github.com/kiali/kiali@v1.84.0/business/checkers/destination_rules_checker.go (about) 1 package checkers 2 3 import ( 4 networking_v1beta1 "istio.io/client-go/pkg/apis/networking/v1beta1" 5 6 "github.com/kiali/kiali/business/checkers/common" 7 "github.com/kiali/kiali/business/checkers/destinationrules" 8 "github.com/kiali/kiali/kubernetes" 9 "github.com/kiali/kiali/models" 10 ) 11 12 const DestinationRuleCheckerType = "destinationrule" 13 14 type DestinationRulesChecker struct { 15 DestinationRules []*networking_v1beta1.DestinationRule 16 MTLSDetails kubernetes.MTLSDetails 17 ServiceEntries []*networking_v1beta1.ServiceEntry 18 Namespaces models.Namespaces 19 Cluster string 20 } 21 22 func (in DestinationRulesChecker) Check() models.IstioValidations { 23 validations := models.IstioValidations{} 24 25 validations = validations.MergeValidations(in.runIndividualChecks()) 26 validations = validations.MergeValidations(in.runGroupChecks()) 27 28 return validations 29 } 30 31 func (in DestinationRulesChecker) runGroupChecks() models.IstioValidations { 32 validations := models.IstioValidations{} 33 34 seHosts := kubernetes.ServiceEntryHostnames(in.ServiceEntries) 35 36 enabledDRCheckers := []GroupChecker{ 37 destinationrules.MultiMatchChecker{Namespaces: in.Namespaces, ServiceEntries: seHosts, DestinationRules: in.DestinationRules, Cluster: in.Cluster}, 38 } 39 40 enabledDRCheckers = append(enabledDRCheckers, destinationrules.TrafficPolicyChecker{DestinationRules: in.DestinationRules, MTLSDetails: in.MTLSDetails}) 41 42 for _, checker := range enabledDRCheckers { 43 validations = validations.MergeValidations(checker.Check()) 44 } 45 46 return validations 47 } 48 49 func (in DestinationRulesChecker) runIndividualChecks() models.IstioValidations { 50 validations := models.IstioValidations{} 51 52 for _, destinationRule := range in.DestinationRules { 53 validations.MergeValidations(in.runChecks(destinationRule)) 54 } 55 56 return validations 57 } 58 59 func (in DestinationRulesChecker) runChecks(destinationRule *networking_v1beta1.DestinationRule) models.IstioValidations { 60 destinationRuleName := destinationRule.Name 61 key, rrValidation := EmptyValidValidation(destinationRuleName, destinationRule.Namespace, DestinationRuleCheckerType, in.Cluster) 62 63 enabledCheckers := []Checker{ 64 destinationrules.DisabledNamespaceWideMTLSChecker{DestinationRule: destinationRule, MTLSDetails: in.MTLSDetails}, 65 destinationrules.DisabledMeshWideMTLSChecker{DestinationRule: destinationRule, MeshPeerAuthns: in.MTLSDetails.MeshPeerAuthentications}, 66 } 67 if !in.Namespaces.IsNamespaceAmbient(destinationRule.Namespace, in.Cluster) { 68 enabledCheckers = append(enabledCheckers, common.ExportToNamespaceChecker{ExportTo: destinationRule.Spec.ExportTo, Namespaces: in.Namespaces}) 69 } 70 71 enabledCheckers = append(enabledCheckers, destinationrules.NamespaceWideMTLSChecker{DestinationRule: destinationRule, MTLSDetails: in.MTLSDetails}) 72 enabledCheckers = append(enabledCheckers, destinationrules.MeshWideMTLSChecker{DestinationRule: destinationRule, MTLSDetails: in.MTLSDetails}) 73 74 for _, checker := range enabledCheckers { 75 checks, validChecker := checker.Check() 76 rrValidation.Checks = append(rrValidation.Checks, checks...) 77 rrValidation.Valid = rrValidation.Valid && validChecker 78 } 79 80 return models.IstioValidations{key: rrValidation} 81 }