WIP: Adding CRD validation #888
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -37,6 +37,9 @@ const ( | |
| // GitRepositorySpec defines the desired state of a Git repository. | ||
| type GitRepositorySpec struct { | ||
| // The repository URL, can be a HTTP/S or SSH address. | ||
|
|
||
| // +kubebuilder:validation:MinLength=1 | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||
| // +required | ||
| URL string `json:"url"` | ||
|
|
@@ -70,6 +73,8 @@ type GitRepositorySpec struct { | |
| // Ignore overrides the set of excluded patterns in the .sourceignore format | ||
| // (which is the same as .gitignore). If not provided, a default will be used, | ||
| // consult the documentation for your version to find out what those are. | ||
| // +kubebuilder:validation:MaxLength=63 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| Ignore *string `json:"ignore,omitempty"` | ||
|
|
||
|
|
@@ -115,29 +120,41 @@ type GitRepositoryInclude struct { | |
| GitRepositoryRef meta.LocalObjectReference `json:"repository"` | ||
|
|
||
| // The path to copy contents from, defaults to the root directory. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| FromPath string `json:"fromPath"` | ||
|
|
||
| // The path to copy contents to, defaults to the name of the source ref. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| ToPath string `json:"toPath"` | ||
| } | ||
|
|
||
| // GitRepositoryRef defines the Git ref used for pull and checkout operations. | ||
| type GitRepositoryRef struct { | ||
| // The Git branch to checkout, defaults to master. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^[\-._a-zA-Z0-9]+$` | ||
| // +optional | ||
| Branch string `json:"branch,omitempty"` | ||
|
|
||
| // The Git tag to checkout, takes precedence over Branch. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^[\-._0-9]+$` | ||
| // +optional | ||
| Tag string `json:"tag,omitempty"` | ||
|
|
||
| // The Git tag semver expression, takes precedence over Tag. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^[\-._0-9]+$` | ||
|
There was a problem hiding this comment. A semver expression usually contains special characters and alpha numeric ones, see https://github.com/Masterminds/semver |
||
| // +optional | ||
| SemVer string `json:"semver,omitempty"` | ||
|
|
||
| // The Git commit SHA to checkout, if specified Tag filters will be ignored. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ | ||
| // +optional | ||
| Commit string `json:"commit,omitempty"` | ||
| } | ||
|
|
@@ -164,6 +181,8 @@ type GitRepositoryStatus struct { | |
|
|
||
| // URL is the download link for the artifact output of the last repository | ||
| // sync. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||
| // +optional | ||
| URL string `json:"url,omitempty"` | ||
|
|
||
|
|
@@ -279,6 +298,7 @@ type GitRepository struct { | |
| metav1.TypeMeta `json:",inline"` | ||
| metav1.ObjectMeta `json:"metadata,omitempty"` | ||
|
|
||
| // +kubebuilder:validation:required | ||
| Spec GitRepositorySpec `json:"spec,omitempty"` | ||
| // +kubebuilder:default={"observedGeneration":-1} | ||
| Status GitRepositoryStatus `json:"status,omitempty"` | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -35,6 +35,9 @@ const ( | |
| // HelmRepositorySpec defines the reference to a Helm repository. | ||
| type HelmRepositorySpec struct { | ||
| // The Helm repository URL, a valid URL contains at least a protocol and host. | ||
| // +kubebuilder:validation:MinLength=1 | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||
| // +required | ||
| URL string `json:"url"` | ||
|
|
||
|
|
@@ -85,6 +88,8 @@ type HelmRepositoryStatus struct { | |
| Conditions []metav1.Condition `json:"conditions,omitempty"` | ||
|
|
||
| // URL is the download link for the last index fetched. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||
| // +optional | ||
| URL string `json:"url,omitempty"` | ||
|
|
||
|
|
@@ -195,6 +200,7 @@ type HelmRepository struct { | |
| metav1.TypeMeta `json:",inline"` | ||
| metav1.ObjectMeta `json:"metadata,omitempty"` | ||
|
|
||
| // +kubebuilder:validation:required | ||
| Spec HelmRepositorySpec `json:"spec,omitempty"` | ||
| // +kubebuilder:default={"observedGeneration":-1} | ||
| Status HelmRepositoryStatus `json:"status,omitempty"` | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -28,21 +28,31 @@ type Artifact struct { | |
| // Path is the relative file path of the Artifact. It can be used to locate | ||
| // the file in the root of the Artifact storage on the local file system of | ||
| // the controller managing the Source. | ||
| // +kubebuilder:validation:MinLength=1 | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +required | ||
| Path string `json:"path"` | ||
|
|
||
| // URL is the HTTP address of the Artifact as exposed by the controller | ||
| // managing the Source. It can be used to retrieve the Artifact for | ||
| // consumption, e.g. by another controller applying the Artifact contents. | ||
| // +kubebuilder:validation:MinLength=1 | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||
| // +required | ||
| URL string `json:"url"` | ||
|
|
||
| // Revision is a human-readable identifier traceable in the origin source | ||
| // system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. | ||
| // +kubebuilder:validation:MaxLength=63 | ||
|
There was a problem hiding this comment. This breaks Flux, we use SHA256 for OCI and for Git we append the brach name to the Git SHA. |
||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| Revision string `json:"revision"` | ||
|
|
||
| // Checksum is the SHA256 checksum of the Artifact file. | ||
| // +kubebuilder:validation:MaxLength=250 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| Checksum string `json:"checksum"` | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -57,10 +57,16 @@ type BucketSpec struct { | |
| Provider string `json:"provider,omitempty"` | ||
|
|
||
| // BucketName is the name of the object storage bucket. | ||
| // +kubebuilder:validation:MinLength=1 | ||
| // +kubebuilder:validation:MaxLength=63 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +required | ||
| BucketName string `json:"bucketName"` | ||
|
|
||
| // Endpoint is the object storage address the BucketName is located at. | ||
| // +kubebuilder:validation:MinLength=1 | ||
| // +kubebuilder:validation:MaxLength=250 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +required | ||
| Endpoint string `json:"endpoint"` | ||
|
|
||
|
|
@@ -69,6 +75,8 @@ type BucketSpec struct { | |
| Insecure bool `json:"insecure,omitempty"` | ||
|
|
||
| // Region of the Endpoint where the BucketName is located in. | ||
| // +kubebuilder:validation:MaxLength=63 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| Region string `json:"region,omitempty"` | ||
|
|
||
|
|
@@ -89,6 +97,8 @@ type BucketSpec struct { | |
| // Ignore overrides the set of excluded patterns in the .sourceignore format | ||
| // (which is the same as .gitignore). If not provided, a default will be used, | ||
| // consult the documentation for your version to find out what those are. | ||
| // +kubebuilder:validation:MaxLength=63 | ||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||
| // +optional | ||
| Ignore *string `json:"ignore,omitempty"` | ||
|
|
||
|
|
@@ -117,6 +127,8 @@ type BucketStatus struct { | |
| // URL is the dynamic fetch link for the latest Artifact. | ||
| // It is provided on a "best effort" basis, and using the precise | ||
| // BucketStatus.Artifact data is recommended. | ||
| // +kubebuilder:validation:MaxLength=253 | ||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||
| // +optional | ||
| URL string `json:"url,omitempty"` | ||
|
|
||
|
|
@@ -172,6 +184,7 @@ type Bucket struct { | |
| metav1.TypeMeta `json:",inline"` | ||
| metav1.ObjectMeta `json:"metadata,omitempty"` | ||
|
|
||
| // +kubebuilder:validation:required | ||
| Spec BucketSpec `json:"spec,omitempty"` | ||
| // +kubebuilder:default={"observedGeneration":-1} | ||
| Status BucketStatus `json:"status,omitempty"` | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -48,6 +48,8 @@ const ( | |||||
| // Artifact for a Git repository. | ||||||
| type GitRepositorySpec struct { | ||||||
| // URL specifies the Git repository URL, it can be an HTTP/S or SSH address. | ||||||
| // +kubebuilder:validation:MinLength=1 | ||||||
| // +kubebuilder:validation:MaxLength=253 | ||||||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||||||
| // +required | ||||||
| URL string `json:"url"` | ||||||
|
|
@@ -83,6 +85,8 @@ type GitRepositorySpec struct { | |||||
| // Ignore overrides the set of excluded patterns in the .sourceignore format | ||||||
| // (which is the same as .gitignore). If not provided, a default will be used, | ||||||
| // consult the documentation for your version to find out what those are. | ||||||
| // +kubebuilder:validation:MaxLength=253 | ||||||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||||||
| // +optional | ||||||
| Ignore *string `json:"ignore,omitempty"` | ||||||
|
|
||||||
|
|
@@ -124,11 +128,15 @@ type GitRepositoryInclude struct { | |||||
|
|
||||||
| // FromPath specifies the path to copy contents from, defaults to the root | ||||||
| // of the Artifact. | ||||||
| // +kubebuilder:validation:MaxLength=253 | ||||||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||||||
| // +optional | ||||||
| FromPath string `json:"fromPath"` | ||||||
|
|
||||||
| // ToPath specifies the path to copy contents to, defaults to the name of | ||||||
| // the GitRepositoryRef. | ||||||
| // +kubebuilder:validation:MaxLength=253 | ||||||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||||||
| // +optional | ||||||
| ToPath string `json:"toPath"` | ||||||
| } | ||||||
|
|
@@ -153,14 +161,20 @@ type GitRepositoryRef struct { | |||||
| // | ||||||
| // When GitRepositorySpec.GitImplementation is set to 'go-git', a shallow | ||||||
| // clone of the specified branch is performed. | ||||||
| // +kubebuilder:validation:MaxLength=63 | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||||||
| // +optional | ||||||
| Branch string `json:"branch,omitempty"` | ||||||
|
|
||||||
| // Tag to check out, takes precedence over Branch. | ||||||
| // +kubebuilder:validation:MaxLength=253 | ||||||
| // +kubebuilder:validation:Pattern=`^[\-._0-9]+$` | ||||||
| // +optional | ||||||
| Tag string `json:"tag,omitempty"` | ||||||
|
|
||||||
| // SemVer tag expression to check out, takes precedence over Tag. | ||||||
| // +kubebuilder:validation:MaxLength=63 | ||||||
| // +kubebuilder:validation:Pattern=`^[\-._0-9]+$` | ||||||
| // +optional | ||||||
| SemVer string `json:"semver,omitempty"` | ||||||
|
|
||||||
|
|
@@ -169,6 +183,8 @@ type GitRepositoryRef struct { | |||||
| // When GitRepositorySpec.GitImplementation is set to 'go-git', this can be | ||||||
| // combined with Branch to shallow clone the branch, in which the commit is | ||||||
| // expected to exist. | ||||||
| // +kubebuilder:validation:MaxLength=250 | ||||||
| // +kubebuilder:validation:Pattern=`^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$` | ||||||
| // +optional | ||||||
| Commit string `json:"commit,omitempty"` | ||||||
| } | ||||||
|
|
@@ -199,6 +215,8 @@ type GitRepositoryStatus struct { | |||||
| // URL is the dynamic fetch link for the latest Artifact. | ||||||
| // It is provided on a "best effort" basis, and using the precise | ||||||
| // GitRepositoryStatus.Artifact data is recommended. | ||||||
| // +kubebuilder:validation:MaxLength=253 | ||||||
| // +kubebuilder:validation:Pattern="^(http|https|ssh)://.*$" | ||||||
| // +optional | ||||||
| URL string `json:"url,omitempty"` | ||||||
|
|
||||||
|
|
@@ -274,6 +292,7 @@ type GitRepository struct { | |||||
| metav1.TypeMeta `json:",inline"` | ||||||
| metav1.ObjectMeta `json:"metadata,omitempty"` | ||||||
|
|
||||||
| // +kubebuilder:validation:required | ||||||
| Spec GitRepositorySpec `json:"spec,omitempty"` | ||||||
| // +kubebuilder:default={"observedGeneration":-1} | ||||||
| Status GitRepositoryStatus `json:"status,omitempty"` | ||||||
|
|
||||||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The ignore field can have thousands of lines with special characters and UTF8, think of file paths written in Chinese.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, Should the validation be removed from this
Igonore?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The validation pattern yes, the max length should be less than etcd entry max size (1MB).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would that be 5000? (<5120)