Merge pull request #1760 from mpatlasov/STOR-1767-support-deletion-of-ValidatingWebhookConfiguration

openshift-merge-bot[bot] · web-flow · commit e0aa70d55678 · 2024-07-15T19:13:51.000Z
STOR-1767: Support deletion of ValidatingWebhookConfiguration
diff --git a/pkg/operator/resource/resourceapply/admissionregistration.go b/pkg/operator/resource/resourceapply/admissionregistration.go
@@ -152,6 +152,18 @@ func ApplyValidatingWebhookConfigurationImproved(ctx context.Context, client adm
 	return actual, true, nil
 }
 
+func DeleteValidatingWebhookConfiguration(ctx context.Context, client admissionregistrationclientv1.ValidatingWebhookConfigurationsGetter, recorder events.Recorder, required *admissionregistrationv1.ValidatingWebhookConfiguration) (*admissionregistrationv1.ValidatingWebhookConfiguration, bool, error) {
+	err := client.ValidatingWebhookConfigurations().Delete(ctx, required.Name, metav1.DeleteOptions{})
+	if err != nil && apierrors.IsNotFound(err) {
+		return nil, false, nil
+	}
+	if err != nil {
+		return nil, false, err
+	}
+	reportDeleteEvent(recorder, required, err)
+	return nil, true, nil
+}
+
 // copyValidatingWebhookCABundle populates webhooks[].clientConfig.caBundle fields from existing resource if it was set before
 // and is not set in present. This provides upgrade compatibility with service-ca-bundle operator.
 func copyValidatingWebhookCABundle(from, to *admissionregistrationv1.ValidatingWebhookConfiguration) {
diff --git a/pkg/operator/resource/resourceapply/admissionregistration_test.go b/pkg/operator/resource/resourceapply/admissionregistration_test.go
@@ -382,6 +382,70 @@ func TestApplyValidatingConfiguration(t *testing.T) {
 	}
 }
 
+func TestDeleteValidatingConfiguration(t *testing.T) {
+	defaultHook := &admissionregistrationv1.ValidatingWebhookConfiguration{}
+	defaultHook.SetName("test")
+	deleteEvent := "ValidatingWebhookConfigurationDeleted"
+
+	tests := []struct {
+		name           string
+		expectModified bool
+		existing       func() *admissionregistrationv1.ValidatingWebhookConfiguration
+		input          func() *admissionregistrationv1.ValidatingWebhookConfiguration
+		expectedEvents []string
+	}{
+		{
+			name:           "Should delete webhook if it exists",
+			expectModified: true,
+			input: func() *admissionregistrationv1.ValidatingWebhookConfiguration {
+				hook := defaultHook.DeepCopy()
+				return hook
+			},
+			existing: func() *admissionregistrationv1.ValidatingWebhookConfiguration {
+				hook := defaultHook.DeepCopy()
+				return hook
+			},
+			expectedEvents: []string{deleteEvent},
+		},
+		{
+			name:           "Should do nothing if webhook does not exist",
+			expectModified: false,
+			input: func() *admissionregistrationv1.ValidatingWebhookConfiguration {
+				hook := defaultHook.DeepCopy()
+				return hook
+			},
+			expectedEvents: []string{},
+		},
+	}
+
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			existingHooks := []runtime.Object{}
+			if test.existing != nil {
+				existingHooks = append(existingHooks, test.existing())
+			}
+			client := fake.NewSimpleClientset(existingHooks...)
+			recorder := events.NewInMemoryRecorder("test")
+
+			testApply := func(expectModify bool) {
+				updatedHook, modified, err := DeleteValidatingWebhookConfiguration(
+					context.TODO(),
+					client.AdmissionregistrationV1(),
+					recorder, test.input())
+				if err != nil {
+					t.Fatal(err)
+				}
+				if expectModify != modified {
+					t.Errorf("expected modified to be equal %v, got %v: %#v", expectModify, modified, updatedHook)
+				}
+			}
+
+			testApply(test.expectModified)
+			assertEvents(t, test.name, test.expectedEvents, recorder.Events())
+		})
+	}
+}
+
 func TestApplyValidatingAdmissionPolicyConfiguration(t *testing.T) {
 	defaultPolicy := &admissionregistrationv1beta1.ValidatingAdmissionPolicy{}
 	defaultPolicy.SetName("test")
diff --git a/pkg/operator/resource/resourceapply/generic.go b/pkg/operator/resource/resourceapply/generic.go
@@ -335,6 +335,12 @@ func DeleteAll(ctx context.Context, clients *ClientHolder, recorder events.Recor
 			} else {
 				_, result.Changed, result.Error = DeleteStorageClass(ctx, clients.kubeClient.StorageV1(), recorder, t)
 			}
+		case *admissionregistrationv1.ValidatingWebhookConfiguration:
+			if clients.kubeClient == nil {
+				result.Error = fmt.Errorf("missing kubeClient")
+			} else {
+				_, result.Changed, result.Error = DeleteValidatingWebhookConfiguration(ctx, clients.kubeClient.AdmissionregistrationV1(), recorder, t)
+			}
 		case *storagev1.CSIDriver:
 			if clients.kubeClient == nil {
 				result.Error = fmt.Errorf("missing kubeClient")
