/
container.go
180 lines (146 loc) · 4.75 KB
/
container.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
// Copyright (c) 2018 Benjamin Borbe All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package k8s
import (
"context"
"fmt"
"strings"
"github.com/pkg/errors"
"github.com/bborbe/world/pkg/validation"
)
type Image string
type ContainerName string
type CpuLimit string
func (c CpuLimit) Validate(ctx context.Context) error {
if c == "" {
return errors.New("CpuLimit empty")
}
return nil
}
type MemoryLimit string
func (m MemoryLimit) Validate(ctx context.Context) error {
if m == "" {
return errors.New("MemoryLimit empty")
}
return nil
}
type ContainerResource struct {
Cpu CpuLimit `yaml:"cpu"`
Memory MemoryLimit `yaml:"memory"`
}
func (c ContainerResource) Validate(ctx context.Context) error {
return validation.Validate(
ctx,
c.Cpu,
c.Memory,
)
}
type Resources struct {
Limits ContainerResource `yaml:"limits"`
Requests ContainerResource `yaml:"requests"`
}
func (r Resources) Validate(ctx context.Context) error {
return validation.Validate(
ctx,
r.Limits,
r.Requests,
)
}
type ContainerPorts []ContainerPort
func (c ContainerPorts) Validate(ctx context.Context) error {
containerPorts := make(map[string]struct{})
for _, port := range c {
protocol := strings.ToUpper(port.Protocol.String())
if protocol == "" {
protocol = "TCP"
}
key := fmt.Sprint(protocol, port.ContainerPort)
_, ok := containerPorts[key]
if ok {
return errors.Errorf("duplicate container port %s %s", port.Protocol, port.ContainerPort)
}
containerPorts[key] = struct{}{}
}
return nil
}
type ContainerPort struct {
ContainerPort PortNumber `yaml:"containerPort,omitempty"`
HostPort PortNumber `yaml:"hostPort,omitempty"`
Name PortName `yaml:"name,omitempty"`
Protocol PortProtocol `yaml:"protocol,omitempty"`
}
type ContainerMountPath string
type MountName string
func (m MountName) Validate(ctx context.Context) error {
if m == "" {
return errors.New("MountName empty")
}
return nil
}
type ContainerMountReadOnly bool
type ContainerMount struct {
Path ContainerMountPath `yaml:"mountPath"`
Name MountName `yaml:"name"`
ReadOnly ContainerMountReadOnly `yaml:"readOnly"`
}
type Arg string
type Command string
type Env struct {
Name string `yaml:"name"`
Value string `yaml:"value,omitempty"`
ValueFrom ValueFrom `yaml:"valueFrom,omitempty"`
}
type ImagePullPolicy string
type Container struct {
Name ContainerName `yaml:"name"`
Image Image `yaml:"image"`
Command []Command `yaml:"command,omitempty"`
Args []Arg `yaml:"args,omitempty"`
Env []Env `yaml:"env,omitempty"`
Ports ContainerPorts `yaml:"ports,omitempty"`
Resources Resources `yaml:"resources,omitempty"`
VolumeMounts []ContainerMount `yaml:"volumeMounts,omitempty"`
ReadinessProbe Probe `yaml:"readinessProbe,omitempty"`
LivenessProbe Probe `yaml:"livenessProbe,omitempty"`
SecurityContext SecurityContext `yaml:"securityContext,omitempty"`
ImagePullPolicy ImagePullPolicy `yaml:"imagePullPolicy,omitempty"`
}
func (c Container) Validate(ctx context.Context) error {
return validation.Validate(
ctx,
c.Resources,
c.Ports,
)
}
type SecurityContext struct {
AllowPrivilegeEscalation bool `yaml:"allowPrivilegeEscalation,omitempty"`
ReadOnlyRootFilesystem bool `yaml:"readOnlyRootFilesystem,omitempty"`
Privileged bool `yaml:"privileged,omitempty"`
RunAsUser int `yaml:"runAsUser,omitempty"`
FsGroup int `yaml:"fsGroup,omitempty"`
Capabilities SecurityContextCapabilities `yaml:"capabilities,omitempty"`
}
type SecurityContextCapabilities map[string][]string
type Probe struct {
Exec Exec `yaml:"exec,omitempty"`
HttpGet HttpGet `yaml:"httpGet,omitempty"`
TcpSocket TcpSocket `yaml:"tcpSocket,omitempty"`
InitialDelaySeconds int `yaml:"initialDelaySeconds,omitempty"`
SuccessThreshold int `yaml:"successThreshold,omitempty"`
FailureThreshold int `yaml:"failureThreshold,omitempty"`
TimeoutSeconds int `yaml:"timeoutSeconds,omitempty"`
PeriodSeconds int `yaml:"periodSeconds,omitempty"`
}
type HttpGet struct {
Host string `yaml:"host,omitempty"`
Path string `yaml:"path,omitempty"`
Port PortNumber `yaml:"port,omitempty"`
Scheme string `yaml:"scheme,omitempty"`
}
type TcpSocket struct {
Port PortNumber `yaml:"port,omitempty"`
}
type Exec struct {
Command []Command `yaml:"command,omitempty"`
}