github.com/kiali/kiali@v1.84.0/business/checkers/request_authentication_checker.go (about) 1 package checkers 2 3 import ( 4 security_v1beta "istio.io/client-go/pkg/apis/security/v1beta1" 5 6 "github.com/kiali/kiali/business/checkers/common" 7 "github.com/kiali/kiali/models" 8 ) 9 10 const RequestAuthenticationCheckerType = "requestauthentication" 11 12 type RequestAuthenticationChecker struct { 13 RequestAuthentications []*security_v1beta.RequestAuthentication 14 WorkloadsPerNamespace map[string]models.WorkloadList 15 Cluster string 16 } 17 18 func (m RequestAuthenticationChecker) Check() models.IstioValidations { 19 validations := models.IstioValidations{} 20 21 validations.MergeValidations(common.RequestAuthenticationMultiMatchChecker(m.Cluster, RequestAuthenticationCheckerType, m.RequestAuthentications, m.WorkloadsPerNamespace).Check()) 22 23 for _, peerAuthn := range m.RequestAuthentications { 24 validations.MergeValidations(m.runChecks(peerAuthn)) 25 } 26 27 return validations 28 } 29 30 // runChecks runs all the individual checks for a single mesh policy and appends the result into validations. 31 func (m RequestAuthenticationChecker) runChecks(requestAuthn *security_v1beta.RequestAuthentication) models.IstioValidations { 32 requestAuthnName := requestAuthn.Name 33 key, rrValidation := EmptyValidValidation(requestAuthnName, requestAuthn.Namespace, RequestAuthenticationCheckerType, m.Cluster) 34 matchLabels := make(map[string]string) 35 if requestAuthn.Spec.Selector != nil { 36 matchLabels = requestAuthn.Spec.Selector.MatchLabels 37 } 38 enabledCheckers := []Checker{ 39 common.SelectorNoWorkloadFoundChecker(RequestAuthenticationCheckerType, matchLabels, m.WorkloadsPerNamespace), 40 } 41 42 for _, checker := range enabledCheckers { 43 checks, validChecker := checker.Check() 44 rrValidation.Checks = append(rrValidation.Checks, checks...) 45 rrValidation.Valid = rrValidation.Valid && validChecker 46 } 47 48 return models.IstioValidations{key: rrValidation} 49 }