Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add --subnet validation #15517

Closed
spowelljr opened this issue Dec 14, 2022 · 9 comments · Fixed by #15530
Closed

Add --subnet validation #15517

spowelljr opened this issue Dec 14, 2022 · 9 comments · Fixed by #15530
Assignees
@shubhbapna
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/improvement Categorizes issue or PR as related to improving upon a current feature. priority/backlog Higher priority than priority/awaiting-more-evidence.

Comments

@spowelljr
Copy link
Member

spowelljr commented Dec 14, 2022
edited

If the IP/CIDR passed in is not a private IP it should fail during validation as the way the incrementing and retries work it's impossible to start with a public IP and for it to increment into a private IP. Also, we should require that if a CIDR is passed in that the mask is no greater than /30. A mask of /30 gives a range of 4 IPs, anything larger reduces that number and is guaranteed to fail as minikube requires at least 4 IPs.
@spowelljr spowelljr added help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. priority/backlog Higher priority than priority/awaiting-more-evidence. good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. kind/improvement Categorizes issue or PR as related to improving upon a current feature. labels Dec 14, 2022
@shubhbapna
Copy link
Contributor

Hi there! Can I take a shot at this?

@shubhbapna
Copy link
Contributor

/assign

@spowelljr
Copy link
Member Author

Hi @shubhbapna, for sure!

@shubhbapna
Copy link
Contributor

@spowelljr I have been going through the codebase and it seems like we might already have the functions that can perform these checks. I am thinking of exposing two functions from the network package - isSubnetPrivate and inspect (inspect might be an overkill so maybe I can break it down into 2 functions and just expose what is required) and then simply call them inside a validator while parsing the subnet flag in start_flags.go

What do you think? If I am going in a completely different direction pls let me know

@spowelljr
Copy link
Member Author

@shubhbapna Golang's net package has an isPrivate func that was added in go 1.17. isSubnetPrivate should be deleted and all references should be replaced with this new function. This will simplify the private check in the validation.

I don't think that importing the inspect func is necessary. The only parts we should need from it are:

	ip, network, err := net.ParseCIDR(addr)
	if err != nil {
		ip = net.ParseIP(addr)
		if ip == nil {
			return nil, fmt.Errorf("failed parsing address %s: %w", addr, err)
		}
	}

And if ParseCIDR is successful just check the mask and make sure's it's less than 30.

@shubhbapna
Copy link
Contributor

shubhbapna commented Dec 15, 2022
edited

Gotcha, thank you! For deleting isSubnetPrivate, should I do that in a separate PR?

@spowelljr
Copy link
Member Author

You can if you'd like, even including it in this PR I'm assuming the PR will be fairly small, but completely up to you

@shubhbapna
Copy link
Contributor

shubhbapna commented Dec 17, 2022
edited

I think I found an issue in network_test while cleaning up isSubnetPrivate. So I think it will be better if I do this clean up in a separate PR

It seems like TestFreeSubnet is not restoring the mocks which has an effect on the subsequent tests. For eg: NonPrivateSubnet test ends up using the mocked inspect from the FirstSubnetIPV6NetworkFound test

What do you think @spowelljr ?

@shubhbapna shubhbapna mentioned this issue Dec 17, 2022
Merged
@spowelljr
Copy link
Member Author

spowelljr commented Dec 22, 2022
edited

Feel free to make two PRs then, you can create an issue for what you discovered and assign yourself

@shubhbapna shubhbapna mentioned this issue Jan 10, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shubhbapna shubhbapna

Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. kind/improvement Categorizes issue or PR as related to improving upon a current feature. priority/backlog Higher priority than priority/awaiting-more-evidence.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added --subnet validation shubhbapna/minikube
2 participants
@shubhbapna @spowelljr