Validate configmap & secret names

https://kubernetes.io/docs/concepts/configuration/configmap/#configmap-object https://kubernetes.io/docs/concepts/configuration/secret/#restriction-names-data https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names Signed-off-by: Fabricio Aguiar <[email protected]>
fao89 · Aug 1, 2024 · bc92b83 · bc92b83
1 parent fa62144
commit bc92b83
Show file tree

Hide file tree

Showing 10 changed files with 275 additions and 11 deletions.
diff --git a/apis/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml b/apis/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml
@@ -285,6 +285,7 @@ spec:
                             configMapRef:
                               properties:
                                 name:
+                                  maxLength: 253
                                   type: string
                                 optional:
                                   type: boolean
@@ -295,6 +296,7 @@ spec:
                             secretRef:
                               properties:
                                 name:
+                                  maxLength: 253
                                   type: string
                                 optional:
                                   type: boolean
@@ -304,6 +306,7 @@ spec:
                         type: array
                     type: object
                   ansibleSSHPrivateKeySecret:
+                    maxLength: 253
                     type: string
                   extraMounts:
                     items:
@@ -1109,6 +1112,7 @@ spec:
                               configMapRef:
                                 properties:
                                   name:
+                                    maxLength: 253
                                     type: string
                                   optional:
                                     type: boolean
@@ -1119,6 +1123,7 @@ spec:
                               secretRef:
                                 properties:
                                   name:
+                                    maxLength: 253
                                     type: string
                                   optional:
                                     type: boolean

diff --git a/apis/bases/dataplane.openstack.org_openstackdataplaneservices.yaml b/apis/bases/dataplane.openstack.org_openstackdataplaneservices.yaml
@@ -35,6 +35,7 @@ spec:
                 default: false
                 type: boolean
               caCerts:
+                maxLength: 253
                 type: string
               certsFrom:
                 type: string
@@ -48,6 +49,7 @@ spec:
                     configMapRef:
                       properties:
                         name:
+                          maxLength: 253
                           type: string
                         optional:
                           type: boolean
@@ -58,6 +60,7 @@ spec:
                     secretRef:
                       properties:
                         name:
+                          maxLength: 253
                           type: string
                         optional:
                           type: boolean

diff --git a/apis/dataplane/v1beta1/common.go b/apis/dataplane/v1beta1/common.go
@@ -32,6 +32,7 @@ type LocalObjectReference struct {
 	// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
 	// TODO: Add other useful fields. apiVersion, kind, uid?
 	// +optional
+	// +kubebuilder:validation:MaxLength:=253
 	Name string `json:"name,omitempty" yaml:"name,omitempty"`
 }
 
@@ -155,6 +156,7 @@ type NodeTemplate struct {
 	// Secret.data.ssh-privatekey: <base64 encoded private key contents>
 	// <https://kubernetes.io/docs/concepts/configuration/secret/#ssh-authentication-secrets>
 	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MaxLength:=253
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
 	AnsibleSSHPrivateKeySecret string `json:"ansibleSSHPrivateKeySecret"`
 	// ManagementNetwork - Name of network to use for management (SSH/Ansible)

diff --git a/apis/dataplane/v1beta1/openstackdataplaneservice_types.go b/apis/dataplane/v1beta1/openstackdataplaneservice_types.go
@@ -74,6 +74,7 @@ type OpenStackDataPlaneServiceSpec struct {
 
 	// CACerts - Secret containing the CA certificate chain
 	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:MaxLength:=253
 	CACerts string `json:"caCerts,omitempty" yaml:"caCerts,omitempty"`
 
 	// OpenStackAnsibleEERunnerImage image to use as the ansibleEE runner image

diff --git a/config/crd/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml b/config/crd/bases/dataplane.openstack.org_openstackdataplanenodesets.yaml
@@ -285,6 +285,7 @@ spec:
                             configMapRef:
                               properties:
                                 name:
+                                  maxLength: 253
                                   type: string
                                 optional:
                                   type: boolean
@@ -295,6 +296,7 @@ spec:
                             secretRef:
                               properties:
                                 name:
+                                  maxLength: 253
                                   type: string
                                 optional:
                                   type: boolean
@@ -304,6 +306,7 @@ spec:
                         type: array
                     type: object
                   ansibleSSHPrivateKeySecret:
+                    maxLength: 253
                     type: string
                   extraMounts:
                     items:
@@ -1109,6 +1112,7 @@ spec:
                               configMapRef:
                                 properties:
                                   name:
+                                    maxLength: 253
                                     type: string
                                   optional:
                                     type: boolean
@@ -1119,6 +1123,7 @@ spec:
                               secretRef:
                                 properties:
                                   name:
+                                    maxLength: 253
                                     type: string
                                   optional:
                                     type: boolean

diff --git a/config/crd/bases/dataplane.openstack.org_openstackdataplaneservices.yaml b/config/crd/bases/dataplane.openstack.org_openstackdataplaneservices.yaml
@@ -35,6 +35,7 @@ spec:
                 default: false
                 type: boolean
               caCerts:
+                maxLength: 253
                 type: string
               certsFrom:
                 type: string
@@ -48,6 +49,7 @@ spec:
                     configMapRef:
                       properties:
                         name:
+                          maxLength: 253
                           type: string
                         optional:
                           type: boolean
@@ -58,6 +60,7 @@ spec:
                     secretRef:
                       properties:
                         name:
+                          maxLength: 253
                           type: string
                         optional:
                           type: boolean

diff --git a/config/manifests/bases/openstack-operator.clusterserviceversion.yaml b/config/manifests/bases/openstack-operator.clusterserviceversion.yaml
@@ -167,6 +167,11 @@ spec:
       - description: TLS - overrides tls parameters for public endpoint
         displayName: TLS
         path: horizon.apiOverride.tls
+      - description: Enabled - Whether Horizon services should be deployed and managed
+        displayName: Enabled
+        path: horizon.enabled
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
       - description: Template - Overrides to use when creating the Horizon services
         displayName: Template
         path: horizon.template
@@ -518,6 +523,11 @@ spec:
         path: conditions
         x-descriptors:
         - urn:alm:descriptor:io.kubernetes.conditions
+      - description: Deployed
+        displayName: Deployed
+        path: deployed
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
       version: v1beta1
     - description: OpenStackDataPlaneNodeSet is the Schema for the openstackdataplanenodesets
         API OpenStackDataPlaneNodeSet name must be a valid RFC1123 as it is used in
@@ -573,6 +583,13 @@ spec:
         path: addCertMounts
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
+      - description: DeployOnAllNodeSets - should the service be deploy across all
+          nodesets This will override default target of a service play, setting it
+          to 'all'.
+        displayName: Deploy On All Node Sets
+        path: deployOnAllNodeSets
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
       statusDescriptors:
       - description: Conditions
         displayName: Conditions