@@ -62,6 +62,17 @@ import (
62
62
// +kubebuilder:scaffold:imports
63
63
)
64
64
65
+ type certManagementConfig struct {
66
+ Namespace string `json:"namespace,omitempty"`
67
+ CertificateDir string `json:"certificateDir,omitempty"`
68
+ CertificateName string `json:"certificateName,omitempty"`
69
+ CertificateOrg string `json:"certificateOrg,omitempty"`
70
+ MutatingWebhookConfigName string `json:"mutatingWebhookConfigName,omitempty"`
71
+ ValidatingWebhookConfigName string `json:"validatingWebhookConfigName,omitempty"`
72
+ WebhookServiceName string `json:"webhookServiceName,omitempty"`
73
+ WebhookSecretName string `json:"webhookSecretName,omitempty"`
74
+ }
75
+
65
76
var (
66
77
scheme = runtime .NewScheme ()
67
78
setupLog = ctrl .Log .WithName ("setup" )
@@ -123,16 +134,6 @@ func main() {
123
134
},
124
135
LeaderElection : & configv1alpha1.LeaderElectionConfiguration {},
125
136
},
126
- CertManagement : & config.CertManagementConfig {
127
- Namespace : namespace ,
128
- CertificateDir : "/tmp/k8s-webhook-server/serving-certs" ,
129
- CertificateName : "codeflare-ca" ,
130
- CertificateOrg : "codeflare" ,
131
- MutatingWebhookConfigName : "codeflare-operator-mutating-webhook-configuration" ,
132
- ValidatingWebhookConfigName : "codeflare-operator-validating-webhook-configuration" ,
133
- WebhookServiceName : "codeflare-operator-webhook-service" ,
134
- WebhookSecretName : "codeflare-operator-webhook-server-cert" ,
135
- },
136
137
KubeRay : & config.KubeRayConfiguration {
137
138
RayDashboardOAuthEnabled : ptr .To (true ),
138
139
},
@@ -194,7 +195,17 @@ func main() {
194
195
if os .Getenv ("ENABLE_WEBHOOKS" ) == "false" {
195
196
close (certsReady )
196
197
} else {
197
- exitOnError (setupCertManagement (mgr , cfg .CertManagement , certsReady ), "unable to set up cert rotation" )
198
+ certConfig := & certManagementConfig {
199
+ Namespace : namespace ,
200
+ CertificateDir : "/tmp/k8s-webhook-server/serving-certs" ,
201
+ CertificateName : "codeflare-ca" ,
202
+ CertificateOrg : "codeflare" ,
203
+ MutatingWebhookConfigName : "codeflare-operator-mutating-webhook-configuration" ,
204
+ ValidatingWebhookConfigName : "codeflare-operator-validating-webhook-configuration" ,
205
+ WebhookServiceName : "codeflare-operator-webhook-service" ,
206
+ WebhookSecretName : "codeflare-operator-webhook-server-cert" ,
207
+ }
208
+ exitOnError (setupCertManagement (mgr , certConfig , certsReady ), "unable to set up cert rotation" )
198
209
}
199
210
200
211
v , err := HasAPIResourceForGVK (kubeClient .DiscoveryClient , rayv1 .GroupVersion .WithKind ("RayCluster" ))
@@ -288,7 +299,7 @@ func HasAPIResourceForGVK(dc discovery.DiscoveryInterface, gvk schema.GroupVersi
288
299
// +kubebuilder:rbac:groups="admissionregistration.k8s.io",resources=mutatingwebhookconfigurations,verbs=get;list;watch;update
289
300
// +kubebuilder:rbac:groups="admissionregistration.k8s.io",resources=validatingwebhookconfigurations,verbs=get;list;watch;update
290
301
291
- func setupCertManagement (mgr ctrl.Manager , config * config. CertManagementConfig , certsReady chan struct {}) error {
302
+ func setupCertManagement (mgr ctrl.Manager , config * certManagementConfig , certsReady chan struct {}) error {
292
303
// DNSName is <service name>.<namespace>.svc
293
304
var dnsName = fmt .Sprintf ("%s.%s.svc" , config .WebhookServiceName , config .Namespace )
294
305
0 commit comments