Struct k8s_openapi::api::admissionregistration::v1alpha1::Validation

source · 
pub struct Validation {
    pub expression: String,
    pub message: Option<String>,
    pub reason: Option<String>,
}
Expand description

Validation specifies the CEL expression which is used to apply the validation.

Fields§

§expression: String

Expression represents the expression which will be evaluated by CEL. ref: https://github.com/google/cel-spec CEL expressions have access to the contents of the Admission request/response, organized into CEL variables as well as some other useful variables:

‘object’ - The object from the incoming request. The value is null for DELETE requests. ‘oldObject’ - The existing object. The value is null for CREATE requests. ‘request’ - Attributes of the admission request([ref](/pkg/apis/admission/types.go#AdmissionRequest)). ‘params’ - Parameter resource referred to by the policy binding being evaluated. Only populated if the policy has a ParamKind.

The apiVersion, kind, metadata.name and metadata.generateName are always accessible from the root of the object. No other metadata properties are accessible.

Only property names of the form \[a-zA-Z_.-/\]\[a-zA-Z0-9_.-/\]* are accessible. Accessible property names are escaped according to the following rules when accessed in the expression: - ‘’ escapes to ‘underscores’ - ‘.’ escapes to ‘dot’ - ‘-’ escapes to ‘dash’ - ‘/’ escapes to ‘slash’ - Property names that exactly match a CEL RESERVED keyword escape to ‘{keyword}__’. The keywords are: “true”, “false”, “null”, “in”, “as”, “break”, “const”, “continue”, “else”, “for”, “function”, “if”, “import”, “let”, “loop”, “package”, “namespace”, “return”. Examples:

  • Expression accessing a property named “namespace”: {“Expression”: “object.namespace > 0”}
  • Expression accessing a property named “x-prop”: {“Expression”: “object.x__dash__prop > 0”}
  • Expression accessing a property named “redact__d”: {“Expression”: “object.redact__underscores__d > 0”}

Equality on arrays with list type of ‘set’ or ‘map’ ignores element order, i.e. [1, 2] == [2, 1]. Concatenation on arrays with x-kubernetes-list-type use the semantics of the list type:

  • ‘set’: X + Y performs a union where the array positions of all elements in X are preserved and non-intersecting elements in Y are appended, retaining their partial order.
  • ‘map’: X + Y performs a merge where the array positions of all keys in X are preserved but the values are overwritten by values in Y when the key sets of X and Y intersect. Elements in Y with non-intersecting keys are appended, retaining their partial order. Required.
§message: Option<String>

Message represents the message displayed when validation fails. The message is required if the Expression contains line breaks. The message must not contain line breaks. If unset, the message is “failed rule: {Rule}”. e.g. “must be a URL with the host matching spec.host” If the Expression contains line breaks. Message is required. The message must not contain line breaks. If unset, the message is “failed Expression: {Expression}”.

§reason: Option<String>

Reason represents a machine-readable description of why this validation failed. If this is the first validation in the list to fail, this reason, as well as the corresponding HTTP response code, are used in the HTTP response to the client. The currently supported reasons are: “Unauthorized”, “Forbidden”, “Invalid”, “RequestEntityTooLarge”. If not set, StatusReasonInvalid is used in the response to the client.

Trait Implementations§

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Merge other into self.
Returns the “default value” for a type. Read more
Deserialize this value from the given Serde deserializer. Read more
This method tests for self and other values to be equal, and is used by ==.
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.