containerized-data-importer/pkg/apiserver/webhooks/cdi-validate.go
akalenyu 0428dc5465
Stop using deprecated admissionregistration, apiregistration v1beta1 (#1804)
Switch admissionregistration.k8s.io/v1beta, apiregistration.k8s.io/v1beta1 to v1
as they are deprecated and will be removed from k8s-1.22.

apiextensions.k8s.io/v1beta1 was updated to v1 by https://github.com/kubevirt/containerized-data-importer/pull/1307.

Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>
2021-05-26 22:52:47 +02:00

101 lines
3.1 KiB
Go

/*
* This file is part of the CDI project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Copyright 2020 Red Hat, Inc.
*
*/
package webhooks
import (
"context"
"encoding/json"
"fmt"
sdkapi "kubevirt.io/controller-lifecycle-operator-sdk/pkg/sdk/api"
admissionv1 "k8s.io/api/admission/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/klog/v2"
cdiv1 "kubevirt.io/containerized-data-importer/pkg/apis/core/v1beta1"
cdiclient "kubevirt.io/containerized-data-importer/pkg/client/clientset/versioned"
)
const uninstallErrorMsg = "Rejecting the uninstall request, since there are still DataVolumes present. Either delete all DataVolumes or change the uninstall strategy before uninstalling CDI."
type cdiValidatingWebhook struct {
client cdiclient.Interface
}
func (wh *cdiValidatingWebhook) Admit(ar admissionv1.AdmissionReview) *admissionv1.AdmissionResponse {
klog.V(3).Infof("Got AdmissionReview %+v", ar)
if ar.Request.Resource.Group != cdiv1.CDIGroupVersionKind.Group || ar.Request.Resource.Resource != "cdis" {
klog.V(3).Infof("Got unexpected resource type %s", ar.Request.Resource.Resource)
return toAdmissionResponseError(fmt.Errorf("unexpected resource: %s", ar.Request.Resource.Resource))
}
if ar.Request.Operation != admissionv1.Delete {
klog.V(3).Infof("Got unexpected operation type %s", ar.Request.Operation)
return allowedAdmissionResponse()
}
cdi, err := wh.getResource(ar)
if err != nil {
return toAdmissionResponseError(err)
}
switch cdi.Status.Phase {
case sdkapi.PhaseEmpty, sdkapi.PhaseError:
return allowedAdmissionResponse()
}
if cdi.Spec.UninstallStrategy != nil && *cdi.Spec.UninstallStrategy == cdiv1.CDIUninstallStrategyBlockUninstallIfWorkloadsExist {
dvs, err := wh.client.CdiV1beta1().DataVolumes(metav1.NamespaceAll).List(context.TODO(), metav1.ListOptions{Limit: 2})
if err != nil {
return toAdmissionResponseError(err)
}
if len(dvs.Items) > 0 {
return toAdmissionResponseError(fmt.Errorf(uninstallErrorMsg))
}
}
return allowedAdmissionResponse()
}
func (wh *cdiValidatingWebhook) getResource(ar admissionv1.AdmissionReview) (*cdiv1.CDI, error) {
var cdi *cdiv1.CDI
if len(ar.Request.OldObject.Raw) > 0 {
cdi = &cdiv1.CDI{}
err := json.Unmarshal(ar.Request.OldObject.Raw, cdi)
if err != nil {
return nil, err
}
} else if len(ar.Request.Name) > 0 {
var err error
cdi, err = wh.client.CdiV1beta1().CDIs().Get(context.TODO(), ar.Request.Name, metav1.GetOptions{})
if err != nil {
return nil, err
}
} else {
return nil, fmt.Errorf("cannot derive deleted resource")
}
return cdi, nil
}