From c78cfe1b1a45b6f9d89dce76ee3f326f94a07ed7 Mon Sep 17 00:00:00 2001
From: Matt Moore <mattomata@gmail.com>
Date: Thu, 9 Sep 2021 11:08:41 -0700
Subject: [PATCH] Drop GO111MODULE, drop v1beta1 admission review, improve flag
 desc, hoist and comment webhook name as constant

Signed-off-by: Matt Moore <mattomata@gmail.com>
---
 .github/workflows/kind-e2e-cosigned.yaml | 1 -
 cmd/cosign/webhook/main.go               | 9 +++++++--
 config/500-webhook-configuration.yaml    | 2 +-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/kind-e2e-cosigned.yaml b/.github/workflows/kind-e2e-cosigned.yaml
index 4b8070620c5..6dfa4cd1a48 100644
--- a/.github/workflows/kind-e2e-cosigned.yaml
+++ b/.github/workflows/kind-e2e-cosigned.yaml
@@ -41,7 +41,6 @@ jobs:
 
     env:
       GOPATH: ${{ github.workspace }}
-      GO111MODULE: on
       # https://github.com/google/go-containerregistry/pull/125 allows insecure registry for
       # '*.local' hostnames.
       REGISTRY_NAME: registry.local
diff --git a/cmd/cosign/webhook/main.go b/cmd/cosign/webhook/main.go
index a66e3c4ab5a..ed2955a716c 100644
--- a/cmd/cosign/webhook/main.go
+++ b/cmd/cosign/webhook/main.go
@@ -36,7 +36,12 @@ import (
 	cwebhook "github.com/sigstore/cosign/pkg/cosign/kubernetes/webhook"
 )
 
-var secretName = flag.String("secret-name", "", "The name of the secret in the webhook's namespace.")
+var secretName = flag.String("secret-name", "", "The name of the secret in the webhook's namespace that holds the public key for verification.")
+
+// webhookName holds the name of the validating webhook to set up with the
+// types we are watching.  If this changes, you must also change:
+//    ./config/500-webhook-configuration.yaml
+const webhookName = "cosigned.sigstore.dev"
 
 func main() {
 	opts := webhook.Options{
@@ -61,7 +66,7 @@ func NewValidatingAdmissionController(ctx context.Context, cmw configmap.Watcher
 
 	return validation.NewAdmissionController(ctx,
 		// Name of the resource webhook.
-		"cosigned.sigstore.dev",
+		webhookName,
 
 		// The path on which to serve the webhook.
 		"/validations",
diff --git a/config/500-webhook-configuration.yaml b/config/500-webhook-configuration.yaml
index 340a5da4d5b..c697d9d1d5e 100644
--- a/config/500-webhook-configuration.yaml
+++ b/config/500-webhook-configuration.yaml
@@ -24,7 +24,7 @@ webhooks:
     - key: cosigned.sigstore.dev/include
       operator: In
       values: ["true"]
-  admissionReviewVersions: [v1beta1, v1]
+  admissionReviewVersions: [v1]
   clientConfig:
     service:
       name: webhook