github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/pkg/apis/ironcore/validation/secret.go

github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/pkg/apis/ironcore/validation/secret.go (about)

     1  // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors
     2  // SPDX-License-Identifier: Apache-2.0
     3  
     4  package validation
     5  
     6  import (
     7  	"fmt"
     8  
     9  	corev1 "k8s.io/api/core/v1"
    10  	apivalidation "k8s.io/apimachinery/pkg/api/validation"
    11  
    12  	"github.com/ironcore-dev/gardener-extension-provider-ironcore/pkg/ironcore"
    13  )
    14  
    15  // ValidateCloudProviderSecret checks whether the given secret contains a valid ironcore service account.
    16  func ValidateCloudProviderSecret(secret *corev1.Secret) error {
    17  	if _, ok := secret.Data[ironcore.TokenFieldName]; !ok {
    18  		return fmt.Errorf("missing field: %s in cloud provider secret", ironcore.TokenFieldName)
    19  	}
    20  	namespace, ok := secret.Data[ironcore.NamespaceFieldName]
    21  	if !ok {
    22  		return fmt.Errorf("missing field: %s in cloud provider secret", ironcore.NamespaceFieldName)
    23  	}
    24  	if _, ok := secret.Data[ironcore.UsernameFieldName]; !ok {
    25  		return fmt.Errorf("missing field: %s in cloud provider secret", ironcore.UsernameFieldName)
    26  	}
    27  	errs := apivalidation.ValidateNamespaceName(string(namespace), false)
    28  	if len(errs) > 0 {
    29  		return fmt.Errorf("invalid field: %s in cloud provider secret", ironcore.NamespaceFieldName)
    30  	}
    31  
    32  	return nil
    33  }