Skip to content

Commit af0a811

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #191 from mengqiy/validatewebhook
validate webhook options after parsing
2 parents 8dbc9e1 + 6570ef5 commit af0a811

File tree

1 file changed

+33
-0
lines changed

1 file changed

+33
-0
lines changed

pkg/webhook/generator.go

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@ package webhook
1818

1919
import (
2020
"errors"
21+
"fmt"
22+
"log"
2123
"net"
2224
"net/url"
2325
"path"
@@ -100,11 +102,42 @@ func (o *generatorOptions) setDefaults() {
100102
}
101103
}
102104

105+
func (o *generatorOptions) validate() error {
106+
if o.port <= 0 {
107+
return fmt.Errorf("port should be set with marker %q and greater than 0", "+kubebuilder:webhook:port=<portNum>")
108+
}
109+
if len(o.certDir) == 0 {
110+
return fmt.Errorf("certDir should be set with marker %q and non-empty", "+kubebuilder:webhook:cert-dir=<path>")
111+
}
112+
if len(o.mutatingWebhookConfigName) == 0 {
113+
return fmt.Errorf("mutatingWebhookConfigName should be set with marker %q and non-empty", "+kubebuilder:webhook:mutating-webhook-config-name=<name>")
114+
}
115+
if len(o.validatingWebhookConfigName) == 0 {
116+
return fmt.Errorf("validatingWebhookConfigName should be set with marker %q and non-empty", "+kubebuilder:webhook:validating-webhook-config-name=<name>")
117+
}
118+
if o.host == nil && o.service == nil {
119+
return fmt.Errorf("you should either set host with marker %q or set service with %q",
120+
"+kubebuilder:webhook:host=<path>",
121+
"+kubebuilder:webhook:service=<namespace>:<name>,selector=<selectorKey>:<selectorValue>")
122+
}
123+
if o.service != nil && (len(o.service.name) == 0 || len(o.service.namespace) == 0 || len(o.service.selectors) == 0) {
124+
return fmt.Errorf("service should be set with marker %q",
125+
"+kubebuilder:webhook:service=<namespace>:<name>,selector=<selectorKey>:<selectorValue>")
126+
}
127+
if o.secret == nil {
128+
log.Printf("it is recommended to use secret to host the certificate")
129+
}
130+
return nil
131+
}
132+
103133
// Generate creates the AdmissionWebhookConfiguration objects and Service if any.
104134
// It also provisions the certificate for the admission server.
105135
func (o *generatorOptions) Generate() ([]runtime.Object, error) {
106136
// do defaulting if necessary
107137
o.setDefaults()
138+
if err := o.validate(); err != nil {
139+
return nil, err
140+
}
108141

109142
webhookConfigurations, err := o.whConfigs()
110143
if err != nil {

0 commit comments

Comments
 (0)