build(crds): Add check for CRDs

This commit is to add a simple check for generated CRDs to make sure that all CRDs must have category field specified, also, it must have cilium category. Signed-off-by: Tam Mach <sayboras@yahoo.com>
gazandic · Oct 18, 2021 · a31082a · a31082a
1 parent f45630e
commit a31082a
Show file tree

Hide file tree

Showing 2 changed files with 84 additions and 1 deletion.
diff --git a/Makefile b/Makefile
@@ -298,7 +298,8 @@ CRD_OPTIONS ?= "crd:crdVersions=v1"
 manifests: ## Generate K8s manifests e.g. CRD, RBAC etc.
 	$(eval TMPDIR := $(shell mktemp -d))
 	cd "./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen" && \
-	go run ./... $(CRD_OPTIONS) paths="$(PWD)/pkg/k8s/apis/cilium.io/v2;$(PWD)/pkg/k8s/apis/cilium.io/v2alpha1" output:crd:artifacts:config="$(TMPDIR)";
+	$(QUIET)$(GO) run ./... $(CRD_OPTIONS) paths="$(PWD)/pkg/k8s/apis/cilium.io/v2;$(PWD)/pkg/k8s/apis/cilium.io/v2alpha1" output:crd:artifacts:config="$(TMPDIR)";
+	$(QUIET)$(GO) run ./tools/crdcheck "$(TMPDIR)"
 	mv ${TMPDIR}/cilium.io_ciliumnetworkpolicies.yaml ./pkg/k8s/apis/cilium.io/client/crds/v2/ciliumnetworkpolicies.yaml
 	mv ${TMPDIR}/cilium.io_ciliumclusterwidenetworkpolicies.yaml ./pkg/k8s/apis/cilium.io/client/crds/v2/ciliumclusterwidenetworkpolicies.yaml
 	mv ${TMPDIR}/cilium.io_ciliumendpoints.yaml ./pkg/k8s/apis/cilium.io/client/crds/v2/ciliumendpoints.yaml

diff --git a/tools/crdcheck/main.go b/tools/crdcheck/main.go
@@ -0,0 +1,82 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright 2020-2021 Authors of Cilium
+
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"log"
+	"os"
+	"path/filepath"
+
+	crdv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	"k8s.io/client-go/kubernetes/scheme"
+)
+
+const mandatoryCategory = "cilium"
+
+type checkCRDFunc func(*crdv1.CustomResourceDefinition) error
+
+var allChecks = []checkCRDFunc{
+	checkForCategory,
+}
+
+func main() {
+	if len(os.Args) != 2 {
+		log.Fatal(fmt.Sprintf("usage: %s <path>", os.Args[0]))
+	}
+
+	_ = crdv1.AddToScheme(scheme.Scheme)
+
+	if err := filepath.Walk(os.Args[1], func(path string, info os.FileInfo, _ error) error {
+		if info.IsDir() {
+			return nil
+		}
+
+		if ext := filepath.Ext(path); ext != ".yaml" && ext != ".yml" {
+			return nil
+		}
+
+		fileContent, err := ioutil.ReadFile(path)
+		if err != nil {
+			return err
+		}
+
+		obj, _, err := scheme.Codecs.UniversalDeserializer().Decode(fileContent, nil, nil)
+		if err != nil {
+			return err
+		}
+
+		crd, ok := obj.(*crdv1.CustomResourceDefinition)
+		if !ok {
+			return nil
+		}
+
+		for _, f := range allChecks {
+			if err = f(crd); err != nil {
+				return err
+			}
+		}
+		return nil
+	}); err != nil {
+		log.Fatal(err)
+	}
+}
+
+func checkForCategory(crd *crdv1.CustomResourceDefinition) error {
+	if len(crd.Spec.Names.Categories) == 0 || !sliceContains(crd.Spec.Names.Categories, mandatoryCategory) {
+		return fmt.Errorf("category %s missing for %s", mandatoryCategory, crd.GetName())
+	}
+
+	return nil
+}
+
+func sliceContains(slice []string, item string) bool {
+	for _, a := range slice {
+		if a == item {
+			return true
+		}
+	}
+	return false
+}