validation

package
v0.1.0-alpha.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2026 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package validation provides pure validation services for HAProxy configuration.

Index

Constants

View Source 
const (
	// DefaultBaseDir is the default base directory for HAProxy configuration.
	DefaultBaseDir = "/etc/haproxy"

	// DefaultMapsDir is the default relative directory name for map files.
	DefaultMapsDir = "maps"

	// DefaultSSLCertsDir is the default relative directory name for SSL certificates.
	DefaultSSLCertsDir = "ssl"

	// DefaultGeneralDir is the default relative directory name for general files.
	DefaultGeneralDir = "general"
)

Default directory paths for HAProxy validation.

View Source 
const (
	// DefaultValidationTimeout is the default timeout for validation operations.
	// This is used by event handlers and webhook validators to prevent indefinite hangs.
	// 30 seconds allows sufficient time for render + validate while preventing stuck requests.
	DefaultValidationTimeout = 30 * time.Second
)

Timeout constants for validation operations.

Variables

This section is empty.

Functions

This section is empty.

Types

type ValidationResult 

type ValidationResult struct {
	// Valid is true if the configuration passed all validation phases.
	Valid bool

	// Error contains the validation error if Valid is false.
	Error error

	// Phase indicates which validation phase failed (syntax, schema, semantic, render, setup).
	// Empty if validation succeeded.
	Phase string

	// DurationMs is the total validation duration in milliseconds.
	DurationMs int64

	// ParsedConfig is the pre-parsed configuration from syntax validation.
	// May be nil if validation failed or validation cache was used.
	// When non-nil, can be passed to downstream sync operations to avoid re-parsing.
	ParsedConfig *parser.StructuredConfig
}

ValidationResult contains the output of a validation operation.

func (*ValidationResult) ErrorMessage 

func (r *ValidationResult) ErrorMessage() string

ErrorMessage returns a user-friendly error message. Returns empty string if validation succeeded.

type ValidationService 

type ValidationService struct {
	// contains filtered or unexported fields
}

ValidationService is a pure service that validates HAProxy configuration.

This service encapsulates temp directory lifecycle internally: - Creates an isolated temp directory for each validation - Writes config and auxiliary files - Runs haproxy -c for semantic validation - Cleans up temp directory after validation

The service caches the last successful validation result keyed by a content checksum of the config and auxiliary files. When called with unchanged content, it returns the cached ParsedConfig immediately, skipping all validation phases. Only successful validations are cached; failures always trigger a full retry.

The service can be called concurrently from multiple goroutines.

func NewValidationService 

func NewValidationService(cfg *ValidationServiceConfig) *ValidationService

NewValidationService creates a new ValidationService.

func (*ValidationService) Validate 

func (s *ValidationService) Validate(ctx context.Context, config string, auxFiles *dataplane.AuxiliaryFiles) *ValidationResult

Validate validates HAProxy configuration.

This method: 1. Parses and validates the ORIGINAL config (syntax + schema) - this produces the ParsedConfig 2. Creates an isolated temp directory 3. Replaces production baseDir with temp directory in config (for default-path origin) 4. Writes the config and auxiliary files 5. Runs semantic validation with haproxy -c using the MODIFIED config 6. Cleans up the temp directory 7. Returns the original ParsedConfig (with production paths)

The key insight is that syntax/schema validation doesn't need actual files or temp paths - it just parses the config string. Only semantic validation (haproxy -c) needs temp paths for file I/O. By parsing the original config first, we ensure the returned ParsedConfig contains production paths that downstream components can use.

Parameters:

  • ctx: Context for cancellation
  • config: The rendered HAProxy configuration content
  • auxFiles: Auxiliary files (maps, certificates, general files)

Returns:

  • ValidationResult with success/failure status, timing, and ParsedConfig with production paths

func (*ValidationService) ValidateWithChecksum 

func (s *ValidationService) ValidateWithChecksum(ctx context.Context, config string, auxFiles *dataplane.AuxiliaryFiles, checksum string) *ValidationResult

ValidateWithChecksum validates HAProxy configuration using a pre-computed content checksum. This avoids redundant hashing when the caller (e.g., Pipeline) has already computed the checksum.

func (*ValidationService) ValidateWithStrictDNS 

func (s *ValidationService) ValidateWithStrictDNS(ctx context.Context, config string, auxFiles *dataplane.AuxiliaryFiles) *ValidationResult

ValidateWithStrictDNS validates configuration with strict DNS checking. This is a convenience method that temporarily overrides SkipDNSValidation. Use this for webhook validation where DNS failures should be caught early.

type ValidationServiceConfig 

type ValidationServiceConfig struct {
	// Logger is the structured logger for logging.
	Logger *slog.Logger

	// Version is the HAProxy version for schema selection (nil uses default v3.0).
	Version *dataplane.Version

	// SkipDNSValidation controls whether to skip DNS resolution failures during validation.
	// When true, servers with unresolvable hostnames start in DOWN state instead of failing.
	// When false (strict mode), DNS resolution failures cause validation to fail.
	SkipDNSValidation bool

	// BaseDir is the production base directory used in "default-path origin" directive.
	// During local validation, this is replaced with the temp directory path so that
	// HAProxy resolves relative paths from the temp directory instead of production paths.
	// Example: "/etc/haproxy"
	BaseDir string

	// MapsDir is the relative directory name for map files (e.g., "maps").
	// Should match the basename of the dataplane MapsDir config.
	MapsDir string

	// SSLCertsDir is the relative directory name for SSL certificates (e.g., "ssl").
	// Should match the basename of the dataplane SSLCertsDir config.
	SSLCertsDir string

	// GeneralDir is the relative directory name for general files (e.g., "general").
	// Should match the basename of the dataplane GeneralStorageDir config.
	GeneralDir string
}

ValidationServiceConfig contains configuration for creating a ValidationService.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.