add validation of vip length in webhook

api/v1alpha1/vip_webhook.go

@@ -18,8 +18,8 @@ package v1alpha1
 
 import (
 	"fmt"
+	"net"
 
-	"github.com/vishvananda/netlink"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -89,12 +89,23 @@ func (r *Vip) validateVip() error {
 }
 
 func (r *Vip) validateAddresses() error {
-	// todo: alpha supports one address only
+	// cidr validation for alpha
+	if len(r.Spec.Vips) != 1 {
+		return fmt.Errorf("only one item is supported")
+	}
 	for _, addr := range r.Spec.Vips {
-		_, err := netlink.ParseIPNet(addr)
+		ip, ipnet, err := net.ParseCIDR(addr)
 		if err != nil {
 			return err
 		}
+		// ipv4 cidr validation for alpha
+		if ip.To4() != nil && ipnet.Mask.String() != net.CIDRMask(32, 32).String() {
+			return fmt.Errorf("only /32 address is supported for ipv4 vips")
+		}
+		// ipv6 cidr validation for alpha
+		if ip.To4() == nil && ipnet.Mask.String() != net.CIDRMask(128, 128).String() {
+			return fmt.Errorf("only /128 address is supported for ipv6 vips")
+		}
 	}
 	return nil
 }

config/samples/meridio_v1alpha1_vip.yaml

@@ -7,8 +7,7 @@ metadata:
 spec:
   # Add fields here
   vips:
-    - "20.0.0.1/32"
-    - "2000::1/128"
+    - "20.0.0.1/28"
 ---
 apiVersion: meridio.nordix.org/v1alpha1
 kind: Vip
@@ -30,5 +29,4 @@ metadata:
 spec:
   # Add fields here
   vips:
-    - "20.0.0.1/32"
     - "2000::1/128"

go.mod

@@ -6,7 +6,6 @@ require (
 	github.com/go-logr/logr v0.3.0
 	github.com/onsi/ginkgo v1.14.1
 	github.com/onsi/gomega v1.10.2
-	github.com/vishvananda/netlink v1.1.0
 	golang.org/x/net v0.0.0-20200707034311-ab3426394381
 	gopkg.in/yaml.v2 v2.3.0
 	k8s.io/api v0.19.2