/
validate_project.go
111 lines (88 loc) · 3.31 KB
/
validate_project.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package project
import (
"fmt"
"io"
"k8s.io/apimachinery/pkg/api/validation"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
validationutil "k8s.io/apimachinery/pkg/util/validation"
"k8s.io/apimachinery/pkg/util/validation/field"
"k8s.io/apiserver/pkg/admission"
configv1 "github.com/openshift/api/config/v1"
"github.com/openshift/origin/pkg/admission/customresourcevalidation"
)
const PluginName = "config.openshift.io/ValidateProject"
// Register registers a plugin
func Register(plugins *admission.Plugins) {
plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
return customresourcevalidation.NewValidator(
map[schema.GroupResource]bool{
configv1.Resource("projects"): true,
},
map[schema.GroupVersionKind]customresourcevalidation.ObjectValidator{
configv1.GroupVersion.WithKind("Project"): projectV1{},
})
})
}
func toProjectV1(uncastObj runtime.Object) (*configv1.Project, field.ErrorList) {
if uncastObj == nil {
return nil, nil
}
allErrs := field.ErrorList{}
obj, ok := uncastObj.(*configv1.Project)
if !ok {
return nil, append(allErrs,
field.NotSupported(field.NewPath("kind"), fmt.Sprintf("%T", uncastObj), []string{"Project"}),
field.NotSupported(field.NewPath("apiVersion"), fmt.Sprintf("%T", uncastObj), []string{"config.openshift.io/v1"}))
}
return obj, nil
}
type projectV1 struct {
}
func validateProjectSpec(spec configv1.ProjectSpec) field.ErrorList {
allErrs := field.ErrorList{}
if len(spec.ProjectRequestMessage) > 4096 {
allErrs = append(allErrs, field.Invalid(field.NewPath("spec.projectRequestMessage"), spec, validationutil.MaxLenError(4096)))
}
if name := spec.ProjectRequestTemplate.Name; len(name) > 0 {
for _, msg := range validation.NameIsDNSSubdomain(spec.ProjectRequestTemplate.Name, false) {
allErrs = append(allErrs, field.Invalid(field.NewPath("spec.projectRequestTemplate.name"), name, msg))
}
}
return allErrs
}
func (projectV1) ValidateCreate(uncastObj runtime.Object) field.ErrorList {
obj, allErrs := toProjectV1(uncastObj)
if len(allErrs) > 0 {
return allErrs
}
allErrs = append(allErrs, validation.ValidateObjectMeta(&obj.ObjectMeta, false, customresourcevalidation.RequireNameCluster, field.NewPath("metadata"))...)
allErrs = append(allErrs, validateProjectSpec(obj.Spec)...)
return allErrs
}
func (projectV1) ValidateUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList {
obj, allErrs := toProjectV1(uncastObj)
if len(allErrs) > 0 {
return allErrs
}
oldObj, allErrs := toProjectV1(uncastOldObj)
if len(allErrs) > 0 {
return allErrs
}
allErrs = append(allErrs, validation.ValidateObjectMetaUpdate(&obj.ObjectMeta, &oldObj.ObjectMeta, field.NewPath("metadata"))...)
allErrs = append(allErrs, validateProjectSpec(obj.Spec)...)
return allErrs
}
func (projectV1) ValidateStatusUpdate(uncastObj runtime.Object, uncastOldObj runtime.Object) field.ErrorList {
obj, errs := toProjectV1(uncastObj)
if len(errs) > 0 {
return errs
}
oldObj, errs := toProjectV1(uncastOldObj)
if len(errs) > 0 {
return errs
}
// TODO validate the obj. remember that status validation should *never* fail on spec validation errors.
errs = append(errs, validation.ValidateObjectMetaUpdate(&obj.ObjectMeta, &oldObj.ObjectMeta, field.NewPath("metadata"))...)
return errs
}