Skip to content

Commit 70c2506

Browse files
openshift-merge-robotopenshift-merge-robot
authored
Merge pull request #20744 from sttts/sttts-enable-admission-webhooks
admission: enable webhooks by default
2 parents d5eef6c + 2d91150 commit 70c2506

File tree

2 files changed

+13
-9
lines changed

2 files changed

+13
-9
lines changed

pkg/cmd/server/origin/admission/chain_builder.go

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11,15 +11,17 @@ import (
1111
"k8s.io/apimachinery/pkg/util/sets"
1212
"k8s.io/apiserver/pkg/admission"
1313
"k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle"
14+
mutatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating"
15+
validatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/validating"
1416
"k8s.io/apiserver/pkg/apis/apiserver"
15-
noderestriction "k8s.io/kubernetes/plugin/pkg/admission/noderestriction"
17+
"k8s.io/kubernetes/plugin/pkg/admission/noderestriction"
1618
expandpvcadmission "k8s.io/kubernetes/plugin/pkg/admission/storage/persistentvolume/resize"
1719
storageclassdefaultadmission "k8s.io/kubernetes/plugin/pkg/admission/storage/storageclass/setdefault"
1820

1921
oadmission "github.com/openshift/origin/pkg/cmd/server/admission"
2022
configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
2123
configapilatest "github.com/openshift/origin/pkg/cmd/server/apis/config/latest"
22-
imagepolicy "github.com/openshift/origin/pkg/image/apiserver/admission/apis/imagepolicy"
24+
"github.com/openshift/origin/pkg/image/apiserver/admission/apis/imagepolicy"
2325
imageadmission "github.com/openshift/origin/pkg/image/apiserver/admission/limitrange"
2426
ingressadmission "github.com/openshift/origin/pkg/network/apiserver/admission"
2527
overrideapi "github.com/openshift/origin/pkg/quota/apiserver/admission/apis/clusterresourceoverride"
@@ -99,8 +101,8 @@ var (
99101
"DefaultTolerationSeconds",
100102
"StorageObjectInUseProtection",
101103
"Initializers",
102-
"MutatingAdmissionWebhook",
103-
"ValidatingAdmissionWebhook",
104+
mutatingwebhook.PluginName,
105+
validatingwebhook.PluginName,
104106
"PodTolerationRestriction",
105107
"AlwaysDeny",
106108
// NOTE: ResourceQuota and ClusterResourceQuota must be the last 2 plugins.
@@ -155,8 +157,8 @@ var (
155157
"DefaultTolerationSeconds",
156158
"StorageObjectInUseProtection",
157159
"Initializers",
158-
"MutatingAdmissionWebhook",
159-
"ValidatingAdmissionWebhook",
160+
mutatingwebhook.PluginName,
161+
validatingwebhook.PluginName,
160162
"PodTolerationRestriction",
161163
"AlwaysDeny",
162164
// NOTE: ResourceQuota and ClusterResourceQuota must be the last 2 plugins.

pkg/cmd/server/origin/admission/register.go

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ import (
1515
buildjenkinsbootstrapper "github.com/openshift/origin/pkg/build/apiserver/admission/jenkinsbootstrapper"
1616
buildsecretinjector "github.com/openshift/origin/pkg/build/apiserver/admission/secretinjector"
1717
buildstrategyrestrictions "github.com/openshift/origin/pkg/build/apiserver/admission/strategyrestrictions"
18-
imagepolicy "github.com/openshift/origin/pkg/image/apiserver/admission/imagepolicy"
18+
"github.com/openshift/origin/pkg/image/apiserver/admission/imagepolicy"
1919
imageadmission "github.com/openshift/origin/pkg/image/apiserver/admission/limitrange"
2020
ingressadmission "github.com/openshift/origin/pkg/network/apiserver/admission"
2121
projectnodeenv "github.com/openshift/origin/pkg/project/apiserver/admission/nodeenv"
@@ -25,6 +25,8 @@ import (
2525
quotarunonceduration "github.com/openshift/origin/pkg/quota/apiserver/admission/runonceduration"
2626
schedulerpodnodeconstraints "github.com/openshift/origin/pkg/scheduler/admission/podnodeconstraints"
2727
securityadmission "github.com/openshift/origin/pkg/security/apiserver/admission/sccadmission"
28+
mutatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating"
29+
validatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/validating"
2830

2931
"k8s.io/kubernetes/plugin/pkg/admission/noderestriction"
3032
expandpvcadmission "k8s.io/kubernetes/plugin/pkg/admission/storage/persistentvolume/resize"
@@ -99,6 +101,8 @@ var (
99101
"ResourceQuota",
100102
"openshift.io/ClusterResourceQuota",
101103
"openshift.io/IngressAdmission",
104+
mutatingwebhook.PluginName,
105+
validatingwebhook.PluginName,
102106
)
103107

104108
// DefaultOffPlugins includes plugins which require explicit configuration to run
@@ -118,8 +122,6 @@ var (
118122
"EventRateLimit",
119123
"PodSecurityPolicy",
120124
"Initializers",
121-
"ValidatingAdmissionWebhook",
122-
"MutatingAdmissionWebhook",
123125
"ExtendedResourceToleration",
124126
expandpvcadmission.PluginName,
125127

0 commit comments

Comments
 (0)