fix: github actions lint (#11)

* Ignore build binary

Signed-off-by: Ashish Malik <b218008@iiit-bh.ac.in>

* Update modules

Signed-off-by: Ashish Malik <b218008@iiit-bh.ac.in>

* Update CI badge

Signed-off-by: Ashish Malik <b218008@iiit-bh.ac.in>

* Updated go.mod

Signed-off-by: Ashish Malik <b218008@iiit-bh.ac.in>

* Removed comments

Signed-off-by: Ashish Malik <b218008@iiit-bh.ac.in>

Author: ashish493

.gitignore

@@ -13,3 +13,4 @@
 
 # Dependency directories (remove the comment below to include it)
 # vendor/
+k8s-authz

README.md

@@ -2,7 +2,7 @@
 [![Contributions Welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/casbin/k8s-authz/issues)
 [![Go Report Card](https://goreportcard.com/badge/github.com/casbin/k8s-authz)](https://goreportcard.com/report/github.com/casbin/k8s-authz)
 [![Coverage Status](https://coveralls.io/repos/github/casbin/k8s-authz/badge.svg?branch=master)](https://coveralls.io/github/casbin/k8s-authz?branch=master)
-[![CI](https://github.com/casbin/k8s-authz/workflows/CI/badge.svg)](https://github.com/casbin/k8s-authz/actions?query=workflow%3CI)
+[![Go](https://github.com/casbin/k8s-authz/actions/workflows/ci.yaml/badge.svg)](https://github.com/casbin/k8s-authz/actions/workflows/ci.yaml)
 [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/casbin/lobby)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 

main.go

@@ -35,21 +35,26 @@ func main() {
 		Addr:      fmt.Sprintf(":%v", port),
 		TLSConfig: &tls.Config{Certificates: []tls.Certificate{certs}},
 	}
-	//cs = CasbinServerHandler{}
+	cs := CasbinServerHandler{}
 	router := mux.NewRouter()
-	router.HandleFunc("/validate", (*CasbinServerHandler).serve)
-	server.ListenAndServeTLS("", "")
+	router.HandleFunc("/validate", cs.serve)
 
+	if err := server.ListenAndServeTLS("", ""); err != nil {
+		glog.Error("Server error", err)
+	}
 	go func() {
 		if err := server.ListenAndServeTLS("", ""); err != nil {
 			glog.Errorf("Failed to listen and serve webhook server: %v", err)
 		}
 	}()
 
-	glog.Infof("Server running listening in port: ", port)
+	glog.Info("Server running listening in port: ", port)
 	signalChan := make(chan os.Signal, 1)
 	signal.Notify(signalChan, syscall.SIGINT, syscall.SIGTERM)
 	<-signalChan
 	glog.Info("Shutting down webhook server...")
-	server.Shutdown(context.Background())
+	if err := server.Shutdown(context.Background()); err != nil {
+		glog.Error("Unable to shutdown the server", err)
+	}
+
 }

server.go

@@ -19,7 +19,7 @@ var (
 	operation_name string
 )
 
-func (gs *CasbinServerHandler) serve(w http.ResponseWriter, r *http.Request) {
+func (cs *CasbinServerHandler) serve(w http.ResponseWriter, r *http.Request) {
 	var body []byte
 	if r.Body != nil {
 		if data, err := ioutil.ReadAll(r.Body); err == nil {
@@ -43,7 +43,11 @@ func (gs *CasbinServerHandler) serve(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "incorrect body", http.StatusBadRequest)
 	}
 	raw := v1.AdmissionReview{}.Request.Object.Raw
-	json.Unmarshal([]byte(arRequest.Operation), &operation_name)
+
+	if err := json.Unmarshal([]byte(arRequest.Operation), &operation_name); err != nil {
+		glog.Error("incorrect body")
+		http.Error(w, "incorrect body", http.StatusBadRequest)
+	}
 	user := arRequest.UserInfo.Username
 
 	if err := json.Unmarshal(raw, &user); err != nil {
@@ -59,27 +63,26 @@ func (gs *CasbinServerHandler) serve(w http.ResponseWriter, r *http.Request) {
 		glog.Errorf("Filed to load the policies: %v", err)
 		return
 	}
-	if e.HasPermissionForUser(user, operation_name) == true {
-		response := v1.AdmissionReview{
-			Response: &v1.AdmissionResponse{
-				Allowed: true,
-			},
-		}
+	
+	arReview := v1.AdmissionReview{}
+	arReview.Response = &v1.AdmissionResponse{
+		UID:     arReview.Request.UID,
+		Allowed: true,
 	}
-	response := v1.AdmissionReview{
-		Response: &v1.AdmissionResponse{
-			Allowed: false,
-			Result: &metav1.Status{
-				Message: " You are not authorized to perform any operations on these pods!",
-			},
-		},
+
+	if !e.HasPermissionForUser(user, operation_name) {
+		arReview.Response.Allowed = false
+		arReview.Response.Result = &metav1.Status{
+			Message: " You are not authorized to perform any operations on these pods!",
+		}
+		
 	}
-	resp, err := json.Marshal(response)
+	resp, err := json.Marshal(arReview)
 	if err != nil {
 		glog.Errorf("Can't encode response: %v", err)
 		http.Error(w, fmt.Sprintf("could not encode response: %v", err), http.StatusInternalServerError)
 	}
-	glog.Infof("Ready to write response ...")
+	glog.Info("Ready to write response ...")
 	if _, err := w.Write(resp); err != nil {
 		glog.Errorf("Can't write response: %v", err)
 		http.Error(w, fmt.Sprintf("could not write response: %v", err), http.StatusInternalServerError)