Skip to content

Commit 71cae26

Browse files
pawan1210pawan1210
authored
fix: added missing validations (#530)
1 parent ad5d851 commit 71cae26

File tree

2 files changed

+226
-0
lines changed

2 files changed

+226
-0
lines changed

modules/backend/metadata.display.yaml

Lines changed: 189 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,51 @@ spec:
3737
cdn_policy:
3838
name: cdn_policy
3939
title: Cdn Policy
40+
properties:
41+
signed_url_cache_max_age_sec:
42+
name: signed_url_cache_max_age_sec
43+
title: Signed URL Cache Max Age Sec
44+
regexValidation: "^[0-9]+$"
45+
validation: Must be a non-negative integer representing the maximum cache age in seconds, for example 0, 300, or 3600. Only numeric digits are allowed
46+
cache_mode:
47+
name: cache_mode
48+
title: Cache Mode
49+
enumValueLabels:
50+
- label: CACHE_ALL_STATIC
51+
value: CACHE_ALL_STATIC
52+
- label: USE_ORIGIN_HEADERS
53+
value: USE_ORIGIN_HEADERS
54+
- label: FORCE_CACHE_ALL
55+
value: FORCE_CACHE_ALL
56+
bypass_cache_on_request_headers:
57+
name: bypass_cache_on_request_headers
58+
title: Bypass Cache On Request Headers
59+
regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
60+
validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
61+
cache_key_policy:
62+
name: cache_key_policy
63+
title: Cache Key Policy
64+
properties:
65+
query_string_blacklist:
66+
name: query_string_blacklist
67+
title: Query String Blacklist
68+
regexValidation: ^[a-zA-Z0-9_-]+$
69+
validation: Must only contain letters (a–z, A–Z), numbers (0–9), underscores (_), or hyphens (-)
70+
query_string_whitelist:
71+
name: query_string_whitelist
72+
title: Query String Whitelist
73+
regexValidation: ^[a-zA-Z0-9_-]+$
74+
validation: Must only contain letters (a–z, A–Z), numbers (0–9), underscores (_), or hyphens (-)
75+
include_http_headers:
76+
name: include_http_headers
77+
title: Include Http Headers
78+
regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
79+
validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
80+
include_named_cookies:
81+
name: include_named_cookies
82+
title: Include Named Cookies
83+
regexValidation: "^[A-Za-z0-9!#%&'*+.^_|~-]{1,63}$"
84+
validation: "Must be a valid cookie name: 1–63 characters, containing only letters [A–Z, a–z], digits [0–9], and the special characters [! # % & ' * + . ^ _ | ~ -]"
4085
compression_mode:
4186
name: compression_mode
4287
title: Compression Mode
@@ -51,9 +96,13 @@ spec:
5196
custom_request_headers:
5297
name: custom_request_headers
5398
title: Custom Request Headers
99+
regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
100+
validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
54101
custom_response_headers:
55102
name: custom_response_headers
56103
title: Custom Response Headers
104+
regexValidation: ^[A-Za-z][A-Za-z0-9-]{0,62}$
105+
validation: "Must be a valid HTTP header name: start with a letter, contain only letters [A–Z, a–z], digits [0–9], or hyphens [-], and be at most 63 characters long"
57106
description:
58107
name: description
59108
title: Description
@@ -66,18 +115,93 @@ spec:
66115
firewall_networks:
67116
name: firewall_networks
68117
title: Firewall Networks
118+
regexValidation: "^(projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/global/networks/[a-zA-Z0-9-_]+|[a-zA-Z0-9-_]+)$"
119+
validation: Network must be a valid network name or a full resource path.
69120
firewall_projects:
70121
name: firewall_projects
71122
title: Firewall Projects
123+
regexValidation: ^[a-z][a-z0-9-]{4,28}[a-z0-9]$
124+
validation: Project ID must be 6 to 30 characters, consist of lowercase letters, numbers, and hyphens, and start with a letter
72125
firewall_source_ranges:
73126
name: firewall_source_ranges
74127
title: Firewall Source Ranges
128+
regexValidation: "^((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])/([0-9]|[1-2][0-9]|3[0-2])$"
129+
validation: Must be a valid CIDR range
75130
groups:
76131
name: groups
77132
title: Groups
133+
properties:
134+
balancing_mode:
135+
name: balancing_mode
136+
title: Balancing Mode
137+
enumValueLabels:
138+
- label: CONNECTION
139+
value: CONNECTION
140+
- label: RATE
141+
value: RATE
142+
- label: UTILIZATION
143+
value: UTILIZATION
144+
- label: CUSTOM_METRICS
145+
value: CUSTOM_METRICS
78146
health_check:
79147
name: health_check
80148
title: Health Check
149+
properties:
150+
host:
151+
name: host
152+
title: Host
153+
regexValidation: "^(([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?[.])+[a-zA-Z]{2,63}|[0-9]{1,3}([.][0-9]{1,3}){3}|(\\[?[A-Fa-f0-9:]+\\]?))$"
154+
validation: Must be a valid hostname (RFC 1035), IPv4 address, or IPv6 address
155+
request_path:
156+
name: request_path
157+
title: Request Path
158+
regexValidation: "^/.*$"
159+
validation: Must start with a forward slash `/` and can include any valid path characters.
160+
request:
161+
name: request
162+
title: Request
163+
regexValidation: "^[ -~]*$"
164+
validation: Must contain only ASCII characters
165+
response:
166+
name: response
167+
title: Response
168+
regexValidation: "^[ -~]*$"
169+
validation: Must contain only ASCII characters
170+
port_name:
171+
name: port_name
172+
title: Port Name
173+
regexValidation: ^[a-z]([-a-z0-9]{0,61}[a-z0-9])?$
174+
validation: Must start with a lowercase letter, contain only lowercase letters, digits, or hyphens, and end with a letter or digit
175+
proxy_header:
176+
name: proxy_header
177+
title: Proxy Header
178+
enumValueLabels:
179+
- label: NONE
180+
value: NONE
181+
- label: PROXY_V1
182+
value: PROXY_V1
183+
port_specification:
184+
name: port_specification
185+
title: Port Specification
186+
enumValueLabels:
187+
- label: USE_FIXED_PORT
188+
value: USE_FIXED_PORT
189+
- label: USE_NAMED_PORT
190+
value: USE_NAMED_PORT
191+
- label: USE_SERVING_PORT
192+
value: USE_SERVING_PORT
193+
protocol:
194+
name: protocol
195+
title: Protocol
196+
enumValueLabels:
197+
- label: HTTP
198+
value: HTTP
199+
- label: HTTPS
200+
value: HTTPS
201+
- label: HTTP2
202+
value: HTTP2
203+
- label: TCP
204+
value: TCP
81205
host_path_mappings:
82206
name: host_path_mappings
83207
title: Host Path Mappings
@@ -102,6 +226,23 @@ spec:
102226
locality_lb_policy:
103227
name: locality_lb_policy
104228
title: Locality Lb Policy
229+
enumValueLabels:
230+
- label: ROUND_ROBIN
231+
value: ROUND_ROBIN
232+
- label: LEAST_REQUEST
233+
value: LEAST_REQUEST
234+
- label: RING_HASH
235+
value: RING_HASH
236+
- label: RANDOM
237+
value: RANDOM
238+
- label: ORIGINAL_DESTINATION
239+
value: ORIGINAL_DESTINATION
240+
- label: MAGLEV
241+
value: MAGLEV
242+
- label: WEIGHTED_MAGLEV
243+
value: WEIGHTED_MAGLEV
244+
- label: WEIGHTED_ROUND_ROBIN
245+
value: WEIGHTED_ROUND_ROBIN
105246
log_config:
106247
name: log_config
107248
title: Log Config
@@ -116,24 +257,72 @@ spec:
116257
port_name:
117258
name: port_name
118259
title: Port Name
260+
regexValidation: ^[a-z]([-a-z0-9]{0,61}[a-z0-9])?$
261+
validation: Must start with a lowercase letter, contain only lowercase letters, digits, or hyphens, and end with a letter or digit
119262
project_id:
120263
name: project_id
121264
title: Project Id
122265
protocol:
123266
name: protocol
124267
title: Protocol
268+
enumValueLabels:
269+
- label: HTTP
270+
value: HTTP
271+
- label: HTTPS
272+
value: HTTPS
273+
- label: HTTP2
274+
value: HTTP2
275+
- label: TCP
276+
value: TCP
125277
security_policy:
126278
name: security_policy
127279
title: Security Policy
280+
regexValidation: "^(projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/global/securityPolicies/[a-z0-9-]+|[a-z0-9-]+)$"
281+
validation: Must be a valid security policy name or full resource path in the format "projects/{project}/global/securityPolicies/{policy}"
128282
serverless_neg_backends:
129283
name: serverless_neg_backends
130284
title: Serverless Neg Backends
285+
properties:
286+
type:
287+
name: type
288+
title: Type
289+
enumValueLabels:
290+
- label: Cloud Run
291+
value: cloud-run
292+
- label: Cloud Function
293+
value: cloud-function
294+
- label: App Engine
295+
value: app-engine
296+
service_name:
297+
name: service_name
298+
title: Service Name
299+
regexValidation: ^[a-z]([-a-z0-9]{0,61}[a-z0-9])?$
300+
validation: Must be a valid service name (lowercase, hyphens, numbers, up to 63 chars).
131301
session_affinity:
132302
name: session_affinity
133303
title: Session Affinity
304+
enumValueLabels:
305+
- label: NONE
306+
value: NONE
307+
- label: CLIENT_IP
308+
value: CLIENT_IP
309+
- label: CLIENT_IP_PORT_PROTO
310+
value: CLIENT_IP_PORT_PROTO
311+
- label: CLIENT_IP_PROTO
312+
value: CLIENT_IP_PROTO
313+
- label: GENERATED_COOKIE
314+
value: GENERATED_COOKIE
315+
- label: HEADER_FIELD
316+
value: HEADER_FIELD
317+
- label: HTTP_COOKIE
318+
value: HTTP_COOKIE
319+
- label: STRONG_COOKIE_AFFINITY
320+
value: STRONG_COOKIE_AFFINITY
134321
target_service_accounts:
135322
name: target_service_accounts
136323
title: Target Service Accounts
324+
regexValidation: ^[a-z][a-z0-9-]{4,28}[a-z0-9]@[a-z][a-z0-9-]{4,28}[a-z0-9].iam.gserviceaccount.com$
325+
validation: Service account email must be in the format {account-id}@{project-id}.iam.gserviceaccount.com
137326
target_tags:
138327
name: target_tags
139328
title: Target Tags

modules/frontend/metadata.display.yaml

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,12 +31,16 @@ spec:
3131
address:
3232
name: address
3333
title: Address
34+
regexValidation: "^(0.0.0.0|((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9]).){3}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])|([0-9a-fA-F:]+(/[0-9]{1,3})?)|(https://www.googleapis.com/compute/v1/projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/(global|regions/[a-z0-9-]+)/addresses/[a-z][a-z0-9-]{0,61}[a-z0-9])|(projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/(global|regions/[a-z0-9-]+)/addresses/[a-z][a-z0-9-]{0,61}[a-z0-9])|(regions/[a-z0-9-]+/addresses/[a-z][a-z0-9-]{0,61}[a-z0-9])|(global/addresses/[a-z][a-z0-9-]{0,61}[a-z0-9])|([a-z][a-z0-9-]{0,61}[a-z0-9]))$"
35+
validation: "Must be a valid IP address (IPv4, IPv6, or 0.0.0.0) or a Compute Address reference in one of the following formats: https://www.googleapis.com/compute/v1/projects/{project}/(global|regions/{region})/addresses/{name}, projects/{project}/(global|regions/{region})/addresses/{name}, regions/{region}/addresses/{name}, global/addresses/{name}, or {address-name}"
3436
certificate:
3537
name: certificate
3638
title: Certificate
3739
certificate_map:
3840
name: certificate_map
3941
title: Certificate Map
42+
regexValidation: "^projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/locations/global/certificateMaps/[a-zA-Z][a-zA-Z0-9-]{0,62}[a-zA-Z0-9]$"
43+
validation: "Must be in the format projects/{project}/locations/global/certificateMaps/{name}"
4044
create_address:
4145
name: create_address
4246
title: Create Address
@@ -73,6 +77,8 @@ spec:
7377
ipv6_address:
7478
name: ipv6_address
7579
title: Ipv6 Address
80+
regexValidation: ^(([0-9A-Fa-f]{1,4}:){1,7}[0-9A-Fa-f]{1,4}|::1|::)$
81+
validation: Must be a valid IPv6 address.
7682
labels:
7783
name: labels
7884
title: Labels
@@ -95,6 +101,8 @@ spec:
95101
network:
96102
name: network
97103
title: Network
104+
regexValidation: "^(projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/global/networks/[a-zA-Z0-9-_]+|[a-zA-Z0-9-_]+)$"
105+
validation: Network must be a valid network name or a full resource path.
98106
private_key:
99107
name: private_key
100108
title: Private Key
@@ -104,24 +112,53 @@ spec:
104112
quic:
105113
name: quic
106114
title: Quic
115+
enumValueLabels:
116+
- label: ENABLE
117+
value: ENABLE
118+
- label: DISABLE
119+
value: DISABLE
120+
- label: NONE
121+
value: NONE
107122
random_certificate_suffix:
108123
name: random_certificate_suffix
109124
title: Random Certificate Suffix
110125
server_tls_policy:
111126
name: server_tls_policy
112127
title: Server Tls Policy
128+
regexValidation: "^projects/[a-z0-9][-a-z0-9]{4,28}[a-z0-9]/locations/[a-z0-9-]+/serverTlsPolicies/[a-z]([-a-z0-9]{0,61}[a-z0-9])$"
129+
validation: Must be a valid server TLS policy full resource URL.
113130
ssl:
114131
name: ssl
115132
title: Ssl
116133
ssl_certificates:
117134
name: ssl_certificates
118135
title: Ssl Certificates
136+
regexValidation: "^(https://www.googleapis.com/compute/v1/)?projects/[a-z0-9][-a-z0-9]{4,28}[a-z0-9]/global/sslCertificates/[a-z]([-a-z0-9]{0,61}[a-z0-9])$|^[a-z]([-a-z0-9]{0,61}[a-z0-9])$"
137+
validation: Must be a valid SSL certificate resource URL.
119138
ssl_policy:
120139
name: ssl_policy
121140
title: Ssl Policy
141+
regexValidation: "^(https://www.googleapis.com/compute/v1/)?projects/[a-z0-9][-a-z0-9]{4,28}[a-z0-9]/global/sslPolicies/[a-z]([-a-z0-9]{0,61}[a-z0-9])$|^[a-z]([-a-z0-9]{0,61}[a-z0-9])$"
142+
validation: Must be a valid SSL policy name or full resource URL.
122143
url_map_input:
123144
name: url_map_input
124145
title: Url Map Input
146+
properties:
147+
host:
148+
name: host
149+
title: Host
150+
regexValidation: "^([*]|([*][.])?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)+)$"
151+
validation: "Must be a valid host pattern: a fully qualified domain name (e.g., example.com), or a wildcard in the first component only (e.g., *.example.com). Must contain only lowercase letters, digits, hyphens (-), and dots (.), and be 1–255 characters long"
152+
path:
153+
name: path
154+
title: Path
155+
regexValidation: "^(.*)$"
156+
validation: Path values must start with "/"
157+
backend_service:
158+
name: backend_service
159+
title: Backend Service
160+
regexValidation: "^projects/[a-z][a-z0-9-]{4,28}[a-z0-9]/global/(backendServices|backendBuckets)/[a-z]([a-z0-9-]{0,61}[a-z0-9])?$"
161+
validation: Must be a reference to a global backend service or backend bucket in the format [projects/{project}/global/backendServices/{name}] or [projects/{project}/global/backendBuckets/{name}]
125162
url_map_resource_uri:
126163
name: url_map_resource_uri
127164
title: Url Map Resource Uri

0 commit comments

Comments
 (0)