Run starts the webhook service
(opt *options.AdmissionOptions)
| 72 | |
| 73 | // Run starts the webhook service |
| 74 | func Run(opt *options.AdmissionOptions) error { |
| 75 | klog.V(4).Infof("AdmissionOptions: %+v", *opt) |
| 76 | restConfig, err := clientcmd.BuildConfigFromFlags(opt.Master, opt.Kubeconfig) |
| 77 | if err != nil { |
| 78 | return err |
| 79 | } |
| 80 | |
| 81 | cli, err := kubernetes.NewForConfig(restConfig) |
| 82 | if err != nil { |
| 83 | return fmt.Errorf("create kube client failed with error: %v", err) |
| 84 | } |
| 85 | vcli, err := versioned.NewForConfig(restConfig) |
| 86 | if err != nil { |
| 87 | return fmt.Errorf("create versioned client failed with error: %v", err) |
| 88 | } |
| 89 | |
| 90 | controller.Client = cli |
| 91 | controller.CrdClient = vcli |
| 92 | |
| 93 | caBundle, err := os.ReadFile(opt.CaCertFile) |
| 94 | if err != nil { |
| 95 | return fmt.Errorf("unable to read cacert file: %v", err) |
| 96 | } |
| 97 | |
| 98 | //TODO: read somewhere to get what's kind of webhook is enabled, register those webhook only. |
| 99 | if err = controller.registerWebhooks(opt, caBundle); err != nil { |
| 100 | return fmt.Errorf("failed to register the webhook with error: %v", err) |
| 101 | } |
| 102 | |
| 103 | http.HandleFunc("/devices", serveDevice) |
| 104 | http.HandleFunc("/devicemodels", serveDeviceModel) |
| 105 | http.HandleFunc("/rules", serveRule) |
| 106 | http.HandleFunc("/ruleendpoints", serveRuleEndpoint) |
| 107 | http.HandleFunc("/offlinemigration", serveOfflineMigration) |
| 108 | http.HandleFunc("/nodeupgradejobs", serveNodeUpgradeJob) |
| 109 | http.HandleFunc("/mutating/nodeupgradejobs", serveMutatingNodeUpgradeJob) |
| 110 | |
| 111 | tlsConfig, err := configTLS(opt, restConfig) |
| 112 | if err != nil { |
| 113 | return err |
| 114 | } |
| 115 | server := &http.Server{ |
| 116 | Addr: fmt.Sprintf(":%v", opt.Port), |
| 117 | TLSConfig: tlsConfig, |
| 118 | } |
| 119 | |
| 120 | if err := server.ListenAndServeTLS("", ""); err != nil { |
| 121 | return fmt.Errorf("start server failed with error: %v", err) |
| 122 | } |
| 123 | return nil |
| 124 | } |
| 125 | |
| 126 | // configTLS is a helper function that generate tls certificates from directly defined tls config or kubeconfig |
| 127 | // These are passed in as command line for cluster certification. If tls config is passed in, we use the directly |
no test coverage detected