Enable ability to flip configuration of allownomutate

internal/operations/deploymentsValidation.go

@@ -1,24 +1,24 @@
 package operations
 
 import (
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 func DeploymentsValidation() Hook {
 	return Hook{
 		// default allow
-		Create: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Create: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Delete: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Update: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Update: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Connect: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Connect: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
 	}

internal/operations/hook.go

@@ -5,9 +5,9 @@ package operations
 import (
 	"fmt"
 
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 // Result contains the result of an admission request
@@ -18,7 +18,7 @@ type Result struct {
 }
 
 // AdmitFunc defines how to process an admission request
-type AdmitFunc func(request *admission.AdmissionRequest, cfg config.Config) (*Result, error)
+type AdmitFunc func(request *admission.AdmissionRequest, cfg *config.Config) (*Result, error)
 
 // Hook represents the set of functions for each operation in an admission webhook.
 type Hook struct {
@@ -32,19 +32,19 @@ type Hook struct {
 func (h *Hook) Execute(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 	switch r.Operation {
 	case admission.Create:
-		return wrapperExecution(h.Create, r, *cfg)
+		return wrapperExecution(h.Create, r, cfg)
 	case admission.Update:
-		return wrapperExecution(h.Update, r, *cfg)
+		return wrapperExecution(h.Update, r, cfg)
 	case admission.Delete:
-		return wrapperExecution(h.Delete, r, *cfg)
+		return wrapperExecution(h.Delete, r, cfg)
 	case admission.Connect:
-		return wrapperExecution(h.Connect, r, *cfg)
+		return wrapperExecution(h.Connect, r, cfg)
 	}
 
 	return &Result{Msg: fmt.Sprintf("Invalid operation: %s", r.Operation)}, nil
 }
 
-func wrapperExecution(fn AdmitFunc, r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+func wrapperExecution(fn AdmitFunc, r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 	if fn == nil {
 		return nil, fmt.Errorf("operation %s is not registered", r.Operation)
 	}

internal/operations/podsMutation.go

@@ -3,30 +3,30 @@ package operations
 import (
 	"fmt"
 
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
 	core "k8s.io/api/core/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 func PodsMutation() Hook {
 	return Hook{
 		Create: podMutationCreate(),
 		// default allow
-		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Delete: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Update: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Update: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Connect: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Connect: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
 	}
 }
 
 func podMutationCreate() AdmitFunc {
-	return func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+	return func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 		var operations []PatchOperation
 		pod, err := parsePod(r.Object.Raw)
 		if err != nil {

internal/operations/podsValidation.go

@@ -4,31 +4,31 @@ import (
 	"log"
 	"strings"
 
-	"mutating-webhook/internal/config"
-
 	admission "k8s.io/api/admission/v1"
+
+	"mutating-webhook/internal/config"
 )
 
 func PodsValidation() Hook {
 	return Hook{
 		// default allow
-		Create: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Create: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Delete: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Update: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Update: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
-		Connect: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+		Connect: func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},
 	}
 }
 
 func podValidationCreate() AdmitFunc {
-	return func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+	return func(r *admission.AdmissionRequest, cfg *config.Config) (*Result, error) {
 		pod, err := parsePod(r.Object.Raw)
 		if err != nil {
 			return &Result{Msg: err.Error()}, nil