kubernetes-sigs
diff --git a/‎api/v1beta1/azuremachine_default.go‎
Lines changed: 8 additions & 5 deletions b/‎api/v1beta1/azuremachine_default.go‎
Lines changed: 8 additions & 5 deletions
diff --git a/‎api/v1beta1/azuremachine_default_test.go‎
Lines changed: 7 additions & 0 deletions b/‎api/v1beta1/azuremachine_default_test.go‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎api/v1beta1/azuremachine_webhook.go‎
Lines changed: 38 additions & 6 deletions b/‎api/v1beta1/azuremachine_webhook.go‎
Lines changed: 38 additions & 6 deletions
diff --git a/‎api/v1beta1/azuremachine_webhook_test.go‎
Lines changed: 25 additions & 8 deletions b/‎api/v1beta1/azuremachine_webhook_test.go‎
Lines changed: 25 additions & 8 deletions
diff --git a/‎api/v1beta1/azuremanagedcontrolplane_webhook.go‎
Lines changed: 35 additions & 10 deletions b/‎api/v1beta1/azuremanagedcontrolplane_webhook.go‎
Lines changed: 35 additions & 10 deletions
diff --git a/‎api/v1beta1/azuremanagedcontrolplane_webhook_test.go‎
Lines changed: 15 additions & 7 deletions b/‎api/v1beta1/azuremanagedcontrolplane_webhook_test.go‎
Lines changed: 15 additions & 7 deletions
@@ -25,10 +25,10 @@ import (
 	"github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2021-11-01/compute"
 	"github.com/pkg/errors"
 	"golang.org/x/crypto/ssh"
+	kerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apimachinery/pkg/util/uuid"
 	utilSSH "sigs.k8s.io/cluster-api-provider-azure/util/ssh"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
-	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -200,20 +200,21 @@ func GetSubscriptionID(cli client.Client, clusterName string, namespace string,
 }
 
 // SetDefaults sets to the defaults for the AzureMachineSpec.
-func (m *AzureMachine) SetDefaults(client client.Client) {
+func (m *AzureMachine) SetDefaults(client client.Client) error {
+	var errs []error
 	if err := m.Spec.SetDefaultSSHPublicKey(); err != nil {
-		ctrl.Log.WithName("SetDefault").Error(err, "failed to set default SSH public key")
+		errs = append(errs, errors.Wrap(err, "failed to set default SSH public key"))
 	}
 
 	// Fetch the Cluster.
 	clusterName, ok := m.Labels[clusterv1.ClusterLabelName]
 	if !ok {
-		ctrl.Log.WithName("SetDefault").Error(errors.Errorf("failed to fetch owner ClusterName for AzureMachine %s/%s", m.Namespace, m.Name), "failed to fetch ClusterName")
+		errs = append(errs, errors.Errorf("failed to fetch ClusterName for AzureMachine %s/%s", m.Namespace, m.Name))
 	}
 
 	subscriptionID, err := GetSubscriptionID(client, clusterName, m.Namespace, 5)
 	if err != nil {
-		ctrl.Log.WithName("SetDefault").Error(err, "failed to fetch subscription ID for AzureMachine %s/%s", m.Namespace, m.Name)
+		errs = append(errs, errors.Wrapf(err, "failed to fetch subscription ID for AzureMachine %s/%s", m.Namespace, m.Name))
 	}
 
 	m.Spec.SetDefaultCachingType()
@@ -222,4 +223,6 @@ func (m *AzureMachine) SetDefaults(client client.Client) {
 	m.Spec.SetSpotEvictionPolicyDefaults()
 	m.Spec.SetDiagnosticsDefaults()
 	m.Spec.SetNetworkInterfacesDefaults()
+
+	return kerrors.NewAggregate(errs)
 }
@@ -26,7 +26,9 @@ import (
 	"github.com/google/uuid"
 	. "github.com/onsi/gomega"
 	"github.com/pkg/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/pointer"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -472,6 +474,11 @@ func createMachineWithUserAssignedIdentities(identitiesList []UserAssignedIdenti
 
 func hardcodedAzureMachineWithSSHKey(sshPublicKey string) *AzureMachine {
 	return &AzureMachine{
+		ObjectMeta: metav1.ObjectMeta{
+			Labels: map[string]string{
+				clusterv1.ClusterLabelName: "test-cluster",
+			},
+		},
 		Spec: AzureMachineSpec{
 			SSHPublicKey: sshPublicKey,
 			OSDisk:       generateValidOSDisk(),
 
@@ -17,20 +17,41 @@ limitations under the License.
 package v1beta1
 
 import (
+	"context"
 	"reflect"
 
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	webhookutils "sigs.k8s.io/cluster-api-provider-azure/util/webhook"
+	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
+// SetupAzureMachineWebhookWithManager sets up and registers the webhook with the manager.
+func SetupAzureMachineWebhookWithManager(mgr ctrl.Manager) error {
+	mw := &azureMachineWebhook{Client: mgr.GetClient()}
+	return ctrl.NewWebhookManagedBy(mgr).
+		For(&AzureMachine{}).
+		WithDefaulter(mw).
+		WithValidator(mw).
+		Complete()
+}
+
 // +kubebuilder:webhook:verbs=create;update,path=/validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremachine,mutating=false,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.cluster.x-k8s.io,resources=azuremachines,versions=v1beta1,name=validation.azuremachine.infrastructure.cluster.x-k8s.io,sideEffects=None,admissionReviewVersions=v1;v1beta1
 // +kubebuilder:webhook:verbs=create;update,path=/mutate-infrastructure-cluster-x-k8s-io-v1beta1-azuremachine,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.cluster.x-k8s.io,resources=azuremachines,versions=v1beta1,name=default.azuremachine.infrastructure.cluster.x-k8s.io,sideEffects=None,admissionReviewVersions=v1;v1beta1
 
+// azureMachineWebhook implements a validating and defaulting webhook for AzureMachines.
+type azureMachineWebhook struct {
+	Client client.Client
+}
+
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type.
-func (m *AzureMachine) ValidateCreate(client client.Client) error {
+func (mw *azureMachineWebhook) ValidateCreate(ctx context.Context, obj runtime.Object) error {
+	m, ok := obj.(*AzureMachine)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureMachine resource")
+	}
 	spec := m.Spec
 
 	allErrs := ValidateAzureMachineSpec(spec)
@@ -52,9 +73,16 @@ func (m *AzureMachine) ValidateCreate(client client.Client) error {
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type.
-func (m *AzureMachine) ValidateUpdate(oldRaw runtime.Object, client client.Client) error {
+func (mw *azureMachineWebhook) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) error {
 	var allErrs field.ErrorList
-	old := oldRaw.(*AzureMachine)
+	old, ok := oldObj.(*AzureMachine)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureMachine resource")
+	}
+	m, ok := newObj.(*AzureMachine)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureMachine resource")
+	}
 
 	if err := webhookutils.ValidateImmutable(
 		field.NewPath("Spec", "Image"),
@@ -181,11 +209,15 @@ func (m *AzureMachine) ValidateUpdate(oldRaw runtime.Object, client client.Clien
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type.
-func (m *AzureMachine) ValidateDelete(client client.Client) error {
+func (mw *azureMachineWebhook) ValidateDelete(ctx context.Context, obj runtime.Object) error {
 	return nil
 }
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type.
-func (m *AzureMachine) Default(client client.Client) {
-	m.SetDefaults(client)
+func (mw *azureMachineWebhook) Default(ctx context.Context, obj runtime.Object) error {
+	m, ok := obj.(*AzureMachine)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureMachine resource")
+	}
+	return m.SetDefaults(mw.Client)
 }
@@ -23,7 +23,9 @@ import (
 	"github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-12-01/compute"
 	. "github.com/onsi/gomega"
 	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/pointer"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -148,7 +150,8 @@ func TestAzureMachine_ValidateCreate(t *testing.T) {
 	}
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			err := tc.machine.ValidateCreate(nil)
+			mw := &azureMachineWebhook{}
+			err := mw.ValidateCreate(context.Background(), tc.machine)
 			if tc.wantErr {
 				g.Expect(err).To(HaveOccurred())
 			} else {
@@ -696,7 +699,8 @@ func TestAzureMachine_ValidateUpdate(t *testing.T) {
 	}
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			err := tc.newMachine.ValidateUpdate(tc.oldMachine, nil)
+			mw := &azureMachineWebhook{}
+			err := mw.ValidateUpdate(context.Background(), tc.oldMachine, tc.newMachine)
 			if tc.wantErr {
 				g.Expect(err).To(HaveOccurred())
 			} else {
@@ -728,20 +732,33 @@ func TestAzureMachine_Default(t *testing.T) {
 	existingPublicKey := validSSHPublicKey
 	publicKeyExistTest := test{machine: createMachineWithSSHPublicKey(existingPublicKey)}
 	publicKeyNotExistTest := test{machine: createMachineWithSSHPublicKey("")}
+	testObjectMeta := metav1.ObjectMeta{
+		Labels: map[string]string{
+			clusterv1.ClusterLabelName: "test-cluster",
+		},
+	}
+
+	mw := &azureMachineWebhook{
+		Client: mockClient,
+	}
 
-	publicKeyExistTest.machine.Default(mockClient)
+	err := mw.Default(context.Background(), publicKeyExistTest.machine)
+	g.Expect(err).NotTo(HaveOccurred())
 	g.Expect(publicKeyExistTest.machine.Spec.SSHPublicKey).To(Equal(existingPublicKey))
 
-	publicKeyNotExistTest.machine.Default(mockClient)
+	err = mw.Default(context.Background(), publicKeyNotExistTest.machine)
+	g.Expect(err).NotTo(HaveOccurred())
 	g.Expect(publicKeyNotExistTest.machine.Spec.SSHPublicKey).To(Not(BeEmpty()))
 
-	cacheTypeNotSpecifiedTest := test{machine: &AzureMachine{Spec: AzureMachineSpec{OSDisk: OSDisk{CachingType: ""}}}}
-	cacheTypeNotSpecifiedTest.machine.Default(mockClient)
+	cacheTypeNotSpecifiedTest := test{machine: &AzureMachine{ObjectMeta: testObjectMeta, Spec: AzureMachineSpec{OSDisk: OSDisk{CachingType: ""}}}}
+	err = mw.Default(context.Background(), cacheTypeNotSpecifiedTest.machine)
+	g.Expect(err).NotTo(HaveOccurred())
 	g.Expect(cacheTypeNotSpecifiedTest.machine.Spec.OSDisk.CachingType).To(Equal("None"))
 
 	for _, possibleCachingType := range compute.PossibleCachingTypesValues() {
-		cacheTypeSpecifiedTest := test{machine: &AzureMachine{Spec: AzureMachineSpec{OSDisk: OSDisk{CachingType: string(possibleCachingType)}}}}
-		cacheTypeSpecifiedTest.machine.Default(mockClient)
+		cacheTypeSpecifiedTest := test{machine: &AzureMachine{ObjectMeta: testObjectMeta, Spec: AzureMachineSpec{OSDisk: OSDisk{CachingType: string(possibleCachingType)}}}}
+		err = mw.Default(context.Background(), cacheTypeSpecifiedTest.machine)
+		g.Expect(err).NotTo(HaveOccurred())
 		g.Expect(cacheTypeSpecifiedTest.machine.Spec.OSDisk.CachingType).To(Equal(string(possibleCachingType)))
 	}
 }
 
@@ -49,17 +49,29 @@ var (
 	rScanInterval                    = regexp.MustCompile(`^(\d+)s$`)
 )
 
-// SetupWebhookWithManager sets up and registers the webhook with the manager.
-func (m *AzureManagedControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error {
+// SetupAzureManagedControlPlaneWebhookWithManager sets up and registers the webhook with the manager.
+func SetupAzureManagedControlPlaneWebhookWithManager(mgr ctrl.Manager) error {
+	mw := &azureManagedControlPlaneWebhook{Client: mgr.GetClient()}
 	return ctrl.NewWebhookManagedBy(mgr).
-		For(m).
+		For(&AzureManagedControlPlane{}).
+		WithDefaulter(mw).
+		WithValidator(mw).
 		Complete()
 }
 
 // +kubebuilder:webhook:path=/mutate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcontrolplane,mutating=true,failurePolicy=fail,groups=infrastructure.cluster.x-k8s.io,resources=azuremanagedcontrolplanes,verbs=create;update,versions=v1beta1,name=default.azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io,sideEffects=None,admissionReviewVersions=v1;v1beta1
 
+// azureManagedControlPlaneWebhook implements a validating and defaulting webhook for AzureManagedControlPlane.
+type azureManagedControlPlaneWebhook struct {
+	Client client.Client
+}
+
 // Default implements webhook.Defaulter so a webhook will be registered for the type.
-func (m *AzureManagedControlPlane) Default(_ client.Client) {
+func (mw *azureManagedControlPlaneWebhook) Default(ctx context.Context, obj runtime.Object) error {
+	m, ok := obj.(*AzureManagedControlPlane)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureManagedControlPlane")
+	}
 	if m.Spec.NetworkPlugin == nil {
 		networkPlugin := "azure"
 		m.Spec.NetworkPlugin = &networkPlugin
@@ -83,12 +95,18 @@ func (m *AzureManagedControlPlane) Default(_ client.Client) {
 	m.setDefaultSubnet()
 	m.setDefaultSku()
 	m.setDefaultAutoScalerProfile()
+
+	return nil
 }
 
 // +kubebuilder:webhook:verbs=create;update,path=/validate-infrastructure-cluster-x-k8s-io-v1beta1-azuremanagedcontrolplane,mutating=false,failurePolicy=fail,groups=infrastructure.cluster.x-k8s.io,resources=azuremanagedcontrolplanes,versions=v1beta1,name=validation.azuremanagedcontrolplanes.infrastructure.cluster.x-k8s.io,sideEffects=None,admissionReviewVersions=v1;v1beta1
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type.
-func (m *AzureManagedControlPlane) ValidateCreate(client client.Client) error {
+func (mw *azureManagedControlPlaneWebhook) ValidateCreate(ctx context.Context, obj runtime.Object) error {
+	m, ok := obj.(*AzureManagedControlPlane)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureManagedControlPlane")
+	}
 	// NOTE: AzureManagedControlPlane relies upon MachinePools, which is behind a feature gate flag.
 	// The webhook must prevent creating new objects in case the feature flag is disabled.
 	if !feature.Gates.Enabled(capifeature.MachinePool) {
@@ -111,13 +129,20 @@ func (m *AzureManagedControlPlane) ValidateCreate(client client.Client) error {
 		)
 	}
 
-	return m.Validate(client)
+	return m.Validate(mw.Client)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type.
-func (m *AzureManagedControlPlane) ValidateUpdate(oldRaw runtime.Object, client client.Client) error {
+func (mw *azureManagedControlPlaneWebhook) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) error {
 	var allErrs field.ErrorList
-	old := oldRaw.(*AzureManagedControlPlane)
+	old, ok := oldObj.(*AzureManagedControlPlane)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureManagedControlPlane")
+	}
+	m, ok := newObj.(*AzureManagedControlPlane)
+	if !ok {
+		return apierrors.NewBadRequest("expected an AzureManagedControlPlane")
+	}
 
 	if err := webhookutils.ValidateImmutable(
 		field.NewPath("Spec", "SubscriptionID"),
@@ -244,14 +269,14 @@ func (m *AzureManagedControlPlane) ValidateUpdate(oldRaw runtime.Object, client
 	}
 
 	if len(allErrs) == 0 {
-		return m.Validate(client)
+		return m.Validate(mw.Client)
 	}
 
 	return apierrors.NewInvalid(GroupVersion.WithKind("AzureManagedControlPlane").GroupKind(), m.Name, allErrs)
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type.
-func (m *AzureManagedControlPlane) ValidateDelete(_ client.Client) error {
+func (mw *azureManagedControlPlaneWebhook) ValidateDelete(ctx context.Context, obj runtime.Object) error {
 	return nil
 }
 
 
@@ -17,6 +17,7 @@ limitations under the License.
 package v1beta1
 
 import (
+	"context"
 	"testing"
 
 	. "github.com/onsi/gomega"
@@ -42,7 +43,9 @@ func TestDefaultingWebhook(t *testing.T) {
 			Version:           "1.17.5",
 		},
 	}
-	amcp.Default(nil)
+	mcpw := &azureManagedControlPlaneWebhook{}
+	err := mcpw.Default(context.Background(), amcp)
+	g.Expect(err).NotTo(HaveOccurred())
 	g.Expect(*amcp.Spec.NetworkPlugin).To(Equal("azure"))
 	g.Expect(*amcp.Spec.LoadBalancerSKU).To(Equal("Standard"))
 	g.Expect(amcp.Spec.Version).To(Equal("v1.17.5"))
@@ -66,7 +69,8 @@ func TestDefaultingWebhook(t *testing.T) {
 	amcp.Spec.VirtualNetwork.Subnet.Name = "fooSubnetName"
 	amcp.Spec.SKU.Tier = PaidManagedControlPlaneTier
 
-	amcp.Default(nil)
+	err = mcpw.Default(context.Background(), amcp)
+	g.Expect(err).NotTo(HaveOccurred())
 	g.Expect(*amcp.Spec.NetworkPlugin).To(Equal(netPlug))
 	g.Expect(*amcp.Spec.LoadBalancerSKU).To(Equal(lbSKU))
 	g.Expect(*amcp.Spec.NetworkPolicy).To(Equal(netPol))
@@ -549,10 +553,11 @@ func TestValidatingWebhook(t *testing.T) {
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
+			mcpw := &azureManagedControlPlaneWebhook{}
 			if tt.expectErr {
-				g.Expect(tt.amcp.ValidateCreate(nil)).NotTo(Succeed())
+				g.Expect(mcpw.ValidateCreate(context.Background(), &tt.amcp)).NotTo(Succeed())
 			} else {
-				g.Expect(tt.amcp.ValidateCreate(nil)).To(Succeed())
+				g.Expect(mcpw.ValidateCreate(context.Background(), &tt.amcp)).To(Succeed())
 			}
 		})
 	}
@@ -672,7 +677,8 @@ func TestAzureManagedControlPlane_ValidateCreate(t *testing.T) {
 	}
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			err := tc.amcp.ValidateCreate(nil)
+			mcpw := &azureManagedControlPlaneWebhook{}
+			err := mcpw.ValidateCreate(context.Background(), tc.amcp)
 			if tc.wantErr {
 				g.Expect(err).To(HaveOccurred())
 				if tc.errorLen > 0 {
@@ -707,7 +713,8 @@ func TestAzureManagedControlPlane_ValidateCreateFailure(t *testing.T) {
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
 			defer tc.deferFunc()
-			err := tc.amcp.ValidateCreate(nil)
+			mcpw := &azureManagedControlPlaneWebhook{}
+			err := mcpw.ValidateCreate(context.Background(), tc.amcp)
 			g.Expect(err).To(HaveOccurred())
 		})
 	}
@@ -1322,7 +1329,8 @@ func TestAzureManagedControlPlane_ValidateUpdate(t *testing.T) {
 	}
 	for _, tc := range tests {
 		t.Run(tc.name, func(t *testing.T) {
-			err := tc.amcp.ValidateUpdate(tc.oldAMCP, nil)
+			mcpw := &azureManagedControlPlaneWebhook{}
+			err := mcpw.ValidateUpdate(context.Background(), tc.oldAMCP, tc.amcp)
 			if tc.wantErr {
 				g.Expect(err).To(HaveOccurred())
 			} else {