From 1f4e44eff85e04991f1850dd7d4f2cc41745f343 Mon Sep 17 00:00:00 2001 From: Gordon Bleux Date: Wed, 26 Jan 2022 20:33:40 +0100 Subject: [PATCH] make shutdown endpoint optional via CLI flag. this change adds a new CLI flag, which allows the `/quitquitquit` endpoint to be replaced with a noop action instead of the default "shutdown the application" behaviour. for backwards compatibility, the endpoint remains armed by default. closes #46 --- cmd/kubehook/kubehook.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cmd/kubehook/kubehook.go b/cmd/kubehook/kubehook.go index 3df13f4..2891b3e 100644 --- a/cmd/kubehook/kubehook.go +++ b/cmd/kubehook/kubehook.go @@ -115,6 +115,7 @@ func main() { app = kingpin.New(filepath.Base(os.Args[0]), "Authenticates Kubernetes users via JWT tokens.").DefaultEnvars() listen = app.Flag("listen", "Address at which to expose HTTP webhook.").Default(":10003").String() debug = app.Flag("debug", "Run with debug logging.").Short('d').Bool() + term = app.Flag("shutdown-handler", "Provide endpoint to shutdown the service.").Short('S').Default("true").Bool() grace = app.Flag("shutdown-grace-period", "Wait this long for sessions to end before shutting down.").Default("1m").Duration() audience = app.Flag("audience", "Audience for JWT HMAC creation and verification.").Default(jwt.DefaultAudience).String() userHeader = app.Flag("user-header", "HTTP header specifying the authenticated user sending a token generation request.").Default(handlers.DefaultUserHeader).String() @@ -186,9 +187,14 @@ func main() { r.HandlerFunc("GET", "/", handlers.Content(index, filepath.Base(indexPath))) r.HandlerFunc("POST", "/generate", generate.Handler(m, h)) r.HandlerFunc("POST", "/authenticate", authenticate.Handler(m)) - r.HandlerFunc("GET", "/quitquitquit", handlers.Run(shutdown)) r.HandlerFunc("GET", "/healthz", handlers.Ping()) + if *term { + r.HandlerFunc("GET", "/quitquitquit", handlers.Run(shutdown)) + } else { + r.HandlerFunc("GET", "/quitquitquit", handlers.NotImplemented()) + } + if *template != "" { t, err := kubecfg.LoadTemplate(*template) kingpin.FatalIfError(err, "cannot load kubeconfig template")