Skip to content

Commit 70bf5c0

Browse files
rjeberhardrjeberhard
committed
Webhook handle lack of permission and skip installing webhook secret for operatorOnly
1 parent 9a180d9 commit 70bf5c0

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

kubernetes/charts/weblogic-operator/templates/_operator-secret.tpl

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
1-
# Copyright (c) 2018, 2022, Oracle and/or its affiliates.
1+
# Copyright (c) 2018, 2024, Oracle and/or its affiliates.
22
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
33

44
{{- define "operator.operatorSecrets" }}
5+
{{- if not .webhookOnly }}
56
---
67
apiVersion: "v1"
78
kind: "Secret"
@@ -22,6 +23,8 @@ metadata:
2223
name: "weblogic-operator-secrets"
2324
namespace: {{ .Release.Namespace | quote }}
2425
type: "Opaque"
26+
{{- end }}
27+
{{- if not .operatorOnly }}
2528
---
2629
apiVersion: "v1"
2730
kind: "Secret"
@@ -44,3 +47,4 @@ metadata:
4447
namespace: {{ .Release.Namespace | quote }}
4548
type: "Opaque"
4649
{{- end }}
50+
{{- end }}

operator/src/main/java/oracle/kubernetes/operator/helpers/WebhookHelper.java

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -259,7 +259,8 @@ protected Result onFailureNoRetry(Packet packet,
259259
KubernetesApiResponse<V1ValidatingWebhookConfiguration> callResponse) {
260260
LOGGER.info(MessageKeys.READ_VALIDATING_WEBHOOK_CONFIGURATION_FAILED,
261261
VALIDATING_WEBHOOK_NAME, callResponse.getStatus());
262-
return super.onFailureNoRetry(packet, callResponse);
262+
return isNotAuthorizedOrForbidden(callResponse)
263+
? doNext(packet) : super.onFailureNoRetry(packet, callResponse);
263264
}
264265
}
265266

@@ -279,7 +280,8 @@ protected Result onFailureNoRetry(Packet packet,
279280
KubernetesApiResponse<V1ValidatingWebhookConfiguration> callResponse) {
280281
LOGGER.info(MessageKeys.CREATE_VALIDATING_WEBHOOK_CONFIGURATION_FAILED,
281282
VALIDATING_WEBHOOK_NAME, callResponse.getStatus());
282-
return super.onFailureNoRetry(packet, callResponse);
283+
return isNotAuthorizedOrForbidden(callResponse)
284+
? doNext(packet) : super.onFailureNoRetry(packet, callResponse);
283285
}
284286
}
285287

@@ -312,7 +314,8 @@ protected Result onFailureNoRetry(Packet packet,
312314
KubernetesApiResponse<V1ValidatingWebhookConfiguration> callResponse) {
313315
LOGGER.info(MessageKeys.REPLACE_VALIDATING_WEBHOOK_CONFIGURATION_FAILED,
314316
VALIDATING_WEBHOOK_NAME, callResponse.getStatus());
315-
return super.onFailureNoRetry(packet, callResponse);
317+
return isNotAuthorizedOrForbidden(callResponse)
318+
? doNext(packet) : super.onFailureNoRetry(packet, callResponse);
316319
}
317320
}
318321

0 commit comments

Comments
 (0)