fix: validate values

cloud/services/container/clusters/reconcile.go

@@ -297,10 +297,10 @@ func (s *Service) createCluster(ctx context.Context, log *logr.Logger) error {
 	if !s.scope.IsAutopilotCluster() {
 		cluster.NodePools = scope.ConvertToSdkNodePools(nodePools, machinePools, isRegional, cluster.GetName())
 		if s.scope.GCPManagedControlPlane.Spec.LoggingService != nil {
-			cluster.LoggingService = *s.scope.GCPManagedControlPlane.Spec.LoggingService
+			cluster.LoggingService = s.scope.GCPManagedControlPlane.Spec.LoggingService.String()
 		}
 		if s.scope.GCPManagedControlPlane.Spec.MonitoringService != nil {
-			cluster.MonitoringService = *s.scope.GCPManagedControlPlane.Spec.MonitoringService
+			cluster.MonitoringService = s.scope.GCPManagedControlPlane.Spec.MonitoringService.String()
 		}
 	}
 
@@ -437,17 +437,17 @@ func (s *Service) checkDiffAndPrepareUpdate(existingCluster *containerpb.Cluster
 	}
 
 	// LoggingService
-	if existingCluster.GetLoggingService() != *s.scope.GCPManagedControlPlane.Spec.LoggingService {
+	if existingCluster.GetLoggingService() != s.scope.GCPManagedControlPlane.Spec.LoggingService.String() {
 		needUpdate = true
-		clusterUpdate.DesiredLoggingService = *s.scope.GCPManagedControlPlane.Spec.LoggingService
-		log.V(2).Info("LoggingService config update required", "current", existingCluster.GetLoggingService(), "desired", *s.scope.GCPManagedControlPlane.Spec.LoggingService)
+		clusterUpdate.DesiredLoggingService = s.scope.GCPManagedControlPlane.Spec.LoggingService.String()
+		log.V(2).Info("LoggingService config update required", "current", existingCluster.GetLoggingService(), "desired", s.scope.GCPManagedControlPlane.Spec.LoggingService.String())
 	}
 
 	// MonitoringService
-	if existingCluster.GetMonitoringService() != *s.scope.GCPManagedControlPlane.Spec.MonitoringService {
+	if existingCluster.GetMonitoringService() != s.scope.GCPManagedControlPlane.Spec.MonitoringService.String() {
 		needUpdate = true
-		clusterUpdate.DesiredLoggingService = *s.scope.GCPManagedControlPlane.Spec.MonitoringService
-		log.V(2).Info("MonitoringService config update required", "current", existingCluster.GetMonitoringService(), "desired", *s.scope.GCPManagedControlPlane.Spec.MonitoringService)
+		clusterUpdate.DesiredLoggingService = s.scope.GCPManagedControlPlane.Spec.MonitoringService.String()
+		log.V(2).Info("MonitoringService config update required", "current", existingCluster.GetMonitoringService(), "desired", s.scope.GCPManagedControlPlane.Spec.MonitoringService.String())
 	}
 
 	// DesiredMasterAuthorizedNetworksConfig

config/crd/bases/infrastructure.cluster.x-k8s.io_gcpmanagedcontrolplanes.yaml

@@ -164,7 +164,7 @@ spec:
               loggingService:
                 description: |-
                   LoggingService represents configuration of logging service feature of the GKE cluster.
-                  Possible values: none, logging.googleapis.com/kubernetes (default for GKE 1.14+), logging.googleapis.com (default for GKE < 1.14).
+                  Possible values: none, logging.googleapis.com/kubernetes (default).
                   Value is ignored when enableAutopilot = true.
                 type: string
               master_authorized_networks_config:
@@ -198,7 +198,7 @@ spec:
               monitoringService:
                 description: |-
                   MonitoringService represents configuration of monitoring service feature of the GKE cluster.
-                  Possible values: none, monitoring.googleapis.com/kubernetes (default for GKE 1.14+), monitoring.googleapis.com (default for GKE < 1.14).
+                  Possible values: none, monitoring.googleapis.com/kubernetes (default).
                   Value is ignored when enableAutopilot = true.
                 type: string
               project:

exp/api/v1beta1/gcpmanagedcontrolplane_types.go

@@ -17,7 +17,11 @@ limitations under the License.
 package v1beta1
 
 import (
+	"fmt"
+	"strings"
+
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/utils/strings/slices"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 )
 
@@ -149,15 +153,15 @@ type GCPManagedControlPlaneSpec struct {
 	// +optional
 	MasterAuthorizedNetworksConfig *MasterAuthorizedNetworksConfig `json:"master_authorized_networks_config,omitempty"`
 	// LoggingService represents configuration of logging service feature of the GKE cluster.
-	// Possible values: none, logging.googleapis.com/kubernetes (default for GKE 1.14+), logging.googleapis.com (default for GKE < 1.14).
+	// Possible values: none, logging.googleapis.com/kubernetes (default).
 	// Value is ignored when enableAutopilot = true.
 	// +optional
-	LoggingService *string `json:"loggingService,omitempty"`
+	LoggingService *LoggingService `json:"loggingService,omitempty"`
 	// MonitoringService represents configuration of monitoring service feature of the GKE cluster.
-	// Possible values: none, monitoring.googleapis.com/kubernetes (default for GKE 1.14+), monitoring.googleapis.com (default for GKE < 1.14).
+	// Possible values: none, monitoring.googleapis.com/kubernetes (default).
 	// Value is ignored when enableAutopilot = true.
 	// +optional
-	MonitoringService *string `json:"monitoringService,omitempty"`
+	MonitoringService *MonitoringService `json:"monitoringService,omitempty"`
 }
 
 // GCPManagedControlPlaneStatus defines the observed state of GCPManagedControlPlane.
@@ -243,6 +247,42 @@ type MasterAuthorizedNetworksConfigCidrBlock struct {
 	CidrBlock string `json:"cidr_block,omitempty"`
 }
 
+// LoggingService is GKE logging service configuration.
+type LoggingService string
+
+// Validate validates LoggingService value.
+func (l LoggingService) Validate() error {
+	validValues := []string{"none", "logging.googleapis.com/kubernetes"}
+	if !slices.Contains(validValues, l.String()) {
+		return fmt.Errorf("invalid value; expect one of : %s", strings.Join(validValues, ","))
+	}
+
+	return nil
+}
+
+// String returns a string from LoggingService.
+func (l LoggingService) String() string {
+	return string(l)
+}
+
+// MonitoringService is GKE logging service configuration.
+type MonitoringService string
+
+// Validate validates MonitoringService value.
+func (m MonitoringService) Validate() error {
+	validValues := []string{"none", "monitoring.googleapis.com/kubernetes"}
+	if !slices.Contains(validValues, m.String()) {
+		return fmt.Errorf("invalid value; expect one of : %s", strings.Join(validValues, ","))
+	}
+
+	return nil
+}
+
+// String returns a string from MonitoringService.
+func (m MonitoringService) String() string {
+	return string(m)
+}
+
 // GetConditions returns the control planes conditions.
 func (r *GCPManagedControlPlane) GetConditions() clusterv1.Conditions {
 	return r.Status.Conditions

exp/api/v1beta1/gcpmanagedcontrolplane_webhook.go

@@ -21,7 +21,6 @@ import (
 	"strings"
 
 	"github.com/google/go-cmp/cmp"
-
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 
@@ -150,6 +149,22 @@ func (r *GCPManagedControlPlane) ValidateUpdate(oldRaw runtime.Object) (admissio
 			r.Spec.LoggingService, "can't be set when autopilot is enabled"))
 	}
 
+	if r.Spec.LoggingService != nil {
+		err := r.Spec.LoggingService.Validate()
+		if err != nil {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "LoggingService"),
+				r.Spec.LoggingService, err.Error()))
+		}
+	}
+
+	if r.Spec.MonitoringService != nil {
+		err := r.Spec.MonitoringService.Validate()
+		if err != nil {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "MonitoringService"),
+				r.Spec.MonitoringService, err.Error()))
+		}
+	}
+
 	if len(allErrs) == 0 {
 		return nil, nil
 	}