Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add CredentialValidator to validate whether specified secret configur…
…ation is valid * Try connecting to the specified kubernetes secret, if failed, raise a validation error.
- Loading branch information
1 parent
1042d1b
commit b435992
Showing
7 changed files
with
135 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
34 changes: 33 additions & 1 deletion
34
src/main/java/cd/go/contrib/secrets/kubernetes/validators/CredentialValidator.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,45 @@ | ||
package cd.go.contrib.secrets.kubernetes.validators; | ||
|
||
import cd.go.contrib.secrets.kubernetes.KubernetesClientFactory; | ||
import cd.go.contrib.secrets.kubernetes.models.SecretConfig; | ||
import com.github.bdpiparva.plugin.base.validation.ValidationResult; | ||
import com.github.bdpiparva.plugin.base.validation.Validator; | ||
import io.fabric8.kubernetes.api.model.Secret; | ||
import io.fabric8.kubernetes.client.KubernetesClient; | ||
|
||
import java.util.Map; | ||
|
||
import static com.github.bdpiparva.plugin.base.executors.Executor.GSON; | ||
import static com.github.bdpiparva.plugin.base.executors.Executor.LOGGER; | ||
|
||
public class CredentialValidator implements Validator { | ||
private KubernetesClientFactory kubernetesClientFactory; | ||
|
||
public CredentialValidator(KubernetesClientFactory kubernetesClientFactory) { | ||
this.kubernetesClientFactory = kubernetesClientFactory; | ||
} | ||
|
||
@Override | ||
public ValidationResult validate(Map<String, String> requestBody) { | ||
return new ValidationResult(); | ||
ValidationResult validationResult = new ValidationResult(); | ||
|
||
SecretConfig secretConfig = GSON.fromJson(GSON.toJson(requestBody), SecretConfig.class); | ||
KubernetesClient client = kubernetesClientFactory.client(secretConfig); | ||
|
||
try { | ||
Secret secret = client.secrets().inNamespace(secretConfig.getNamespace()).withName(secretConfig.getSecretName()).get(); | ||
if (secret == null) { | ||
validationResult.add("kubernetes_secret_name", "Specified Kubernetes secret does not exists."); | ||
} | ||
} catch (Exception e) { | ||
LOGGER.error("Failed to verify connection.", e); | ||
String errorMessage = "Could not read specified secret. Either the connection with kubernetes cluster could not be established or the kubernetes secret does not exists."; | ||
validationResult.add("kubernetes_secret_name", errorMessage); | ||
validationResult.add("kubernetes_cluster_url", errorMessage); | ||
} finally { | ||
client.close(); | ||
} | ||
|
||
return validationResult; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
[ | ||
{ | ||
"key": "kubernetes_secret_name", | ||
"message": "Could not read specified secret. Either the connection with kubernetes cluster could not be established or the kubernetes secret does not exists." | ||
}, | ||
{ | ||
"key": "kubernetes_cluster_url", | ||
"message": "Could not read specified secret. Either the connection with kubernetes cluster could not be established or the kubernetes secret does not exists." | ||
} | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
[ | ||
{ | ||
"key": "kubernetes_secret_name", | ||
"message": "Specified Kubernetes secret does not exists." | ||
} | ||
] |