refactor: move webhook validations to the internal package

Author: kamiiiel

api/model/refs/namespace.go

@@ -20,31 +20,46 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 )
 
-var _ custom.ResourceRef = NamespacedName{}
+var _ custom.ResourceRef = &NamespacedName{}
 
 type NamespacedName struct {
 	Name      string `json:"name"`
 	Namespace string `json:"namespace,omitempty"`
 }
 
+// SetNamespace implements custom.ResourceRef.
+func (n *NamespacedName) SetNamespace(ns string) {
+	n.Namespace = ns
+}
+
+// IsMissingNamespace implements custom.ResourceRef.
+func (n *NamespacedName) IsMissingNamespace() bool {
+	return !n.HasNameSpace()
+}
+
 // GetName implements custom.ResourceRef.
-func (n NamespacedName) GetName() string {
+func (n *NamespacedName) GetName() string {
 	return n.Name
 }
 
 // GetNamespace implements custom.ResourceRef.
-func (n NamespacedName) GetNamespace() string {
+func (n *NamespacedName) GetNamespace() string {
 	return n.Namespace
 }
 
+// HasNameSpace implements custom.ResourceRef.
+func (n *NamespacedName) HasNameSpace() bool {
+	return n.Namespace != ""
+}
+
 func NewNamespacedName(namespace, name string) NamespacedName {
 	return NamespacedName{Namespace: namespace, Name: name}
 }
 
-func (n NamespacedName) NamespacedName() types.NamespacedName {
+func (n *NamespacedName) NamespacedName() types.NamespacedName {
 	return types.NamespacedName{Namespace: n.Namespace, Name: n.Name}
 }
 
-func (n NamespacedName) String() string {
+func (n *NamespacedName) String() string {
 	return n.Namespace + "/" + n.Name
 }

api/v1alpha1/apiv4definition_webhook.go

@@ -18,17 +18,9 @@ package v1alpha1
 
 import (
 	"context"
-	"fmt"
-	"net/url"
-	"strings"
 
-	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/env"
-
-	"sigs.k8s.io/controller-runtime/pkg/client"
-
-	v4 "github.com/gravitee-io/gravitee-kubernetes-operator/api/model/api/v4"
 	commonMutate "github.com/gravitee-io/gravitee-kubernetes-operator/internal/admission/common/mutate"
-	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/k8s"
+	wk "github.com/gravitee-io/gravitee-kubernetes-operator/internal/admission/webhook"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
@@ -49,108 +41,13 @@ func (api *ApiV4Definition) Default() {
 }
 
 func (api *ApiV4Definition) ValidateCreate() (admission.Warnings, error) {
-	return validateApi(api)
+	return wk.ValidateApiV4(context.Background(), &api.Spec.Api, api.Name, api.Namespace, api.Spec.Context)
 }
 
 func (api *ApiV4Definition) ValidateUpdate(_ runtime.Object) (admission.Warnings, error) {
-	return validateApi(api)
+	return wk.ValidateApiV4(context.Background(), &api.Spec.Api, api.Name, api.Namespace, api.Spec.Context)
 }
 
 func (*ApiV4Definition) ValidateDelete() (admission.Warnings, error) {
 	return admission.Warnings{}, nil
 }
-
-func validateApi(api *ApiV4Definition) (admission.Warnings, error) {
-	// make sure Management Context exist before creating the API Definition resource
-	if api.HasContext() { //nolint:nestif // nested if is needed
-		mCtx := new(ManagementContext)
-		if err := k8s.GetClient().Get(context.Background(), api.ContextRef().NamespacedName(), mCtx); err != nil {
-			return admission.Warnings{}, fmt.Errorf("can't create API [%s] because it is using "+
-				"management context [%v] that doesn't exist in the cluster", api.Name, api.ContextRef().NamespacedName())
-		}
-	} else {
-		// check for unique context path
-		apis := new(ApiV4DefinitionList)
-		listOpts := client.ListOptions{}
-		if !env.Config.CheckApiContextPathConflictInCluster {
-			listOpts = client.ListOptions{
-				Namespace: api.Namespace,
-			}
-		}
-
-		if err := k8s.GetClient().List(context.Background(), apis, &listOpts); err != nil {
-			return admission.Warnings{}, err
-		}
-
-		existingListeners := make([]*v4.GenericListener, 0)
-		for _, item := range apis.Items {
-			if api.Name != item.Name || api.Namespace != item.Namespace {
-				existingListeners = append(existingListeners, item.Spec.Listeners...)
-			}
-		}
-
-		if err := validateApiContextPath(existingListeners, api.Spec.Listeners); err != nil {
-			return admission.Warnings{}, err
-		}
-	}
-
-	return admission.Warnings{}, nil
-}
-
-func validateApiContextPath(existingListeners, listeners []*v4.GenericListener) error {
-	apiPaths := make([]string, 0)
-	for _, l := range listeners {
-		for _, s := range parseListener(l) {
-			p, err := url.Parse(s)
-			if err != nil {
-				return err
-			}
-			apiPaths = append(apiPaths, p.String())
-		}
-	}
-
-	for _, l := range existingListeners {
-		paths := parseListener(l)
-		err := findDuplicatePath(paths, apiPaths)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func parseListener(l v4.Listener) []string {
-	if l == nil {
-		return []string{}
-	}
-
-	switch t := l.(type) {
-	case *v4.GenericListener:
-		return parseListener(t.ToListener())
-	case *v4.HttpListener:
-		{
-			paths := make([]string, 0)
-			for _, path := range t.Paths {
-				p := fmt.Sprintf("%s/%s", path.Host, path.Path)
-				paths = append(paths, strings.ReplaceAll(p, "//", "/"))
-			}
-			return paths
-		}
-	case *v4.TCPListener:
-		return t.Hosts
-	}
-
-	return []string{}
-}
-
-func findDuplicatePath(existingPaths []string, newPaths []string) error {
-	for _, ep := range existingPaths {
-		for _, np := range newPaths {
-			if ep == np {
-				return fmt.Errorf("invalid API context path [%s]. Another API with the same path already exists", ep)
-			}
-		}
-	}
-	return nil
-}

api/v1alpha1/application_types.go

@@ -17,9 +17,14 @@ limitations under the License.
 package v1alpha1
 
 import (
+	"fmt"
+
 	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/application"
 	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/refs"
+	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/hash"
+	"github.com/gravitee-io/gravitee-kubernetes-operator/pkg/types/k8s/custom"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 // Application is the main resource handled by the Kubernetes Operator
@@ -63,3 +68,63 @@ func (app *Application) IsBeingDeleted() bool {
 func init() {
 	SchemeBuilder.Register(&Application{}, &ApplicationList{})
 }
+
+// GetSpec implements custom.Resource.
+func (app *Application) GetSpec() custom.Spec {
+	return &app.Spec
+}
+
+// GetStatus implements custom.Resource.
+func (app *Application) GetStatus() custom.Status {
+	return &app.Status
+}
+
+func (app *Application) ContextRef() custom.ResourceRef {
+	return app.Spec.Context
+}
+
+func (app *Application) HasContext() bool {
+	return app.Spec.Context != nil
+}
+
+func (app *Application) ID() string {
+	return app.Status.ID
+}
+
+func (app *Application) DeepCopyResource() custom.Resource {
+	return app.DeepCopy()
+}
+
+func (spec *ApplicationSpec) Hash() string {
+	return hash.Calculate(spec)
+}
+
+func (s *ApplicationStatus) DeepCopyFrom(obj client.Object) error {
+	switch t := obj.(type) {
+	case *Application:
+		t.Status.DeepCopyInto(s)
+	default:
+		return fmt.Errorf("unknown type %T", t)
+	}
+
+	return nil
+}
+
+func (s *ApplicationStatus) DeepCopyTo(api client.Object) error {
+	switch t := api.(type) {
+	case *Application:
+		s.DeepCopyInto(&t.Status)
+	default:
+		return fmt.Errorf("unknown type %T", t)
+	}
+
+	return nil
+}
+
+func (s *ApplicationStatus) SetObservedGeneration(g int64) {
+	s.ObservedGeneration = g
+}
+
+func (s *ApplicationStatus) SetProcessingStatus(status custom.ProcessingStatus) {
+	s.Status.ProcessingStatus = status
+}

api/v1alpha1/managementcontext_webhook.go

@@ -19,13 +19,10 @@ package v1alpha1
 import (
 	"context"
 	"fmt"
-	"net"
 
-	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/apim/client"
-	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/http"
+	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/refs"
+	wk "github.com/gravitee-io/gravitee-kubernetes-operator/internal/admission/webhook"
 	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/k8s"
-	"github.com/gravitee-io/gravitee-kubernetes-operator/internal/uuid"
-	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -67,29 +64,10 @@ func validateManagementContext(ctx *ManagementContext) (admission.Warnings, erro
 		}
 	}
 
-	if err := checkAPIAvailability(ctx); err != nil {
+	ctxRef := refs.NewNamespacedName(ctx.Namespace, ctx.Name)
+	if err := wk.CheckAPIMAvailability(&ctxRef); err != nil {
 		return admission.Warnings{err.Error()}, nil //nolint:nilerr // changed to warning
 	}
 
 	return admission.Warnings{}, nil
 }
-
-func checkAPIAvailability(ctx *ManagementContext) error {
-	urLs, _ := client.NewURLs(ctx.Spec.BaseUrl, ctx.Spec.OrgId, ctx.Spec.EnvId)
-
-	httpClient := http.NewClient(context.Background(), nil)
-	cli := client.Client{
-		HTTP: httpClient,
-		URLs: urLs,
-	}
-
-	api := make(map[string]interface{})
-	err := httpClient.Get(cli.EnvV1Target("apis").WithPath(uuid.NewV4String()).String(), api)
-
-	var opError *net.OpError
-	if errors.As(err, &opError) {
-		return fmt.Errorf("unable to reach APIM, [%s] is not available", ctx.Spec.BaseUrl)
-	}
-
-	return nil
-}