-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(webhooks): add validation webhook for operator configuration
Reject operator configuration resources with self-telemetry enabled that have no export configuration.
- Loading branch information
Showing
4 changed files
with
105 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
49 changes: 49 additions & 0 deletions
49
internal/dash0/webhooks/operator_configuration_validation_webhook.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
// SPDX-FileCopyrightText: Copyright 2024 Dash0 Inc. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package webhooks | ||
|
||
import ( | ||
"context" | ||
"net/http" | ||
|
||
ctrl "sigs.k8s.io/controller-runtime" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
"sigs.k8s.io/controller-runtime/pkg/webhook/admission" | ||
|
||
dash0v1alpha1 "github.com/dash0hq/dash0-operator/api/dash0monitoring/v1alpha1" | ||
) | ||
|
||
type OperatorConfigurationValidationWebhookHandler struct { | ||
Client client.Client | ||
} | ||
|
||
func (h *OperatorConfigurationValidationWebhookHandler) SetupWebhookWithManager(mgr ctrl.Manager) error { | ||
webhook := &admission.Webhook{ | ||
Handler: h, | ||
} | ||
|
||
handler, err := admission.StandaloneWebhook(webhook, admission.StandaloneOptions{}) | ||
if err != nil { | ||
return err | ||
} | ||
mgr.GetWebhookServer().Register("/v1alpha1/validate/operator-configuration", handler) | ||
|
||
return nil | ||
} | ||
|
||
func (h *OperatorConfigurationValidationWebhookHandler) Handle(_ context.Context, request admission.Request) admission.Response { | ||
operatorConfigurationResource := &dash0v1alpha1.Dash0OperatorConfiguration{} | ||
if _, _, err := decoder.Decode(request.Object.Raw, nil, operatorConfigurationResource); err != nil { | ||
return admission.Errored(http.StatusBadRequest, err) | ||
} | ||
|
||
if operatorConfigurationResource.Spec.SelfMonitoring.Enabled && operatorConfigurationResource.Spec.Export == nil { | ||
return admission.Denied( | ||
"The provided Dash0 operator configuration resource has self-monitoring enabled, but it does not have an " + | ||
"export configuration. Either disable self-monitoring or provide an export configuration for self-" + | ||
"monitoring telemetry.") | ||
|
||
} | ||
return admission.Allowed("") | ||
} |