feat: add new webhooks and removes unnecessary ones

traefik · Sep 17, 2024 · d7c3622 · d7c3622
1 parent 1ecf803
commit d7c3622
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 80 deletions.
diff --git a/traefik/templates/hub-admission-controller.yaml b/traefik/templates/hub-admission-controller.yaml
@@ -14,37 +14,6 @@ data:
   tls.crt: {{ $cert.Cert }}
   tls.key: {{ $cert.Key  }}
 
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  name: hub-edge-ingress
-  labels:
-  {{- include "traefik.labels" . | nindent 4 }}
-webhooks:
-  - name: admission.traefik.svc
-    clientConfig:
-      service:
-        name: admission
-        namespace: {{ template "traefik.namespace" . }}
-        path: /edge-ingress
-      caBundle: {{ $cert.Cert }}
-    sideEffects: None
-    admissionReviewVersions:
-      - v1
-    rules:
-      - operations:
-          - CREATE
-          - UPDATE
-          - DELETE
-        apiGroups:
-          - hub.traefik.io
-        apiVersions:
-          - v1alpha1
-        resources:
-          - edgeingresses
-        scope: Namespaced
-
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
@@ -104,27 +73,6 @@ webhooks:
           - v1alpha1
         resources:
           - apiportals
-  - name: hub-agent.traefik.gateway
-    clientConfig:
-      service:
-        name: admission
-        namespace: {{ template "traefik.namespace" . }}
-        path: /api-gateway
-      caBundle: {{ $cert.Cert }}
-    sideEffects: None
-    admissionReviewVersions:
-      - v1
-    rules:
-      - operations:
-          - CREATE
-          - UPDATE
-          - DELETE
-        apiGroups:
-          - hub.traefik.io
-        apiVersions:
-          - v1alpha1
-        resources:
-          - apigateways
   - name: hub-agent.traefik.api
     clientConfig:
       service:
@@ -146,12 +94,12 @@ webhooks:
           - v1alpha1
         resources:
           - apis
-  - name: hub-agent.traefik.collection
+  - name: hub-agent.traefik.access
     clientConfig:
       service:
         name: admission
         namespace: {{ template "traefik.namespace" . }}
-        path: /api-collection
+        path: /api-access
       caBundle: {{ $cert.Cert }}
     sideEffects: None
     admissionReviewVersions:
@@ -166,13 +114,13 @@ webhooks:
         apiVersions:
           - v1alpha1
         resources:
-          - apicollections
-  - name: hub-agent.traefik.access
+          - apiaccesses
+  - name: hub-agent.traefik.plan
     clientConfig:
       service:
         name: admission
         namespace: {{ template "traefik.namespace" . }}
-        path: /api-access
+        path: /api-plan
       caBundle: {{ $cert.Cert }}
     sideEffects: None
     admissionReviewVersions:
@@ -187,13 +135,13 @@ webhooks:
         apiVersions:
           - v1alpha1
         resources:
-          - apiaccesses
-  - name: hub-agent.traefik.rate-limit
+          - apiplans
+  - name: hub-agent.traefik.bundle
     clientConfig:
       service:
         name: admission
         namespace: {{ template "traefik.namespace" . }}
-        path: /api-rate-limit
+        path: /api-bundle
       caBundle: {{ $cert.Cert }}
     sideEffects: None
     admissionReviewVersions:
@@ -208,7 +156,7 @@ webhooks:
         apiVersions:
           - v1alpha1
         resources:
-          - apiratelimits
+          - apibundles
   - name: hub-agent.traefik.version
     clientConfig:
       service:

diff --git a/traefik/tests/hub-admission-controler_test.yaml b/traefik/tests/hub-admission-controler_test.yaml
@@ -17,7 +17,7 @@ tests:
   - it: should not deploy anything when hub is not enabled
     asserts:
       - hasDocuments:
-          count: 5
+          count: 4
   - it: should not deploy anything when api management is disabled
     set:
       hub:
@@ -34,32 +34,24 @@ tests:
       - equal:
           path: metadata.name
           value: hub-agent-cert
-  - it: should render hub-edge-ingress webhook
-    documentIndex: 1
-    asserts:
-      - isKind:
-          of: MutatingWebhookConfiguration
-      - equal:
-          path: metadata.name
-          value: hub-edge-ingress
   - it: should render hub-acp webhook
-    documentIndex: 2
+    documentIndex: 1
     asserts:
       - isKind:
           of: MutatingWebhookConfiguration
       - equal:
           path: metadata.name
           value: hub-acp
   - it: should render hub-api webhook
-    documentIndex: 3
+    documentIndex: 2
     asserts:
       - isKind:
           of: MutatingWebhookConfiguration
       - equal:
           path: metadata.name
           value: hub-api
   - it: should render admission service
-    documentIndex: 4
+    documentIndex: 3
     asserts:
       - isKind:
           of: Service
@@ -84,14 +76,8 @@ tests:
       - matchRegex:
           path: webhooks[0].clientConfig.caBundle
           pattern: .*==
-  - it: should issue a webhook with a certificate
-    documentIndex: 3
-    asserts:
-      - matchRegex:
-          path: webhooks[0].clientConfig.caBundle
-          pattern: .*==
   - it: should issue a service with good selectors
-    documentIndex: 4
+    documentIndex: 3
     asserts:
       - equal:
           path: spec.selector