use a single client in webhook

Signed-off-by: Arik Hadas <[email protected]>
kubev2v · Sep 28, 2023 · 8daad7d · 8daad7d
1 parent b7b33f1
commit 8daad7d
Show file tree

Hide file tree

Showing 14 changed files with 79 additions and 148 deletions.
diff --git a/cmd/forklift-api/BUILD.bazel b/cmd/forklift-api/BUILD.bazel
@@ -10,7 +10,11 @@ go_library(
         "//pkg/forklift-api",
         "//pkg/lib/logging",
         "//vendor/github.com/go-logr/logr",
+        "//vendor/github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1:k8s_cni_cncf_io",
         "//vendor/k8s.io/client-go/kubernetes/scheme",
+        "//vendor/k8s.io/client-go/rest",
+        "//vendor/k8s.io/client-go/tools/clientcmd/api",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
         "//vendor/sigs.k8s.io/controller-runtime/pkg/log",
     ],
 )

diff --git a/cmd/forklift-api/forklift-api.go b/cmd/forklift-api/forklift-api.go
@@ -20,10 +20,15 @@ import (
 	"os"
 
 	"github.com/go-logr/logr"
+	net "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1"
 	"github.com/konveyor/forklift-controller/pkg/apis"
 	forklift_api "github.com/konveyor/forklift-controller/pkg/forklift-api"
 	"github.com/konveyor/forklift-controller/pkg/lib/logging"
 	"k8s.io/client-go/kubernetes/scheme"
+	"k8s.io/client-go/rest"
+
+	"k8s.io/client-go/tools/clientcmd/api"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
@@ -37,13 +42,37 @@ func init() {
 
 func main() {
 	log.Info("start forklift-api")
-	app := forklift_api.NewForkliftApi()
 
 	err := apis.AddToScheme(scheme.Scheme)
 	if err != nil {
 		log.Error(err, "unable to add forklift API to scheme")
 		os.Exit(1)
 	}
 
+	err = api.SchemeBuilder.AddToScheme(scheme.Scheme)
+	if err != nil {
+		log.Error(err, "Couldn't build the scheme")
+		os.Exit(1)
+	}
+
+	err = net.AddToScheme(scheme.Scheme)
+	if err != nil {
+		log.Error(err, "Couldn't add network-attachment-definition-client to the scheme")
+		os.Exit(1)
+	}
+
+	config, err := rest.InClusterConfig()
+	if err != nil {
+		log.Error(err, "Couldn't get the cluster configuration")
+		return
+	}
+
+	client, err := client.New(config, client.Options{Scheme: scheme.Scheme})
+	if err != nil {
+		log.Error(err, "Couldn't create a cluster client")
+		return
+	}
+
+	app := forklift_api.NewForkliftApi(client)
 	app.Execute()
 }
diff --git a/pkg/forklift-api/BUILD.bazel b/pkg/forklift-api/BUILD.bazel
@@ -8,5 +8,6 @@ go_library(
     deps = [
         "//pkg/forklift-api/webhooks",
         "//pkg/lib/logging",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
     ],
 )
diff --git a/pkg/forklift-api/api.go b/pkg/forklift-api/api.go
@@ -22,6 +22,7 @@ import (
 
 	webhooks "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks"
 	"github.com/konveyor/forklift-controller/pkg/lib/logging"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 const (
@@ -42,13 +43,15 @@ type forkliftAPIApp struct {
 	Name        string
 	BindAddress string
 	Port        int
+	client      client.Client
 }
 
-func NewForkliftApi() ForkliftApi {
+func NewForkliftApi(client client.Client) ForkliftApi {
 
 	app := &forkliftAPIApp{}
 	app.BindAddress = defaultHost
 	app.Port = defaultPort
+	app.client = client
 
 	return app
 }
@@ -66,8 +69,8 @@ func (app *forkliftAPIApp) Execute() {
 	}
 
 	mux := http.NewServeMux()
-	webhooks.RegisterMutatingWebhooks(mux)
-	webhooks.RegisterValidatingWebhooks(mux)
+	webhooks.RegisterMutatingWebhooks(mux, app.client)
+	webhooks.RegisterValidatingWebhooks(mux, app.client)
 	server := http.Server{
 		Addr:    ":8443",
 		Handler: mux,

diff --git a/pkg/forklift-api/webhooks/BUILD.bazel b/pkg/forklift-api/webhooks/BUILD.bazel
@@ -15,6 +15,7 @@ go_library(
         "//pkg/forklift-api/webhooks/validating-webhook",
         "//pkg/forklift-api/webhooks/validating-webhook/admitters",
         "//pkg/lib/logging",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
         "//vendor/sigs.k8s.io/controller-runtime/pkg/manager",
     ],
 )
diff --git a/pkg/forklift-api/webhooks/mutating-webhook.go b/pkg/forklift-api/webhooks/mutating-webhook.go
@@ -5,12 +5,13 @@ import (
 
 	mutating_webhooks "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/mutating-webhook"
 	"github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/mutating-webhook/mutators"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 func ServeSecretMutator(resp http.ResponseWriter, req *http.Request) {
 	mutating_webhooks.Serve(resp, req, &mutators.SecretMutator{})
 }
 
-func ServePlanMutator(resp http.ResponseWriter, req *http.Request) {
-	mutating_webhooks.Serve(resp, req, &mutators.PlanMutator{})
+func ServePlanMutator(resp http.ResponseWriter, req *http.Request, client client.Client) {
+	mutating_webhooks.Serve(resp, req, &mutators.PlanMutator{Client: client})
 }
diff --git a/pkg/forklift-api/webhooks/mutating-webhook/mutators/BUILD.bazel b/pkg/forklift-api/webhooks/mutating-webhook/mutators/BUILD.bazel
@@ -9,7 +9,6 @@ go_library(
     importpath = "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/mutating-webhook/mutators",
     visibility = ["//visibility:public"],
     deps = [
-        "//pkg/apis",
         "//pkg/apis/forklift/v1beta1",
         "//pkg/forklift-api/webhooks/util",
         "//pkg/lib/error",
@@ -19,8 +18,6 @@ go_library(
         "//vendor/k8s.io/api/core/v1:core",
         "//vendor/k8s.io/apimachinery/pkg/api/errors",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:meta",
-        "//vendor/k8s.io/client-go/kubernetes/scheme",
-        "//vendor/k8s.io/client-go/rest",
         "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
     ],
 )

diff --git a/pkg/forklift-api/webhooks/mutating-webhook/mutators/plan-mutator.go b/pkg/forklift-api/webhooks/mutating-webhook/mutators/plan-mutator.go
@@ -6,15 +6,12 @@ import (
 	"net/http"
 
 	net "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1"
-	"github.com/konveyor/forklift-controller/pkg/apis"
 	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
 	"github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/util"
 	admissionv1 "k8s.io/api/admission/v1beta1"
 	core "k8s.io/api/core/v1"
 	k8serr "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes/scheme"
-	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -23,8 +20,9 @@ const (
 )
 
 type PlanMutator struct {
-	ar   *admissionv1.AdmissionReview
-	plan api.Plan
+	ar     *admissionv1.AdmissionReview
+	plan   api.Plan
+	Client client.Client
 }
 
 func (mutator *PlanMutator) Mutate(ar *admissionv1.AdmissionReview) *admissionv1.AdmissionResponse {
@@ -71,36 +69,8 @@ func (mutator *PlanMutator) setTransferNetworkIfNotSet() (bool, error) {
 	var planChanged bool
 
 	if mutator.plan.Spec.TransferNetwork == nil {
-		config, err := rest.InClusterConfig()
-		if err != nil {
-			log.Error(err, "Couldn't get the cluster configuration")
-			return false, err
-		}
-
-		err = api.SchemeBuilder.AddToScheme(scheme.Scheme)
-		if err != nil {
-			log.Error(err, "Couldn't build the scheme")
-			return false, err
-		}
-		err = apis.AddToScheme(scheme.Scheme)
-		if err != nil {
-			log.Error(err, "Couldn't add forklift API to the scheme")
-			return false, err
-		}
-		err = net.AddToScheme(scheme.Scheme)
-		if err != nil {
-			log.Error(err, "Couldn't add network-attachment-definition-client to the scheme")
-			return false, err
-		}
-
-		cl, err := client.New(config, client.Options{Scheme: scheme.Scheme})
-		if err != nil {
-			log.Error(err, "Couldn't create a cluster client")
-			return false, err
-		}
-
 		targetProvider := api.Provider{}
-		err = cl.Get(context.TODO(), client.ObjectKey{Namespace: mutator.plan.Spec.Provider.Destination.Namespace, Name: mutator.plan.Spec.Provider.Destination.Name}, &targetProvider)
+		err := mutator.Client.Get(context.TODO(), client.ObjectKey{Namespace: mutator.plan.Spec.Provider.Destination.Namespace, Name: mutator.plan.Spec.Provider.Destination.Name}, &targetProvider)
 		if err != nil {
 			log.Error(err, "Couldn't get the target provider")
 			return false, err
@@ -114,11 +84,11 @@ func (mutator *PlanMutator) setTransferNetworkIfNotSet() (bool, error) {
 
 			var tcl client.Client // target client, i.e., client to a possibly remote cluster
 			if targetProvider.IsHost() {
-				tcl = cl
+				tcl = mutator.Client
 			} else {
 				ref := targetProvider.Spec.Secret
 				secret := &core.Secret{}
-				err = cl.Get(
+				err = mutator.Client.Get(
 					context.TODO(),
 					client.ObjectKey{
 						Namespace: ref.Namespace,

diff --git a/pkg/forklift-api/webhooks/validating-webhook.go b/pkg/forklift-api/webhooks/validating-webhook.go
@@ -5,16 +5,17 @@ import (
 
 	validating_webhooks "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/validating-webhook"
 	"github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/validating-webhook/admitters"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
-func ServeSecretCreate(resp http.ResponseWriter, req *http.Request) {
-	validating_webhooks.Serve(resp, req, &admitters.SecretAdmitter{})
+func ServeSecretCreate(resp http.ResponseWriter, req *http.Request, client client.Client) {
+	validating_webhooks.Serve(resp, req, &admitters.SecretAdmitter{Client: client})
 }
 
-func ServePlanCreate(resp http.ResponseWriter, req *http.Request) {
-	validating_webhooks.Serve(resp, req, &admitters.PlanAdmitter{})
+func ServePlanCreate(resp http.ResponseWriter, req *http.Request, client client.Client) {
+	validating_webhooks.Serve(resp, req, &admitters.PlanAdmitter{Client: client})
 }
 
-func ServeProviderCreate(resp http.ResponseWriter, req *http.Request) {
-	validating_webhooks.Serve(resp, req, &admitters.ProviderAdmitter{})
+func ServeProviderCreate(resp http.ResponseWriter, req *http.Request, client client.Client) {
+	validating_webhooks.Serve(resp, req, &admitters.ProviderAdmitter{Client: client})
 }
diff --git a/pkg/forklift-api/webhooks/validating-webhook/admitters/BUILD.bazel b/pkg/forklift-api/webhooks/validating-webhook/admitters/BUILD.bazel
@@ -10,7 +10,6 @@ go_library(
     importpath = "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/validating-webhook/admitters",
     visibility = ["//visibility:public"],
     deps = [
-        "//pkg/apis",
         "//pkg/apis/forklift/v1beta1",
         "//pkg/controller/plan/adapter/vsphere",
         "//pkg/controller/provider/container",
@@ -26,8 +25,6 @@ go_library(
         "//vendor/k8s.io/api/storage/v1:storage",
         "//vendor/k8s.io/apimachinery/pkg/api/errors",
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:meta",
-        "//vendor/k8s.io/client-go/kubernetes/scheme",
-        "//vendor/k8s.io/client-go/rest",
         "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
     ],
 )
diff --git a/pkg/forklift-api/webhooks/validating-webhook/admitters/plan-admitter.go b/pkg/forklift-api/webhooks/validating-webhook/admitters/plan-admitter.go
@@ -2,24 +2,22 @@ package admitters
 
 import (
 	"context"
+
 	v1 "k8s.io/api/storage/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	"encoding/json"
 	"fmt"
 
 	admissionv1 "k8s.io/api/admission/v1beta1"
-	"k8s.io/client-go/kubernetes/scheme"
-	"k8s.io/client-go/rest"
 
-	"github.com/konveyor/forklift-controller/pkg/apis"
 	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
 	"github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/util"
 	liberr "github.com/konveyor/forklift-controller/pkg/lib/error"
 )
 
 type PlanAdmitter struct {
-	client              client.Client
+	Client              client.Client
 	plan                api.Plan
 	sourceProvider      api.Provider
 	destinationProvider api.Provider
@@ -43,14 +41,14 @@ func (admitter *PlanAdmitter) validateStorage() error {
 	}
 
 	storageClasses := v1.StorageClassList{}
-	err := admitter.client.List(context.TODO(), &storageClasses, &client.ListOptions{})
+	err := admitter.Client.List(context.TODO(), &storageClasses, &client.ListOptions{})
 	if err != nil {
 		log.Error(err, "Couldn't get the cluster storage classes")
 		return err
 	}
 
 	storageMap := api.StorageMap{}
-	err = admitter.client.Get(
+	err = admitter.Client.Get(
 		context.TODO(),
 		client.ObjectKey{
 			Namespace: admitter.plan.Spec.Map.Storage.Namespace,
@@ -127,30 +125,7 @@ func (admitter *PlanAdmitter) Admit(ar *admissionv1.AdmissionReview) *admissionv
 		return util.ToAdmissionResponseError(err)
 	}
 
-	config, err := rest.InClusterConfig()
-	if err != nil {
-		log.Error(err, "Couldn't get the cluster configuration")
-		return util.ToAdmissionResponseError(err)
-	}
-
-	err = api.SchemeBuilder.AddToScheme(scheme.Scheme)
-	if err != nil {
-		log.Error(err, "Couldn't build the scheme")
-		return util.ToAdmissionResponseError(err)
-	}
-	err = apis.AddToScheme(scheme.Scheme)
-	if err != nil {
-		log.Error(err, "Couldn't add forklift API to the scheme")
-		return util.ToAdmissionResponseError(err)
-	}
-
-	admitter.client, err = client.New(config, client.Options{Scheme: scheme.Scheme})
-	if err != nil {
-		log.Error(err, "Couldn't create a cluster client")
-		return util.ToAdmissionResponseError(err)
-	}
-
-	err = admitter.client.Get(
+	err = admitter.Client.Get(
 		context.TODO(),
 		client.ObjectKey{
 			Namespace: admitter.plan.Spec.Provider.Source.Namespace,
@@ -162,7 +137,7 @@ func (admitter *PlanAdmitter) Admit(ar *admissionv1.AdmissionReview) *admissionv
 		return util.ToAdmissionResponseAllow()
 	}
 
-	err = admitter.client.Get(
+	err = admitter.Client.Get(
 		context.TODO(),
 		client.ObjectKey{
 			Namespace: admitter.plan.Spec.Provider.Destination.Namespace,