admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check the cluster ID (kube-system UID) when updating the cluster (#5299)

Browse Source 
* Add an admission webhook to check cluster ID (kube-system UID) before updating

* Add an admission webhook to check cluster ID (kube-system UID) before updating
This commit is contained in:
yuyu
2022-10-20 10:37:40 +08:00
committed by GitHub
parent a765914158
commit 41ac27ad31
2 changed files with 89 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/controller-manager/app/server.go
View File

@@ -39,6 +39,7 @@ import (
"kubesphere.io/kubesphere/cmd/controller-manager/app/options"
"kubesphere.io/kubesphere/pkg/apis"
controllerconfig "kubesphere.io/kubesphere/pkg/apiserver/config"
"kubesphere.io/kubesphere/pkg/controller/cluster"
"kubesphere.io/kubesphere/pkg/controller/network/webhooks"
"kubesphere.io/kubesphere/pkg/controller/quota"
"kubesphere.io/kubesphere/pkg/controller/user"
@@ -237,6 +238,9 @@ func run(s *options.KubeSphereControllerManagerOptions, ctx context.Context) err
hookServer := mgr.GetWebhookServer()
klog.V(2).Info("registering webhooks to the webhook server")
if s.IsControllerEnabled("cluster") && s.MultiClusterOptions.Enable {
hookServer.Register("/validate-cluster-kubesphere-io-v1alpha1", &webhook.Admission{Handler: &cluster.ValidatingHandler{Client: mgr.GetClient()}})
}
hookServer.Register("/validate-email-iam-kubesphere-io-v1alpha2", &webhook.Admission{Handler: &user.EmailValidator{Client: mgr.GetClient()}})
hookServer.Register("/validate-network-kubesphere-io-v1alpha1", &webhook.Admission{Handler: &webhooks.ValidatingHandler{C: mgr.GetClient()}})
hookServer.Register("/mutate-network-kubesphere-io-v1alpha1", &webhook.Admission{Handler: &webhooks.MutatingHandler{C: mgr.GetClient()}})