⚠️ Remove pkg/inject

Signed-off-by: Vince Prignano <[email protected]>

Author: vincepri

.golangci.yml

@@ -80,8 +80,6 @@ issues:
   - Subprocess launch(ed with variable|ing should be audited)
   - (G204|G104|G307)
   - "ST1000: at least one file in a package should have a package comment"
-  - "SA1019: \"sigs.k8s.io/controller-runtime/pkg/runtime/inject\""
-  - "SA1019: inject.*"
   exclude-rules:
   - linters:
     - gosec

alias.go

@@ -139,7 +139,7 @@ var (
 	// The logger, when used with controllers, can be expected to contain basic information about the object
 	// that's being reconciled like:
 	// - `reconciler group` and `reconciler kind` coming from the For(...) object passed in when building a controller.
-	// - `name` and `namespace` injected from the reconciliation request.
+	// - `name` and `namespace` from the reconciliation request.
 	//
 	// This is meant to be used with the context supplied in a struct that satisfies the Reconciler interface.
 	LoggerFrom = log.FromContext

doc.go

@@ -52,7 +52,7 @@ limitations under the License.
 //
 // Every controller and webhook is ultimately run by a Manager (pkg/manager). A
 // manager is responsible for running controllers and webhooks, and setting up
-// common dependencies (pkg/runtime/inject), like shared caches and clients, as
+// common dependencies, like shared caches and clients, as
 // well as managing leader election (pkg/leaderelection).  Managers are
 // generally configured to gracefully shut down controllers on pod termination
 // by wiring up a signal handler (pkg/manager/signals).

example_test.go

@@ -37,7 +37,6 @@ import (
 // ReplicaSetReconciler.
 //
 // * Start the application.
-// TODO(pwittrock): Update this example when we have better dependency injection support.
 func Example() {
 	var log = ctrl.Log.WithName("builder-examples")
 
@@ -75,7 +74,6 @@ func Example() {
 // ReplicaSetReconciler.
 //
 // * Start the application.
-// TODO(pwittrock): Update this example when we have better dependency injection support.
 func Example_updateLeaderElectionDurations() {
 	var log = ctrl.Log.WithName("builder-examples")
 	leaseDuration := 100 * time.Second

examples/builtins/main.go

@@ -22,6 +22,7 @@ import (
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
 	"sigs.k8s.io/controller-runtime/pkg/controller"
 	"sigs.k8s.io/controller-runtime/pkg/handler"
@@ -30,7 +31,6 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 	"sigs.k8s.io/controller-runtime/pkg/manager/signals"
 	"sigs.k8s.io/controller-runtime/pkg/source"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
 )
 
 func init() {
@@ -71,13 +71,14 @@ func main() {
 		os.Exit(1)
 	}
 
-	// Setup webhooks
-	entryLog.Info("setting up webhook server")
-	hookServer := mgr.GetWebhookServer()
-
-	entryLog.Info("registering webhooks to the webhook server")
-	hookServer.Register("/mutate-v1-pod", &webhook.Admission{Handler: &podAnnotator{Client: mgr.GetClient()}})
-	hookServer.Register("/validate-v1-pod", &webhook.Admission{Handler: &podValidator{Client: mgr.GetClient()}})
+	if err := builder.WebhookManagedBy(mgr).
+		For(&corev1.Pod{}).
+		WithDefaulter(&podAnnotator{}).
+		WithValidator(&podValidator{}).
+		Complete(); err != nil {
+		entryLog.Error(err, "unable to create webhook", "webhook", "Pod")
+		os.Exit(1)
+	}
 
 	entryLog.Info("starting manager")
 	if err := mgr.Start(signals.SetupSignalHandler()); err != nil {

examples/builtins/mutatingwebhook.go

@@ -18,54 +18,31 @@ package main
 
 import (
 	"context"
-	"encoding/json"
-	"net/http"
+	"fmt"
 
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime"
 
-	"sigs.k8s.io/controller-runtime/pkg/client"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
 // +kubebuilder:webhook:path=/mutate-v1-pod,mutating=true,failurePolicy=fail,groups="",resources=pods,verbs=create;update,versions=v1,name=mpod.kb.io
 
 // podAnnotator annotates Pods
-type podAnnotator struct {
-	Client  client.Client
-	decoder *admission.Decoder
-}
+type podAnnotator struct{}
 
-// podAnnotator adds an annotation to every incoming pods.
-func (a *podAnnotator) Handle(ctx context.Context, req admission.Request) admission.Response {
-	// set up a convenient log object so we don't have to type request over and over again
+func (a *podAnnotator) Default(ctx context.Context, obj runtime.Object) error {
 	log := logf.FromContext(ctx)
-
-	pod := &corev1.Pod{}
-	err := a.decoder.Decode(req, pod)
-	if err != nil {
-		return admission.Errored(http.StatusBadRequest, err)
+	pod, ok := obj.(*corev1.Pod)
+	if !ok {
+		return fmt.Errorf("expected a Pod but got a %T", obj)
 	}
 
 	if pod.Annotations == nil {
 		pod.Annotations = map[string]string{}
 	}
 	pod.Annotations["example-mutating-admission-webhook"] = "foo"
+	log.Info("Annotated Pod")
 
-	marshaledPod, err := json.Marshal(pod)
-	if err != nil {
-		return admission.Errored(http.StatusInternalServerError, err)
-	}
-	log.Info("Annotating Pod")
-
-	return admission.PatchResponseFromRaw(req.Object.Raw, marshaledPod)
-}
-
-// podAnnotator implements admission.DecoderInjector.
-// A decoder will be automatically injected.
-
-// InjectDecoder injects the decoder.
-func (a *podAnnotator) InjectDecoder(d *admission.Decoder) error {
-	a.decoder = d
 	return nil
 }

examples/builtins/validatingwebhook.go

@@ -19,53 +19,47 @@ package main
 import (
 	"context"
 	"fmt"
-	"net/http"
 
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime"
 
-	"sigs.k8s.io/controller-runtime/pkg/client"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
 // +kubebuilder:webhook:path=/validate-v1-pod,mutating=false,failurePolicy=fail,groups="",resources=pods,verbs=create;update,versions=v1,name=vpod.kb.io
 
 // podValidator validates Pods
-type podValidator struct {
-	Client  client.Client
-	decoder *admission.Decoder
-}
+type podValidator struct{}
 
-// podValidator admits a pod if a specific annotation exists.
-func (v *podValidator) Handle(ctx context.Context, req admission.Request) admission.Response {
-	// set up a convenient log object so we don't have to type request over and over again
+// validate admits a pod if a specific annotation exists.
+func (v *podValidator) validate(ctx context.Context, obj runtime.Object) error {
 	log := logf.FromContext(ctx)
-
-	pod := &corev1.Pod{}
-	err := v.decoder.Decode(req, pod)
-	if err != nil {
-		return admission.Errored(http.StatusBadRequest, err)
+	pod, ok := obj.(*corev1.Pod)
+	if !ok {
+		return fmt.Errorf("expected a Pod but got a %T", obj)
 	}
 
 	log.Info("Validating Pod")
-
 	key := "example-mutating-admission-webhook"
 	anno, found := pod.Annotations[key]
 	if !found {
-		return admission.Denied(fmt.Sprintf("missing annotation %s", key))
+		return fmt.Errorf("missing annotation %s", key)
 	}
 	if anno != "foo" {
-		return admission.Denied(fmt.Sprintf("annotation %s did not have value %q", key, "foo"))
+		return fmt.Errorf("annotation %s did not have value %q", key, "foo")
 	}
 
-	return admission.Allowed("")
+	return nil
+}
+
+func (v *podValidator) ValidateCreate(ctx context.Context, obj runtime.Object) error {
+	return v.validate(ctx, obj)
 }
 
-// podValidator implements admission.DecoderInjector.
-// A decoder will be automatically injected.
+func (v *podValidator) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) error {
+	return v.validate(ctx, newObj)
+}
 
-// InjectDecoder injects the decoder.
-func (v *podValidator) InjectDecoder(d *admission.Decoder) error {
-	v.decoder = d
-	return nil
+func (v *podValidator) ValidateDelete(ctx context.Context, obj runtime.Object) error {
+	return v.validate(ctx, obj)
 }

pkg/builder/example_test.go

@@ -107,7 +107,9 @@ func ExampleBuilder() {
 		ControllerManagedBy(mgr).  // Create the ControllerManagedBy
 		For(&appsv1.ReplicaSet{}). // ReplicaSet is the Application API
 		Owns(&corev1.Pod{}).       // ReplicaSet owns Pods created by it
-		Complete(&ReplicaSetReconciler{})
+		Complete(&ReplicaSetReconciler{
+			Client: mgr.GetClient(),
+		})
 	if err != nil {
 		log.Error(err, "could not create controller")
 		os.Exit(1)
@@ -155,8 +157,3 @@ func (a *ReplicaSetReconciler) Reconcile(ctx context.Context, req reconcile.Requ
 
 	return reconcile.Result{}, nil
 }
-
-func (a *ReplicaSetReconciler) InjectClient(c client.Client) error {
-	a.Client = c
-	return nil
-}

pkg/builder/webhook.go

@@ -164,10 +164,10 @@ func (blder *WebhookBuilder) registerDefaultingWebhook() {
 
 func (blder *WebhookBuilder) getDefaultingWebhook() *admission.Webhook {
 	if defaulter := blder.withDefaulter; defaulter != nil {
-		return admission.WithCustomDefaulter(blder.apiType, defaulter).WithRecoverPanic(blder.recoverPanic)
+		return admission.WithCustomDefaulter(blder.mgr.GetScheme(), blder.apiType, defaulter).WithRecoverPanic(blder.recoverPanic)
 	}
 	if defaulter, ok := blder.apiType.(admission.Defaulter); ok {
-		return admission.DefaultingWebhookFor(defaulter).WithRecoverPanic(blder.recoverPanic)
+		return admission.DefaultingWebhookFor(blder.mgr.GetScheme(), defaulter).WithRecoverPanic(blder.recoverPanic)
 	}
 	log.Info(
 		"skip registering a mutating webhook, object does not implement admission.Defaulter or WithDefaulter wasn't called",
@@ -194,10 +194,10 @@ func (blder *WebhookBuilder) registerValidatingWebhook() {
 
 func (blder *WebhookBuilder) getValidatingWebhook() *admission.Webhook {
 	if validator := blder.withValidator; validator != nil {
-		return admission.WithCustomValidator(blder.apiType, validator).WithRecoverPanic(blder.recoverPanic)
+		return admission.WithCustomValidator(blder.mgr.GetScheme(), blder.apiType, validator).WithRecoverPanic(blder.recoverPanic)
 	}
 	if validator, ok := blder.apiType.(admission.Validator); ok {
-		return admission.ValidatingWebhookFor(validator).WithRecoverPanic(blder.recoverPanic)
+		return admission.ValidatingWebhookFor(blder.mgr.GetScheme(), validator).WithRecoverPanic(blder.recoverPanic)
 	}
 	log.Info(
 		"skip registering a validating webhook, object does not implement admission.Validator or WithValidator wasn't called",