-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.13.z, 4.14.z, 4.15.z, 4.16.z
-
Moderate
-
None
-
2
-
NE Sprint 264, NE Sprint 265, NI&D Sprint 266, NI&D Sprint 267
-
4
-
Rejected
-
False
-
-
The "haproxy.router.openshift.io/ip_allowlist" route annotation will now skip invalid IPs and CIDRs.
-
Bug Fix
-
In Progress
Description
The parseIPList function currently fails to handle IP lists that contain both valid and invalid IPs or CIDRs. When the function encounters an invalid entry, it immediately returns an empty string, which prevents any valid IPs from being processed or returned.
Expected Behavior
- The function should process the entire list of IPs or CIDRs.
- It should return a string of all valid IPs and CIDRs, even if there are some invalid entries.
- Invalid entries should be logged for debugging purposes, but they should not cause the function to exit prematurely.
Current Behavior
- The function returns an empty string as soon as it encounters an invalid IP or CIDR.
- No valid IPs are returned if any invalid entries are found.
Steps to Reproduce
- Provide a list of IPs or CIDRs that includes both valid and invalid entries to the parseIPList function.
- Observe that the function returns an empty string, regardless of the valid entries present.
Suggested Solution
Modify the parseIPList function to:
- Collect valid IPs and CIDRs while logging invalid ones.
- Return a space-separated string of valid IPs and CIDRs.
- Log all invalid entries for visibility and debugging.
Additional Information
- A recent PR addresses this issue by enhancing the function to handle mixed validity lists more gracefully.
- This change improves the robustness of IP list processing and provides better insights into invalid entries.
- links to
-
RHEA-2024:11038
OpenShift Container Platform 4.19.z bug fix update
[OCPBUGS-39403] parseIPList Function fails to process all valid IPs When a invalid entries is present in router whitelist ip list
OpenShift Jira Bot
added a comment - Bugs should not be moved to Verified without first providing a Release Note Type("Bug Fix" or "No Doc Update") and for type "Bug Fix" the Release Note Text must also be provided. Please populate the necessary fields before moving the Bug to Verified.
OpenShift Jira Bot
added a comment - Hi alebedev@redhat.com ,
Bugs should not be moved to Verified without first providing a Release Note Type("Bug Fix" or "No Doc Update") and for type "Bug Fix" the Release Note Text must also be provided. Please populate the necessary fields before moving the Bug to Verified. Bug has been pre-merge-verified: https://github.com/openshift/router/pull/621#issuecomment-2652031006
OpenShift Jira Bot
added a comment - This bug is being closed because it has not had any activity in the past 3 months. While it represents a valid problem, leaving such bugs open provides a false indication that they will be addressed. Please reopen the bug if you have additional context that would help us better understand what needs to be done.
OpenShift Jira Bot
added a comment - This bug is being closed because it has not had any activity in the past 3 months. While it represents a valid problem, leaving such bugs open provides a false indication that they will be addressed. Please reopen the bug if you have additional context that would help us better understand what needs to be done. upstream issue and PR
https://github.com/openshift/router/issues/620
https://github.com/openshift/router/pull/621
moving to verified as bug was successfully verified on pre-merge