istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/config/analysis/analyzers/multicluster/meshnetworks.go (about)

     1  // Copyright Istio Authors
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package multicluster
    16  
    17  import (
    18  	"fmt"
    19  
    20  	v1 "k8s.io/api/core/v1"
    21  
    22  	"istio.io/api/mesh/v1alpha1"
    23  	"istio.io/istio/pilot/pkg/serviceregistry/provider"
    24  	"istio.io/istio/pkg/config"
    25  	"istio.io/istio/pkg/config/analysis"
    26  	"istio.io/istio/pkg/config/analysis/analyzers/util"
    27  	"istio.io/istio/pkg/config/analysis/msg"
    28  	"istio.io/istio/pkg/config/resource"
    29  	"istio.io/istio/pkg/config/schema/gvk"
    30  	"istio.io/istio/pkg/kube/multicluster"
    31  )
    32  
    33  // MeshNetworksAnalyzer validates MeshNetworks configuration in multi-cluster.
    34  type MeshNetworksAnalyzer struct{}
    35  
    36  var _ analysis.Analyzer = &MeshNetworksAnalyzer{}
    37  
    38  // Service Registries that are known to istio.
    39  var serviceRegistries = []provider.ID{
    40  	provider.Mock,
    41  	provider.Kubernetes,
    42  	provider.External,
    43  }
    44  
    45  // Metadata implements Analyzer
    46  func (s *MeshNetworksAnalyzer) Metadata() analysis.Metadata {
    47  	return analysis.Metadata{
    48  		Name:        "meshnetworks.MeshNetworksAnalyzer",
    49  		Description: "Check the validity of MeshNetworks in the cluster",
    50  		Inputs: []config.GroupVersionKind{
    51  			gvk.MeshNetworks,
    52  			gvk.Secret,
    53  		},
    54  	}
    55  }
    56  
    57  // Analyze implements Analyzer
    58  func (s *MeshNetworksAnalyzer) Analyze(c analysis.Context) {
    59  	c.ForEach(gvk.Secret, func(r *resource.Instance) bool {
    60  		if r.Metadata.Labels[multicluster.MultiClusterSecretLabel] == "true" {
    61  			s := r.Message.(*v1.Secret)
    62  			for c := range s.Data {
    63  				serviceRegistries = append(serviceRegistries, provider.ID(c))
    64  			}
    65  		}
    66  		return true
    67  	})
    68  
    69  	// only one meshnetworks config should exist.
    70  	c.ForEach(gvk.MeshNetworks, func(r *resource.Instance) bool {
    71  		mn := r.Message.(*v1alpha1.MeshNetworks)
    72  		for i, n := range mn.Networks {
    73  			for j, e := range n.Endpoints {
    74  				switch re := e.Ne.(type) {
    75  				case *v1alpha1.Network_NetworkEndpoints_FromRegistry:
    76  					found := false
    77  					for _, s := range serviceRegistries {
    78  						if provider.ID(re.FromRegistry) == s {
    79  							found = true
    80  						}
    81  					}
    82  					if !found {
    83  						m := msg.NewUnknownMeshNetworksServiceRegistry(r, re.FromRegistry, i)
    84  
    85  						if line, ok := util.ErrorLine(r, fmt.Sprintf(util.FromRegistry, i, j)); ok {
    86  							m.Line = line
    87  						}
    88  
    89  						c.Report(gvk.MeshNetworks, m)
    90  					}
    91  				}
    92  			}
    93  		}
    94  		return true
    95  	})
    96  }