func()

in pkg/admission/webhook_manager.go [307:378]

• 57 lines of code
• 14 McCabe index (conditional complexity)

func (wm *webhookManagerImpl) installMutatingWebhook() (bool, error) {
	log.Log(log.AdmissionWebhook).Info("Checking for existing mutating webhook...")

	caBundle, err := wm.encodeCaBundle()
	if err != nil {
		log.Log(log.AdmissionWebhook).Error("Unable to encode CA bundle", zap.Error(err))
		return false, err
	}

	hook, err := wm.clientset.AdmissionregistrationV1().MutatingWebhookConfigurations().Get(ctx.Background(), mutatingWebhook, metav1.GetOptions{})
	if err != nil {
		if !apierrors.IsNotFound(err) {
			log.Log(log.AdmissionWebhook).Error("Unable to read mutating webhook", zap.String("name", mutatingWebhook), zap.Error(err))
			return false, err
		}
		log.Log(log.AdmissionWebhook).Info("Unable to find mutating webhook, will create it", zap.String("name", mutatingWebhook))
		hook = nil
	}

	if hook == nil {
		// create
		hook = wm.createEmptyMutatingWebhook()
		wm.populateMutatingWebhook(hook, caBundle)

		// sanity check to ensure that the hook is well-formed before we update it
		err = wm.checkMutatingWebhook(hook)
		if err != nil {
			log.Log(log.AdmissionWebhook).Error("BUG: Mutating webhook is invalid", zap.Error(err))
			return false, err
		}

		log.Log(log.AdmissionWebhook).Info("Creating mutating webhook", zap.String("webhook", hook.Name))
		_, err = wm.clientset.AdmissionregistrationV1().MutatingWebhookConfigurations().Create(ctx.Background(), hook, metav1.CreateOptions{})
		if err != nil {
			if apierrors.IsConflict(err) || apierrors.IsAlreadyExists(err) {
				// go around again
				return true, nil
			}
			log.Log(log.AdmissionWebhook).Error("Unable to install mutating webhook", zap.Error(err))
			return false, err
		}
	} else {
		err = wm.checkMutatingWebhook(hook)
		if err == nil {
			log.Log(log.AdmissionWebhook).Info("Mutating webhook OK")
			return false, nil
		}

		// update
		wm.populateMutatingWebhook(hook, caBundle)

		// sanity check to ensure that the hook is well-formed before we update it
		err = wm.checkMutatingWebhook(hook)
		if err != nil {
			log.Log(log.AdmissionWebhook).Error("BUG: Mutating webhook is invalid", zap.Error(err))
			return false, err
		}

		log.Log(log.AdmissionWebhook).Info("Updating mutating webhook", zap.String("hook", hook.Name))
		_, err = wm.clientset.AdmissionregistrationV1().MutatingWebhookConfigurations().Update(ctx.Background(), hook, metav1.UpdateOptions{})
		if err != nil {
			if apierrors.IsNotFound(err) || apierrors.IsConflict(err) {
				// go around again
				return true, nil
			}
			log.Log(log.AdmissionWebhook).Error("Unable to update mutating webhook", zap.Error(err))
			return false, err
		}
	}

	return true, nil
}