Documentation
¶
Index ¶
- Variables
- func GetSchemaClient(co *apisix.ClusterOptions) (apisix.Schema, error)
- func NewHandlerFunc(ID string, validator kwhvalidating.Validator) gin.HandlerFunc
- func ValidateApisixPluginConfigV2(apc *v2.ApisixPluginConfig) (valid bool, resultErr error)
- func ValidateApisixRouteHTTPV2(httpRouteList []v2.ApisixRouteHTTP) (valid bool, resultErr error)
- func ValidateApisixRoutePlugins(plugins []v2.ApisixRoutePlugin) (valid bool, resultErr error)
- func ValidateApisixRouteV2(ar *v2.ApisixRoute) (valid bool, resultErr error)
- func ValidatePlugin(client apisix.Schema, pluginName string, pluginConfig interface{}) (valid bool, resultErr error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ApisixRouteV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixroutes", } ApisixPluginConfigV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixpluginconfigs", } ApisixConsumerV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixconsumers", } ApisixTlsV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixtlses", } ApisixClusterConfigV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixclusterconfigs", } ApisixUpstreamV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixupstreams", } ApisixGlobalRuleV2GVR = metav1.GroupVersionResource{ Group: v2.GroupVersion.Group, Version: v2.GroupVersion.Version, Resource: "apisixglobalrules", } )
View Source
var Validator = kwhvalidating.ValidatorFunc( func(ctx context.Context, review *kwhmodel.AdmissionReview, object metav1.Object) (result *kwhvalidating.ValidatorResult, err error) { log.Debugw("arrive validator webhook", zap.Any("object", object)) var ( deserializer = codecs.UniversalDeserializer() GVR = review.RequestGVR valid = true resultErr error msg string ) switch *GVR { case ApisixRouteV2GVR: ar := object.(*v2.ApisixRoute) if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixRoute _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixRoute in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, ar.Spec.IngressClassName) } if valid { valid, resultErr = ValidateApisixRouteV2(ar) } case ApisixUpstreamV2GVR: au := object.(*v2.ApisixUpstream) if au.Spec == nil { valid, msg = false, fmt.Sprintln("Spec cannot be empty") break } if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixUpstream _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixUpstream in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, au.Spec.IngressClassName) } case ApisixPluginConfigV2GVR: apc := object.(*v2.ApisixPluginConfig) if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixPluginConfig _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixPluginConfig in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, apc.Spec.IngressClassName) } if valid { valid, resultErr = ValidateApisixPluginConfigV2(apc) } case ApisixConsumerV2GVR: ac := object.(*v2.ApisixConsumer) if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixConsumer _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixConsumer in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, ac.Spec.IngressClassName) } case ApisixTlsV2GVR: atls := object.(*v2.ApisixTls) if atls.Spec == nil { valid, msg = false, fmt.Sprintln("Spec cannot be empty") break } if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixTls _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixTls in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, atls.Spec.IngressClassName) } case ApisixClusterConfigV2GVR: acc := object.(*v2.ApisixClusterConfig) if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixClusterConfig _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixClusterConfig in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, acc.Spec.IngressClassName) } case ApisixGlobalRuleV2GVR: agr := object.(*v2.ApisixGlobalRule) if review.Operation == kwhmodel.OperationUpdate { var old v2.ApisixGlobalRule _, _, err := deserializer.Decode(review.OldObjectRaw, nil, &old) if err != nil { log.Error("Failed to deserialize ApisixGlobalRule in admisson webhook") break } valid, resultErr = validateIngressClassName(old.Spec.IngressClassName, agr.Spec.IngressClassName) } default: valid = false resultErr = fmt.Errorf("{group: %s, version: %s, Resource: %s} not supported", GVR.Group, GVR.Version, GVR.Resource) } if resultErr != nil { msg = resultErr.Error() } return &kwhvalidating.ValidatorResult{ Valid: valid, Message: msg, }, nil }, )
Functions ¶
func GetSchemaClient ¶
func GetSchemaClient(co *apisix.ClusterOptions) (apisix.Schema, error)
GetSchemaClient returns a Schema client in the singleton way. It can query the schema of objects from APISIX.
func NewHandlerFunc ¶
func NewHandlerFunc(ID string, validator kwhvalidating.Validator) gin.HandlerFunc
NewHandlerFunc returns a HandlerFunc to handle admission reviews using the given validator.
func ValidateApisixPluginConfigV2 ¶ added in v1.7.0
func ValidateApisixPluginConfigV2(apc *v2.ApisixPluginConfig) (valid bool, resultErr error)
func ValidateApisixRouteHTTPV2 ¶ added in v1.7.0
func ValidateApisixRouteHTTPV2(httpRouteList []v2.ApisixRouteHTTP) (valid bool, resultErr error)
func ValidateApisixRoutePlugins ¶ added in v1.7.0
func ValidateApisixRoutePlugins(plugins []v2.ApisixRoutePlugin) (valid bool, resultErr error)
func ValidateApisixRouteV2 ¶ added in v1.7.0
func ValidateApisixRouteV2(ar *v2.ApisixRoute) (valid bool, resultErr error)
ApisixRouteValidator validates ApisixRoute and its plugins. When the validation of one plugin fails, it will continue to validate the rest of plugins.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.