Merge pull request #1677 from mythi/PR-2024-004

webhooks: make SGX mutator registration to follow other webhooks
2025-06-03 03:59:37 +00:00 · 2024-03-08 16:00:11 +02:00 · 2024-03-08 16:00:11 +02:00 · 7d00cf0a71
commit 7d00cf0a71
parent 29f3d875de cbaeddacbd
5 changed files with 12 additions and 13 deletions
--- a/.github/workflows/lib-e2e.yaml
+++ b/.github/workflows/lib-e2e.yaml
@ -42,6 +42,7 @@ jobs:
            runner: simics-spr
            images: intel-qat-plugin intel-qat-initcontainer openssl-qat-engine
          - name: e2e-sgx
            targetjob: e2e-sgx FOCUS="|(SGX Admission)"
            runner: sgx
            images: intel-sgx-plugin intel-sgx-initcontainer intel-sgx-admissionwebhook sgx-sdk-demo intel-deviceplugin-operator
--- a/cmd/operator/main.go
+++ b/cmd/operator/main.go
@ -21,7 +21,6 @@ import (
 	"os"
 	"strings"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
@ -44,7 +43,6 @@ import (
 	"github.com/intel/intel-device-plugins-for-kubernetes/pkg/fpgacontroller"
 	"github.com/intel/intel-device-plugins-for-kubernetes/pkg/fpgacontroller/patcher"
 	sgxwebhook "github.com/intel/intel-device-plugins-for-kubernetes/pkg/webhooks/sgx"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
 )
 var (
@ -176,10 +174,7 @@ func main() {
 	}
 	if contains(devices, "sgx") {
-		if err = builder.WebhookManagedBy(mgr).
+		if err = (&sgxwebhook.Mutator{}).SetupWebhookWithManager(mgr); err != nil {
 			For(&corev1.Pod{}).
 			WithDefaulter(&sgxwebhook.Mutator{}).
 			Complete(); err != nil {
 			setupLog.Error(err, "unable to create webhook", "webhook", "Pod")
 			os.Exit(1)
 		}
--- a/cmd/sgx_admissionwebhook/main.go
+++ b/cmd/sgx_admissionwebhook/main.go
@ -20,10 +20,8 @@ import (
 	"os"
 	sgxwebhook "github.com/intel/intel-device-plugins-for-kubernetes/pkg/webhooks/sgx"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/klog/v2/textlogger"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 )
@ -59,10 +57,7 @@ func main() {
 		os.Exit(1)
 	}
-	if err := builder.WebhookManagedBy(mgr).
+	if err := (&sgxwebhook.Mutator{}).SetupWebhookWithManager(mgr); err != nil {
 		For(&corev1.Pod{}).
 		WithDefaulter(&sgxwebhook.Mutator{}).
 		Complete(); err != nil {
 		setupLog.Error(err, "unable to create webhook", "webhook", "Pod")
 		os.Exit(1)
 	}
--- a/pkg/webhooks/sgx/sgx.go
+++ b/pkg/webhooks/sgx/sgx.go
@ -22,6 +22,7 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/apimachinery/pkg/runtime"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"github.com/intel/intel-device-plugins-for-kubernetes/pkg/internal/containers"
@ -34,6 +35,13 @@ var ErrObjectType = errors.New("invalid runtime object type")
 // Mutator annotates Pods.
 type Mutator struct{}
 func (s *Mutator) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(&corev1.Pod{}).
 		WithDefaulter(s).
 		Complete()
 }
 const (
 	namespace                = "sgx.intel.com"
 	encl                     = namespace + "/enclave"
--- a/test/e2e/iaa/iaa.go
+++ b/test/e2e/iaa/iaa.go
@ -106,7 +106,7 @@ func describe() {
 			e2ekubectl.RunKubectlOrDie(f.Namespace.Name, "apply", "-f", demoPath)
 			ginkgo.By("waiting for the IAA demo to succeed")
-			err := e2epod.WaitForPodSuccessInNamespaceTimeout(ctx, f.ClientSet, podName, f.Namespace.Name, 300*time.Second)
+			err := e2epod.WaitForPodSuccessInNamespaceTimeout(ctx, f.ClientSet, podName, f.Namespace.Name, 360*time.Second)
 			gomega.Expect(err).To(gomega.BeNil(), utils.GetPodLogs(ctx, f, podName, podName))
 		})