Uploaded image for project: 'OpenShift Cloud'
  1. OpenShift Cloud
  2. OCPCLOUD-1411

Ensure that validating webhooks for Machine API will reject mismatched platform types

    XMLWordPrintable

Details

    • Story
    • Resolution: Done
    • Major
    • None
    • None
    • 3
    • False
    • False
    • CLOUD Sprint 215, CLOUD Ready for Development

    Description

      User Story

      As a user I would like to ensure that I don't create Machines or MachineSets that have the incorrect provider spec for the platform. Having a check in the validating webhooks would ensure that I do not create Machine records which are difficult to remove.

      Background

      In a recent discussion from internal Red Hat slack, a customer has created a Machine record for AWS that contains a vSphere provider spec. This has resulted in a Machine object which will not delete cleanly as the webhooks will not validate it (since the provider spec contains the wrong fields), and removing the finalizer does not help this situation.

      Discussion from slack (this will not work for non-Red Hatters): https://coreos.slack.com/archives/CBZHF4DHC/p1642711385068300

      Steps

      • Ensure that the validating webhooks will check the provider spec to ensure that it is the proper type for the platform.

      Stakeholders

      • OpenShift SRE

      Definition of Done

      • Validating webhooks don't allow creation of records with a mismatched ProviderSpec
      • Docs
      • This should not require a docs update
      • Testing
      • Unit tests should be created to ensure this is rejected

      Attachments

        Activity

          People

            fedosin Mikhail Fedosin (Inactive)
            mimccune@redhat.com Michael McCune
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: