/
servicemesh_servicevalidationmanager.go
128 lines (103 loc) · 5.63 KB
/
servicemesh_servicevalidationmanager.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/*
Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
*/
package manager
import (
"context"
"net/http"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
servicemeshapi "github.com/oracle/oci-service-operator/apis/servicemesh.oci/v1beta1"
"github.com/oracle/oci-service-operator/pkg/loggerutil"
"github.com/oracle/oci-service-operator/pkg/servicemanager/servicemesh/utils/commons"
"github.com/oracle/oci-service-operator/pkg/servicemanager/servicemesh/utils/errors"
)
type CustomResourceValidator interface {
ValidateOnCreate(context context.Context, object client.Object) (bool, string)
ValidateOnUpdate(context context.Context, object client.Object, oldObject client.Object) (bool, string)
GetStatus(object client.Object) (*servicemeshapi.ServiceMeshStatus, error)
ResolveRef(object client.Object) (bool, string)
ValidateObject(object client.Object) error
GetEntityType() client.Object
}
type ServiceMeshValidationManager struct {
log loggerutil.OSOKLogger
validationManager CustomResourceValidator
}
func (v *ServiceMeshValidationManager) ValidateCreateRequest(ctx context.Context, object client.Object) admission.Response {
err := v.validationManager.ValidateObject(object)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
allowed, reason := v.validationManager.ResolveRef(object)
if !allowed {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, reason))
}
// Additional validating condition can be added here
allowed, reason = v.validationManager.ValidateOnCreate(ctx, object)
if !allowed {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, reason))
}
v.log.InfoLogWithFixedMessage(ctx, "Create Request Passes Validation", "Type", object.GetObjectKind().GroupVersionKind().Kind, "Name", object.GetName(), "Namespace", object.GetNamespace())
return admission.ValidationResponse(true, "")
}
func (v *ServiceMeshValidationManager) ValidateUpdateRequest(ctx context.Context, object client.Object, oldObject client.Object) admission.Response {
err := v.validationManager.ValidateObject(object)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
status, err := v.validationManager.GetStatus(oldObject)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
if object.GetGeneration() == oldObject.GetGeneration() {
return admission.ValidationResponse(true, "")
}
if v.validateServiceMeshCondition(servicemeshapi.ServiceMeshDependenciesActive, status, metav1.ConditionUnknown) {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, string(commons.DependenciesIsUnknownOnUpdate)))
}
if v.validateServiceMeshCondition(servicemeshapi.ServiceMeshConfigured, status, metav1.ConditionUnknown) {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, string(commons.UnknownStateOnUpdate)))
}
isResourceConfigured := v.validateServiceMeshCondition(servicemeshapi.ServiceMeshConfigured, status, metav1.ConditionTrue)
if isResourceConfigured && !v.validateServiceMeshCondition(servicemeshapi.ServiceMeshActive, status, metav1.ConditionTrue) {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, string(commons.NotActiveOnUpdate)))
}
allowed, reason := v.validationManager.ValidateOnUpdate(ctx, object, oldObject)
if !allowed {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, reason))
}
// Additional validating condition can be added here
v.log.InfoLogWithFixedMessage(ctx, "Resource Update Request passes validation", "Type", object.GetObjectKind().GroupVersionKind().Kind, "Name", object.GetName(), "Namespace", object.GetNamespace())
return admission.ValidationResponse(true, "")
}
func (v *ServiceMeshValidationManager) ValidateDeleteRequest(ctx context.Context, object client.Object) admission.Response {
status, err := v.validationManager.GetStatus(object)
if err != nil {
return admission.Errored(http.StatusBadRequest, err)
}
if v.validateServiceMeshCondition(servicemeshapi.ServiceMeshDependenciesActive, status, metav1.ConditionTrue) &&
v.validateServiceMeshCondition(servicemeshapi.ServiceMeshConfigured, status, metav1.ConditionTrue) &&
v.validateServiceMeshCondition(servicemeshapi.ServiceMeshActive, status, metav1.ConditionUnknown) {
return admission.ValidationResponse(false, errors.GetValidationErrorMessage(object, string(commons.UnknownStatusOnDelete)))
}
// Additional validating condition can be added here
v.log.InfoLogWithFixedMessage(ctx, "Resource Delete Request passes validation", "Type", object.GetObjectKind().GroupVersionKind().Kind, "Name", object.GetName(), "Namespace", object.GetNamespace())
return admission.ValidationResponse(true, "")
}
func (v *ServiceMeshValidationManager) GetObject() client.Object {
return v.validationManager.GetEntityType()
}
func (v *ServiceMeshValidationManager) validateServiceMeshCondition(conditionType servicemeshapi.ServiceMeshConditionType, oldStatus *servicemeshapi.ServiceMeshStatus, status metav1.ConditionStatus) bool {
for _, condition := range oldStatus.Conditions {
if condition.Type == conditionType && condition.Status == status {
return true
}
}
return false
}
func NewServiceMeshValidationManager(validationManager CustomResourceValidator, log loggerutil.OSOKLogger) *ServiceMeshValidationManager {
return &ServiceMeshValidationManager{validationManager: validationManager, log: log}
}