Merge pull request #249 from gianlucam76/all

Add-on constraints: all or nothing

Author: gianlucam76

controllers/handlers_utils.go

@@ -185,10 +185,45 @@ func deployContent(ctx context.Context, deployingToMgmtCluster bool, destConfig
 		Name:      referencedObject.GetName(),
 	}
 
+	err = validateUnstructred(ctx, deployingToMgmtCluster, destConfig, destClient, referencedUnstructured, ref,
+		configv1alpha1.FeatureResources, clusterSummary, logger)
+	if err != nil {
+		return nil, err
+	}
+
 	return deployUnstructured(ctx, deployingToMgmtCluster, destConfig, destClient, referencedUnstructured, ref,
 		configv1alpha1.FeatureResources, clusterSummary, logger)
 }
 
+func validateUnstructred(ctx context.Context, deployingToMgmtCluster bool, destConfig *rest.Config,
+	destClient client.Client, referencedUnstructured []*unstructured.Unstructured, referencedObject *corev1.ObjectReference,
+	featureID configv1alpha1.FeatureID, clusterSummary *configv1alpha1.ClusterSummary, logger logr.Logger,
+) error {
+
+	for i := range referencedUnstructured {
+		policy := referencedUnstructured[i]
+
+		logger.V(logs.LogDebug).Info(fmt.Sprintf("validating resource %s %s/%s",
+			policy.GetKind(), policy.GetNamespace(), policy.GetName()))
+
+		// OpenAPI validations are enforced when posting to managed clusters
+		if !deployingToMgmtCluster {
+			var openAPIValidations map[string][]byte
+			openAPIValidations, err := getOpenAPIValidations(clusterSummary.Spec.ClusterNamespace, clusterSummary.Spec.ClusterName,
+				&clusterSummary.Spec.ClusterType, logger)
+			if err != nil {
+				return err
+			}
+			err = runOpenAPIValidations(ctx, openAPIValidations, policy, logger)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}
+
 // deployUnstructured deploys referencedUnstructured objects.
 // Returns an error if one occurred. Otherwise it returns a slice containing the name of
 // the policies deployed in the form of kind.group:namespace:name for namespaced policies
@@ -212,20 +247,6 @@ func deployUnstructured(ctx context.Context, deployingToMgmtCluster bool, destCo
 
 		resource, policyHash := getResource(policy, referencedObject, featureID, logger)
 
-		// OpenAPI validations are enforced when posting to managed clusters
-		if !deployingToMgmtCluster {
-			var openAPIValidations map[string][]byte
-			openAPIValidations, err = getOpenAPIValidations(clusterSummary.Spec.ClusterNamespace, clusterSummary.Spec.ClusterName,
-				&clusterSummary.Spec.ClusterType, logger)
-			if err != nil {
-				return nil, err
-			}
-			err = runOpenAPIValidations(ctx, openAPIValidations, policy, logger)
-			if err != nil {
-				return nil, err
-			}
-		}
-
 		// If policy is namespaced, create namespace if not already existing
 		err = createNamespace(ctx, destClient, clusterSummary, policy.GetNamespace())
 		if err != nil {

controllers/openapi_validation.go

@@ -63,7 +63,10 @@ func getOpenAPIValidations(clusterNamespace, clusterName string,
 func runOpenAPIValidations(ctx context.Context, specs map[string][]byte,
 	resource *unstructured.Unstructured, logger logr.Logger) error {
 
-	logger.V(logs.LogDebug).Info("openAPIValidations")
+	logger = logger.WithValues("resource", fmt.Sprintf("%s:%s/%s", resource.GroupVersionKind().Kind,
+		resource.GetNamespace(), resource.GetName()))
+
+	logger.V(logs.LogVerbose).Info("openAPIValidations")
 
 	for key := range specs {
 		if err := openAPIValidation(ctx, specs[key], resource, logger); err != nil {

controllers/template_instantiation.go

@@ -185,7 +185,7 @@ func instantiateTemplateValues(ctx context.Context, config *rest.Config, c clien
 	}
 	instantiatedValues := buffer.String()
 
-	logger.V(logs.LogVerbose).Info("Values %q", instantiatedValues)
+	logger.V(logs.LogDebug).Info(fmt.Sprintf("Values %q", instantiatedValues))
 	return instantiatedValues, nil
 }