openstack: Validate additionalNetworkIDs

Add a pre-flight check that verifies that the networks listed in the
machine-pool property `additionalNetworkIDs` actually exist on the
cloud.

Author: pierreprinetti

pkg/asset/installconfig/openstack/validation/cloudinfo.go

@@ -46,6 +46,7 @@ type CloudInfo struct {
 	VolumeTypes             []string
 	NetworkExtensions       []extensions.Extension
 	Quotas                  []quota.Quota
+	Networks                []string
 
 	clients *clients
 }
@@ -238,6 +239,11 @@ func (ci *CloudInfo) collectInfo(ctx context.Context, ic *types.InstallConfig) e
 		return fmt.Errorf("failed to fetch network extensions: %w", err)
 	}
 
+	ci.Networks, err = ci.getNetworks(ctx)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }
 
@@ -295,6 +301,26 @@ func (ci *CloudInfo) getFlavor(ctx context.Context, flavorName string) (Flavor,
 	}, nil
 }
 
+// getNetworks returns all the network IDs available on the cloud.
+func (ci *CloudInfo) getNetworks(ctx context.Context) ([]string, error) {
+	pages, err := networks.List(ci.clients.networkClient, nil).AllPages(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	networks, err := networks.ExtractNetworks(pages)
+	if err != nil {
+		return nil, err
+	}
+
+	networkIDs := make([]string, len(networks))
+	for i := range networks {
+		networkIDs[i] = networks[i].ID
+	}
+
+	return networkIDs, nil
+}
+
 func (ci *CloudInfo) getNetworkByName(ctx context.Context, networkName string) (*networks.Network, error) {
 	if networkName == "" {
 		return nil, nil

pkg/asset/installconfig/openstack/validation/machinepool.go

@@ -68,10 +68,25 @@ func ValidateMachinePool(p *openstack.MachinePool, ci *CloudInfo, controlPlane b
 	allErrs = append(allErrs, validateZones(p.Zones, ci.ComputeZones, fldPath.Child("zones"))...)
 	allErrs = append(allErrs, validateUUIDV4s(p.AdditionalNetworkIDs, fldPath.Child("additionalNetworkIDs"))...)
 	allErrs = append(allErrs, validateUUIDV4s(p.AdditionalSecurityGroupIDs, fldPath.Child("additionalSecurityGroupIDs"))...)
+	allErrs = append(allErrs, validateAdditionalNetworks(p.AdditionalNetworkIDs, ci.Networks, fldPath.Child("additionalNetworkIDs"))...)
 
 	return allErrs
 }
 
+func validateAdditionalNetworks(additionalNetworkIDs, availableNetworks []string, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+	networkSet := make(map[string]struct{}, len(availableNetworks))
+	for i := range availableNetworks {
+		networkSet[availableNetworks[i]] = struct{}{}
+	}
+	for i, n := range additionalNetworkIDs {
+		if _, ok := networkSet[n]; !ok {
+			allErrs = append(allErrs, field.Invalid(fldPath.Index(i), n, "Network either does not exist in this cloud, or is not available"))
+		}
+	}
+	return allErrs
+}
+
 func validateZones(input []string, available []string, fldPath *field.Path) field.ErrorList {
 	// check if machinepool default
 	if len(input) == 1 && input[0] == "" {