From b9125a8d6113e6a74e06f4434af03580a4c1ec65 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Wed, 13 Nov 2019 12:32:40 +0100 Subject: [PATCH 1/7] feat(kuma-cp) validate proxy template --- pkg/core/resources/apis/mesh/proxytemplate.go | 3 - .../apis/mesh/proxytemplate_validator.go | 78 +++++++++++ .../apis/mesh/proxytemplate_validator_test.go | 131 ++++++++++++++++++ pkg/xds/template/proxy_template.go | 2 + 4 files changed, 211 insertions(+), 3 deletions(-) create mode 100644 pkg/core/resources/apis/mesh/proxytemplate_validator.go create mode 100644 pkg/core/resources/apis/mesh/proxytemplate_validator_test.go diff --git a/pkg/core/resources/apis/mesh/proxytemplate.go b/pkg/core/resources/apis/mesh/proxytemplate.go index 1922935f6719..b17540372e5e 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate.go +++ b/pkg/core/resources/apis/mesh/proxytemplate.go @@ -39,9 +39,6 @@ func (t *ProxyTemplateResource) SetSpec(spec model.ResourceSpec) error { return nil } } -func (t *ProxyTemplateResource) Validate() error { - return nil -} var _ model.ResourceList = &ProxyTemplateResourceList{} diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator.go b/pkg/core/resources/apis/mesh/proxytemplate_validator.go new file mode 100644 index 000000000000..1a6447dd3e31 --- /dev/null +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator.go @@ -0,0 +1,78 @@ +package mesh + +import ( + "fmt" + "github.com/Kong/kuma/api/mesh/v1alpha1" + "github.com/Kong/kuma/pkg/core/validators" + "github.com/Kong/kuma/pkg/xds/template" + "strings" +) + +var availableProfiles map[string]bool +var availableProfilesMsg string + +func init() { + profiles := []string{} + availableProfiles = map[string]bool{} + for _, profile := range template.AvailableProfiles { + availableProfiles[profile] = true + profiles = append(profiles, profile) + } + availableProfilesMsg = strings.Join(profiles, ",") +} + +func (t *ProxyTemplateResource) Validate() error { + var verr validators.ValidationError + verr.AddError("", validateImports(t.Spec.Imports)) + verr.AddError("", validateResources(t.Spec.Resources)) + verr.AddError("", validateSelectors(t.Spec.Selectors)) + return verr.OrNil() +} + +func validateImports(imports []string) validators.ValidationError { + var verr validators.ValidationError + for i, imp := range imports { + if imp == "" { + verr.AddViolationAt(validators.RootedAt("imports").Index(i), "cannot be empty") + continue + } + if !availableProfiles[imp] { + verr.AddViolationAt(validators.RootedAt("imports").Index(i), fmt.Sprintf("profile not found. Available profiles: %s", availableProfilesMsg)) + } + } + return verr +} + +func validateResources(resources []*v1alpha1.ProxyTemplateRawResource) validators.ValidationError { + var verr validators.ValidationError + for i, resource := range resources { + if resource.Name == "" { + verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("name"), "cannot be empty") + } + if resource.Version == "" { + verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("version"), "cannot be empty") + } + if resource.Resource == "" { + verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("resource"), "cannot be empty") + } + } + return verr +} + +func validateSelectors(selectors []*v1alpha1.ProxyTemplate_Selector) validators.ValidationError { + var verr validators.ValidationError + for i, selector := range selectors { + if len(selector.Match) == 0 { + verr.AddViolationAt(validators.RootedAt("selectors").Index(i), "has to contain at least one tag") + } + for key, value := range selector.Match { + if key == "" { + verr.AddViolationAt(validators.RootedAt("selectors").Index(i).Key(key), "tag cannot be empty") + } + if value == "" { + verr.AddViolationAt(validators.RootedAt("selectors").Index(i).Key(key), "value of tag cannot be empty") + } + } + } + return verr +} diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go new file mode 100644 index 000000000000..b9cf794704ac --- /dev/null +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go @@ -0,0 +1,131 @@ +package mesh_test + +import ( + "github.com/Kong/kuma/pkg/core/resources/apis/mesh" + . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/extensions/table" + . "github.com/onsi/gomega" + + util_proto "github.com/Kong/kuma/pkg/util/proto" + "github.com/ghodss/yaml" +) + +var _ = Describe("ProxyTemplate", func() { + Describe("Validate()", func() { + It("should pass validation", func() { + // given + spec := ` + selectors: + - match: + service: backend + imports: + - default-proxy + resources: + - name: additional + version: v1 + resource: test` + + proxyTemplate := mesh.ProxyTemplateResource{} + + // when + err := util_proto.FromYAML([]byte(spec), &proxyTemplate.Spec) + // then + Expect(err).ToNot(HaveOccurred()) + + // when + err = proxyTemplate.Validate() + // then + Expect(err).ToNot(HaveOccurred()) + }) + + type testCase struct { + proxyTemplate string + expected string + } + DescribeTable("should validate fields", + func(given testCase) { + // given + proxyTemplate := mesh.ProxyTemplateResource{} + + // when + err := util_proto.FromYAML([]byte(given.proxyTemplate), &proxyTemplate.Spec) + // then + Expect(err).ToNot(HaveOccurred()) + + // when + verr := proxyTemplate.Validate() + // and + actual, err := yaml.Marshal(verr) + + // then + Expect(err).ToNot(HaveOccurred()) + // and + Expect(actual).To(MatchYAML(given.expected)) + }, + Entry("empty import", testCase{ + proxyTemplate: ` + imports: + - "" + selectors: + - match: + service: backend`, + expected: ` + violations: + - field: imports[0] + message: cannot be empty`, + }), + Entry("unknown profile", testCase{ + proxyTemplate: ` + imports: + - unknown-porfile + selectors: + - match: + service: backend`, + expected: ` + violations: + - field: imports[0] + message: 'profile not found. Available profiles: default-proxy'`, + }), + Entry("resources empty fields", testCase{ + proxyTemplate: ` + selectors: + - match: + service: backend + resources: + - name: + version: + resource:`, + expected: ` + violations: + - field: resources[0].name + message: cannot be empty + - field: resources[0].version + message: cannot be empty + - field: resources[0].resource + message: cannot be empty`, + }), + Entry("selector without tags", testCase{ + proxyTemplate: ` + selectors: + - match:`, + expected: ` + violations: + - field: selectors[0] + message: has to contain at least one tag`, + }), + Entry("invalid tags", testCase{ + proxyTemplate: ` + selectors: + - match: + "": asdf + service:`, + expected: ` + violations: + - field: selectors[0][""] + message: tag cannot be empty + - field: 'selectors[0]["service"]' + message: value of tag cannot be empty`, + }), + ) + }) +}) diff --git a/pkg/xds/template/proxy_template.go b/pkg/xds/template/proxy_template.go index d32a29ebd7b5..3a67976c4864 100644 --- a/pkg/xds/template/proxy_template.go +++ b/pkg/xds/template/proxy_template.go @@ -8,6 +8,8 @@ const ( ProfileDefaultProxy = "default-proxy" ) +var AvailableProfiles = []string{ProfileDefaultProxy} + var ( DefaultProxyTemplate = &kuma_mesh.ProxyTemplate{ Imports: []string{ From f67a9af977be48c658de42bade0a906a303ae377 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Wed, 13 Nov 2019 14:49:28 +0100 Subject: [PATCH 2/7] feat(kuma-cp) validate envoy resource --- .../apis/mesh/proxytemplate_validator.go | 2 + .../apis/mesh/proxytemplate_validator_test.go | 53 ++++++++++++++++++- pkg/xds/generator/proxy_template.go | 27 +--------- pkg/xds/template/raw.go | 38 +++++++++++++ 4 files changed, 94 insertions(+), 26 deletions(-) create mode 100644 pkg/xds/template/raw.go diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator.go b/pkg/core/resources/apis/mesh/proxytemplate_validator.go index 1a6447dd3e31..e7bfc813d5cd 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator.go @@ -54,6 +54,8 @@ func validateResources(resources []*v1alpha1.ProxyTemplateRawResource) validator } if resource.Resource == "" { verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("resource"), "cannot be empty") + } else if _, err := template.ResourceFromYaml(resource.Resource); err != nil { + verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("resource"), err.Error()) } } return verr diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go index b9cf794704ac..53881c4e7a8a 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go @@ -23,7 +23,20 @@ var _ = Describe("ProxyTemplate", func() { resources: - name: additional version: v1 - resource: test` + resource: | + '@type': type.googleapis.com/envoy.api.v2.Cluster + connectTimeout: 5s + loadAssignment: + clusterName: localhost:8443 + endpoints: + - lbEndpoints: + - endpoint: + address: + socketAddress: + address: 127.0.0.1 + portValue: 8443 + name: localhost:8443 + type: STATIC` proxyTemplate := mesh.ProxyTemplateResource{} @@ -126,6 +139,44 @@ var _ = Describe("ProxyTemplate", func() { - field: 'selectors[0]["service"]' message: value of tag cannot be empty`, }), + Entry("validation error from envoy protobuf resource", testCase{ + proxyTemplate: ` + selectors: + - match: + service: backend + resources: + - name: additional + version: v1 + resource: | + '@type': type.googleapis.com/envoy.api.v2.Cluster + loadAssignment: + clusterName: localhost:8443 + endpoints: + - lbEndpoints: + - endpoint: + address: + socketAddress: + address: 127.0.0.1 + portValue: 8443`, + expected: ` + violations: + - field: resources[0].resource + message: 'invalid Cluster.Name: value length must be at least 1 bytes'`, + }), + Entry("invalid envoy resource", testCase{ + proxyTemplate: ` + selectors: + - match: + service: backend + resources: + - name: additional + version: v1 + resource: not-envoy-resource`, + expected: ` + violations: + - field: resources[0].resource + message: 'json: cannot unmarshal string into Go value of type map[string]*json.RawMessage'`, + }), ) }) }) diff --git a/pkg/xds/generator/proxy_template.go b/pkg/xds/generator/proxy_template.go index 7a44b99ade4a..1cb67c8d55b5 100644 --- a/pkg/xds/generator/proxy_template.go +++ b/pkg/xds/generator/proxy_template.go @@ -1,7 +1,6 @@ package generator import ( - "bytes" "fmt" "sort" "strings" @@ -15,10 +14,6 @@ import ( xds_context "github.com/Kong/kuma/pkg/xds/context" "github.com/Kong/kuma/pkg/xds/envoy" "github.com/Kong/kuma/pkg/xds/template" - "github.com/ghodss/yaml" - "github.com/golang/protobuf/jsonpb" - "github.com/golang/protobuf/ptypes" - any "github.com/golang/protobuf/ptypes/any" ) type TemplateProxyGenerator struct { @@ -51,33 +46,15 @@ type ProxyTemplateRawSource struct { func (s *ProxyTemplateRawSource) Generate(_ xds_context.Context, proxy *model.Proxy) ([]*Resource, error) { resources := make([]*Resource, 0, len(s.Resources)) for i, r := range s.Resources { - json, err := yaml.YAMLToJSON([]byte(r.Resource)) + res, err := template.ResourceFromYaml(r.Resource) if err != nil { - json = []byte(r.Resource) - } - - var anything any.Any - if err := (&jsonpb.Unmarshaler{}).Unmarshal(bytes.NewReader(json), &anything); err != nil { - return nil, fmt.Errorf("raw.resources[%d]{name=%q}.resource: %s", i, r.Name, err) - } - var dyn ptypes.DynamicAny - if err := ptypes.UnmarshalAny(&anything, &dyn); err != nil { return nil, fmt.Errorf("raw.resources[%d]{name=%q}.resource: %s", i, r.Name, err) } - p, ok := dyn.Message.(ResourcePayload) - if !ok { - return nil, fmt.Errorf("raw.resources[%d]{name=%q}.resource: xDS resource doesn't implement all required interfaces", i, r.Name) - } - if v, ok := p.(interface{ Validate() error }); ok { - if err := v.Validate(); err != nil { - return nil, fmt.Errorf("raw.resources[%d]{name=%q}.resource: %s", i, r.Name, err) - } - } resources = append(resources, &Resource{ Name: r.Name, Version: r.Version, - Resource: p, + Resource: res, }) } return resources, nil diff --git a/pkg/xds/template/raw.go b/pkg/xds/template/raw.go new file mode 100644 index 000000000000..cbc9f19f2fe8 --- /dev/null +++ b/pkg/xds/template/raw.go @@ -0,0 +1,38 @@ +package template + +import ( + "bytes" + "errors" + "github.com/envoyproxy/go-control-plane/pkg/cache" + "github.com/ghodss/yaml" + "github.com/golang/protobuf/jsonpb" + "github.com/golang/protobuf/proto" + "github.com/golang/protobuf/ptypes" + "github.com/golang/protobuf/ptypes/any" +) + +func ResourceFromYaml(resYaml string) (proto.Message, error) { + json, err := yaml.YAMLToJSON([]byte(resYaml)) + if err != nil { + json = []byte(resYaml) + } + + var anything any.Any + if err := (&jsonpb.Unmarshaler{}).Unmarshal(bytes.NewReader(json), &anything); err != nil { + return nil, err + } + var dyn ptypes.DynamicAny + if err := ptypes.UnmarshalAny(&anything, &dyn); err != nil { + return nil, err + } + p, ok := dyn.Message.(cache.Resource) + if !ok { + return nil, errors.New("xDS resource doesn't implement all required interfaces") + } + if v, ok := p.(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return nil, err + } + } + return p, nil +} From b1a41ad7cc0f587759087917091250ba15d3db03 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Wed, 13 Nov 2019 20:21:31 +0100 Subject: [PATCH 3/7] fix test ordering --- .../apis/mesh/proxytemplate_validator_test.go | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go index 53881c4e7a8a..e098dd74b5b4 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go @@ -126,16 +126,23 @@ var _ = Describe("ProxyTemplate", func() { - field: selectors[0] message: has to contain at least one tag`, }), - Entry("invalid tags", testCase{ + Entry("empty tag", testCase{ proxyTemplate: ` selectors: - match: - "": asdf - service:`, + "": asdf`, expected: ` violations: - field: selectors[0][""] - message: tag cannot be empty + message: tag cannot be empty`, + }), + Entry("empty tag value", testCase{ + proxyTemplate: ` + selectors: + - match: + service:`, + expected: ` + violations: - field: 'selectors[0]["service"]' message: value of tag cannot be empty`, }), From d98d583e41d871e4f721b2cada9c206790dd127e Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Thu, 14 Nov 2019 11:42:58 +0100 Subject: [PATCH 4/7] repackage to util envoy --- pkg/core/resources/apis/mesh/proxytemplate_validator.go | 5 +++-- .../resources/apis/mesh/proxytemplate_validator_test.go | 6 +++--- pkg/{xds/template => util/envoy}/raw.go | 2 +- pkg/xds/generator/proxy_template.go | 3 ++- 4 files changed, 9 insertions(+), 7 deletions(-) rename pkg/{xds/template => util/envoy}/raw.go (98%) diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator.go b/pkg/core/resources/apis/mesh/proxytemplate_validator.go index e7bfc813d5cd..031e7c198f7d 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/Kong/kuma/api/mesh/v1alpha1" "github.com/Kong/kuma/pkg/core/validators" + "github.com/Kong/kuma/pkg/util/envoy" "github.com/Kong/kuma/pkg/xds/template" "strings" ) @@ -54,8 +55,8 @@ func validateResources(resources []*v1alpha1.ProxyTemplateRawResource) validator } if resource.Resource == "" { verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("resource"), "cannot be empty") - } else if _, err := template.ResourceFromYaml(resource.Resource); err != nil { - verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("resource"), err.Error()) + } else if _, err := envoy.ResourceFromYaml(resource.Resource); err != nil { + verr.AddViolationAt(validators.RootedAt("resources").Index(i).Field("resource"), fmt.Sprintf("native Envoy resource is not valid: %s", err.Error())) } } return verr diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go index e098dd74b5b4..bd07b8c3250c 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go @@ -90,7 +90,7 @@ var _ = Describe("ProxyTemplate", func() { Entry("unknown profile", testCase{ proxyTemplate: ` imports: - - unknown-porfile + - unknown-profile selectors: - match: service: backend`, @@ -168,7 +168,7 @@ var _ = Describe("ProxyTemplate", func() { expected: ` violations: - field: resources[0].resource - message: 'invalid Cluster.Name: value length must be at least 1 bytes'`, + message: 'native Envoy resource is not valid: invalid Cluster.Name: value length must be at least 1 bytes'`, }), Entry("invalid envoy resource", testCase{ proxyTemplate: ` @@ -182,7 +182,7 @@ var _ = Describe("ProxyTemplate", func() { expected: ` violations: - field: resources[0].resource - message: 'json: cannot unmarshal string into Go value of type map[string]*json.RawMessage'`, + message: 'native Envoy resource is not valid: json: cannot unmarshal string into Go value of type map[string]*json.RawMessage'`, }), ) }) diff --git a/pkg/xds/template/raw.go b/pkg/util/envoy/raw.go similarity index 98% rename from pkg/xds/template/raw.go rename to pkg/util/envoy/raw.go index cbc9f19f2fe8..bac1165968c1 100644 --- a/pkg/xds/template/raw.go +++ b/pkg/util/envoy/raw.go @@ -1,4 +1,4 @@ -package template +package envoy import ( "bytes" diff --git a/pkg/xds/generator/proxy_template.go b/pkg/xds/generator/proxy_template.go index 1cb67c8d55b5..8284f17d6a0d 100644 --- a/pkg/xds/generator/proxy_template.go +++ b/pkg/xds/generator/proxy_template.go @@ -11,6 +11,7 @@ import ( mesh_core "github.com/Kong/kuma/pkg/core/resources/apis/mesh" "github.com/Kong/kuma/pkg/core/validators" model "github.com/Kong/kuma/pkg/core/xds" + util_envoy "github.com/Kong/kuma/pkg/util/envoy" xds_context "github.com/Kong/kuma/pkg/xds/context" "github.com/Kong/kuma/pkg/xds/envoy" "github.com/Kong/kuma/pkg/xds/template" @@ -46,7 +47,7 @@ type ProxyTemplateRawSource struct { func (s *ProxyTemplateRawSource) Generate(_ xds_context.Context, proxy *model.Proxy) ([]*Resource, error) { resources := make([]*Resource, 0, len(s.Resources)) for i, r := range s.Resources { - res, err := template.ResourceFromYaml(r.Resource) + res, err := util_envoy.ResourceFromYaml(r.Resource) if err != nil { return nil, fmt.Errorf("raw.resources[%d]{name=%q}.resource: %s", i, r.Name, err) } From a402159fb03481f30d7e36dbff489d8cf3327daf Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Thu, 14 Nov 2019 12:02:35 +0100 Subject: [PATCH 5/7] change proxy template to shared selectors --- api/mesh/v1alpha1/proxy_template.pb.go | 100 +++++------------- api/mesh/v1alpha1/proxy_template.proto | 10 +- .../apis/mesh/proxytemplate_validator.go | 2 +- .../server/proxy_template_resolver_test.go | 14 +-- 4 files changed, 37 insertions(+), 89 deletions(-) diff --git a/api/mesh/v1alpha1/proxy_template.pb.go b/api/mesh/v1alpha1/proxy_template.pb.go index 4dfadfe507af..2596fe937b58 100644 --- a/api/mesh/v1alpha1/proxy_template.pb.go +++ b/api/mesh/v1alpha1/proxy_template.pb.go @@ -24,7 +24,7 @@ const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package type ProxyTemplate struct { // List of Dataplane selectors. // +optional - Selectors []*ProxyTemplate_Selector `protobuf:"bytes,1,rep,name=selectors,proto3" json:"selectors,omitempty"` + Selectors []*Selector `protobuf:"bytes,1,rep,name=selectors,proto3" json:"selectors,omitempty"` // List of imported profiles. // +optional Imports []string `protobuf:"bytes,2,rep,name=imports,proto3" json:"imports,omitempty"` @@ -61,7 +61,7 @@ func (m *ProxyTemplate) XXX_DiscardUnknown() { var xxx_messageInfo_ProxyTemplate proto.InternalMessageInfo -func (m *ProxyTemplate) GetSelectors() []*ProxyTemplate_Selector { +func (m *ProxyTemplate) GetSelectors() []*Selector { if m != nil { return m.Selectors } @@ -82,48 +82,6 @@ func (m *ProxyTemplate) GetResources() []*ProxyTemplateRawResource { return nil } -// Selector defines a tag-based selector of Dataplanes. -type ProxyTemplate_Selector struct { - // Match Dataplanes with the following key-value pairs. - // +optional - Match map[string]string `protobuf:"bytes,1,rep,name=match,proto3" json:"match,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *ProxyTemplate_Selector) Reset() { *m = ProxyTemplate_Selector{} } -func (m *ProxyTemplate_Selector) String() string { return proto.CompactTextString(m) } -func (*ProxyTemplate_Selector) ProtoMessage() {} -func (*ProxyTemplate_Selector) Descriptor() ([]byte, []int) { - return fileDescriptor_129e53d675ac14f4, []int{0, 0} -} - -func (m *ProxyTemplate_Selector) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_ProxyTemplate_Selector.Unmarshal(m, b) -} -func (m *ProxyTemplate_Selector) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_ProxyTemplate_Selector.Marshal(b, m, deterministic) -} -func (m *ProxyTemplate_Selector) XXX_Merge(src proto.Message) { - xxx_messageInfo_ProxyTemplate_Selector.Merge(m, src) -} -func (m *ProxyTemplate_Selector) XXX_Size() int { - return xxx_messageInfo_ProxyTemplate_Selector.Size(m) -} -func (m *ProxyTemplate_Selector) XXX_DiscardUnknown() { - xxx_messageInfo_ProxyTemplate_Selector.DiscardUnknown(m) -} - -var xxx_messageInfo_ProxyTemplate_Selector proto.InternalMessageInfo - -func (m *ProxyTemplate_Selector) GetMatch() map[string]string { - if m != nil { - return m.Match - } - return nil -} - type ProxyTemplateSource struct { // Name of a configuration source. // +optional @@ -367,8 +325,6 @@ func (m *ProxyTemplateRawResource) GetResource() string { func init() { proto.RegisterType((*ProxyTemplate)(nil), "kuma.mesh.v1alpha1.ProxyTemplate") - proto.RegisterType((*ProxyTemplate_Selector)(nil), "kuma.mesh.v1alpha1.ProxyTemplate.Selector") - proto.RegisterMapType((map[string]string)(nil), "kuma.mesh.v1alpha1.ProxyTemplate.Selector.MatchEntry") proto.RegisterType((*ProxyTemplateSource)(nil), "kuma.mesh.v1alpha1.ProxyTemplateSource") proto.RegisterType((*ProxyTemplateProfileSource)(nil), "kuma.mesh.v1alpha1.ProxyTemplateProfileSource") proto.RegisterMapType((map[string]string)(nil), "kuma.mesh.v1alpha1.ProxyTemplateProfileSource.ParamsEntry") @@ -379,31 +335,29 @@ func init() { func init() { proto.RegisterFile("mesh/v1alpha1/proxy_template.proto", fileDescriptor_129e53d675ac14f4) } var fileDescriptor_129e53d675ac14f4 = []byte{ - // 401 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x53, 0x4f, 0x8b, 0xda, 0x40, - 0x14, 0xef, 0x24, 0xfe, 0xcb, 0x0b, 0x85, 0x32, 0x2d, 0x65, 0xc8, 0x49, 0x72, 0x12, 0x29, 0x23, - 0x5a, 0x0a, 0xd6, 0x43, 0x0f, 0x42, 0x41, 0x2c, 0x05, 0x19, 0x7b, 0xea, 0xa5, 0x4c, 0x75, 0x8a, - 0x62, 0xe2, 0x0c, 0x93, 0x51, 0x9b, 0x8f, 0xb1, 0x1f, 0x68, 0xd9, 0x0f, 0xb1, 0x5f, 0x68, 0xc9, - 0x24, 0xd1, 0x95, 0x55, 0x54, 0xf6, 0x96, 0xf7, 0xf8, 0xfd, 0x7b, 0xef, 0x4d, 0x20, 0x8c, 0x45, - 0xb2, 0xe8, 0x6c, 0xbb, 0x3c, 0x52, 0x0b, 0xde, 0xed, 0x28, 0x2d, 0xff, 0xa7, 0x7f, 0x8c, 0x88, - 0x55, 0xc4, 0x8d, 0xa0, 0x4a, 0x4b, 0x23, 0x31, 0x5e, 0x6d, 0x62, 0x4e, 0x33, 0x20, 0x2d, 0x81, - 0xe1, 0xa3, 0x03, 0x6f, 0x27, 0x19, 0xf8, 0x57, 0x81, 0xc5, 0x23, 0xf0, 0x12, 0x11, 0x89, 0x99, - 0x91, 0x3a, 0x21, 0xa8, 0xe9, 0xb6, 0xfc, 0x5e, 0x9b, 0xbe, 0x64, 0xd2, 0x23, 0x16, 0x9d, 0x16, - 0x14, 0x76, 0x20, 0x63, 0x02, 0xf5, 0x65, 0xac, 0xa4, 0x36, 0x09, 0x71, 0x9a, 0x6e, 0xcb, 0x63, - 0x65, 0x89, 0xc7, 0xe0, 0x69, 0x91, 0xc8, 0x8d, 0x9e, 0x89, 0x84, 0xb8, 0xd6, 0xe3, 0xd3, 0x45, - 0x0f, 0xc6, 0x77, 0xac, 0x20, 0xb1, 0x03, 0x3d, 0xb8, 0x43, 0xd0, 0x28, 0xdd, 0xf1, 0x0f, 0xa8, - 0xc6, 0xdc, 0xcc, 0x16, 0x45, 0xf0, 0x2f, 0xd7, 0x07, 0xa7, 0x3f, 0x33, 0xde, 0xf7, 0xb5, 0xd1, - 0x29, 0xcb, 0x35, 0x82, 0x3e, 0xc0, 0xa1, 0x89, 0xdf, 0x81, 0xbb, 0x12, 0x29, 0x41, 0x4d, 0xd4, - 0xf2, 0x58, 0xf6, 0x89, 0x3f, 0x40, 0x75, 0xcb, 0xa3, 0x8d, 0x20, 0x8e, 0xed, 0xe5, 0xc5, 0xc0, - 0xe9, 0xa3, 0xf0, 0x1e, 0xc1, 0xfb, 0x23, 0x9b, 0xa9, 0x0d, 0x8b, 0x31, 0x54, 0xd6, 0x3c, 0x16, - 0x85, 0x88, 0xfd, 0xc6, 0x63, 0xa8, 0x2b, 0x2d, 0xff, 0x2d, 0xa3, 0x5c, 0xc7, 0xef, 0xd1, 0x8b, - 0xa1, 0x27, 0x39, 0x3e, 0x17, 0x1d, 0xbd, 0x61, 0xa5, 0x00, 0xfe, 0x06, 0xae, 0xe6, 0x3b, 0xe2, - 0x5a, 0x9d, 0xf6, 0x35, 0x1b, 0xdd, 0x6b, 0x64, 0xc4, 0x61, 0x0d, 0x2a, 0x26, 0x55, 0x22, 0x7c, - 0x40, 0x10, 0x9c, 0x77, 0x3c, 0x39, 0x06, 0x83, 0x9a, 0xe2, 0x9a, 0xc7, 0xf9, 0xad, 0xfd, 0xde, - 0xe0, 0xb6, 0x29, 0xe8, 0xc4, 0x92, 0xf3, 0xfd, 0x17, 0x4a, 0xc1, 0x57, 0xf0, 0x9f, 0xb5, 0x6f, - 0xba, 0xc0, 0x1c, 0x3e, 0x9e, 0x1e, 0xf5, 0xf8, 0xed, 0xa1, 0x57, 0xbd, 0xbd, 0x70, 0x0e, 0xe4, - 0x1c, 0xec, 0xe4, 0x92, 0x08, 0xd4, 0xb7, 0x42, 0x27, 0x4b, 0xb9, 0x2e, 0x12, 0x97, 0x25, 0x0e, - 0xa0, 0x51, 0xca, 0xda, 0xf3, 0x79, 0x6c, 0x5f, 0x0f, 0xe1, 0x77, 0xa3, 0x4c, 0xf5, 0xb7, 0x66, - 0x7f, 0xe5, 0xcf, 0x4f, 0x01, 0x00, 0x00, 0xff, 0xff, 0x1f, 0x0a, 0x20, 0xdc, 0xf0, 0x03, 0x00, - 0x00, + // 375 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x93, 0xcf, 0x6a, 0xea, 0x40, + 0x14, 0xc6, 0xef, 0x18, 0xaf, 0x9a, 0x13, 0x2e, 0x5c, 0xe6, 0x5e, 0xca, 0x10, 0x5c, 0x84, 0xac, + 0x42, 0x29, 0x11, 0xed, 0xa6, 0x75, 0xd1, 0x85, 0x50, 0x28, 0xae, 0x64, 0xec, 0xaa, 0x9b, 0x32, + 0xd5, 0x29, 0x8a, 0x89, 0x33, 0x4c, 0xa2, 0x36, 0x8f, 0xd5, 0x07, 0x28, 0x7d, 0xb5, 0x92, 0x49, + 0x46, 0x1b, 0x1a, 0x69, 0x4b, 0x77, 0xe7, 0x24, 0xdf, 0xf7, 0x3b, 0xff, 0x18, 0xf0, 0x63, 0x9e, + 0x2c, 0x7a, 0xdb, 0x3e, 0x8b, 0xe4, 0x82, 0xf5, 0x7b, 0x52, 0x89, 0xa7, 0xec, 0x3e, 0xe5, 0xb1, + 0x8c, 0x58, 0xca, 0x43, 0xa9, 0x44, 0x2a, 0x30, 0x5e, 0x6d, 0x62, 0x16, 0xe6, 0xc2, 0xd0, 0x08, + 0xdd, 0x6e, 0xd5, 0x97, 0xf0, 0x88, 0xcf, 0x52, 0xa1, 0x0a, 0x87, 0xff, 0x8c, 0xe0, 0xcf, 0x24, + 0x47, 0xdd, 0x96, 0x24, 0x3c, 0x04, 0xdb, 0x68, 0x12, 0x82, 0x3c, 0x2b, 0x70, 0x06, 0xdd, 0xf0, + 0x23, 0x37, 0x9c, 0x96, 0x22, 0x7a, 0x90, 0x63, 0x02, 0xed, 0x65, 0x2c, 0x85, 0x4a, 0x13, 0xd2, + 0xf0, 0xac, 0xc0, 0xa6, 0x26, 0xc5, 0x63, 0xb0, 0x15, 0x4f, 0xc4, 0x46, 0xcd, 0x78, 0x42, 0x2c, + 0x4d, 0x3d, 0xab, 0xa3, 0x56, 0x7a, 0xa1, 0x6c, 0x47, 0x4b, 0x13, 0x3d, 0xd8, 0xfd, 0x17, 0x04, + 0xff, 0x2a, 0xba, 0xa9, 0xfe, 0x81, 0x31, 0x34, 0xd7, 0x2c, 0xe6, 0x04, 0x79, 0x28, 0xb0, 0xa9, + 0x8e, 0xf1, 0x18, 0xda, 0x52, 0x89, 0xc7, 0x65, 0xc4, 0x49, 0xc3, 0x43, 0x81, 0x33, 0x08, 0x3f, + 0xad, 0x3a, 0x29, 0xf4, 0x05, 0xf4, 0xe6, 0x17, 0x35, 0x00, 0x7c, 0x05, 0x96, 0x62, 0x3b, 0x62, + 0x69, 0xce, 0xe9, 0x57, 0xba, 0xdf, 0x33, 0x72, 0xe3, 0xa8, 0x05, 0xcd, 0x34, 0x93, 0xdc, 0x7f, + 0x45, 0xe0, 0x1e, 0xaf, 0x58, 0x3b, 0x06, 0x85, 0x96, 0x64, 0x8a, 0xc5, 0xc5, 0x5e, 0x9d, 0xc1, + 0xf0, 0x7b, 0x53, 0x84, 0x13, 0x6d, 0xbe, 0x5e, 0xa7, 0x2a, 0xa3, 0x25, 0xc9, 0xbd, 0x04, 0xe7, + 0xdd, 0x67, 0xfc, 0x17, 0xac, 0x15, 0xcf, 0xca, 0xaa, 0x79, 0x88, 0xff, 0xc3, 0xef, 0x2d, 0x8b, + 0x36, 0xc5, 0xe6, 0x6c, 0x5a, 0x24, 0xc3, 0xc6, 0x05, 0xf2, 0xe7, 0x70, 0x52, 0x3f, 0x6a, 0xf5, + 0xce, 0xe8, 0x67, 0x77, 0x9e, 0x03, 0x39, 0x26, 0xab, 0x5d, 0x12, 0x81, 0xf6, 0x96, 0xab, 0x64, + 0x29, 0xd6, 0x65, 0xc7, 0x26, 0xc5, 0x2e, 0x74, 0x0c, 0x56, 0x9f, 0xcf, 0xa6, 0xfb, 0x7c, 0x04, + 0x77, 0x1d, 0xd3, 0xd5, 0x43, 0x4b, 0x3f, 0x8a, 0xf3, 0xb7, 0x00, 0x00, 0x00, 0xff, 0xff, 0x6b, + 0xa2, 0x35, 0xdf, 0x6c, 0x03, 0x00, 0x00, } diff --git a/api/mesh/v1alpha1/proxy_template.proto b/api/mesh/v1alpha1/proxy_template.proto index d33f1f64414c..9cf2f66fb0e6 100644 --- a/api/mesh/v1alpha1/proxy_template.proto +++ b/api/mesh/v1alpha1/proxy_template.proto @@ -4,17 +4,11 @@ package kuma.mesh.v1alpha1; option go_package = "v1alpha1"; +import "mesh/v1alpha1/selector.proto"; + // ProxyTemplate defines the desired state of ProxyTemplate message ProxyTemplate { - // Selector defines a tag-based selector of Dataplanes. - message Selector { - - // Match Dataplanes with the following key-value pairs. - // +optional - map match = 1; - } - // List of Dataplane selectors. // +optional repeated Selector selectors = 1; diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator.go b/pkg/core/resources/apis/mesh/proxytemplate_validator.go index 031e7c198f7d..1dd0154235b6 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator.go @@ -62,7 +62,7 @@ func validateResources(resources []*v1alpha1.ProxyTemplateRawResource) validator return verr } -func validateSelectors(selectors []*v1alpha1.ProxyTemplate_Selector) validators.ValidationError { +func validateSelectors(selectors []*v1alpha1.Selector) validators.ValidationError { var verr validators.ValidationError for i, selector := range selectors { if len(selector.Match) == 0 { diff --git a/pkg/xds/server/proxy_template_resolver_test.go b/pkg/xds/server/proxy_template_resolver_test.go index 5c0f44efe684..94d84d303f61 100644 --- a/pkg/xds/server/proxy_template_resolver_test.go +++ b/pkg/xds/server/proxy_template_resolver_test.go @@ -355,7 +355,7 @@ var _ = Describe("Reconcile", func() { Name: "last", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ {}, }, }, @@ -367,7 +367,7 @@ var _ = Describe("Reconcile", func() { Name: "first", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ {}, }, }, @@ -380,7 +380,7 @@ var _ = Describe("Reconcile", func() { Name: "first", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ {}, }, }, @@ -417,7 +417,7 @@ var _ = Describe("Reconcile", func() { Name: "last", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ { Match: map[string]string{ "app": "example", @@ -434,7 +434,7 @@ var _ = Describe("Reconcile", func() { Name: "first", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ { Match: map[string]string{ "app": "example", @@ -458,7 +458,7 @@ var _ = Describe("Reconcile", func() { Name: "first", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ { Match: map[string]string{ "app": "example", @@ -485,7 +485,7 @@ var _ = Describe("Reconcile", func() { Name: "last", }, Spec: mesh_proto.ProxyTemplate{ - Selectors: []*mesh_proto.ProxyTemplate_Selector{ + Selectors: []*mesh_proto.Selector{ { Match: map[string]string{ "app": "example", From a88dd54597257910076258862c2725d805e0a9c1 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Thu, 14 Nov 2019 12:56:19 +0100 Subject: [PATCH 6/7] reuse validate selectors --- .../apis/mesh/proxytemplate_validator.go | 22 ++------- .../apis/mesh/proxytemplate_validator_test.go | 16 ++++--- .../apis/mesh/traffic_log_validator.go | 4 +- .../apis/mesh/traffic_route_validator.go | 4 +- pkg/core/resources/apis/mesh/validators.go | 46 +++++++++++-------- 5 files changed, 47 insertions(+), 45 deletions(-) diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator.go b/pkg/core/resources/apis/mesh/proxytemplate_validator.go index 1dd0154235b6..182fa4cfdc1b 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator.go @@ -24,9 +24,9 @@ func init() { func (t *ProxyTemplateResource) Validate() error { var verr validators.ValidationError - verr.AddError("", validateImports(t.Spec.Imports)) - verr.AddError("", validateResources(t.Spec.Resources)) - verr.AddError("", validateSelectors(t.Spec.Selectors)) + verr.Add(validateImports(t.Spec.Imports)) + verr.Add(validateResources(t.Spec.Resources)) + verr.Add(validateSelectors(t.Spec.Selectors)) return verr.OrNil() } @@ -63,19 +63,5 @@ func validateResources(resources []*v1alpha1.ProxyTemplateRawResource) validator } func validateSelectors(selectors []*v1alpha1.Selector) validators.ValidationError { - var verr validators.ValidationError - for i, selector := range selectors { - if len(selector.Match) == 0 { - verr.AddViolationAt(validators.RootedAt("selectors").Index(i), "has to contain at least one tag") - } - for key, value := range selector.Match { - if key == "" { - verr.AddViolationAt(validators.RootedAt("selectors").Index(i).Key(key), "tag cannot be empty") - } - if value == "" { - verr.AddViolationAt(validators.RootedAt("selectors").Index(i).Key(key), "value of tag cannot be empty") - } - } - } - return verr + return ValidateSelectors(validators.RootedAt("selectors"), selectors, ValidateSelectorsOpts{}) } diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go index bd07b8c3250c..600ea098ad0d 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator_test.go @@ -123,8 +123,10 @@ var _ = Describe("ProxyTemplate", func() { - match:`, expected: ` violations: - - field: selectors[0] - message: has to contain at least one tag`, + - field: selectors[0].match + message: must have at least one tag + - field: selectors[0].match + message: mandatory tag "service" is missing`, }), Entry("empty tag", testCase{ proxyTemplate: ` @@ -133,8 +135,10 @@ var _ = Describe("ProxyTemplate", func() { "": asdf`, expected: ` violations: - - field: selectors[0][""] - message: tag cannot be empty`, + - field: selectors[0].match + message: tag key must be non-empty + - field: selectors[0].match + message: mandatory tag "service" is missing`, }), Entry("empty tag value", testCase{ proxyTemplate: ` @@ -143,8 +147,8 @@ var _ = Describe("ProxyTemplate", func() { service:`, expected: ` violations: - - field: 'selectors[0]["service"]' - message: value of tag cannot be empty`, + - field: 'selectors[0].match["service"]' + message: tag value must be non-empty`, }), Entry("validation error from envoy protobuf resource", testCase{ proxyTemplate: ` diff --git a/pkg/core/resources/apis/mesh/traffic_log_validator.go b/pkg/core/resources/apis/mesh/traffic_log_validator.go index 689dac387110..ed57ff135ac9 100644 --- a/pkg/core/resources/apis/mesh/traffic_log_validator.go +++ b/pkg/core/resources/apis/mesh/traffic_log_validator.go @@ -13,7 +13,9 @@ func (d *TrafficLogResource) Validate() error { } func (d *TrafficLogResource) validateSources() validators.ValidationError { - return ValidateSelectors(validators.RootedAt("sources"), d.Spec.Sources, ValidateSelectorOpts{}) + return ValidateSelectors(validators.RootedAt("sources"), d.Spec.Sources, ValidateSelectorsOpts{ + RequireAtLeastOneSelector: true, + }) } func (d *TrafficLogResource) validateDestinations() (err validators.ValidationError) { diff --git a/pkg/core/resources/apis/mesh/traffic_route_validator.go b/pkg/core/resources/apis/mesh/traffic_route_validator.go index c3802ba5021c..5e0929d34e9a 100644 --- a/pkg/core/resources/apis/mesh/traffic_route_validator.go +++ b/pkg/core/resources/apis/mesh/traffic_route_validator.go @@ -13,7 +13,9 @@ func (d *TrafficRouteResource) Validate() error { } func (d *TrafficRouteResource) validateSources() validators.ValidationError { - return ValidateSelectors(validators.RootedAt("sources"), d.Spec.Sources, ValidateSelectorOpts{}) + return ValidateSelectors(validators.RootedAt("sources"), d.Spec.Sources, ValidateSelectorsOpts{ + RequireAtLeastOneSelector: true, + }) } func (d *TrafficRouteResource) validateDestinations() (err validators.ValidationError) { diff --git a/pkg/core/resources/apis/mesh/validators.go b/pkg/core/resources/apis/mesh/validators.go index d4092529b69c..45dffc1b07f8 100644 --- a/pkg/core/resources/apis/mesh/validators.go +++ b/pkg/core/resources/apis/mesh/validators.go @@ -19,12 +19,17 @@ type ValidateSelectorOpts struct { ExtraTagValueValidators []TagValueValidatorFunc } -func ValidateSelectors(path validators.PathBuilder, sources []*mesh_proto.Selector, opts ValidateSelectorOpts) (err validators.ValidationError) { - if len(sources) == 0 { +type ValidateSelectorsOpts struct { + ValidateSelectorOpts + RequireAtLeastOneSelector bool +} + +func ValidateSelectors(path validators.PathBuilder, sources []*mesh_proto.Selector, opts ValidateSelectorsOpts) (err validators.ValidationError) { + if opts.RequireAtLeastOneSelector && len(sources) == 0 { err.AddViolationAt(path, "must have at least one element") } for i, selector := range sources { - err.Add(ValidateSelector(path.Index(i).Field("match"), selector.GetMatch(), opts)) + err.Add(ValidateSelector(path.Index(i).Field("match"), selector.GetMatch(), opts.ValidateSelectorOpts)) } return } @@ -58,23 +63,26 @@ func ValidateSelector(path validators.PathBuilder, selector map[string]string, o return } -var OnlyServiceTagAllowed = ValidateSelectorOpts{ - SkipRequireAtLeastOneTag: true, - ExtraSelectorValidators: []SelectorValidatorFunc{ - func(path validators.PathBuilder, selector map[string]string) (err validators.ValidationError) { - _, defined := selector[mesh_proto.ServiceTag] - if len(selector) != 1 || !defined { - err.AddViolationAt(path, fmt.Sprintf("must consist of exactly one tag %q", mesh_proto.ServiceTag)) - } - return +var OnlyServiceTagAllowed = ValidateSelectorsOpts{ + RequireAtLeastOneSelector: true, + ValidateSelectorOpts: ValidateSelectorOpts{ + SkipRequireAtLeastOneTag: true, + ExtraSelectorValidators: []SelectorValidatorFunc{ + func(path validators.PathBuilder, selector map[string]string) (err validators.ValidationError) { + _, defined := selector[mesh_proto.ServiceTag] + if len(selector) != 1 || !defined { + err.AddViolationAt(path, fmt.Sprintf("must consist of exactly one tag %q", mesh_proto.ServiceTag)) + } + return + }, }, - }, - ExtraTagKeyValidators: []TagKeyValidatorFunc{ - func(path validators.PathBuilder, key string) (err validators.ValidationError) { - if key != mesh_proto.ServiceTag { - err.AddViolationAt(path.Key(key), fmt.Sprintf("tag %q is not allowed", key)) - } - return + ExtraTagKeyValidators: []TagKeyValidatorFunc{ + func(path validators.PathBuilder, key string) (err validators.ValidationError) { + if key != mesh_proto.ServiceTag { + err.AddViolationAt(path.Key(key), fmt.Sprintf("tag %q is not allowed", key)) + } + return + }, }, }, } From 9eeaaa3de8c4b8e208e3aad08d37bea280edff43 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Thu, 14 Nov 2019 19:28:24 +0100 Subject: [PATCH 7/7] move constants profiles to api/mesh --- pkg/core/resources/apis/mesh/proxytemplate_profiles.go | 7 +++++++ pkg/core/resources/apis/mesh/proxytemplate_validator.go | 3 +-- pkg/xds/generator/proxy_template.go | 3 +-- pkg/xds/generator/proxy_template_profile_source_test.go | 8 +++----- pkg/xds/generator/proxy_template_test.go | 6 ++---- pkg/xds/template/proxy_template.go | 9 ++------- 6 files changed, 16 insertions(+), 20 deletions(-) create mode 100644 pkg/core/resources/apis/mesh/proxytemplate_profiles.go diff --git a/pkg/core/resources/apis/mesh/proxytemplate_profiles.go b/pkg/core/resources/apis/mesh/proxytemplate_profiles.go new file mode 100644 index 000000000000..2de76845dc8a --- /dev/null +++ b/pkg/core/resources/apis/mesh/proxytemplate_profiles.go @@ -0,0 +1,7 @@ +package mesh + +const ( + ProfileDefaultProxy = "default-proxy" +) + +var AvailableProfiles = []string{ProfileDefaultProxy} diff --git a/pkg/core/resources/apis/mesh/proxytemplate_validator.go b/pkg/core/resources/apis/mesh/proxytemplate_validator.go index 182fa4cfdc1b..f8a9abeb9add 100644 --- a/pkg/core/resources/apis/mesh/proxytemplate_validator.go +++ b/pkg/core/resources/apis/mesh/proxytemplate_validator.go @@ -5,7 +5,6 @@ import ( "github.com/Kong/kuma/api/mesh/v1alpha1" "github.com/Kong/kuma/pkg/core/validators" "github.com/Kong/kuma/pkg/util/envoy" - "github.com/Kong/kuma/pkg/xds/template" "strings" ) @@ -15,7 +14,7 @@ var availableProfilesMsg string func init() { profiles := []string{} availableProfiles = map[string]bool{} - for _, profile := range template.AvailableProfiles { + for _, profile := range AvailableProfiles { availableProfiles[profile] = true profiles = append(profiles, profile) } diff --git a/pkg/xds/generator/proxy_template.go b/pkg/xds/generator/proxy_template.go index 8284f17d6a0d..6a097a36594c 100644 --- a/pkg/xds/generator/proxy_template.go +++ b/pkg/xds/generator/proxy_template.go @@ -14,7 +14,6 @@ import ( util_envoy "github.com/Kong/kuma/pkg/util/envoy" xds_context "github.com/Kong/kuma/pkg/xds/context" "github.com/Kong/kuma/pkg/xds/envoy" - "github.com/Kong/kuma/pkg/xds/template" ) type TemplateProxyGenerator struct { @@ -68,7 +67,7 @@ func NewDefaultProxyProfile() ResourceGenerator { } func init() { - predefinedProfiles[template.ProfileDefaultProxy] = NewDefaultProxyProfile() + predefinedProfiles[mesh_core.ProfileDefaultProxy] = NewDefaultProxyProfile() } type ProxyTemplateProfileSource struct { diff --git a/pkg/xds/generator/proxy_template_profile_source_test.go b/pkg/xds/generator/proxy_template_profile_source_test.go index 2fb72a1901c6..6fd2233928ba 100644 --- a/pkg/xds/generator/proxy_template_profile_source_test.go +++ b/pkg/xds/generator/proxy_template_profile_source_test.go @@ -13,12 +13,10 @@ import ( "github.com/Kong/kuma/pkg/core/permissions" mesh_core "github.com/Kong/kuma/pkg/core/resources/apis/mesh" model "github.com/Kong/kuma/pkg/core/xds" + test_model "github.com/Kong/kuma/pkg/test/resources/model" util_proto "github.com/Kong/kuma/pkg/util/proto" xds_context "github.com/Kong/kuma/pkg/xds/context" "github.com/Kong/kuma/pkg/xds/generator" - "github.com/Kong/kuma/pkg/xds/template" - - test_model "github.com/Kong/kuma/pkg/test/resources/model" ) var _ = Describe("ProxyTemplateProfileSource", func() { @@ -101,7 +99,7 @@ var _ = Describe("ProxyTemplateProfileSource", func() { - interface: :54321 service: db `, - profile: template.ProfileDefaultProxy, + profile: mesh_core.ProfileDefaultProxy, envoyConfigFile: "1-envoy-config.golden.yaml", }), Entry("should support pre-defined `default-proxy` profile; transparent_proxying=true", testCase{ @@ -115,7 +113,7 @@ var _ = Describe("ProxyTemplateProfileSource", func() { transparentProxying: redirectPort: 15001 `, - profile: template.ProfileDefaultProxy, + profile: mesh_core.ProfileDefaultProxy, envoyConfigFile: "2-envoy-config.golden.yaml", }), ) diff --git a/pkg/xds/generator/proxy_template_test.go b/pkg/xds/generator/proxy_template_test.go index 43b9abb00710..d1d09fb97064 100644 --- a/pkg/xds/generator/proxy_template_test.go +++ b/pkg/xds/generator/proxy_template_test.go @@ -13,12 +13,10 @@ import ( mesh_proto "github.com/Kong/kuma/api/mesh/v1alpha1" mesh_core "github.com/Kong/kuma/pkg/core/resources/apis/mesh" model "github.com/Kong/kuma/pkg/core/xds" + test_model "github.com/Kong/kuma/pkg/test/resources/model" util_proto "github.com/Kong/kuma/pkg/util/proto" xds_context "github.com/Kong/kuma/pkg/xds/context" "github.com/Kong/kuma/pkg/xds/generator" - "github.com/Kong/kuma/pkg/xds/template" - - test_model "github.com/Kong/kuma/pkg/test/resources/model" ) var _ = Describe("TemplateProxyGenerator", func() { @@ -72,7 +70,7 @@ var _ = Describe("TemplateProxyGenerator", func() { }, template: &mesh_proto.ProxyTemplate{ Imports: []string{ - template.ProfileDefaultProxy, + mesh_core.ProfileDefaultProxy, }, Resources: []*mesh_proto.ProxyTemplateRawResource{{ Name: "raw-name", diff --git a/pkg/xds/template/proxy_template.go b/pkg/xds/template/proxy_template.go index 3a67976c4864..4b5191f29704 100644 --- a/pkg/xds/template/proxy_template.go +++ b/pkg/xds/template/proxy_template.go @@ -2,18 +2,13 @@ package template import ( kuma_mesh "github.com/Kong/kuma/api/mesh/v1alpha1" + core_mesh "github.com/Kong/kuma/pkg/core/resources/apis/mesh" ) -const ( - ProfileDefaultProxy = "default-proxy" -) - -var AvailableProfiles = []string{ProfileDefaultProxy} - var ( DefaultProxyTemplate = &kuma_mesh.ProxyTemplate{ Imports: []string{ - ProfileDefaultProxy, + core_mesh.ProfileDefaultProxy, }, } )