Templating can't access all of the pod's fields #32
Description
Hey folks, thanks for the work!
This project looks like a great fit for the project my team is working on, but there are some things we only know at the time the mutation is being applied, more specifically the pod's name and namespace.
Now, I understand that there is a templating feature, but it doesn't seem to work for this:
# output omitted
env:
- name: foo
value: '{% .ObjectMeta.Name %}.{% .ObjectMeta.Namespace %}.rest.of.my.string'Looking around the code it seems this is the culprit:
generic-sidecar-injector/pkg/injectionwebhook/webhook.go
Lines 125 to 132 in 3a3c5d3
It passes on a new pod object that only carries the original's Service Account and Annotations, but not the rest of the object (such as .ObjectMeta.Name and .ObjectMeta.Namespace.
Is there a particular reason not to pass the entire Pod that is already received on the admission review request?
// mutate method for mutation webhook
func (whsvr *WebhookServer) mutate(ar *v1beta1.AdmissionReview) (admissionResponse *v1beta1.AdmissionResponse, statusForMutations map[string]mutationStatus) {
req := ar.Request
var pod corev1.Pod
if err := json.Unmarshal(req.Object.Raw, &pod); err != nil {
glog.Errorf("api=mutate, reason=json.Unmarshal, message=invalid raw object, err=%v", err)
return &v1beta1.AdmissionResponse{
Result: &metav1.Status{
Message: err.Error(),
},
}, nil
}
// some lines later
sidecarConfig, err := sidecarconfig.RenderTemplate(pod, whsvr.sidecarConfigTemplate)