validation

package
v1.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ApisixConsumerValidator = kwhvalidating.ValidatorFunc(
	func(ctx context.Context, review *kwhmodel.AdmissionReview, object metav1.Object) (result *kwhvalidating.ValidatorResult, err error) {
		log.Debug("arrive ApisixConsumer validator webhook")

		valid := true
		var spec interface{}

		switch ac := object.(type) {
		case *v2beta1.ApisixRoute:
			spec = ac.Spec
		case *v2beta2.ApisixRoute:
			spec = ac.Spec
		case *v2beta3.ApisixRoute:
			spec = ac.Spec
		default:
			return &kwhvalidating.ValidatorResult{Valid: false, Message: errNotApisixConsumer.Error()}, errNotApisixConsumer
		}

		client, err := GetSchemaClient(&apisix.ClusterOptions{})
		if err != nil {
			msg := "failed to get the schema client"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}

		cs, err := client.GetConsumerSchema(ctx)
		if err != nil {
			msg := "failed to get consumer's schema"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}
		acSchemaLoader := gojsonschema.NewStringLoader(cs.Content)

		var msgs []string
		if _, err := validateSchema(&acSchemaLoader, spec); err != nil {
			valid = false
			msgs = append(msgs, err.Error())
		}

		return &kwhvalidating.ValidatorResult{Valid: valid, Message: strings.Join(msgs, "\n")}, nil
	},
)

ApisixConsumerValidator validates ApisixConsumer's spec.

View Source 
var ApisixRouteValidator = kwhvalidating.ValidatorFunc(
	func(ctx context.Context, review *kwhmodel.AdmissionReview, object metav1.Object) (result *kwhvalidating.ValidatorResult, err error) {
		log.Debug("arrive ApisixRoute validator webhook")

		valid := true
		var plugins []apisixRoutePlugin
		var spec interface{}

		switch ar := object.(type) {
		case *v2beta2.ApisixRoute:
			spec = ar.Spec

			for _, h := range ar.Spec.HTTP {
				for _, p := range h.Plugins {

					if p.Enable {
						plugins = append(plugins, apisixRoutePlugin{
							p.Name, p.Config,
						})
					}
				}
			}
		case *v2beta1.ApisixRoute:
			spec = ar.Spec

			for _, h := range ar.Spec.HTTP {
				for _, p := range h.Plugins {
					if p.Enable {
						plugins = append(plugins, apisixRoutePlugin{
							p.Name, p.Config,
						})
					}
				}
			}
		case *v2beta3.ApisixRoute:
			spec = ar.Spec

			for _, h := range ar.Spec.HTTP {
				for _, p := range h.Plugins {
					if p.Enable {
						plugins = append(plugins, apisixRoutePlugin{
							p.Name, p.Config,
						})
					}
				}
			}
		default:
			return &kwhvalidating.ValidatorResult{Valid: false, Message: errNotApisixRoute.Error()}, errNotApisixRoute
		}

		client, err := GetSchemaClient(&apisix.ClusterOptions{})
		if err != nil {
			msg := "failed to get the schema client"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}

		rs, err := client.GetRouteSchema(ctx)
		if err != nil {
			msg := "failed to get route's schema"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}
		arSchemaLoader := gojsonschema.NewStringLoader(rs.Content)

		var msgs []string
		if _, err := validateSchema(&arSchemaLoader, spec); err != nil {
			valid = false
			msgs = append(msgs, err.Error())
			log.Warnf("failed to validate ApisixRoute: %s", err)
		}

		for _, p := range plugins {
			if v, err := validatePlugin(client, p.Name, p.Config); !v {
				valid = false
				msgs = append(msgs, err.Error())
				log.Warnf("failed to validate plugin %s: %s", p.Name, err)
			}
		}

		return &kwhvalidating.ValidatorResult{Valid: valid, Message: strings.Join(msgs, "\n")}, nil
	},
)

ApisixRouteValidator validates ApisixRoute and its plugins. When the validation of one plugin fails, it will continue to validate the rest of plugins.

View Source 
var ApisixTlsValidator = kwhvalidating.ValidatorFunc(
	func(ctx context.Context, review *kwhmodel.AdmissionReview, object metav1.Object) (result *kwhvalidating.ValidatorResult, err error) {
		log.Debug("arrive ApisixTls validator webhook")

		valid := true
		var spec interface{}

		switch at := object.(type) {
		case *v2beta1.ApisixRoute:
			spec = at.Spec
		case *v2beta2.ApisixRoute:
			spec = at.Spec
		case *v2beta3.ApisixRoute:
			spec = at.Spec
		default:
			return &kwhvalidating.ValidatorResult{Valid: false, Message: errNotApisixTls.Error()}, errNotApisixTls
		}

		client, err := GetSchemaClient(&apisix.ClusterOptions{})
		if err != nil {
			msg := "failed to get the schema client"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}

		ss, err := client.GetSslSchema(ctx)
		if err != nil {
			msg := "failed to get SSL's schema"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}
		atSchemaLoader := gojsonschema.NewStringLoader(ss.Content)

		var msgs []string
		if _, err := validateSchema(&atSchemaLoader, spec); err != nil {
			valid = false
			msgs = append(msgs, err.Error())
		}

		return &kwhvalidating.ValidatorResult{Valid: valid, Message: strings.Join(msgs, "\n")}, nil
	},
)

ApisixTlsValidator validates ApisixTls's spec.

View Source 
var ApisixUpstreamValidator = kwhvalidating.ValidatorFunc(
	func(ctx context.Context, review *kwhmodel.AdmissionReview, object metav1.Object) (result *kwhvalidating.ValidatorResult, err error) {
		log.Debug("arrive ApisixUpstream validator webhook")

		valid := true
		var spec interface{}

		switch au := object.(type) {
		case *v2beta1.ApisixRoute:
			spec = au.Spec
		case *v2beta2.ApisixRoute:
			spec = au.Spec
		case *v2beta3.ApisixRoute:
			spec = au.Spec
		default:
			return &kwhvalidating.ValidatorResult{Valid: false, Message: errNotApisixUpstream.Error()}, errNotApisixUpstream
		}

		client, err := GetSchemaClient(&apisix.ClusterOptions{})
		if err != nil {
			msg := "failed to get the schema client"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}

		us, err := client.GetUpstreamSchema(ctx)
		if err != nil {
			msg := "failed to get upstream's schema"
			log.Errorf("%s: %s", msg, err)
			return &kwhvalidating.ValidatorResult{Valid: false, Message: msg}, err
		}
		auSchemaLoader := gojsonschema.NewStringLoader(us.Content)

		var msgs []string
		if _, err := validateSchema(&auSchemaLoader, spec); err != nil {
			valid = false
			msgs = append(msgs, err.Error())
		}

		return &kwhvalidating.ValidatorResult{Valid: valid, Message: strings.Join(msgs, "\n")}, nil
	},
)

ApisixUpstreamValidator validates ApisixUpstream's spec.

Functions

func GetSchemaClient 

func GetSchemaClient(co *apisix.ClusterOptions) (apisix.Schema, error)

GetSchemaClient returns a Schema client in the singleton way. It can query the schema of objects from APISIX.

func HasValueInSyncMap added in v1.4.0 

func HasValueInSyncMap(m *sync.Map) bool

func NewHandlerFunc 

func NewHandlerFunc(ID string, validator kwhvalidating.Validator) gin.HandlerFunc

NewHandlerFunc returns a HandlerFunc to handle admission reviews using the given validator.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.