Reformat consul sider car container and comment it again

connect-inject/container_init_test.go

@@ -653,7 +653,7 @@ services {
 			consul, err := testutil.NewTestServerConfigT(t, nil)
 			require.NoError(err)
 			defer consul.Stop()
-			consul.WaitForSerfCheck(t)
+			consul.WaitForLeader(t)
 			consulClient, err := capi.NewClient(&capi.Config{
 				Address: consul.HTTPAddr,
 			})

connect-inject/endpoints_controller.go

@@ -123,7 +123,7 @@ func (r *EndpointsController) Reconcile(req ctrl.Request) (ctrl.Result, error) {
 					// and register that port for the host service.
 					var servicePort int
 					if raw, ok := pod.Annotations[annotationPort]; ok && raw != "" {
-						if port, _ := portValue(&pod, raw); port > 0 {
+						if port, _ := portValue(pod, raw); port > 0 {
 							servicePort = int(port)
 						}
 					}
@@ -175,7 +175,7 @@ func (r *EndpointsController) Reconcile(req ctrl.Request) (ctrl.Result, error) {
 						proxyConfig.LocalServicePort = servicePort
 					}
 
-					proxyConfig.Upstreams, err = r.processUpstreams(&pod)
+					proxyConfig.Upstreams, err = r.processUpstreams(pod)
 					if err != nil {
 						return ctrl.Result{}, err
 					}
@@ -361,7 +361,7 @@ func (r *EndpointsController) deregisterServiceOnAllAgentsIfNotInMap(k8sSvcName,
 	return nil
 }
 
-func (r *EndpointsController) processUpstreams(pod *corev1.Pod) ([]api.Upstream, error) {
+func (r *EndpointsController) processUpstreams(pod corev1.Pod) ([]api.Upstream, error) {
 	var upstreams []api.Upstream
 	if raw, ok := pod.Annotations[annotationUpstreams]; ok && raw != "" {
 		for _, raw := range strings.Split(raw, ",") {

connect-inject/handler.go

@@ -27,10 +27,10 @@ const (
 	// a pod after an injection is done.
 	annotationStatus = "consul.hashicorp.com/connect-inject-status"
 
-	// AnnotationInject is the key of the annotation that controls whether
+	// annotationInject is the key of the annotation that controls whether
 	// injection is explicitly enabled or disabled for a pod. This should
 	// be set to a truthy or falsy value, as parseable by strconv.ParseBool
-	AnnotationInject = "consul.hashicorp.com/connect-inject"
+	annotationInject = "consul.hashicorp.com/connect-inject"
 
 	// annotationService is the name of the service to proxy. This defaults
 	// to the name of the first container.
@@ -268,31 +268,28 @@ func (h *Handler) Handle(ctx context.Context, req admission.Request) admission.R
 
 	// Add the upstream services as environment variables for easy
 	// service discovery.
+	containerEnvVars := h.containerEnvVars(pod)
 	for _, container := range pod.Spec.InitContainers {
-		container.Env = append(container.Env, h.containerEnvVars(pod)...)
+		container.Env = append(container.Env, containerEnvVars...)
 	}
 
 	for _, container := range pod.Spec.Containers {
-		container.Env = append(container.Env, h.containerEnvVars(pod)...)
+		container.Env = append(container.Env, containerEnvVars...)
 	}
 
 	// TODO: rename both of these initcontainers appropriately
 	// Add the consul-init container
-	consulInitContainer, err := h.getConsulInitContainer()
-	if err != nil {
-		h.Log.Error("Error configuring consul init container", "err", err, "Request Name", req.Name)
-		return admission.Errored(http.StatusInternalServerError, fmt.Errorf("error configuring consul init container: %s", err))
-	}
-	pod.Spec.InitContainers = append(pod.Spec.InitContainers, consulInitContainer)
+	initCopyContainer := h.containerInitCopyContainer()
+	pod.Spec.InitContainers = append(pod.Spec.InitContainers, initCopyContainer)
 
 	// Add the init container that registers the service and sets up
 	// the Envoy configuration.
-	container, err := h.containerInit(pod, req.Namespace)
+	initContainer, err := h.containerInit(pod, req.Namespace)
 	if err != nil {
 		h.Log.Error("Error configuring injection init container", "err", err, "Request Name", req.Name)
 		return admission.Errored(http.StatusInternalServerError, fmt.Errorf("error configuring injection init container: %s", err))
 	}
-	pod.Spec.InitContainers = append(pod.Spec.InitContainers, container)
+	pod.Spec.InitContainers = append(pod.Spec.InitContainers, initContainer)
 
 	// Add the Envoy and Consul sidecars.
 	esContainer, err := h.envoySidecar(pod, req.Namespace)
@@ -302,20 +299,15 @@ func (h *Handler) Handle(ctx context.Context, req admission.Request) admission.R
 	}
 	pod.Spec.Containers = append(pod.Spec.Containers, esContainer)
 
-	// todo: we need to run consul sidecar in case of metrics
-	//Disable lifecycle sidecar until we figure out how to support it.
-	// connectContainer := h.consulSidecar(&pod)
-	//if err != nil {
-	//	h.Log.Error("Error configuring consul sidecar container", "err", err, "Request Name", req.Name)
-	//	return &v1beta1.AdmissionResponse{
-	//		Result: &metav1.Status{
-	//			Message: fmt.Sprintf("Error configuring consul sidecar container: %s", err),
-	//		},
-	//	}
-	//}
-
-	// The annotations here have already been initialized be h.defaultAnnotations()
-	// and do not need to be checked for being a nil value.
+	connectContainer, err := h.consulSidecar(pod)
+	if err != nil {
+		h.Log.Error("Error configuring consul sidecar container", "err", err, "Request Name", req.Name)
+		return admission.Errored(http.StatusInternalServerError, fmt.Errorf("error configuring consul sidecar container: %s", err))
+	}
+	pod.Spec.Containers = append(pod.Spec.Containers, connectContainer)
+
+	//The annotations here have already been initialized be h.defaultAnnotations()
+	//and do not need to be checked for being a nil value.
 	pod.Annotations[annotationStatus] = injected
 
 	// Add annotations for metrics.
@@ -400,7 +392,7 @@ func (h *Handler) shouldInject(pod corev1.Pod, namespace string) (bool, error) {
 	// If the explicit true/false is on, then take that value. Note that
 	// this has to be the last check since it sets a default value after
 	// all other checks.
-	if raw, ok := pod.Annotations[AnnotationInject]; ok {
+	if raw, ok := pod.Annotations[annotationInject]; ok {
 		return strconv.ParseBool(raw)
 	}
 
@@ -486,8 +478,9 @@ func (h *Handler) prometheusScrapePath(pod corev1.Pod) string {
 	return h.DefaultPrometheusScrapePath
 }
 
-// serviceMetricsPort returns the port used to register the service with Consul,
-// or overrides that with the annotation if provided.
+// serviceMetricsPort returns the port the service exposes metrics on. This will
+// default to the port used to register the service with Consul, and can be
+// overridden with the annotation if provided.
 func (h *Handler) serviceMetricsPort(pod corev1.Pod) (string, error) {
 	// The annotationPort is the port used to register the service with Consul.
 	// If that has been set, it'll be used as the port for getting service

connect-inject/handler_test.go

@@ -122,6 +122,10 @@ func TestHandlerHandle(t *testing.T) {
 					Operation: "add",
 					Path:      "/spec/containers/1",
 				},
+				{
+					Operation: "add",
+					Path:      "/spec/containers/2",
+				},
 			},
 		},
 
@@ -171,6 +175,10 @@ func TestHandlerHandle(t *testing.T) {
 					Operation: "add",
 					Path:      "/spec/containers/1",
 				},
+				{
+					Operation: "add",
+					Path:      "/spec/containers/2",
+				},
 			},
 		},
 
@@ -187,7 +195,7 @@ func TestHandlerHandle(t *testing.T) {
 					Object: encodeRaw(t, &corev1.Pod{
 						ObjectMeta: metav1.ObjectMeta{
 							Annotations: map[string]string{
-								AnnotationInject: "false",
+								annotationInject: "false",
 							},
 						},
 						Spec: basicSpec,
@@ -211,7 +219,7 @@ func TestHandlerHandle(t *testing.T) {
 					Object: encodeRaw(t, &corev1.Pod{
 						ObjectMeta: metav1.ObjectMeta{
 							Annotations: map[string]string{
-								AnnotationInject: "t",
+								annotationInject: "t",
 							},
 						},
 						Spec: basicSpec,
@@ -236,6 +244,10 @@ func TestHandlerHandle(t *testing.T) {
 					Operation: "add",
 					Path:      "/spec/containers/1",
 				},
+				{
+					Operation: "add",
+					Path:      "/spec/containers/2",
+				},
 				{
 					Operation: "add",
 					Path:      "/metadata/annotations/" + escapeJSONPointer(annotationStatus),
@@ -281,6 +293,10 @@ func TestHandlerHandle(t *testing.T) {
 					Operation: "add",
 					Path:      "/spec/containers/1",
 				},
+				{
+					Operation: "add",
+					Path:      "/spec/containers/2",
+				},
 				{
 					Operation: "add",
 					Path:      "/metadata/annotations/" + escapeJSONPointer(annotationStatus),
@@ -326,6 +342,10 @@ func TestHandlerHandle(t *testing.T) {
 					Operation: "add",
 					Path:      "/spec/containers/1",
 				},
+				{
+					Operation: "add",
+					Path:      "/spec/containers/2",
+				},
 				{
 					Operation: "add",
 					Path:      "/metadata/annotations",

subcommand/inject-connect/command.go

@@ -3,7 +3,6 @@ package connectinject
 import (
 	"context"
 	"crypto/tls"
-	"encoding/base64"
 	"flag"
 	"fmt"
 	"io/ioutil"
@@ -19,7 +18,6 @@ import (
 
 	connectinject "github.com/hashicorp/consul-k8s/connect-inject"
 	"github.com/hashicorp/consul-k8s/consul"
-	"github.com/hashicorp/consul-k8s/helper/cert"
 	"github.com/hashicorp/consul-k8s/helper/controller"
 	"github.com/hashicorp/consul-k8s/subcommand/common"
 	"github.com/hashicorp/consul-k8s/subcommand/flags"
@@ -29,16 +27,15 @@ import (
 	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/types"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/client-go/kubernetes"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
 	"k8s.io/klog/v2"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
 )
 
 type Command struct {