Move subject_alterative_dns_names into Options

Author: sbernauer

Cargo.lock

@@ -29,3 +29,6 @@ tower.workspace = true
 tracing.workspace = true
 tracing-opentelemetry.workspace = true
 x509-cert.workspace = true
+
+[dev-dependencies]
+clap.workspace = true

crates/stackable-webhook/Cargo.toml

@@ -13,7 +13,7 @@
 //! use tokio::sync::mpsc;
 //!
 //! let router = Router::new();
-//! let server = WebhookServer::new(router, Options::default(), vec![]);
+//! let server = WebhookServer::new(router, Options::default());
 //! ```
 //!
 //! For some usages, complete end-to-end [`WebhookServer`] implementations
@@ -101,7 +101,7 @@ impl WebhookServer {
     /// use tokio::sync::mpsc;
     ///
     /// let router = Router::new();
-    /// let server = WebhookServer::new(router, Options::default(), vec![]);
+    /// let server = WebhookServer::new(router, Options::default());
     /// ```
     ///
     /// ### Example with Custom Options
@@ -113,16 +113,15 @@ impl WebhookServer {
     ///
     /// let options = Options::builder()
     ///     .bind_address([127, 0, 0, 1], 8080)
+    ///     .add_subject_alterative_dns_name("my-san-entry")
     ///     .build();
-    /// let sans = vec!["my-san-entry".to_string()];
     ///
     /// let router = Router::new();
-    /// let server = WebhookServer::new(router, options, sans);
+    /// let server = WebhookServer::new(router, options);
     /// ```
     pub async fn new(
         router: Router,
         options: Options,
-        subject_alterative_dns_names: Vec<String>,
     ) -> Result<(Self, mpsc::Receiver<Certificate>)> {
         tracing::trace!("create new webhook server");
 
@@ -147,7 +146,7 @@ impl WebhookServer {
 
         tracing::debug!("create TLS server");
         let (tls_server, cert_rx) =
-            TlsServer::new(options.socket_addr, router, subject_alterative_dns_names)
+            TlsServer::new(options.socket_addr, router, options.subject_alterative_dns_names)
                 .await
                 .context(CreateTlsServerSnafu)?;
 

crates/stackable-webhook/src/lib.rs

@@ -41,6 +41,10 @@ pub struct Options {
     /// The default HTTPS socket address the [`TcpListener`][tokio::net::TcpListener]
     /// binds to.
     pub socket_addr: SocketAddr,
+
+    /// The subject alterative DNS names that should be added to the certificates generated for this
+    /// webhook.
+    pub subject_alterative_dns_names: Vec<String>,
 }
 
 impl Default for Options {
@@ -66,6 +70,7 @@ impl Options {
 #[derive(Debug, Default)]
 pub struct OptionsBuilder {
     socket_addr: Option<SocketAddr>,
+    subject_alterative_dns_names: Vec<String>,
 }
 
 impl OptionsBuilder {
@@ -91,11 +96,32 @@ impl OptionsBuilder {
         self
     }
 
+    /// Sets the subject alterative DNS names that should be added to the certificates generated for
+    /// this webhook.
+    pub fn subject_alterative_dns_names(
+        mut self,
+        subject_alterative_dns_name: Vec<String>,
+    ) -> Self {
+        self.subject_alterative_dns_names = subject_alterative_dns_name;
+        self
+    }
+
+    /// Adds the (subject alterative DNS name to the list of names.
+    pub fn add_subject_alterative_dns_name(
+        mut self,
+        subject_alterative_dns_name: impl Into<String>,
+    ) -> Self {
+        self.subject_alterative_dns_names
+            .push(subject_alterative_dns_name.into());
+        self
+    }
+
     /// Builds the final [`Options`] by using default values for any not
     /// explicitly set option.
     pub fn build(self) -> Options {
         Options {
             socket_addr: self.socket_addr.unwrap_or(DEFAULT_SOCKET_ADDRESS),
+            subject_alterative_dns_names: self.subject_alterative_dns_names,
         }
     }
 }

crates/stackable-webhook/src/options.rs

@@ -95,11 +95,12 @@ impl ConversionWebhookServer {
     /// # Example
     ///
     /// ```no_run
+    /// use clap::Parser;
     /// use stackable_webhook::{
     ///     servers::{ConversionReview, ConversionWebhookServer},
     ///     Options
     /// };
-    /// use stackable_operator::cli::OperatorEnvironmentOpts;
+    /// use stackable_operator::cli::OperatorEnvironmentOptions;
     /// use stackable_operator::kube::Client;
     /// use stackable_operator::crd::s3::{S3Connection, S3ConnectionVersion};
     ///
@@ -114,12 +115,7 @@ impl ConversionWebhookServer {
     ///
     /// const OPERATOR_NAME: &str = "PRODUCT_OPERATOR";
     /// let client = Client::try_default().await.expect("failed to create Kubernetes client");
-    /// // Normally you would get this from the CLI arguments in
-    /// // `ProductOperatorRun::operator_environment`
-    /// let operator_environment = OperatorEnvironmentOpts {
-    ///     operator_namespace: "stackable-operator".to_string(),
-    ///     operator_service_name: "product-operator".to_string(),
-    /// };
+    /// let operator_environment = OperatorEnvironmentOptions::parse();
     ///
     /// // Construct the conversion webhook server
     /// let conversion_webhook = ConversionWebhookServer::new(
@@ -141,7 +137,7 @@ impl ConversionWebhookServer {
     )]
     pub async fn new<H>(
         crds_and_handlers: impl IntoIterator<Item = (CustomResourceDefinition, H)>,
-        options: Options,
+        mut options: Options,
         client: Client,
         field_manager: impl Into<String> + Debug,
         operator_environment: OperatorEnvironmentOptions,
@@ -167,13 +163,14 @@ impl ConversionWebhookServer {
 
         // This is how Kubernetes calls us, so it decides about the naming.
         // AFAIK we can not influence this, so this is the only SAN entry needed.
-        let sans = vec![format!(
+        let subject_alterative_dns_name = format!(
             "{service_name}.{operator_namespace}.svc",
             service_name = operator_environment.operator_service_name,
             operator_namespace = operator_environment.operator_namespace,
-        )];
+        );
+        options.subject_alterative_dns_names.push(subject_alterative_dns_name);
 
-        let (server, mut cert_rx) = WebhookServer::new(router, options, sans)
+        let (server, mut cert_rx) = WebhookServer::new(router, options)
             .await
             .context(CreateWebhookServerSnafu)?;
 

crates/stackable-webhook/src/servers/conversion.rs

@@ -65,7 +65,7 @@ pub struct TlsServer {
 
 impl TlsServer {
     #[instrument(name = "create_tls_server", skip(router))]
-    pub async fn new<'a>(
+    pub async fn new(
         socket_addr: SocketAddr,
         router: Router,
         subject_alterative_dns_names: Vec<String>,