forked from kiali/kiali
-
Notifications
You must be signed in to change notification settings - Fork 0
/
no_service_checker.go
116 lines (90 loc) · 4.06 KB
/
no_service_checker.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
package checkers
import (
"github.com/kiali/kiali/business/checkers/authorization"
"github.com/kiali/kiali/business/checkers/destinationrules"
"github.com/kiali/kiali/business/checkers/virtual_services"
"github.com/kiali/kiali/kubernetes"
"github.com/kiali/kiali/models"
core_v1 "k8s.io/api/core/v1"
)
const ServiceRoleCheckerType = "servicerole"
type NoServiceChecker struct {
Namespace string
IstioDetails *kubernetes.IstioDetails
Services []core_v1.Service
WorkloadList models.WorkloadList
GatewaysPerNamespace [][]kubernetes.IstioObject
AuthorizationDetails *kubernetes.RBACDetails
}
func (in NoServiceChecker) Check() models.IstioValidations {
validations := models.IstioValidations{}
if in.IstioDetails == nil || in.Services == nil {
return validations
}
serviceNames := getServiceNames(in.Services)
serviceHosts := kubernetes.ServiceEntryHostnames(in.IstioDetails.ServiceEntries)
gatewayNames := kubernetes.GatewayNames(in.GatewaysPerNamespace)
for _, virtualService := range in.IstioDetails.VirtualServices {
validations.MergeValidations(runVirtualServiceCheck(virtualService, in.Namespace, serviceNames, serviceHosts))
validations.MergeValidations(runGatewayCheck(virtualService, gatewayNames))
}
for _, destinationRule := range in.IstioDetails.DestinationRules {
validations.MergeValidations(runDestinationRuleCheck(destinationRule, in.Namespace, in.WorkloadList, in.Services, serviceHosts))
}
for _, serviceRole := range in.AuthorizationDetails.ServiceRoles {
validations.MergeValidations(runServiceRoleCheck(serviceRole, in.Services))
}
return validations
}
func runVirtualServiceCheck(virtualService kubernetes.IstioObject, namespace string, serviceNames []string, serviceHosts map[string][]string) models.IstioValidations {
key, validations := EmptyValidValidation(virtualService.GetObjectMeta().Name, virtualService.GetObjectMeta().Namespace, VirtualCheckerType)
result, valid := virtual_services.NoHostChecker{
Namespace: namespace,
ServiceNames: serviceNames,
VirtualService: virtualService,
ServiceEntryHosts: serviceHosts,
}.Check()
validations.Valid = valid
validations.Checks = result
return models.IstioValidations{key: validations}
}
func runGatewayCheck(virtualService kubernetes.IstioObject, gatewayNames map[string]struct{}) models.IstioValidations {
key, validations := EmptyValidValidation(virtualService.GetObjectMeta().Name, virtualService.GetObjectMeta().Namespace, VirtualCheckerType)
result, valid := virtual_services.NoGatewayChecker{
VirtualService: virtualService,
GatewayNames: gatewayNames,
}.Check()
validations.Valid = valid
validations.Checks = result
return models.IstioValidations{key: validations}
}
func runDestinationRuleCheck(destinationRule kubernetes.IstioObject, namespace string, workloads models.WorkloadList, services []core_v1.Service, serviceHosts map[string][]string) models.IstioValidations {
key, validations := EmptyValidValidation(destinationRule.GetObjectMeta().Name, destinationRule.GetObjectMeta().Namespace, DestinationRuleCheckerType)
result, valid := destinationrules.NoDestinationChecker{
Namespace: namespace,
WorkloadList: workloads,
DestinationRule: destinationRule,
Services: services,
ServiceEntries: serviceHosts,
}.Check()
validations.Valid = valid
validations.Checks = result
return models.IstioValidations{key: validations}
}
func runServiceRoleCheck(serviceRole kubernetes.IstioObject, services []core_v1.Service) models.IstioValidations {
key, validations := EmptyValidValidation(serviceRole.GetObjectMeta().Name, serviceRole.GetObjectMeta().Namespace, ServiceRoleCheckerType)
result, valid := authorization.ServiceChecker{
ServiceRole: serviceRole,
Services: services,
}.Check()
validations.Valid = valid
validations.Checks = result
return models.IstioValidations{key: validations}
}
func getServiceNames(services []core_v1.Service) []string {
serviceNames := make([]string, 0)
for _, item := range services {
serviceNames = append(serviceNames, item.Name)
}
return serviceNames
}