From 26798e37bbc8054003bd21e6cf4cfe9861de0729 Mon Sep 17 00:00:00 2001 From: Mustafa Abdelrahman Date: Wed, 26 Jul 2023 10:37:06 +0200 Subject: [PATCH] Fix build and run flags Signed-off-by: Mustafa Abdelrahman --- Makefile | 6 +----- config/config.go | 23 ++++++++++++----------- packaging/Makefile | 5 +---- skipper.go | 21 +++++++++++---------- 4 files changed, 25 insertions(+), 30 deletions(-) diff --git a/Makefile b/Makefile index e99a2fbd27..c5db5f1789 100644 --- a/Makefile +++ b/Makefile @@ -30,10 +30,6 @@ skipper: $(SOURCES) ## build skipper binary eskip: $(SOURCES) ## build eskip binary go build -ldflags "-X main.version=$(VERSION) -X main.commit=$(COMMIT_HASH)" -o bin/eskip ./cmd/eskip -.PHONY: webhook -webhook: $(SOURCES) ## build webhook binary - go build -ldflags "-X main.version=$(VERSION) -X main.commit=$(COMMIT_HASH)" -o bin/webhook ./cmd/webhook - .PHONY: routesrv routesrv: $(SOURCES) ## build routesrv binary go build -ldflags "-X main.version=$(VERSION) -X main.commit=$(COMMIT_HASH)" -o bin/routesrv ./cmd/routesrv @@ -45,7 +41,7 @@ ifeq (LIMIT_FDS, 256) endif .PHONY: build -build: $(SOURCES) lib skipper eskip webhook routesrv ## build library and all binaries +build: $(SOURCES) lib skipper eskip routesrv ## build library and all binaries build.linux.static: ## build static linux binary for amd64 GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o bin/skipper -ldflags "-extldflags=-static -X main.version=$(VERSION) -X main.commit=$(COMMIT_HASH)" ./cmd/skipper diff --git a/config/config.go b/config/config.go index 9dcabc32a7..03306cad3b 100644 --- a/config/config.go +++ b/config/config.go @@ -276,10 +276,10 @@ type Config struct { LuaSources *listFlag `yaml:"lua-sources"` // admission webhook - EnableAdmissionWebhook bool `yaml:"enable-admission-webhook"` - AdmissionWebhookTLSCertFile string `yaml:"admission-webhook-tls-cert-file"` - AdmissionWebhookTLSKeyFile string `yaml:"admission-webhook-tls-key-file"` - AdmissionWebhookAddr string `yaml:"admission-webhook-address"` + EnableValidationWebhook bool `yaml:"enable-validation-webhook"` + ValidationWebhookTLSCertFile string `yaml:"validation-webhook-tls-cert-file"` + ValidationWebhookTLSKeyFile string `yaml:"validation-webhook-tls-key-file"` + ValidationWebhookAddr string `yaml:"validation-webhook-address"` } const ( @@ -556,9 +556,10 @@ func NewConfig() *Config { flag.Var(cfg.LuaModules, "lua-modules", "comma separated list of lua filter modules. Use . to selectively enable module symbols, for example: package,base._G,base.print,json") flag.Var(cfg.LuaSources, "lua-sources", `comma separated list of lua input types for the lua() filter. Valid sources "", "file", "inline", "file,inline" and "none". Use "file" to only allow lua file references in lua filter. Default "" is the same as "file","inline". Use "none" to disable lua filters.`) - flag.StringVar(&cfg.AdmissionWebhookTLSCertFile, "tls-cert-file", os.Getenv("CERT_FILE"), "File containing the certificate for HTTPS") - flag.StringVar(&cfg.AdmissionWebhookTLSKeyFile, "tls-key-file", os.Getenv("KEY_FILE"), "File containing the private key for HTTPS") - flag.StringVar(&cfg.AdmissionWebhookAddr, "address", webhook.DefaultHTTPSAddress, "The address to listen on") + flag.BoolVar(&cfg.EnableValidationWebhook, "enable-validation-webhook", false, "enables the validation admission webhook for RouteGroup CRD, *IMPORTANT* This mode runs only the validation webhook server and does not start the proxy") + flag.StringVar(&cfg.ValidationWebhookTLSCertFile, "validation-webhook-tls-cert-file", os.Getenv("CERT_FILE"), "File containing the certificate for HTTPS") + flag.StringVar(&cfg.ValidationWebhookTLSKeyFile, "validation-webhook-tls-key-file", os.Getenv("KEY_FILE"), "File containing the private key for HTTPS") + flag.StringVar(&cfg.ValidationWebhookAddr, "validation-webhook-address", webhook.DefaultHTTPSAddress, "The address to listen on") cfg.flags = flag return cfg @@ -892,10 +893,10 @@ func (c *Config) ToOptions() skipper.Options { LuaSources: c.LuaSources.values, // Admission Webhook: - EnableAdmissionWebhook: c.EnableAdmissionWebhook, - AdmissionWebhookTLSCertFile: c.AdmissionWebhookTLSCertFile, - AdmissionWebhookTLSKeyFile: c.AdmissionWebhookTLSKeyFile, - AdmissionWebhookAddr: c.AdmissionWebhookAddr, + EnableValidationWebhook: c.EnableValidationWebhook, + ValidationWebhookTLSCertFile: c.ValidationWebhookTLSCertFile, + ValidationWebhookTLSKeyFile: c.ValidationWebhookTLSKeyFile, + ValidationWebhookAddr: c.ValidationWebhookAddr, } for _, rcci := range c.CloneRoute { eskipClone := eskip.NewClone(rcci.Reg, rcci.Repl) diff --git a/packaging/Makefile b/packaging/Makefile index 13b8200f07..9b5b637a0f 100644 --- a/packaging/Makefile +++ b/packaging/Makefile @@ -2,7 +2,7 @@ VERSION ?= $(shell git rev-parse HEAD) REGISTRY ?= registry-write.opensource.zalan.do/teapot -BINARIES ?= skipper webhook eskip routesrv +BINARIES ?= skipper eskip routesrv IMAGE ?= $(REGISTRY)/skipper:$(VERSION) ARM64_IMAGE ?= $(REGISTRY)/skipper-arm64:$(VERSION) ARM_IMAGE ?= $(REGISTRY)/skipper-armv7:$(VERSION) @@ -27,9 +27,6 @@ skipper: eskip: GO111MODULE=$(GO111) GOOS=$(GOOS) GOARCH=$(GOARCH) $(GOARM) CGO_ENABLED=$(CGO_ENABLED) go build -o eskip ../cmd/eskip/*.go -webhook: - GO111MODULE=$(GO111) GOOS=$(GOOS) GOARCH=$(GOARCH) $(GOARM) CGO_ENABLED=$(CGO_ENABLED) go build -o webhook ../cmd/webhook/*.go - routesrv: GO111MODULE=$(GO111) GOOS=$(GOOS) GOARCH=$(GOARCH) $(GOARM) CGO_ENABLED=$(CGO_ENABLED) go build -o routesrv ../cmd/routesrv/*.go diff --git a/skipper.go b/skipper.go index ce4e3cda4d..0c6abe79bc 100644 --- a/skipper.go +++ b/skipper.go @@ -894,17 +894,18 @@ type Options struct { // filters. LuaSources []string - // EnableAdmissionWebhook runs skipper in admission webhook mode - EnableAdmissionWebhook bool + // EnableValidationWebhook runs skipper in admission webhook mode + // *IMPORTANT* This mode runs only the validation webhook server and does not start the proxy + EnableValidationWebhook bool - // AdmissionWebhookCertFile is the path to the certificate file for the admission webhook server - AdmissionWebhookTLSCertFile string + // ValidationWebhookTLSCertFile is the path to the certificate file for the admission webhook server + ValidationWebhookTLSCertFile string - // AdmissionWebhookKeyFile is the path to the private key file for the admission webhook server - AdmissionWebhookTLSKeyFile string + // ValidationWebhookTLSKeyFile is the path to the private key file for the admission webhook server + ValidationWebhookTLSKeyFile string - // AdmissionWebhookAddr is the address to listen on for the admission webhook server - AdmissionWebhookAddr string + // ValidationWebhookAddr is the address to listen on for the admission webhook server + ValidationWebhookAddr string } func (o *Options) KubernetesDataClientOptions() kubernetes.Options { @@ -1896,8 +1897,8 @@ func run(o Options, sig chan os.Signal, idleConnsCH chan struct{}) error { routing := routing.New(ro) defer routing.Close() - if o.EnableAdmissionWebhook { - webhook.Run(o.AdmissionWebhookAddr, o.AdmissionWebhookTLSCertFile, o.AdmissionWebhookTLSKeyFile) + if o.EnableValidationWebhook { + webhook.Run(o.ValidationWebhookAddr, o.ValidationWebhookTLSCertFile, o.ValidationWebhookTLSKeyFile) } proxyFlags := proxy.Flags(o.ProxyOptions) | o.ProxyFlags