github.com/kotalco/kotal@v0.3.0/apis/aptos/v1alpha1/node_validation_webhook.go

github.com/kotalco/kotal@v0.3.0/apis/aptos/v1alpha1/node_validation_webhook.go (about)

     1  package v1alpha1
     2  
     3  import (
     4  	apierrors "k8s.io/apimachinery/pkg/api/errors"
     5  	"k8s.io/apimachinery/pkg/runtime"
     6  	"k8s.io/apimachinery/pkg/runtime/schema"
     7  	"k8s.io/apimachinery/pkg/util/validation/field"
     8  	"sigs.k8s.io/controller-runtime/pkg/webhook"
     9  	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
    10  )
    11  
    12  // +kubebuilder:webhook:verbs=create;update,path=/validate-aptos-kotal-io-v1alpha1-node,mutating=false,failurePolicy=fail,groups=aptos.kotal.io,resources=nodes,versions=v1alpha1,name=validate-aptos-v1alpha1-node.kb.io,sideEffects=None,admissionReviewVersions=v1
    13  
    14  var _ webhook.Validator = &Node{}
    15  
    16  // validate shared validation logic for create and update resources
    17  func (r *Node) validate() field.ErrorList {
    18  	var nodeErrors field.ErrorList
    19  
    20  	if r.Spec.NodePrivateKeySecretName != "" && r.Spec.PeerId == "" {
    21  		err := field.Invalid(field.NewPath("spec").Child("peerId"), r.Spec.PeerId, "must provide peerId if nodePrivateKeySecretName is provided")
    22  		nodeErrors = append(nodeErrors, err)
    23  	}
    24  
    25  	if r.Spec.PeerId != "" && r.Spec.NodePrivateKeySecretName == "" {
    26  		err := field.Invalid(field.NewPath("spec").Child("nodePrivateKeySecretName"), r.Spec.NodePrivateKeySecretName, "must provide nodePrivateKeySecretName if peerId is provided")
    27  		nodeErrors = append(nodeErrors, err)
    28  	}
    29  
    30  	return nodeErrors
    31  }
    32  
    33  // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
    34  func (r *Node) ValidateCreate() (admission.Warnings, error) {
    35  	var allErrors field.ErrorList
    36  
    37  	nodelog.Info("validate create", "name", r.Name)
    38  
    39  	allErrors = append(allErrors, r.validate()...)
    40  	allErrors = append(allErrors, r.Spec.Resources.ValidateCreate()...)
    41  
    42  	if len(allErrors) == 0 {
    43  		return nil, nil
    44  	}
    45  
    46  	return nil, apierrors.NewInvalid(schema.GroupKind{}, r.Name, allErrors)
    47  }
    48  
    49  // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
    50  func (r *Node) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
    51  	var allErrors field.ErrorList
    52  	oldNode := old.(*Node)
    53  
    54  	nodelog.Info("validate update", "name", r.Name)
    55  
    56  	allErrors = append(allErrors, r.validate()...)
    57  	allErrors = append(allErrors, r.Spec.Resources.ValidateUpdate(&oldNode.Spec.Resources)...)
    58  
    59  	if r.Spec.Network != oldNode.Spec.Network {
    60  		err := field.Invalid(field.NewPath("spec").Child("network"), r.Spec.Network, "field is immutable")
    61  		allErrors = append(allErrors, err)
    62  	}
    63  
    64  	if len(allErrors) == 0 {
    65  		return nil, nil
    66  	}
    67  
    68  	return nil, apierrors.NewInvalid(schema.GroupKind{}, r.Name, allErrors)
    69  }
    70  
    71  // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
    72  func (r *Node) ValidateDelete() (admission.Warnings, error) {
    73  	nodelog.Info("validate delete", "name", r.Name)
    74  
    75  	return nil, nil
    76  }