config?

internal/config/config.go

@@ -17,8 +17,11 @@ type Config struct {
 	TZoneLocal    *time.Location `ignored:"true"`
 	TZoneUTC      *time.Location `ignored:"true"`
 
+	// config file
+	ConfigFile string `env:"config_file" default:"./config.yaml"`
+
 	// logging
-	LogLevel int                   `env:"LOG_LEVEL" default:"50"`
+	LogLevel int                   `env:"log_level" default:"50"`
 	Log      *logutils.LevelFilter `ignored:"true"`
 
 	// webserver
@@ -31,7 +34,10 @@ type Config struct {
 	WebServerIdleTimeout  int    `env:"webserver_idle_timeout" default:"2"`
 
 	// mutation configuration
-	AllowAdminNoMutate	bool `env:"allow_admin_nomutate" default:"false"`
+	AllowAdminNoMutate       bool     `env:"allow_admin_nomutate" default:"false"`
+	AllowAdminNoMutateToggle string   `env:"allow_admin_nomutate_toggle" default:"2d77b689-dc14-40a5-8971-34c62999335c"`
+	DockerhubRegistry        string   `env:"dockerhub_registry" default:"registry.hub.docker.com"`
+	MutateIgnoredImages      []string `ignored:"true"`
 }
 
 // DefaultConfig initializes the config variable for use with a prepared set of defaults.

internal/config/configFile.go

@@ -0,0 +1,35 @@
+package config
+
+import (
+	"os"
+
+	"io/ioutil"
+
+	"gopkg.in/yaml.v3"
+)
+
+type configFileStruct struct {
+	AllowAdminNoMutate       bool     `yaml:"allow-admin-nomutate"`
+	AllowAdminNoMutateToggle string   `yaml:"allow-admin-nomutate-toggle"`
+	DockerhubRegistry        string   `yaml:"dockerhub-registry"`
+	MutateIgnoredImages      []string `yaml:"mutate-ignored-images"`
+}
+
+func getConfigFileData(fileLocation string) (configFileStruct, error) {
+	// does file exist
+	if _, err := os.Stat(fileLocation); os.IsNotExist(err) {
+		return configFileStruct{}, err
+	}
+	// read file
+	rd, err := ioutil.ReadFile(fileLocation)
+	if err != nil {
+		return configFileStruct{}, err
+	}
+	// convert config file data to struct
+	var output configFileStruct
+	if err := yaml.Unmarshal(rd, &output); err != nil {
+		return output, err
+	}
+
+	return output, nil
+}

internal/config/initialize.go

@@ -73,6 +73,22 @@ func Init() *Config {
 	// print running config
 	cfg.printRunningConfig(cfgInfo)
 
+	// read config file
+	configFileData, err := getConfigFileData(cfg.ConfigFile)
+	if err != nil {
+		log.Fatalf("[FATAL] Unable to read configuration file")
+	}
+	if cfg.AllowAdminNoMutate == false {
+		cfg.AllowAdminNoMutate = configFileData.AllowAdminNoMutate
+	}
+	if cfg.AllowAdminNoMutateToggle == "2d77b689-dc14-40a5-8971-34c62999335c" {
+		cfg.AllowAdminNoMutateToggle = configFileData.AllowAdminNoMutateToggle
+	}
+	if cfg.DockerhubRegistry == "registry.hub.docker.com" {
+		cfg.DockerhubRegistry = configFileData.DockerhubRegistry
+	}
+	cfg.MutateIgnoredImages = configFileData.MutateIgnoredImages
+
 	log.Println("[INFO] initialization sequence complete")
 	return cfg
 }

internal/operations/podsValidation.go

@@ -11,8 +11,10 @@ import (
 
 func PodsValidation() Hook {
 	return Hook{
-		Create: podValidationCreate(),
 		// default allow
+		Create: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
+			return &Result{Allowed: true}, nil
+		},
 		Delete: func(r *admission.AdmissionRequest, cfg config.Config) (*Result, error) {
 			return &Result{Allowed: true}, nil
 		},