From 76d9a0fcdfd316a66f49c31027503e3637b2eba3 Mon Sep 17 00:00:00 2001
From: Joshua Burns <joshua.burns@liatrio.com>
Date: Thu, 2 Nov 2023 15:15:19 -0700
Subject: [PATCH] Updated examples for the ch8 webhooks chapter to remove some
 of the struggle that does not directly relate to the learning objectives of
 the chapter.

---
 .cspell.json                                             | 1 +
 .../8-kubernetes-container-orchestration/8.6-webhooks.md | 9 ++-------
 examples/ch8/webhooks/Dockerfile                         | 8 ++++----
 examples/ch8/webhooks/app/webhooks.py                    | 4 +++-
 examples/ch8/webhooks/requirements.txt                   | 2 +-
 5 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/.cspell.json b/.cspell.json
index d4a01fc0..756ed102 100644
--- a/.cspell.json
+++ b/.cspell.json
@@ -66,6 +66,7 @@
         "Mikayla",
         "msdemo",
         "mumoshu",
+        "myapp",
         "mydeployment",
         "myfile",
         "mypod",
diff --git a/docs/8-kubernetes-container-orchestration/8.6-webhooks.md b/docs/8-kubernetes-container-orchestration/8.6-webhooks.md
index 18addd1c..ba77f1f6 100644
--- a/docs/8-kubernetes-container-orchestration/8.6-webhooks.md
+++ b/docs/8-kubernetes-container-orchestration/8.6-webhooks.md
@@ -80,12 +80,10 @@ Controller using python.
    --namespace cert-manager \
    --create-namespace \
    --set installCRDs=true \
-   --version v1.6.1 \
+   --version v1.13.2 \
    jetstack/cert-manager
    ```
 
-?> You might need to specify a different version of cert-manager
-
 4. Create the validation namespace, the root CA, and self signed certificate by applying the `certs.yaml` file.
 
 5. Get the base64 value of the ca.crt file in the secret
@@ -100,8 +98,6 @@ Controller using python.
 
 2. Configure a validating webhook in `app/webhooks.py`. A reference is provided with `examples/warden-validating.py`.
 
-?> You might need to update out of date packages and OS versions in order for the webhook server to function properly
-
 #### Criteria
 
 - Only check pods in the `myapp` namespace.
@@ -121,7 +117,7 @@ Controller using python.
     cat validating-webhook.yaml | sed "s/      caBundle: .*/      caBundle: ${CA}/" | kubectl apply -f -
     ```
 
-?> It might be in your best interest to create scripts or "one liners" to deploy and delete resources as you may do this a lot
+?> It might be helpful to create scripts or "one liners" to deploy and delete resources as you may do this a lot
 
 8. Test your validating webhook
 Tests 2, 4, and 5 should pass.
@@ -164,5 +160,4 @@ Tests 1, 2, 4, 5, and 7 should pass.
 - Why do webhooks require a TLS certificate?
   - How does cert-manager facilitate this?
 - Can a mutating webhook also function as a validating webhook? Vice versa? Why or why not?
-- When attempting to run the webhook server, what specific problems did you find, if any, and how did you solve them?
 - Is there a way to test the webhook server locally without needing to strictly be inside the kubernetes cluster?
diff --git a/examples/ch8/webhooks/Dockerfile b/examples/ch8/webhooks/Dockerfile
index 5db4ee04..a569765c 100644
--- a/examples/ch8/webhooks/Dockerfile
+++ b/examples/ch8/webhooks/Dockerfile
@@ -1,8 +1,8 @@
 FROM ubuntu:16.04
 
 RUN apt-get update -y && \
-    apt-get install -y python-pip python-dev && \
-    apt-get install -y python-flask && \
+    apt-get install -y python3-pip python3-dev && \
+    apt-get install -y python3-flask && \
     apt-get install -y vim
 
 # We copy just the requirements.txt first to leverage Docker cache
@@ -10,10 +10,10 @@ COPY ./requirements.txt /app/requirements.txt
 
 WORKDIR /app
 
-RUN pip install -r requirements.txt
+RUN pip3 install -r requirements.txt
 
 COPY . /app
 
-ENTRYPOINT [ "python" ]
+ENTRYPOINT [ "python3" ]
 
 CMD [ "app/webhooks.py" ]
diff --git a/examples/ch8/webhooks/app/webhooks.py b/examples/ch8/webhooks/app/webhooks.py
index 1b7793a9..5c6f9e12 100644
--- a/examples/ch8/webhooks/app/webhooks.py
+++ b/examples/ch8/webhooks/app/webhooks.py
@@ -5,7 +5,7 @@
 
 warden = Flask(__name__)
 
-#POST route for Admission Controller  
+#POST route for Admission Controller
 @warden.route('/validate', methods=['POST'])
 #Admission Control Logic - validating
 def validating_webhook():
@@ -22,3 +22,5 @@ def mutatating_webhook():
     uid = request_info["request"].get("uid")
 
     # Code for mutating webhook HERE
+if __name__ == '__main__':
+    warden.run(ssl_context=('certs/wardencrt.pem', 'certs/wardenkey.pem'),debug=True, host='0.0.0.0')
diff --git a/examples/ch8/webhooks/requirements.txt b/examples/ch8/webhooks/requirements.txt
index 75907a55..cb43a40f 100644
--- a/examples/ch8/webhooks/requirements.txt
+++ b/examples/ch8/webhooks/requirements.txt
@@ -1,3 +1,3 @@
 jsonify
-Werkzeug==2.2.3
+Werkzeug
 jsonpatch