Update address type

apis/v1alpha1/nginxproxy_types.go

@@ -62,10 +62,8 @@ type NginxProxySpec struct {
 type NginxPlus struct {
 	// AllowedAddresses specifies IPAddresses or CIDR blocks to the allow list for accessing the NGINX Plus API.
 	//
-	//nolint:lll
 	// +optional
-	// +kubebuilder:validation:items:XValidation:message="Address Type must be either CIDR or IPAddress",rule="(self.type=='CIDR' || self.type=='IPAddress')"
-	AllowedAddresses []Address `json:"allowedAddresses,omitempty"`
+	AllowedAddresses []NginxPlusAllowAddress `json:"allowedAddresses,omitempty"`
 }
 
 // Telemetry specifies the OpenTelemetry configuration.
@@ -161,7 +159,7 @@ type RewriteClientIP struct {
 	// +listType=map
 	// +listMapKey=type
 	// +kubebuilder:validation:MaxItems=16
-	TrustedAddresses []Address `json:"trustedAddresses,omitempty"`
+	TrustedAddresses []RewriteClientIPAddress `json:"trustedAddresses,omitempty"`
 }
 
 // RewriteClientIPModeType defines how NGINX Gateway Fabric will determine the client's original IP address.
@@ -195,28 +193,49 @@ const (
 	IPv6 IPFamilyType = "ipv6"
 )
 
-// Address is a struct that specifies address type and value.
-type Address struct {
+// RewriteClientIPAddress is a struct that specifies address type and value.
+type RewriteClientIPAddress struct {
 	// Type specifies the type of address.
-	Type AddressType `json:"type"`
+	Type RewriteClientIPAddressType `json:"type"`
 
 	// Value specifies the address value.
 	Value string `json:"value"`
 }
 
-// AddressType specifies the type of address.
+// RewriteClientIPAddressType specifies the type of address.
 // +kubebuilder:validation:Enum=CIDR;IPAddress;Hostname
-type AddressType string
+type RewriteClientIPAddressType string
 
 const (
-	// CIDRAddressType specifies that the address is a CIDR block.
-	CIDRAddressType AddressType = "CIDR"
+	// RewriteClientIPCIDRAddressType specifies that the address is a CIDR block.
+	RewriteClientIPCIDRAddressType RewriteClientIPAddressType = "CIDR"
+
+	// RewriteClientIPIPAddressType specifies that the address is an IP address.
+	RewriteClientIPIPAddressType RewriteClientIPAddressType = "IPAddress"
+
+	// RewriteClientIPHostnameAddressType specifies that the address is a Hostname.
+	RewriteClientIPHostnameAddressType RewriteClientIPAddressType = "Hostname"
+)
+
+// NginxPlusAllowAddress is a struct that specifies address type and value.
+type NginxPlusAllowAddress struct {
+	// Type specifies the type of address.
+	Type NginxPlusAllowAddressType `json:"type"`
 
-	// IPAddressType specifies that the address is an IP address.
-	IPAddressType AddressType = "IPAddress"
+	// Value specifies the address value.
+	Value string `json:"value"`
+}
+
+// NginxPlusAllowAddressType specifies the type of address.
+// +kubebuilder:validation:Enum=CIDR;IPAddress
+type NginxPlusAllowAddressType string
+
+const (
+	// NginxPlusAllowCIDRAddressType specifies that the address is a CIDR block.
+	NginxPlusAllowCIDRAddressType NginxPlusAllowAddressType = "CIDR"
 
-	// HostnameAddressType specifies that the address is a Hostname.
-	HostnameAddressType AddressType = "Hostname"
+	// NginxPlusAllowIPAddressType specifies that the address is an IP address.
+	NginxPlusAllowIPAddressType NginxPlusAllowAddressType = "IPAddress"
 )
 
 // NginxLogging defines logging related settings for NGINX.

config/crd/bases/gateway.nginx.org_nginxproxies.yaml

@@ -90,15 +90,14 @@ spec:
                     description: AllowedAddresses specifies IPAddresses or CIDR blocks
                       to the allow list for accessing the NGINX Plus API.
                     items:
-                      description: Address is a struct that specifies address type
-                        and value.
+                      description: NginxPlusAllowAddress is a struct that specifies
+                        address type and value.
                       properties:
                         type:
                           description: Type specifies the type of address.
                           enum:
                           - CIDR
                           - IPAddress
-                          - Hostname
                           type: string
                         value:
                           description: Value specifies the address value.
@@ -107,9 +106,6 @@ spec:
                       - type
                       - value
                       type: object
-                      x-kubernetes-validations:
-                      - message: Address Type must be either CIDR or IPAddress
-                        rule: (self.type=='CIDR' || self.type=='IPAddress')
                     type: array
                 type: object
               rewriteClientIP:
@@ -151,8 +147,8 @@ spec:
                       Sets NGINX directive set_real_ip_from: https://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from
                       This field is required if mode is set.
                     items:
-                      description: Address is a struct that specifies address type
-                        and value.
+                      description: RewriteClientIPAddress is a struct that specifies
+                        address type and value.
                       properties:
                         type:
                           description: Type specifies the type of address.

deploy/crds.yaml

@@ -675,15 +675,14 @@ spec:
                     description: AllowedAddresses specifies IPAddresses or CIDR blocks
                       to the allow list for accessing the NGINX Plus API.
                     items:
-                      description: Address is a struct that specifies address type
-                        and value.
+                      description: NginxPlusAllowAddress is a struct that specifies
+                        address type and value.
                       properties:
                         type:
                           description: Type specifies the type of address.
                           enum:
                           - CIDR
                           - IPAddress
-                          - Hostname
                           type: string
                         value:
                           description: Value specifies the address value.
@@ -692,9 +691,6 @@ spec:
                       - type
                       - value
                       type: object
-                      x-kubernetes-validations:
-                      - message: Address Type must be either CIDR or IPAddress
-                        rule: (self.type=='CIDR' || self.type=='IPAddress')
                     type: array
                 type: object
               rewriteClientIP:
@@ -736,8 +732,8 @@ spec:
                       Sets NGINX directive set_real_ip_from: https://nginx.org/en/docs/http/ngx_http_realip_module.html#set_real_ip_from
                       This field is required if mode is set.
                     items:
-                      description: Address is a struct that specifies address type
-                        and value.
+                      description: RewriteClientIPAddress is a struct that specifies
+                        address type and value.
                       properties:
                         type:
                           description: Type specifies the type of address.

internal/mode/static/state/dataplane/configuration.go

@@ -952,7 +952,7 @@ func buildPolicies(graphPolicies []*graph.Policy) []policies.Policy {
 	return finalPolicies
 }
 
-func convertAddresses(addresses []ngfAPIv1alpha1.Address) []string {
+func convertAddresses(addresses []ngfAPIv1alpha1.RewriteClientIPAddress) []string {
 	trustedAddresses := make([]string, len(addresses))
 	for i, addr := range addresses {
 		trustedAddresses[i] = addr.Value
@@ -993,7 +993,12 @@ func buildNginxPlus(g *graph.Graph) NginxPlus {
 	ngfProxy := g.NginxProxy
 	if ngfProxy != nil && ngfProxy.Source.Spec.NginxPlus != nil {
 		if ngfProxy.Source.Spec.NginxPlus.AllowedAddresses != nil {
-			nginxPlusSettings.AllowedAddresses = convertAddresses(ngfProxy.Source.Spec.NginxPlus.AllowedAddresses)
+			addresses := make([]string, len(ngfProxy.Source.Spec.NginxPlus.AllowedAddresses))
+			for i, addr := range ngfProxy.Source.Spec.NginxPlus.AllowedAddresses {
+				addresses[i] = addr.Value
+			}
+
+			nginxPlusSettings.AllowedAddresses = addresses
 		}
 	}
 

internal/mode/static/state/dataplane/configuration_test.go

@@ -2279,9 +2279,9 @@ func TestBuildConfiguration(t *testing.T) {
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							RewriteClientIP: &ngfAPIv1alpha1.RewriteClientIP{
 								SetIPRecursively: helpers.GetPointer(true),
-								TrustedAddresses: []ngfAPIv1alpha1.Address{
+								TrustedAddresses: []ngfAPIv1alpha1.RewriteClientIPAddress{
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "1.1.1.1/32",
 									},
 								},
@@ -2391,9 +2391,9 @@ func TestBuildConfiguration(t *testing.T) {
 					Source: &ngfAPIv1alpha1.NginxProxy{
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							NginxPlus: &ngfAPIv1alpha1.NginxPlus{
-								AllowedAddresses: []ngfAPIv1alpha1.Address{
-									{Type: ngfAPIv1alpha1.IPAddressType, Value: "127.0.0.3"},
-									{Type: ngfAPIv1alpha1.IPAddressType, Value: "25.0.0.3"},
+								AllowedAddresses: []ngfAPIv1alpha1.NginxPlusAllowAddress{
+									{Type: ngfAPIv1alpha1.NginxPlusAllowIPAddressType, Value: "127.0.0.3"},
+									{Type: ngfAPIv1alpha1.NginxPlusAllowIPAddressType, Value: "25.0.0.3"},
 								},
 							},
 						},
@@ -3972,9 +3972,9 @@ func TestBuildRewriteIPSettings(t *testing.T) {
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							RewriteClientIP: &ngfAPIv1alpha1.RewriteClientIP{
 								Mode: helpers.GetPointer(ngfAPIv1alpha1.RewriteClientIPModeProxyProtocol),
-								TrustedAddresses: []ngfAPIv1alpha1.Address{
+								TrustedAddresses: []ngfAPIv1alpha1.RewriteClientIPAddress{
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "10.9.9.4/32",
 									},
 								},
@@ -3999,9 +3999,9 @@ func TestBuildRewriteIPSettings(t *testing.T) {
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							RewriteClientIP: &ngfAPIv1alpha1.RewriteClientIP{
 								Mode: helpers.GetPointer(ngfAPIv1alpha1.RewriteClientIPModeXForwardedFor),
-								TrustedAddresses: []ngfAPIv1alpha1.Address{
+								TrustedAddresses: []ngfAPIv1alpha1.RewriteClientIPAddress{
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "76.89.90.11/24",
 									},
 								},
@@ -4026,21 +4026,21 @@ func TestBuildRewriteIPSettings(t *testing.T) {
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							RewriteClientIP: &ngfAPIv1alpha1.RewriteClientIP{
 								Mode: helpers.GetPointer(ngfAPIv1alpha1.RewriteClientIPModeXForwardedFor),
-								TrustedAddresses: []ngfAPIv1alpha1.Address{
+								TrustedAddresses: []ngfAPIv1alpha1.RewriteClientIPAddress{
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "5.5.5.5/12",
 									},
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "1.1.1.1/26",
 									},
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "2.2.2.2/32",
 									},
 									{
-										Type:  ngfAPIv1alpha1.CIDRAddressType,
+										Type:  ngfAPIv1alpha1.RewriteClientIPCIDRAddressType,
 										Value: "3.3.3.3/24",
 									},
 								},
@@ -4462,8 +4462,8 @@ func TestBuildNginxPlus(t *testing.T) {
 					Source: &ngfAPIv1alpha1.NginxProxy{
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							NginxPlus: &ngfAPIv1alpha1.NginxPlus{
-								AllowedAddresses: []ngfAPIv1alpha1.Address{
-									{Type: ngfAPIv1alpha1.IPAddressType, Value: "127.0.0.3"},
+								AllowedAddresses: []ngfAPIv1alpha1.NginxPlusAllowAddress{
+									{Type: ngfAPIv1alpha1.NginxPlusAllowIPAddressType, Value: "127.0.0.3"},
 								},
 							},
 						},
@@ -4480,9 +4480,9 @@ func TestBuildNginxPlus(t *testing.T) {
 					Source: &ngfAPIv1alpha1.NginxProxy{
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							NginxPlus: &ngfAPIv1alpha1.NginxPlus{
-								AllowedAddresses: []ngfAPIv1alpha1.Address{
-									{Type: ngfAPIv1alpha1.IPAddressType, Value: "127.0.0.3"},
-									{Type: ngfAPIv1alpha1.IPAddressType, Value: "25.0.0.3"},
+								AllowedAddresses: []ngfAPIv1alpha1.NginxPlusAllowAddress{
+									{Type: ngfAPIv1alpha1.NginxPlusAllowIPAddressType, Value: "127.0.0.3"},
+									{Type: ngfAPIv1alpha1.NginxPlusAllowIPAddressType, Value: "25.0.0.3"},
 								},
 							},
 						},
@@ -4499,8 +4499,8 @@ func TestBuildNginxPlus(t *testing.T) {
 					Source: &ngfAPIv1alpha1.NginxProxy{
 						Spec: ngfAPIv1alpha1.NginxProxySpec{
 							NginxPlus: &ngfAPIv1alpha1.NginxPlus{
-								AllowedAddresses: []ngfAPIv1alpha1.Address{
-									{Type: ngfAPIv1alpha1.IPAddressType, Value: "127.0.0.1"},
+								AllowedAddresses: []ngfAPIv1alpha1.NginxPlusAllowAddress{
+									{Type: ngfAPIv1alpha1.NginxPlusAllowIPAddressType, Value: "127.0.0.1"},
 								},
 							},
 						},