-
Notifications
You must be signed in to change notification settings - Fork 7
/
validation.go
150 lines (133 loc) · 5.07 KB
/
validation.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
package dockerinstall
import (
"fmt"
"os/user"
"regexp"
"strconv"
"github.com/a8m/envsubst"
"github.com/microsoft/tyger/cli/internal/install"
"github.com/rs/zerolog/log"
)
var (
NameRegex = regexp.MustCompile(`^[a-z][a-z\-0-9]{1,23}$`)
DefaultEnvironmentName = "local"
DefaultPostgresImage = "postgres:16.2"
)
func (inst *Installer) QuickValidateConfig() bool {
success := true
if inst.Config.EnvironmentName == "" {
inst.Config.EnvironmentName = DefaultEnvironmentName
} else if !NameRegex.MatchString(inst.Config.EnvironmentName) {
validationError(&success, "The `environmentName` field must match the pattern "+NameRegex.String())
}
if inst.Config.InstallationPath == "" {
inst.Config.InstallationPath = "/opt/tyger"
} else if inst.Config.InstallationPath[len(inst.Config.InstallationPath)-1] == '/' {
inst.Config.InstallationPath = inst.Config.InstallationPath[:len(inst.Config.InstallationPath)-1]
}
if _, err := strconv.Atoi(inst.Config.UserId); err != nil {
if inst.Config.UserId == "" {
currentUser, err := user.Current()
if err != nil {
validationError(&success, "Unable to determine the current user for the `userId` field")
} else {
inst.Config.UserId = currentUser.Uid
}
} else {
u, err := user.Lookup(inst.Config.UserId)
if err != nil {
validationError(&success, "The `userId` field must be a valid user ID or name")
} else {
inst.Config.UserId = u.Uid
}
}
}
if _, err := strconv.Atoi(inst.Config.AllowedGroupId); err != nil {
if inst.Config.AllowedGroupId == "" {
currentUser, err := user.Current()
if err != nil {
validationError(&success, "Unable to determine the current user for the `userId` field")
} else {
inst.Config.AllowedGroupId = currentUser.Gid
}
} else {
g, err := user.LookupGroup(inst.Config.AllowedGroupId)
if err != nil {
validationError(&success, "The `groupId` field must be a valid group ID or name")
} else {
inst.Config.AllowedGroupId = g.Gid
}
}
}
if inst.Config.SigningKeys.Primary == nil {
validationError(&success, "The `signingKeys.primary` field is required")
} else {
if inst.Config.SigningKeys.Primary.PublicKey == "" {
validationError(&success, "The `signingKeys.primary.publicKey` field is required to be the path to a public key file PEM file")
} else {
if expanded, err := envsubst.StringRestricted(inst.Config.SigningKeys.Primary.PublicKey, true, false); err != nil {
validationError(&success, fmt.Sprintf("Error expanding `signingKeys.primary.publicKey`: %s", err))
} else {
inst.Config.SigningKeys.Primary.PublicKey = expanded
}
}
if inst.Config.SigningKeys.Primary.PrivateKey == "" {
validationError(&success, "The `signingKeys.primary.privateKey` field is required to be the path to a private key PEM file")
} else {
if expanded, err := envsubst.StringRestricted(inst.Config.SigningKeys.Primary.PrivateKey, true, false); err != nil {
validationError(&success, fmt.Sprintf("Error expanding `signingKeys.primary.privateKey`: %s", err))
} else {
inst.Config.SigningKeys.Primary.PrivateKey = expanded
}
}
}
if inst.Config.SigningKeys.Secondary != nil {
if inst.Config.SigningKeys.Secondary.PublicKey == "" {
validationError(&success, "The `signingKeys.secondary.publicKey` field is required to be the path to a public key PEM file")
} else {
if expanded, err := envsubst.StringRestricted(inst.Config.SigningKeys.Secondary.PublicKey, true, false); err != nil {
validationError(&success, fmt.Sprintf("Error expanding `signingKeys.secondary.publicKey`: %s", err))
} else {
inst.Config.SigningKeys.Secondary.PublicKey = expanded
}
}
if inst.Config.SigningKeys.Secondary.PrivateKey == "" {
validationError(&success, "The `signingKeys.secondary.privateKey` field is required to be the path to a private key PEM file")
} else {
if expanded, err := envsubst.StringRestricted(inst.Config.SigningKeys.Secondary.PrivateKey, true, false); err != nil {
validationError(&success, fmt.Sprintf("Error expanding `signingKeys.secondary.privateKey`: %s", err))
} else {
inst.Config.SigningKeys.Secondary.PrivateKey = expanded
}
}
}
if inst.Config.PostgresImage == "" {
inst.Config.PostgresImage = DefaultPostgresImage
}
if inst.Config.ControlPlaneImage == "" {
inst.Config.ControlPlaneImage = defaultImage("tyger-server")
}
if inst.Config.DataPlaneImage == "" {
inst.Config.DataPlaneImage = defaultImage("tyger-data-plane-server")
}
if inst.Config.BufferSidecarImage == "" {
inst.Config.BufferSidecarImage = defaultImage("buffer-sidecar")
}
if inst.Config.GatewayImage == "" {
inst.Config.GatewayImage = defaultImage("tyger-cli")
}
if inst.Config.UseGateway == nil {
useGateway := defaultUseGateway()
inst.Config.UseGateway = &useGateway
}
return success
}
func defaultImage(repo string) string {
return fmt.Sprintf("%s/%s:%s", install.ContainerRegistry, repo, install.ContainerImageTag)
}
func validationError(success *bool, format string, args ...any) {
*success = false
log.Error().Msgf(format, args...)
}