Skip to content

Commit 34b854d

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #1590 from karelyatin/custom_webhook_port
Make local webhook port configurable
2 parents 6d1b903 + 52187f2 commit 34b854d

File tree

3 files changed

+20
-16
lines changed

3 files changed

+20
-16
lines changed

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -509,6 +509,7 @@ SKIP_CERT ?=false
509509
run-with-webhook: export METRICS_PORT?=8080
510510
run-with-webhook: export HEALTH_PORT?=8081
511511
run-with-webhook: export PPROF_PORT?=8082
512+
run-with-webhook: export WEBHOOK_PORT?=9443
512513
run-with-webhook: manifests generate fmt vet ## Run a controller from your host.
513514
/bin/bash hack/run_with_local_webhook.sh
514515

hack/run_with_local_webhook.sh

Lines changed: 16 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,10 @@ trap cleanup SIGINT SIGTERM
1414
TMPDIR=${TMPDIR:-"/tmp/k8s-webhook-server/serving-certs"}
1515
SKIP_CERT=${SKIP_CERT:-false}
1616
CRC_IP=${CRC_IP:-$(/sbin/ip -o -4 addr list crc | awk '{print $4}' | cut -d/ -f1)}
17+
WEBHOOK_PORT=${WEBHOOK_PORT:-${WEBHOOK_PORT}}
1718

18-
#Open 9443
19-
sudo firewall-cmd --zone=libvirt --add-port=9443/tcp || :
19+
#Open ${WEBHOOK_PORT}
20+
sudo firewall-cmd --zone=libvirt --add-port=${WEBHOOK_PORT}/tcp || :
2021
sudo firewall-cmd --runtime-to-permanent || :
2122

2223
# Generate the certs and the ca bundle
@@ -48,7 +49,7 @@ webhooks:
4849
- v1
4950
clientConfig:
5051
caBundle: ${CA_BUNDLE}
51-
url: https://${CRC_IP}:9443/validate-core-openstack-org-v1beta1-openstackcontrolplane
52+
url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-core-openstack-org-v1beta1-openstackcontrolplane
5253
failurePolicy: Fail
5354
matchPolicy: Equivalent
5455
name: vopenstackcontrolplane.kb.io
@@ -76,7 +77,7 @@ webhooks:
7677
- v1
7778
clientConfig:
7879
caBundle: ${CA_BUNDLE}
79-
url: https://${CRC_IP}:9443/validate-client-openstack-org-v1beta1-openstackclient
80+
url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-client-openstack-org-v1beta1-openstackclient
8081
failurePolicy: Fail
8182
matchPolicy: Equivalent
8283
name: vopenstackclient.kb.io
@@ -104,7 +105,7 @@ webhooks:
104105
- v1
105106
clientConfig:
106107
caBundle: ${CA_BUNDLE}
107-
url: https://${CRC_IP}:9443/validate-core-openstack-org-v1beta1-openstackversion
108+
url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-core-openstack-org-v1beta1-openstackversion
108109
failurePolicy: Fail
109110
matchPolicy: Equivalent
110111
name: vopenstackversion.kb.io
@@ -132,7 +133,7 @@ webhooks:
132133
- v1
133134
clientConfig:
134135
caBundle: ${CA_BUNDLE}
135-
url: https://${CRC_IP}:9443/mutate-core-openstack-org-v1beta1-openstackcontrolplane
136+
url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-core-openstack-org-v1beta1-openstackcontrolplane
136137
failurePolicy: Fail
137138
matchPolicy: Equivalent
138139
name: mopenstackcontrolplane.kb.io
@@ -160,7 +161,7 @@ webhooks:
160161
- v1
161162
clientConfig:
162163
caBundle: ${CA_BUNDLE}
163-
url: https://${CRC_IP}:9443/mutate-client-openstack-org-v1beta1-openstackclient
164+
url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-client-openstack-org-v1beta1-openstackclient
164165
failurePolicy: Fail
165166
matchPolicy: Equivalent
166167
name: mopenstackclient.kb.io
@@ -188,7 +189,7 @@ webhooks:
188189
- v1
189190
clientConfig:
190191
caBundle: ${CA_BUNDLE}
191-
url: https://${CRC_IP}:9443/mutate-core-openstack-org-v1beta1-openstackversion
192+
url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-core-openstack-org-v1beta1-openstackversion
192193
failurePolicy: Fail
193194
matchPolicy: Equivalent
194195
name: mopenstackversion.kb.io
@@ -216,7 +217,7 @@ webhooks:
216217
- v1
217218
clientConfig:
218219
caBundle: ${CA_BUNDLE}
219-
url: https://${CRC_IP}:9443/validate-dataplane-openstack-org-v1beta1-openstackdataplanenodeset
220+
url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-dataplane-openstack-org-v1beta1-openstackdataplanenodeset
220221
failurePolicy: Fail
221222
matchPolicy: Equivalent
222223
name: vopenstackdataplanenodeset.kb.io
@@ -244,7 +245,7 @@ webhooks:
244245
- v1
245246
clientConfig:
246247
caBundle: ${CA_BUNDLE}
247-
url: https://${CRC_IP}:9443/mutate-dataplane-openstack-org-v1beta1-openstackdataplanenodeset
248+
url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-dataplane-openstack-org-v1beta1-openstackdataplanenodeset
248249
failurePolicy: Fail
249250
matchPolicy: Equivalent
250251
name: mopenstackdataplanenodeset.kb.io
@@ -272,7 +273,7 @@ webhooks:
272273
- v1
273274
clientConfig:
274275
caBundle: ${CA_BUNDLE}
275-
url: https://${CRC_IP}:9443/validate-dataplane-openstack-org-v1beta1-openstackdataplanedeployment
276+
url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-dataplane-openstack-org-v1beta1-openstackdataplanedeployment
276277
failurePolicy: Fail
277278
matchPolicy: Equivalent
278279
name: vopenstackdataplanedeployment.kb.io
@@ -300,7 +301,7 @@ webhooks:
300301
- v1
301302
clientConfig:
302303
caBundle: ${CA_BUNDLE}
303-
url: https://${CRC_IP}:9443/mutate-dataplane-openstack-org-v1beta1-openstackdataplanedeployment
304+
url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-dataplane-openstack-org-v1beta1-openstackdataplanedeployment
304305
failurePolicy: Fail
305306
matchPolicy: Equivalent
306307
name: mopenstackdataplanedeployment.kb.io
@@ -328,7 +329,7 @@ webhooks:
328329
- v1
329330
clientConfig:
330331
caBundle: ${CA_BUNDLE}
331-
url: https://${CRC_IP}:9443/validate-dataplane-openstack-org-v1beta1-openstackdataplaneservice
332+
url: https://${CRC_IP}:${WEBHOOK_PORT}/validate-dataplane-openstack-org-v1beta1-openstackdataplaneservice
332333
failurePolicy: Fail
333334
matchPolicy: Equivalent
334335
name: vopenstackdataplaneservice.kb.io
@@ -356,7 +357,7 @@ webhooks:
356357
- v1
357358
clientConfig:
358359
caBundle: ${CA_BUNDLE}
359-
url: https://${CRC_IP}:9443/mutate-dataplane-openstack-org-v1beta1-openstackdataplaneservice
360+
url: https://${CRC_IP}:${WEBHOOK_PORT}/mutate-dataplane-openstack-org-v1beta1-openstackdataplaneservice
360361
failurePolicy: Fail
361362
matchPolicy: Equivalent
362363
name: mopenstackdataplaneservice.kb.io
@@ -402,4 +403,4 @@ if [ -n "${CSV_NAME}" ]; then
402403
fi
403404

404405
source hack/export_related_images.sh && \
405-
go run ./main.go -metrics-bind-address ":${METRICS_PORT}" -health-probe-bind-address ":${HEALTH_PORT}" -pprof-bind-address ":${PPROF_PORT}"
406+
go run ./main.go -metrics-bind-address ":${METRICS_PORT}" -health-probe-bind-address ":${HEALTH_PORT}" -pprof-bind-address ":${PPROF_PORT}" -webhook-bind-address "${WEBHOOK_PORT}"

main.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -145,11 +145,13 @@ func main() {
145145
var enableLeaderElection bool
146146
var probeAddr string
147147
var pprofAddr string
148+
var webhookPort int
148149
var enableHTTP2 bool
149150
flag.BoolVar(&enableHTTP2, "enable-http2", enableHTTP2, "If HTTP/2 should be enabled for the metrics and webhook servers.")
150151
flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
151152
flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
152153
flag.StringVar(&pprofAddr, "pprof-bind-address", "", "The address the pprof endpoint binds to. Set to empty to disable pprof")
154+
flag.IntVar(&webhookPort, "webhook-bind-address", 9443, "The port the webhook server binds to.")
153155
flag.BoolVar(&enableLeaderElection, "leader-elect", false,
154156
"Enable leader election for controller manager. "+
155157
"Enabling this will ensure there is only one active controller manager.")
@@ -184,7 +186,7 @@ func main() {
184186
LeaderElectionID: "40ba705e.openstack.org",
185187
WebhookServer: webhook.NewServer(
186188
webhook.Options{
187-
Port: 9443,
189+
Port: webhookPort,
188190
TLSOpts: []func(config *tls.Config){disableHTTP2},
189191
}),
190192
// LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily

0 commit comments

Comments
 (0)