diff --git a/crates/stackable-webhook/CHANGELOG.md b/crates/stackable-webhook/CHANGELOG.md index 63839163..a7354362 100644 --- a/crates/stackable-webhook/CHANGELOG.md +++ b/crates/stackable-webhook/CHANGELOG.md @@ -8,7 +8,16 @@ All notable changes to this project will be documented in this file. - Don't pull in the `aws-lc-rs` crate, as this currently fails to build in `make run-dev` ([#1043]). +### Changed + +- BREAKING: The constant `DEFAULT_IP_ADDRESS` has been renamed to `DEFAULT_LISTEN_ADDRESS` and binds to all + addresses (instead of only loopback) by default. This was changed because all the webhooks + deployed to Kubernetes (e.g. conversion or mutating - which this crate targets) need to be + accessible by it, which is not the case when only using loopback. + Also, the constant `DEFAULT_SOCKET_ADDR` has been renamed to `DEFAULT_SOCKET_ADDRESS` ([#1045]). + [#1043]: https://github.com/stackabletech/operator-rs/pull/1043 +[#1045]: https://github.com/stackabletech/operator-rs/pull/1045 ## [0.3.1] - 2024-07-10 diff --git a/crates/stackable-webhook/src/constants.rs b/crates/stackable-webhook/src/constants.rs index 65f7c1eb..b3553c4f 100644 --- a/crates/stackable-webhook/src/constants.rs +++ b/crates/stackable-webhook/src/constants.rs @@ -5,8 +5,14 @@ use std::net::{IpAddr, Ipv4Addr, SocketAddr}; /// The default HTTPS port `8443` pub const DEFAULT_HTTPS_PORT: u16 = 8443; -/// The default IP address `127.0.0.1` the webhook server binds to. -pub const DEFAULT_IP_ADDRESS: IpAddr = IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)); +/// The default IP address [`Ipv4Addr::UNSPECIFIED`] (`0.0.0.0`) the webhook server binds to, +/// which represents binding on all network addresses. +// +// TODO: We might want to switch to `Ipv6Addr::UNSPECIFIED)` here, as this *normally* binds to IPv4 +// and IPv6. However, it's complicated and depends on the underlying system... +// If we do so, we should set `set_only_v6(false)` on the socket to not rely on system defaults. +pub const DEFAULT_LISTEN_ADDRESS: IpAddr = IpAddr::V4(Ipv4Addr::UNSPECIFIED); -/// The default socket address `127.0.0.1:8443` the webhook server vinds to. -pub const DEFAULT_SOCKET_ADDR: SocketAddr = SocketAddr::new(DEFAULT_IP_ADDRESS, DEFAULT_HTTPS_PORT); +/// The default socket address `0.0.0.0:8443` the webhook server binds to. +pub const DEFAULT_SOCKET_ADDRESS: SocketAddr = + SocketAddr::new(DEFAULT_LISTEN_ADDRESS, DEFAULT_HTTPS_PORT); diff --git a/crates/stackable-webhook/src/options.rs b/crates/stackable-webhook/src/options.rs index bf810ebd..99a01133 100644 --- a/crates/stackable-webhook/src/options.rs +++ b/crates/stackable-webhook/src/options.rs @@ -6,7 +6,7 @@ use std::{ use stackable_certs::PrivateKeyType; -use crate::constants::DEFAULT_SOCKET_ADDR; +use crate::constants::DEFAULT_SOCKET_ADDRESS; /// Specifies available webhook server options. /// @@ -78,7 +78,7 @@ impl OptionsBuilder { /// Sets the IP address of the socket address the webhook server uses to /// bind for HTTPS. pub fn bind_ip(mut self, bind_ip: impl Into) -> Self { - let addr = self.socket_addr.get_or_insert(DEFAULT_SOCKET_ADDR); + let addr = self.socket_addr.get_or_insert(DEFAULT_SOCKET_ADDRESS); addr.set_ip(bind_ip.into()); self } @@ -86,7 +86,7 @@ impl OptionsBuilder { /// Sets the port of the socket address the webhook server uses to bind /// for HTTPS. pub fn bind_port(mut self, bind_port: u16) -> Self { - let addr = self.socket_addr.get_or_insert(DEFAULT_SOCKET_ADDR); + let addr = self.socket_addr.get_or_insert(DEFAULT_SOCKET_ADDRESS); addr.set_port(bind_port); self } @@ -95,7 +95,7 @@ impl OptionsBuilder { /// explicitly set option. pub fn build(self) -> Options { Options { - socket_addr: self.socket_addr.unwrap_or(DEFAULT_SOCKET_ADDR), + socket_addr: self.socket_addr.unwrap_or(DEFAULT_SOCKET_ADDRESS), } } }