fix: correctly compare compressed/expanded ipv6 in targets

pkg/file/builder.go

@@ -4,8 +4,11 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"net/netip"
 	"reflect"
+	"regexp"
 	"sort"
+	"strings"
 
 	"github.com/blang/semver/v4"
 	"github.com/kong/go-database-reconciler/pkg/konnect"
@@ -1033,6 +1036,70 @@ func (b *stateBuilder) rbacRoles() {
 	}
 }
 
+var (
+	IPv6HasPortPattern    = regexp.MustCompile(`\]\:\d+$`)
+	IPv6HasBracketPattern = regexp.MustCompile(`\[\S+\]$`)
+)
+
+// hasIPv6Format checks if the hostname is in ipv6 format.
+// This is a best effort check, it doesn't guarantee that the hostname is a valid ipv6 address,
+// but it checks if the hostname has more than 2 colons.
+func hasIPv6Format(hostname string) bool {
+	parts := strings.Split(hostname, ":")
+	return len(parts) > 2
+}
+
+// expandIPv6 decompress an ipv6 address into its 'long' format.
+// for example:
+//
+// from ::1 to 0000:0000:0000:0000:0000:0000:0000:0001.
+func expandIPv6(address string) string {
+	addr, err := netip.ParseAddr(address)
+	if err != nil {
+		return ""
+	}
+	return addr.StringExpanded()
+}
+
+// normalizeIPv6 normalizes an ipv6 address to the format [address]:port.
+// for example:
+// from ::1 to [0000:0000:0000:0000:0000:0000:0000:0001]:8000.
+func normalizeIPv6(target string) (string, error) {
+	ip := target
+	port := "8000"
+	match := IPv6HasPortPattern.FindStringSubmatch(target)
+	if len(match) > 0 {
+		// has [address]:port pattern
+		ipAndPort, err := netip.ParseAddrPort(ip)
+		if err != nil {
+			return "", fmt.Errorf("invalid ipv6 address and port %s", target)
+		}
+		port = fmt.Sprint(ipAndPort.Port())
+		ip = ipAndPort.Addr().String()
+	} else {
+		match = IPv6HasBracketPattern.FindStringSubmatch(target)
+		if len(match) > 0 {
+			// has [address] pattern
+			ip = removeBrackets(match[0])
+		}
+		ipAddr, err := netip.ParseAddr(ip)
+		if err != nil {
+			return "", fmt.Errorf("invalid ipv6 address %s", target)
+		}
+		ip = ipAddr.String()
+	}
+	expandedIPv6 := expandIPv6(ip)
+	if expandedIPv6 == "" {
+		return "", fmt.Errorf("failed while expanding ipv6 address %s", target)
+	}
+	return fmt.Sprintf("[%s]:%s", expandedIPv6, port), nil
+}
+
+func removeBrackets(ip string) string {
+	ip = strings.ReplaceAll(ip, "[", "")
+	return strings.ReplaceAll(ip, "]", "")
+}
+
 func (b *stateBuilder) upstreams() {
 	if b.err != nil {
 		return
@@ -1075,6 +1142,15 @@ func (b *stateBuilder) upstreams() {
 func (b *stateBuilder) ingestTargets(targets []kong.Target) error {
 	for _, t := range targets {
 		t := t
+
+		if t.Target != nil && hasIPv6Format(*t.Target) {
+			normalizedTarget, err := normalizeIPv6(*t.Target)
+			if err != nil {
+				return err
+			}
+			t.Target = kong.String(normalizedTarget)
+		}
+
 		if utils.Empty(t.ID) {
 			target, err := b.currentState.Targets.Get(*t.Upstream.ID, *t.Target)
 			if errors.Is(err, state.ErrNotFound) {

pkg/file/builder_test.go

@@ -703,6 +703,150 @@ func Test_stateBuilder_ingestTargets(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "expands IPv6 address and port correctly",
+			fields: fields{
+				currentState: emptyState(),
+			},
+			args: args{
+				targets: []kong.Target{
+					{
+						ID:     kong.String("d6e7f8a9-bcde-1234-5678-9abcdef01234"),
+						Target: kong.String("[2001:db8:fd73::e]:1326"),
+						Upstream: &kong.Upstream{
+							ID: kong.String("a1b2c3d4-e5f6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+			wantErr: false,
+			wantState: &utils.KongRawState{
+				Targets: []*kong.Target{
+					{
+						ID:     kong.String("d6e7f8a9-bcde-1234-5678-9abcdef01234"),
+						Target: kong.String("[2001:0db8:fd73:0000:0000:0000:0000:000e]:1326"),
+						Weight: kong.Int(100),
+						Upstream: &kong.Upstream{
+							ID: kong.String("a1b2c3d4-e5f6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "expands IPv6 address correctly",
+			fields: fields{
+				currentState: emptyState(),
+			},
+			args: args{
+				targets: []kong.Target{
+					{
+						ID:     kong.String("d6e7f8a9-bcde-1234-5678-9abcdef01234"),
+						Target: kong.String("::1"),
+						Upstream: &kong.Upstream{
+							ID: kong.String("a1b2c3d4-e5f6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+			wantErr: false,
+			wantState: &utils.KongRawState{
+				Targets: []*kong.Target{
+					{
+						ID:     kong.String("d6e7f8a9-bcde-1234-5678-9abcdef01234"),
+						Target: kong.String("[0000:0000:0000:0000:0000:0000:0000:0001]:8000"),
+						Weight: kong.Int(100),
+						Upstream: &kong.Upstream{
+							ID: kong.String("a1b2c3d4-e5f6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "expands IPv6 address with square brackets correctly",
+			fields: fields{
+				currentState: emptyState(),
+			},
+			args: args{
+				targets: []kong.Target{
+					{
+						ID:     kong.String("d6e7f8a9-bcde-1234-5678-9abcdef01234"),
+						Target: kong.String("[::1]"),
+						Upstream: &kong.Upstream{
+							ID: kong.String("a1b2c3d4-e5f6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+			wantErr: false,
+			wantState: &utils.KongRawState{
+				Targets: []*kong.Target{
+					{
+						ID:     kong.String("d6e7f8a9-bcde-1234-5678-9abcdef01234"),
+						Target: kong.String("[0000:0000:0000:0000:0000:0000:0000:0001]:8000"),
+						Weight: kong.Int(100),
+						Upstream: &kong.Upstream{
+							ID: kong.String("a1b2c3d4-e5f6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "handles invalid IPv6 address correctly",
+			fields: fields{
+				currentState: emptyState(),
+			},
+			args: args{
+				targets: []kong.Target{
+					{
+						Target: kong.String("[invalid:ipv6::address]:1326"),
+						Upstream: &kong.Upstream{
+							ID: kong.String("b1c2d3e4-f5a6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+			wantErr:   true,
+			wantState: &utils.KongRawState{},
+		},
+		{
+			name: "handles invalid IPv6 address correctly",
+			fields: fields{
+				currentState: emptyState(),
+			},
+			args: args{
+				targets: []kong.Target{
+					{
+						Target: kong.String("1:2:3:4"),
+						Upstream: &kong.Upstream{
+							ID: kong.String("b1c2d3e4-f5a6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+			wantErr:   true,
+			wantState: &utils.KongRawState{},
+		},
+		{
+			name: "handles invalid IPv6 address correctly",
+			fields: fields{
+				currentState: emptyState(),
+			},
+			args: args{
+				targets: []kong.Target{
+					{
+						Target: kong.String("this:is:nuts:!"),
+						Upstream: &kong.Upstream{
+							ID: kong.String("b1c2d3e4-f5a6-7890-abcd-ef1234567890"),
+						},
+					},
+				},
+			},
+			wantErr:   true,
+			wantState: &utils.KongRawState{},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {