cmoulliard
commented
2 years ago When implementing a validation webhook it would be handy to as easily express the rules as possible.
- I think that we should better introduce/describe the problem and what we would like next to improve => solution(s)
- What should be the perimeter about what we want to cover here ? Do we want to propose as solution a: 1) Java Drools engine (= rules engine) OR 2) Java bean validation framework OR 3) Java Lib tool supporting https://www.openpolicyagent.org/docs/latest/ecosystem/ ...
csviri
Introduction
When implementing a validation webhook it would be handy to as easily express the rules as possible. The main goal here is (at least in first iterations) make it trivial to write validation hooks for kubernetes. We already simplified the to implement a validation hook, the main question is how to express rules more elegantly. Currently the appraoch is very open, see:
https://github.com/java-operator-sdk/admission-controller-framework/blob/4ddf69fe3717cdfa811ee53af92c5cfa8c352ce6/samples/spring-boot/src/main/java/io/javaoperatorsdk/admissioncontroller/sample/springboot/Config.java#L32-L36
There are more generic validation frameworks available, one is OPA Where users can write validations in rego language. Unfortunatelly it not trivial to learn this language (is basically a datalog/prolog).
Why might find an easier alternative, especially for java developers might be much easier to express such rules with some standard validation approaches. Unfortunately bean validation usage is limited here, since for POJOs we use ones from fabric8 client, so bean validation works nicely just for custom resources.
Goal
See issue in the framework: https://github.com/java-operator-sdk/admission-controller-framework/issues/3