kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Validate additionalNetworkCIDRs only set on AWS

This commit is contained in:
John Gardiner Myers 2023-01-22 11:24:28 -08:00
parent bd265c1f41
commit f16c807f09
1 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/apis/kops/validation/validation.go
View File

@ -294,6 +294,7 @@ type cloudProviderConstraints struct {
requiresSubnets bool requiresSubnets bool
requiresNetworkCIDR bool requiresNetworkCIDR bool
prohibitsNetworkCIDR bool prohibitsNetworkCIDR bool
prohibitsMultipleNetworkCIDRs bool
requiresNonMasqueradeCIDR bool requiresNonMasqueradeCIDR bool
requiresServiceClusterSubnetOfNonMasqueradeCIDR bool requiresServiceClusterSubnetOfNonMasqueradeCIDR bool
requiresSubnetCIDR bool requiresSubnetCIDR bool
@ -303,6 +304,7 @@ func validateCloudProvider(c *kops.Cluster, provider *kops.CloudProviderSpec, fi
constraints = &cloudProviderConstraints{ constraints = &cloudProviderConstraints{
requiresSubnets: true, requiresSubnets: true,
requiresNetworkCIDR: true, requiresNetworkCIDR: true,
prohibitsMultipleNetworkCIDRs: true,
requiresNonMasqueradeCIDR: true, requiresNonMasqueradeCIDR: true,
requiresServiceClusterSubnetOfNonMasqueradeCIDR: true, requiresServiceClusterSubnetOfNonMasqueradeCIDR: true,
requiresSubnetCIDR: true, requiresSubnetCIDR: true,
@ -312,6 +314,7 @@ func validateCloudProvider(c *kops.Cluster, provider *kops.CloudProviderSpec, fi
if c.Spec.CloudProvider.AWS != nil { if c.Spec.CloudProvider.AWS != nil {
optionTaken = true optionTaken = true
allErrs = append(allErrs, validateAWS(c, provider.AWS, fieldSpec.Child("aws"))...) allErrs = append(allErrs, validateAWS(c, provider.AWS, fieldSpec.Child("aws"))...)
constraints.prohibitsMultipleNetworkCIDRs = false
} }
if c.Spec.CloudProvider.Azure != nil { if c.Spec.CloudProvider.Azure != nil {
if optionTaken { if optionTaken {
@ -950,11 +953,15 @@ func validateNetworking(cluster *kops.Cluster, v *kops.NetworkingSpec, fldPath *
} }
} }
for i, cidr := range v.AdditionalNetworkCIDRs { if len(v.AdditionalNetworkCIDRs) > 0 && providerConstraints.prohibitsMultipleNetworkCIDRs {
networkCIDR, errs := parseCIDR(fldPath.Child("additionalNetworkCIDRs").Index(i), cidr) allErrs = append(allErrs, field.Forbidden(fldPath.Child("additionalNetworkCIDRs"), fmt.Sprintf("%s doesn't support additionalNetworkCIDRs", c.GetCloudProvider())))
allErrs = append(allErrs, errs...) } else {
if networkCIDR != nil { for i, cidr := range v.AdditionalNetworkCIDRs {
networkCIDRs = append(networkCIDRs, networkCIDR) networkCIDR, errs := parseCIDR(fldPath.Child("additionalNetworkCIDRs").Index(i), cidr)
allErrs = append(allErrs, errs...)
if networkCIDR != nil {
networkCIDRs = append(networkCIDRs, networkCIDR)
}
} }
} }