func()

in pkg/admission/webhook_manager.go [234:305]

• 57 lines of code
• 14 McCabe index (conditional complexity)

func (wm *webhookManagerImpl) installValidatingWebhook() (bool, error) {
	log.Log(log.AdmissionWebhook).Info("Checking for existing validating webhook...")

	caBundle, err := wm.encodeCaBundle()
	if err != nil {
		log.Log(log.AdmissionWebhook).Error("Unable to encode CA bundle", zap.Error(err))
		return false, err
	}

	hook, err := wm.clientset.AdmissionregistrationV1().ValidatingWebhookConfigurations().Get(ctx.Background(), validatingWebhook, metav1.GetOptions{})
	if err != nil {
		if !apierrors.IsNotFound(err) {
			log.Log(log.AdmissionWebhook).Error("Unable to read validating webhook", zap.String("name", validatingWebhook), zap.Error(err))
			return false, err
		}
		log.Log(log.AdmissionWebhook).Info("Unable to find validating webhook, will create it", zap.String("name", validatingWebhook))
		hook = nil
	}

	if hook == nil {
		// create
		hook = wm.createEmptyValidatingWebhook()
		wm.populateValidatingWebhook(hook, caBundle)

		// sanity check to ensure that the hook is well-formed before we update it
		err = wm.checkValidatingWebhook(hook)
		if err != nil {
			log.Log(log.AdmissionWebhook).Error("BUG: Validating webhook is invalid", zap.Error(err))
			return false, err
		}

		log.Log(log.AdmissionWebhook).Info("Creating validating webhook", zap.String("webhook", hook.Name))
		_, err = wm.clientset.AdmissionregistrationV1().ValidatingWebhookConfigurations().Create(ctx.Background(), hook, metav1.CreateOptions{})
		if err != nil {
			if apierrors.IsConflict(err) || apierrors.IsAlreadyExists(err) {
				// go around again
				return true, nil
			}
			log.Log(log.AdmissionWebhook).Error("Unable to install validating webhook", zap.Error(err))
			return false, err
		}
	} else {
		err = wm.checkValidatingWebhook(hook)
		if err == nil {
			log.Log(log.AdmissionWebhook).Info("Validating webhook OK")
			return false, nil
		}

		// update
		wm.populateValidatingWebhook(hook, caBundle)

		// sanity check to ensure that the hook is well-formed before we update it
		err = wm.checkValidatingWebhook(hook)
		if err != nil {
			log.Log(log.AdmissionWebhook).Error("BUG: Validating webhook is invalid", zap.Error(err))
			return false, err
		}

		log.Log(log.AdmissionWebhook).Info("Updating validating webhook", zap.String("webhook", hook.Name))
		_, err = wm.clientset.AdmissionregistrationV1().ValidatingWebhookConfigurations().Update(ctx.Background(), hook, metav1.UpdateOptions{})
		if err != nil {
			if apierrors.IsNotFound(err) || apierrors.IsConflict(err) {
				// go around again
				return true, nil
			}
			log.Log(log.AdmissionWebhook).Error("Unable to update validating webhook", zap.Error(err))
			return false, err
		}
	}

	return true, nil
}