func getMutatingWebhookConfigFromConfigmap()

in reconcilers/reconciler.go [249:297]

• 46 lines of code
• 6 McCabe index (conditional complexity)

func getMutatingWebhookConfigFromConfigmap(ctx context.Context, clientset kubernetes.Interface, caCert []byte, isKubeSystemNamespaceBlocked bool) (*admissionregistration.MutatingWebhookConfiguration, *error) {
	logger := log.MustGetLogger(ctx)
	name := config.AppConfig.ObjectName + "-webhook-config"
	cm, err := clientset.CoreV1().ConfigMaps(config.AppConfig.Namespace).Get(ctx, name, metav1.GetOptions{})
	if err != nil {
		logger.Errorf(ctx, "get webhook-config configmap failed. error: %s", err)
		return nil, &err
	}
	logger.Infof(ctx, "get webhook-config configmap succeed.")
	logger.Debugf(ctx, "configmap: %v", cm)

	mutatingWebhookConfigJson := cm.Data["mutatingWebhookConfig"]
	if mutatingWebhookConfigJson == "" {
		logger.Errorf(ctx, "mutatingWebhookConfig is empty")
		err = errors.New("mutatingWebhookConfig is empty")
		return nil, &err
	}
	logger.Infof(ctx, "get mutatingWebhookConfig succeed. mutatingWebhookConfig: %s", mutatingWebhookConfigJson)
	logger.Debugf(ctx, "mutatingWebhookConfig: %s", mutatingWebhookConfigJson)
	var mutatingWebhookConfig admissionregistration.MutatingWebhookConfiguration
	err = yaml.NewYAMLOrJSONDecoder(strings.NewReader(mutatingWebhookConfigJson), 1024).Decode(&mutatingWebhookConfig)
	if err != nil {
		logger.Errorf(ctx, "unmarshal mutatingWebhookConfig failed. error: %s", err)
		return nil, &err
	}
	logger.Infof(ctx, "unmarshal mutatingWebhookConfig succeed.")
	logger.Debugf(ctx, "mutatingWebhookConfig: %v", mutatingWebhookConfig)

	for i := range mutatingWebhookConfig.Webhooks {
		mutatingWebhookConfig.Webhooks[i].ClientConfig.CABundle = caCert
	}
	var labels map[string]string
	if !isKubeSystemNamespaceBlocked {
		logger.Info(ctx, "kube-system is unblocked.")
		labels = map[string]string{
			consts.ManagedLabelKey:                consts.ManagedLabelValue,
			consts.AdmissionEnforcerDisabledLabel: consts.AdmissionEnforcerDisabledValue,
		}
	} else {
		logger.Info(ctx, "kube-system is blocked.")
		labels = map[string]string{
			consts.ManagedLabelKey: consts.ManagedLabelValue,
		}
	}
	mutatingWebhookConfig.Labels = labels
	logger.Debugf(ctx, "mutatingWebhookConfig from configmap: %v", mutatingWebhookConfig)

	return &mutatingWebhookConfig, nil
}