mirror of
https://github.com/projectcapsule/capsule.git
synced 2026-05-13 12:56:42 +00:00
eb121a91f2
* chore(deps): update dependency golangci/golangci-lint to v2.2.1 * chore(deps): update github/codeql-action action to v3.29.1 (#1519) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update github/codeql-action digest to 4c57370 (#1518) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency b1nary-gr0up/nwa to v0.7.4 (#1520) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update dependency golangci/golangci-lint to v2.2.1 chore(deps): update dependency golangci/golangci-lint to v2.2.1 Signed-off-by: Hristo Hristov <me@hhristov.info> --------- Signed-off-by: Hristo Hristov <me@hhristov.info> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Hristo Hristov <me@hhristov.info>
122 lines
2.5 KiB
Go
122 lines
2.5 KiB
Go
// Copyright 2020-2025 Project Capsule Authors
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package api
|
|
|
|
import (
|
|
"regexp"
|
|
"sort"
|
|
"strings"
|
|
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
"k8s.io/apimachinery/pkg/labels"
|
|
"sigs.k8s.io/controller-runtime/pkg/client"
|
|
)
|
|
|
|
// +kubebuilder:object:generate=true
|
|
|
|
type DefaultAllowedListSpec struct {
|
|
SelectorAllowedListSpec `json:",inline"`
|
|
|
|
Default string `json:"default,omitempty"`
|
|
}
|
|
|
|
func (in *DefaultAllowedListSpec) MatchDefault(value string) bool {
|
|
return in.Default == value
|
|
}
|
|
|
|
// +kubebuilder:object:generate=true
|
|
|
|
type SelectorAllowedListSpec struct {
|
|
AllowedListSpec `json:",inline"`
|
|
metav1.LabelSelector `json:",inline"`
|
|
}
|
|
|
|
func (in *SelectorAllowedListSpec) MatchSelectByName(obj client.Object) bool {
|
|
if obj != nil {
|
|
return in.Match(obj.GetName()) || in.SelectorMatch(obj)
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
func (in *SelectorAllowedListSpec) SelectorMatch(obj client.Object) bool {
|
|
if obj != nil {
|
|
selector, err := metav1.LabelSelectorAsSelector(&in.LabelSelector)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
return selector.Matches(labels.Set(obj.GetLabels()))
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// +kubebuilder:object:generate=true
|
|
|
|
type AllowedListSpec struct {
|
|
Exact []string `json:"allowed,omitempty"`
|
|
Regex string `json:"allowedRegex,omitempty"`
|
|
}
|
|
|
|
func (in *AllowedListSpec) Match(value string) (ok bool) {
|
|
if in.ExactMatch(value) || in.RegexMatch(value) {
|
|
return true
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
func (in *AllowedListSpec) ExactMatch(value string) (ok bool) {
|
|
if len(in.Exact) > 0 {
|
|
sort.SliceStable(in.Exact, func(i, j int) bool {
|
|
return strings.ToLower(in.Exact[i]) < strings.ToLower(in.Exact[j])
|
|
})
|
|
|
|
i := sort.SearchStrings(in.Exact, value)
|
|
|
|
ok = i < len(in.Exact) && in.Exact[i] == value
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func (in *AllowedListSpec) RegexMatch(value string) (ok bool) {
|
|
if len(in.Regex) > 0 {
|
|
ok = regexp.MustCompile(in.Regex).MatchString(value)
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
// +kubebuilder:object:generate=true
|
|
type SelectionListWithDefaultSpec struct {
|
|
SelectionListWithSpec `json:",inline"`
|
|
|
|
Default string `json:"default,omitempty"`
|
|
}
|
|
|
|
func (in *SelectionListWithDefaultSpec) MatchDefault(value string) bool {
|
|
return in.Default == value
|
|
}
|
|
|
|
// +kubebuilder:object:generate=true
|
|
|
|
type SelectionListWithSpec struct {
|
|
metav1.LabelSelector `json:",inline"`
|
|
}
|
|
|
|
func (in *SelectionListWithSpec) SelectorMatch(obj client.Object) bool {
|
|
if obj != nil {
|
|
selector, err := metav1.LabelSelectorAsSelector(&in.LabelSelector)
|
|
if err != nil {
|
|
return false
|
|
}
|
|
|
|
return selector.Matches(labels.Set(obj.GetLabels()))
|
|
}
|
|
|
|
return false
|
|
}
|