kumahq · bartsmykla · Oct 31, 2023 · Oct 31, 2023 · Oct 31, 2023 · Oct 31, 2023
@@ -18,7 +18,11 @@ const (
 	defaultKumaCniConfName = "YYY-kuma-cni.conflist"
 )
 
+var _ config.Config = InstallerConfig{}
+
 type InstallerConfig struct {
+	config.BaseConfig
+
 	CfgCheckInterval          int    `envconfig:"cfgcheck_interval" default:"1"`
 	ChainedCniPlugin          bool   `envconfig:"chained_cni_plugin" default:"true"`
 	CniConfName               string `envconfig:"cni_conf_name" default:""`
@@ -34,9 +38,6 @@ type InstallerConfig struct {
 	ShouldSleep               bool   `envconfig:"sleep" default:"true"`
 }
 
-func (i InstallerConfig) Sanitize() {
-}
-
 func (i InstallerConfig) Validate() error {
 	if i.CfgCheckInterval <= 0 {
 		return errors.New("CFGCHECK_INTERVAL env variable needs to be greater than 0")

@@ -44,17 +44,16 @@ func DefaultAccessConfig() AccessConfig {
 	}
 }
 
-// AccessConfig defines a configuration for acccess control
+// AccessConfig defines a configuration for access control
 type AccessConfig struct {
+	config.BaseConfig
+
 	// Type of the access strategy (available values: "static")
 	Type string `json:"type" envconfig:"KUMA_ACCESS_TYPE"`
 	// Configuration of static access strategy
 	Static StaticAccessConfig `json:"static"`
 }
 
-func (r AccessConfig) Sanitize() {
-}
-
 func (r AccessConfig) Validate() error {
 	if r.Type == "" {
 		return errors.New("Type has to be defined")

@@ -12,8 +12,10 @@ import (
 
 var _ config.Config = &ApiServerConfig{}
 
-// API Server configuration
+// ApiServerConfig defines API Server configuration
 type ApiServerConfig struct {
+	config.BaseConfig
+
 	// If true, then API Server will operate in read only mode (serving GET requests)
 	ReadOnly bool `json:"readOnly" envconfig:"kuma_api_server_read_only"`
 	// Allowed domains for Cross-Origin Resource Sharing. The value can be either domain or regexp
@@ -60,7 +62,7 @@ func (a *ApiServerGUI) Validate() error {
 	return errs
 }
 
-// API Server HTTP configuration
+// ApiServerHTTPConfig defines API Server HTTP configuration
 type ApiServerHTTPConfig struct {
 	// If true then API Server will be served on HTTP
 	Enabled bool `json:"enabled" envconfig:"kuma_api_server_http_enabled"`
@@ -81,7 +83,7 @@ func (a *ApiServerHTTPConfig) Validate() error {
 	return errs
 }
 
-// API Server HTTPS configuration
+// ApiServerHTTPSConfig defines API Server HTTPS configuration
 type ApiServerHTTPSConfig struct {
 	// If true then API Server will be served on HTTPS
 	Enabled bool `json:"enabled" envconfig:"kuma_api_server_https_enabled"`
@@ -128,13 +130,13 @@ func (a *ApiServerHTTPSConfig) Validate() error {
 	return errs
 }
 
-// API Server authentication configuration
+// ApiServerAuth defines API Server authentication configuration
 type ApiServerAuth struct {
 	// Directory of authorized client certificates (only valid in HTTPS)
 	ClientCertsDir string `json:"clientCertsDir" envconfig:"kuma_api_server_auth_client_certs_dir"`
 }
 
-// Api Server Authentication configuration
+// ApiServerAuthn defines Api Server Authentication configuration
 type ApiServerAuthn struct {
 	// Type of authentication mechanism (available values: "clientCerts", "tokens")
 	Type string `json:"type" envconfig:"kuma_api_server_authn_type"`
@@ -169,7 +171,11 @@ func (a ApiServerAuthnTokens) Validate() error {
 	return nil
 }
 
+var _ config.Config = TokensValidator{}
+
 type TokensValidator struct {
+	config.BaseConfig
+
 	// If true then Kuma secrets with prefix "user-token-signing-key" are considered as signing keys.
 	UseSecrets bool `json:"useSecrets" envconfig:"kuma_api_server_authn_tokens_validator_use_secrets"`
 	// List of public keys used to validate the token.
@@ -185,9 +191,6 @@ func (t TokensValidator) Validate() error {
 	return nil
 }
 
-func (a *ApiServerConfig) Sanitize() {
-}
-
 func (a *ApiServerConfig) Validate() error {
 	var errs error
 	if err := a.HTTP.Validate(); err != nil {

@@ -30,29 +30,23 @@ var _ config.Config = &Config{}
 var _ config.Config = &Defaults{}
 
 type Defaults struct {
+	config.BaseConfig
+
 	// If true, it skips creating the default Mesh
 	SkipMeshCreation bool `json:"skipMeshCreation" envconfig:"kuma_defaults_skip_mesh_creation"`
 	// If true, it skips creating the default tenant resources
 	SkipTenantResources bool `json:"skipTenantResources" envconfig:"kuma_defaults_skip_tenant_resources"`
 }
 
-func (d *Defaults) Sanitize() {
-}
-
-func (d *Defaults) Validate() error {
-	return nil
-}
-
 type Metrics struct {
+	config.BaseConfig
+
 	Dataplane    *DataplaneMetrics    `json:"dataplane"`
 	Zone         *ZoneMetrics         `json:"zone"`
 	Mesh         *MeshMetrics         `json:"mesh"`
 	ControlPlane *ControlPlaneMetrics `json:"controlPlane"`
 }
 
-func (m *Metrics) Sanitize() {
-}
-
 func (m *Metrics) Validate() error {
 	if err := m.Dataplane.Validate(); err != nil {
 		return errors.Wrap(err, "Dataplane validation failed")
@@ -61,13 +55,12 @@ func (m *Metrics) Validate() error {
 }
 
 type DataplaneMetrics struct {
+	config.BaseConfig
+
 	SubscriptionLimit int                   `json:"subscriptionLimit" envconfig:"kuma_metrics_dataplane_subscription_limit"`
 	IdleTimeout       config_types.Duration `json:"idleTimeout" envconfig:"kuma_metrics_dataplane_idle_timeout"`
 }
 
-func (d *DataplaneMetrics) Sanitize() {
-}
-
 func (d *DataplaneMetrics) Validate() error {
 	if d.SubscriptionLimit < 0 {
 		return errors.New("SubscriptionLimit should be positive or equal 0")
@@ -76,15 +69,14 @@ func (d *DataplaneMetrics) Validate() error {
 }
 
 type ZoneMetrics struct {
+	config.BaseConfig
+
 	SubscriptionLimit int                   `json:"subscriptionLimit" envconfig:"kuma_metrics_zone_subscription_limit"`
 	IdleTimeout       config_types.Duration `json:"idleTimeout" envconfig:"kuma_metrics_zone_idle_timeout"`
 	// CompactFinishedSubscriptions compacts finished metrics (do not store config and details of KDS exchange).
 	CompactFinishedSubscriptions bool `json:"compactFinishedSubscriptions" envconfig:"kuma_metrics_zone_compact_finished_subscriptions"`
 }
 
-func (d *ZoneMetrics) Sanitize() {
-}
-
 func (d *ZoneMetrics) Validate() error {
 	if d.SubscriptionLimit < 0 {
 		return errors.New("SubscriptionLimit should be positive or equal 0")
@@ -93,6 +85,8 @@ func (d *ZoneMetrics) Validate() error {
 }
 
 type MeshMetrics struct {
+	config.BaseConfig
+
 	// Deprecated: use MinResyncInterval instead
 	MinResyncTimeout config_types.Duration `json:"minResyncTimeout" envconfig:"kuma_metrics_mesh_min_resync_timeout"`
 	// Deprecated: use FullResyncInterval instead
@@ -113,9 +107,6 @@ type ControlPlaneMetrics struct {
 	ReportResourcesCount bool `json:"reportResourcesCount" envconfig:"kuma_metrics_control_plane_report_resources_count"`
 }
 
-func (d *MeshMetrics) Sanitize() {
-}
-
 func (d *MeshMetrics) Validate() error {
 	if d.MinResyncTimeout.Duration != 0 && d.MaxResyncTimeout.Duration <= d.MinResyncTimeout.Duration {
 		return errors.New("FullResyncInterval should be greater than MinResyncInterval")
@@ -193,6 +184,23 @@ func (c *Config) Sanitize() {
 	c.Diagnostics.Sanitize()
 }
 
+func (c *Config) PostProcess() error {
+	return multierr.Combine(
+		c.General.PostProcess(),
+		c.Store.PostProcess(),
+		c.BootstrapServer.PostProcess(),
+		c.XdsServer.PostProcess(),
+		c.MonitoringAssignmentServer.PostProcess(),
+		c.ApiServer.PostProcess(),
+		c.Runtime.PostProcess(),
+		c.Metrics.PostProcess(),
+		c.Defaults.PostProcess(),
+		c.DNSServer.PostProcess(),
+		c.Multizone.PostProcess(),
+		c.Diagnostics.PostProcess(),
+	)
+}
+
 var DefaultConfig = func() Config {
 	return Config{
 		Environment:                core.UniversalEnvironment,
@@ -332,6 +340,8 @@ func (c *Config) Validate() error {
 }
 
 type GeneralConfig struct {
+	config.BaseConfig
+
 	// DNSCacheTTL represents duration for how long Kuma CP will cache result of resolving dataplane's domain name
 	DNSCacheTTL config_types.Duration `json:"dnsCacheTTL" envconfig:"kuma_general_dns_cache_ttl"`
 	// TlsCertFile defines a path to a file with PEM-encoded TLS cert that will be used across all the Kuma Servers.
@@ -352,9 +362,6 @@ type GeneralConfig struct {
 
 var _ config.Config = &GeneralConfig{}
 
-func (g *GeneralConfig) Sanitize() {
-}
-
 func (g *GeneralConfig) Validate() error {
 	var errs error
 	if g.TlsCertFile == "" && g.TlsKeyFile != "" {
@@ -385,6 +392,8 @@ func DefaultGeneralConfig() *GeneralConfig {
 }
 
 type ExperimentalConfig struct {
+	config.BaseConfig
+
 	// If true, experimental Gateway API is enabled
 	GatewayAPI bool `json:"gatewayAPI" envconfig:"KUMA_EXPERIMENTAL_GATEWAY_API"`
 	// If true, instead of embedding kubernetes outbounds into Dataplane object, they are persisted next to VIPs in ConfigMap
@@ -421,10 +430,6 @@ type ExperimentalKDSEventBasedWatchdog struct {
 	DelayFullResync bool `json:"delayFullResync" envconfig:"KUMA_EXPERIMENTAL_KDS_EVENT_BASED_WATCHDOG_DELAY_FULL_RESYNC"`
 }
 
-func (e ExperimentalConfig) Validate() error {
-	return nil
-}
-
 func (c Config) GetEnvoyAdminPort() uint32 {
 	if c.BootstrapServer == nil || c.BootstrapServer.Params == nil {
 		return 0