From 3cce955a061f8384cfc10bb09581e78644f736b5 Mon Sep 17 00:00:00 2001 From: Filipe Regadas Date: Wed, 1 Dec 2021 07:59:31 +0000 Subject: [PATCH] Set Forbidden as the response status reason (#1692) * Set Forbidden as the response status reason Signed-off-by: Filipe Regadas * fixup! Set Forbidden as the response status reason Signed-off-by: Filipe Regadas Co-authored-by: Rita Zhang Signed-off-by: Priya Shetpriya.shet@gmail.com --- pkg/webhook/policy.go | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/pkg/webhook/policy.go b/pkg/webhook/policy.go index f5c86e5e8c2..1e3c89cfb68 100644 --- a/pkg/webhook/policy.go +++ b/pkg/webhook/policy.go @@ -189,25 +189,31 @@ func (h *validationHandler) Handle(ctx context.Context, req admission.Request) a denyMsgs, warnMsgs := h.getValidationMessages(res, &req) if len(denyMsgs) > 0 { - vResp := admission.Denied(strings.Join(denyMsgs, "\n")) - if vResp.Result == nil { - vResp.Result = &metav1.Status{} - } - if len(warnMsgs) > 0 { - vResp.Warnings = warnMsgs - } - vResp.Result.Code = http.StatusForbidden requestResponse = denyResponse - return vResp + return admission.Response{ + AdmissionResponse: admissionv1.AdmissionResponse{ + Allowed: false, + Result: &metav1.Status{ + Reason: metav1.StatusReasonForbidden, + Code: http.StatusForbidden, + Message: strings.Join(denyMsgs, "\n"), + }, + Warnings: warnMsgs, + }, + } } requestResponse = allowResponse - vResp := admission.Allowed("") - if vResp.Result == nil { - vResp.Result = &metav1.Status{} + vResp := admission.Response{ + AdmissionResponse: admissionv1.AdmissionResponse{ + Allowed: true, + Result: &metav1.Status{ + Code: http.StatusOK, + }, + Warnings: warnMsgs, + }, } if len(warnMsgs) > 0 { - vResp.Warnings = warnMsgs vResp.Result.Code = httpStatusWarning } return vResp