add validation

Author: nandajavarma

install/installer/pkg/components/proxy/service.go

@@ -6,7 +6,6 @@ package proxy
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/gitpod-io/gitpod/installer/pkg/common"
 	"github.com/gitpod-io/gitpod/installer/pkg/config/v1/experimental"
@@ -15,14 +14,22 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
+var allowedServiceTypes = map[corev1.ServiceType]struct{}{
+	corev1.ServiceTypeLoadBalancer: {},
+	corev1.ServiceTypeClusterIP:    {},
+	corev1.ServiceTypeNodePort:     {},
+	corev1.ServiceTypeExternalName: {},
+}
+
 func service(ctx *common.RenderContext) ([]runtime.Object, error) {
 	serviceType := corev1.ServiceTypeLoadBalancer
 	_ = ctx.WithExperimental(func(cfg *experimental.Config) error {
 		if cfg.Common != nil && cfg.Common.ServiceConfig != nil {
 			st, ok := cfg.Common.ServiceConfig["proxy"]
 			if ok {
-				if strings.ToLower(st.ServiceType) == "clusterip" {
-					serviceType = corev1.ServiceTypeClusterIP
+				_, allowed := allowedServiceTypes[corev1.ServiceType(*st.ServiceType)]
+				if allowed {
+					serviceType = *st.ServiceType
 				}
 			}
 		}

install/installer/pkg/config/v1/config.md

@@ -9,6 +9,7 @@ Config defines the v1 version structure of the gitpod config file
 |`kind`|string|N| `Meta`, `Workspace`, `Full` ||
 |`domain`|string|Y|  |  The domain to deploy to|
 |`metadata.region`|string|Y|  |  Location for your objectStorage provider|
+|`metadata.shortname`|string|N|  |  InstallationShortname establishes the "identity" of the (application) cluster.|
 |`repository`|string|Y|  ||
 |`observability.logLevel`|string|N| `trace`, `debug`, `info`, `warning`, `error`, `fatal`, `panic` |Taken from github.com/gitpod-io/gitpod/components/gitpod-protocol/src/util/logging.ts|
 |`observability.tracing.endpoint`|string|N|  ||
@@ -25,11 +26,17 @@ Config defines the v1 version structure of the gitpod config file
 |`objectStorage.s3.endpoint`|string|Y|  ||
 |`objectStorage.s3.credentials.kind`|string|N| `secret` ||
 |`objectStorage.s3.credentials.name`|string|Y|  ||
+|`objectStorage.s3.bucket`|string|N|  |  BucketName sets the name of an existing bucket to enable the "single bucket mode"  If no name is configured, the old "one bucket per user" behaviour kicks in.|
 |`objectStorage.cloudStorage.serviceAccount.kind`|string|N| `secret` ||
 |`objectStorage.cloudStorage.serviceAccount.name`|string|Y|  ||
 |`objectStorage.cloudStorage.project`|string|Y|  ||
 |`objectStorage.azure.credentials.kind`|string|N| `secret` ||
 |`objectStorage.azure.credentials.name`|string|Y|  ||
+|`objectStorage.maximumBackupCount`|int|N|  ||
+|`objectStorage.blobQuota`|int64|N|  ||
+|`objectStorage.resources.requests`||Y|  |  todo(sje): add custom validation to corev1.ResourceList|
+|`objectStorage.resources.limits`||N|  ||
+|`objectStorage.resources.dynamicLimits`||N|  ||
 |`containerRegistry.inCluster`|bool|Y|  ||
 |`containerRegistry.external.url`|string|Y|  ||
 |`containerRegistry.external.certificate.kind`|string|N| `secret` ||
@@ -49,10 +56,11 @@ Config defines the v1 version structure of the gitpod config file
 |`workspace.resources.dynamicLimits`||N|  ||
 |`workspace.templates.default`||N|  ||
 |`workspace.templates.prebuild`||N|  ||
-|`workspace.templates.ghost`||N|  ||
 |`workspace.templates.imagebuild`||N|  ||
 |`workspace.templates.regular`||N|  ||
-|`workspace.templates.probe`||N|  ||
+|`workspace.pvc.size`||Y|  |  Size is a size of persistent volume claim to use|
+|`workspace.pvc.storageClass`|string|N|  |  StorageClass is a storage class of persistent volume claim to use|
+|`workspace.pvc.snapshotClass`|string|N|  |  SnapshotClass is a snapshot class name that is used to create volume snapshot|
 |`workspace.maxLifetime`||Y|  |  MaxLifetime is the maximum time a workspace is allowed to run. After that, the workspace times out despite activity|
 |`workspace.timeoutDefault`||N|  |  TimeoutDefault is the default timeout of a regular workspace|
 |`workspace.timeoutExtended`||N|  |  TimeoutExtended is the workspace timeout that a user can extend to for one workspace|
@@ -67,6 +75,9 @@ Config defines the v1 version structure of the gitpod config file
 |`sshGatewayHostKey.kind`|string|N| `secret` ||
 |`sshGatewayHostKey.name`|string|Y|  ||
 |`disableDefinitelyGp`|bool|N|  ||
+|`customCACert.kind`|string|N| `secret` ||
+|`customCACert.name`|string|Y|  ||
+|`dropImageRepo`|bool|N|  ||
 |`apiVersion`|string|Y|  |API version of the Gitpod config defintion. `v1` in this version of Config|
 
 
@@ -81,8 +92,42 @@ Additional config parameters that are in experimental state
 |`experimental.workspace.tracing.samplerParam`|float64|N|  ||
 |`experimental.workspace.stage`|string|N|  ||
 |`experimental.workspace.stage`|string|N|  ||
+|`experimental.workspace.ioLimits`||N|  ||
 |`experimental.workspace.registryFacade`||N|  ||
-|`experimental.webapp`|WebAppConfig|N|  ||
-|`experimental.ide`|IDEConfig|N|  ||
-
-
+|`experimental.workspace.classes`||N|  ||
+|`experimental.webapp.publicApi.enabled`|bool|N|  ||
+|`experimental.webapp.server.workspaceDefaults.workspaceImage`|string|N|  ||
+|`experimental.webapp.server.oauthServer.jwtSecret`|string|N|  ||
+|`experimental.webapp.server.session.secret`|string|N|  ||
+|`experimental.webapp.server.githubApp.appId`|int32|N|  ||
+|`experimental.webapp.server.githubApp.authProviderId`|string|N|  ||
+|`experimental.webapp.server.githubApp.baseUrl`|string|N|  ||
+|`experimental.webapp.server.githubApp.certPath`|string|N|  ||
+|`experimental.webapp.server.githubApp.enabled`|bool|N|  ||
+|`experimental.webapp.server.githubApp.logLevel`|string|N|  ||
+|`experimental.webapp.server.githubApp.marketplaceName`|string|N|  ||
+|`experimental.webapp.server.githubApp.webhookSecret`|string|N|  ||
+|`experimental.webapp.server.githubApp.certSecretName`|string|N|  ||
+|`experimental.webapp.server.chargebeeSecret`|string|N|  ||
+|`experimental.webapp.server.stripeSecret`|string|N|  ||
+|`experimental.webapp.server.disableDynamicAuthProviderLogin`|bool|N|  ||
+|`experimental.webapp.server.enableLocalApp`|bool|N|  ||
+|`experimental.webapp.server.runDbDeleter`|bool|N|  ||
+|`experimental.webapp.server.defaultBaseImageRegistryWhitelist[ ]`|[]string|N|  ||
+|`experimental.webapp.server.disableWorkspaceGarbageCollection`|bool|N|  ||
+|`experimental.webapp.server.blockedRepositories[ ].urlRegExp`|string|N|  ||
+|`experimental.webapp.server.blockedRepositories[ ].blockUser`|bool|N|  ||
+|`experimental.webapp.proxy.staticIP`|string|N|  ||
+|`experimental.webapp.proxy.serviceAnnotations`||N|  ||
+|`experimental.webapp.wsManagerBridge.skipSelf`|bool|N|  ||
+|`experimental.webapp.tracing.samplerType`|string|N| `const`, `probabilistic`, `rateLimiting`, `remote` |Values taken from https://github.com/jaegertracing/jaeger-client-go/blob/967f9c36f0fa5a2617c9a0993b03f9a3279fadc8/config/config.go#L71|
+|`experimental.webapp.tracing.samplerParam`|float64|N|  ||
+|`experimental.webapp.usePodAntiAffinity`|bool|N|  ||
+|`experimental.webapp.disableMigration`|bool|N|  ||
+|`experimental.webapp.usage.enabled`|bool|N|  ||
+|`experimental.ide.resolveLatest`|bool|N|  |  Disable resolution of latest images and use bundled latest versions instead|
+|`experimental.ide.ideProxy.serviceAnnotations`||N|  ||
+|`experimental.ide.openvsxProxy.serviceAnnotations`||N|  ||
+|`experimental.common.podConfig`||N|  ||
+|`experimental.common.serviceConfig`||N|  |  ServiceConfig is only supported for "proxy" service at the moment|
+|`experimental.common.staticMessagebusPassword`|string|N|  ||

install/installer/pkg/config/v1/experimental/experimental.go

@@ -24,15 +24,17 @@ type Config struct {
 }
 
 type CommonConfig struct {
-	PodConfig                map[string]*PodConfig     `json:"podConfig,omitempty"`
+	PodConfig map[string]*PodConfig `json:"podConfig,omitempty"`
+	// ServiceConfig is only supported for "proxy" service at the moment
 	ServiceConfig            map[string]*ServiceConfig `json:"serviceConfig,omitempty"`
 	StaticMessagebusPassword string                    `json:"staticMessagebusPassword"`
 }
 
 // ServiceConfig enables modification of type of service to `ClusterIP` if needed,
 // currently supported only for `proxy` service
 type ServiceConfig struct {
-	ServiceType string `json:"serviceType,omitempty"`
+	// Allowed values are: "ClusterIP", "LoadBalancer", "NodePort", "ExternalName"
+	ServiceType *corev1.ServiceType `json:"serviceType,omitempty" validate:"omitempty,service_config_type"`
 }
 
 type PodConfig struct {

install/installer/pkg/config/v1/experimental/validation.go

@@ -5,6 +5,8 @@
 package experimental
 
 import (
+	corev1 "k8s.io/api/core/v1"
+
 	"github.com/gitpod-io/gitpod/installer/pkg/cluster"
 	"github.com/go-playground/validator/v10"
 )
@@ -16,11 +18,22 @@ var TracingSampleTypeList = map[TracingSampleType]struct{}{
 	TracingSampleTypeRemote:        {},
 }
 
+var ServiceTypeList = map[corev1.ServiceType]struct{}{
+	corev1.ServiceTypeLoadBalancer: {},
+	corev1.ServiceTypeClusterIP:    {},
+	corev1.ServiceTypeNodePort:     {},
+	corev1.ServiceTypeExternalName: {},
+}
+
 var ValidationChecks = map[string]validator.Func{
 	"tracing_sampler_type": func(fl validator.FieldLevel) bool {
 		_, ok := TracingSampleTypeList[TracingSampleType(fl.Field().String())]
 		return ok
 	},
+	"service_config_type": func(fl validator.FieldLevel) bool {
+		_, ok := ServiceTypeList[corev1.ServiceType(fl.Field().String())]
+		return ok
+	},
 }
 
 func ClusterValidation(cfg *Config) cluster.ValidationChecks {