Skip to content

Commit c7319b5

Browse files
patrickdillonpatrickdillon
committed
An incorrect regex validation prevents
users from specifying AWS tag keys or values that include spaces, which are allowed by AWS's official regex: https://docs.aws.amazon.com/directoryservice/latest/devguide/API_Tag.html This also updates some further validations that were missing and adds godoc text.
1 parent c1a063b commit c7319b5

File tree

41 files changed

+697
-158
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

41 files changed

+697
-158
lines changed

config/v1/types_infrastructure.go

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -528,18 +528,21 @@ type AWSPlatformStatus struct {
528528

529529
// AWSResourceTag is a tag to apply to AWS resources created for the cluster.
530530
type AWSResourceTag struct {
531-
// key is the key of the tag
531+
// key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
532+
// Length Constraints: Minimum length of 1. Maximum length of 128.
533+
// The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
532534
// +kubebuilder:validation:MinLength=1
533535
// +kubebuilder:validation:MaxLength=128
534-
// +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$`
536+
// +kubebuilder:validation:XValidation:rule=`self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')`,message="invalid AWS resource tag key. The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'"
535537
// +required
536538
Key string `json:"key"`
537-
// value is the value of the tag.
539+
// value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
540+
// The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
538541
// Some AWS service do not support empty values. Since tags are added to resources in many services, the
539542
// length of the tag value must meet the requirements of all services.
540543
// +kubebuilder:validation:MinLength=1
541544
// +kubebuilder:validation:MaxLength=256
542-
// +kubebuilder:validation:Pattern=`^[0-9A-Za-z_.:/=+-@]+$`
545+
// +kubebuilder:validation:XValidation:rule=`self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')`,message="invalid AWS resource tag value. The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@'"
543546
// +required
544547
Value string `json:"value"`
545548
}

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1305,20 +1305,34 @@ spec:
13051305
created for the cluster.
13061306
properties:
13071307
key:
1308-
description: key is the key of the tag
1308+
description: |-
1309+
key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
1310+
Length Constraints: Minimum length of 1. Maximum length of 128.
1311+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
13091312
maxLength: 128
13101313
minLength: 1
1311-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
13121314
type: string
1315+
x-kubernetes-validations:
1316+
- message: invalid AWS resource tag key. The string
1317+
can contain only the set of Unicode letters, digits,
1318+
white-space, '_', '.', '/', '=', '+', '-', ':',
1319+
'@' and cannot be prefixed with 'aws:'
1320+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
13131321
value:
13141322
description: |-
1315-
value is the value of the tag.
1323+
value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
1324+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
13161325
Some AWS service do not support empty values. Since tags are added to resources in many services, the
13171326
length of the tag value must meet the requirements of all services.
13181327
maxLength: 256
13191328
minLength: 1
1320-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
13211329
type: string
1330+
x-kubernetes-validations:
1331+
- message: invalid AWS resource tag value. The string
1332+
can contain only the set of Unicode letters, digits,
1333+
white-space, '_', '.', '/', '=', '+', '-', ':',
1334+
'@'
1335+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
13221336
required:
13231337
- key
13241338
- value

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-Default.crd.yaml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1185,20 +1185,34 @@ spec:
11851185
created for the cluster.
11861186
properties:
11871187
key:
1188-
description: key is the key of the tag
1188+
description: |-
1189+
key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
1190+
Length Constraints: Minimum length of 1. Maximum length of 128.
1191+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
11891192
maxLength: 128
11901193
minLength: 1
1191-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
11921194
type: string
1195+
x-kubernetes-validations:
1196+
- message: invalid AWS resource tag key. The string
1197+
can contain only the set of Unicode letters, digits,
1198+
white-space, '_', '.', '/', '=', '+', '-', ':',
1199+
'@' and cannot be prefixed with 'aws:'
1200+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
11931201
value:
11941202
description: |-
1195-
value is the value of the tag.
1203+
value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
1204+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
11961205
Some AWS service do not support empty values. Since tags are added to resources in many services, the
11971206
length of the tag value must meet the requirements of all services.
11981207
maxLength: 256
11991208
minLength: 1
1200-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
12011209
type: string
1210+
x-kubernetes-validations:
1211+
- message: invalid AWS resource tag value. The string
1212+
can contain only the set of Unicode letters, digits,
1213+
white-space, '_', '.', '/', '=', '+', '-', ':',
1214+
'@'
1215+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
12021216
required:
12031217
- key
12041218
- value

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1305,20 +1305,34 @@ spec:
13051305
created for the cluster.
13061306
properties:
13071307
key:
1308-
description: key is the key of the tag
1308+
description: |-
1309+
key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
1310+
Length Constraints: Minimum length of 1. Maximum length of 128.
1311+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
13091312
maxLength: 128
13101313
minLength: 1
1311-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
13121314
type: string
1315+
x-kubernetes-validations:
1316+
- message: invalid AWS resource tag key. The string
1317+
can contain only the set of Unicode letters, digits,
1318+
white-space, '_', '.', '/', '=', '+', '-', ':',
1319+
'@' and cannot be prefixed with 'aws:'
1320+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
13131321
value:
13141322
description: |-
1315-
value is the value of the tag.
1323+
value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
1324+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
13161325
Some AWS service do not support empty values. Since tags are added to resources in many services, the
13171326
length of the tag value must meet the requirements of all services.
13181327
maxLength: 256
13191328
minLength: 1
1320-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
13211329
type: string
1330+
x-kubernetes-validations:
1331+
- message: invalid AWS resource tag value. The string
1332+
can contain only the set of Unicode letters, digits,
1333+
white-space, '_', '.', '/', '=', '+', '-', ':',
1334+
'@'
1335+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
13221336
required:
13231337
- key
13241338
- value

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1305,20 +1305,34 @@ spec:
13051305
created for the cluster.
13061306
properties:
13071307
key:
1308-
description: key is the key of the tag
1308+
description: |-
1309+
key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
1310+
Length Constraints: Minimum length of 1. Maximum length of 128.
1311+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
13091312
maxLength: 128
13101313
minLength: 1
1311-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
13121314
type: string
1315+
x-kubernetes-validations:
1316+
- message: invalid AWS resource tag key. The string
1317+
can contain only the set of Unicode letters, digits,
1318+
white-space, '_', '.', '/', '=', '+', '-', ':',
1319+
'@' and cannot be prefixed with 'aws:'
1320+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
13131321
value:
13141322
description: |-
1315-
value is the value of the tag.
1323+
value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
1324+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
13161325
Some AWS service do not support empty values. Since tags are added to resources in many services, the
13171326
length of the tag value must meet the requirements of all services.
13181327
maxLength: 256
13191328
minLength: 1
1320-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
13211329
type: string
1330+
x-kubernetes-validations:
1331+
- message: invalid AWS resource tag value. The string
1332+
can contain only the set of Unicode letters, digits,
1333+
white-space, '_', '.', '/', '=', '+', '-', ':',
1334+
'@'
1335+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
13221336
required:
13231337
- key
13241338
- value

config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AAA_ungated.yaml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1158,20 +1158,34 @@ spec:
11581158
created for the cluster.
11591159
properties:
11601160
key:
1161-
description: key is the key of the tag
1161+
description: |-
1162+
key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
1163+
Length Constraints: Minimum length of 1. Maximum length of 128.
1164+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
11621165
maxLength: 128
11631166
minLength: 1
1164-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
11651167
type: string
1168+
x-kubernetes-validations:
1169+
- message: invalid AWS resource tag key. The string
1170+
can contain only the set of Unicode letters, digits,
1171+
white-space, '_', '.', '/', '=', '+', '-', ':',
1172+
'@' and cannot be prefixed with 'aws:'
1173+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
11661174
value:
11671175
description: |-
1168-
value is the value of the tag.
1176+
value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
1177+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
11691178
Some AWS service do not support empty values. Since tags are added to resources in many services, the
11701179
length of the tag value must meet the requirements of all services.
11711180
maxLength: 256
11721181
minLength: 1
1173-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
11741182
type: string
1183+
x-kubernetes-validations:
1184+
- message: invalid AWS resource tag value. The string
1185+
can contain only the set of Unicode letters, digits,
1186+
white-space, '_', '.', '/', '=', '+', '-', ':',
1187+
'@'
1188+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
11751189
required:
11761190
- key
11771191
- value

config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/AWSClusterHostedDNS.yaml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1255,20 +1255,34 @@ spec:
12551255
created for the cluster.
12561256
properties:
12571257
key:
1258-
description: key is the key of the tag
1258+
description: |-
1259+
key sets the key of the AWS resource tag key-value pair. Key is required when defining an AWS resource tag.
1260+
Length Constraints: Minimum length of 1. Maximum length of 128.
1261+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':', '@' and cannot be prefixed with 'aws:'.
12591262
maxLength: 128
12601263
minLength: 1
1261-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
12621264
type: string
1265+
x-kubernetes-validations:
1266+
- message: invalid AWS resource tag key. The string
1267+
can contain only the set of Unicode letters, digits,
1268+
white-space, '_', '.', '/', '=', '+', '-', ':',
1269+
'@' and cannot be prefixed with 'aws:'
1270+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
12631271
value:
12641272
description: |-
1265-
value is the value of the tag.
1273+
value sets the value of the AWS resource tag key-value pair. Value is required when defining an AWS resource tag.
1274+
The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-', ':','@'.
12661275
Some AWS service do not support empty values. Since tags are added to resources in many services, the
12671276
length of the tag value must meet the requirements of all services.
12681277
maxLength: 256
12691278
minLength: 1
1270-
pattern: ^[0-9A-Za-z_.:/=+-@]+$
12711279
type: string
1280+
x-kubernetes-validations:
1281+
- message: invalid AWS resource tag value. The string
1282+
can contain only the set of Unicode letters, digits,
1283+
white-space, '_', '.', '/', '=', '+', '-', ':',
1284+
'@'
1285+
rule: self.matches('^[0-9A-Za-z_.:/=+-@ ]+$')
12721286
required:
12731287
- key
12741288
- value

0 commit comments

Comments
 (0)