github.com/kotalco/kotal@v0.3.0/apis/ipfs/v1alpha1/peer_validation_webhook.go

github.com/kotalco/kotal@v0.3.0/apis/ipfs/v1alpha1/peer_validation_webhook.go (about)

     1  package v1alpha1
     2  
     3  import (
     4  	"strings"
     5  
     6  	apierrors "k8s.io/apimachinery/pkg/api/errors"
     7  	"k8s.io/apimachinery/pkg/runtime"
     8  	"k8s.io/apimachinery/pkg/runtime/schema"
     9  	"k8s.io/apimachinery/pkg/util/validation/field"
    10  	"sigs.k8s.io/controller-runtime/pkg/webhook"
    11  	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
    12  )
    13  
    14  // +kubebuilder:webhook:verbs=create;update,path=/validate-ipfs-kotal-io-v1alpha1-peer,mutating=false,failurePolicy=fail,groups=ipfs.kotal.io,resources=peers,versions=v1alpha1,name=validate-ipfs-v1alpha1-peer.kb.io,sideEffects=None,admissionReviewVersions=v1
    15  
    16  var _ webhook.Validator = &Peer{}
    17  
    18  // ValidateCreate valdates ipfs peers during their creation
    19  func (p *Peer) ValidateCreate() (admission.Warnings, error) {
    20  	var allErrors field.ErrorList
    21  
    22  	peerlog.Info("validate create", "name", p.Name)
    23  
    24  	allErrors = append(allErrors, p.Spec.Resources.ValidateCreate()...)
    25  
    26  	if len(allErrors) == 0 {
    27  		return nil, nil
    28  	}
    29  
    30  	return nil, apierrors.NewInvalid(schema.GroupKind{}, p.Name, allErrors)
    31  }
    32  
    33  // initProfilesChanged returns true if initial profiles changed
    34  func initProfilesChanged(old, peer *Peer) bool {
    35  	for i, profile := range old.Spec.InitProfiles {
    36  		if peer.Spec.InitProfiles[i] != profile {
    37  			return true
    38  		}
    39  	}
    40  	return false
    41  }
    42  
    43  // ValidateUpdate validates ipfs peers while being updated
    44  func (p *Peer) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
    45  	var allErrors field.ErrorList
    46  	oldPeer := old.(*Peer)
    47  
    48  	peerlog.Info("validate update", "name", p.Name)
    49  
    50  	if oldPeer.Spec.SwarmKeySecretName != p.Spec.SwarmKeySecretName {
    51  		err := field.Invalid(field.NewPath("spec").Child("swarmKeySecretName"), p.Spec.SwarmKeySecretName, "field is immutable")
    52  		allErrors = append(allErrors, err)
    53  	}
    54  
    55  	if len(oldPeer.Spec.InitProfiles) != len(p.Spec.InitProfiles) || initProfilesChanged(oldPeer, p) {
    56  		profiles := []string{}
    57  		for _, profile := range p.Spec.InitProfiles {
    58  			profiles = append(profiles, string(profile))
    59  		}
    60  		err := field.Invalid(field.NewPath("spec").Child("initProfiles"), strings.Join(profiles, ","), "field is immutable")
    61  		allErrors = append(allErrors, err)
    62  	}
    63  
    64  	allErrors = append(allErrors, p.Spec.Resources.ValidateUpdate(&oldPeer.Spec.Resources)...)
    65  
    66  	if len(allErrors) == 0 {
    67  		return nil, nil
    68  	}
    69  
    70  	return nil, apierrors.NewInvalid(schema.GroupKind{}, p.Name, allErrors)
    71  }
    72  
    73  // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
    74  func (p *Peer) ValidateDelete() (admission.Warnings, error) {
    75  	peerlog.Info("validate delete", "name", p.Name)
    76  
    77  	return nil, nil
    78  }