From 33aaf35b1372518be1cb547e0de6f2bfed408d78 Mon Sep 17 00:00:00 2001
From: jiahui <bxy4543@gmail.com>
Date: Mon, 6 Nov 2023 11:18:45 +0800
Subject: [PATCH] optimize Kubefile

---
 controllers/admission/api/v1/pvc_webhook.go   |  4 ---
 .../admission/config/webhook/manifests.yaml   | 29 +++++++++++++++++
 controllers/admission/deploy/Kubefile         |  2 ++
 .../deploy/manifests/deploy.yaml.tmpl         | 31 +++++++++++++++++++
 4 files changed, 62 insertions(+), 4 deletions(-)

diff --git a/controllers/admission/api/v1/pvc_webhook.go b/controllers/admission/api/v1/pvc_webhook.go
index 9d9a968e04a..f6252136c2c 100644
--- a/controllers/admission/api/v1/pvc_webhook.go
+++ b/controllers/admission/api/v1/pvc_webhook.go
@@ -133,10 +133,6 @@ func (v *PvcValidator) checkStorageCapacity(nodeNames []string, requestedStorage
 	return nil
 }
 
-//func (v *PvcValidator) ValidateDelete(ctx context.Context, obj runtime.Object) error {
-//	return nil
-//}
-
 func (v *PvcValidator) newLVMVgTotalFreeQuery(node string) (int64, error) {
 	prom, err := prometheus.NewPrometheus(v.PromoURL)
 	if err != nil {
diff --git a/controllers/admission/config/webhook/manifests.yaml b/controllers/admission/config/webhook/manifests.yaml
index 91f8e9db4fc..118c71249c8 100644
--- a/controllers/admission/config/webhook/manifests.yaml
+++ b/controllers/admission/config/webhook/manifests.yaml
@@ -108,3 +108,32 @@ webhooks:
     resources:
     - namespaces
   sideEffects: None
+- admissionReviewVersions:
+  - v1
+  - v1beta1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-opsrequest-sts-pvc
+  failurePolicy: Fail
+  name: vresources.kb.io
+  namespaceSelector:
+    matchExpressions:
+      - key: user.sealos.io/owner
+        operator: Exists
+  rules:
+  - apiGroups:
+    - apps.kubeblocks.io
+    - apps
+    apiVersions:
+    - v1alpha1
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    - DELETE
+    resources:
+    - opsrequests
+    - statefulsets
+  sideEffects: None
diff --git a/controllers/admission/deploy/Kubefile b/controllers/admission/deploy/Kubefile
index 563665e6aa9..30352cc4674 100644
--- a/controllers/admission/deploy/Kubefile
+++ b/controllers/admission/deploy/Kubefile
@@ -13,6 +13,8 @@ ENV icpEnabled="false"
 ENV icpEndpoint=""
 ENV icpKey=""
 
+ENV promoUrl=""
+
 ENV namespaceWebhookEnabled="true"
 ENV namespaceWebhookFailurePolicy="Fail"
 
diff --git a/controllers/admission/deploy/manifests/deploy.yaml.tmpl b/controllers/admission/deploy/manifests/deploy.yaml.tmpl
index 1d4d28cec4d..583124f6ba0 100644
--- a/controllers/admission/deploy/manifests/deploy.yaml.tmpl
+++ b/controllers/admission/deploy/manifests/deploy.yaml.tmpl
@@ -302,6 +302,8 @@ spec:
           value: '{{ .icpEndpoint }}'
         - name: ICP_KEY
           value: '{{ .icpKey }}'
+        - name: PROMO_URL
+          value: '{{ .promoUrl }}'
         image: ghcr.io/labring/sealos-admission-controller:latest
         livenessProbe:
           httpGet:
@@ -543,4 +545,33 @@ webhooks:
     resources:
     - namespaces
   sideEffects: None
+- admissionReviewVersions:
+  - v1
+  - v1beta1
+  clientConfig:
+    service:
+      name: admission-webhook-service
+      namespace: sealos-system
+      path: /validate-opsrequest-sts-pvc
+  failurePolicy: {{ .namespaceWebhookFailurePolicy }}
+  name: vresources.kb.io
+  namespaceSelector:
+    matchExpressions:
+      - key: user.sealos.io/owner
+        operator: Exists
+  rules:
+  - apiGroups:
+    - apps.kubeblocks.io
+    - apps
+    apiVersions:
+    - v1alpha1
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    - DELETE
+    resources:
+    - opsrequests
+    - statefulsets
+  sideEffects: None
 {{ end }}
\ No newline at end of file