in pkg/webhook/webhook.go [63:114]
func NewPodMutator(client client.Client, reader client.Reader, audience string, scheme *runtime.Scheme, restConfig *rest.Config) (admission.Handler, error) {
c, err := config.ParseConfig()
if err != nil {
return nil, err
}
if audience == "" {
audience = DefaultAudience
}
discoveryClient, err := discovery.NewDiscoveryClientForConfig(restConfig)
if err != nil {
return nil, errors.Wrap(err, "failed to create discovery client")
}
// "SidecarContainers" went beta in 1.29. With the 3 version skew policy,
// between API server and kubelet, 1.32 is the earliest version this can be
// safely used.
useNativeSidecar, err := serverVersionGTE(discoveryClient, utilversion.MajorMinor(1, 32))
if err != nil {
return nil, errors.Wrap(err, "failed to check kubernetes version")
}
// this is used to configure the AZURE_AUTHORITY_HOST env var that's
// used by the azure sdk
azureAuthorityHost, err := getAzureAuthorityHost(c)
if err != nil {
return nil, errors.Wrap(err, "failed to get AAD endpoint")
}
proxyImage := c.ProxyImage
if len(proxyImage) == 0 {
proxyImage = fmt.Sprintf("%s/%s:%s", ProxyImageRegistry, ProxySidecarImageName, ProxyImageVersion)
}
proxyInitImage := c.ProxyInitImage
if len(proxyInitImage) == 0 {
proxyInitImage = fmt.Sprintf("%s/%s:%s", ProxyImageRegistry, ProxyInitImageName, ProxyImageVersion)
}
if err := registerMetrics(); err != nil {
return nil, errors.Wrap(err, "failed to register metrics")
}
return &podMutator{
client: client,
reader: reader,
config: c,
decoder: admission.NewDecoder(scheme),
audience: audience,
azureAuthorityHost: azureAuthorityHost,
proxyImage: proxyImage,
proxyInitImage: proxyInitImage,
useNativeSidecar: useNativeSidecar,
}, nil
}