Skip to content

Commit

Permalink
change pod mutation webhook logic for kubevirt v1.1.x support
Browse files Browse the repository at this point in the history
  • Loading branch information
@ibrokethecloud @bk201
ibrokethecloud authored and bk201 committed Mar 18, 2024
1 parent 1f06573 commit 721475d
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 8 deletions.
19 changes: 12 additions & 7 deletions pkg/webhook/pod.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,20 +3,22 @@ package webhook
import (
"fmt"

kubevirtctl "github.com/harvester/harvester/pkg/generated/controllers/kubevirt.io/v1"
"github.com/harvester/harvester/pkg/webhook/types"
"github.com/sirupsen/logrus"
admissionregv1 "k8s.io/api/admissionregistration/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/json"

kubevirtctl "github.com/harvester/harvester/pkg/generated/controllers/kubevirt.io/v1"
"github.com/harvester/harvester/pkg/webhook/types"

"github.com/harvester/pcidevices/pkg/generated/controllers/devices.harvesterhci.io/v1beta1"
)

const (
VMLabel = "harvesterhci.io/vmName"
VMLabel = "harvesterhci.io/vmName"
defaultComputeContainerName = "compute"
)

var matchingLabels = []labels.Set{
Expand Down Expand Up @@ -131,11 +133,14 @@ func (m *podMutator) Create(_ *types.Request, newObj runtime.Object) (types.Patc
func createCapabilityPatch(pod *corev1.Pod) (types.PatchOps, error) {
var patchOps types.PatchOps
for idx, container := range pod.Spec.Containers {
addPatch, err := resourcePatch(container.SecurityContext.Capabilities.Add, fmt.Sprintf("/spec/containers/%d/securityContext/capabilities/add", idx))
if err != nil {
return nil, err
if container.Name == defaultComputeContainerName {

addPatch, err := resourcePatch(container.SecurityContext.Capabilities.Add, fmt.Sprintf("/spec/containers/%d/securityContext/capabilities/add", idx))
if err != nil {
return nil, err
}
patchOps = append(patchOps, addPatch...)
}
patchOps = append(patchOps, addPatch...)
}

return patchOps, nil
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/mutator_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ var _ = Describe("validate mutator by sending a mock pod request needing mutatio
Spec: corev1.PodSpec{
Containers: []corev1.Container{
{
Name: "fakepod",
Name: "compute",
Image: "fakeimage",
SecurityContext: &corev1.SecurityContext{
Capabilities: &corev1.Capabilities{
Expand Down

0 comments on commit 721475d

Please sign in to comment.