Commit Graph

150 Commits

Author SHA1 Message Date
Davanum Srinivas
9405e9b55e
Check in OWNERS modified by update-yamlfmt.sh
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2021-12-09 21:31:26 -05:00
Harry Bagdi
d09a8c0a88 Graduate IngressClassNamespacedParams to GA 2021-11-10 08:58:39 -08:00
Jordan Liggitt
ba1ca0d459 Propagate conversion errors 2021-09-13 12:04:16 -04:00
Stephen Augustus
481cf6fbe7
generated: Run hack/update-gofmt.sh
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2021-08-24 15:47:49 -04:00
Antonio Ojea
0cd75e8fec run hack/update-netparse-cve.sh 2021-08-20 10:42:09 +02:00
Jordan Liggitt
87a4e082ac Change defaulter-gen input to package path 2021-08-14 11:00:18 -04:00
Jordan Liggitt
c702dd4394 Drop legacy validation logic for networking API 2021-08-09 12:37:45 -04:00
Vikram Jadhav
a9a3c4bb9a Refactor of TestValidateIngressClass and TestValidateIngressClassUpdate methods by adding Boilerplate in helper functions #FIXES: 99005 2021-07-07 22:35:35 +05:30
Kubernetes Prow Robot
21f41b8e82
Merge pull request #101711 from hbagdi/ingressclass-namespaced-params-beta
graduate IngressClassNamespacedParams to beta
2021-06-29 17:07:03 -07:00
Harry Bagdi
f0d917a3ca add fuzzer patch to fix tests 2021-06-29 12:59:59 -07:00
Ricardo Pchevuzinske Katz
9f18ddf03c Promote endPort field in netpolicies to beta
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
2021-06-15 10:47:17 -03:00
Kubernetes Prow Robot
09268c1685
Merge pull request #101627 from rikatz/fix-ingress-doc
Change ingress api doc to reflect the correct path validation
2021-05-13 05:44:25 -07:00
Harry Bagdi
60377ba1a3 graduate IngressClassNamespacedParams to beta 2021-05-03 15:00:40 -07:00
Ricardo Pchevuzinske Katz
11316a6d84 Change ingress api doc to reflect the correct path validation
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>
2021-04-30 16:24:03 -03:00
卢振兴10069964
4e447acab0 code cleanup for pkg/api and pkg/apis 2021-04-28 08:57:23 +08:00
Kubernetes Prow Robot
6409ec97e8
Merge pull request #99165 from danielamlins/test_validate_network_policy_refactor
TestValidateNetworkPolicy refactor
2021-04-08 14:27:49 -07:00
Daniela Lins
6c105c9e8a Linewrap for makePort calls and lint fixes
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-25 17:12:02 +01:00
Daniela Lins
22cc8dc3a8 Specify IPV4 on tweak names
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-25 16:57:11 +01:00
Daniela Lins
f4e469ee14 Standardize Namespace and Podselector tweaks
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-25 16:50:28 +01:00
Daniela Lins
5f47d0e8ef Reduce vertical space
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-25 16:41:06 +01:00
Daniela Lins
cb48e3cfca Handle int and string port in makePort
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-25 16:35:23 +01:00
Daniela Lins
853d2a6a0a Delete not used tweak
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-08 15:03:12 +01:00
Daniela Lins
36e040f86e Fix empty setter logic
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-07 13:13:09 +01:00
Harry Bagdi
a7fc92089a Add namespace scoped ParametersReference to IngressClass 2021-03-07 00:45:32 +05:30
Daniela Lins
0444bdc944 Remove success case comments
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-06 19:18:19 +01:00
Daniela Lins
f8e7d30e46 Make tweaks only reset slices if empty
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-06 18:58:33 +01:00
Daniela Lins
6d330d9738 Refactored setIngressPorts and setEgressPorts
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-03-06 16:51:35 +01:00
Joe Julian
e7945befbc
Re-clarify NetworkPolicy policyTypes in docs 2021-03-05 09:07:12 -08:00
Kubernetes Prow Robot
e4bf1eb98e
Merge pull request #97139 from filintod/master
Update networking ingress types for Ingress Backend Service Port name
2021-03-01 21:09:23 -08:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
Daniela Lins
611f061c45 Change error msg and comments to easily find test
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-02-24 13:09:13 +01:00
Daniela Lins
f7482a6766 Went through the review notes
- Adapt tweaks to be clearer
- Use intstr.fromInt and intstr.fromStr
- Added more tests to invalid ports

Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-02-21 12:22:17 +01:00
Daniela Lins
c9a5bf14d8 Fixed gofmt issues
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-02-18 10:02:27 +01:00
Daniela Lins
8572c973d8 Add IPV6 IPBlock to success cases
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-02-17 23:02:57 +01:00
Daniela Lins
77da0540e6 Add tweaks and use them to build error structs
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-02-16 19:46:35 +01:00
Daniela Lins
50d93d989f Add tweaking functions to TestValidateNetworkPolicy
Signed-off-by: Daniela Lins <danielamlins@gmail.com>
2021-02-13 17:57:04 +01:00
Carlos Panato
e57ea32158
networking/validation: add endport range validation 2021-02-04 10:28:26 +01:00
Ricardo Katz
b7c82bb83c
Add EndPort to Network Policy - Alpha (#97058)
* Fix merge conflict in kube_features

* Add alpha support for EndPort in Network Policy

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add alpha support for EndPort in Network Policy

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add alpha support for EndPort in Network Policy

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Correct some nits

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com>

* Add alpha support for EndPort in Network Policy

* Add alpha support for EndPort in Network Policy

* Add alpha support for EndPort in Network Policy

* Add alpha support for EndPort in Network Policy
2021-02-01 19:24:28 -08:00
Filinto Duran
2d4794513e Update types.go
Minor comment on BackendPort Name that should follow IANA.  Service port names do not have this restriction so there is a mismatch.
2020-12-10 04:06:39 -06:00
Dan Winship
3a110546ed Move SCTP to GA 2020-10-15 08:56:33 -04:00
Matthew Fenwick
d407129cf7 modify DNS-1123 error messages to indicate that RFC 1123 is not followed exactly 2020-09-02 08:04:04 -04:00
Kubernetes Prow Robot
008708d036
Merge pull request #93966 from Miciah/verify-that-an-ingress-with-empty-TLS-is-valid
Verify that an ingress with empty TLS is valid
2020-08-27 04:48:57 -07:00
Miciah Masters
e648deca3b Fix validation of ingress rules with wildcard host
Fix ingress validation so that it validates the rules of an ingress that
specifies a wildcard host.  Commit 60f4fbf4f2
added an inopportune continue statement that caused this validation to be
skipped.  For backwards compatibility, this change restores validation for
v1 of the api but still skips it on v1beta1.

* pkg/apis/networking/validation/validation.go (IngressValidationOptions):
Add AllowInvalidWildcardHostRule field to indicate that validation of rules
should be skipped for ingresses that specify wildcard hosts.
(ValidateIngressCreate): Set AllowInvalidWildcardHostRule to true if the
request is using the v1beta1 API version.
(ValidateIngressUpdate): Set AllowInvalidWildcardHostRule to true if the
request or old ingress is using the v1beta1 API version.
(validateIngressRules): Don't skip validation of the ingress rules unless
the ingress has a wildcard host and AllowInvalidWildcardHostRule is true.
(allowInvalidWildcardHostRule): New helper for ValidateIngressCreate and
ValidateIngressUpdate.
* pkg/apis/networking/validation/validation_test.go
(TestValidateIngressCreate, TestValidateIngressUpdate): Add test cases to
ensure that validation is performed on v1 objects and skipped on v1beta
objects for backwards compatibility.
(TestValidateIngressTLS): Specify PathType so that the test passes.

Co-authored-by: jordan@liggitt.net
2020-08-13 15:53:17 -04:00
Miciah Masters
7ef8fa7207 Verify that an ingress with empty TLS is valid
Add a test that verifies that an ingress with an empty TLS value or with a
TLS value that specifies an empty list of hosts passes validation.

* pkg/apis/networking/validation/validation_test.go
(TestValidateEmptyIngressTLS): New test.
2020-08-13 11:55:18 -04:00
Jordan Liggitt
f87a846e65 Validate ingress TLS secretName in v1 2020-08-12 10:13:08 -04:00
Christopher M. Luciano
2b091f60ca
ingress: Add Ingress to v1 API and update backend to defaultBackend
ingress: use new serviceBackend split

ingress: remove all v1beta1 restrictions on creation

This change removes creation and update restrictions enforced by
k8s 1.18 for not allowing resource backends.

Paths are no longer
required to be valid regex and a PathType is now user-specified
and no longer defaulted.

Also remove all TODOs in staging/net/v1 types

Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
2020-05-22 11:57:41 -04:00
Jordan Liggitt
1758d17689 Allow resource backends in Ingress 2020-05-12 15:38:19 -04:00
Jordan Liggitt
8f7b8105a1 Remove ingress regex path requirement 2020-05-12 15:38:15 -04:00
Jordan Liggitt
d879965808 Clean up list items listType 2020-03-31 23:08:08 -04:00
Kubernetes Prow Robot
3d46b7878c
Merge pull request #89018 from abhiraut/npTypes
Update code comment for NetworkPolicyPeer
2020-03-19 20:31:04 -07:00