[validation] check galera instance names are valid

The galera controller creates StatefulSet for the db to run. This adds a StatefulSet pod's label "controller-revision-hash": "<statefulset_name>-<hash>" to the pod. The kubernetes label is restricted under 63 char and the revision hash is an int32, 10 chars + the hyphen. The galera controller also adds a suffix '-galera' to the statefulset name. With this the max name must not exceed 46 chars. Also the name of the created galera instance must match a lowercase RFC 1123. Depends-On: openstack-k8s-operators/lib-common#532 Depends-On: openstack-k8s-operators/mariadb-operator#246 Jira: https://issues.redhat.com/browse/OSPRH-8063 Signed-off-by: Martin Schuppert <[email protected]>
openstack-k8s-operators · Jul 23, 2024 · a60b6be · a60b6be
1 parent d5a74fd
commit a60b6be
Show file tree

Hide file tree

Showing 2 changed files with 94 additions and 0 deletions.
diff --git a/apis/core/v1beta1/openstackcontrolplane_webhook.go b/apis/core/v1beta1/openstackcontrolplane_webhook.go
@@ -334,6 +334,16 @@ func (r *OpenStackControlPlane) ValidateCreateServices(basePath *field.Path) (ad
 		}
 	}
 
+	if r.Spec.Galera.Enabled {
+		if r.Spec.Galera.Templates != nil {
+			err := common_webhook.ValidateDNS1123Label(
+				basePath.Child("galera").Child("templates"),
+				maps.Keys(*r.Spec.Galera.Templates),
+				mariadbv1.CrMaxLengthCorrection) // omit issue with statefulset pod label "controller-revision-hash": "<statefulset_name>-<hash>"
+			errors = append(errors, err...)
+		}
+	}
+
 	return warnings, errors
 }
 
@@ -455,6 +465,16 @@ func (r *OpenStackControlPlane) ValidateUpdateServices(old OpenStackControlPlane
 		}
 	}
 
+	if r.Spec.Galera.Enabled {
+		if r.Spec.Galera.Templates != nil {
+			err := common_webhook.ValidateDNS1123Label(
+				basePath.Child("galera").Child("templates"),
+				maps.Keys(*r.Spec.Galera.Templates),
+				mariadbv1.CrMaxLengthCorrection) // omit issue with statefulset pod label "controller-revision-hash": "<statefulset_name>-<hash>"
+			errors = append(errors, err...)
+		}
+	}
+
 	return errors
 }
 

diff --git a/tests/functional/ctlplane/openstackoperator_controller_test.go b/tests/functional/ctlplane/openstackoperator_controller_test.go
@@ -2011,4 +2011,78 @@ var _ = Describe("OpenStackOperator Webhook", func() {
 				"Invalid value: \"foo_bar\": a lowercase RFC 1123 label must consist"),
 		)
 	})
+
+	It("Blocks creating ctlplane CRs with to long galera keys/names", func() {
+		spec := GetDefaultOpenStackControlPlaneSpec()
+
+		galeraTemplate := map[string]interface{}{
+			"foo-1234567890-1234567890-1234567890-1234567890-1234567890": map[string]interface{}{
+				"storageRequest": "500M",
+			},
+		}
+
+		spec["galera"] = map[string]interface{}{
+			"enabled":   true,
+			"templates": galeraTemplate,
+		}
+
+		raw := map[string]interface{}{
+			"apiVersion": "core.openstack.org/v1beta1",
+			"kind":       "OpenStackControlPlane",
+			"metadata": map[string]interface{}{
+				"name":      "foo",
+				"namespace": namespace,
+			},
+			"spec": spec,
+		}
+
+		unstructuredObj := &unstructured.Unstructured{Object: raw}
+		_, err := controllerutil.CreateOrPatch(
+			th.Ctx, th.K8sClient, unstructuredObj, func() error { return nil })
+		Expect(err).Should(HaveOccurred())
+		var statusError *k8s_errors.StatusError
+		Expect(errors.As(err, &statusError)).To(BeTrue())
+		Expect(statusError.ErrStatus.Details.Kind).To(Equal("OpenStackControlPlane"))
+		Expect(statusError.ErrStatus.Message).To(
+			ContainSubstring(
+				"Invalid value: \"foo-1234567890-1234567890-1234567890-1234567890-1234567890\": must be no more than 46 characters"),
+		)
+	})
+
+	It("Blocks creating ctlplane CRs with wrong galera keys/names", func() {
+		spec := GetDefaultOpenStackControlPlaneSpec()
+
+		galeraTemplate := map[string]interface{}{
+			"foo_bar": map[string]interface{}{
+				"storageRequest": "500M",
+			},
+		}
+
+		spec["galera"] = map[string]interface{}{
+			"enabled":   true,
+			"templates": galeraTemplate,
+		}
+
+		raw := map[string]interface{}{
+			"apiVersion": "core.openstack.org/v1beta1",
+			"kind":       "OpenStackControlPlane",
+			"metadata": map[string]interface{}{
+				"name":      "foo",
+				"namespace": namespace,
+			},
+			"spec": spec,
+		}
+
+		unstructuredObj := &unstructured.Unstructured{Object: raw}
+		_, err := controllerutil.CreateOrPatch(
+			th.Ctx, th.K8sClient, unstructuredObj, func() error { return nil })
+		Expect(err).Should(HaveOccurred())
+		var statusError *k8s_errors.StatusError
+		Expect(errors.As(err, &statusError)).To(BeTrue())
+		Expect(statusError.ErrStatus.Details.Kind).To(Equal("OpenStackControlPlane"))
+		Expect(statusError.ErrStatus.Message).To(
+			ContainSubstring(
+				"Invalid value: \"foo_bar\": a lowercase RFC 1123 label must consist"),
+		)
+	})
 })