Completing CEL validation for Gateway

kubernetes-sigs · Aug 3, 2023 · 107892a · 107892a
1 parent f2b55c8
commit 107892a
Show file tree

Hide file tree

Showing 8 changed files with 301 additions and 38 deletions.
diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go
@@ -149,6 +149,7 @@ type GatewaySpec struct {
 	// Support: Extended
 	//
 	// +optional
+	// <gateway:validateIPAddress>
 	// +kubebuilder:validation:MaxItems=16
 	// +kubebuilder:validation:XValidation:message="IPAddress values must be unique",rule="self.all(a1, a1.type == 'IPAddress' ? self.exists_one(a2, a2.type == a1.type && a2.value == a1.value) : true )"
 	// +kubebuilder:validation:XValidation:message="Hostname values must be unique",rule="self.all(a1, a1.type == 'Hostname' ? self.exists_one(a2, a2.type == a1.type && a2.value == a1.value) : true )"
@@ -486,6 +487,8 @@ type GatewayAddress struct {
 }
 
 // GatewayStatusAddress describes an address that is bound to a Gateway.
+//
+// +kubebuilder:validation:XValidation:message="Hostname value must only contain valid characters (matching ^(\\*\\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$)",rule="self.type == 'Hostname' ? self.value.matches('^(\\\\*\\\\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$'): true"
 type GatewayStatusAddress struct {
 	// Type of the address.
 	//
@@ -511,6 +514,7 @@ type GatewayStatus struct {
 	// assigns an address from a reserved pool.
 	//
 	// +optional
+	// <gateway:validateIPAddress>
 	// +kubebuilder:validation:MaxItems=16
 	Addresses []GatewayStatusAddress `json:"addresses,omitempty"`
 

diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml
diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml
diff --git a/examples/standard/gateway-addresses.yaml b/examples/standard/gateway-addresses.yaml
@@ -0,0 +1,27 @@
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: Gateway
+metadata:
+  name: gateway-addresses
+spec:
+  gatewayClassName: acme-lb
+  addresses:
+  - value: 1200:0000:AB00:1234:0000:2552:7777:1313
+  - value: 21DA:D3:0:2F3B:2AA:FF:FE28:9C5A
+  - value: "2001:db8:3c4d:15:0:d234:3eee::"
+  - value: "1234::"
+  - value: "1.1.1.1"
+  - value: "1.2.3.4"
+  - value: "0.0.0.0"
+  - value: "9.255.255.255"
+  - value: "11.0.0.0"
+  - type: IPAddress
+    value: "255.255.255.255"
+  - type: "Hostname"
+    value: "example.com"
+  listeners:
+  - protocol: HTTP
+    port: 80
+    name: prod-web-gw
+    allowedRoutes:
+      namespaces:
+        from: Same
diff --git a/examples/standard/simple-gateway/gateway.yaml b/examples/standard/simple-gateway/gateway.yaml
@@ -7,7 +7,7 @@ metadata:
   name: prod-web
 spec:
   gatewayClassName: acme-lb
-  listeners:  
+  listeners:
   - protocol: HTTP
     port: 80
     name: prod-web-gw