diff --git a/pkg/handler/handler.go b/pkg/handler/handler.go index f9eb2e63..fc316fd8 100644 --- a/pkg/handler/handler.go +++ b/pkg/handler/handler.go @@ -30,7 +30,8 @@ import ( "github.com/aws/amazon-eks-pod-identity-webhook/pkg" "github.com/aws/amazon-eks-pod-identity-webhook/pkg/cache" - "k8s.io/api/admission/v1beta1" + "k8s.io/api/admission/v1" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -41,6 +42,7 @@ import ( func init() { _ = corev1.AddToScheme(runtimeScheme) + _ = admissionregistrationv1.AddToScheme(runtimeScheme) _ = admissionregistrationv1beta1.AddToScheme(runtimeScheme) } @@ -480,8 +482,8 @@ func (m *Modifier) buildPodPatchConfig(pod *corev1.Pod) *podPatchConfig { } // MutatePod takes a AdmissionReview, mutates the pod, and returns an AdmissionResponse -func (m *Modifier) MutatePod(ar *v1beta1.AdmissionReview) *v1beta1.AdmissionResponse { - badRequest := &v1beta1.AdmissionResponse{ +func (m *Modifier) MutatePod(ar *v1.AdmissionReview) *v1.AdmissionResponse { + badRequest := &v1.AdmissionResponse{ Result: &metav1.Status{ Message: "bad content", }, @@ -498,7 +500,7 @@ func (m *Modifier) MutatePod(ar *v1beta1.AdmissionReview) *v1beta1.AdmissionResp if err := json.Unmarshal(req.Object.Raw, &pod); err != nil { klog.Errorf("Could not unmarshal raw object: %v", err) klog.Errorf("Object: %v", string(req.Object.Raw)) - return &v1beta1.AdmissionResponse{ + return &v1.AdmissionResponse{ Result: &metav1.Status{ Message: err.Error(), }, @@ -511,7 +513,7 @@ func (m *Modifier) MutatePod(ar *v1beta1.AdmissionReview) *v1beta1.AdmissionResp if patchConfig == nil { klog.V(4).Infof("Pod was not mutated. Reason: "+ "Service account did not have the right annotations or was not found in the cache. %s", logContext(pod.Name, pod.GenerateName, pod.Spec.ServiceAccountName, pod.Namespace)) - return &v1beta1.AdmissionResponse{ + return &v1.AdmissionResponse{ Allowed: true, } } @@ -520,7 +522,7 @@ func (m *Modifier) MutatePod(ar *v1beta1.AdmissionReview) *v1beta1.AdmissionResp patchBytes, err := json.Marshal(patch) if err != nil { klog.Errorf("Error marshaling pod update: %v", err.Error()) - return &v1beta1.AdmissionResponse{ + return &v1.AdmissionResponse{ Result: &metav1.Status{ Message: err.Error(), }, @@ -535,11 +537,11 @@ func (m *Modifier) MutatePod(ar *v1beta1.AdmissionReview) *v1beta1.AdmissionResp "Required volume mounts and env variables were already present. %s", logContext(pod.Name, pod.GenerateName, pod.Spec.ServiceAccountName, pod.Namespace)) } - return &v1beta1.AdmissionResponse{ + return &v1.AdmissionResponse{ Allowed: true, Patch: patchBytes, - PatchType: func() *v1beta1.PatchType { - pt := v1beta1.PatchTypeJSONPatch + PatchType: func() *v1.PatchType { + pt := v1.PatchTypeJSONPatch return &pt }(), } @@ -562,11 +564,11 @@ func (m *Modifier) Handle(w http.ResponseWriter, r *http.Request) { return } - var admissionResponse *v1beta1.AdmissionResponse - ar := v1beta1.AdmissionReview{} + var admissionResponse *v1.AdmissionResponse + ar := v1.AdmissionReview{} if _, _, err := deserializer.Decode(body, nil, &ar); err != nil { klog.Errorf("Can't decode body: %v", err) - admissionResponse = &v1beta1.AdmissionResponse{ + admissionResponse = &v1.AdmissionResponse{ Result: &metav1.Status{ Message: err.Error(), }, @@ -575,7 +577,7 @@ func (m *Modifier) Handle(w http.ResponseWriter, r *http.Request) { admissionResponse = m.MutatePod(&ar) } - admissionReview := v1beta1.AdmissionReview{} + admissionReview := v1.AdmissionReview{} if admissionResponse != nil { admissionReview.Response = admissionResponse if ar.Request != nil {