IPAddress validation
Validate IPAddress name is in canonical format Validate ParentRef is required, and Resource and Name. Validate IPAddress is inmutable on update.
This commit is contained in:
Antonio Ojea
@@ -18,6 +18,7 @@ package validation
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/netip"
|
||||
"strings"
|
||||
|
||||
v1 "k8s.io/api/core/v1"
|
||||
@@ -741,3 +742,77 @@ func validateClusterCIDRUpdateSpec(update, old *networking.ClusterCIDRSpec, fldP
|
||||
|
||||
return allErrs
|
||||
}
|
||||
|
||||
// ValidateIPAddressName validates that the name is the decimal representation of an IP address.
|
||||
// IPAddress does not support generating names, prefix is not considered.
|
||||
func ValidateIPAddressName(name string, prefix bool) []string {
|
||||
var errs []string
|
||||
ip, err := netip.ParseAddr(name)
|
||||
if err != nil {
|
||||
errs = append(errs, err.Error())
|
||||
} else if ip.String() != name {
|
||||
errs = append(errs, "not a valid ip in canonical format")
|
||||
|
||||
}
|
||||
return errs
|
||||
}
|
||||
|
||||
func ValidateIPAddress(ipAddress *networking.IPAddress) field.ErrorList {
|
||||
allErrs := apivalidation.ValidateObjectMeta(&ipAddress.ObjectMeta, false, ValidateIPAddressName, field.NewPath("metadata"))
|
||||
errs := validateIPAddressParentReference(ipAddress.Spec.ParentRef, field.NewPath("spec"))
|
||||
allErrs = append(allErrs, errs...)
|
||||
return allErrs
|
||||
|
||||
}
|
||||
|
||||
// validateIPAddressParentReference ensures that the IPAddress ParenteReference exists and is valid.
|
||||
func validateIPAddressParentReference(params *networking.ParentReference, fldPath *field.Path) field.ErrorList {
|
||||
allErrs := field.ErrorList{}
|
||||
|
||||
if params == nil {
|
||||
allErrs = append(allErrs, field.Required(fldPath.Child("parentRef"), ""))
|
||||
return allErrs
|
||||
}
|
||||
|
||||
fldPath = fldPath.Child("parentRef")
|
||||
// group is required but the Core group used by Services is the empty value, so it can not be enforced
|
||||
if params.Group != "" {
|
||||
for _, msg := range validation.IsDNS1123Subdomain(params.Group) {
|
||||
allErrs = append(allErrs, field.Invalid(fldPath.Child("group"), params.Group, msg))
|
||||
}
|
||||
}
|
||||
|
||||
// resource is required
|
||||
if params.Resource == "" {
|
||||
allErrs = append(allErrs, field.Required(fldPath.Child("resource"), ""))
|
||||
} else {
|
||||
for _, msg := range pathvalidation.IsValidPathSegmentName(params.Resource) {
|
||||
allErrs = append(allErrs, field.Invalid(fldPath.Child("resource"), params.Resource, msg))
|
||||
}
|
||||
}
|
||||
|
||||
// name is required
|
||||
if params.Name == "" {
|
||||
allErrs = append(allErrs, field.Required(fldPath.Child("name"), ""))
|
||||
} else {
|
||||
for _, msg := range pathvalidation.IsValidPathSegmentName(params.Name) {
|
||||
allErrs = append(allErrs, field.Invalid(fldPath.Child("name"), params.Name, msg))
|
||||
}
|
||||
}
|
||||
|
||||
// namespace is optional
|
||||
if params.Namespace != "" {
|
||||
for _, msg := range pathvalidation.IsValidPathSegmentName(params.Namespace) {
|
||||
allErrs = append(allErrs, field.Invalid(fldPath.Child("namespace"), params.Namespace, msg))
|
||||
}
|
||||
}
|
||||
return allErrs
|
||||
}
|
||||
|
||||
// ValidateIPAddressUpdate tests if an update to an IPAddress is valid.
|
||||
func ValidateIPAddressUpdate(update, old *networking.IPAddress) field.ErrorList {
|
||||
var allErrs field.ErrorList
|
||||
allErrs = append(allErrs, apivalidation.ValidateObjectMetaUpdate(&update.ObjectMeta, &old.ObjectMeta, field.NewPath("metadata"))...)
|
||||
allErrs = append(allErrs, apivalidation.ValidateImmutableField(update.Spec.ParentRef, old.Spec.ParentRef, field.NewPath("spec").Child("parentRef"))...)
|
||||
return allErrs
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user