gko 286: apim validation

.golangci.yml

@@ -253,7 +253,7 @@ issues:
   max-same-issues: 50
 
   exclude:
-    - ".*(Id|Api|Url|Http).* should be .*(ID|API|URL|HTTP).*"
+    - ".*(Api|Url|Http).* should be .*(API|URL|HTTP).*"
 
   exclude-rules:
     - source: "^//\\s*go:generate\\s"

api/model/api/base/member.go

@@ -22,7 +22,7 @@ type Member struct {
 	// Member source ID
 	// +kubebuilder:validation:Required
 	// +kubebuilder:example:=user@email.com
-	SourceId string `json:"sourceId"`
+	SourceID string `json:"sourceId"`
 	// Member display name
 	DisplayName string `json:"displayName,omitempty"`
 	// The API role associated with this Member
@@ -33,15 +33,15 @@ type Member struct {
 func NewGraviteeMember(username, role string) *Member {
 	return &Member{
 		Source:   "gravitee",
-		SourceId: username,
+		SourceID: username,
 		Role:     role,
 	}
 }
 
 func NewMemoryMember(username, role string) *Member {
 	return &Member{
 		Source:   "memory",
-		SourceId: username,
+		SourceID: username,
 		Role:     role,
 	}
 }

api/model/api/base/page.go

@@ -26,7 +26,7 @@ type PageSource struct {
 type AccessControl struct {
 	// +kubebuilder:validation:Required
 	// The ID denied or granted by the access control (currently only group names are supported)
-	ReferenceId string `json:"referenceId,omitempty"`
+	ReferenceID string `json:"referenceId,omitempty"`
 	// +kubebuilder:validation:Required
 	// +kubebuilder:validation:Enum=GROUP;
 	// The type of reference denied or granted by the access control

api/model/api/base/plan.go

@@ -30,11 +30,11 @@ type PlanValidation string
 
 type Plan struct {
 	// Plan ID
-	Id string `json:"id,omitempty"`
+	ID string `json:"id,omitempty"`
 	// The plan Cross ID.
 	// This field is used to identify plans defined for an API
 	// that has been promoted between different environments.
-	CrossId string `json:"crossId,omitempty"`
+	CrossID string `json:"crossId,omitempty"`
 	// Plan Description
 	Description string `json:"description"`
 	// List of plan tags
@@ -71,11 +71,11 @@ func (plan *Plan) WithStatus(status PlanStatus) *Plan {
 }
 
 func (plan *Plan) WithID(id string) *Plan {
-	plan.Id = id
+	plan.ID = id
 	return plan
 }
 
 func (plan *Plan) WithCrossID(id string) *Plan {
-	plan.CrossId = id
+	plan.CrossID = id
 	return plan
 }

api/model/api/base/primary_owner.go

@@ -17,7 +17,7 @@ package base
 type PrimaryOwner struct {
 	// +kubebuilder:validation:Required
 	// PrimaryOwner ID
-	Id string `json:"id,omitempty"`
+	ID string `json:"id,omitempty"`
 	// +kubebuilder:validation:Optional
 	// PrimaryOwner email
 	Email string `json:"email,omitempty"`

api/model/api/v2/api.go

@@ -17,8 +17,11 @@ package v2
 
 import (
 	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/api/base"
+	"github.com/gravitee-io/gravitee-kubernetes-operator/pkg/types/k8s/custom"
 )
 
+var _ custom.ApiDefinition = &Api{}
+
 type Api struct {
 	*base.ApiBase `json:",inline"`
 	// +kubebuilder:validation:Required
@@ -69,6 +72,15 @@ type Api struct {
 	ExecutionMode string `json:"execution_mode,omitempty"`
 }
 
+func (api *Api) GetDefinitionVersion() custom.ApiDefinitionVersion {
+	return custom.ApiV2
+}
+
+// TODO implement when v2 admission handles paths
+func (api *Api) GetContextPaths() ([]string, error) {
+	return make([]string, 0), nil
+}
+
 const (
 	ModeFullyManaged = "fully_managed"
 	OriginKubernetes = "kubernetes"

api/model/api/v2/plan.go

@@ -28,7 +28,7 @@ type Consumer struct {
 	// Consumer type (possible values TAG)
 	ConsumerType ConsumerType `json:"consumerType,omitempty"`
 	// Consumer ID
-	ConsumerId string `json:"consumerId,omitempty"`
+	ConsumerID string `json:"consumerId,omitempty"`
 }
 
 type Plan struct {

api/model/api/v4/api.go

@@ -16,7 +16,10 @@
 package v4
 
 import (
+	"fmt"
+
 	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/api/base"
+	"github.com/gravitee-io/gravitee-kubernetes-operator/pkg/types/k8s/custom"
 )
 
 // +kubebuilder:validation:Enum=PROXY;MESSAGE;
@@ -25,6 +28,8 @@ type ApiType string
 // +kubebuilder:validation:Enum=PUBLISHED;UNPUBLISHED;
 type ApiV4LifecycleState string
 
+var _ custom.ApiDefinition = &Api{}
+
 type Api struct {
 	*base.ApiBase `json:",inline"`
 	// +kubebuilder:default:=`V4`
@@ -185,3 +190,43 @@ func (api *Api) getGatewayDefinitionEndpointGroups() []*EndpointGroup {
 	}
 	return endpointGroups
 }
+
+func (api *Api) GetDefinitionVersion() custom.ApiDefinitionVersion {
+	return custom.ApiV4
+}
+
+func (api *Api) GetContextPaths() ([]string, error) {
+	paths := make([]string, 0)
+	for _, l := range api.Listeners {
+		paths = append(paths, parseListener(l)...)
+	}
+	return paths, nil
+}
+
+func parseListener(l Listener) []string {
+	if l == nil {
+		return []string{}
+	}
+
+	switch t := l.(type) {
+	case *GenericListener:
+		return parseListener(t.ToListener())
+	case *HttpListener:
+		{
+			paths := make([]string, 0)
+			for _, path := range t.Paths {
+				if path.Host != "" {
+					p := fmt.Sprintf("%s/%s", path.Host, path.Path)
+					paths = append(paths, p)
+				} else {
+					paths = append(paths, path.Path)
+				}
+			}
+			return paths
+		}
+	case *TCPListener:
+		return t.Hosts
+	}
+
+	return []string{}
+}

api/model/api/v4/status.go

@@ -14,12 +14,28 @@
 
 package v4
 
-import "github.com/gravitee-io/gravitee-kubernetes-operator/api/model/api/base"
+import (
+	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/api/base"
+)
 
 type Status struct {
 	base.Status `json:",inline"`
 	// This field is used to store the list of plans that have been created
 	// for the API definition if a management context has been defined
 	// to sync the API with an APIM instance
 	Plans map[string]string `json:"plans,omitempty"`
+	// When API has been created regardless of errors, this field is
+	// used to persist the error message encountered during admission
+	Errors Errors `json:"errors,omitempty"`
+}
+
+type Errors struct {
+	// warning errors do not block object reconciliation,
+	// most of the time because the value is ignored or defaulted
+	// when the API gets synced with APIM
+	Warning []string `json:"warning,omitempty"`
+	// severe errors do not pass admission and will block reconcile
+	// hence, this field should always be during the admission phase
+	// and is very unlikely to be persisted in the status
+	Severe []string `json:"severe,omitempty"`
 }

api/model/application/application.go

@@ -21,15 +21,15 @@ type AppKeyMode string
 type SimpleSettings struct {
 	// Application Type
 	AppType string `json:"type"`
-	// ClientId is the client id of the application
-	ClientId string `json:"client_id,omitempty"`
+	// ClientID is the client id of the application
+	ClientID string `json:"client_id,omitempty"`
 }
 
 type OAuthClientSettings struct {
 	// Oauth client application type
 	ApplicationType string `json:"application_type"`
 	// Oauth client id
-	ClientId string `json:"client_id,omitempty"`
+	ClientID string `json:"client_id,omitempty"`
 	// Oauth client secret
 	ClientSecret string `json:"client_secret,omitempty"`
 	// Oauth client uri
@@ -77,8 +77,8 @@ type Application struct {
 	Description string `json:"description,omitempty"`
 	// Application Type
 	Type string `json:"type,omitempty"`
-	// The ClientId identifying the application. This field is required when subscribing to an OAUTH2 / JWT plan.
-	ClientId string `json:"clientId,omitempty"`
+	// The ClientID identifying the application. This field is required when subscribing to an OAUTH2 / JWT plan.
+	ClientID string `json:"clientId,omitempty"`
 	// List of application Redirect Uris
 	RedirectUris []string `json:"redirectUris,omitempty"`
 

api/model/management/context.go

@@ -17,25 +17,55 @@ package management
 
 import (
 	"github.com/gravitee-io/gravitee-kubernetes-operator/api/model/refs"
+	"github.com/gravitee-io/gravitee-kubernetes-operator/pkg/types/k8s/custom"
 )
 
+var _ custom.Auth = &Auth{}
+var _ custom.BasicAuth = &BasicAuth{}
+var _ custom.Context = &Context{}
+
 type Context struct {
 	// The URL of a management API instance
 	// +kubebuilder:validation:Pattern=`^http(s?):\/\/.+$`
 	BaseUrl string `json:"baseUrl"`
 	// An existing organization id targeted by the context on the management API instance.
 	// +kubebuilder:validation:Required
-	OrgId string `json:"organizationId"`
+	OrgID string `json:"organizationId"`
 	// An existing environment id targeted by the context within the organization.
 	// +kubebuilder:validation:Required
-	EnvId string `json:"environmentId"`
+	EnvID string `json:"environmentId"`
 	// Auth defines the authentication method used to connect to the API Management.
 	// Can be either basic authentication credentials, a bearer token
 	// or a reference to a kubernetes secret holding one of these two configurations.
 	// +kubebuilder:validation:Required
 	Auth *Auth `json:"auth"`
 }
 
+// GetAuth implements custom.Context.
+func (c *Context) GetAuth() custom.Auth {
+	return c.Auth
+}
+
+// GetEnvID implements custom.Context.
+func (c *Context) GetEnvID() string {
+	return c.EnvID
+}
+
+// GetOrgID implements custom.Context.
+func (c *Context) GetOrgID() string {
+	return c.OrgID
+}
+
+// GetSecretRef implements custom.Context.
+func (c *Context) GetSecretRef() custom.ResourceRef {
+	return c.Auth.SecretRef
+}
+
+// GetURL implements custom.Context.
+func (c *Context) GetURL() string {
+	return c.BaseUrl
+}
+
 type Auth struct {
 	// The bearer token used to authenticate against the API Management instance
 	// (must be generated from an admin account)
@@ -46,13 +76,56 @@ type Auth struct {
 	SecretRef *refs.NamespacedName `json:"secretRef,omitempty"`
 }
 
+// GetBearerToken implements custom.Auth.
+func (in *Auth) GetBearerToken() string {
+	return in.BearerToken
+}
+
+// HasCredentials implements custom.Auth.
+func (in *Auth) HasCredentials() bool {
+	return in.Credentials != nil
+}
+
+// GetCredentials implements custom.Auth.
+func (in *Auth) GetCredentials() custom.BasicAuth {
+	return in.Credentials
+}
+
+// GetSecretRef implements custom.Auth.
+func (in *Auth) GetSecretRef() custom.ResourceRef {
+	return in.SecretRef
+}
+
+// SetCredentials implements custom.Auth.
+func (in *Auth) SetCredentials(username string, password string) {
+	in.Credentials = &BasicAuth{
+		Username: username,
+		Password: password,
+	}
+}
+
+// SetToken implements custom.Auth.
+func (in *Auth) SetToken(token string) {
+	in.BearerToken = token
+}
+
 type BasicAuth struct {
 	// +kubebuilder:validation:Required
 	Username string `json:"username,omitempty"`
 	// +kubebuilder:validation:Required
 	Password string `json:"password,omitempty"`
 }
 
+// GetPassword implements custom.BasicAuth.
+func (in *BasicAuth) GetPassword() string {
+	return in.Password
+}
+
+// GetUsername implements custom.BasicAuth.
+func (in *BasicAuth) GetUsername() string {
+	return in.Username
+}
+
 func (c *Context) HasAuthentication() bool {
 	return c.Auth != nil
 }