Skip to content

Commit

Permalink
Add security related webhook validator for kafka
Browse files Browse the repository at this point in the history 
Signed-off-by: obaydullahmhs <[email protected]>
  • Loading branch information
@obaydullahmhs
obaydullahmhs committed Nov 23, 2023
1 parent 15523cf commit bbb4182
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions apis/kubedb/v1alpha2/kafka_webhook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,19 @@ func (k *Kafka) ValidateDelete() error {
func (k *Kafka) ValidateCreateOrUpdate() error {
var allErr field.ErrorList
// TODO(user): fill in your validation logic upon object creation.
if k.Spec.EnableSSL {
if k.Spec.TLS == nil {
allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("enableSSL"),
k.Name,
".spec.tls can't be nil, if .spec.enableSSL is true"))
}
} else {
if k.Spec.TLS != nil {
allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("enableSSL"),
k.Name,
".spec.tls must be nil, if .spec.enableSSL is disabled"))
}
}
if k.Spec.Topology != nil {
if k.Spec.Topology.Controller == nil {
allErr = append(allErr, field.Invalid(field.NewPath("spec").Child("topology").Child("controller"),
Expand Down

0 comments on commit bbb4182

Please sign in to comment.