Bug 2116686

Summary: [capi] Cluster kind should be valid
Product: OpenShift Container Platform Reporter: sunzhaohua <zhsun>
Component: Cloud ComputeAssignee: Alberto <agarcial>
Cloud Compute sub component: Other Providers QA Contact: sunzhaohua <zhsun>
Status: CLOSED ERRATA Docs Contact:
Severity: low    
Priority: low CC: mimccune
Version: 4.12   
Target Milestone: ---   
Target Release: 4.13.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-17 22:46:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description sunzhaohua 2022-08-09 07:39:37 UTC 
Description of problem:
Cluster kind should be valid

Version-Release number of selected component (if applicable):
4.12.0-0.nightly-2022-08-08-143443

How reproducible:
Always

Steps to Reproduce:
1. Enable capi by featuregate
2. Create a cluster resource with invalid or empty kind
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
  name: zhsunupi-h8wbm
  namespace: openshift-cluster-api
spec:
  infrastructureRef:
    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
    kind: "invalid"
    name: zhsunupi-h8wbm
    namespace: openshift-cluster-api
3. Check the created cluster
4. Delete cluster
$ oc delete cluster zhsunupi-h8wbm      
cluster.cluster.x-k8s.io "zhsunupi-h8wbm" deleted
^C

Actual results:
Cluster was created successful, and couldn't be deleted.
$ oc get cluster  
NAME             PHASE      AGE     VERSION
zhsunupi-h8wbm   Deleting   5m12s

spec:
  infrastructureRef:
    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
    kind: ""
    name: zhsunaws3-mptzl
    namespace: openshift-cluster-api
status:
  conditions:
  - lastTransitionTime: "2022-08-09T06:24:43Z"
    status: "True"
    type: ControlPlaneInitialized
  observedGeneration: 1
  phase: Deleting

Expected results:
Cluster couldn't be created if kind is invalid or empty.

Additional info:
Comment 1 Joel Speed 2022-08-15 13:30:02 UTC 
As far as I'm aware we don't actually use these fields, but it would be good to validate them and make sure they are correct, for example, it should be an AWSCluster on AWS.
Comment 2 Michael McCune 2022-08-29 15:21:56 UTC 
i have not had a chance to investigate this yet, hoping to get some time during this sprint.
Comment 3 Michael McCune 2022-09-19 15:16:27 UTC 
handing this to Mike Fedosin
Comment 4 Mike Fedosin 2022-11-21 15:00:09 UTC 
Hey! I added more webhooks and also activated the previous ones in this PR: https://github.com/openshift/cluster-capi-operator/pull/85
Comment 5 sunzhaohua 2022-11-23 08:16:58 UTC 
Hi Mike, I tested before pr merge, these all work as expected. Just one thing want to confirm, cluster can be created more than one, is this ok?
$ oc get cluster                                                                    
NAME                          PHASE          AGE   VERSION
ci-ln-kv1gj4b-72292-jn4rw     Provisioning   19m
ci-ln-kv1gj4b-72292-jn4rw-1   Provisioning   7s


$ oc create -f ~/data/capi/gcp-cluster.yaml                                                                                                   
Error from server (unsupported cluster infra provider kind: GCPCluster-invalid): error when creating "/Users/sunzhaohua/data/capi/gcp-cluster.yaml": admission webhook "validation.cluster.cluster.x-k8s.io" denied the request: unsupported cluster infra provider kind: GCPCluster-invalid
$ oc delete cluster ci-ln-kv1gj4b-72292-jn4rw                                 
Error from server (deletion of cluster is not allowed): admission webhook "validation.cluster.cluster.x-k8s.io" denied the request: deletion of cluster is not allowed

$ oc create -f coreprovider.yaml                                             
Error from server (incorrect core provider name: cluster-api2): error when creating "coreprovider.yaml": admission webhook "vcoreprovider.operator.cluster.x-k8s.io" denied the request: incorrect core provider name: cluster-api2
$  oc delete CoreProvider cluster-api
Error from server (deletion of core provider is not allowed): admission webhook "vcoreprovider.operator.cluster.x-k8s.io" denied the request: deletion of core provider is not allowed

$ oc create -f infrastructureprovider-gcp.yaml                             
Error from server (incorrect infra provider name for GCP platform: gcp2): error when creating "infrastructureprovider-gcp.yaml": admission webhook "vinfrastructureprovider.operator.cluster.x-k8s.io" denied the request: incorrect infra provider name for GCP platform: gcp2
$ oc delete infraStructureProvider gcp
Error from server (deletion of infrastructure provider is not allowed): admission webhook "vinfrastructureprovider.operator.cluster.x-k8s.io" denied the request: deletion of infrastructure provider is not allowed
Comment 7 sunzhaohua 2022-11-28 02:34:15 UTC 
Move to verified, created a new bug to trace the cluster issue https://issues.redhat.com/browse/OCPBUGS-4147
Comment 11 errata-xmlrpc 2023-05-17 22:46:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.13.0 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:1326