diff --git a/apis/v1/shared_types.go b/apis/v1/shared_types.go index bed2cc8b8e..954c605428 100644 --- a/apis/v1/shared_types.go +++ b/apis/v1/shared_types.go @@ -745,7 +745,7 @@ const ( ) // SessionPersistence defines the desired state of SessionPersistence. -// +kubebuilder:validation:XValidation:message="AbsoluteTimeout must be specified when cookie lifetimeType is Permanent",rule="!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)" +// +kubebuilder:validation:XValidation:message="AbsoluteTimeout must be specified when cookie lifetimeType is Permanent",rule="!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)" type SessionPersistence struct { // SessionName defines the name of the persistent session token // which may be reflected in the cookie or the header. Users diff --git a/config/crd/experimental/gateway.networking.k8s.io_backendlbpolicies.yaml b/config/crd/experimental/gateway.networking.k8s.io_backendlbpolicies.yaml index e92593fbd3..446ca46a9a 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_backendlbpolicies.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_backendlbpolicies.yaml @@ -149,8 +149,8 @@ spec: x-kubernetes-validations: - message: AbsoluteTimeout must be specified when cookie lifetimeType is Permanent - rule: '!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType - != ''Permanent'' || has(self.absoluteTimeout)' + rule: '!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) + || self.cookieConfig.lifetimeType != ''Permanent'' || has(self.absoluteTimeout)' targetRefs: description: |- TargetRef identifies an API object to apply policy to. diff --git a/config/crd/experimental/gateway.networking.k8s.io_grpcroutes.yaml b/config/crd/experimental/gateway.networking.k8s.io_grpcroutes.yaml index a72329aa2b..6169a72f2c 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_grpcroutes.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_grpcroutes.yaml @@ -2025,8 +2025,8 @@ spec: x-kubernetes-validations: - message: AbsoluteTimeout must be specified when cookie lifetimeType is Permanent - rule: '!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType - != ''Permanent'' || has(self.absoluteTimeout)' + rule: '!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) + || self.cookieConfig.lifetimeType != ''Permanent'' || has(self.absoluteTimeout)' type: object maxItems: 16 type: array @@ -4352,8 +4352,8 @@ spec: x-kubernetes-validations: - message: AbsoluteTimeout must be specified when cookie lifetimeType is Permanent - rule: '!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType - != ''Permanent'' || has(self.absoluteTimeout)' + rule: '!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) + || self.cookieConfig.lifetimeType != ''Permanent'' || has(self.absoluteTimeout)' type: object maxItems: 16 type: array diff --git a/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml b/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml index 88609d2e72..07c291a17c 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_httproutes.yaml @@ -2812,8 +2812,8 @@ spec: x-kubernetes-validations: - message: AbsoluteTimeout must be specified when cookie lifetimeType is Permanent - rule: '!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType - != ''Permanent'' || has(self.absoluteTimeout)' + rule: '!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) + || self.cookieConfig.lifetimeType != ''Permanent'' || has(self.absoluteTimeout)' timeouts: description: |+ Timeouts defines the timeouts that can be configured for an HTTP request. @@ -6043,8 +6043,8 @@ spec: x-kubernetes-validations: - message: AbsoluteTimeout must be specified when cookie lifetimeType is Permanent - rule: '!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType - != ''Permanent'' || has(self.absoluteTimeout)' + rule: '!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) + || self.cookieConfig.lifetimeType != ''Permanent'' || has(self.absoluteTimeout)' timeouts: description: |+ Timeouts defines the timeouts that can be configured for an HTTP request. diff --git a/geps/gep-1619/index.md b/geps/gep-1619/index.md index 52096b7752..389d0a72cf 100644 --- a/geps/gep-1619/index.md +++ b/geps/gep-1619/index.md @@ -487,7 +487,7 @@ type BackendLBPolicySpec struct { // SessionPersistence defines the desired state of // SessionPersistence. -// +kubebuilder:validation:XValidation:rule="!has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)",message="AbsoluteTimeout must be specified when cookie lifetimeType is Permanent" +// +kubebuilder:validation:XValidation:message="AbsoluteTimeout must be specified when cookie lifetimeType is Permanent",rule="!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)" type SessionPersistence struct { // SessionName defines the name of the persistent session token // which may be reflected in the cookie or the header. Users diff --git a/pkg/test/cel/backendlbpolicy_test.go b/pkg/test/cel/backendlbpolicy_test.go index 10a1c08441..ed83b2e7f3 100644 --- a/pkg/test/cel/backendlbpolicy_test.go +++ b/pkg/test/cel/backendlbpolicy_test.go @@ -80,6 +80,14 @@ func TestBackendLBPolicyConfig(t *testing.T) { }, wantErrors: []string{}, }, + { + name: "valid BackendLBPolicyConfig header-based session persistence", + sessionPersistence: gatewayv1a2.SessionPersistence{ + SessionName: ptrTo("foo"), + Type: ptrTo(gatewayv1.HeaderBasedSessionPersistence), + }, + wantErrors: []string{}, + }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) {