...
1
16
17 package main
18
19 import (
20 "context"
21 "crypto/tls"
22 "errors"
23 "flag"
24 "fmt"
25 "net/http"
26 "os"
27 "os/signal"
28 "sync"
29 "syscall"
30 "time"
31
32 "k8s.io/klog/v2"
33
34 "sigs.k8s.io/gateway-api/pkg/admission"
35 )
36
37 var (
38 tlsCertFilePath, tlsKeyFilePath string
39 showVersion, help bool
40 )
41
42 var (
43 VERSION = "dev"
44 COMMIT = "dev"
45 )
46
47 func main() {
48 flag.StringVar(&tlsCertFilePath, "tlsCertFile", "/etc/certs/tls.crt", "File with x509 certificate")
49 flag.StringVar(&tlsKeyFilePath, "tlsKeyFile", "/etc/certs/tls.key", "File with private key to tlsCertFile")
50 flag.BoolVar(&showVersion, "version", false, "Show release version and exit")
51 flag.BoolVar(&help, "help", false, "Show flag defaults and exit")
52 klog.InitFlags(nil)
53 flag.Parse()
54
55 if showVersion {
56 printVersion()
57 os.Exit(0)
58 }
59
60 if help {
61 printVersion()
62 flag.PrintDefaults()
63 os.Exit(0)
64 }
65
66 printVersion()
67
68 certs, err := tls.LoadX509KeyPair(tlsCertFilePath, tlsKeyFilePath)
69 if err != nil {
70 klog.Fatalf("failed to load TLS cert-key for admission-webhook-server: %v", err)
71 }
72
73 server := &http.Server{
74 Addr: ":8443",
75 ReadHeaderTimeout: 10 * time.Second,
76
77 TLSConfig: &tls.Config{MinVersion: tls.VersionTLS12, Certificates: []tls.Certificate{certs}},
78 }
79 mux := http.NewServeMux()
80 mux.HandleFunc("/validate", admission.ServeHTTP)
81 server.Handler = mux
82
83 var wg sync.WaitGroup
84 wg.Add(1)
85 go func() {
86 defer wg.Done()
87 err := server.ListenAndServeTLS("", "")
88 if errors.Is(err, http.ErrServerClosed) {
89 klog.Errorf("admission-webhook-server stopped: %v", err)
90 }
91 }()
92 klog.Info("admission webhook server started and listening on :8443")
93
94
95 signalChan := make(chan os.Signal, 1)
96 signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)
97 <-signalChan
98
99 klog.Info("admission webhook received kill signal")
100 if err := server.Shutdown(context.Background()); err != nil {
101 klog.Errorf("server shutdown failed:%+v", err)
102 }
103 wg.Wait()
104 }
105
106 func printVersion() {
107 fmt.Printf("gateway-api-admission-webhook version: %v (%v)\n", VERSION, COMMIT)
108 }
109
View as plain text