airship/airshipctl
Code Issues Proposed changes
3fc61f3969
airshipctl/pkg/config/options.go
Yasin, Siraj (SY495P) 07f8a5e311 Fix for Lint warnings 
* Adding comments for missing exported functions

Change-Id: I40c5861a5c076b654e5a3fc660c3c9c6d7b80c8f
Relates-To: #148
2020-04-28 09:40:57 -05:00

160 lines
4.4 KiB
Go
Raw Blame History

/*
Copyright 2020 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package config
// TODO(howell): Switch to strongly-typed errors
import (
"errors"
"fmt"
"os"
)
// AuthInfoOptions holds all configurable options for
// authentication information or credential
type AuthInfoOptions struct {
Name string
ClientCertificate string
ClientKey string
Token string
Username string
Password string
EmbedCertData bool
}
// ContextOptions holds all configurable options for context
type ContextOptions struct {
Name string
ClusterType string
CurrentContext bool
Cluster string
AuthInfo string
Manifest string
Namespace string
Current bool
}
// ClusterOptions holds all configurable options for cluster configuration
type ClusterOptions struct {
Name string
ClusterType string
Server string
InsecureSkipTLSVerify bool
CertificateAuthority string
EmbedCAData bool
}
// Validate checks for the possible authentication values and returns
// Error when invalid value or incompatible choice of values given
// TODO(howell): The following functions are tightly coupled with flags passed
// on the command line. We should find a way to remove this coupling, since it
// is possible to create (and validate) these objects without using the command
// line.
// TODO(howell): strongly type the errors in this file
func (o *AuthInfoOptions) Validate() error {
// TODO(howell): This prevents a user of airshipctl from creating a
// credential with both a bearer-token and a user/password, but it does
// not prevent a user from adding a bearer-token to a credential which
// already had a user/pass and visa-versa. This could create bugs if a
// user at first chooses one method, but later switches to another.
if o.Token != "" && (o.Username != "" || o.Password != "") {
// TODO(howell): strongly type this error
return errors.New("you must specify either token or a username/password")
}
if !o.EmbedCertData {
return nil
}
if err := checkExists("client-certificate", o.ClientCertificate); err != nil {
return err
}
if err := checkExists("client-key", o.ClientKey); err != nil {
return err
}
return nil
}
// Validate checks for the possible context option values and returns
// Error when invalid value or incompatible choice of values given
func (o *ContextOptions) Validate() error {
if !o.Current && o.Name == "" {
return errors.New("you must specify a non-empty context name")
}
if o.Current && o.Name != "" {
return errors.New("you cannot specify context and --current Flag at the same time")
}
// If the user simply wants to change the current context, no further validation is needed
if o.CurrentContext {
return nil
}
// If the cluster-type was specified, verify that it's valid
if o.ClusterType != "" {
if err := ValidClusterType(o.ClusterType); err != nil {
return err
}
}
// TODO Manifest, Cluster could be validated against the existing config maps
return nil
}
// Validate checks for the possible cluster option values and returns
// Error when invalid value or incompatible choice of values given
func (o *ClusterOptions) Validate() error {
if o.Name == "" {
return errors.New("you must specify a non-empty cluster name")
}
err := ValidClusterType(o.ClusterType)
if err != nil {
return err
}
if o.InsecureSkipTLSVerify && o.CertificateAuthority != "" {
return errors.New("you cannot specify a certificate-authority and insecure-skip-tls-verify mode at the same time")
}
if !o.EmbedCAData {
return nil
}
if err := checkExists("certificate-authority", o.CertificateAuthority); err != nil {
return err
}
return nil
}
func checkExists(flagName, path string) error {
if path == "" {
return fmt.Errorf("you must specify a --%s to embed", flagName)
}
if _, err := os.Stat(path); err != nil {
return fmt.Errorf("could not read %s data from '%s': %v", flagName, path, err)
}
return nil
}
View Git Blame Copy Permalink