wip: crd: require unique hosts

CRD does not support `uniqueItems: true` validation: ``` The CustomResourceDefinition "routegroups.zalando.org" is invalid: spec.validation.openAPIV3Schema.properties[spec].properties[hosts].uniqueItems: Forbidden: uniqueItems cannot be set to true since the runtime complexity becomes quadratic ``` This change attempts to use [validation rules](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#validation-rules) to enforce unique hosts which currently fails with: ``` The CustomResourceDefinition "routegroups.zalando.org" is invalid: * spec.validation.openAPIV3Schema.properties[spec].properties[hosts].x-kubernetes-validations[0].rule: Forbidden: estimated rule cost exceeds budget by factor of more than 100x (try simplifying the rule, or adding maxItems, maxProperties, and maxLength where arrays, maps, and strings are declared) * spec.validation.openAPIV3Schema.properties[spec].properties[hosts].x-kubernetes-validations[0].rule: Forbidden: contributed to estimated rule cost total exceeding cost limit for entire OpenAPIv3 schema * spec.validation.openAPIV3Schema: Forbidden: x-kubernetes-validations estimated rule cost total for entire OpenAPIv3 schema exceeds budget by factor of more than 100x (try simplifying the rule, or adding maxItems, maxProperties, and maxLength where arrays, maps, and strings are declared) ``` Adding `+kubebuilder:validation:MaxItems` does not help, apply fails even for small value of `MaxItems=10`. Signed-off-by: Alexander Yastrebov <[email protected]>
szuecs · Mar 26, 2024 · af02bb2 · af02bb2
1 parent d0c44d0
commit af02bb2
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/apis/zalando.org/v1/types.go b/apis/zalando.org/v1/types.go
@@ -43,6 +43,7 @@ type RouteGroupList struct {
 type RouteGroupSpec struct {
 	// List of hostnames for the RouteGroup
 	// +kubebuilder:validation:MinItems=1
+	// +kubebuilder:validation:XValidation:rule="self.all(i, size(self.filter(j, j==i)) == 1)", message="hosts can not contain duplicates"
 	Hosts []string `json:"hosts,omitempty"`
 	// List of backends that can be referenced in the routes
 	Backends []RouteGroupBackend `json:"backends"`

diff --git a/zalando.org_routegroups.yaml b/zalando.org_routegroups.yaml
@@ -136,6 +136,9 @@ spec:
                   type: string
                 minItems: 1
                 type: array
+                x-kubernetes-validations:
+                - message: hosts can not contain duplicates
+                  rule: self.all(i, size(self.filter(j, j==i)) == 1)
               routes:
                 description: Routes describe how a matching HTTP request is handled
                   and where it is forwarded to