From 777d06f006a2712579902fccbbf869d8aff9917a Mon Sep 17 00:00:00 2001
From: adrianc <adrianc@nvidia.com>
Date: Sun, 25 Aug 2024 14:57:45 +0300
Subject: [PATCH] make NodeName immutable

Add CEL validation rule to make NodeMaintenance NodeName
immutable.

Signed-off-by: adrianc <adrianc@nvidia.com>
---
 api/v1alpha1/nodemaintenance_types.go                         | 1 +
 api/v1alpha1/zz_generated.deepcopy.go                         | 2 +-
 config/crd/bases/maintenance.nvidia.com_nodemaintenances.yaml | 3 +++
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/api/v1alpha1/nodemaintenance_types.go b/api/v1alpha1/nodemaintenance_types.go
index a78ce35..0c70da3 100644
--- a/api/v1alpha1/nodemaintenance_types.go
+++ b/api/v1alpha1/nodemaintenance_types.go
@@ -76,6 +76,7 @@ type NodeMaintenanceSpec struct {
 
 	// NodeName is The name of the node that maintenance operation will be performed on
 	// creation fails if node obj does not exist (webhook)
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
 	NodeName string `json:"nodeName"`
 
 	// Cordon if set, marks node as unschedulable during maintenance operation
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index 65b4c55..1b27774 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -22,7 +22,7 @@ package v1alpha1
 
 import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1"
-	runtime "k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/intstr"
 )
 
diff --git a/config/crd/bases/maintenance.nvidia.com_nodemaintenances.yaml b/config/crd/bases/maintenance.nvidia.com_nodemaintenances.yaml
index ecc86ba..c95e5c1 100644
--- a/config/crd/bases/maintenance.nvidia.com_nodemaintenances.yaml
+++ b/config/crd/bases/maintenance.nvidia.com_nodemaintenances.yaml
@@ -116,6 +116,9 @@ spec:
                   NodeName is The name of the node that maintenance operation will be performed on
                   creation fails if node obj does not exist (webhook)
                 type: string
+                x-kubernetes-validations:
+                - message: Value is immutable
+                  rule: self == oldSelf
               requestorID:
                 description: |-
                   RequestorID MUST follow domain name notation format (https://tools.ietf.org/html/rfc1035#section-2.3.1)