Merge pull request #2570 from openshift-cloud-team/format-marker-examples

Add test cases for all supported format markers

Author: openshift-merge-bot[bot]

example/v1/tests/stableconfigtypes.example.openshift.io/AAA_ungated.yaml

@@ -100,6 +100,11 @@ type StableConfigTypeSpec struct {
 	// subnetsWithExclusions demonstrates how to validate a list of subnets with exclusions
 	// +optional
 	SubnetsWithExclusions SubnetsWithExclusions `json:"subnetsWithExclusions,omitempty"`
+
+	// formatMarkerExamples demonstrates all Kubebuilder Format markers supported as of Kubernetes 1.33.
+	// This field serves as a comprehensive reference for format marker validation.
+	// +optional
+	FormatMarkerExamples *FormatMarkerExamples `json:"formatMarkerExamples,omitempty"`
 }
 
 // SetValue defines the types allowed in string set type
@@ -208,6 +213,157 @@ type SubnetsWithExclusions struct {
 // +kubebuilder:validation:MaxLength:=43
 type CIDR string
 
+// FormatMarkerExamples demonstrates all Kubebuilder Format markers supported as of Kubernetes 1.33.
+// This struct provides a comprehensive reference for format marker validation.
+// Each field uses a different format marker to validate its value.
+type FormatMarkerExamples struct {
+	// ipv4Address must be a valid IPv4 address in dotted-quad notation.
+	// Valid values range from 0.0.0.0 to 255.255.255.255 (e.g., 192.168.1.1).
+	//
+	// Use of Format=ipv4 is not recommended due to CVE-2021-29923 and CVE-2024-24790.
+	// Instead, use the CEL expression `isIP(self) && ip(self).family() == 4` to validate IPv4 addresses.
+	//
+	// +kubebuilder:validation:Format=ipv4
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=15
+	// +optional
+	IPv4Address string `json:"ipv4Address,omitempty"`
+
+	// ipv6Address must be a valid IPv6 address.
+	// Valid examples include full form (2001:0db8:0000:0000:0000:0000:0000:0001) or compressed form (2001:db8::1 or ::1).
+	//
+	// Use of Format=ipv6 is not recommended due to CVE-2021-29923 and CVE-2024-24790.
+	// Instead, use the CEL expression `isIP(self) && ip(self).family() == 6` to validate IPv6 addresses.
+	//
+	// +kubebuilder:validation:Format=ipv6
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=45
+	// +optional
+	IPv6Address string `json:"ipv6Address,omitempty"`
+
+	// cidrNotation must be a valid CIDR notation IP address range.
+	// Valid examples include IPv4 CIDR (10.0.0.0/8, 192.168.1.0/24) or IPv6 CIDR (fd00::/8, 2001:db8::/32).
+	//
+	// Use of Format=cidr is not recommended due to CVE-2021-29923 and CVE-2024-24790.
+	// Instead, use the CEL expression `isCIDR(self)` to validate CIDR notation.
+	// Additionally, use `isCIDR(self) && cidr(self).ip().family() == X` to validate IPvX specifically.
+	//
+	// +kubebuilder:validation:Format=cidr
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=49
+	// +optional
+	CIDRNotation string `json:"cidrNotation,omitempty"`
+
+	// uriField must be a valid URI following RFC 3986 syntax.
+	// Valid examples include https://example.com/path?query=value or /absolute-path.
+	// +kubebuilder:validation:Format=uri
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=2048
+	// +optional
+	URIField string `json:"uriField,omitempty"`
+
+	// emailAddress must be a valid email address.
+	// Valid examples include [email protected] or [email protected].
+	// +kubebuilder:validation:Format=email
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=254
+	// +optional
+	EmailAddress string `json:"emailAddress,omitempty"`
+
+	// hostnameField must be a valid Internet hostname per RFC 1034.
+	// Valid examples include example.com, api.example.com, or my-service.
+	// +kubebuilder:validation:Format=hostname
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=253
+	// +optional
+	HostnameField string `json:"hostnameField,omitempty"`
+
+	// macAddress must be a valid MAC address.
+	// Valid examples include 00:1A:2B:3C:4D:5E or 00-1A-2B-3C-4D-5E.
+	// +kubebuilder:validation:Format=mac
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=17
+	// +optional
+	MACAddress string `json:"macAddress,omitempty"`
+
+	// uuidField must be a valid UUID (any version) in 8-4-4-4-12 format.
+	// Valid examples include 550e8400-e29b-41d4-a716-446655440000 or 123e4567-e89b-12d3-a456-426614174000.
+	// +kubebuilder:validation:Format=uuid
+	// +kubebuilder:validation:MinLength=36
+	// +kubebuilder:validation:MaxLength=36
+	// +optional
+	UUIDField string `json:"uuidField,omitempty"`
+
+	// uuid3Field must be a valid UUID version 3 (MD5 hash-based).
+	// Version 3 UUIDs are generated using MD5 hashing of a namespace and name.
+	// Valid example: a3bb189e-8bf9-3888-9912-ace4e6543002.
+	// +kubebuilder:validation:Format=uuid3
+	// +kubebuilder:validation:MinLength=36
+	// +kubebuilder:validation:MaxLength=36
+	// +optional
+	UUID3Field string `json:"uuid3Field,omitempty"`
+
+	// uuid4Field must be a valid UUID version 4 (random).
+	// Version 4 UUIDs are randomly generated.
+	// Valid example: 550e8400-e29b-41d4-a716-446655440000.
+	// +kubebuilder:validation:Format=uuid4
+	// +kubebuilder:validation:MinLength=36
+	// +kubebuilder:validation:MaxLength=36
+	// +optional
+	UUID4Field string `json:"uuid4Field,omitempty"`
+
+	// uuid5Field must be a valid UUID version 5 (SHA-1 hash-based).
+	// Version 5 UUIDs are generated using SHA-1 hashing of a namespace and name.
+	// Valid example: 74738ff5-5367-5958-9aee-98fffdcd1876.
+	// +kubebuilder:validation:Format=uuid5
+	// +kubebuilder:validation:MinLength=36
+	// +kubebuilder:validation:MaxLength=36
+	// +optional
+	UUID5Field string `json:"uuid5Field,omitempty"`
+
+	// dateField must be a valid date in RFC 3339 full-date format (YYYY-MM-DD).
+	// Valid examples include 2024-01-15 or 2023-12-31.
+	// +kubebuilder:validation:Format=date
+	// +kubebuilder:validation:MinLength=10
+	// +kubebuilder:validation:MaxLength=10
+	// +optional
+	DateField string `json:"dateField,omitempty"`
+
+	// dateTimeField must be a valid RFC 3339 date-time.
+	// Valid examples include 2024-01-15T14:30:00Z, 2024-01-15T14:30:00+00:00, or 2024-01-15T14:30:00.123Z.
+	// +kubebuilder:validation:Format=date-time
+	// +kubebuilder:validation:MinLength=20
+	// +kubebuilder:validation:MaxLength=35
+	// +optional
+	DateTimeField string `json:"dateTimeField,omitempty"`
+
+	// durationField must be a valid duration string parseable by Go's time.ParseDuration.
+	// Valid time units are ns, us (or µs), ms, s, m, h.
+	// Valid examples include 30s, 5m, 1h30m, 100ms, or 1h.
+	// +kubebuilder:validation:Format=duration
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=255
+	// +optional
+	DurationField string `json:"durationField,omitempty"`
+
+	// base64Data must be valid base64-encoded data.
+	// Valid examples include aGVsbG8= (encodes "hello") or SGVsbG8gV29ybGQh (encodes "Hello World!").
+	// +kubebuilder:validation:Format=byte
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=2048
+	// +optional
+	Base64Data string `json:"base64Data,omitempty"`
+
+	// passwordField is a marker for sensitive data.
+	// Note that the password format marker does not perform any actual validation - it accepts any string value.
+	// This marker is primarily used to signal that the field contains sensitive information.
+	// +kubebuilder:validation:Format=password
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=255
+	// +optional
+	PasswordField string `json:"passwordField,omitempty"`
+}
+
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 // +openshift:compatibility-gen:level=1
 

example/v1/types_stable.go

@@ -103,6 +103,155 @@ spec:
                 required:
                 - type
                 type: object
+              formatMarkerExamples:
+                description: |-
+                  formatMarkerExamples demonstrates all Kubebuilder Format markers supported as of Kubernetes 1.33.
+                  This field serves as a comprehensive reference for format marker validation.
+                properties:
+                  base64Data:
+                    description: |-
+                      base64Data must be valid base64-encoded data.
+                      Valid examples include aGVsbG8= (encodes "hello") or SGVsbG8gV29ybGQh (encodes "Hello World!").
+                    format: byte
+                    maxLength: 2048
+                    minLength: 1
+                    type: string
+                  cidrNotation:
+                    description: |-
+                      cidrNotation must be a valid CIDR notation IP address range.
+                      Valid examples include IPv4 CIDR (10.0.0.0/8, 192.168.1.0/24) or IPv6 CIDR (fd00::/8, 2001:db8::/32).
+
+                      Use of Format=cidr is not recommended due to CVE-2021-29923 and CVE-2024-24790.
+                      Instead, use the CEL expression `isCIDR(self)` to validate CIDR notation.
+                      Additionally, use `isCIDR(self) && cidr(self).ip().family() == X` to validate IPvX specifically.
+                    format: cidr
+                    maxLength: 49
+                    minLength: 1
+                    type: string
+                  dateField:
+                    description: |-
+                      dateField must be a valid date in RFC 3339 full-date format (YYYY-MM-DD).
+                      Valid examples include 2024-01-15 or 2023-12-31.
+                    format: date
+                    maxLength: 10
+                    minLength: 10
+                    type: string
+                  dateTimeField:
+                    description: |-
+                      dateTimeField must be a valid RFC 3339 date-time.
+                      Valid examples include 2024-01-15T14:30:00Z, 2024-01-15T14:30:00+00:00, or 2024-01-15T14:30:00.123Z.
+                    format: date-time
+                    maxLength: 35
+                    minLength: 20
+                    type: string
+                  durationField:
+                    description: |-
+                      durationField must be a valid duration string parseable by Go's time.ParseDuration.
+                      Valid time units are ns, us (or µs), ms, s, m, h.
+                      Valid examples include 30s, 5m, 1h30m, 100ms, or 1h.
+                    format: duration
+                    maxLength: 255
+                    minLength: 1
+                    type: string
+                  emailAddress:
+                    description: |-
+                      emailAddress must be a valid email address.
+                      Valid examples include [email protected] or [email protected].
+                    format: email
+                    maxLength: 254
+                    minLength: 1
+                    type: string
+                  hostnameField:
+                    description: |-
+                      hostnameField must be a valid Internet hostname per RFC 1034.
+                      Valid examples include example.com, api.example.com, or my-service.
+                    format: hostname
+                    maxLength: 253
+                    minLength: 1
+                    type: string
+                  ipv4Address:
+                    description: |-
+                      ipv4Address must be a valid IPv4 address in dotted-quad notation.
+                      Valid values range from 0.0.0.0 to 255.255.255.255 (e.g., 192.168.1.1).
+
+                      Use of Format=ipv4 is not recommended due to CVE-2021-29923 and CVE-2024-24790.
+                      Instead, use the CEL expression `isIP(self) && ip(self).family() == 4` to validate IPv4 addresses.
+                    format: ipv4
+                    maxLength: 15
+                    minLength: 1
+                    type: string
+                  ipv6Address:
+                    description: |-
+                      ipv6Address must be a valid IPv6 address.
+                      Valid examples include full form (2001:0db8:0000:0000:0000:0000:0000:0001) or compressed form (2001:db8::1 or ::1).
+
+                      Use of Format=ipv6 is not recommended due to CVE-2021-29923 and CVE-2024-24790.
+                      Instead, use the CEL expression `isIP(self) && ip(self).family() == 6` to validate IPv6 addresses.
+                    format: ipv6
+                    maxLength: 45
+                    minLength: 1
+                    type: string
+                  macAddress:
+                    description: |-
+                      macAddress must be a valid MAC address.
+                      Valid examples include 00:1A:2B:3C:4D:5E or 00-1A-2B-3C-4D-5E.
+                    format: mac
+                    maxLength: 17
+                    minLength: 1
+                    type: string
+                  passwordField:
+                    description: |-
+                      passwordField is a marker for sensitive data.
+                      Note that the password format marker does not perform any actual validation - it accepts any string value.
+                      This marker is primarily used to signal that the field contains sensitive information.
+                    format: password
+                    maxLength: 255
+                    minLength: 1
+                    type: string
+                  uriField:
+                    description: |-
+                      uriField must be a valid URI following RFC 3986 syntax.
+                      Valid examples include https://example.com/path?query=value or /absolute-path.
+                    format: uri
+                    maxLength: 2048
+                    minLength: 1
+                    type: string
+                  uuid3Field:
+                    description: |-
+                      uuid3Field must be a valid UUID version 3 (MD5 hash-based).
+                      Version 3 UUIDs are generated using MD5 hashing of a namespace and name.
+                      Valid example: a3bb189e-8bf9-3888-9912-ace4e6543002.
+                    format: uuid3
+                    maxLength: 36
+                    minLength: 36
+                    type: string
+                  uuid4Field:
+                    description: |-
+                      uuid4Field must be a valid UUID version 4 (random).
+                      Version 4 UUIDs are randomly generated.
+                      Valid example: 550e8400-e29b-41d4-a716-446655440000.
+                    format: uuid4
+                    maxLength: 36
+                    minLength: 36
+                    type: string
+                  uuid5Field:
+                    description: |-
+                      uuid5Field must be a valid UUID version 5 (SHA-1 hash-based).
+                      Version 5 UUIDs are generated using SHA-1 hashing of a namespace and name.
+                      Valid example: 74738ff5-5367-5958-9aee-98fffdcd1876.
+                    format: uuid5
+                    maxLength: 36
+                    minLength: 36
+                    type: string
+                  uuidField:
+                    description: |-
+                      uuidField must be a valid UUID (any version) in 8-4-4-4-12 format.
+                      Valid examples include 550e8400-e29b-41d4-a716-446655440000 or 123e4567-e89b-12d3-a456-426614174000.
+                    format: uuid
+                    maxLength: 36
+                    minLength: 36
+                    type: string
+                type: object
               immutableField:
                 description: |-
                   immutableField is a field that is immutable once the object has been created.