func validatePodHasSidecarContainerInjected()

in pkg/webhook/sidecar_spec.go [301:339]

• 28 lines of code
• 10 McCabe index (conditional complexity)

func validatePodHasSidecarContainerInjected(containerName string, pod *corev1.Pod, volumes []corev1.Volume, volumeMounts []corev1.VolumeMount) (bool, bool) {
	// Checks that the default emptyDir volumes are present in pod, skipping the custom volumes.
	volumesInjected := func(pod *corev1.Pod) bool {
		volumeMap := map[string]corev1.EmptyDirVolumeSource{}
		for _, v := range volumes {
			volumeMap[v.Name] = *v.EmptyDir
		}

		// volumeMap/volumes represents all of the volumes that should be present in the pod.
		for _, v := range pod.Spec.Volumes {
			if _, exists := volumeMap[v.Name]; exists {
				if v.EmptyDir != nil {
					delete(volumeMap, v.Name)
				}
			}
		}

		return len(volumeMap) == 0
	}

	// Check the sidecar container is present in regular or init container list.
	containerAndVolumeMountPresentInContainers := sidecarContainerPresent(containerName, pod.Spec.Containers, volumeMounts)
	containerAndVolumeMountPresentInInitContainers := sidecarContainerPresent(containerName, pod.Spec.InitContainers, volumeMounts)

	if containerAndVolumeMountPresentInContainers && containerAndVolumeMountPresentInInitContainers {
		klog.Errorf("sidecar present in containers and init containers... make sure only one sidecar is present.")
	}

	if !containerAndVolumeMountPresentInContainers && !containerAndVolumeMountPresentInInitContainers {
		return false, false
	}

	// We continue validation if all sidecar volumes are present in the pod.
	if !volumesInjected(pod) {
		return false, false
	}

	return true, containerAndVolumeMountPresentInInitContainers
}