github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

kube-apiserver: split admission initializers into generic and non-generic

Browse Source 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
This commit is contained in:
Dr. Stefan Schimanski
2024-04-29 22:06:01 +02:00
parent b5fc001bba
commit acbb89d9b9
9 changed files with 215 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
plugin/pkg/admission/gc/gc_admission_test.go
View File

@@ -28,15 +28,16 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apiserver/pkg/admission"
apiserveradmission "k8s.io/apiserver/pkg/admission"
"k8s.io/apiserver/pkg/admission/initializer"
"k8s.io/apiserver/pkg/authentication/user"
"k8s.io/apiserver/pkg/authorization/authorizer"
fakediscovery "k8s.io/client-go/discovery/fake"
"k8s.io/client-go/restmapper"
coretesting "k8s.io/client-go/testing"
api "k8s.io/kubernetes/pkg/apis/core"
kubeadmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
controlplaneadmission "k8s.io/kubernetes/pkg/controlplane/apiserver/admission"
)
type fakeAuthorizer struct{}
@@ -111,7 +112,7 @@ func newGCPermissionsEnforcement() (*gcPermissionsEnforcement, error) {
},
}
gcAdmit := &gcPermissionsEnforcement{
Handler: admission.NewHandler(admission.Create, admission.Update),
Handler: apiserveradmission.NewHandler(apiserveradmission.Create, apiserveradmission.Update),
whiteList: whiteList,
}
@@ -138,9 +139,8 @@ func newGCPermissionsEnforcement() (*gcPermissionsEnforcement, error) {
}
restMapper := restmapper.NewDiscoveryRESTMapper(restMapperRes)
genericPluginInitializer := initializer.New(nil, nil, nil, fakeAuthorizer{}, nil, nil, restMapper)
pluginInitializer := kubeadmission.NewPluginInitializer(nil, nil, nil)
initializersChain := admission.PluginInitializers{}
pluginInitializer := controlplaneadmission.NewPluginInitializer(nil, nil)
initializersChain := apiserveradmission.PluginInitializers{}
initializersChain = append(initializersChain, genericPluginInitializer)
initializersChain = append(initializersChain, pluginInitializer)
@@ -349,14 +349,14 @@ func TestGCAdmission(t *testing.T) {
t.Error(err)
}
operation := admission.Create
operation := apiserveradmission.Create
var options runtime.Object = &metav1.CreateOptions{}
if tc.oldObj != nil {
operation = admission.Update
operation = apiserveradmission.Update
options = &metav1.UpdateOptions{}
}
user := &user.DefaultInfo{Name: tc.username}
attributes := admission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, options, false, user)
attributes := apiserveradmission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, options, false, user)
err = gcAdmit.Validate(context.TODO(), attributes, nil)
if !tc.checkError(err) {
@@ -668,14 +668,14 @@ func TestBlockOwnerDeletionAdmission(t *testing.T) {
gcAdmit.restMapper = tc.restMapperOverride
}
operation := admission.Create
operation := apiserveradmission.Create
var options runtime.Object = &metav1.CreateOptions{}
if tc.oldObj != nil {
operation = admission.Update
operation = apiserveradmission.Update
options = &metav1.UpdateOptions{}
}
user := &user.DefaultInfo{Name: tc.username}
attributes := admission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, options, false, user)
attributes := apiserveradmission.NewAttributesRecord(tc.newObj, tc.oldObj, schema.GroupVersionKind{}, metav1.NamespaceDefault, "foo", tc.resource, tc.subresource, operation, options, false, user)
err = gcAdmit.Validate(context.TODO(), attributes, nil)
if !tc.checkError(err) {

4
plugin/pkg/admission/resourcequota/admission_test.go
View File

@@ -37,7 +37,7 @@ import (
testcore "k8s.io/client-go/testing"
"k8s.io/client-go/tools/cache"
api "k8s.io/kubernetes/pkg/apis/core"
kubeapiserveradmission "k8s.io/kubernetes/pkg/kubeapiserver/admission"
controlplaneadmission "k8s.io/kubernetes/pkg/controlplane/apiserver/admission"
"k8s.io/kubernetes/pkg/quota/v1/install"
)
@@ -115,7 +115,7 @@ func createHandlerWithConfig(kubeClient kubernetes.Interface, informerFactory in
initializers := admission.PluginInitializers{
genericadmissioninitializer.New(kubeClient, nil, informerFactory, nil, nil, stopCh, nil),
kubeapiserveradmission.NewPluginInitializer(nil, quotaConfiguration, nil),
controlplaneadmission.NewPluginInitializer(quotaConfiguration, nil),
}
initializers.Initialize(handler)