added webhook validation for DRCluster #567
Conversation
|
I believe most of the changes are complete. I need to complete one round of testing to check if the webhook is being called. so making the PR as draft for now. |
rakeshgm
force-pushed
the
validate-using-webhooks
branch
8 times, most recently
from
af33e9d
to
e0e5c7b
Compare
rakeshgm
force-pushed
the
validate-using-webhooks
branch
5 times, most recently
from
80be6dc
to
25f5cdc
Compare
rakeshgm
force-pushed
the
validate-using-webhooks
branch
2 times, most recently
from
43f8b44
to
6de1506
Compare
rakeshgm
force-pushed
the
validate-using-webhooks
branch
from
6de1506
to
cc01c15
Compare
api/v1alpha1/drcluster_webhook.go
Outdated
| if !reflect.DeepEqual(r.Spec.Region, oldDRCluster.Spec.Region) { | ||
| return fmt.Errorf("Region value cannot be changed") | ||
| } | ||
|
|
||
| if !reflect.DeepEqual(r.Spec.S3ProfileName, oldDRCluster.Spec.S3ProfileName) { | ||
| return fmt.Errorf("S3ProfileName cannot be changed") | ||
| } |
There was a problem hiding this comment.
These are just strings, right? Why do we need deepEqual just string comparison is enough.
There was a problem hiding this comment.
I will check and change
| // ValidateDelete implements webhook.Validator so a webhook will be registered for the type | ||
| func (r *DRCluster) ValidateDelete() error { | ||
| drclusterlog.Info("validate delete", "name", r.Name) | ||
|
|
||
| return nil | ||
| } |
There was a problem hiding this comment.
No need for this one, as we dont have a Delete validator.
There was a problem hiding this comment.
yes, I could remove it. just kept it like that in case we decide in the future to have delete validation, this anyway is not getting called and returning nil. I am not against removing it. just putting my thought.
| return fmt.Errorf("S3ProfileName cannot be changed") | ||
| } | ||
|
|
||
| return r.ValidateDRCluster() |
There was a problem hiding this comment.
When we will hit this case? Isn't it already covered in Create, and the above two checks will avoid setting empty values?
There was a problem hiding this comment.
it won't hit as now. but we are planning to add other validations like CIDR format checking in validateDRCluster. so just added it for future-proofing.
| if r.Spec.Region == "" { | ||
| return fmt.Errorf("Region cannot be empty") | ||
| } | ||
|
|
||
| if r.Spec.S3ProfileName == "" { | ||
| return fmt.Errorf("S3ProfileName cannot be empty") | ||
| } |
There was a problem hiding this comment.
As empty Region and S3ProfileName are not allowed during creation itself. Can we do this validation at the CR itself
There was a problem hiding this comment.
validate tags are not added in drcluster api file. i will add them in the next PR and refactor this code.
so CSV file is getting generated/updated during the build with bundle dir. we are not adding it to the repo. @ShyamsundarR and I checked this before. so the files needed to get webhook up and running are all added. |
rakeshgm
force-pushed
the
validate-using-webhooks
branch
2 times, most recently
from
7a76639
to
e7541fb
Compare
What is the purpose of the webhook? how will use it? Is it used both on the hub and |
main.go
Outdated
| if err = (&ramendrv1alpha1.DRCluster{}).SetupWebhookWithManager(mgr); err != nil { | ||
| setupLog.Error(err, "unable to create webhook", "webhook", "DRCluster") | ||
| os.Exit(1) | ||
| } |
There was a problem hiding this comment.
Blank line here will be more consistent.
There was a problem hiding this comment.
code block moved to different a section.
rakeshgm
force-pushed
the
validate-using-webhooks
branch
from
e7541fb
to
1961604
Compare
rakeshgm
force-pushed
the
validate-using-webhooks
branch
3 times, most recently
from
046ae84
to
b74f6fc
Compare
A more detailed explanation of webhooks is here. Please check this issuse for further information as to why we are implementing webhooks |
rakeshgm
changed the title
Signed-off-by: rakeshgm <rakeshgm@redhat.com>
rakeshgm
force-pushed
the
validate-using-webhooks
branch
from
b74f6fc
to
bea40ac
Compare
Implemented validation using webhook using cert-manager.
DRCluster CR objects
RegionandS3ProfileNameare immutable.Signed-off-by: rakeshgm rakeshgm@redhat.com