From 964b4c561b66cd87c120a7a937d7f439d27ec183 Mon Sep 17 00:00:00 2001 From: liuwei Date: Tue, 25 Aug 2020 18:53:38 +0800 Subject: [PATCH] add clusterset controller role and enable clusterset webhook --- ...ster-manager-registration-clusterrole.yaml | 7 + ...tersetbinding-validatingconfiguration.yaml | 26 +++ .../clustermanager/bindata/bindata.go | 157 ++++++++++++------ .../clustermanager_controller.go | 1 + .../clustermanager_controller_test.go | 4 +- 5 files changed, 141 insertions(+), 54 deletions(-) create mode 100644 manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml diff --git a/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml b/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml index 7b8ac7468..2a01ca51c 100644 --- a/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml +++ b/manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml @@ -47,3 +47,10 @@ rules: resources: ["signers"] resourceNames: ["kubernetes.io/kube-apiserver-client"] verbs: ["approve"] +# Allow hub to manage managedclustersets +- apiGroups: ["cluster.open-cluster-management.io"] + resources: ["managedclustersets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["cluster.open-cluster-management.io"] + resources: ["managedclustersets/status"] + verbs: ["update", "patch"] diff --git a/manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml b/manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml new file mode 100644 index 000000000..e35135516 --- /dev/null +++ b/manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml @@ -0,0 +1,26 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: managedclustersetbindingvalidators.admission.cluster.open-cluster-management.io +webhooks: +- name: managedclustersetbindingvalidators.admission.cluster.open-cluster-management.io + failurePolicy: Fail + clientConfig: + service: + # reach the webhook via the registered aggregated API + namespace: default + name: kubernetes + path: /apis/admission.cluster.open-cluster-management.io/v1/managedclustersetbindingvalidators + rules: + - operations: + - CREATE + - UPDATE + apiGroups: + - cluster.open-cluster-management.io + apiVersions: + - "*" + resources: + - managedclustersetbindings + admissionReviewVersions: ["v1beta1"] + sideEffects: None + timeoutSeconds: 3 diff --git a/pkg/operators/clustermanager/bindata/bindata.go b/pkg/operators/clustermanager/bindata/bindata.go index 2058f915d..3490b1943 100644 --- a/pkg/operators/clustermanager/bindata/bindata.go +++ b/pkg/operators/clustermanager/bindata/bindata.go @@ -12,6 +12,7 @@ // manifests/cluster-manager/cluster-manager-registration-webhook-apiservice.yaml // manifests/cluster-manager/cluster-manager-registration-webhook-clusterrole.yaml // manifests/cluster-manager/cluster-manager-registration-webhook-clusterrolebinding.yaml +// manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml // manifests/cluster-manager/cluster-manager-registration-webhook-deployment.yaml // manifests/cluster-manager/cluster-manager-registration-webhook-mutatingconfiguration.yaml // manifests/cluster-manager/cluster-manager-registration-webhook-secret.yaml @@ -772,6 +773,13 @@ rules: resources: ["signers"] resourceNames: ["kubernetes.io/kube-apiserver-client"] verbs: ["approve"] +# Allow hub to manage managedclustersets +- apiGroups: ["cluster.open-cluster-management.io"] + resources: ["managedclustersets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["cluster.open-cluster-management.io"] + resources: ["managedclustersets/status"] + verbs: ["update", "patch"] `) func manifestsClusterManagerClusterManagerRegistrationClusterroleYamlBytes() ([]byte, error) { @@ -1009,6 +1017,49 @@ func manifestsClusterManagerClusterManagerRegistrationWebhookClusterrolebindingY return a, nil } +var _manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYaml = []byte(`apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: managedclustersetbindingvalidators.admission.cluster.open-cluster-management.io +webhooks: +- name: managedclustersetbindingvalidators.admission.cluster.open-cluster-management.io + failurePolicy: Fail + clientConfig: + service: + # reach the webhook via the registered aggregated API + namespace: default + name: kubernetes + path: /apis/admission.cluster.open-cluster-management.io/v1/managedclustersetbindingvalidators + rules: + - operations: + - CREATE + - UPDATE + apiGroups: + - cluster.open-cluster-management.io + apiVersions: + - "*" + resources: + - managedclustersetbindings + admissionReviewVersions: ["v1beta1"] + sideEffects: None + timeoutSeconds: 3 +`) + +func manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYamlBytes() ([]byte, error) { + return _manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYaml, nil +} + +func manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYaml() (*asset, error) { + bytes, err := manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYamlBytes() + if err != nil { + return nil, err + } + + info := bindataFileInfo{name: "manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)} + a := &asset{bytes: bytes, info: info} + return a, nil +} + var _manifestsClusterManagerClusterManagerRegistrationWebhookDeploymentYaml = []byte(`apiVersion: apps/v1 kind: Deployment metadata: @@ -1617,32 +1668,33 @@ func AssetNames() []string { // _bindata is a table, holding each asset generator, mapped to its name. var _bindata = map[string]func() (*asset, error){ - "manifests/cluster-manager/0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml": manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersCrdYaml, - "manifests/cluster-manager/0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml": manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersetsCrdYaml, - "manifests/cluster-manager/0000_00_work.open-cluster-management.io_manifestworks.crd.yaml": manifestsClusterManager0000_00_workOpenClusterManagementIo_manifestworksCrdYaml, - "manifests/cluster-manager/0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml": manifestsClusterManager0000_01_clustersOpenClusterManagementIo_managedclustersetbindingsCrdYaml, - "manifests/cluster-manager/cluster-manager-namespace.yaml": manifestsClusterManagerClusterManagerNamespaceYaml, - "manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml": manifestsClusterManagerClusterManagerRegistrationClusterroleYaml, - "manifests/cluster-manager/cluster-manager-registration-clusterrolebinding.yaml": manifestsClusterManagerClusterManagerRegistrationClusterrolebindingYaml, - "manifests/cluster-manager/cluster-manager-registration-deployment.yaml": manifestsClusterManagerClusterManagerRegistrationDeploymentYaml, - "manifests/cluster-manager/cluster-manager-registration-serviceaccount.yaml": manifestsClusterManagerClusterManagerRegistrationServiceaccountYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-apiservice.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookApiserviceYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-clusterrole.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookClusterroleYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-clusterrolebinding.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookClusterrolebindingYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-deployment.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookDeploymentYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-mutatingconfiguration.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookMutatingconfigurationYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-secret.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookSecretYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-service.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookServiceYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-serviceaccount.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookServiceaccountYaml, - "manifests/cluster-manager/cluster-manager-registration-webhook-validatingconfiguration.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookValidatingconfigurationYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-apiservice.yaml": manifestsClusterManagerClusterManagerWorkWebhookApiserviceYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-clusterrole.yaml": manifestsClusterManagerClusterManagerWorkWebhookClusterroleYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-clusterrolebinding.yaml": manifestsClusterManagerClusterManagerWorkWebhookClusterrolebindingYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-deployment.yaml": manifestsClusterManagerClusterManagerWorkWebhookDeploymentYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-secret.yaml": manifestsClusterManagerClusterManagerWorkWebhookSecretYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-service.yaml": manifestsClusterManagerClusterManagerWorkWebhookServiceYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-serviceaccount.yaml": manifestsClusterManagerClusterManagerWorkWebhookServiceaccountYaml, - "manifests/cluster-manager/cluster-manager-work-webhook-validatingconfiguration.yaml": manifestsClusterManagerClusterManagerWorkWebhookValidatingconfigurationYaml, + "manifests/cluster-manager/0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml": manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersCrdYaml, + "manifests/cluster-manager/0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml": manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersetsCrdYaml, + "manifests/cluster-manager/0000_00_work.open-cluster-management.io_manifestworks.crd.yaml": manifestsClusterManager0000_00_workOpenClusterManagementIo_manifestworksCrdYaml, + "manifests/cluster-manager/0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml": manifestsClusterManager0000_01_clustersOpenClusterManagementIo_managedclustersetbindingsCrdYaml, + "manifests/cluster-manager/cluster-manager-namespace.yaml": manifestsClusterManagerClusterManagerNamespaceYaml, + "manifests/cluster-manager/cluster-manager-registration-clusterrole.yaml": manifestsClusterManagerClusterManagerRegistrationClusterroleYaml, + "manifests/cluster-manager/cluster-manager-registration-clusterrolebinding.yaml": manifestsClusterManagerClusterManagerRegistrationClusterrolebindingYaml, + "manifests/cluster-manager/cluster-manager-registration-deployment.yaml": manifestsClusterManagerClusterManagerRegistrationDeploymentYaml, + "manifests/cluster-manager/cluster-manager-registration-serviceaccount.yaml": manifestsClusterManagerClusterManagerRegistrationServiceaccountYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-apiservice.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookApiserviceYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-clusterrole.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookClusterroleYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-clusterrolebinding.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookClusterrolebindingYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-deployment.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookDeploymentYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-mutatingconfiguration.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookMutatingconfigurationYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-secret.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookSecretYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-service.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookServiceYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-serviceaccount.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookServiceaccountYaml, + "manifests/cluster-manager/cluster-manager-registration-webhook-validatingconfiguration.yaml": manifestsClusterManagerClusterManagerRegistrationWebhookValidatingconfigurationYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-apiservice.yaml": manifestsClusterManagerClusterManagerWorkWebhookApiserviceYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-clusterrole.yaml": manifestsClusterManagerClusterManagerWorkWebhookClusterroleYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-clusterrolebinding.yaml": manifestsClusterManagerClusterManagerWorkWebhookClusterrolebindingYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-deployment.yaml": manifestsClusterManagerClusterManagerWorkWebhookDeploymentYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-secret.yaml": manifestsClusterManagerClusterManagerWorkWebhookSecretYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-service.yaml": manifestsClusterManagerClusterManagerWorkWebhookServiceYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-serviceaccount.yaml": manifestsClusterManagerClusterManagerWorkWebhookServiceaccountYaml, + "manifests/cluster-manager/cluster-manager-work-webhook-validatingconfiguration.yaml": manifestsClusterManagerClusterManagerWorkWebhookValidatingconfigurationYaml, } // AssetDir returns the file names below a certain @@ -1688,32 +1740,33 @@ type bintree struct { var _bintree = &bintree{nil, map[string]*bintree{ "manifests": {nil, map[string]*bintree{ "cluster-manager": {nil, map[string]*bintree{ - "0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml": {manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersCrdYaml, map[string]*bintree{}}, - "0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml": {manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersetsCrdYaml, map[string]*bintree{}}, - "0000_00_work.open-cluster-management.io_manifestworks.crd.yaml": {manifestsClusterManager0000_00_workOpenClusterManagementIo_manifestworksCrdYaml, map[string]*bintree{}}, - "0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml": {manifestsClusterManager0000_01_clustersOpenClusterManagementIo_managedclustersetbindingsCrdYaml, map[string]*bintree{}}, - "cluster-manager-namespace.yaml": {manifestsClusterManagerClusterManagerNamespaceYaml, map[string]*bintree{}}, - "cluster-manager-registration-clusterrole.yaml": {manifestsClusterManagerClusterManagerRegistrationClusterroleYaml, map[string]*bintree{}}, - "cluster-manager-registration-clusterrolebinding.yaml": {manifestsClusterManagerClusterManagerRegistrationClusterrolebindingYaml, map[string]*bintree{}}, - "cluster-manager-registration-deployment.yaml": {manifestsClusterManagerClusterManagerRegistrationDeploymentYaml, map[string]*bintree{}}, - "cluster-manager-registration-serviceaccount.yaml": {manifestsClusterManagerClusterManagerRegistrationServiceaccountYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-apiservice.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookApiserviceYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-clusterrole.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookClusterroleYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-clusterrolebinding.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookClusterrolebindingYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-deployment.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookDeploymentYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-mutatingconfiguration.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookMutatingconfigurationYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-secret.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookSecretYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-service.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookServiceYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-serviceaccount.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookServiceaccountYaml, map[string]*bintree{}}, - "cluster-manager-registration-webhook-validatingconfiguration.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookValidatingconfigurationYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-apiservice.yaml": {manifestsClusterManagerClusterManagerWorkWebhookApiserviceYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-clusterrole.yaml": {manifestsClusterManagerClusterManagerWorkWebhookClusterroleYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-clusterrolebinding.yaml": {manifestsClusterManagerClusterManagerWorkWebhookClusterrolebindingYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-deployment.yaml": {manifestsClusterManagerClusterManagerWorkWebhookDeploymentYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-secret.yaml": {manifestsClusterManagerClusterManagerWorkWebhookSecretYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-service.yaml": {manifestsClusterManagerClusterManagerWorkWebhookServiceYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-serviceaccount.yaml": {manifestsClusterManagerClusterManagerWorkWebhookServiceaccountYaml, map[string]*bintree{}}, - "cluster-manager-work-webhook-validatingconfiguration.yaml": {manifestsClusterManagerClusterManagerWorkWebhookValidatingconfigurationYaml, map[string]*bintree{}}, + "0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml": {manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersCrdYaml, map[string]*bintree{}}, + "0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml": {manifestsClusterManager0000_00_clustersOpenClusterManagementIo_managedclustersetsCrdYaml, map[string]*bintree{}}, + "0000_00_work.open-cluster-management.io_manifestworks.crd.yaml": {manifestsClusterManager0000_00_workOpenClusterManagementIo_manifestworksCrdYaml, map[string]*bintree{}}, + "0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml": {manifestsClusterManager0000_01_clustersOpenClusterManagementIo_managedclustersetbindingsCrdYaml, map[string]*bintree{}}, + "cluster-manager-namespace.yaml": {manifestsClusterManagerClusterManagerNamespaceYaml, map[string]*bintree{}}, + "cluster-manager-registration-clusterrole.yaml": {manifestsClusterManagerClusterManagerRegistrationClusterroleYaml, map[string]*bintree{}}, + "cluster-manager-registration-clusterrolebinding.yaml": {manifestsClusterManagerClusterManagerRegistrationClusterrolebindingYaml, map[string]*bintree{}}, + "cluster-manager-registration-deployment.yaml": {manifestsClusterManagerClusterManagerRegistrationDeploymentYaml, map[string]*bintree{}}, + "cluster-manager-registration-serviceaccount.yaml": {manifestsClusterManagerClusterManagerRegistrationServiceaccountYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-apiservice.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookApiserviceYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-clusterrole.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookClusterroleYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-clusterrolebinding.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookClusterrolebindingYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookClustersetbindingValidatingconfigurationYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-deployment.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookDeploymentYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-mutatingconfiguration.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookMutatingconfigurationYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-secret.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookSecretYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-service.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookServiceYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-serviceaccount.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookServiceaccountYaml, map[string]*bintree{}}, + "cluster-manager-registration-webhook-validatingconfiguration.yaml": {manifestsClusterManagerClusterManagerRegistrationWebhookValidatingconfigurationYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-apiservice.yaml": {manifestsClusterManagerClusterManagerWorkWebhookApiserviceYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-clusterrole.yaml": {manifestsClusterManagerClusterManagerWorkWebhookClusterroleYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-clusterrolebinding.yaml": {manifestsClusterManagerClusterManagerWorkWebhookClusterrolebindingYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-deployment.yaml": {manifestsClusterManagerClusterManagerWorkWebhookDeploymentYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-secret.yaml": {manifestsClusterManagerClusterManagerWorkWebhookSecretYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-service.yaml": {manifestsClusterManagerClusterManagerWorkWebhookServiceYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-serviceaccount.yaml": {manifestsClusterManagerClusterManagerWorkWebhookServiceaccountYaml, map[string]*bintree{}}, + "cluster-manager-work-webhook-validatingconfiguration.yaml": {manifestsClusterManagerClusterManagerWorkWebhookValidatingconfigurationYaml, map[string]*bintree{}}, }}, }}, }} diff --git a/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller.go b/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller.go index 0094f6a72..d4a7f6acc 100644 --- a/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller.go +++ b/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller.go @@ -52,6 +52,7 @@ var ( "manifests/cluster-manager/cluster-manager-registration-webhook-serviceaccount.yaml", "manifests/cluster-manager/cluster-manager-registration-webhook-apiservice.yaml", "manifests/cluster-manager/cluster-manager-registration-webhook-secret.yaml", + "manifests/cluster-manager/cluster-manager-registration-webhook-clustersetbinding-validatingconfiguration.yaml", "manifests/cluster-manager/cluster-manager-registration-webhook-validatingconfiguration.yaml", "manifests/cluster-manager/cluster-manager-registration-webhook-mutatingconfiguration.yaml", "manifests/cluster-manager/cluster-manager-work-webhook-clusterrole.yaml", diff --git a/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller_test.go b/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller_test.go index 0b40a0d0f..5e4425d8e 100644 --- a/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller_test.go +++ b/pkg/operators/clustermanager/controllers/clustermanagercontroller/clustermanager_controller_test.go @@ -124,7 +124,7 @@ func TestSyncDeploy(t *testing.T) { } // Check if resources are created as expected - testinghelper.AssertEqualNumber(t, len(createKubeObjects), 20) + testinghelper.AssertEqualNumber(t, len(createKubeObjects), 21) for _, object := range createKubeObjects { ensureObject(t, object, clusterManager) } @@ -180,7 +180,7 @@ func TestSyncDelete(t *testing.T) { deleteKubeActions = append(deleteKubeActions, deleteKubeAction) } } - testinghelper.AssertEqualNumber(t, len(deleteKubeActions), 17) + testinghelper.AssertEqualNumber(t, len(deleteKubeActions), 18) deleteCRDActions := []clienttesting.DeleteActionImpl{} crdActions := controller.apiExtensionClient.Actions()