prep for actual admission/hook efforts

2023-03-18 11:43:52 -05:00
parent 9c1f349c97
commit 9dd4366e73
8 changed files with 212 additions and 148 deletions
--- a/internal/operations/deploymentsValidation.go
+++ b/internal/operations/deploymentsValidation.go
@ -0,0 +1,5 @@
+package operations
+
+func DeploymentsValidation() Hook {
+	return Hook{}
+}
--- a/internal/operations/hook.go
+++ b/internal/operations/hook.go
@ -0,0 +1,51 @@
+package operations
+
+//https://github.com/douglasmakey/admissioncontroller
+
+import (
+	"fmt"
+
+	admission "k8s.io/api/admission/v1"
+)
+
+// Result contains the result of an admission request
+type Result struct {
+	Allowed  bool
+	Msg      string
+	PatchOps []PatchOperation
+}
+
+// AdmitFunc defines how to process an admission request
+type AdmitFunc func(request *admission.AdmissionRequest) (*Result, error)
+
+// Hook represents the set of functions for each operation in an admission webhook.
+type Hook struct {
+	Create  AdmitFunc
+	Delete  AdmitFunc
+	Update  AdmitFunc
+	Connect AdmitFunc
+}
+
+// Execute evaluates the request and try to execute the function for operation specified in the request.
+func (h *Hook) Execute(r *admission.AdmissionRequest) (*Result, error) {
+	switch r.Operation {
+	case admission.Create:
+		return wrapperExecution(h.Create, r)
+	case admission.Update:
+		return wrapperExecution(h.Update, r)
+	case admission.Delete:
+		return wrapperExecution(h.Delete, r)
+	case admission.Connect:
+		return wrapperExecution(h.Connect, r)
+	}
+
+	return &Result{Msg: fmt.Sprintf("Invalid operation: %s", r.Operation)}, nil
+}
+
+func wrapperExecution(fn AdmitFunc, r *admission.AdmissionRequest) (*Result, error) {
+	if fn == nil {
+		return nil, fmt.Errorf("operation %s is not registered", r.Operation)
+	}
+
+	return fn(r)
+}
--- a/internal/operations/patch.go
+++ b/internal/operations/patch.go
@ -0,0 +1,61 @@
+package operations
+
+const (
+	addOperation     = "add"
+	removeOperation  = "remove"
+	replaceOperation = "replace"
+	copyOperation    = "copy"
+	moveOperation    = "move"
+)
+
+// PatchOperation is an operation of a JSON patch https://tools.ietf.org/html/rfc6902.
+type PatchOperation struct {
+	Op    string      `json:"op"`
+	Path  string      `json:"path"`
+	From  string      `json:"from"`
+	Value interface{} `json:"value,omitempty"`
+}
+
+// AddPatchOperation returns an add JSON patch operation.
+func AddPatchOperation(path string, value interface{}) PatchOperation {
+	return PatchOperation{
+		Op:    addOperation,
+		Path:  path,
+		Value: value,
+	}
+}
+
+// RemovePatchOperation returns a remove JSON patch operation.
+func RemovePatchOperation(path string) PatchOperation {
+	return PatchOperation{
+		Op:   removeOperation,
+		Path: path,
+	}
+}
+
+// ReplacePatchOperation returns a replace JSON patch operation.
+func ReplacePatchOperation(path string, value interface{}) PatchOperation {
+	return PatchOperation{
+		Op:    replaceOperation,
+		Path:  path,
+		Value: value,
+	}
+}
+
+// CopyPatchOperation returns a copy JSON patch operation.
+func CopyPatchOperation(from, path string) PatchOperation {
+	return PatchOperation{
+		Op:   copyOperation,
+		Path: path,
+		From: from,
+	}
+}
+
+// MovePatchOperation returns a move JSON patch operation.
+func MovePatchOperation(from, path string) PatchOperation {
+	return PatchOperation{
+		Op:   moveOperation,
+		Path: path,
+		From: from,
+	}
+}
--- a/internal/operations/podsMutation.go
+++ b/internal/operations/podsMutation.go
@ -0,0 +1,5 @@
+package operations
+
+func PodsMutation() Hook {
+	return Hook{}
+}
--- a/internal/operations/podsValidation.go
+++ b/internal/operations/podsValidation.go
@ -0,0 +1,5 @@
+package operations
+
+func PodsValidation() Hook {
+	return Hook{}
+}