Struct k8s_openapi::api::admissionregistration::v1alpha1::Validation
source · pub struct Validation {
pub expression: String,
pub message: Option<String>,
pub reason: Option<String>,
}
Expand description
Validation specifies the CEL expression which is used to apply the validation.
Fields§
§expression: String
Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the Admission request/response, organized into CEL variables as well as some other useful variables:
‘object’ - The object from the incoming request. The value is null for DELETE requests. ‘oldObject’ - The existing object. The value is null for CREATE requests. ‘request’ - Attributes of the admission request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). ‘params’ - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind.
The apiVersion
, kind
, metadata.name
and metadata.generateName
are always accessible from the root of the object. No other metadata properties are accessible.
Only property names of the form \[a-zA-Z_.-/\]\[a-zA-Z0-9_.-/\]*
are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - ‘’ escapes to ‘underscores’ - ‘.’ escapes to ‘dot’ - ‘-’ escapes to ‘dash’ - ‘/’ escapes to ‘slash’ - Property names that exactly match a CEL RESERVED keyword escape to ‘{keyword}__’. The keywords are:
“true”, “false”, “null”, “in”, “as”, “break”, “const”, “continue”, “else”, “for”, “function”, “if”,
“import”, “let”, “loop”, “package”, “namespace”, “return”.
Examples:
- Expression accessing a property named “namespace”: {“Expression”: “object.namespace > 0”}
- Expression accessing a property named “x-prop”: {“Expression”: “object.x__dash__prop > 0”}
- Expression accessing a property named “redact__d”: {“Expression”: “object.redact__underscores__d > 0”}
Equality on arrays with list type of ‘set’ or ‘map’ ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:
- ‘set’:
X + Y
performs a union where the array positions of all elements inX
are preserved and non-intersecting elements inY
are appended, retaining their partial order. - ‘map’:
X + Y
performs a merge where the array positions of all keys inX
are preserved but the values are overwritten by values inY
when the key sets ofX
andY
intersect. Elements inY
with non-intersecting keys are appended, retaining their partial order. Required.
message: Option<String>
Message represents the message displayed when validation fails. The message is required if the Expression contains line breaks. The message must not contain line breaks. If unset, the message is “failed rule: {Rule}”. e.g. “must be a URL with the host matching spec.host” If the Expression contains line breaks. Message is required. The message must not contain line breaks. If unset, the message is “failed Expression: {Expression}”.
reason: Option<String>
Reason represents a machine-readable description of why this validation failed. If this is the first validation in the list to fail, this reason, as well as the corresponding HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: “Unauthorized”, “Forbidden”, “Invalid”, “RequestEntityTooLarge”. If not set, StatusReasonInvalid is used in the response to the client.
Trait Implementations§
source§impl Clone for Validation
impl Clone for Validation
source§fn clone(&self) -> Validation
fn clone(&self) -> Validation
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for Validation
impl Debug for Validation
source§impl DeepMerge for Validation
impl DeepMerge for Validation
source§fn merge_from(&mut self, other: Self)
fn merge_from(&mut self, other: Self)
other
into self
.source§impl Default for Validation
impl Default for Validation
source§fn default() -> Validation
fn default() -> Validation
source§impl<'de> Deserialize<'de> for Validation
impl<'de> Deserialize<'de> for Validation
source§fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>where
D: Deserializer<'de>,
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>where
D: Deserializer<'de>,
source§impl PartialEq<Validation> for Validation
impl PartialEq<Validation> for Validation
source§fn eq(&self, other: &Validation) -> bool
fn eq(&self, other: &Validation) -> bool
self
and other
values to be equal, and is used
by ==
.