type
 func (r *MariaDB) Default() {
 	if r.Spec.Replication != nil && r.Spec.Replication.Enabled {
-		logger.V(1).Info("Defaulting spec.replication", "mariadb", r.Name)
+		mariadbLogger.V(1).Info("Defaulting spec.replication", "mariadb", r.Name)
 		r.Spec.Replication.FillWithDefaults()
 		return
 	}
 	if r.Spec.Galera != nil && r.Spec.Galera.Enabled {
-		logger.V(1).Info("Defaulting spec.galera", "mariadb", r.Name)
+		mariadbLogger.V(1).Info("Defaulting spec.galera", "mariadb", r.Name)
 		r.Spec.Galera.FillWithDefaults()
 		return
 	}
 }

-//nolint
 //+kubebuilder:webhook:path=/validate-mariadb-mmontes-io-v1alpha1-mariadb,mutating=false,failurePolicy=fail,sideEffects=None,groups=mariadb.mmontes.io,resources=mariadbs,verbs=create;update,versions=v1alpha1,name=vmariadb.kb.io,admissionReviewVersions=v1

 var _ webhook.Validator = &MariaDB{}

 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
 func (r *MariaDB) ValidateCreate() (admission.Warnings, error) {
-	logger.V(1).Info("Validate MariaDB creation", "mariadb", r.Name)
+	mariadbLogger.V(1).Info("Validate create", "name", r.Name)
 	return nil, r.validate()
 }

 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
 func (r *MariaDB) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	logger.V(1).Info("Validate MariaDB update", "mariadb", r.Name)
+	mariadbLogger.V(1).Info("Validate update", "name", r.Name)
 	oldMariadb := old.(*MariaDB)
 	if err := inmutableWebhook.ValidateUpdate(r, oldMariadb); err != nil {
 		return nil, err
--- a/api/v1alpha1/maxscale_webhook.go
+++ b/api/v1alpha1/maxscale_webhook.go
@ -0,0 +1,42 @@
+package v1alpha1
+
+import (
+	"k8s.io/apimachinery/pkg/runtime"
+	ctrl "sigs.k8s.io/controller-runtime"
+	logf "sigs.k8s.io/controller-runtime/pkg/log"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
+)
+
+var maxscaleLogger = logf.Log.WithName("maxscale")
+
+func (r *MaxScale) SetupWebhookWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewWebhookManagedBy(mgr).
+		For(r).
+		Complete()
+}
+
+//+kubebuilder:webhook:path=/validate-mariadb-mmontes-io-v1alpha1-maxscale,mutating=false,failurePolicy=fail,sideEffects=None,groups=mariadb.mmontes.io,resources=maxscales,verbs=create;update,versions=v1alpha1,name=vmaxscale.kb.io,admissionReviewVersions=v1
+
+var _ webhook.Validator = &MaxScale{}
+
+// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
+func (r *MaxScale) ValidateCreate() (admission.Warnings, error) {
+	maxscaleLogger.V(1).Info("Validate create", "name", r.Name)
+	return nil, nil
+}
+
+// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
+func (r *MaxScale) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
+	maxscaleLogger.V(1).Info("Validate update", "name", r.Name)
+	oldMaxScale := old.(*MaxScale)
+	if err := inmutableWebhook.ValidateUpdate(r, oldMaxScale); err != nil {
+		return nil, err
+	}
+	return nil, nil
+}
+
+// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
+func (r *MaxScale) ValidateDelete() (admission.Warnings, error) {
+	return nil, nil
+}
--- a/api/v1alpha1/webhook_suite_test.go
+++ b/api/v1alpha1/webhook_suite_test.go
@ -12,7 +12,8 @@ import (
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"

-	admissionv1beta1 "k8s.io/api/admission/v1"
+	admissionv1 "k8s.io/api/admission/v1"
+
 	//+kubebuilder:scaffold:imports
 	monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@ -67,7 +68,7 @@ var _ = BeforeSuite(func() {
 	err = AddToScheme(scheme)
 	Expect(err).NotTo(HaveOccurred())

-	err = admissionv1beta1.AddToScheme(scheme)
+	err = admissionv1.AddToScheme(scheme)
 	Expect(err).NotTo(HaveOccurred())

 	err = monitoringv1.AddToScheme(scheme)
@ -95,6 +96,12 @@ var _ = BeforeSuite(func() {
 	})
 	Expect(err).NotTo(HaveOccurred())

+	err = (&MariaDB{}).SetupWebhookWithManager(mgr)
+	Expect(err).NotTo(HaveOccurred())
+
+	err = (&MaxScale{}).SetupWebhookWithManager(mgr)
+	Expect(err).NotTo(HaveOccurred())
+
 	err = (&Restore{}).SetupWebhookWithManager(mgr)
 	Expect(err).NotTo(HaveOccurred())

@ -110,9 +117,6 @@ var _ = BeforeSuite(func() {
 	err = (&User{}).SetupWebhookWithManager(mgr)
 	Expect(err).NotTo(HaveOccurred())

-	err = (&MariaDB{}).SetupWebhookWithManager(mgr)
-	Expect(err).NotTo(HaveOccurred())
-
 	err = (&Connection{}).SetupWebhookWithManager(mgr)
 	Expect(err).NotTo(HaveOccurred())

--- a/cmd/controller/cert_controller.go
+++ b/cmd/controller/cert_controller.go
@ -1,24 +1,3 @@
-/*
-Copyright © 2023 Martín Montes <martin11lrx@gmail.com>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-*/
 package main

 import (
--- a/cmd/controller/main.go
+++ b/cmd/controller/main.go
@ -1,24 +1,3 @@
-/*
-Copyright © 2023 Martín Montes <martin11lrx@gmail.com>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-*/
 package main

 import (
--- a/cmd/controller/webhook.go
+++ b/cmd/controller/webhook.go
@ -1,24 +1,3 @@
-/*
-Copyright © 2023 Martín Montes <martin11lrx@gmail.com>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-*/
 package main

 import (
@ -95,6 +74,10 @@ var webhookCmd = &cobra.Command{
 			setupLog.Error(err, "Unable to create webhook", "webhook", "MariaDB")
 			os.Exit(1)
 		}
+		if err = (&mariadbv1alpha1.MaxScale{}).SetupWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "Unable to create webhook", "webhook", "MaxScale")
+			os.Exit(1)
+		}
 		if err = (&mariadbv1alpha1.Backup{}).SetupWebhookWithManager(mgr); err != nil {
 			setupLog.Error(err, "Unable to create webhook", "webhook", "Backup")
 			os.Exit(1)
--- a/cmd/enterprise/main.go
+++ b/cmd/enterprise/main.go
@ -344,6 +344,10 @@ var rootCmd = &cobra.Command{
 			setupLog.Error(err, "Unable to create webhook", "webhook", "MariaDB")
 			os.Exit(1)
 		}
+		if err = (&mariadbv1alpha1.MaxScale{}).SetupWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "Unable to create webhook", "webhook", "MaxScale")
+			os.Exit(1)
+		}
 		if err = (&mariadbv1alpha1.Backup{}).SetupWebhookWithManager(mgr); err != nil {
 			setupLog.Error(err, "Unable to create webhook", "webhook", "Backup")
 			os.Exit(1)
--- a/config/webhook/manifests.yaml
+++ b/config/webhook/manifests.yaml
@ -132,6 +132,26 @@ webhooks:
    resources:
    - mariadbs
  sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-mariadb-mmontes-io-v1alpha1-maxscale
+  failurePolicy: Fail
+  name: vmaxscale.kb.io
+  rules:
+  - apiGroups:
+    - mariadb.mmontes.io
+    apiVersions:
+    - v1alpha1
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - maxscales
+  sideEffects: None
 - admissionReviewVersions:
  - v1
  clientConfig:
--- a/deploy/charts/mariadb-operator/templates/webhook-config.yaml
+++ b/deploy/charts/mariadb-operator/templates/webhook-config.yaml
@ -152,6 +152,26 @@ webhooks:
        resources:
          - mariadbs
    sideEffects: None
+  - admissionReviewVersions:
+    - v1
+    clientConfig:
+      service:
+        name: {{ $fullName }}-webhook
+        namespace: {{ .Release.Namespace }}
+        path: /validate-mariadb-mmontes-io-v1alpha1-maxscale
+    failurePolicy: Fail
+    name: vmaxscale.kb.io
+    rules:
+    - apiGroups:
+      - mariadb.mmontes.io
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - maxscales
+    sideEffects: None
  - admissionReviewVersions:
      - v1
    clientConfig: