wip

cmd/broker/provisioning_test.go

@@ -294,6 +294,42 @@ func TestProvisioning_NetworkingParametersForAWS(t *testing.T) {
 	suite.WaitForOperationState(opID, domain.Succeeded)
 }
 
+func TestProvisioning_AllNetworkingParametersForAWS(t *testing.T) {
+	// given
+	suite := NewBrokerSuiteTest(t)
+	defer suite.TearDown()
+	iid := uuid.New().String()
+
+	// when
+	resp := suite.CallAPI("PUT", fmt.Sprintf("oauth/v2/service_instances/%s?accepts_incomplete=true", iid),
+		`{
+				"service_id": "47c9dcbf-ff30-448e-ab36-d3bad66ba281",
+				"plan_id": "361c511f-f939-4621-b228-d0fb79a1fe15",
+		
+				"context": {
+					"globalaccount_id": "e449f875-b5b2-4485-b7c0-98725c0571bf",
+						"subaccount_id": "test",
+					"user_id": "piotr.miskiewicz@sap.com"
+					
+				},
+				"parameters": {
+					"name": "test",
+					"region": "eu-central-1",
+					"networking": {
+						"nodes": "192.168.48.0/20",
+						"pods": "10.104.0.0/24",
+						"services": "10.105.0.0/24"
+					}
+				}
+			}
+		}`)
+	opID := suite.DecodeOperationID(resp)
+
+	suite.processProvisioningByOperationID(opID)
+
+	suite.WaitForOperationState(opID, domain.Succeeded)
+}
+
 func TestProvisioning_AWSWithEURestrictedAccessBadRequest(t *testing.T) {
 	// given
 	suite := NewBrokerSuiteTest(t)

internal/broker/instance_create.go

@@ -534,17 +534,6 @@ func (b *ProvisionEndpoint) validateNetworking(parameters internal.ProvisioningP
 		err = multierror.Append(err, fmt.Errorf("the suffix of the node CIDR must not be greater than 26"))
 	}
 
-	if err != nil {
-		return err
-	}
-
-	for _, seed := range networking.GardenerSeedCIDRs {
-		_, seedCidr, _ := net.ParseCIDR(seed)
-		if e := validateOverlapping(*nodes, *seedCidr); e != nil {
-			err = multierror.Append(err, fmt.Errorf("nodes CIDR must not overlap %s", seed))
-		}
-	}
-
 	if parameters.Networking.PodsCidr != nil {
 		if pods, e = validateCidr(*parameters.Networking.PodsCidr); e != nil {
 			err = multierror.Append(err, fmt.Errorf("while parsing pods CIDR: %w", e))
@@ -563,6 +552,23 @@ func (b *ProvisionEndpoint) validateNetworking(parameters internal.ProvisioningP
 		return err
 	}
 
+	for _, seed := range networking.GardenerSeedCIDRs {
+		_, seedCidr, _ := net.ParseCIDR(seed)
+		if e := validateOverlapping(*nodes, *seedCidr); e != nil {
+			err = multierror.Append(err, fmt.Errorf("nodes CIDR must not overlap %s", seed))
+		}
+		if e := validateOverlapping(*services, *seedCidr); e != nil {
+			err = multierror.Append(err, fmt.Errorf("nodes CIDR must not overlap %s", seed))
+		}
+		if e := validateOverlapping(*pods, *seedCidr); e != nil {
+			err = multierror.Append(err, fmt.Errorf("nodes CIDR must not overlap %s", seed))
+		}
+	}
+
+	if err != nil {
+		return err
+	}
+
 	if e := validateOverlapping(*nodes, *pods); e != nil {
 		err = multierror.Append(err, fmt.Errorf("nodes CIDR must not overlap %s", pods.String()))
 	}

internal/broker/plans_schema.go

@@ -47,7 +47,9 @@ func (up *UpdateProperties) IncludeAdditional() {
 }
 
 type NetworkingProperties struct {
-	Nodes Type `json:"nodes"`
+	Nodes    Type `json:"nodes"`
+	Services Type `json:"services"`
+	Pods     Type `json:"pods"`
 }
 
 type NetworkingType struct {
@@ -320,9 +322,13 @@ func NewProvisioningProperties(machineTypesDisplay, regionsDisplay map[string]st
 func NewNetworkingSchema() *NetworkingType {
 	seedCIDRs := strings.Join(networking.GardenerSeedCIDRs, ", ")
 	return &NetworkingType{
-		Type: Type{Type: "object", Description: "Networking configuration. These values are immutable and cannot be updated later."},
+		Type: Type{Type: "object", Description: "Networking configuration. These values are immutable and cannot be updated later. All provided CIDR ranges must not overlap one another."},
 		Properties: NetworkingProperties{
-			Nodes: Type{Type: "string", Title: "CIDR range for nodes", Description: fmt.Sprintf("CIDR range for nodes, must not overlap with the following CIDRs: %s, %s, %s", networking.DefaultPodsCIDR, networking.DefaultServicesCIDR, seedCIDRs),
+			Services: Type{Type: "string", Title: "CIDR range for services", Description: fmt.Sprintf("CIDR range for services, must not overlap with the following CIDRs: %s", seedCIDRs),
+				Default: networking.DefaultServicesCIDR},
+			Pods: Type{Type: "string", Title: "CIDR range for pods", Description: fmt.Sprintf("CIDR range for pods, must not overlap with the following CIDRs: %s", seedCIDRs),
+				Default: networking.DefaultPodsCIDR},
+			Nodes: Type{Type: "string", Title: "CIDR range for nodes", Description: fmt.Sprintf("CIDR range for nodes, must not overlap with the following CIDRs: %s", seedCIDRs),
 				Default: networking.DefaultNodesCIDR},
 		},
 		Required: []string{"nodes"},