Skip to content

Commit a1cb874

Browse files
[Add] CEL rules for validating App and PackageInstall Spec
This PR: - Adds KB marker to ensure that either spec.ServiceAccount or spec.Cluster is present in App and PackageInstall CR. - Bumps controller-tools to 0.10.0 to support CEL based validation marker. That is the latest version compatible with the k8s release the project is currently at. Signed-off-by: Varsha Prasad Narsing <[email protected]>
1 parent 5b1294b commit a1cb874

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

46 files changed

+725
-214
lines changed

config/config/crds.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -690,6 +690,9 @@ spec:
690690
type: object
691691
type: array
692692
type: object
693+
x-kubernetes-validations:
694+
- message: Expected service account or cluster.
695+
rule: has(self.serviceAccountName) || has(self.cluster)
693696
required:
694697
- spec
695698
type: object
@@ -1306,6 +1309,9 @@ spec:
13061309
type: object
13071310
type: array
13081311
type: object
1312+
x-kubernetes-validations:
1313+
- message: Expected service account or cluster.
1314+
rule: has(self.serviceAccountName) || has(self.cluster)
13091315
status:
13101316
properties:
13111317
conditions:
@@ -1555,6 +1561,9 @@ spec:
15551561
type: object
15561562
type: array
15571563
type: object
1564+
x-kubernetes-validations:
1565+
- message: Expected service account or cluster.
1566+
rule: has(self.serviceAccountName) || has(self.cluster)
15581567
status:
15591568
properties:
15601569
conditions:

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ require (
2222
k8s.io/kube-aggregator v0.22.17
2323
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1
2424
sigs.k8s.io/controller-runtime v0.13.1
25-
sigs.k8s.io/controller-tools v0.7.0
25+
sigs.k8s.io/controller-tools v0.10.0
2626
sigs.k8s.io/yaml v1.3.0
2727
)
2828

@@ -61,7 +61,7 @@ require (
6161
github.com/go-openapi/jsonpointer v0.19.5 // indirect
6262
github.com/go-openapi/jsonreference v0.19.6 // indirect
6363
github.com/go-openapi/swag v0.19.15 // indirect
64-
github.com/gobuffalo/flect v0.2.3 // indirect
64+
github.com/gobuffalo/flect v0.2.5 // indirect
6565
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
6666
github.com/golang/protobuf v1.5.2 // indirect
6767
github.com/google/gnostic v0.5.7-v3refs // indirect

go.sum

Lines changed: 4 additions & 51 deletions
Large diffs are not rendered by default.

pkg/apis/kappctrl/v1alpha1/generated.proto

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/apis/kappctrl/v1alpha1/types.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@ type AppList struct {
4444
}
4545

4646
// +k8s:openapi-gen=true
47+
// +kubebuilder:validation:XValidation:rule="has(self.serviceAccountName) || has(self.cluster)", message="Expected service account or cluster."
4748
type AppSpec struct {
4849
// Specifies that app should be deployed authenticated via
4950
// given service account, found in this namespace (optional; v0.6.0+)

pkg/apis/packaging/v1alpha1/package_install.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@ type PackageInstallList struct {
4343
Items []PackageInstall `json:"items"`
4444
}
4545

46+
// +kubebuilder:validation:XValidation:rule="has(self.serviceAccountName) || has(self.cluster)", message="Expected service account or cluster."
4647
type PackageInstallSpec struct {
4748
// Specifies service account that will be used to install underlying package contents
4849
// +optional

vendor/github.com/gobuffalo/flect/camelize.go

Lines changed: 0 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/gobuffalo/flect/pascalize.go

Lines changed: 9 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/gobuffalo/flect/plural_rules.go

Lines changed: 7 additions & 8 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/gobuffalo/flect/singular_rules.go

Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)