github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/pkg/admission/validator/webhook.go

github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/pkg/admission/validator/webhook.go (about)

     1  // SPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and IronCore contributors
     2  // SPDX-License-Identifier: Apache-2.0
     3  
     4  package validator
     5  
     6  import (
     7  	extensionspredicate "github.com/gardener/gardener/extensions/pkg/predicate"
     8  	extensionswebhook "github.com/gardener/gardener/extensions/pkg/webhook"
     9  	"github.com/gardener/gardener/pkg/apis/core"
    10  	corev1 "k8s.io/api/core/v1"
    11  	"sigs.k8s.io/controller-runtime/pkg/log"
    12  	"sigs.k8s.io/controller-runtime/pkg/manager"
    13  	"sigs.k8s.io/controller-runtime/pkg/predicate"
    14  
    15  	ironcore "github.com/ironcore-dev/gardener-extension-provider-ironcore/pkg/ironcore"
    16  )
    17  
    18  const (
    19  	// Name is a name for a validation webhook.
    20  	Name = "validator"
    21  	// SecretsValidatorName is the name of the secrets' validator.
    22  	SecretsValidatorName = "secrets." + Name
    23  )
    24  
    25  var logger = log.Log.WithName("ironcore-validator-webhook")
    26  
    27  // New creates a new validation webhook for `core.gardener.cloud` resources.
    28  func New(mgr manager.Manager) (*extensionswebhook.Webhook, error) {
    29  	logger.Info("Setting up webhook", "name", Name)
    30  
    31  	return extensionswebhook.New(mgr, extensionswebhook.Args{
    32  		Provider:   ironcore.Type,
    33  		Name:       Name,
    34  		Path:       "/webhooks/validate",
    35  		Predicates: []predicate.Predicate{extensionspredicate.GardenCoreProviderType(ironcore.Type)},
    36  		Validators: map[extensionswebhook.Validator][]extensionswebhook.Type{
    37  			NewShootValidator(mgr):         {{Obj: &core.Shoot{}}},
    38  			NewSecretBindingValidator(mgr): {{Obj: &core.SecretBinding{}}},
    39  		},
    40  	})
    41  }
    42  
    43  // NewSecretsWebhook creates a new validation webhook for Secrets.
    44  func NewSecretsWebhook(mgr manager.Manager) (*extensionswebhook.Webhook, error) {
    45  	logger.Info("Setting up webhook", "name", SecretsValidatorName)
    46  
    47  	return extensionswebhook.New(mgr, extensionswebhook.Args{
    48  		Provider: ironcore.Type,
    49  		Name:     SecretsValidatorName,
    50  		Path:     "/webhooks/validate/secrets",
    51  		Validators: map[extensionswebhook.Validator][]extensionswebhook.Type{
    52  			NewSecretValidator(): {{Obj: &corev1.Secret{}}},
    53  		},
    54  	})
    55  }