github/capsule
1
0
Fork 0
mirror of https://github.com/projectcapsule/capsule.git synced 2026-02-14 18:09:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: inverted logic in forbidden user namespace metadata

Browse Source
This commit is contained in:
Dario Tranchitella
2022-11-24 18:31:14 +01:00
parent d2a6358517
commit 1087ea853b
1 changed files with 21 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
pkg/webhook/namespace/user_metadata.go
View File

@@ -131,26 +131,36 @@ func (r *userMetadataHandler) OnUpdate(client client.Client, decoder *admission.
}
}
var labels, annotations map[string]string
labels, annotations := oldNs.GetLabels(), oldNs.GetAnnotations()
for key, value := range newNs.GetLabels() {
if _, ok := oldNs.GetLabels()[key]; ok {
if labels == nil {
labels = make(map[string]string)
}
v, ok := labels[key]
if !ok {
labels[key] = value
continue
}
if v != value {
continue
}
delete(labels, key)
}
for key, value := range newNs.GetAnnotations() {
if _, ok := oldNs.GetAnnotations()[key]; ok {
if annotations == nil {
annotations = make(map[string]string)
}
v, ok := annotations[key]
if !ok {
annotations[key] = value
continue
}
if v != value {
continue
}
delete(annotations, key)
}
return r.validateUserMetadata(tnt, recorder, labels, annotations)