From 064d0ddad676065e3ac6e64554e7a67c5523fa45 Mon Sep 17 00:00:00 2001
From: Kiloson <4closetool3@gmail.com>
Date: Tue, 7 May 2024 20:41:04 +0800
Subject: [PATCH 1/2] fix: mutating dose not work

Signed-off-by: Kiloson <4closetool3@gmail.com>
---
 core/middleware/admission/admission.go | 73 +++++++++++++++-----------
 1 file changed, 42 insertions(+), 31 deletions(-)

diff --git a/core/middleware/admission/admission.go b/core/middleware/admission/admission.go
index 92c72535..8b98a8e9 100644
--- a/core/middleware/admission/admission.go
+++ b/core/middleware/admission/admission.go
@@ -43,8 +43,6 @@ func Middleware(skippers ...middleware.Skipper) gin.HandlerFunc {
 				rpcerror.ParamError.WithErrMsg(fmt.Sprintf("request body is invalid, err: %v", err)))
 			return
 		}
-		// restore the request body
-		c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(bodyBytes))
 		if len(bodyBytes) > 0 {
 			contentType := c.ContentType()
 			if contentType == binding.MIMEJSON || contentType == "" {
@@ -60,36 +58,49 @@ func Middleware(skippers ...middleware.Skipper) gin.HandlerFunc {
 				return
 			}
 		}
-		// fill in the request url query into admission request options
-		queries := c.Request.URL.Query()
-		options := make(map[string]interface{}, len(queries))
-		for k, v := range queries {
-			if len(v) == 1 {
-				options[k] = v[0]
-			} else {
-				options[k] = v
+		if object != nil {
+			// fill in the request url query into admission request options
+			queries := c.Request.URL.Query()
+			options := make(map[string]interface{}, len(queries))
+			for k, v := range queries {
+				if len(v) == 1 {
+					options[k] = v[0]
+				} else {
+					options[k] = v
+				}
 			}
+			admissionRequest := &admissionwebhook.Request{
+				Operation:   admissionmodels.Operation(attr.GetVerb()),
+				Resource:    attr.GetResource(),
+				Name:        attr.GetName(),
+				SubResource: attr.GetSubResource(),
+				Version:     attr.GetAPIVersion(),
+				Object:      object,
+				Options:     options,
+			}
+			admissionRequest, err = admissionwebhook.Mutating(c, admissionRequest)
+			if err != nil {
+				response.AbortWithRPCError(c,
+					rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission mutating failed: %v", err)))
+				return
+			}
+			if err := admissionwebhook.Validating(c, admissionRequest); err != nil {
+				response.AbortWithRPCError(c,
+					rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission validating failed: %v", err)))
+				return
+			}
+			newBodyBytes, err := json.Marshal(admissionRequest.Object)
+			if err != nil {
+				response.AbortWithRPCError(c,
+					rpcerror.ParamError.WithErrMsg(fmt.Sprintf("marshal request body failed, err: %v", err)))
+				return
+			}
+			// restore the request body
+			c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(newBodyBytes))
+			c.Next()
+		} else {
+			c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(bodyBytes))
+			c.Next()
 		}
-		admissionRequest := &admissionwebhook.Request{
-			Operation:   admissionmodels.Operation(attr.GetVerb()),
-			Resource:    attr.GetResource(),
-			Name:        attr.GetName(),
-			SubResource: attr.GetSubResource(),
-			Version:     attr.GetAPIVersion(),
-			Object:      object,
-			Options:     options,
-		}
-		admissionRequest, err = admissionwebhook.Mutating(c, admissionRequest)
-		if err != nil {
-			response.AbortWithRPCError(c,
-				rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission mutating failed: %v", err)))
-			return
-		}
-		if err := admissionwebhook.Validating(c, admissionRequest); err != nil {
-			response.AbortWithRPCError(c,
-				rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission validating failed: %v", err)))
-			return
-		}
-		c.Next()
 	}, skippers...)
 }

From b781db6253303909d668a1fe96b30ba9f33fc194 Mon Sep 17 00:00:00 2001
From: Kiloson <4closetool3@gmail.com>
Date: Tue, 7 May 2024 20:55:49 +0800
Subject: [PATCH 2/2] fix: some bugs

Signed-off-by: Kiloson <4closetool3@gmail.com>
---
 core/middleware/admission/admission.go | 71 ++++++++++++--------------
 1 file changed, 34 insertions(+), 37 deletions(-)

diff --git a/core/middleware/admission/admission.go b/core/middleware/admission/admission.go
index 8b98a8e9..de6f2f45 100644
--- a/core/middleware/admission/admission.go
+++ b/core/middleware/admission/admission.go
@@ -58,49 +58,46 @@ func Middleware(skippers ...middleware.Skipper) gin.HandlerFunc {
 				return
 			}
 		}
-		if object != nil {
-			// fill in the request url query into admission request options
-			queries := c.Request.URL.Query()
-			options := make(map[string]interface{}, len(queries))
-			for k, v := range queries {
-				if len(v) == 1 {
-					options[k] = v[0]
-				} else {
-					options[k] = v
-				}
-			}
-			admissionRequest := &admissionwebhook.Request{
-				Operation:   admissionmodels.Operation(attr.GetVerb()),
-				Resource:    attr.GetResource(),
-				Name:        attr.GetName(),
-				SubResource: attr.GetSubResource(),
-				Version:     attr.GetAPIVersion(),
-				Object:      object,
-				Options:     options,
-			}
-			admissionRequest, err = admissionwebhook.Mutating(c, admissionRequest)
-			if err != nil {
-				response.AbortWithRPCError(c,
-					rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission mutating failed: %v", err)))
-				return
-			}
-			if err := admissionwebhook.Validating(c, admissionRequest); err != nil {
-				response.AbortWithRPCError(c,
-					rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission validating failed: %v", err)))
-				return
+		// fill in the request url query into admission request options
+		queries := c.Request.URL.Query()
+		options := make(map[string]interface{}, len(queries))
+		for k, v := range queries {
+			if len(v) == 1 {
+				options[k] = v[0]
+			} else {
+				options[k] = v
 			}
-			newBodyBytes, err := json.Marshal(admissionRequest.Object)
+		}
+		admissionRequest := &admissionwebhook.Request{
+			Operation:   admissionmodels.Operation(attr.GetVerb()),
+			Resource:    attr.GetResource(),
+			Name:        attr.GetName(),
+			SubResource: attr.GetSubResource(),
+			Version:     attr.GetAPIVersion(),
+			Object:      object,
+			Options:     options,
+		}
+		admissionRequest, err = admissionwebhook.Mutating(c, admissionRequest)
+		if err != nil {
+			response.AbortWithRPCError(c,
+				rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission mutating failed: %v", err)))
+			return
+		}
+		if err := admissionwebhook.Validating(c, admissionRequest); err != nil {
+			response.AbortWithRPCError(c,
+				rpcerror.ParamError.WithErrMsg(fmt.Sprintf("admission validating failed: %v", err)))
+			return
+		}
+		if admissionRequest.Object != nil {
+			bodyBytes, err = json.Marshal(admissionRequest.Object)
 			if err != nil {
 				response.AbortWithRPCError(c,
 					rpcerror.ParamError.WithErrMsg(fmt.Sprintf("marshal request body failed, err: %v", err)))
 				return
 			}
-			// restore the request body
-			c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(newBodyBytes))
-			c.Next()
-		} else {
-			c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(bodyBytes))
-			c.Next()
 		}
+		// restore the request body
+		c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(bodyBytes))
+		c.Next()
 	}, skippers...)
 }