Add field validation for ExternalLoadBalancers

kubernetes · Nov 20, 2020 · 088f75f · 088f75f
1 parent 6cfe240
commit 088f75f
Showing 1 changed file with 54 additions and 0 deletions.
diff --git a/pkg/apis/kops/validation/instancegroup.go b/pkg/apis/kops/validation/instancegroup.go
@@ -130,6 +130,12 @@ func ValidateInstanceGroup(g *kops.InstanceGroup, cloud fi.Cloud) field.ErrorLis
 		allErrs = append(allErrs, awsValidateInstanceGroup(g, cloud.(awsup.AWSCloud))...)
 	}
 
+	for i, lb := range g.Spec.ExternalLoadBalancers {
+		path := field.NewPath("spec", "externalLoadBalancers").Index(i)
+
+		allErrs = append(allErrs, validateExternalLoadBalancer(&lb, path)...)
+	}
+
 	return allErrs
 }
 
@@ -278,3 +284,51 @@ func validateCloudLabels(ig *kops.InstanceGroup, fldPath *field.Path) (allErrs f
 	}
 	return allErrs
 }
+
+func validateExternalLoadBalancer(lb *kops.LoadBalancer, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+
+	if lb.LoadBalancerName != nil && lb.TargetGroupARN != nil {
+		allErrs = append(allErrs, field.TooMany(fldPath, 2, 1))
+	}
+
+	if lb.LoadBalancerName != nil {
+		name := fi.StringValue(lb.LoadBalancerName)
+		if len(name) > 32 {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("loadBalancerName"), name,
+				"Load Balancer name must have at most 32 characters"))
+		}
+	}
+
+	if lb.TargetGroupARN != nil {
+		actual := fi.StringValue(lb.TargetGroupARN)
+
+		parsed, err := arn.Parse(actual)
+		if err != nil {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("targetGroupArn"), actual,
+				fmt.Sprintf("Target Group ARN must be a valid AWS ARN: %v", err)))
+			return allErrs
+		}
+
+		resource := strings.Split(parsed.Resource, "/")
+		if len(resource) != 3 {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("targetGroupArn"), actual,
+				"Target Group ARN resource must be a valid AWS ARN resource such as \"targetgroup/tg-name/1234567890123456\""))
+			return allErrs
+		}
+
+		kind := resource[0]
+		if kind != "targetgroup" {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("targetGroupArn"), kind,
+				"Target Group ARN resource type must be \"targetgroup\""))
+		}
+
+		name := resource[1]
+		if len(name) > 32 {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("targetGroupArn"), name,
+				"Target Group ARN resource name must have at most 32 characters"))
+		}
+	}
+
+	return allErrs
+}