Enable ability to flip configuration of allownomutate

internal/config/config.go

@@ -41,8 +41,8 @@ type Config struct {
 }
 
 // DefaultConfig initializes the config variable for use with a prepared set of defaults.
-func DefaultConfig() *Config {
-	return &Config{
+func DefaultConfig() Config {
+	return Config{
 		Log: &logutils.LevelFilter{
 			Levels: []logutils.LogLevel{"TRACE", "DEBUG", "INFO", "WARNING", "ERROR"},
 			Writer: os.Stderr,
@@ -50,7 +50,7 @@ func DefaultConfig() *Config {
 	}
 }
 
-func (cfg *Config) setLogLevel() {
+func setLogLevel(cfg Config) {
 	switch {
 	case cfg.LogLevel <= 20:
 		cfg.Log.SetMinLevel(logutils.LogLevel("ERROR"))
@@ -66,7 +66,7 @@ func (cfg *Config) setLogLevel() {
 	log.SetOutput(cfg.Log)
 }
 
-func (cfg *Config) printRunningConfig(cfgInfo []StructInfo) {
+func printRunningConfig(cfg *Config, cfgInfo []StructInfo) {
 	log.Printf("[DEBUG] Current Running Configuration Values:")
 	for _, info := range cfgInfo {
 		switch info.Type.String() {

internal/config/initialize.go

@@ -19,10 +19,10 @@ func getOSEnv(env, def string) string {
 // Init initializes the application configuration by reading default values from the struct's tags
 // and environment variables. Tags processed by this process are as follows:
 // `ignored:"true" env:"ENVIRONMENT_VARIABLE" default:"default value"`
-func Init() *Config {
+func Init() Config {
 	cfg := DefaultConfig()
 
-	cfgInfo, err := getStructInfo(cfg)
+	cfgInfo, err := getStructInfo(&cfg)
 	if err != nil {
 		log.Fatalf("[FATAL] %v", err)
 	}
@@ -34,7 +34,7 @@ func Init() *Config {
 			if info.DefaultValue != nil {
 				dv = info.DefaultValue.(string)
 			}
-			p := reflect.ValueOf(cfg).Elem().FieldByName(info.Name).Addr().Interface().(*string)
+			p := reflect.ValueOf(&cfg).Elem().FieldByName(info.Name).Addr().Interface().(*string)
 			flag.StringVar(p, info.Name, dv, "("+info.Key+")")
 
 		case "bool":
@@ -42,7 +42,7 @@ func Init() *Config {
 			if info.DefaultValue != nil {
 				dv = info.DefaultValue.(bool)
 			}
-			p := reflect.ValueOf(cfg).Elem().FieldByName(info.Name).Addr().Interface().(*bool)
+			p := reflect.ValueOf(&cfg).Elem().FieldByName(info.Name).Addr().Interface().(*bool)
 			flag.BoolVar(p, info.Name, dv, "("+info.Key+")")
 
 		case "int":
@@ -50,14 +50,14 @@ func Init() *Config {
 			if info.DefaultValue != nil {
 				dv = int(info.DefaultValue.(int64))
 			}
-			p := reflect.ValueOf(cfg).Elem().FieldByName(info.Name).Addr().Interface().(*int)
+			p := reflect.ValueOf(&cfg).Elem().FieldByName(info.Name).Addr().Interface().(*int)
 			flag.IntVar(p, info.Name, dv, "("+info.Key+")")
 		}
 	}
 	flag.Parse()
 
 	// set logging level
-	cfg.setLogLevel()
+	setLogLevel(cfg)
 
 	// timezone & format configuration
 	cfg.TZoneUTC, _ = time.LoadLocation("UTC")
@@ -71,7 +71,7 @@ func Init() *Config {
 	time.Now().Format(cfg.TimeFormat)
 
 	// print running config
-	cfg.printRunningConfig(cfgInfo)
+	printRunningConfig(&cfg, cfgInfo)
 
 	// read config file
 	configFileData, err := getConfigFileData(cfg.ConfigFile)

internal/operations/deploymentsValidation.go

@@ -1,24 +1,24 @@
 package operations
 
 import (
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 func DeploymentsValidation() Hook {
 	return Hook{
 		// default allow
-		Create: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Create: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Delete: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Update: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Update: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Connect: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Connect: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
 	}

internal/operations/hook.go

@@ -5,9 +5,9 @@ package operations
 import (
 	"fmt"
 
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 // Result contains the result of an admission request
@@ -18,7 +18,7 @@ type Result struct {
 }
 
 // AdmitFunc defines how to process an admission request
-type AdmitFunc func(request *admission.AdmissionRequest, cfg config.Config) (*Result, error)
+type AdmitFunc func(request *admission.AdmissionRequest, cfg *config.Config) (*Result, error)
 
 // Hook represents the set of functions for each operation in an admission webhook.
 type Hook struct {
@@ -32,19 +32,19 @@ type Hook struct {
 func (h *Hook) Execute(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 	switch r.Operation {
 	case admission.Create:
-		return wrapperExecution(h.Create, r, *cfg)
+		return wrapperExecution(h.Create, r, cfg)
 	case admission.Update:
-		return wrapperExecution(h.Update, r, *cfg)
+		return wrapperExecution(h.Update, r, cfg)
 	case admission.Delete:
-		return wrapperExecution(h.Delete, r, *cfg)
+		return wrapperExecution(h.Delete, r, cfg)
 	case admission.Connect:
-		return wrapperExecution(h.Connect, r, *cfg)
+		return wrapperExecution(h.Connect, r, cfg)
 	}
 
 	return &Result{Msg: fmt.Sprintf("Invalid operation: %s", r.Operation)}, nil
 }
 
-func wrapperExecution(fn AdmitFunc, r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+func wrapperExecution(fn AdmitFunc, r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 	if fn == nil {
 		return nil, fmt.Errorf("operation %s is not registered", r.Operation)
 	}

internal/operations/podsMutation.go

@@ -3,30 +3,30 @@ package operations
 import (
 	"fmt"
 
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
 	core "k8s.io/api/core/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 func PodsMutation() Hook {
 	return Hook{
 		Create: podMutationCreate(),
 		// default allow
-		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Delete: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Update: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Update: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Connect: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Connect: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
 	}
 }
 
 func podMutationCreate() AdmitFunc {
-	return func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+	return func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 		var operations []PatchOperation
 		pod, err := parsePod(r.Object.Raw)
 		if err != nil {

internal/operations/podsValidation.go

@@ -4,31 +4,31 @@ import (
 	"log"
 	"strings"
 
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 func PodsValidation() Hook {
 	return Hook{
 		// default allow
-		Create: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Create: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Delete: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Update: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Update: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Connect: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Connect: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
 	}
 }
 
 func podValidationCreate() AdmitFunc {
-	return func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+	return func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 		pod, err := parsePod(r.Object.Raw)
 		if err != nil {
 			return &Result{Msg: err.Error()}, nil