func verifyObject()

in internal/controller/utils.go [31:153]

• 109 lines of code
• 43 McCabe index (conditional complexity)

func verifyObject(spec acpv1.AzureAppConfigurationProviderSpec) error {
	var err error
	if spec.Endpoint == nil && spec.ConnectionStringReference == nil {
		return loader.NewArgumentError("spec", fmt.Errorf("one of endpoint and connectionStringReference field must be set"))
	}
	if spec.ConnectionStringReference != nil {
		if spec.Endpoint != nil {
			return loader.NewArgumentError("spec", fmt.Errorf("both endpoint and connectionStringReference field are set"))
		}
		if spec.Auth != nil {
			return loader.NewArgumentError("spec.auth", fmt.Errorf("auth field is not allowed when connectionStringReference field is set"))
		}
	}

	if spec.Target.ConfigMapData != nil {
		if spec.Target.ConfigMapData.Type == acpv1.Default {
			if spec.Target.ConfigMapData.Key != "" {
				return loader.NewArgumentError("spec.target.configMapData.key", fmt.Errorf("key field is not allowed when type is default"))
			}
		} else {
			if spec.Target.ConfigMapData.Key == "" {
				return loader.NewArgumentError("spec.target.configMapData.key", fmt.Errorf("key field is required when type is json, yaml or properties"))
			}
		}

		if spec.Target.ConfigMapData.Separator != nil &&
			(spec.Target.ConfigMapData.Type == acpv1.Default ||
				spec.Target.ConfigMapData.Type == acpv1.Properties) {
			return loader.NewArgumentError("spec.target.configMapData.separator", fmt.Errorf("separator field is not allowed when type is %s", spec.Target.ConfigMapData.Type))
		}
	}

	for i := range spec.Configuration.Selectors {
		err = verifySelectorObject(spec.Configuration.Selectors[i])
		if err != nil {
			return loader.NewArgumentError("spec.configuration.selectors", err)
		}
	}

	if spec.FeatureFlag != nil {
		if spec.Target.ConfigMapData == nil || spec.Target.ConfigMapData.Type == acpv1.Default || spec.Target.ConfigMapData.Type == acpv1.Properties {
			return loader.NewArgumentError("spec.target.configMapData", fmt.Errorf("configMap data type must be json or yaml when FeatureFlag is set"))
		}

		if len(spec.FeatureFlag.Selectors) == 0 {
			return loader.NewArgumentError("spec.featureFlag.selectors", fmt.Errorf("featureFlag.selectors must be specified when FeatureFlag is set"))
		}

		// Check if feature flag label filters are valid
		for i := range spec.FeatureFlag.Selectors {
			err = verifySelectorObject(spec.FeatureFlag.Selectors[i])
			if err != nil {
				return loader.NewArgumentError("spec.featureFlag.selectors", err)
			}
		}

		// Check if feature flag refresh interval is valid
		if spec.FeatureFlag.Refresh != nil {
			err = verifyRefreshInterval(spec.FeatureFlag.Refresh.Interval, MinimalFeatureFlagRefreshInterval, "featureFlag.refresh.interval")
			if err != nil {
				return err
			}
		}
	}

	if spec.Endpoint != nil {
		err = verifyEndpoint(*spec.Endpoint)
		if err != nil {
			return err
		}
	}
	err = verifyAuthObject(spec.Auth)
	if err != nil {
		return err
	}
	if spec.Secret != nil && spec.Secret.Auth != nil {
		err = verifyAuthObject(spec.Secret.Auth.AzureAppConfigurationProviderAuth)
		if err != nil {
			return err
		}
		for _, v := range spec.Secret.Auth.KeyVaults {
			err = verifyEndpoint(v.Uri)
			if err != nil {
				return err
			}
			if v.AzureAppConfigurationProviderAuth == nil {
				return loader.NewArgumentError("secret.auth.keyVaults", fmt.Errorf("authentication method must be specified for Key Vault '%s'", v.Uri))
			}
			err = verifyAuthObject(v.AzureAppConfigurationProviderAuth)
			if err != nil {
				return err
			}
		}
	}

	if spec.Configuration.Refresh != nil {
		if spec.Configuration.Refresh.Monitoring != nil {
			sentinelMap := make(map[acpv1.Sentinel]bool)
			for _, sentinel := range spec.Configuration.Refresh.Monitoring.Sentinels {
				if _, ok := sentinelMap[sentinel]; ok {
					return loader.NewArgumentError("spec.configuration.refresh.monitoring.keyValues", fmt.Errorf("monitoring duplicated key '%s'", sentinel.Key))
				}
				sentinelMap[sentinel] = true
			}
		}

		if spec.Configuration.Refresh.Interval != "" {
			err = verifyRefreshInterval(spec.Configuration.Refresh.Interval, MinimalSentinelBasedRefreshInterval, "configuration.refresh.interval")
			if err != nil {
				return err
			}
		}
	}

	if spec.Secret != nil && spec.Secret.Refresh != nil {
		err = verifyRefreshInterval(spec.Secret.Refresh.Interval, MinimalSecretRefreshInterval, "secret.refresh.interval")
		if err != nil {
			return err
		}
	}

	return nil
}