outposts: validate kubeconfig before saving
This commit is contained in:
parent
c85506f43c
commit
927ab509a1
|
@ -1,7 +1,11 @@
|
||||||
"""Outpost forms"""
|
"""Outpost forms"""
|
||||||
|
|
||||||
from django import forms
|
from django import forms
|
||||||
|
from django.core.exceptions import ValidationError
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
|
from kubernetes.client.configuration import Configuration
|
||||||
|
from kubernetes.config.config_exception import ConfigException
|
||||||
|
from kubernetes.config.kube_config import load_kube_config_from_dict
|
||||||
|
|
||||||
from authentik.admin.fields import CodeMirrorWidget, YAMLField
|
from authentik.admin.fields import CodeMirrorWidget, YAMLField
|
||||||
from authentik.crypto.models import CertificateKeyPair
|
from authentik.crypto.models import CertificateKeyPair
|
||||||
|
@ -71,6 +75,23 @@ class DockerServiceConnectionForm(forms.ModelForm):
|
||||||
class KubernetesServiceConnectionForm(forms.ModelForm):
|
class KubernetesServiceConnectionForm(forms.ModelForm):
|
||||||
"""Kubernetes service-connection form"""
|
"""Kubernetes service-connection form"""
|
||||||
|
|
||||||
|
def clean_kubeconfig(self):
|
||||||
|
"""Validate kubeconfig by attempting to load it"""
|
||||||
|
kubeconfig = self.cleaned_data["kubeconfig"]
|
||||||
|
if kubeconfig == {}:
|
||||||
|
if not self.cleaned_data["local"]:
|
||||||
|
raise ValidationError(
|
||||||
|
_("You can only use an empty kubeconfig when local is enabled.")
|
||||||
|
)
|
||||||
|
# Empty kubeconfig is valid
|
||||||
|
return kubeconfig
|
||||||
|
config = Configuration()
|
||||||
|
try:
|
||||||
|
load_kube_config_from_dict(kubeconfig, client_configuration=config)
|
||||||
|
except ConfigException:
|
||||||
|
raise ValidationError(_("Invalid kubeconfig"))
|
||||||
|
return kubeconfig
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = KubernetesServiceConnection
|
model = KubernetesServiceConnection
|
||||||
|
|
Reference in a new issue