diff --git a/cloud/services/loadbalancers.go b/cloud/services/loadbalancers.go index 5f81f216e..6547e599c 100644 --- a/cloud/services/loadbalancers.go +++ b/cloud/services/loadbalancers.go @@ -23,7 +23,7 @@ const ( func CreateNodeBalancer(ctx context.Context, clusterScope *scope.ClusterScope, logger logr.Logger) (*linodego.NodeBalancer, error) { var linodeNB *linodego.NodeBalancer - NBLabel := fmt.Sprintf("%s-api-server", clusterScope.LinodeCluster.Name) + NBLabel := clusterScope.LinodeCluster.Name clusterUID := string(clusterScope.LinodeCluster.UID) tags := []string{string(clusterScope.LinodeCluster.UID)} listFilter := util.Filter{ @@ -53,9 +53,9 @@ func CreateNodeBalancer(ctx context.Context, clusterScope *scope.ClusterScope, l return &linodeNBs[0], nil } - logger.Info(fmt.Sprintf("Creating NodeBalancer %s-api-server", clusterScope.LinodeCluster.Name)) + logger.Info(fmt.Sprintf("Creating NodeBalancer %s", clusterScope.LinodeCluster.Name)) createConfig := linodego.NodeBalancerCreateOptions{ - Label: util.Pointer(fmt.Sprintf("%s-api-server", clusterScope.LinodeCluster.Name)), + Label: util.Pointer(clusterScope.LinodeCluster.Name), Region: clusterScope.LinodeCluster.Spec.Region, Tags: tags, } diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index dd129d480..e40bb3908 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -36,6 +36,39 @@ patches: #- path: patches/cainjection_in_linodeobjectstoragebuckets.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch +# [VALIDATION] +# patches here are for additional validation for each CRD +- target: + group: apiextensions.k8s.io + version: v1 + kind: CustomResourceDefinition + name: linodeclusters.infrastructure.cluster.x-k8s.io + path: patches/validation_in_linodeclusters.yaml +- target: + group: apiextensions.k8s.io + version: v1 + kind: CustomResourceDefinition + name: linodeclustertemplates.infrastructure.cluster.x-k8s.io + path: patches/validation_in_linodeclustertemplates.yaml +- target: + group: apiextensions.k8s.io + version: v1 + kind: CustomResourceDefinition + name: linodemachines.infrastructure.cluster.x-k8s.io + path: patches/validation_in_linodemachines.yaml +- target: + group: apiextensions.k8s.io + version: v1 + kind: CustomResourceDefinition + name: linodemachinetemplates.infrastructure.cluster.x-k8s.io + path: patches/validation_in_linodemachinetemplates.yaml +- target: + group: apiextensions.k8s.io + version: v1 + kind: CustomResourceDefinition + name: linodevpcs.infrastructure.cluster.x-k8s.io + path: patches/validation_in_linodevpcs.yaml + # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: - kustomizeconfig.yaml diff --git a/config/crd/patches/validation_in_linodeclusters.yaml b/config/crd/patches/validation_in_linodeclusters.yaml new file mode 100644 index 000000000..05e57e64e --- /dev/null +++ b/config/crd/patches/validation_in_linodeclusters.yaml @@ -0,0 +1,11 @@ +# The following patch adds additional constraints after the built-in name validation for the CRD +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/metadata/properties + value: + name: + type: string + x-kubernetes-validations: + - rule: 3 <= size(self) && size(self) <= 32 + message: >- + custom validation: + linode nodebalancer: labels must be between 3..32 characters diff --git a/config/crd/patches/validation_in_linodeclustertemplates.yaml b/config/crd/patches/validation_in_linodeclustertemplates.yaml new file mode 100644 index 000000000..a84f9c7cd --- /dev/null +++ b/config/crd/patches/validation_in_linodeclustertemplates.yaml @@ -0,0 +1,12 @@ +# The following patch adds additional constraints after the built-in name validation for the CRD +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/metadata/properties + value: + name: + type: string + x-kubernetes-validations: + - rule: 3 <= size(self) && size(self) <= 26 + message: >- + custom validation: + template: must be between 3..26 characters, + linode nodebalancer: labels must be between 3..32 characters diff --git a/config/crd/patches/validation_in_linodemachines.yaml b/config/crd/patches/validation_in_linodemachines.yaml new file mode 100644 index 000000000..75e986016 --- /dev/null +++ b/config/crd/patches/validation_in_linodemachines.yaml @@ -0,0 +1,26 @@ +# The following patch adds additional constraints after the built-in name validation for the CRD +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/metadata/properties + value: + name: + type: string + x-kubernetes-validations: + - rule: 3 <= size(self) && size(self) <= 64 + message: >- + custom validation: + linode instance: labels must be between 3..64 characters + - rule: self.matches('^[[:alnum:]]([-_.[:alnum:]]+[[:alnum:]])*$') + message: >- + custom validation: + linode instance: labels: + must begin and end with an alphanumeric character, + may only consist of alphanumeric characters, hyphens (-), underscores (_) or periods (.), + cannot have two hyphens (--), underscores (__) or periods (..) in a row, + regex used for validation is: '^[[:alnum:]]([-_.[:alnum:]]+[[:alnum:]])*$', + see: https://www.linode.com/docs/api/linode-instances/#linode-create + # TODO: Consider combining this into the regex above to minimize time complexity + # See: https://github.com/google/cel-spec/blob/master/doc/langdef.md#time-complexity + - rule: "!(self.contains('--') || self.contains('__') || self.contains('..'))" + message: >- + custom validation: + linode instance: labels cannot have two hyphens (--), underscores (__) or periods (..) in a row diff --git a/config/crd/patches/validation_in_linodemachinetemplates.yaml b/config/crd/patches/validation_in_linodemachinetemplates.yaml new file mode 100644 index 000000000..8e8c75eac --- /dev/null +++ b/config/crd/patches/validation_in_linodemachinetemplates.yaml @@ -0,0 +1,27 @@ +# The following patch adds additional constraints after the built-in name validation for the CRD +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/metadata/properties + value: + name: + type: string + x-kubernetes-validations: + - rule: 3 <= size(self) && size(self) <= 58 + message: >- + custom validation: + template: must be between 3..58 characters, + linode instance: labels must be between 3..64 characters + - rule: self.matches('^[[:alnum:]]([-_.[:alnum:]]+[[:alnum:]])*$') + message: >- + custom validation: + linode instance: labels: + must begin and end with an alphanumeric character, + may only consist of alphanumeric characters, hyphens (-), underscores (_) or periods (.), + cannot have two hyphens (--), underscores (__) or periods (..) in a row, + regex used for validation is: '^[[:alnum:]]([-_.[:alnum:]]+[[:alnum:]])*$', + see: https://www.linode.com/docs/api/linode-instances/#linode-create + # TODO: Consider combining this into the regex above to minimize time complexity + # See: https://github.com/google/cel-spec/blob/master/doc/langdef.md#time-complexity + - rule: "!(self.contains('--') || self.contains('__') || self.contains('..'))" + message: >- + custom validation: + linode instance: labels cannot have two hyphens (--), underscores (__) or periods (..) in a row diff --git a/config/crd/patches/validation_in_linodevpcs.yaml b/config/crd/patches/validation_in_linodevpcs.yaml new file mode 100644 index 000000000..ad26ede1a --- /dev/null +++ b/config/crd/patches/validation_in_linodevpcs.yaml @@ -0,0 +1,25 @@ +# The following patch adds additional constraints after the built-in name validation for the CRD +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/metadata/properties + value: + name: + type: string + x-kubernetes-validations: + - rule: 1 <= size(self) && size(self) <= 64 + message: >- + custom validation: + linode vpc: labels must be between 1..64 characters + - rule: self.matches('^[-[:alnum:]]*$') + message: >- + custom validation: + linode vpc: labels: + can only contain ASCII letters, numbers, and hyphens (-), + cannot have two consecutive hyphens (--), + regex used for validation is: '^[-[:alnum:]]*$', + see: https://www.linode.com/docs/api/vpcs/#vpc-create + # TODO: Consider combining this into the regex above to minimize time complexity + # See: https://github.com/google/cel-spec/blob/master/doc/langdef.md#time-complexity + - rule: "!self.contains('--')" + message: >- + custom validation: + linode vpc: labels cannot have two consecutive hyphens (--) diff --git a/e2e/linodecluster-controller/minimal-linodecluster/chainsaw-test.yaml b/e2e/linodecluster-controller/minimal-linodecluster/chainsaw-test.yaml index 2b3680fc5..5514ba06a 100755 --- a/e2e/linodecluster-controller/minimal-linodecluster/chainsaw-test.yaml +++ b/e2e/linodecluster-controller/minimal-linodecluster/chainsaw-test.yaml @@ -10,11 +10,10 @@ spec: - name: run value: (join('-', ['e2e', 'min-cluster', env('GIT_REF')])) - name: cluster - # Format the cluster name into a valid Linode label - # TODO: This is over-truncated to account for the Linode NodeBalancer label - value: (trim((truncate(($run), `21`)), '-')) + # Format the cluster name + value: (trim((truncate(($run), `32`)), '-')) - name: nodebalancer - value: (join('-', [($cluster), 'api-server'])) + value: ($cluster) template: true steps: - name: step-00 diff --git a/e2e/linodemachine-controller/minimal-linodemachine/chainsaw-test.yaml b/e2e/linodemachine-controller/minimal-linodemachine/chainsaw-test.yaml index 0a4c96bcd..796f76d81 100755 --- a/e2e/linodemachine-controller/minimal-linodemachine/chainsaw-test.yaml +++ b/e2e/linodemachine-controller/minimal-linodemachine/chainsaw-test.yaml @@ -10,9 +10,8 @@ spec: - name: run value: (join('-', ['e2e', 'min-lm', env('GIT_REF')])) - name: cluster - # Format the cluster name into a valid Linode label - # TODO: This is over-truncated to account for the Linode NodeBalancer label - value: (trim((truncate(($run), `21`)), '-')) + # Format the cluster name + value: (trim((truncate(($run), `32`)), '-')) template: true steps: - name: step-00 diff --git a/e2e/linodemachine-controller/vpc-integration/chainsaw-test.yaml b/e2e/linodemachine-controller/vpc-integration/chainsaw-test.yaml index 6bd80a00a..8ddccd91b 100755 --- a/e2e/linodemachine-controller/vpc-integration/chainsaw-test.yaml +++ b/e2e/linodemachine-controller/vpc-integration/chainsaw-test.yaml @@ -10,9 +10,8 @@ spec: - name: run value: (join('-', ['e2e', 'lm-vpc', env('GIT_REF')])) - name: cluster - # Format the cluster name into a valid Linode label - # TODO: This is over-truncated to account for the Linode NodeBalancer label - value: (trim((truncate(($run), `21`)), '-')) + # Format the cluster name + value: (trim((truncate(($run), `32`)), '-')) - name: vpc # Format the VPC name into a valid Kubernetes object name value: (trim((truncate(($run), `63`)), '-'))