istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/pkg/bootstrap/validation.go (about) 1 // Copyright Istio Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package bootstrap 16 17 import ( 18 "istio.io/istio/pilot/pkg/features" 19 "istio.io/istio/pkg/config/schema/collections" 20 "istio.io/istio/pkg/log" 21 "istio.io/istio/pkg/webhooks/validation/controller" 22 "istio.io/istio/pkg/webhooks/validation/server" 23 ) 24 25 func (s *Server) initConfigValidation(args *PilotArgs) error { 26 if s.kubeClient == nil { 27 return nil 28 } 29 30 log.Info("initializing config validator") 31 // always start the validation server 32 params := server.Options{ 33 Schemas: collections.PilotGatewayAPI(), 34 DomainSuffix: args.RegistryOptions.KubeOptions.DomainSuffix, 35 Mux: s.httpsMux, 36 } 37 _, err := server.New(params) 38 if err != nil { 39 return err 40 } 41 42 s.readinessFlags.configValidationReady.Store(true) 43 44 if features.ValidationWebhookConfigName != "" && s.kubeClient != nil { 45 s.addStartFunc("validation controller", func(stop <-chan struct{}) error { 46 log.Infof("Starting validation controller") 47 go controller.NewValidatingWebhookController( 48 s.kubeClient, args.Revision, args.Namespace, s.istiodCertBundleWatcher).Run(stop) 49 return nil 50 }) 51 } 52 return nil 53 }