From f2786b6171eb71f24540f47d6a79c4fc4246125a Mon Sep 17 00:00:00 2001 From: Jian Qiu Date: Fri, 16 Apr 2021 11:25:46 +0800 Subject: [PATCH] Add validation for apis Signed-off-by: Jian Qiu --- ...-management.io_clustermanagementaddons.crd.yaml | 2 ++ addon/v1alpha1/types_clustermanagementaddon.go | 1 + ...-cluster-management.io_managedclusters.crd.yaml | 5 +++++ cluster/v1/types.go | 4 ++++ ...uster-management.io_managedclustersets.crd.yaml | 2 ++ ...anagement.io_managedclustersetbindings.crd.yaml | 4 ++++ ...en-cluster-management.io_clusterclaims.crd.yaml | 4 ++++ ...en-cluster-management.io_clusterclaims.crd.yaml | 4 ++++ cluster/v1alpha1/types.go | 14 ++++++++++++-- ...open-cluster-management.io_klusterlets.crd.yaml | 6 ++++++ ...-cluster-management.io_clustermanagers.crd.yaml | 2 ++ ...open-cluster-management.io_klusterlets.crd.yaml | 6 ++++++ operator/v1/types.go | 10 +++++++++- ...en-cluster-management.io_manifestworks.crd.yaml | 5 +++++ ...ter-management.io_appliedmanifestworks.crd.yaml | 5 +++++ ...ter-management.io_appliedmanifestworks.crd.yaml | 5 +++++ work/v1/types.go | 10 +++++++++- 17 files changed, 85 insertions(+), 4 deletions(-) diff --git a/addon/v1alpha1/0000_00_addon.open-cluster-management.io_clustermanagementaddons.crd.yaml b/addon/v1alpha1/0000_00_addon.open-cluster-management.io_clustermanagementaddons.crd.yaml index 96ff13c4a..35d89cfc4 100644 --- a/addon/v1alpha1/0000_00_addon.open-cluster-management.io_clustermanagementaddons.crd.yaml +++ b/addon/v1alpha1/0000_00_addon.open-cluster-management.io_clustermanagementaddons.crd.yaml @@ -30,6 +30,8 @@ spec: ManagedClusterAddOn resource. ClusterManagementAddOn is a cluster-scoped resource. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/addon/v1alpha1/types_clustermanagementaddon.go b/addon/v1alpha1/types_clustermanagementaddon.go index 44147b61f..75f5462c6 100644 --- a/addon/v1alpha1/types_clustermanagementaddon.go +++ b/addon/v1alpha1/types_clustermanagementaddon.go @@ -23,6 +23,7 @@ type ClusterManagementAddOn struct { metav1.ObjectMeta `json:"metadata,omitempty"` // spec represents a desired configuration for the agent on the cluster management add-on. + // +kubebuilder:validation:Required // +required Spec ClusterManagementAddOnSpec `json:"spec"` diff --git a/cluster/v1/0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml b/cluster/v1/0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml index b2ce74cf0..bc2613d6c 100644 --- a/cluster/v1/0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml +++ b/cluster/v1/0000_00_clusters.open-cluster-management.io_managedclusters.crd.yaml @@ -43,6 +43,8 @@ spec: on the ManagedCluster pushes the credential to the hub to use against the kube-apiserver of the ManagedCluster." type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -60,6 +62,8 @@ spec: description: Spec represents a desired configuration for the agent on the managed cluster. type: object + required: + - hubAcceptsClient properties: hubAcceptsClient: description: hubAcceptsClient represents that hub accepts the joining @@ -80,6 +84,7 @@ spec: 60 seconds by default type: integer format: int32 + default: 60 managedClusterClientConfigs: description: ManagedClusterClientConfigs represents a list of the apiserver address of the managed cluster. If it is empty, the managed diff --git a/cluster/v1/types.go b/cluster/v1/types.go index 1c6acaeed..f656a4eee 100644 --- a/cluster/v1/types.go +++ b/cluster/v1/types.go @@ -35,6 +35,8 @@ type ManagedCluster struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec represents a desired configuration for the agent on the managed cluster. + // +kubebuilder:validation:Required + // +required Spec ManagedClusterSpec `json:"spec"` // Status represents the current status of joined managed cluster @@ -59,11 +61,13 @@ type ManagedClusterSpec struct { // the namespace to grant the permision of access from the agent on the managed cluster. // When the value is set to false, the namespace representing the managed cluster is // deleted. + // +kubebuilder:validation:Required // +required HubAcceptsClient bool `json:"hubAcceptsClient"` // LeaseDurationSeconds is used to coordinate the lease update time of Klusterlet agents on the managed cluster. // If its value is zero, the Klusterlet agent will update its lease every 60 seconds by default + // +kubebuilder:default:=60 // +optional LeaseDurationSeconds int32 `json:"leaseDurationSeconds,omitempty"` } diff --git a/cluster/v1alpha1/0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml b/cluster/v1alpha1/0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml index e38178678..0ae4d794d 100644 --- a/cluster/v1alpha1/0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml +++ b/cluster/v1alpha1/0000_00_clusters.open-cluster-management.io_managedclustersets.crd.yaml @@ -28,6 +28,8 @@ spec: to update this label, user must have the permission on both the old and new ManagedClusterSet." type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/cluster/v1alpha1/0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml b/cluster/v1alpha1/0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml index 8a532f4e0..2f0f2261b 100644 --- a/cluster/v1alpha1/0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml +++ b/cluster/v1alpha1/0000_01_clusters.open-cluster-management.io_managedclustersetbindings.crd.yaml @@ -22,6 +22,8 @@ spec: created in the same namespace can only be distributed to ManagedClusters in ManagedClusterSets bound in this namespace by higher level controllers. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -38,6 +40,8 @@ spec: spec: description: Spec defines the attributes of ManagedClusterSetBinding. type: object + required: + - clusterSet properties: clusterSet: description: ClusterSet is the name of the ManagedClusterSet to bind. diff --git a/cluster/v1alpha1/0000_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml b/cluster/v1alpha1/0000_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml index 11fa847a4..c9eb9da26 100644 --- a/cluster/v1alpha1/0000_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml +++ b/cluster/v1alpha1/0000_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml @@ -21,6 +21,8 @@ spec: an identifier that relates the cluster to the ClusterSet in which it belongs. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -37,6 +39,8 @@ spec: spec: description: Spec defines the attributes of the ClusterClaim. type: object + required: + - value properties: value: description: Value is a claim-dependent string diff --git a/cluster/v1alpha1/0001_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml b/cluster/v1alpha1/0001_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml index 4ab960857..5579f2591 100644 --- a/cluster/v1alpha1/0001_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml +++ b/cluster/v1alpha1/0001_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml @@ -18,6 +18,8 @@ spec: a unique identifier for the cluster. 2. clusterset.k8s.io, it contains an identifier that relates the cluster to the ClusterSet in which it belongs. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -34,6 +36,8 @@ spec: spec: description: Spec defines the attributes of the ClusterClaim. type: object + required: + - value properties: value: description: Value is a claim-dependent string diff --git a/cluster/v1alpha1/types.go b/cluster/v1alpha1/types.go index bf89c9941..c5becba63 100644 --- a/cluster/v1alpha1/types.go +++ b/cluster/v1alpha1/types.go @@ -26,6 +26,8 @@ type ManagedClusterSet struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec defines the attributes of the ManagedClusterSet + // +kubebuilder:validation:Required + // +required Spec ManagedClusterSetSpec `json:"spec"` // Status represents the current status of the ManagedClusterSet @@ -78,6 +80,8 @@ type ManagedClusterSetBinding struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec defines the attributes of ManagedClusterSetBinding. + // +kubebuilder:validation:Required + // +required Spec ManagedClusterSetBindingSpec `json:"spec"` } @@ -88,6 +92,8 @@ type ManagedClusterSetBindingSpec struct { // User is allowed to set this field if they have an RBAC rule to CREATE on the // virtual subresource of managedclustersets/bind. // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:Required + // +required ClusterSet string `json:"clusterSet"` } @@ -120,14 +126,18 @@ type ClusterClaim struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec defines the attributes of the ClusterClaim. - Spec ClusterClaimSpec `json:"spec,omitempty"` + // +kubebuilder:validation:Required + // +required + Spec ClusterClaimSpec `json:"spec"` } type ClusterClaimSpec struct { // Value is a claim-dependent string // +kubebuilder:validation:MaxLength=1024 // +kubebuilder:validation:MinLength=1 - Value string `json:"value,omitempty"` + // +kubebuilder:validation:Required + // +required + Value string `json:"value"` } // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml index 09f76b63e..3f9e6fa95 100644 --- a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -20,6 +20,8 @@ spec: in the same namespace to allow API requests to the hub for the registration protocol. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -43,6 +45,8 @@ spec: created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. type: string + maxLength: 63 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ externalServerURLs: description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, @@ -70,6 +74,8 @@ spec: set, the namespace of "open-cluster-management-agent" is used to deploy agent. type: string + maxLength: 63 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image configuration of registration agent. diff --git a/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml b/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml index eba39a2f6..69a943967 100644 --- a/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml +++ b/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml @@ -19,6 +19,8 @@ spec: registration and work distribution for attached Klusterlets. ClusterManager will only be deployed in open-cluster-management-hub namespace. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation diff --git a/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml index aa6bf88c7..f060016ae 100644 --- a/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -20,6 +20,8 @@ spec: in the same namespace to allow API requests to the hub for the registration protocol. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -43,6 +45,8 @@ spec: on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. type: string + maxLength: 63 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ externalServerURLs: description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed @@ -68,6 +72,8 @@ spec: set, the namespace of "open-cluster-management-agent" is used to deploy agent. type: string + maxLength: 63 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image configuration of registration agent. diff --git a/operator/v1/types.go b/operator/v1/types.go index e12f7f875..6ecdec525 100644 --- a/operator/v1/types.go +++ b/operator/v1/types.go @@ -17,6 +17,8 @@ type ClusterManager struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets. + // +kubebuilder:validation:Required + // +required Spec ClusterManagerSpec `json:"spec"` // Status represents the current status of controllers that govern the lifecycle of managed clusters. @@ -138,7 +140,9 @@ type Klusterlet struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec represents the desired deployment configuration of Klusterlet agent. - Spec KlusterletSpec `json:"spec,omitempty"` + // +kubebuilder:validation:Required + // +required + Spec KlusterletSpec `json:"spec"` // Status represents the current status of Klusterlet agent. Status KlusterletStatus `json:"status,omitempty"` @@ -150,6 +154,8 @@ type KlusterletSpec struct { // The namespace must have a prefix of "open-cluster-management-", and if it is not set, // the namespace of "open-cluster-management-agent" is used to deploy agent. // +optional + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:Pattern=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ Namespace string `json:"namespace,omitempty"` // RegistrationImagePullSpec represents the desired image configuration of registration agent. @@ -163,6 +169,8 @@ type KlusterletSpec struct { // ClusterName is the name of the managed cluster to be created on hub. // The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. // +optional + // +kubebuilder:validation:MaxLength=63 + // +kubebuilder:validation:Pattern=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ ClusterName string `json:"clusterName,omitempty"` // ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally diff --git a/work/v1/0000_00_work.open-cluster-management.io_manifestworks.crd.yaml b/work/v1/0000_00_work.open-cluster-management.io_manifestworks.crd.yaml index 665c87c5c..e21daed16 100644 --- a/work/v1/0000_00_work.open-cluster-management.io_manifestworks.crd.yaml +++ b/work/v1/0000_00_work.open-cluster-management.io_manifestworks.crd.yaml @@ -21,6 +21,8 @@ spec: on the hub, so that agent on the corresponding managed cluster can access this resource and deploy on the managed cluster. type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -155,6 +157,9 @@ spec: description: ManifestCondition represents the conditions of the resources deployed on a managed cluster. type: object + required: + - conditions + - resourceMeta properties: conditions: description: Conditions represents the conditions of this diff --git a/work/v1/0000_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml b/work/v1/0000_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml index be11642f6..05ec688e9 100644 --- a/work/v1/0000_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml +++ b/work/v1/0000_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml @@ -23,6 +23,8 @@ spec: agent. The name of the appliedmanifestwork must be in the format of {hash of hub's first kube-apiserver url}-{manifestwork name} type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -39,6 +41,9 @@ spec: spec: description: Spec represents the desired configuration of AppliedManifestWork. type: object + required: + - hubHash + - manifestWorkName properties: hubHash: description: HubHash represents the hash of the first hub kube apiserver diff --git a/work/v1/0001_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml b/work/v1/0001_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml index c42b3f33d..05a6b0752 100644 --- a/work/v1/0001_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml +++ b/work/v1/0001_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml @@ -24,6 +24,8 @@ spec: The name of the appliedmanifestwork must be in the format of {hash of hub's first kube-apiserver url}-{manifestwork name} type: object + required: + - spec properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -40,6 +42,9 @@ spec: spec: description: Spec represents the desired configuration of AppliedManifestWork. type: object + required: + - hubHash + - manifestWorkName properties: hubHash: description: HubHash represents the hash of the first hub kube apiserver diff --git a/work/v1/types.go b/work/v1/types.go index 74ebb2d7c..e3c049839 100644 --- a/work/v1/types.go +++ b/work/v1/types.go @@ -19,6 +19,8 @@ type ManifestWork struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec represents a desired configuration of work to be deployed on the managed cluster. + // +kubebuilder:validation:Required + // +required Spec ManifestWorkSpec `json:"spec"` // Status represents the current status of work. @@ -157,10 +159,12 @@ const ( // managed cluster. type ManifestCondition struct { // ResourceMeta represents the group, version, kind, name and namespace of a resoure. + // +kubebuilder:validation:Required // +required ResourceMeta ManifestResourceMeta `json:"resourceMeta"` // Conditions represents the conditions of this resource on a managed cluster. + // +kubebuilder:validation:Required // +required Conditions []metav1.Condition `json:"conditions"` } @@ -214,7 +218,9 @@ type AppliedManifestWork struct { metav1.ObjectMeta `json:"metadata,omitempty"` // Spec represents the desired configuration of AppliedManifestWork. - Spec AppliedManifestWorkSpec `json:"spec,omitempty"` + // +kubebuilder:validation:Required + // +required + Spec AppliedManifestWorkSpec `json:"spec"` // Status represents the current status of AppliedManifestWork. // +optional @@ -225,10 +231,12 @@ type AppliedManifestWork struct { type AppliedManifestWorkSpec struct { // HubHash represents the hash of the first hub kube apiserver to identify which hub // this AppliedManifestWork links to. + // +kubebuilder:validation:Required // +required HubHash string `json:"hubHash"` // ManifestWorkName represents the name of the related manifestwork on the hub. + // +kubebuilder:validation:Required // +required ManifestWorkName string `json:"manifestWorkName"` }