Merge pull request #2690 from k8s-infra-cherrypick-robot/cherry-pick-2672-to-release-1.4

k8s-ci-robot · web-flow · commit a0fc6b8d17d6 · 2022-09-30T13:24:13.000-07:00
[release-1.4] Fix AzureMachineTemplate roleAssignmentName validation
diff --git a/api/v1beta1/azuremachine_validation.go b/api/v1beta1/azuremachine_validation.go
@@ -42,10 +42,6 @@ func ValidateAzureMachineSpec(spec AzureMachineSpec) field.ErrorList {
 		allErrs = append(allErrs, errs...)
 	}
 
-	if errs := ValidateSystemAssignedIdentity(spec.Identity, "", spec.RoleAssignmentName, field.NewPath("roleAssignmentName")); len(errs) > 0 {
-		allErrs = append(allErrs, errs...)
-	}
-
 	if errs := ValidateUserAssignedIdentity(spec.Identity, spec.UserAssignedIdentities, field.NewPath("userAssignedIdentities")); len(errs) > 0 {
 		allErrs = append(allErrs, errs...)
 	}
diff --git a/api/v1beta1/azuremachine_webhook.go b/api/v1beta1/azuremachine_webhook.go
@@ -40,11 +40,19 @@ var _ webhook.Validator = &AzureMachine{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type.
 func (m *AzureMachine) ValidateCreate() error {
-	if allErrs := ValidateAzureMachineSpec(m.Spec); len(allErrs) > 0 {
-		return apierrors.NewInvalid(GroupVersion.WithKind("AzureMachine").GroupKind(), m.Name, allErrs)
+	spec := m.Spec
+
+	allErrs := ValidateAzureMachineSpec(spec)
+
+	if errs := ValidateSystemAssignedIdentity(spec.Identity, "", spec.RoleAssignmentName, field.NewPath("roleAssignmentName")); len(errs) > 0 {
+		allErrs = append(allErrs, errs...)
 	}
 
-	return nil
+	if len(allErrs) == 0 {
+		return nil
+	}
+
+	return apierrors.NewInvalid(GroupVersion.WithKind("AzureMachine").GroupKind(), m.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type.
diff --git a/api/v1beta1/azuremachine_webhook_test.go b/api/v1beta1/azuremachine_webhook_test.go
@@ -627,3 +627,14 @@ func createMachineWithRoleAssignmentName() *AzureMachine {
 	}
 	return machine
 }
+
+func createMachineWithoutRoleAssignmentName() *AzureMachine {
+	machine := &AzureMachine{
+		Spec: AzureMachineSpec{
+			SSHPublicKey: validSSHPublicKey,
+			OSDisk:       validOSDisk,
+			Identity:     VMIdentitySystemAssigned,
+		},
+	}
+	return machine
+}
diff --git a/api/v1beta1/azuremachinetemplate_webhook_test.go b/api/v1beta1/azuremachinetemplate_webhook_test.go
@@ -129,6 +129,11 @@ func TestAzureMachineTemplate_ValidateCreate(t *testing.T) {
 			machineTemplate: createAzureMachineTemplateFromMachine(createMachineWithRoleAssignmentName()),
 			wantErr:         true,
 		},
+		{
+			name:            "azuremachinetemplate without RoleAssignmentName",
+			machineTemplate: createAzureMachineTemplateFromMachine(createMachineWithoutRoleAssignmentName()),
+			wantErr:         false,
+		},
 	}
 
 	for _, test := range tests {

Original file line number	Diff line number	Diff line change
`@@ -42,10 +42,6 @@ func ValidateAzureMachineSpec(spec AzureMachineSpec) field.ErrorList {`
`42`	`42`	`allErrs = append(allErrs, errs...)`
`43`	`43`	`}`
`44`	`44`
`45`		`- if errs := ValidateSystemAssignedIdentity(spec.Identity, "", spec.RoleAssignmentName, field.NewPath("roleAssignmentName")); len(errs) > 0 {`
`46`		`- allErrs = append(allErrs, errs...)`
`47`		`- }`
`48`		`-`
`49`	`45`	`if errs := ValidateUserAssignedIdentity(spec.Identity, spec.UserAssignedIdentities, field.NewPath("userAssignedIdentities")); len(errs) > 0 {`
`50`	`46`	`allErrs = append(allErrs, errs...)`
`51`	`47`	`}`