add configuration validation for webhook (#15)

meanwhile, the webhook's error message is now clearer and more precise.
wjiec · Mar 21, 2024 · 345d1cc · 345d1cc
1 parent f847011
commit 345d1cc
Show file tree

Hide file tree

Showing 8 changed files with 22 additions and 20 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -15,3 +15,6 @@ indent_style = tab
 
 [{*.yaml,*.yml,*.json}]
 indent_size = 2
+
+[VERSION]
+insert_final_newline = false
diff --git a/.github/workflows/go.yaml b/.github/workflows/go.yaml
@@ -8,8 +8,6 @@ on:
     push:
     branches:
       - main
-    tags:
-      - 'v*'
 
 jobs:
   test:
@@ -19,7 +17,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
-      - name: Setup Go ${{ matrix.go-version }}
+      - name: Setup Go
         uses: actions/setup-go@v5
         with:
           go-version-file: go.mod

diff --git a/README.md b/README.md
@@ -138,6 +138,7 @@ The following table lists the correspondences between alidns-webhook and k8s ver
 
 | Alidns-Webhook version | k8s supported version  | Helm Chart Version |
 |------------------------|------------------------|--------------------|
+| **v1.0.0**             | 1.29, 1.28, 1.27, 1.26 | 1.0.*              |
 | **v0.1.0**             | 1.29, 1.28, 1.27, 1.26 | 0.1.*              |
 
 

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.1.0
+1.0.0
diff --git a/alidns.go b/alidns.go
@@ -118,7 +118,7 @@ func (s *AliSolver) loadAliDNS(challenge *acme.ChallengeRequest) (*AliDNS, error
 		return nil, err
 	}
 
-	accessKeySecret, err := s.loadSecretData(cfg.SecretAccessKeyRef, challenge.ResourceNamespace)
+	accessKeySecret, err := s.loadSecretData(cfg.AccessKeySecretRef, challenge.ResourceNamespace)
 	if err != nil {
 		return nil, err
 	}

diff --git a/charts/alidns-webhook/Chart.yaml b/charts/alidns-webhook/Chart.yaml
@@ -18,7 +18,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
+version: 1.0.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/config.go b/config.go
@@ -26,24 +26,24 @@ import (
 // be used by your provider here, you should reference a Kubernetes Secret
 // resource and fetch these credentials using a Kubernetes clientset.
 type Config struct {
-	Region         string                   `json:"region"` // optional
-	AccessKeyIdRef cmmeta.SecretKeySelector `json:"accessKeyIdRef"`
-	// AccessKeySecretRef will serve as the alias name for SecretAccessKeyRef
+	Region             string                   `json:"region"` // optional
+	AccessKeyIdRef     cmmeta.SecretKeySelector `json:"accessKeyIdRef"`
 	AccessKeySecretRef cmmeta.SecretKeySelector `json:"accessKeySecretRef"`
+	// SecretAccessKeyRef will serve as the alias name for AccessKeySecretRef
 	SecretAccessKeyRef cmmeta.SecretKeySelector `json:"secretAccessKeyRef"`
 }
 
 // Validate checks if the config of the webhook is valid.
 func (cfg *Config) Validate() error {
 	if len(cfg.AccessKeyIdRef.Name) == 0 {
-		return errors.New("testAccessKeyIdRef may not be empty")
+		return errors.New("accessKeyIdRef may not be empty")
 	}
 
-	if len(cfg.SecretAccessKeyRef.Name) == 0 {
-		cfg.AccessKeySecretRef.DeepCopyInto(&cfg.SecretAccessKeyRef)
+	if len(cfg.AccessKeySecretRef.Name) == 0 {
+		cfg.SecretAccessKeyRef.DeepCopyInto(&cfg.AccessKeySecretRef)
 	}
-	if len(cfg.SecretAccessKeyRef.Name) == 0 {
-		return errors.New("AccessKeySecretRef may not be empty")
+	if len(cfg.AccessKeySecretRef.Name) == 0 {
+		return errors.New("accessKeySecretRef may not be empty")
 	}
 
 	return nil

diff --git a/config_test.go b/config_test.go
@@ -19,19 +19,19 @@ var (
 		},
 		Key: "access-key-id",
 	}
-	testSecretAccessKeyRef = cmmeta.SecretKeySelector{
+	testAccessKeySecretRef = cmmeta.SecretKeySelector{
 		LocalObjectReference: cmmeta.LocalObjectReference{
 			Name: "alidns-secret",
 		},
-		Key: "secret-access-key",
+		Key: "access-key-secret",
 	}
 )
 
 func TestConfig_Validate(t *testing.T) {
 	t.Run("happy", func(t *testing.T) {
 		correct := &Config{
 			AccessKeyIdRef:     testAccessKeyIdRef,
-			SecretAccessKeyRef: testSecretAccessKeyRef,
+			AccessKeySecretRef: testAccessKeySecretRef,
 		}
 
 		loaded, err := loadConfig(&extapi.JSON{Raw: mustMarshal(correct)})
@@ -43,7 +43,7 @@ func TestConfig_Validate(t *testing.T) {
 	t.Run("compatible", func(t *testing.T) {
 		correct := &Config{
 			AccessKeyIdRef:     testAccessKeyIdRef,
-			AccessKeySecretRef: testSecretAccessKeyRef,
+			SecretAccessKeyRef: testAccessKeySecretRef,
 		}
 
 		loaded, err := loadConfig(&extapi.JSON{Raw: mustMarshal(correct)})
@@ -59,14 +59,14 @@ func TestConfig_Validate(t *testing.T) {
 
 	t.Run("no accessKeyId", func(t *testing.T) {
 		bad := &Config{
-			SecretAccessKeyRef: testSecretAccessKeyRef,
+			SecretAccessKeyRef: testAccessKeySecretRef,
 		}
 
 		_, err := loadConfig(&extapi.JSON{Raw: mustMarshal(bad)})
 		assert.Error(t, err)
 	})
 
-	t.Run("no secretAccessKey", func(t *testing.T) {
+	t.Run("no accessKeySecret", func(t *testing.T) {
 		bad := &Config{
 			AccessKeyIdRef: testAccessKeyIdRef,
 		}