revert: "feat: add managed resource webhook"#1168
Conversation
fd1482c to
0be3c62
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR reverts the previously added managed resource webhook functionality. The change removes the webhook that was designed to validate operations on ARM-managed resources in the fleet management system.
- Removes the managed resource webhook validation logic and associated tests
- Updates webhook configuration to reflect the removal of the managed resource validator
- Makes a function visibility change in the user validation module (capitalizing function name)
Reviewed Changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| test/e2e/webhook_test.go | Removes ARM managed resource webhook end-to-end tests and related imports |
| test/e2e/utils_test.go | Removes utility functions for creating and managing test namespaces for managed resources |
| test/e2e/resources_test.go | Removes managed namespace template constant |
| pkg/webhook/webhook_test.go | Updates expected webhook count from 10 to 9 after removal |
| pkg/webhook/webhook.go | Removes managed resource webhook registration and configuration |
| pkg/webhook/validation/uservalidation.go | Changes function name from exported to unexported (IsAdminGroupUserOrWhiteListedUser to isAdminGroupUserOrWhiteListedUser) |
| pkg/webhook/managedresource/managedresource_validating_webhook_test.go | Completely removes the managed resource webhook test file |
| pkg/webhook/managedresource/managedresource_validating_webhook.go | Completely removes the managed resource webhook implementation |
| pkg/webhook/add_handler.go | Removes managed resource webhook registration from initialization |
| namespacedName := types.NamespacedName{Name: req.Name, Namespace: req.Namespace} | ||
| userInfo := req.UserInfo | ||
| if checkCRDGroup(group) && !IsAdminGroupUserOrWhiteListedUser(whiteListedUsers, userInfo) { | ||
| if checkCRDGroup(group) && !isAdminGroupUserOrWhiteListedUser(whiteListedUsers, userInfo) { |
There was a problem hiding this comment.
The function IsAdminGroupUserOrWhiteListedUser was changed to isAdminGroupUserOrWhiteListedUser (unexported), but it's still being called from another function. This creates an inconsistency where the function is now unexported but still used as if it were a public API. Consider whether this function should remain exported or if all callers should be updated to use internal validation logic.
Reverts #1152
We're moving to a different implementation on the AKS RP, so I'm reverting this one.