stackit-dev-tools/terraform-provider-stackitprivatepreview
2
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix(ske): prevent usage of UUID for dns extension (#1025)

Browse source 
Signed-off-by: Alexander Dahmen <alexander.dahmen@inovex.de>
This commit is contained in:
Alexander Dahmen 2025-10-10 14:24:29 +02:00 committed by GitHub
parent 55a9a430fc
commit 3769b43527
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 65 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
stackit/internal/services/ske/cluster/resource.go
View file

@ -12,6 +12,7 @@ import (
serviceenablementUtils "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/serviceenablement/utils" serviceenablementUtils "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/serviceenablement/utils"
skeUtils "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/ske/utils" skeUtils "github.com/stackitcloud/terraform-provider-stackit/stackit/internal/services/ske/utils"
"github.com/hashicorp/terraform-plugin-framework-validators/listvalidator"
"github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator" "github.com/hashicorp/terraform-plugin-framework-validators/stringvalidator"
"github.com/hashicorp/terraform-plugin-framework/attr" "github.com/hashicorp/terraform-plugin-framework/attr"
"github.com/hashicorp/terraform-plugin-framework/diag" "github.com/hashicorp/terraform-plugin-framework/diag"
@ -660,6 +661,9 @@ func (r *clusterResource) Schema(_ context.Context, _ resource.SchemaRequest, re
PlanModifiers: []planmodifier.List{ PlanModifiers: []planmodifier.List{
listplanmodifier.UseStateForUnknown(), listplanmodifier.UseStateForUnknown(),
}, },
Validators: []validator.List{
listvalidator.ValueStringsAre(validate.NoUUID()),
},
}, },
}, },
}, },

17
stackit/internal/validate/validate.go
View file

@ -67,6 +67,23 @@ func UUID() *Validator {
} }
} }
func NoUUID() *Validator {
description := "value must not be an UUID"
return &Validator{
description: description,
validate: func(_ context.Context, req validator.StringRequest, resp *validator.StringResponse) {
if _, err := uuid.Parse(req.ConfigValue.ValueString()); err == nil {
resp.Diagnostics.Append(validatordiag.InvalidAttributeValueDiagnostic(
req.Path,
description,
req.ConfigValue.ValueString(),
))
}
},
}
}
// IP returns a validator that checks, if the given string is a valid IP address. // IP returns a validator that checks, if the given string is a valid IP address.
// The allowZeroAddress parameter defines, if 0.0.0.0, resp. [::] should be considered valid. // The allowZeroAddress parameter defines, if 0.0.0.0, resp. [::] should be considered valid.
func IP(allowZeroAddress bool) *Validator { func IP(allowZeroAddress bool) *Validator {

44
stackit/internal/validate/validate_test.go
View file

@ -55,6 +55,50 @@ func TestUUID(t *testing.T) {
} }
} }
func TestNoUUID(t *testing.T) {
tests := []struct {
description string
input string
isValid bool
}{
{
"UUID",
"cae27bba-c43d-498a-861e-d11d241c4ff8",
false,
},
{
"no UUID",
"a-b-c-d",
true,
},
{
"Empty",
"",
true,
},
{
"domain name",
"www.test.de",
true,
},
}
for _, tt := range tests {
t.Run(tt.description, func(t *testing.T) {
r := validator.StringResponse{}
NoUUID().ValidateString(context.Background(), validator.StringRequest{
ConfigValue: types.StringValue(tt.input),
}, &r)
if !tt.isValid && !r.Diagnostics.HasError() {
t.Fatalf("Should have failed")
}
if tt.isValid && r.Diagnostics.HasError() {
t.Fatalf("Should not have failed: %v", r.Diagnostics.Errors())
}
})
}
}
func TestIP(t *testing.T) { func TestIP(t *testing.T) {
tests := []struct { tests := []struct {
description string description string