fix: return 400(StatusBadRequest) http code when the validation failed

pkg/webhook/clusteroverridepolicy/validating.go

@@ -32,7 +32,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := validation.ValidateOverrideSpec(&policy.Spec); len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")

pkg/webhook/clusterpropagationpolicy/validating.go

@@ -42,14 +42,14 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 		if policy.Spec.SchedulerName != oldPolicy.Spec.SchedulerName {
 			err = fmt.Errorf("the schedulerName should not be updated")
 			klog.Error(err)
-			return admission.Denied(err.Error())
+			return admission.Errored(http.StatusBadRequest, err)
 		}
 	}
 
 	errs := validation.ValidatePropagationSpec(policy.Spec)
 	if len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 	return admission.Allowed("")
 }

pkg/webhook/configuration/validating.go

@@ -48,7 +48,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if len(allErrors) != 0 {
 		klog.Error(allErrors.ToAggregate())
-		return admission.Denied(allErrors.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, allErrors.ToAggregate())
 	}
 
 	return admission.Allowed("")

pkg/webhook/cronfederatedhpa/validation.go

@@ -58,7 +58,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 	errs = append(errs, validateCronFederatedHPASpec(&cronFHPA.Spec, field.NewPath("spec"))...)
 
 	if len(errs) != 0 {
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 	return admission.Allowed("")
 }

pkg/webhook/federatedhpa/validation.go

@@ -32,7 +32,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := lifted.ValidateFederatedHPA(fhpa); len(errs) != 0 {
 		klog.Errorf("%v", errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")

pkg/webhook/federatedresourcequota/validating.go

@@ -37,7 +37,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := validateFederatedResourceQuota(quota); len(errs) != 0 {
 		klog.Errorf("%v", errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")

pkg/webhook/multiclusteringress/validating.go

@@ -41,12 +41,12 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 		}
 		if errs := validateMCIUpdate(oldMci, mci); len(errs) != 0 {
 			klog.Errorf("%v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	} else {
 		if errs := validateMCI(mci); len(errs) != 0 {
 			klog.Errorf("%v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	}
 	return admission.Allowed("")

pkg/webhook/multiclusterservice/validating.go

@@ -44,12 +44,12 @@ func (v *ValidatingAdmission) Handle(ctx context.Context, req admission.Request)
 		}
 		if errs := v.validateMCSUpdate(oldMcs, mcs); len(errs) != 0 {
 			klog.Errorf("Validating MultiClusterServiceUpdate failed: %v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	} else {
 		if errs := v.validateMCS(mcs); len(errs) != 0 {
 			klog.Errorf("Validating MultiClusterService failed: %v", errs)
-			return admission.Denied(errs.ToAggregate().Error())
+			return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 		}
 	}
 	return admission.Allowed("")

pkg/webhook/overridepolicy/validating.go

@@ -32,7 +32,7 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 
 	if errs := validation.ValidateOverrideSpec(&policy.Spec); len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 
 	return admission.Allowed("")

pkg/webhook/propagationpolicy/validating.go

@@ -42,14 +42,14 @@ func (v *ValidatingAdmission) Handle(_ context.Context, req admission.Request) a
 		if policy.Spec.SchedulerName != oldPolicy.Spec.SchedulerName {
 			err = fmt.Errorf("the schedulerName should not be updated")
 			klog.Error(err)
-			return admission.Denied(err.Error())
+			return admission.Errored(http.StatusBadRequest, err)
 		}
 	}
 
 	errs := validation.ValidatePropagationSpec(policy.Spec)
 	if len(errs) != 0 {
 		klog.Error(errs)
-		return admission.Denied(errs.ToAggregate().Error())
+		return admission.Errored(http.StatusBadRequest, errs.ToAggregate())
 	}
 	return admission.Allowed("")
 }

pkg/webhook/resourceinterpretercustomization/validating.go

@@ -35,7 +35,7 @@ func (v *ValidatingAdmission) Handle(ctx context.Context, req admission.Request)
 		return admission.Errored(http.StatusInternalServerError, err)
 	}
 	if err = validateResourceInterpreterCustomizations(configuration, configs); err != nil {
-		return admission.Denied(err.Error())
+		return admission.Errored(http.StatusBadRequest, err)
 	}
 	return admission.Allowed("")
 }