Documentation
¶
Index ¶
- Constants
- Variables
- func Annotations(obj ast.FileObject) status.Error
- func CRDName(obj ast.FileObject) status.Error
- func ClusterSelectorsForHierarchical(objs *objects.Raw) status.MultiError
- func ClusterSelectorsForUnstructured(objs *objects.Raw) status.MultiError
- func DeprecatedKinds(obj ast.FileObject) status.Error
- func Directory(obj ast.FileObject) status.Error
- func DisallowedFields(objs *objects.Raw) status.MultiError
- func GitSpec(git *v1beta1.Git, rs client.Object) status.Error
- func HNCLabels(obj ast.FileObject) status.Error
- func HasDepthSuffix(s string) bool
- func HelmNSAndDeployNS(o client.Object) status.Error
- func HelmSpec(helm *v1beta1.HelmBase, rs client.Object) status.Error
- func HelmValuesConfigMapMustBeImmutable(o client.Object, name string) status.Error
- func HelmValuesFileDataKeyOrDefault(key string) string
- func HelmValuesMissingConfigMap(o client.Object, err error) status.Error
- func HelmValuesMissingConfigMapKey(o client.Object, name, key string) status.Error
- func IllegalCRD(obj ast.FileObject) status.Error
- func IllegalKindsForHierarchical(obj ast.FileObject) status.Error
- func IllegalKindsForUnstructured(obj ast.FileObject) status.Error
- func IllegalSecretRef(o client.Object) status.Error
- func InvalidAuthType(o client.Object) status.Error
- func InvalidGCPSAEmail(o client.Object) status.Error
- func InvalidHelmAuthType(o client.Object) status.Error
- func InvalidOciAuthType(o client.Object) status.Error
- func InvalidSourceType(o client.Object) status.Error
- func IsInvalidAnnotation(k string) bool
- func IsInvalidLabel(k string) bool
- func Labels(obj ast.FileObject) status.Error
- func ManagementAnnotation(obj ast.FileObject) status.Error
- func MissingGCPSAEmail(o client.Object) status.Error
- func MissingGitRepo(o client.Object) status.Error
- func MissingGitSpec(o client.Object) status.Error
- func MissingHelmChart(o client.Object) status.Error
- func MissingHelmRepo(o client.Object) status.Error
- func MissingHelmSpec(o client.Object) status.Error
- func MissingHelmValuesFileRefsName(o client.Object) status.Error
- func MissingOciImage(o client.Object) status.Error
- func MissingOciSpec(o client.Object) status.Error
- func MissingSecretRef(o client.Object) status.Error
- func Name(obj ast.FileObject) status.Error
- func Namespace(obj ast.FileObject) status.Error
- func NoOpProxy(o client.Object) status.Error
- func OciSpec(oci *v1beta1.Oci, rs client.Object) status.Error
- func RemovedCRDs(objs *objects.Raw) status.MultiError
- func Repo(objs *objects.Raw) status.MultiError
- func RepoSync(obj ast.FileObject) status.Error
- func RepoSyncSpec(sourceType string, git *v1beta1.Git, oci *v1beta1.Oci, ...) status.Error
- func RootSync(obj ast.FileObject) status.Error
- func RootSyncSpec(sourceType string, git *v1beta1.Git, oci *v1beta1.Oci, ...) status.Error
- func SelfReconcile(reconcilerName string) objects.ObjectVisitor
- func SelfReconcileError(o client.Object) status.Error
- func ValuesFileRefs(ctx context.Context, cl client.Client, rs client.Object, ...) status.Error
Constants ¶
const HelmValuesFileDefaultDataKey = "values.yaml"
HelmValuesFileDefaultDataKey is the default data key to use when spec.helm.valuesFileRefs.dataKey is not specified.
const OldAllowedRepoVersion = "0.1.0"
OldAllowedRepoVersion is the old (but still supported) Repo.Spec.Version.
Variables ¶
var InvalidSyncCode = "1061"
InvalidSyncCode is the code for an invalid declared RootSync/RepoSync.
var SelfReconcileErrorCode = "1069"
SelfReconcileErrorCode is the code for an RootSync/RepoSync that reconciles itself.
Functions ¶
func Annotations ¶
func Annotations(obj ast.FileObject) status.Error
Annotations verifies that the given object does not have any invalid annotations.
func CRDName ¶
func CRDName(obj ast.FileObject) status.Error
CRDName returns an error if the CRD's name does not match the Kubernetes specification: https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/
func ClusterSelectorsForHierarchical ¶
func ClusterSelectorsForHierarchical(objs *objects.Raw) status.MultiError
ClusterSelectorsForHierarchical verifies that all ClusterSelectors have a unique name and are under the correct top-level directory. It also verifies that no invalid FileObjects are cluster-selected.
func ClusterSelectorsForUnstructured ¶
func ClusterSelectorsForUnstructured(objs *objects.Raw) status.MultiError
ClusterSelectorsForUnstructured verifies that all ClusterSelectors have a unique name. It also verifies that no invalid FileObjects are cluster-selected.
func DeprecatedKinds ¶
func DeprecatedKinds(obj ast.FileObject) status.Error
DeprecatedKinds verifies that the given FileObject is not deprecated.
func Directory ¶
func Directory(obj ast.FileObject) status.Error
Directory verifies that the given FileObject is placed in a valid directory according to the following rules: - if the object is a Namespace, the directory must match its name - if the object has a metadata namespace, the directory must match it
func DisallowedFields ¶
func DisallowedFields(objs *objects.Raw) status.MultiError
DisallowedFields verifies if the given Raw objects contain any fields which are not allowed to be declared in Git.
func HNCLabels ¶
func HNCLabels(obj ast.FileObject) status.Error
HNCLabels verifies that the given object does not have any HNC depth labels.
func HasDepthSuffix ¶
HasDepthSuffix returns true if the string ends with ".tree.hnc.x-k8s.io/depth".
func HelmNSAndDeployNS ¶ added in v1.15.1
HelmNSAndDeployNS reports that a RootSync has both spec.helm.namespace and spec.helm.deployNamespace set, even though they are mutually exclusive
func HelmValuesConfigMapMustBeImmutable ¶ added in v1.16.0
HelmValuesConfigMapMustBeImmutable reports that a referenced ConfigMap from RSync spec.helm.valuesFileRefs is not immutable.
func HelmValuesFileDataKeyOrDefault ¶ added in v1.16.1
HelmValuesFileDataKeyOrDefault returns the key or the default if the key is empty.
func HelmValuesMissingConfigMap ¶ added in v1.16.0
HelmValuesMissingConfigMap reports that an RSync is referencing a ConfigMap that doesn't exist.
func HelmValuesMissingConfigMapKey ¶ added in v1.16.0
HelmValuesMissingConfigMapKey reports that an RSync is missing spec.helm.valuesFileRefs.valuesFile
func IllegalCRD ¶
func IllegalCRD(obj ast.FileObject) status.Error
IllegalCRD returns an error if the given FileObject is a CRD of a Config Sync type.
func IllegalKindsForHierarchical ¶
func IllegalKindsForHierarchical(obj ast.FileObject) status.Error
IllegalKindsForHierarchical verifies that the given FileObject is legal for a structured hierarchical repo.
func IllegalKindsForUnstructured ¶
func IllegalKindsForUnstructured(obj ast.FileObject) status.Error
IllegalKindsForUnstructured verifies that the given FileObject is legal for an unstructured repo.
func IllegalSecretRef ¶
IllegalSecretRef reports that a RootSync/RepoSync declares an auth mode that doesn't allow SecretRefs does declare a SecretRef.
func InvalidAuthType ¶
InvalidAuthType reports that a RootSync/RepoSync doesn't use one of the known auth methods.
func InvalidGCPSAEmail ¶
InvalidGCPSAEmail reports that a RepoSync/RootSync Resource doesn't have the
correct gcp service account suffix.
func InvalidHelmAuthType ¶
InvalidHelmAuthType reports that a RootSync/RepoSync doesn't use one of the known auth methods for Helm.
func InvalidOciAuthType ¶
InvalidOciAuthType reports that a RootSync/RepoSync doesn't use one of the known auth methods for OCI image.
func InvalidSourceType ¶
InvalidSourceType reports that a RootSync/RepoSync doesn't use one of the supported source types.
func IsInvalidAnnotation ¶
IsInvalidAnnotation returns true if the annotation cannot be declared by users.
func IsInvalidLabel ¶
IsInvalidLabel returns true if the label cannot be declared by users.
func Labels ¶
func Labels(obj ast.FileObject) status.Error
Labels verifies that the given object does not have any invalid labels.
func ManagementAnnotation ¶
func ManagementAnnotation(obj ast.FileObject) status.Error
ManagementAnnotation returns an Error if the user-specified management annotation is invalid.
func MissingGCPSAEmail ¶
MissingGCPSAEmail reports that a RepoSync/RootSync resource declares an auth mode that requires a GCPServiceAccountEmail, but does not do so.
func MissingGitRepo ¶
MissingGitRepo reports that a RootSync/RepoSync doesn't declare the git repo it is supposed to connect to.
func MissingGitSpec ¶
MissingGitSpec reports that a RootSync/RepoSync doesn't declare the git spec when spec.sourceType is set to `git`.
func MissingHelmChart ¶
MissingHelmChart reports that a RootSync/RepoSync doesn't declare the Helm chart name it is supposed to rendering.
func MissingHelmRepo ¶
MissingHelmRepo reports that a RootSync/RepoSync doesn't declare the Helm repository it is supposed to download chart from.
func MissingHelmSpec ¶
MissingHelmSpec reports that a RootSync/RepoSync doesn't declare the Helm spec when spec.sourceType is set to `helm`.
func MissingHelmValuesFileRefsName ¶ added in v1.16.0
MissingHelmValuesFileRefsName reports that an RSync is missing spec.helm.valuesFileRefs.name
func MissingOciImage ¶
MissingOciImage reports that a RootSync/RepoSync doesn't declare the OCI image it is supposed to connect to.
func MissingOciSpec ¶
MissingOciSpec reports that a RootSync/RepoSync doesn't declare the OCI spec when spec.sourceType is set to `oci`.
func MissingSecretRef ¶
MissingSecretRef reports that a RootSync/RepoSync declares an auth mode that requires a SecretRef, but does not do so.
func Name ¶
func Name(obj ast.FileObject) status.Error
Name verifies that the given FileObject has a valid name according to the following rules: - the object can not have an empty name - if the object is related to RBAC, its name must be a valid path segment - otherwise the object's name must be a valid DNS1123 subdomain
func Namespace ¶
func Namespace(obj ast.FileObject) status.Error
Namespace verifies that the given FileObject has a valid namespace according to the following rules: - if the object is a Namespace, it must not be `config-management-system` - if the object has a metadata namespace, it must be a valid k8s namespace
func NoOpProxy ¶
NoOpProxy reports that a RootSync/RepoSync declares a proxy, but the declaration would do nothing.
func RemovedCRDs ¶
func RemovedCRDs(objs *objects.Raw) status.MultiError
RemovedCRDs verifies that the Raw objects do not remove any CRDs that still have CRs using them.
func Repo ¶
func Repo(objs *objects.Raw) status.MultiError
Repo verifies that there is exactly one Repo object and that it has the correct version.
func RepoSync ¶
func RepoSync(obj ast.FileObject) status.Error
RepoSync checks if the given FileObject is a RepoSync and if so, verifies that its fields are valid.
func RepoSyncSpec ¶ added in v1.15.1
func RepoSyncSpec(sourceType string, git *v1beta1.Git, oci *v1beta1.Oci, helm *v1beta1.HelmRepoSync, rs client.Object) status.Error
RepoSyncSpec validates the Repo Sync source specification for any obvious problems.
func RootSync ¶
func RootSync(obj ast.FileObject) status.Error
RootSync checks if the given FileObject is a RootSync and if so, verifies that its fields are valid.
func RootSyncSpec ¶ added in v1.15.1
func RootSyncSpec(sourceType string, git *v1beta1.Git, oci *v1beta1.Oci, helm *v1beta1.HelmRootSync, rs client.Object) status.Error
RootSyncSpec validates the Root Sync source specification for any obvious problems.
func SelfReconcile ¶ added in v1.15.1
func SelfReconcile(reconcilerName string) objects.ObjectVisitor
SelfReconcile checks if the given RootSync or RepoSync is the one that configures the reconciler.
func SelfReconcileError ¶ added in v1.15.1
SelfReconcileError reports that a RootSync/RepoSync reconciles itself.
Types ¶
This section is empty.
Source Files
¶
- annotation_validator.go
- cluster_selector_validator.go
- crd_name.go
- crd_removal_validator.go
- deprecated_kind_validator.go
- directory_validator.go
- disallowed_fields_validator.go
- hnc_validator.go
- illegal_crd_validator.go
- illegal_kind_validator.go
- label_validator.go
- management_annotation.go
- name_validator.go
- namespace_validator.go
- repo_sync_validator.go
- repo_validator.go
- root_sync_validator.go
- self_reconcile_validator.go
- source_spec_validator.go