Cleanup helpers

Without this, the helpers become a big mess of functions that
are only partially used or are inferior in implementation to
what you can find in other parts of the code.

This fixes it by removing usess functions which can be replaced
by a few idiomatic golang calls.

cmd/api/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"fmt"
 	"io"
 	"net/http"
 	"os"
@@ -17,8 +18,7 @@ func main() {
 
 	config, err := utils.MakeConfig()
 	if err != nil {
-		log.Fatal().Msg("Config error")
-		os.Exit(1)
+		log.Fatal().Msg(fmt.Sprintf("Config error: %v", err))
 	}
 	// TODO Remove this aberration - L17 should be a constructor and we should
 	// use the config as live object instead of mutating it.

cmd/authorization-webhook/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"fmt"
 	"net/http"
 	"os"
 
@@ -16,8 +17,7 @@ func main() {
 
 	config, err := utils.MakeConfig()
 	if err != nil {
-		log.Fatal().Msg("Config error")
-		os.Exit(1)
+		log.Fatal().Msg(fmt.Sprintf("Config error: %v", err))
 	}
 	utils.Config = config
 

cmd/operator/main.go

@@ -1,8 +1,8 @@
 package main
 
 import (
+	"fmt"
 	"net/http"
-	"os"
 	"time"
 
 	"github.com/ca-gip/kubi/internal/middlewares"
@@ -17,8 +17,7 @@ func main() {
 
 	config, err := utils.MakeConfig()
 	if err != nil {
-		log.Fatal().Msg("Config error")
-		os.Exit(1)
+		log.Fatal().Msg(fmt.Sprintf("Config error: %v", err))
 	}
 	utils.Config = config
 

internal/services/provisionner.go

@@ -506,6 +506,14 @@ func updateExistingNamespace(project *v12.Project, api v13.CoreV1Interface) erro
 	return nil
 }
 
+// Join two maps by value copy non-recursively
+func union(a map[string]string, b map[string]string) map[string]string {
+	for k, v := range b {
+		a[k] = v
+	}
+	return a
+}
+
 // Generate CustomLabels that should be applied on Kubi's Namespaces
 func generateNamespaceLabels(project *v12.Project) (labels map[string]string) {
 
@@ -518,12 +526,12 @@ func generateNamespaceLabels(project *v12.Project) (labels map[string]string) {
 		"pod-security.kubernetes.io/warn":    string(utils.Config.PodSecurityAdmissionWarning),
 		"pod-security.kubernetes.io/audit":   string(utils.Config.PodSecurityAdmissionAudit),
 	}
-
-	return utils.Union(defaultLabels, utils.Config.CustomLabels)
+	// Todo: Decide whether this is still worth a separate function for testability.
+	return union(defaultLabels, utils.Config.CustomLabels)
 }
 
 func GetPodSecurityStandardName(namespace string) string {
-	if utils.IsInPrivilegedNsList(namespace) {
+	if slices.Contains(utils.Config.PrivilegedNamespaces, namespace) {
 		utils.Log.Warn().Msgf("Namespace %v is labeled as privileged", namespace)
 		return string(podSecurity.LevelPrivileged)
 	}
@@ -832,19 +840,21 @@ func generateNetworkPolicy(namespace string, networkPolicyConfig *v12.NetworkPol
 		_, err := api.NetworkPolicies(namespace).Create(context.TODO(), networkpolicy, metav1.CreateOptions{})
 		if err != nil {
 			utils.NetworkPolicyCreation.WithLabelValues("error", namespace, utils.KubiDefaultNetworkPolicyName).Inc()
+			// Todo: Wrap this error correctly and use slog.
+			utils.Log.Error().Msg(fmt.Sprintf("error creating netpol %v", err.Error()))
 		} else {
 			utils.NetworkPolicyCreation.WithLabelValues("created", namespace, utils.KubiDefaultNetworkPolicyName).Inc()
 		}
-		utils.Check(err)
 		return
 	} else {
 		_, err := api.NetworkPolicies(namespace).Update(context.TODO(), networkpolicy, metav1.UpdateOptions{})
 		if err != nil {
 			utils.NetworkPolicyCreation.WithLabelValues("error", namespace, utils.KubiDefaultNetworkPolicyName).Inc()
+			// Todo: Wrap this error correctly and use slog.
+			utils.Log.Error().Msg(fmt.Sprintf("error updating netpol %v", err.Error()))
 		} else {
 			utils.NetworkPolicyCreation.WithLabelValues("updated", namespace, utils.KubiDefaultNetworkPolicyName).Inc()
 		}
-		utils.Check(err)
 		return
 	}
 }