fix: added missing validations

Author: pawan1210

modules/backend/metadata.display.yaml

@@ -34,6 +34,55 @@ spec:
         cdn_policy:
           name: cdn_policy
           title: Cdn Policy
+          properties:
+            signed_url_cache_max_age_sec:
+              name: signed_url_cache_max_age_sec
+              title: Signed URL Cache Max Age Sec
+              regexValidation: ^\d+$
+              validation: Must be a non-negative integer representing the maximum cache age in seconds, for example 0, 300, or 3600. Only numeric digits are allowed
+            cache_mode:
+              name: cache_mode
+              title: Cache Mode
+              enumValueLabels:
+                - label: CACHE_ALL_STATIC
+                  value: CACHE_ALL_STATIC
+                - label: USE_ORIGIN_HEADERS
+                  value: USE_ORIGIN_HEADERS
+                - label: FORCE_CACHE_ALL
+                  value: FORCE_CACHE_ALL
+            bypass_cache_on_request_headers:
+              name: bypass_cache_on_request_headers
+              title: Bypass Cache On Request Headers
+              properties:
+                header_name:
+                  name: header_name
+                  title: Header Name
+                  regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
+                  validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
+            cache_key_policy:
+              name: cache_key_policy
+              title: Cache Key Policy
+              properties:
+                query_string_blacklist:
+                  name: query_string_blacklist
+                  title: Query String Blacklist
+                  regexValidation: ^[a-zA-Z0-9_-]+$
+                  validation: Must only contain letters (a–z, A–Z), numbers (0–9), underscores (_), or hyphens (-)
+                query_string_whitelist:
+                  name: query_string_whitelist
+                  title: Query String Whitelist
+                  regexValidation: ^[a-zA-Z0-9_-]+$
+                  validation: Must only contain letters (a–z, A–Z), numbers (0–9), underscores (_), or hyphens (-)
+                include_http_headers:
+                  name: include_http_headers
+                  title: Include Http Headers
+                  regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
+                  validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
+                include_named_cookies:
+                  name: include_named_cookies
+                  title: Include Named Cookies
+                  regexValidation: ^[A-Za-z0-9!#%&'*+.^_|~\-]{1,63}$
+                  validation: "Must be a valid cookie name: 1–63 characters, containing only letters [A–Z, a–z], digits [0–9], and the special characters [! # % & ' * + . ^ _ | ~ -]"
         compression_mode:
           name: compression_mode
           title: Compression Mode
@@ -48,9 +97,13 @@ spec:
         custom_request_headers:
           name: custom_request_headers
           title: Custom Request Headers
+          regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
+          validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
         custom_response_headers:
           name: custom_response_headers
           title: Custom Response Headers
+          regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
+          validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
         description:
           name: description
           title: Description
@@ -63,15 +116,93 @@ spec:
         firewall_networks:
           name: firewall_networks
           title: Firewall Networks
+          regexValidation: ^(projects\/[a-z0-9\-]+\/global\/networks\/[a-zA-Z0-9\-_]+|[a-zA-Z0-9\-_]+)$
+          validation: Network must be a valid network name or a full resource path.
         firewall_projects:
           name: firewall_projects
           title: Firewall Projects
+          regexValidation: ^[a-z][a-z0-9-]{4,28}[a-z0-9]$
+          validation: Project ID must be 6 to 30 characters, consist of lowercase letters, numbers, and hyphens, and start with a letter
+        firewall_source_ranges:
+          name: firewall_source_ranges
+          title: Firewall Source Ranges
+          regexValidation: ^((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)\.){3}(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)\/([0-9]|[1-2][0-9]|3[0-2])$
+          validation: Must be a valid CIDR range
         groups:
           name: groups
           title: Groups
+          properties:
+            balancing_mode:
+              name: balancing_mode
+              title: Balancing Mode
+              enumValueLabels:
+                - label: CONNECTION
+                  value: CONNECTION
+                - label: RATE
+                  value: RATE
+                - label: UTILIZATION
+                  value: UTILIZATION
+                - label: CUSTOM_METRICS
+                  value: CUSTOM_METRICS
         health_check:
           name: health_check
           title: Health Check
+          properties:
+            host:
+              name: host
+              title: Host
+              regexValidation: ^(([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,63}|\d{1,3}(\.\d{1,3}){3}|\[?[A-Fa-f0-9:]+\]?)$
+              validation: Must be a valid hostname (RFC 1035), IPv4 address, or IPv6 address
+            request_path:
+              name: request_path
+              title: Request Path
+              regexValidation: ^\/.*$
+              validation: Must start with a forward slash `/` and can include any valid path characters.
+            request:
+              name: request
+              title: Request
+              regexValidation: ^[\x20-\x7E]*$
+              validation: Must contain only ASCII characters
+            response:
+              name: response
+              title: Response
+              regexValidation: ^[\x20-\x7E]*$
+              validation: Must contain only ASCII characters
+            port_name:
+              name: port_name
+              title: Port Name
+              regexValidation: ^[a-z]([-a-z0-9]{0,61}[a-z0-9])?$
+              validation: Must start with a lowercase letter, contain only lowercase letters, digits, or hyphens, and end with a letter or digit
+            proxy_header:
+              name: proxy_header
+              title: Proxy Header
+              enumValueLabels:
+                - label: NONE
+                  value: NONE
+                - label: PROXY_V1
+                  value: PROXY_V1
+            port_specification:
+              name: port_specification
+              title: Port Specification
+              enumValueLabels:
+                - label: USE_FIXED_PORT
+                  value: USE_FIXED_PORT
+                - label: USE_NAMED_PORT
+                  value: USE_NAMED_PORT
+                - label: USE_SERVING_PORT
+                  value: USE_SERVING_PORT
+            protocol:
+              name: protocol
+              title: Protocol
+              enumValueLabels:
+                - label: HTTP
+                  value: HTTP
+                - label: HTTPS
+                  value: HTTPS
+                - label: HTTP2
+                  value: HTTP2
+                - label: TCP
+                  value: TCP
         host_path_mappings:
           name: host_path_mappings
           title: Host Path Mappings
@@ -90,6 +221,23 @@ spec:
         locality_lb_policy:
           name: locality_lb_policy
           title: Locality Lb Policy
+          enumValueLabels:
+            - label: ROUND_ROBIN
+              value: ROUND_ROBIN
+            - label: LEAST_REQUEST
+              value: LEAST_REQUEST
+            - label: RING_HASH
+              value: RING_HASH
+            - label: RANDOM
+              value: RANDOM
+            - label: ORIGINAL_DESTINATION
+              value: ORIGINAL_DESTINATION
+            - label: MAGLEV
+              value: MAGLEV
+            - label: WEIGHTED_MAGLEV
+              value: WEIGHTED_MAGLEV
+            - label: WEIGHTED_ROUND_ROBIN
+              value: WEIGHTED_ROUND_ROBIN
         log_config:
           name: log_config
           title: Log Config
@@ -104,24 +252,72 @@ spec:
         port_name:
           name: port_name
           title: Port Name
+          regexValidation: ^[a-z]([-a-z0-9]{0,61}[a-z0-9])?$
+          validation: Must start with a lowercase letter, contain only lowercase letters, digits, or hyphens, and end with a letter or digit
         project_id:
           name: project_id
           title: Project Id
         protocol:
           name: protocol
           title: Protocol
+          enumValueLabels:
+            - label: HTTP
+              value: HTTP
+            - label: HTTPS
+              value: HTTPS
+            - label: HTTP2
+              value: HTTP2
+            - label: TCP
+              value: TCP
         security_policy:
           name: security_policy
           title: Security Policy
+          regexValidation: ^(projects\/[a-z][a-z0-9-]{4,61}[a-z0-9]\/global\/securityPolicies\/[a-z]([-a-z0-9]{0,61}[a-z0-9])?|[a-z]([-a-z0-9]{0,61}[a-z0-9])?)$
+          validation: Must be a valid security policy name or full resource path in the format "projects/{project}/global/securityPolicies/{policy}"
         serverless_neg_backends:
           name: serverless_neg_backends
           title: Serverless Neg Backends
+          properties:
+            type:
+              name: type
+              title: Type
+              enumValueLabels:
+                - label: Cloud Run
+                  value: cloud-run
+                - label: Cloud Function
+                  value: cloud-function
+                - label: App Engine
+                  value: app-engine
+            service_name:
+              name: service_name
+              title: Service Name
+              regexValidation: ^[a-z]([-a-z0-9]{0,61}[a-z0-9])?$
+              validation: Must be a valid service name (lowercase, hyphens, numbers, up to 63 chars).
         session_affinity:
           name: session_affinity
           title: Session Affinity
+          enumValueLabels:
+            - label: NONE
+              value: NONE
+            - label: CLIENT_IP
+              value: CLIENT_IP
+            - label: CLIENT_IP_PORT_PROTO
+              value: CLIENT_IP_PORT_PROTO
+            - label: CLIENT_IP_PROTO
+              value: CLIENT_IP_PROTO
+            - label: GENERATED_COOKIE
+              value: GENERATED_COOKIE
+            - label: HEADER_FIELD
+              value: HEADER_FIELD
+            - label: HTTP_COOKIE
+              value: HTTP_COOKIE
+            - label: STRONG_COOKIE_AFFINITY
+              value: STRONG_COOKIE_AFFINITY
         target_service_accounts:
           name: target_service_accounts
           title: Target Service Accounts
+          regexValidation: ^[a-z][a-z0-9-]{4,29}@[a-z][a-z0-9-]{4,29}\.iam\.gserviceaccount\.com$
+          validation: Service account email must be in the format {account-id}@{project-id}.iam.gserviceaccount.com
         target_tags:
           name: target_tags
           title: Target Tags

modules/frontend/metadata.display.yaml

@@ -31,12 +31,16 @@ spec:
         address:
           name: address
           title: Address
+          regexValidation: ^(((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])|([0-9a-fA-F:]+)|projects/[a-z0-9-]+/(global|regions/[a-z0-9-]+)/addresses/[a-z][a-z0-9-]{0,61}[a-z0-9])$
+          validation: Must be a valid IPv4 address, IPv6 address, or a reference to a Compute Address resource in the format [projects/{project}/global/addresses/{name}] or [projects/{project}/regions/{region}/addresses/{name}]
         certificate:
           name: certificate
           title: Certificate
         certificate_map:
           name: certificate_map
           title: Certificate Map
+          regexValidation: ^//certificatemanager\.googleapis\.com/projects/[a-z][a-z0-9-]{0,61}[a-z0-9]/locations/global/certificateMaps/[a-zA-Z][a-zA-Z0-9_-]{0,62}[a-zA-Z0-9]$
+          validation:  full resource path of a GCP CertificateMap resource
         create_address:
           name: create_address
           title: Create Address
@@ -70,6 +74,8 @@ spec:
         ipv6_address:
           name: ipv6_address
           title: Ipv6 Address
+          regexValidation: ^(([0-9A-Fa-f]{1,4}:){1,7}[0-9A-Fa-f]{1,4}|::1|::)$
+          validation: Must be a valid IPv6 address.
         labels:
           name: labels
           title: Labels
@@ -92,6 +98,8 @@ spec:
         network:
           name: network
           title: Network
+          regexValidation: ^(projects\/[a-z0-9\-]+\/global\/networks\/[a-zA-Z0-9\-_]+|[a-zA-Z0-9\-_]+)$
+          validation: Network must be a valid network name or a full resource path.
         private_key:
           name: private_key
           title: Private Key
@@ -101,24 +109,53 @@ spec:
         quic:
           name: quic
           title: Quic
+          enumValueLabels:
+            - label: ENABLE
+              value: ENABLE
+            - label: DISABLE
+              value: DISABLE
+            - label: NONE
+              value: NONE
         random_certificate_suffix:
           name: random_certificate_suffix
           title: Random Certificate Suffix
         server_tls_policy:
           name: server_tls_policy
           title: Server Tls Policy
+          regexValidation: ^projects\/[a-z0-9][-a-z0-9]{4,28}[a-z0-9]\/locations\/[a-z0-9-]+\/serverTlsPolicies\/[a-z]([-a-z0-9]{0,61}[a-z0-9])$
+          validation: Must be a valid server TLS policy full resource URL.
         ssl:
           name: ssl
           title: Ssl
         ssl_certificates:
           name: ssl_certificates
           title: Ssl Certificates
+          regexValidation: ^(https:\/\/www\.googleapis\.com\/compute\/v1\/)?projects\/[a-z0-9][-a-z0-9]{4,28}[a-z0-9]\/global\/sslCertificates\/[a-z]([-a-z0-9]{0,61}[a-z0-9])$|^[a-z]([-a-z0-9]{0,61}[a-z0-9])$
+          validation: Must be a valid SSL certificate resource URL.
         ssl_policy:
           name: ssl_policy
           title: Ssl Policy
+          regexValidation: ^(https:\/\/www\.googleapis\.com\/compute\/v1\/)?projects\/[a-z0-9][-a-z0-9]{4,28}[a-z0-9]\/global\/sslPolicies\/[a-z]([-a-z0-9]{0,61}[a-z0-9])$|^[a-z]([-a-z0-9]{0,61}[a-z0-9])$
+          validation: Must be a valid SSL policy name or full resource URL.
         url_map_input:
           name: url_map_input
           title: Url Map Input
+          properties:
+            host:
+              name: host
+              title: Host
+              regexValidation: ^(\*|(\*\.)?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?(\.[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*)(\.[a-z]{2,})?$
+              validation: "Must be a valid host pattern: a fully qualified domain name (e.g., example.com), or a wildcard in the first component only (e.g., *.example.com). Must contain only lowercase letters, digits, hyphens (-), and dots (.), and be 1–255 characters long"
+            path:
+              name: path
+              title: Path
+              regexValidation: ^(/.*)$
+              validation: Path values must start with "/"
+            backend_service:
+              name: backend_service
+              title: Backend Service
+              regexValidation: ^projects/[a-z0-9-]+/global/(backendServices|backendBuckets)/[a-z]([a-z0-9-]{0,61}[a-z0-9])?$
+              validation: Must be a reference to a global backend service or backend bucket in the format [projects/{project}/global/backendServices/{name}] or [projects/{project}/global/backendBuckets/{name}]
         url_map_resource_uri:
           name: url_map_resource_uri
           title: Url Map Resource Uri