Главная Обзор Помощь
Вход
logic855
/
helm-external-secrets
зеркало из https://github.com/external-secrets/external-secrets
1
0
Ответвить 0
Файлы Задачи 0 Вики
Ветка: mj-v2-poc-2
Ветки Метки
helm-external-s...
/
e2e
/
framework
/
addon
/
webhook.go

webhook.go 2.5 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. /*
    2. 

  2. Copyright © The ESO Authors
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     https://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package addon
    18. 

  18. 

  19. import (
    20. 

  20. 	"bytes"
    21. 

  21. 	"context"
    22. 

  22. 	"crypto/tls"
    23. 

  23. 	"fmt"
    24. 

  24. 	"net/http"
    25. 

  25. 	"strings"
    26. 

  26. 	"time"
    27. 

  27. 

  28. 	"k8s.io/apimachinery/pkg/util/wait"
    29. 

  29. 

  30. 	. "github.com/onsi/ginkgo/v2"
    31. 

  31. )
    32. 

  32. 

  33. const externalSecretValidationReview = `{"apiVersion":"admission.k8s.io/v1","kind":"AdmissionReview","request":{"uid":"test","kind":{"group":"external-secrets.io","version":"v1","kind":"ExternalSecret"},"resource":{"group":"external-secrets.io","version":"v1","resource":"externalsecrets"},"dryRun":true,"operation":"CREATE","userInfo":{"username":"test","uid":"test","groups":[],"extra":{}}}}`
    34. 

  34. const externalSecretsChartName = "external-secrets"
    35. 

  35. 

  36. var (
    37. 

  37. 	externalSecretWebhookURL = func(serviceName, namespace string) string {
    38. 

  38. 		return fmt.Sprintf("https://%s.%s.svc.cluster.local/validate-external-secrets-io-v1-externalsecret", serviceName, namespace)
    39. 

  39. 	}
    40. 

  40. 	webhookReadyPollInterval = time.Second
    41. 

  41. 	webhookReadyTimeout      = 5 * time.Minute
    42. 

  42. 	webhookReadyContext      = func() context.Context { return GinkgoT().Context() }
    43. 

  43. )
    44. 

  44. 

  45. func webhookServiceName(releaseName string) string {
    46. 

  46. 	fullName := releaseName
    47. 

  47. 	if !strings.Contains(releaseName, externalSecretsChartName) {
    48. 

  48. 		fullName = fmt.Sprintf("%s-%s", releaseName, externalSecretsChartName)
    49. 

  49. 	}
    50. 

  50. 	return fmt.Sprintf("%s-webhook", fullName)
    51. 

  51. }
    52. 

  52. 

  53. func waitForExternalSecretWebhookReady(serviceName, namespace string) error {
    54. 

  54. 	tr := &http.Transport{
    55. 

  55. 		// nolint:gosec
    56. 

  56. 		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
    57. 

  57. 	}
    58. 

  58. 	client := &http.Client{Transport: tr}
    59. 

  59. 	url := externalSecretWebhookURL(serviceName, namespace)
    60. 

  60. 

  61. 	return wait.PollUntilContextTimeout(webhookReadyContext(), webhookReadyPollInterval, webhookReadyTimeout, true, func(ctx context.Context) (bool, error) {
    62. 

  62. 		res, err := client.Post(url, "application/json", bytes.NewBufferString(externalSecretValidationReview))
    63. 

  63. 		if err != nil {
    64. 

  64. 			return false, nil
    65. 

  65. 		}
    66. 

  66. 		defer func() {
    67. 

  67. 			_ = res.Body.Close()
    68. 

  68. 		}()
    69. 

  69. 		GinkgoWriter.Printf("webhook res: %d", res.StatusCode)
    70. 

  70. 		return res.StatusCode == http.StatusOK, nil
    71. 

  71. 	})
    72. 

  72. }
    73.