Temp fixup webhook validations.

Author: Joshua Reed

api/v1beta2/cloudstackcluster_webhook.go

@@ -18,6 +18,7 @@ package v1beta2
 
 import (
 	"fmt"
+	"reflect"
 
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -67,17 +68,19 @@ func (r *CloudStackCluster) ValidateCreate() error {
 			field.NewPath("spec", "account"), "specifying account requires additionally specifying domain"))
 	}
 
-	// // Require Zones and their respective Networks.
-	// if len(r.Spec.Zones) <= 0 {
-	// 	errorList = append(errorList, field.Required(field.NewPath("spec", "Zones"), "Zones"))
-	// } else {
-	// 	for _, zone := range r.Spec.Zones {
-	// 		if zone.Network.Name == "" && zone.Network.ID == "" {
-	// 			errorList = append(errorList, field.Required(
-	// 				field.NewPath("spec", "Zones", "Network"), "each Zone requires a Network specification"))
-	// 		}
-	// 	}
-	// }
+	// Require FailureDomains and their respective fields.
+	// TODO flesh out verifications on FD fields.
+	if len(r.Spec.FailureDomains) <= 0 {
+		errorList = append(errorList, field.Required(field.NewPath("spec", "FailureDomains"), "FailureDomains"))
+	} else {
+		for _, fdSpec := range r.Spec.FailureDomains {
+			if fdSpec.Zone.Network.Name == "" && fdSpec.Zone.Network.ID == "" {
+				errorList = append(errorList, field.Required(
+					field.NewPath("spec", "FailureDomains", "Zone", "Network"),
+					"each Zone requires a Network specification"))
+			}
+		}
+	}
 
 	return webhookutil.AggregateObjErrors(r.GroupVersionKind().GroupKind(), r.Name, errorList)
 }
@@ -98,10 +101,10 @@ func (r *CloudStackCluster) ValidateUpdate(old runtime.Object) error {
 
 	// No spec fields may be updated.
 	errorList := field.ErrorList(nil)
-	// if !reflect.DeepEqual(oldSpec.Zones, spec.Zones) {
-	// 	errorList = append(errorList, field.Forbidden(
-	// 		field.NewPath("spec", "Zones"), "Zones and sub-attributes may not be modified after creation"))
-	// }
+	if !reflect.DeepEqual(oldSpec.FailureDomains, spec.FailureDomains) {
+		errorList = append(errorList, field.Forbidden(
+			field.NewPath("spec", "Zones"), "Zones and sub-attributes may not be modified after creation"))
+	}
 	if oldSpec.ControlPlaneEndpoint.Host != "" { // Need to allow one time endpoint setting via CAPC cluster controller.
 		errorList = webhookutil.EnsureStringFieldsAreEqual(
 			spec.ControlPlaneEndpoint.Host, oldSpec.ControlPlaneEndpoint.Host, "controlplaneendpoint.host", errorList)

api/v1beta2/cloudstackcluster_webhook_test.go

@@ -21,13 +21,14 @@ import (
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
+	infrav1 "sigs.k8s.io/cluster-api-provider-cloudstack/api/v1beta2"
 	dummies "sigs.k8s.io/cluster-api-provider-cloudstack/test/dummies/v1beta2"
 )
 
 var _ = Describe("CloudStackCluster webhooks", func() {
 	var ctx context.Context
 	forbiddenRegex := "admission webhook.*denied the request.*Forbidden\\: %s"
-	// requiredRegex := "admission webhook.*denied the request.*Required value\\: %s"
+	requiredRegex := "admission webhook.*denied the request.*Required value\\: %s"
 
 	BeforeEach(func() { // Reset test vars to initial state.
 		ctx = context.Background()
@@ -41,18 +42,18 @@ var _ = Describe("CloudStackCluster webhooks", func() {
 			Ω(k8sClient.Create(ctx, dummies.CSCluster)).Should(Succeed())
 		})
 
-		// TODO update for failure domains.
-		// It("Should reject a CloudStackCluster with missing Zones.Network attribute", func() {
-		// 	dummies.CSCluster.Spec.Zones = []infrav1.Zone{{}}
-		// 	dummies.CSCluster.Spec.Zones[0].Name = "ZoneWNoNetwork"
-		// 	Ω(k8sClient.Create(ctx, dummies.CSCluster)).Should(
-		// 		MatchError(MatchRegexp(requiredRegex, "each Zone requires a Network specification")))
-		// })
+		It("Should reject a CloudStackCluster with missing Zones.Network attribute", func() {
+			dummies.CSCluster.Spec.FailureDomains = []infrav1.CloudStackFailureDomainSpec{{}}
+			dummies.CSCluster.Spec.FailureDomains[0].Zone.Name = "ZoneWNoNetwork"
+			Ω(k8sClient.Create(ctx, dummies.CSCluster)).Should(
+				MatchError(MatchRegexp(requiredRegex, "each Zone requires a Network specification")))
+		})
 
-		// It("Should reject a CloudStackCluster with missing Zones attribute", func() {
-		// 	dummies.CSCluster.Spec.Zones = []infrav1.Zone{}
-		// 	Ω(k8sClient.Create(ctx, dummies.CSCluster)).Should(MatchError(MatchRegexp(requiredRegex, "Zones")))
-		// })
+		It("Should reject a CloudStackCluster with missing Zone attribute", func() {
+			dummies.CSCluster.Spec.FailureDomains[0].Zone = infrav1.Zone{}
+			Ω(k8sClient.Create(ctx, dummies.CSCluster)).Should(MatchError(MatchRegexp(requiredRegex,
+				"each Zone requires a Network specification")))
+		})
 
 		It("Should reject a CloudStackCluster with IdentityRef not of kind 'Secret'", func() {
 			dummies.CSCluster.Spec.IdentityRef.Kind = "NewType"
@@ -66,15 +67,14 @@ var _ = Describe("CloudStackCluster webhooks", func() {
 			Ω(k8sClient.Create(ctx, dummies.CSCluster)).Should(Succeed())
 		})
 
-		// TODO update for failure domains.
-		// It("Should reject updates to CloudStackCluster Zones", func() {
-		// 	dummies.CSCluster.Spec.Zones = []infrav1.Zone{dummies.Zone1}
-		// 	Ω(k8sClient.Update(ctx, dummies.CSCluster)).Should(MatchError(MatchRegexp(forbiddenRegex, "Zones and sub")))
-		// })
-		// It("Should reject updates to Networks specified in CloudStackCluster Zones", func() {
-		// 	dummies.CSCluster.Spec.Zones[0].Network.Name = "ArbitraryUpdateNetworkName"
-		// 	Ω(k8sClient.Update(ctx, dummies.CSCluster)).Should(MatchError(MatchRegexp(forbiddenRegex, "Zones and sub")))
-		// })
+		It("Should reject updates to CloudStackCluster FailureDomains", func() {
+			dummies.CSCluster.Spec.FailureDomains[0].Zone.Name = "SomeRandomUpdate"
+			Ω(k8sClient.Update(ctx, dummies.CSCluster)).Should(MatchError(MatchRegexp(forbiddenRegex, "Zones and sub")))
+		})
+		It("Should reject updates to Networks specified in CloudStackCluster Zones", func() {
+			dummies.CSCluster.Spec.FailureDomains[0].Zone.Network.Name = "ArbitraryUpdateNetworkName"
+			Ω(k8sClient.Update(ctx, dummies.CSCluster)).Should(MatchError(MatchRegexp(forbiddenRegex, "Zones and sub")))
+		})
 		It("Should reject updates to CloudStackCluster controlplaneendpoint.host", func() {
 			dummies.CSCluster.Spec.ControlPlaneEndpoint.Host = "1.1.1.1"
 			Ω(k8sClient.Update(ctx, dummies.CSCluster)).