Skip to content

fix: add MinItems=1 validation to HTTPRoute rules #4301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
snorwin wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: add MinItems=1 validation to HTTPRoute rules #4301

snorwin wants to merge 1 commit into from
+5 −0

Conversation

@snorwin
Copy link
Member

@snorwin snorwin commented Dec 2, 2025

What type of PR is this?

/kind bug

What this PR does / why we need it:
This PR adds a minItems=1 validation to HTTPRoute.spec.rules to prevent ambiguous defaulting behavior.

Currently, defaulting is only applied when .spec.rules is either null or absent. However, when .spec.rules is set to an empty list, defaulting does not occur. This leads to inconsistent interpretation and allows creation of HTTPRoute resources that contain no rules. IMO, an HTTPRoute without any rules provides no meaningful functionality and is likely a misconfiguration.

Example

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: example-1
spec:
  parentRefs:
    - group: gateway.networking.k8s.io
      kind: Gateway
      name: example
  rules: []
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: example-2
spec:
  parentRefs:
    - group: gateway.networking.k8s.io
      kind: Gateway
      name: example
  rules: null

Resulting objects (showing current defaulting behavior):

apiVersion: v1
kind: List
items:
- apiVersion: gateway.networking.k8s.io/v1
  kind: HTTPRoute
  metadata:
    name: example-1
  spec:
    parentRefs:
      - group: gateway.networking.k8s.io
        kind: Gateway
        name: example
    rules: [] # No default applied
- apiVersion: gateway.networking.k8s.io/v1
  kind: HTTPRoute
  metadata:
    name: example-2
  spec:
    parentRefs:
      - group: gateway.networking.k8s.io
        kind: Gateway
        name: example
    rules: # Default applied
      - matches:
          - path:
              type: PathPrefix
              value: /

Which issue(s) this PR fixes:

N/A

Does this PR introduce a user-facing change?:

 Added `minItems=1` validation to `HTTPRoute.spec.rules` to prevent creation of HTTPRoute resources without any rules.

@snorwin
fix: add MinItems=1 validation to HTTPRoute rules
7289352 
Signed-off-by: Norwin Schnyder <norwin.schnyder+github@gmail.com>
@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/bug Categorizes issue or PR as related to a bug. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Dec 2, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Dec 2, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: snorwin
Once this PR has been reviewed and has the lgtm label, please assign aojea for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Dec 2, 2025
@youngnick
Copy link
Contributor

youngnick commented Dec 5, 2025

After making these changes, does the defaulting handle an empty list correctly? Could you post a similar example, with this change? (It seems like it should be fine, but I would feel better).

@snorwin
Copy link
Member Author

snorwin commented Dec 5, 2025

@youngnick after merging this PR example-1 (with rules: []) would be rejected by the API server because defaulting is not apply to an empty array.

As a result, users must either set rules: null, use rules: [{}], or omit the rules field entirely.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@robscott robscott Awaiting requested review from robscott

@youngnick youngnick Awaiting requested review from youngnick

Assignees

No one assigned

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@snorwin @k8s-ci-robot @youngnick