Search in sources :

Example 1 with AdmissionReviewResponse

use of io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse in project stackgres by ongres.

the class AbstractGenericExceptionMapper method toResponse.

@Override
public Response toResponse(T throwable) {
    int statusCode = Status.INTERNAL_SERVER_ERROR.getStatusCode();
    Throwable cause = Throwables.getRootCause(throwable);
    if (cause instanceof WebApplicationException) {
        statusCode = WebApplicationException.class.cast(cause).getResponse().getStatus();
    }
    if (cause instanceof UnauthorizedException) {
        return new UnauthorizedExceptionMapper().toResponse(UnauthorizedException.class.cast(cause));
    }
    if (statusCode == Status.INTERNAL_SERVER_ERROR.getStatusCode()) {
        LOGGER.error("An error occurred in the REST API", throwable);
    }
    String message = cause.getMessage();
    if (uriInfo != null && (uriInfo.getPath().startsWith(ValidationUtil.VALIDATION_PATH + "/") || uriInfo.getPath().startsWith(MutationUtil.MUTATION_PATH + "/"))) {
        AdmissionResponse admissionResponse = new AdmissionResponse();
        admissionResponse.setAllowed(false);
        admissionResponse.setStatus(new StatusBuilder().withMessage(message).withCode(statusCode).build());
        AdmissionReviewResponse admissionReviewResponse = new AdmissionReviewResponse();
        admissionReviewResponse.setResponse(admissionResponse);
        return Response.ok().type(MediaType.APPLICATION_JSON).entity(admissionReviewResponse).build();
    }
    return Response.status(statusCode).type(MediaType.APPLICATION_JSON).entity(message).build();
}
Also used : AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) WebApplicationException(javax.ws.rs.WebApplicationException) UnauthorizedExceptionMapper(io.quarkus.resteasy.runtime.UnauthorizedExceptionMapper) UnauthorizedException(io.quarkus.security.UnauthorizedException) StatusBuilder(io.fabric8.kubernetes.api.model.StatusBuilder) AdmissionResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionResponse)

Example 2 with AdmissionReviewResponse

use of io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse in project stackgres by ongres.

the class ClusterValidationResourceTest method givenValidAllowedRequest_thenResponseUidShouldMatchRequestUid.

@Test
void givenValidAllowedRequest_thenResponseUidShouldMatchRequestUid() throws IOException {
    String requestBody = getFileAsString("cluster_allow_requests/valid_creation.json");
    JsonNode admissionRequest = mapper.readTree(requestBody);
    UUID requestUid = UUID.fromString(admissionRequest.get("request").get("uid").asText());
    Response response = target("/stackgres/validation/sgcluster").request(MediaType.APPLICATION_JSON).post(Entity.json(requestBody));
    AdmissionReviewResponse admissionResponse = response.readEntity(AdmissionReviewResponse.class);
    assertEquals(requestUid, admissionResponse.getResponse().getUid());
}
Also used : AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) Response(javax.ws.rs.core.Response) AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) JsonNode(com.fasterxml.jackson.databind.JsonNode) UUID(java.util.UUID) JerseyTest(org.glassfish.jersey.test.JerseyTest) Test(org.junit.jupiter.api.Test)

Example 3 with AdmissionReviewResponse

use of io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse in project stackgres by ongres.

the class ClusterValidationResourceTest method givenValidAllowedRequest_thenAdmissionShouldBeAllowed.

@Test
void givenValidAllowedRequest_thenAdmissionShouldBeAllowed() {
    String requestBody = getFileAsString("cluster_allow_requests/valid_creation.json");
    Response response = target("/stackgres/validation/sgcluster").request(MediaType.APPLICATION_JSON).post(Entity.json(requestBody));
    AdmissionReviewResponse admissionResponse = response.readEntity(AdmissionReviewResponse.class);
    assertTrue(admissionResponse.getResponse().isAllowed());
}
Also used : AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) Response(javax.ws.rs.core.Response) AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) JerseyTest(org.glassfish.jersey.test.JerseyTest) Test(org.junit.jupiter.api.Test)

Example 4 with AdmissionReviewResponse

use of io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse in project stackgres by ongres.

the class MutationResource method mutate.

default AdmissionReviewResponse mutate(T admissionReview, JsonPatchMutationPipeline<T> pipeline) {
    AdmissionRequest<?> request = admissionReview.getRequest();
    UUID requestUid = request.getUid();
    logger.info("Mutating admission review " + requestUid.toString() + " of kind " + request.getKind().toString());
    AdmissionResponse response = new AdmissionResponse();
    response.setUid(requestUid);
    AdmissionReviewResponse reviewResponse = new AdmissionReviewResponse();
    reviewResponse.setResponse(response);
    reviewResponse.setGroup(admissionReview.getGroup());
    reviewResponse.setKind(admissionReview.getKind());
    reviewResponse.setVersion(admissionReview.getVersion());
    try {
        pipeline.mutate(admissionReview).ifPresent(path -> {
            response.setPatchType("JSONPatch");
            String base64Path = Base64.getEncoder().encodeToString(path.getBytes(StandardCharsets.UTF_8));
            response.setPatch(base64Path);
        });
        response.setAllowed(true);
    } catch (Exception ex) {
        Status status = new StatusBuilder().withMessage(Optional.ofNullable(ex.getMessage()).orElse("null")).withCode(500).build();
        logger.error("cannot proceed with request " + requestUid.toString() + " cause: " + status.getMessage(), ex);
        response.setAllowed(false);
        response.setStatus(status);
    }
    return reviewResponse;
}
Also used : AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) Status(io.fabric8.kubernetes.api.model.Status) StatusBuilder(io.fabric8.kubernetes.api.model.StatusBuilder) UUID(java.util.UUID) AdmissionResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionResponse)

Example 5 with AdmissionReviewResponse

use of io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse in project stackgres by ongres.

the class ValidationResourceTest method givenAnValidAdmissionReview_itShouldReturnASuccessfulResponse.

@Test
void givenAnValidAdmissionReview_itShouldReturnASuccessfulResponse() throws ValidationFailed {
    doNothing().when(pipeline).validate(review);
    AdmissionReviewResponse response = resource.validate(review);
    assertTrue(response.getResponse().isAllowed());
    verify(pipeline).validate(review);
}
Also used : AdmissionReviewResponse(io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse) Test(org.junit.jupiter.api.Test)

Aggregations

AdmissionReviewResponse (io.stackgres.operatorframework.admissionwebhook.AdmissionReviewResponse)10 Test (org.junit.jupiter.api.Test)7 AdmissionResponse (io.stackgres.operatorframework.admissionwebhook.AdmissionResponse)3 UUID (java.util.UUID)3 Status (io.fabric8.kubernetes.api.model.Status)2 StatusBuilder (io.fabric8.kubernetes.api.model.StatusBuilder)2 Response (javax.ws.rs.core.Response)2 JerseyTest (org.glassfish.jersey.test.JerseyTest)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 UnauthorizedExceptionMapper (io.quarkus.resteasy.runtime.UnauthorizedExceptionMapper)1 UnauthorizedException (io.quarkus.security.UnauthorizedException)1 ValidationFailed (io.stackgres.operatorframework.admissionwebhook.validating.ValidationFailed)1 WebApplicationException (javax.ws.rs.WebApplicationException)1