feat: Reserve time to return preflight results before webhook timeout

Author: dlipovetsky

charts/cluster-api-runtime-extensions-nutanix/templates/webhooks.yaml

@@ -94,4 +94,4 @@ webhooks:
         resources:
           - clusters
     sideEffects: None
-    timeoutSeconds: 30
+    timeoutSeconds: 30 # Keep in sync with Timeout constant defined in pkg/webhook/preflight/preflight.go

pkg/webhook/preflight/preflight.go

@@ -8,6 +8,7 @@ import (
 	"net/http"
 	"runtime/debug"
 	"sync"
+	"time"
 
 	admissionv1 "k8s.io/api/admission/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -19,6 +20,14 @@ import (
 	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/webhook/preflight/skip"
 )
 
+const (
+	// Timeout is the duration, in seconds, that the preflight checks handler has to respond.
+	//
+	// Keep in sync with the `timeoutSeconds` field of the "preflight.cluster.caren.nutanix.com"
+	// ValidatingWebhookConfiguration defined in charts/cluster-api-runtime-extensions-nutanix/templates/webhooks.yaml
+	Timeout = 30 * time.Second
+)
+
 type (
 	// Checker returns a set of checks that have been initialized with common dependencies,
 	// such as an infrastructure API client.
@@ -138,7 +147,12 @@ func (h *WebhookHandler) Handle(ctx context.Context, req admission.Request) admi
 		)
 	}
 
-	resultsOrderedByCheckerAndCheck := run(ctx, h.client, cluster, skipEvaluator, h.checkers)
+	// Reserve time for checks to handle context cancellation, so
+	// that we have time to summarize the results, and return a response.
+	checkTimeout := Timeout - 2*time.Second
+	checkCtx, checkCtxCancel := context.WithTimeout(ctx, checkTimeout)
+	resultsOrderedByCheckerAndCheck := run(checkCtx, h.client, cluster, skipEvaluator, h.checkers)
+	checkCtxCancel()
 
 	// Summarize the results.
 	resp := admission.Response{