Add validation to ensure ClusterName fields are equal in MD/MS/MP

Signed-off-by: Stefan Büringer buringerst@vmware.com

Author: sbueringer

exp/internal/webhooks/machinepool.go

@@ -174,6 +174,17 @@ func (webhook *MachinePool) validate(oldObj, newObj *clusterv1.MachinePool) erro
 		)
 	}
 
+	if newObj.Spec.ClusterName != newObj.Spec.Template.Spec.ClusterName {
+		allErrs = append(
+			allErrs,
+			field.Invalid(
+				specPath.Child("clusterName"),
+				newObj.Spec.ClusterName,
+				"spec.clusterName and spec.template.spec.clusterName must be set to the same value",
+			),
+		)
+	}
+
 	if newObj.Spec.Template.Spec.Version != "" {
 		if !version.KubeSemver.MatchString(newObj.Spec.Template.Spec.Version) {
 			allErrs = append(allErrs, field.Invalid(specPath.Child("template", "spec", "version"), newObj.Spec.Template.Spec.Version, "must be a valid semantic version"))

exp/internal/webhooks/machinepool_test.go

@@ -309,7 +309,8 @@ func TestMachinePoolClusterNameImmutable(t *testing.T) {
 					ClusterName: tt.newClusterName,
 					Template: clusterv1.MachineTemplateSpec{
 						Spec: clusterv1.MachineSpec{
-							Bootstrap: clusterv1.Bootstrap{ConfigRef: &clusterv1.ContractVersionedObjectReference{}},
+							ClusterName: tt.newClusterName,
+							Bootstrap:   clusterv1.Bootstrap{ConfigRef: &clusterv1.ContractVersionedObjectReference{}},
 						},
 					},
 				},
@@ -320,7 +321,8 @@ func TestMachinePoolClusterNameImmutable(t *testing.T) {
 					ClusterName: tt.oldClusterName,
 					Template: clusterv1.MachineTemplateSpec{
 						Spec: clusterv1.MachineSpec{
-							Bootstrap: clusterv1.Bootstrap{ConfigRef: &clusterv1.ContractVersionedObjectReference{}},
+							ClusterName: tt.oldClusterName,
+							Bootstrap:   clusterv1.Bootstrap{ConfigRef: &clusterv1.ContractVersionedObjectReference{}},
 						},
 					},
 				},
@@ -338,6 +340,56 @@ func TestMachinePoolClusterNameImmutable(t *testing.T) {
 	}
 }
 
+func TestMachinePoolClusterNamesEqual(t *testing.T) {
+	tests := []struct {
+		name                        string
+		specClusterName             string
+		specTemplateSpecClusterName string
+		expectErr                   bool
+	}{
+		{
+			name:                        "clusterName fields are set to the same value",
+			specClusterName:             "foo",
+			specTemplateSpecClusterName: "foo",
+			expectErr:                   false,
+		},
+		{
+			name:                        "clusterName fields are set to different values",
+			specClusterName:             "foo",
+			specTemplateSpecClusterName: "bar",
+			expectErr:                   true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+
+			ms := &clusterv1.MachinePool{
+				Spec: clusterv1.MachinePoolSpec{
+					ClusterName: tt.specClusterName,
+					Template: clusterv1.MachineTemplateSpec{
+						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.specTemplateSpecClusterName,
+							Bootstrap: clusterv1.Bootstrap{
+								DataSecretName: ptr.To("data-secret"),
+							},
+						},
+					},
+				},
+			}
+
+			warnings, err := (&MachinePool{}).ValidateCreate(ctx, ms)
+			if tt.expectErr {
+				g.Expect(err).To(HaveOccurred())
+			} else {
+				g.Expect(err).ToNot(HaveOccurred())
+			}
+			g.Expect(warnings).To(BeEmpty())
+		})
+	}
+}
+
 func TestMachinePoolVersionValidation(t *testing.T) {
 	tests := []struct {
 		name      string

internal/webhooks/machinedeployment.go

@@ -241,6 +241,17 @@ func (webhook *MachineDeployment) validate(oldMD, newMD *clusterv1.MachineDeploy
 		)
 	}
 
+	if newMD.Spec.ClusterName != newMD.Spec.Template.Spec.ClusterName {
+		allErrs = append(
+			allErrs,
+			field.Invalid(
+				specPath.Child("clusterName"),
+				newMD.Spec.ClusterName,
+				"spec.clusterName and spec.template.spec.clusterName must be set to the same value",
+			),
+		)
+	}
+
 	if newMD.Spec.Strategy != nil && newMD.Spec.Strategy.RollingUpdate != nil {
 		total := 1
 		if newMD.Spec.Replicas != nil {

internal/webhooks/machinedeployment_test.go

@@ -43,7 +43,8 @@ func TestMachineDeploymentDefault(t *testing.T) {
 			ClusterName: "test-cluster",
 			Template: clusterv1.MachineTemplateSpec{
 				Spec: clusterv1.MachineSpec{
-					Version: "1.19.10",
+					ClusterName: "test-cluster",
+					Version:     "1.19.10",
 					Bootstrap: clusterv1.Bootstrap{
 						DataSecretName: ptr.To("data-secret"),
 					},
@@ -154,7 +155,8 @@ func TestMachineDeploymentReferenceDefault(t *testing.T) {
 			ClusterName: "test-cluster",
 			Template: clusterv1.MachineTemplateSpec{
 				Spec: clusterv1.MachineSpec{
-					Version: "1.19.10",
+					ClusterName: "test-cluster",
+					Version:     "1.19.10",
 					Bootstrap: clusterv1.Bootstrap{
 						ConfigRef: &clusterv1.ContractVersionedObjectReference{},
 					},
@@ -690,6 +692,7 @@ func TestMachineDeploymentClusterNameImmutable(t *testing.T) {
 					ClusterName: tt.newClusterName,
 					Template: clusterv1.MachineTemplateSpec{
 						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.newClusterName,
 							Bootstrap: clusterv1.Bootstrap{
 								DataSecretName: ptr.To("data-secret"),
 							},
@@ -703,6 +706,7 @@ func TestMachineDeploymentClusterNameImmutable(t *testing.T) {
 					ClusterName: tt.oldClusterName,
 					Template: clusterv1.MachineTemplateSpec{
 						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.oldClusterName,
 							Bootstrap: clusterv1.Bootstrap{
 								DataSecretName: ptr.To("data-secret"),
 							},
@@ -728,6 +732,56 @@ func TestMachineDeploymentClusterNameImmutable(t *testing.T) {
 	}
 }
 
+func TestMachineDeploymentClusterNamesEqual(t *testing.T) {
+	tests := []struct {
+		name                        string
+		specClusterName             string
+		specTemplateSpecClusterName string
+		expectErr                   bool
+	}{
+		{
+			name:                        "clusterName fields are set to the same value",
+			specClusterName:             "foo",
+			specTemplateSpecClusterName: "foo",
+			expectErr:                   false,
+		},
+		{
+			name:                        "clusterName fields are set to different values",
+			specClusterName:             "foo",
+			specTemplateSpecClusterName: "bar",
+			expectErr:                   true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+
+			ms := &clusterv1.MachineDeployment{
+				Spec: clusterv1.MachineDeploymentSpec{
+					ClusterName: tt.specClusterName,
+					Template: clusterv1.MachineTemplateSpec{
+						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.specTemplateSpecClusterName,
+							Bootstrap: clusterv1.Bootstrap{
+								DataSecretName: ptr.To("data-secret"),
+							},
+						},
+					},
+				},
+			}
+
+			warnings, err := (&MachineDeployment{}).ValidateCreate(ctx, ms)
+			if tt.expectErr {
+				g.Expect(err).To(HaveOccurred())
+			} else {
+				g.Expect(err).ToNot(HaveOccurred())
+			}
+			g.Expect(warnings).To(BeEmpty())
+		})
+	}
+}
+
 func TestMachineDeploymentTemplateMetadataValidation(t *testing.T) {
 	tests := []struct {
 		name        string

internal/webhooks/machineset.go

@@ -209,6 +209,17 @@ func (webhook *MachineSet) validate(oldMS, newMS *clusterv1.MachineSet) error {
 		)
 	}
 
+	if newMS.Spec.ClusterName != newMS.Spec.Template.Spec.ClusterName {
+		allErrs = append(
+			allErrs,
+			field.Invalid(
+				specPath.Child("clusterName"),
+				newMS.Spec.ClusterName,
+				"spec.clusterName and spec.template.spec.clusterName must be set to the same value",
+			),
+		)
+	}
+
 	if newMS.Spec.Template.Spec.Version != "" {
 		if !version.KubeSemver.MatchString(newMS.Spec.Template.Spec.Version) {
 			allErrs = append(

internal/webhooks/machineset_test.go

@@ -398,6 +398,7 @@ func TestMachineSetClusterNameImmutable(t *testing.T) {
 					ClusterName: tt.newClusterName,
 					Template: clusterv1.MachineTemplateSpec{
 						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.newClusterName,
 							Bootstrap: clusterv1.Bootstrap{
 								DataSecretName: ptr.To("data-secret"),
 							},
@@ -411,6 +412,7 @@ func TestMachineSetClusterNameImmutable(t *testing.T) {
 					ClusterName: tt.oldClusterName,
 					Template: clusterv1.MachineTemplateSpec{
 						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.oldClusterName,
 							Bootstrap: clusterv1.Bootstrap{
 								DataSecretName: ptr.To("data-secret"),
 							},
@@ -430,6 +432,56 @@ func TestMachineSetClusterNameImmutable(t *testing.T) {
 	}
 }
 
+func TestMachineSetClusterNamesEqual(t *testing.T) {
+	tests := []struct {
+		name                        string
+		specClusterName             string
+		specTemplateSpecClusterName string
+		expectErr                   bool
+	}{
+		{
+			name:                        "clusterName fields are set to the same value",
+			specClusterName:             "foo",
+			specTemplateSpecClusterName: "foo",
+			expectErr:                   false,
+		},
+		{
+			name:                        "clusterName fields are set to different values",
+			specClusterName:             "foo",
+			specTemplateSpecClusterName: "bar",
+			expectErr:                   true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+
+			ms := &clusterv1.MachineSet{
+				Spec: clusterv1.MachineSetSpec{
+					ClusterName: tt.specClusterName,
+					Template: clusterv1.MachineTemplateSpec{
+						Spec: clusterv1.MachineSpec{
+							ClusterName: tt.specTemplateSpecClusterName,
+							Bootstrap: clusterv1.Bootstrap{
+								DataSecretName: ptr.To("data-secret"),
+							},
+						},
+					},
+				},
+			}
+
+			warnings, err := (&MachineSet{}).ValidateCreate(ctx, ms)
+			if tt.expectErr {
+				g.Expect(err).To(HaveOccurred())
+			} else {
+				g.Expect(err).ToNot(HaveOccurred())
+			}
+			g.Expect(warnings).To(BeEmpty())
+		})
+	}
+}
+
 func TestMachineSetVersionValidation(t *testing.T) {
 	tests := []struct {
 		name      string