From 7f344bbba6410d837e3f2ccc1bef2dc93cb9ff3b Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Fri, 21 Jun 2024 16:02:17 +0200 Subject: [PATCH] Validate spec.storageRequest via validation webhook Notify the enduser if the configured DB storageRequest is too low for production use. It is not blocking to allow lower settings for test/ci systems. The output would be like: $ oc apply -n openstack -f core_v1beta1_openstackcontrolplane_galera_network_isolation_3replicas.yaml Warning: spec.galera.template[openstack-cell1].storageRequest: 1G is not appropriate for production! For production use at least 5G! Warning: spec.galera.template[openstack].storageRequest: 500M is not appropriate for production! For production use at least 5G! Depends-On: https://github.com/openstack-k8s-operators/lib-common/pull/522 Signed-off-by: Martin Schuppert --- api/go.mod | 2 ++ api/go.sum | 4 ++-- api/v1beta1/galera_types.go | 2 ++ api/v1beta1/galera_webhook.go | 42 +++++++++++++++++++++++++++++++++-- go.mod | 2 ++ go.sum | 4 ++-- 6 files changed, 50 insertions(+), 6 deletions(-) diff --git a/api/go.mod b/api/go.mod index 4b56cafb..32884551 100644 --- a/api/go.mod +++ b/api/go.mod @@ -74,3 +74,5 @@ require ( sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20240624123550-13c4ff7caf62 diff --git a/api/go.sum b/api/go.sum index 0376271e..94dff274 100644 --- a/api/go.sum +++ b/api/go.sum @@ -83,8 +83,6 @@ github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/openshift/api v3.9.0+incompatible h1:fJ/KsefYuZAjmrr3+5U9yZIZbTOpVkDDLDLFresAeYs= github.com/openshift/api v3.9.0+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY= -github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240621144804-4b3c1fd10960 h1:9UpWmnaLZeN237m9YIHy6KxsSV3yPatNXryW2qabVKs= -github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240621144804-4b3c1fd10960/go.mod h1:k9KuWN2LBtLbKHgcyh/0lrwk3Kr0cOAhiR3hi/mrwOQ= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -110,6 +108,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stuggi/lib-common/modules/common v0.0.0-20240624123550-13c4ff7caf62 h1:MXrFgYuYtR1kSX3zsx3xyQlgJUv12k6HIZJMiwyMU+4= +github.com/stuggi/lib-common/modules/common v0.0.0-20240624123550-13c4ff7caf62/go.mod h1:k9KuWN2LBtLbKHgcyh/0lrwk3Kr0cOAhiR3hi/mrwOQ= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= diff --git a/api/v1beta1/galera_types.go b/api/v1beta1/galera_types.go index f752ee9d..a1ca6054 100644 --- a/api/v1beta1/galera_types.go +++ b/api/v1beta1/galera_types.go @@ -29,6 +29,8 @@ const ( // GaleraContainerImage is the fall-back container image for Galera GaleraContainerImage = "quay.io/podified-antelope-centos9/openstack-mariadb:current-podified" + + storageRequestProdMin = "5G" ) // AdoptionRedirectSpec defines redirection to a different DB instance during Adoption diff --git a/api/v1beta1/galera_webhook.go b/api/v1beta1/galera_webhook.go index 1d722887..ed3706bb 100644 --- a/api/v1beta1/galera_webhook.go +++ b/api/v1beta1/galera_webhook.go @@ -17,11 +17,15 @@ limitations under the License. package v1beta1 import ( + apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/validation/field" ctrl "sigs.k8s.io/controller-runtime" logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/webhook" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" + + common_webhook "github.com/openstack-k8s-operators/lib-common/modules/common/webhook" ) // log is for logging in this package. @@ -75,8 +79,42 @@ var _ webhook.Validator = &Galera{} func (r *Galera) ValidateCreate() (admission.Warnings, error) { galeralog.Info("validate create", "name", r.Name) - // TODO(user): fill in your validation logic upon object creation. - return nil, nil + allErrs := field.ErrorList{} + allWarn := []string{} + basePath := field.NewPath("spec") + + warn, err := r.Spec.ValidateCreate(basePath) + + if err != nil { + allErrs = append(allErrs, err...) + } + + if len(warn) != 0 { + allWarn = append(allWarn, warn...) + } + + if len(allErrs) != 0 { + return allWarn, apierrors.NewInvalid(GroupVersion.WithKind("Galera").GroupKind(), r.Name, allErrs) + } + + return allWarn, nil +} + +// ValidateCreate - Exported function wrapping non-exported validate functions, +// this function can be called externally to validate an KeystoneAPI spec. +func (spec *GaleraSpec) ValidateCreate(basePath *field.Path) (admission.Warnings, field.ErrorList) { + return spec.GaleraSpecCore.ValidateCreate(basePath) +} + +// ValidateCreate - +func (spec *GaleraSpecCore) ValidateCreate(basePath *field.Path) (admission.Warnings, field.ErrorList) { + var allErrs field.ErrorList + allWarn := []string{} + + warn, _ := common_webhook.ValidateStorageRequest(basePath, spec.StorageRequest, storageRequestProdMin, false) + allWarn = append(allWarn, warn...) + + return allWarn, allErrs } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type diff --git a/go.mod b/go.mod index fe943b88..fa1e596d 100644 --- a/go.mod +++ b/go.mod @@ -77,3 +77,5 @@ require ( ) replace github.com/openstack-k8s-operators/mariadb-operator/api => ./api + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20240624123550-13c4ff7caf62 diff --git a/go.sum b/go.sum index 392bd087..44a78ff0 100644 --- a/go.sum +++ b/go.sum @@ -83,8 +83,6 @@ github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= -github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240621144804-4b3c1fd10960 h1:9UpWmnaLZeN237m9YIHy6KxsSV3yPatNXryW2qabVKs= -github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240621144804-4b3c1fd10960/go.mod h1:k9KuWN2LBtLbKHgcyh/0lrwk3Kr0cOAhiR3hi/mrwOQ= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -110,6 +108,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stuggi/lib-common/modules/common v0.0.0-20240624123550-13c4ff7caf62 h1:MXrFgYuYtR1kSX3zsx3xyQlgJUv12k6HIZJMiwyMU+4= +github.com/stuggi/lib-common/modules/common v0.0.0-20240624123550-13c4ff7caf62/go.mod h1:k9KuWN2LBtLbKHgcyh/0lrwk3Kr0cOAhiR3hi/mrwOQ= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=