/
validate.yaml
47 lines (43 loc) · 2.7 KB
/
validate.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
{{/* validate hubble config */}}
{{- if and .Values.hubble.ui.enabled (not .Values.hubble.ui.standalone.enabled) }}
{{- if not .Values.hubble.relay.enabled }}
{{ fail "Hubble UI requires .Values.hubble.relay.enabled=true" }}
{{- end }}
{{- end }}
{{- if and .Values.hubble.ui.enabled .Values.hubble.ui.standalone.enabled .Values.hubble.relay.tls.server.enabled }}
{{- if not .Values.hubble.ui.standalone.tls.certsVolume }}
{{ fail "Hubble UI in standalone with Hubble Relay server TLS enabled requires providing .Values.hubble.ui.standalone.tls.certsVolume for mounting client certificates in the backend pod" }}
{{- end }}
{{- end }}
{{- if .Values.hubble.relay.enabled }}
{{- if not .Values.hubble.enabled }}
{{ fail "Hubble Relay requires .Values.hubble.enabled=true" }}
{{- end }}
{{- end }}
{{/* validate service monitoring CRDs */}}
{{- if and .Values.prometheus.enabled (or .Values.prometheus.serviceMonitor.enabled .Values.operator.prometheus.serviceMonitor.enabled) }}
{{- if not (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") }}
{{ fail "Service Monitor requires monitoring.coreos.com/v1 CRDs. Please refer to https://github.com/prometheus-operator/prometheus-operator/blob/master/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml" }}
{{- end }}
{{- end }}
{{- if and .Values.hubble.enabled .Values.hubble.tls.enabled .Values.hubble.tls.auto.enabled (eq .Values.hubble.tls.auto.method "certmanager") }}
{{- if not .Values.hubble.tls.auto.certManagerIssuerRef }}
{{ fail "Hubble TLS certgen method=certmanager requires user specify .Values.hubble.tls.auto.certManagerIssuerRef" }}
{{- end }}
{{- end }}
{{- if and (or .Values.externalWorkloads.enabled .Values.clustermesh.useAPIServer) .Values.clustermesh.apiserver.tls.auto.enabled (eq .Values.clustermesh.apiserver.tls.auto.method "certmanager") }}
{{- if not .Values.clustermesh.apiserver.tls.auto.certManagerIssuerRef }}
{{ fail "ClusterMesh TLS certgen method=certmanager requires user specify .Values.clustermesh.apiserver.tls.auto.certManagerIssuerRef" }}
{{- end }}
{{- end }}
{{/* validate hubble-ui specific config */}}
{{- if and .Values.hubble.ui.enabled
(ne .Values.hubble.ui.backend.image.tag "latest")
(ne .Values.hubble.ui.frontend.image.tag "latest") }}
{{- if regexReplaceAll "@.*$" .Values.hubble.ui.backend.image.tag "" | trimPrefix "v" | semverCompare "<0.9.0" }}
{{ fail "Hubble UI requires hubble.ui.backend.image.tag to be '>=v0.9.0'" }}
{{- end }}
{{- if regexReplaceAll "@.*$" .Values.hubble.ui.frontend.image.tag "" | trimPrefix "v" | semverCompare "<0.9.0" }}
{{ fail "Hubble UI requires hubble.ui.frontend.image.tag to be '>=v0.9.0'" }}
{{- end }}
{{- end }}