github.com/verrazzano/verrazzano@v1.7.0/cluster-operator/internal/operatorinit/run_webhook.go (about) 1 // Copyright (c) 2022, 2023, Oracle and/or its affiliates. 2 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 package operatorinit 5 6 import ( 7 clustersv1alpha1 "github.com/verrazzano/verrazzano/cluster-operator/apis/clusters/v1alpha1" 8 "github.com/verrazzano/verrazzano/cluster-operator/internal/certificate" 9 "github.com/verrazzano/verrazzano/pkg/k8sutil" 10 "go.uber.org/zap" 11 "k8s.io/client-go/kubernetes" 12 "os" 13 ctrl "sigs.k8s.io/controller-runtime" 14 "sigs.k8s.io/controller-runtime/pkg/healthz" 15 ) 16 17 // WebhookInit Webhook init container entry point 18 func WebhookInit(log *zap.SugaredLogger, props Properties) error { 19 log.Debug("Creating certificates used by webhooks") 20 21 conf, err := k8sutil.GetConfigFromController() 22 if err != nil { 23 return err 24 } 25 26 kubeClient, err := kubernetes.NewForConfig(conf) 27 if err != nil { 28 return err 29 } 30 31 // Create the webhook certificates and secrets 32 if err := certificate.CreateWebhookCertificates(log, kubeClient, props.CertificateDir); err != nil { 33 return err 34 } 35 36 return nil 37 } 38 39 func StartWebhookServer(log *zap.SugaredLogger, props Properties) error { 40 config, err := k8sutil.GetConfigFromController() 41 if err != nil { 42 log.Errorf("Failed to get kubeconfig: %v", err) 43 } 44 45 options := ctrl.Options{ 46 Scheme: props.Scheme, 47 MetricsBindAddress: props.MetricsAddress, 48 Port: 9443, 49 HealthProbeBindAddress: props.ProbeAddress, 50 LeaderElection: props.EnableLeaderElection, 51 LeaderElectionID: "42d5ea87.verrazzano.io", 52 } 53 54 mgr, err := ctrl.NewManager(config, options) 55 if err != nil { 56 log.Errorf("Failed to start manager: %v", err) 57 return err 58 } 59 60 kubeClient, err := kubernetes.NewForConfig(config) 61 if err != nil { 62 log.Errorf("Failed to get clientset", err) 63 return err 64 } 65 66 log.Debug("Updating webhook configuration") 67 // Cluster Operator validating webhook 68 err = updateValidatingWebhookConfiguration(kubeClient, certificate.WebhookName) 69 if err != nil { 70 log.Errorf("Failed to update VerrazzanoManagedCluster validation webhook configuration: %v", err) 71 os.Exit(1) 72 } 73 // Set up VMC Webhook Listener 74 log.Debug("Setting up VerrazzanoManagedCluster webhook with manager") 75 if err := (&clustersv1alpha1.VerrazzanoManagedCluster{}).SetupWebhookWithManager(mgr); err != nil { 76 log.Errorf("Failed to setup VerrazzanoManagedCluster webhook with manager: %v", err) 77 os.Exit(1) 78 } 79 // Set up OCNEOCIQuickCreate Webhook Listener 80 log.Debug("Setting up OCNEOCIQuickCreate webhook with manager") 81 if err := (&clustersv1alpha1.OCNEOCIQuickCreate{}).SetupWebhookWithManager(mgr); err != nil { 82 log.Errorf("Failed to setup OCNEOCIQuickCreate webhook with manager: %v", err) 83 os.Exit(1) 84 } 85 // Set up OCNEOCIQuickCreate Webhook Listener 86 log.Debug("Setting up OKEQuickCreate webhook with manager") 87 if err := (&clustersv1alpha1.OKEQuickCreate{}).SetupWebhookWithManager(mgr); err != nil { 88 log.Errorf("Failed to setup OKEQuickCreate webhook with manager: %v", err) 89 os.Exit(1) 90 } 91 92 // +kubebuilder:scaffold:builder 93 94 if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { 95 log.Error(err, "unable to set up health check") 96 os.Exit(1) 97 } 98 if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil { 99 log.Error(err, "unable to set up ready check") 100 os.Exit(1) 101 } 102 103 mgr.GetWebhookServer().CertDir = props.CertificateDir 104 105 log.Info("Starting manager") 106 if err = mgr.Start(ctrl.SetupSignalHandler()); err != nil { 107 log.Errorf("Failed to run manager: %v", err) 108 } 109 110 return err 111 }