Skip to content

Commit

Permalink
network: disallow legacy hostNetwork together with non-default provider
Browse files Browse the repository at this point in the history 
Fixes: #13692

Since the introduction of the "host" network provider, the  legacy
"hostNetwork" setting is intended to be used only in combination with
the default network provider (""), but the code did not enforce this.

This change adds the required validation checks to throw errors
in invalid constellations.

Signed-off-by: Michael Adam <obnox@samba.org>
  • Loading branch information
@obnoxxx
obnoxxx committed Feb 6, 2024
1 parent a33aa90 commit d9aef18
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions pkg/apis/ceph.rook.io/v1/network.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,9 @@ func (n *NetworkSpec) IsHost() bool {
}

func ValidateNetworkSpec(clusterNamespace string, spec NetworkSpec) error {
if spec.HostNetwork && (spec.provider != NetworkProviderDefault) {

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephObjectSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephMultiClusterDeploySuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephHelmSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / unittests 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephSmokeSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephObjectSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / linux-build-all (1.21) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / docs-check 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / canary 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / govulncheck 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephUpgradeSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephHelmSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephSmokeSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / macos-build 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestHelmUpgradeSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / osd-with-metadata-device 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephUpgradeSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / raw-disk 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestHelmUpgradeSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / two-osds-in-device 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / lvm 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / pvc-db 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / pvc 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-db 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-db-wal 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / pvc-db-wal 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-kms-vault-k8s-auth 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-kms-vault-token-auth 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / lvm-pvc 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / multi-cluster-mirroring 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / csi-hostnetwork-disabled 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / multus-cluster-network 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 42 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / rgw-multisite-testing 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)
return errors.Errorf("the legacy hostNetwork setting is only valid with the default network provider'\"\"' and not with '%q'", spec.provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephObjectSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)) (typecheck)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)) (typecheck)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / golangci-lint 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)) (typecheck)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephMultiClusterDeploySuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephHelmSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / unittests 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephSmokeSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephObjectSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / linux-build-all (1.21) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / docs-check 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / canary 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / govulncheck 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephUpgradeSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephHelmSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephSmokeSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / macos-build 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestHelmUpgradeSuite (v1.23.17) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / osd-with-metadata-device 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestCephUpgradeSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / raw-disk 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / TestHelmUpgradeSuite (v1.29.0) 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / two-osds-in-device 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / lvm 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / pvc-db 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / pvc 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-db 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-db-wal 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / pvc-db-wal 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-kms-vault-k8s-auth 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / encryption-pvc-kms-vault-token-auth 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / lvm-pvc 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / multi-cluster-mirroring 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / csi-hostnetwork-disabled 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / multus-cluster-network 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)

Check failure on line 43 in pkg/apis/ceph.rook.io/v1/network.go

View workflow job for this annotation

GitHub Actions / rgw-multisite-testing 

spec.provider undefined (type NetworkSpec has no field or method provider, but does have Provider)
}
if spec.IsMultus() {
if len(spec.Selectors) == 0 {
return errors.Errorf("at least one network selector must be specified when using the %q network provider", NetworkProviderMultus)
Expand Down

0 comments on commit d9aef18

Please sign in to comment.