diff --git a/pkg/apis/kops/validation/aws.go b/pkg/apis/kops/validation/aws.go index 65f189d850..14472c7da8 100644 --- a/pkg/apis/kops/validation/aws.go +++ b/pkg/apis/kops/validation/aws.go @@ -208,7 +208,7 @@ func awsValidateLoadBalancerSubnets(fieldPath *field.Path, spec kops.ClusterSpec for i, subnet := range lbSpec.Subnets { var clusterSubnet *kops.ClusterSubnetSpec if subnet.Name == "" { - allErrs = append(allErrs, field.Invalid(fieldPath.Index(i).Child("name"), subnet, "subnet name can't be empty")) + allErrs = append(allErrs, field.Required(fieldPath.Index(i).Child("name"), "subnet name can't be empty")) } else { for _, cs := range spec.Subnets { if subnet.Name == cs.Name { @@ -217,16 +217,16 @@ func awsValidateLoadBalancerSubnets(fieldPath *field.Path, spec kops.ClusterSpec } } if clusterSubnet == nil { - allErrs = append(allErrs, field.Invalid(fieldPath.Index(i).Child("name"), subnet, fmt.Sprintf("subnet %q not found in cluster subnets", subnet.Name))) + allErrs = append(allErrs, field.NotFound(fieldPath.Index(i).Child("name"), fmt.Sprintf("subnet %q not found in cluster subnets", subnet.Name))) } } if subnet.PrivateIPv4Address != nil { if *subnet.PrivateIPv4Address == "" { - allErrs = append(allErrs, field.Invalid(fieldPath.Index(i).Child("privateIPv4Address"), subnet, "privateIPv4Address can't be empty")) + allErrs = append(allErrs, field.Required(fieldPath.Index(i).Child("privateIPv4Address"), "privateIPv4Address can't be empty")) } ip := net.ParseIP(*subnet.PrivateIPv4Address) - if ip == nil { + if ip == nil || ip.To4() == nil { allErrs = append(allErrs, field.Invalid(fieldPath.Index(i).Child("privateIPv4Address"), subnet, "privateIPv4Address is not a valid IPv4 address")) } else if clusterSubnet != nil { _, ipNet, err := net.ParseCIDR(clusterSubnet.CIDR) @@ -238,7 +238,7 @@ func awsValidateLoadBalancerSubnets(fieldPath *field.Path, spec kops.ClusterSpec } if lbSpec.Class != kops.LoadBalancerClassNetwork || lbSpec.Type != kops.LoadBalancerTypeInternal { - allErrs = append(allErrs, field.Invalid(fieldPath.Index(i).Child("privateIPv4Address"), subnet, "privateIPv4Address only allowed for internal NLBs")) + allErrs = append(allErrs, field.Forbidden(fieldPath.Index(i).Child("privateIPv4Address"), "privateIPv4Address only allowed for internal NLBs")) } } } diff --git a/pkg/apis/kops/validation/aws_test.go b/pkg/apis/kops/validation/aws_test.go index 32f64635f1..596edfd15a 100644 --- a/pkg/apis/kops/validation/aws_test.go +++ b/pkg/apis/kops/validation/aws_test.go @@ -283,7 +283,7 @@ func TestLoadBalancerSubnets(t *testing.T) { PrivateIPv4Address: nil, }, }, - expected: []string{"Invalid value::spec.api.loadBalancer.subnets[0].name"}, + expected: []string{"Required value::spec.api.loadBalancer.subnets[0].name"}, }, { // subnet not found clusterSubnets: []string{"a", "b", "c"}, @@ -293,7 +293,7 @@ func TestLoadBalancerSubnets(t *testing.T) { PrivateIPv4Address: nil, }, }, - expected: []string{"Invalid value::spec.api.loadBalancer.subnets[0].name"}, + expected: []string{"Not found::spec.api.loadBalancer.subnets[0].name"}, }, { // empty privateIPv4Address clusterSubnets: []string{"a", "b", "c"}, @@ -303,7 +303,7 @@ func TestLoadBalancerSubnets(t *testing.T) { PrivateIPv4Address: fi.String(""), }, }, - expected: []string{"Invalid value::spec.api.loadBalancer.subnets[0].privateIPv4Address"}, + expected: []string{"Required value::spec.api.loadBalancer.subnets[0].privateIPv4Address"}, }, { // invalid privateIPv4Address clusterSubnets: []string{"a", "b", "c"}, @@ -334,7 +334,7 @@ func TestLoadBalancerSubnets(t *testing.T) { PrivateIPv4Address: fi.String("10.0.0.10"), }, }, - expected: []string{"Invalid value::spec.api.loadBalancer.subnets[0].privateIPv4Address"}, + expected: []string{"Forbidden::spec.api.loadBalancer.subnets[0].privateIPv4Address"}, }, { // invalid type lbType: fi.String(string(kops.LoadBalancerTypePublic)), @@ -345,7 +345,7 @@ func TestLoadBalancerSubnets(t *testing.T) { PrivateIPv4Address: fi.String("10.0.0.10"), }, }, - expected: []string{"Invalid value::spec.api.loadBalancer.subnets[0].privateIPv4Address"}, + expected: []string{"Forbidden::spec.api.loadBalancer.subnets[0].privateIPv4Address"}, }, }