-
Notifications
You must be signed in to change notification settings - Fork 214
/
validation.go
211 lines (192 loc) · 4.6 KB
/
validation.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
package object_patch
import (
"encoding/json"
"fmt"
"github.com/go-openapi/spec"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
"github.com/go-openapi/validate"
"github.com/hashicorp/go-multierror"
"sigs.k8s.io/yaml"
)
var Schemas = map[string]string{
"v0": `
definitions:
common:
type: object
properties:
subresource:
type: string
create:
required:
- object
properties:
object:
oneOf:
- type: object
additionalProperties: true
minProperties: 1
- type: string
delete:
type: object
required:
- kind
- name
properties:
apiVersion:
type: string
kind:
type: string
name:
type: string
patch:
type: object
required:
- kind
- name
properties:
apiVersion:
type: string
kind:
type: string
name:
type: string
ignoreMissingObject:
type: boolean
type: object
additionalProperties: false
properties:
operation: {}
namespace: {}
subresource: {}
apiVersion: {}
kind: {}
name: {}
object: {}
jsonPatch: {}
jqFilter: {}
mergePatch: {}
ignoreMissingObject: {}
oneOf:
- allOf:
- properties:
operation:
type: string
enum: ["Create", "CreateOrUpdate", "CreateIfNotExists"]
- "$ref": "#/definitions/common"
- "$ref": "#/definitions/create"
- allOf:
- properties:
operation:
type: string
enum: ["Delete", "DeleteInBackground", "DeleteNonCascading"]
- "$ref": "#/definitions/common"
- "$ref": "#/definitions/delete"
- allOf:
- oneOf:
- required:
- operation
- jqFilter
properties:
operation:
type: string
enum: ["JQPatch"]
jqFilter:
type: string
minimum: 1
- required:
- operation
- mergePatch
properties:
operation:
type: string
enum: ["MergePatch"]
mergePatch:
oneOf:
- type: object
minProperties: 1
- type: string
- required:
- operation
- jsonPatch
properties:
operation:
type: string
enum: ["JSONPatch"]
jsonPatch:
oneOf:
- type: array
minItems: 1
items:
- type: object
required: ["op", "path", "value"]
properties:
op:
type: string
minLength: 1
path:
type: string
minLength: 1
value: {}
- type: string
- "$ref": "#/definitions/common"
- "$ref": "#/definitions/patch"
`,
}
var SchemasCache = map[string]*spec.Schema{}
// GetSchema returns loaded schema.
func GetSchema(name string) *spec.Schema {
if s, ok := SchemasCache[name]; ok {
return s
}
if _, ok := Schemas[name]; !ok {
return nil
}
// ignore error because load is guaranteed by tests
SchemasCache[name], _ = LoadSchema(name)
return SchemasCache[name]
}
// LoadSchema returns spec.Schema object loaded from yaml in Schemas map.
func LoadSchema(name string) (*spec.Schema, error) {
yml, err := swag.BytesToYAMLDoc([]byte(Schemas[name]))
if err != nil {
return nil, fmt.Errorf("yaml unmarshal: %v", err)
}
d, err := swag.YAMLToJSON(yml)
if err != nil {
return nil, fmt.Errorf("yaml to json: %v", err)
}
s := new(spec.Schema)
if err := json.Unmarshal(d, s); err != nil {
return nil, fmt.Errorf("json unmarshal: %v", err)
}
err = spec.ExpandSchema(s, s, nil /*new(noopResCache)*/)
if err != nil {
return nil, fmt.Errorf("expand schema: %v", err)
}
return s, nil
}
// See https://github.com/kubernetes/apiextensions-apiserver/blob/1bb376f70aa2c6f2dec9a8c7f05384adbfac7fbb/pkg/apiserver/validation/validation.go#L47
func ValidateOperationSpec(obj interface{}, s *spec.Schema, rootName string) (multiErr error) {
if s == nil {
return fmt.Errorf("validate kubernetes patch spec: schema is not provided")
}
validator := validate.NewSchemaValidator(s, nil, rootName, strfmt.Default)
result := validator.Validate(obj)
if result.IsValid() {
return nil
}
allErrs := &multierror.Error{Errors: make([]error, 1)}
for _, err := range result.Errors {
allErrs = multierror.Append(allErrs, err)
}
// NOTE: no validation errors, but kubernetes patch spec is not valid!
if allErrs.Len() == 1 {
allErrs = multierror.Append(allErrs, fmt.Errorf("kubernetes patch spec is not valid"))
}
if allErrs.Len() > 1 {
yamlObj, _ := yaml.Marshal(obj)
allErrs.Errors[0] = fmt.Errorf("can't validate document:\n%s", yamlObj)
}
return allErrs
}