fix: add validations

caos · Jan 27, 2020 · e2b437c · e2b437c
1 parent 0bcf0b2
commit e2b437c
Show file tree

Hide file tree

Showing 7 changed files with 158 additions and 14 deletions.
diff --git a/internal/operator/orbiter/kinds/clusters/kubernetes/desired.go b/internal/operator/orbiter/kinds/clusters/kubernetes/desired.go
@@ -3,9 +3,23 @@ package kubernetes
 import (
 	"github.com/pkg/errors"
 
+	"fmt"
+	"regexp"
+
 	"github.com/caos/orbiter/internal/operator/orbiter"
+	"github.com/caos/orbiter/internal/operator/orbiter/kinds/clusters/kubernetes/edge/k8s"
 )
 
+var ipPartRegex = `([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])`
+
+var ipRegex = fmt.Sprintf(`%s\.%s\.%s\.%s`, ipPartRegex, ipPartRegex, ipPartRegex, ipPartRegex)
+
+var cidrRegex = fmt.Sprintf(`%s/([1-2][0-9]|3[0-2]|[0-9])`, ipRegex)
+
+var cidrComp = regexp.MustCompile(fmt.Sprintf(`^(%s)$`, cidrRegex))
+
+type cidr string
+
 type DesiredV0 struct {
 	Common orbiter.Common `yaml:",inline"`
 	Spec   struct {
@@ -18,11 +32,11 @@ type DesiredV0 struct {
 		Networking struct {
 			DNSDomain   string
 			Network     string
-			ServiceCidr string
-			PodCidr     string
+			ServiceCidr orbiter.CIDR
+			PodCidr     orbiter.CIDR
 		}
 		ControlPlane Pool
-		Workers      map[string]*Pool
+		Workers      []*Pool
 	}
 }
 
@@ -31,6 +45,41 @@ func (d *DesiredV0) validate() error {
 	if d.Spec.ControlPlane.Nodes != 1 && d.Spec.ControlPlane.Nodes != 3 && d.Spec.ControlPlane.Nodes != 5 {
 		return errors.Errorf("Controlplane nodes can only be scaled to 1, 3 or 5 but desired are %d", d.Spec.ControlPlane.Nodes)
 	}
+
+	if k8s.ParseString(d.Spec.Versions.Kubernetes) == k8s.Unknown {
+		return errors.Errorf("Unknown kubernetes version %s", d.Spec.Versions.Kubernetes)
+	}
+
+	if d.Spec.Networking.Network != "cilium" && d.Spec.Networking.Network != "calico" {
+		return errors.Errorf("Network must eighter be calico or cilium, but got %s", d.Spec.Networking.Network)
+	}
+
+	if err := d.Spec.Networking.ServiceCidr.Validate(); err != nil {
+		return err
+	}
+
+	if err := d.Spec.Networking.PodCidr.Validate(); err != nil {
+		return err
+	}
+
+	seenPools := map[string][]string{
+		d.Spec.ControlPlane.Provider: []string{d.Spec.ControlPlane.Pool},
+	}
+
+	for _, worker := range d.Spec.Workers {
+		pools, ok := seenPools[worker.Provider]
+		if !ok {
+			seenPools[worker.Provider] = []string{worker.Pool}
+			continue
+		}
+		for _, seenPool := range pools {
+			if seenPool == worker.Pool {
+				return errors.Errorf("Pool %s from provider %s is used multiple times", worker.Pool, worker.Provider)
+			}
+		}
+		seenPools[worker.Provider] = append(pools, worker.Pool)
+	}
+
 	return nil
 }
 

diff --git a/internal/operator/orbiter/kinds/orb/adapt.go b/internal/operator/orbiter/kinds/orb/adapt.go
@@ -28,6 +28,10 @@ func AdaptFunc(
 		desiredKind.Common.Version = "v0"
 		desiredTree.Parsed = desiredKind
 
+		if err := desiredKind.validate(); err != nil {
+			return nil, nil, nil, err
+		}
+
 		if desiredKind.Spec.Verbose && !logger.IsVerbose() {
 			logger = logger.Verbose()
 		}

diff --git a/internal/operator/orbiter/kinds/orb/model.go b/internal/operator/orbiter/kinds/orb/model.go
@@ -1,6 +1,9 @@
 package orb
 
-import "github.com/caos/orbiter/internal/operator/orbiter"
+import (
+	"github.com/caos/orbiter/internal/operator/orbiter"
+	"github.com/pkg/errors"
+)
 
 type DesiredV0 struct {
 	Common *orbiter.Common `yaml:",inline"`
@@ -11,6 +14,27 @@ type DesiredV0 struct {
 	Providers map[string]*orbiter.Tree
 }
 
+func (d *DesiredV0) validate() error {
+	if len(d.Clusters) < 1 {
+		return errors.New("No clusters configured")
+	}
+	if len(d.Providers) < 1 {
+		return errors.New("No providers configured")
+	}
+
+	k8sKind := "orbiter.caos.ch/KubernetesCluster"
+	var k8s int
+	for _, cluster := range d.Clusters {
+		if cluster.Common.Kind == k8sKind {
+			k8s++
+		}
+	}
+	if k8s != 1 {
+		return errors.Errorf("Exactly one cluster of kind %s must be configured, but got %d", k8sKind, k8s)
+	}
+	return nil
+}
+
 type SecretsV0 struct {
 	Common    *orbiter.Common `yaml:",inline"`
 	Clusters  map[string]*orbiter.Tree

diff --git a/internal/operator/orbiter/kinds/providers/static/computesservice.go b/internal/operator/orbiter/kinds/providers/static/computesservice.go
@@ -63,7 +63,7 @@ func (c *computesService) List(poolName string, active bool) (infra.Computes, er
 	computes := make([]infra.Compute, 0)
 	for _, cmp := range cmps {
 		var buf bytes.Buffer
-		compute := newCompute(c.logger, c.statusFile, c.desired.Spec.RemoteUser, &cmp.ID, cmp.IP)
+		compute := newCompute(c.logger, c.statusFile, c.desired.Spec.RemoteUser, &cmp.ID, string(cmp.IP))
 		if err := compute.UseKey(c.maintenancekey, c.bootstrapkey); err != nil {
 			return nil, err
 		}
@@ -85,7 +85,7 @@ func (c *computesService) Create(poolName string) (infra.Compute, error) {
 
 	for _, cmp := range cmps {
 		var buf bytes.Buffer
-		compute := newCompute(c.logger, c.statusFile, c.desired.Spec.RemoteUser, &cmp.ID, cmp.IP)
+		compute := newCompute(c.logger, c.statusFile, c.desired.Spec.RemoteUser, &cmp.ID, string(cmp.IP))
 
 		if err := compute.UseKey(c.maintenancekey, c.bootstrapkey); err != nil {
 			return nil, err

diff --git a/internal/operator/orbiter/kinds/providers/static/model.go b/internal/operator/orbiter/kinds/providers/static/model.go
@@ -1,6 +1,8 @@
 package static
 
 import (
+	"github.com/pkg/errors"
+
 	"github.com/caos/orbiter/internal/operator/orbiter"
 	"github.com/caos/orbiter/internal/operator/orbiter/kinds/clusters/core/infra"
 )
@@ -16,10 +18,39 @@ type DesiredV0 struct {
 	Loadbalancing *orbiter.Tree
 }
 
+func (d DesiredV0) validate() error {
+	if d.Spec.RemoteUser == "" {
+		return errors.New("No remote user provided")
+	}
+
+	if d.Spec.RemotePublicKeyPath == "" {
+		return errors.New("No remote public key path provided")
+	}
+
+	for pool, computes := range d.Spec.Pools {
+		for _, compute := range computes {
+			if err := compute.validate(); err != nil {
+				return errors.Wrapf(err, "Validating compute %s in pool %s failed", compute.ID, pool)
+			}
+		}
+	}
+	return nil
+}
+
 type Compute struct {
 	ID       string
 	Hostname string
-	IP       string
+	IP       orbiter.IPAddress
+}
+
+func (c *Compute) validate() error {
+	if c.ID == "" {
+		return errors.New("No id provided")
+	}
+	if c.Hostname == "" {
+		return errors.New("No hostname provided")
+	}
+	return c.IP.Validate()
 }
 
 type SecretsV0 struct {

diff --git a/internal/operator/orbiter/orb.go b/internal/operator/orbiter/orb.go
diff --git a/internal/operator/orbiter/types.go b/internal/operator/orbiter/types.go
@@ -0,0 +1,43 @@
+package orbiter
+
+import (
+	"fmt"
+	"regexp"
+
+	"github.com/pkg/errors"
+)
+
+type Orb struct {
+	URL       string
+	Repokey   string
+	Masterkey string
+}
+
+var (
+	ipPartRegex = `([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])`
+	ipRegex     = fmt.Sprintf(`%s\.%s\.%s\.%s`, ipPartRegex, ipPartRegex, ipPartRegex, ipPartRegex)
+	cidrRegex   = fmt.Sprintf(`%s/([1-2][0-9]|3[0-2]|[0-9])`, ipRegex)
+
+	compiledIP   = regexp.MustCompile(fmt.Sprintf(`^(%s)$`, ipRegex))
+	compiledCIDR = regexp.MustCompile(fmt.Sprintf(`^(%s)$`, cidrRegex))
+)
+
+type cidr string
+
+type IPAddress string
+
+type CIDR string
+
+func (c CIDR) Validate() error {
+	if !compiledCIDR.MatchString(string(c)) {
+		return errors.Errorf("Value %s is not in valid CIDR notation. It does not match the regular expression %s", c, compiledCIDR.String())
+	}
+	return nil
+}
+
+func (i IPAddress) Validate() error {
+	if !compiledIP.MatchString(string(i)) {
+		return errors.Errorf("Value %s is not a valid IP address. It does not match the regular expression %s", i, compiledIP.String())
+	}
+	return nil
+}