Fixes Bug 1753930: Adds support for trailing dot in noProxy domain names

Author: danehans

pkg/types/validation/installconfig.go

@@ -268,7 +268,7 @@ func validateProxy(p *types.Proxy, fldPath *field.Path) field.ErrorList {
 			errDomain := validate.NoProxyDomainName(v)
 			_, _, errCIDR := net.ParseCIDR(v)
 			if errDomain != nil && errCIDR != nil {
-				allErrs = append(allErrs, field.Invalid(field.NewPath("NoProxy"), v, "must be a CIDR or domain, without wildcard characters and without trailing dots ('.')"))
+				allErrs = append(allErrs, field.Invalid(field.NewPath("NoProxy"), v, "must be a CIDR or domain, without wildcard characters"))
 			}
 		}
 	}

pkg/types/validation/installconfig_test.go

@@ -612,10 +612,10 @@ func TestValidateInstallConfig(t *testing.T) {
 			name: "invalid NoProxy domain",
 			installConfig: func() *types.InstallConfig {
 				c := validInstallConfig()
-				c.Proxy.NoProxy = "good-no-proxy.com, .bad-proxy."
+				c.Proxy.NoProxy = "good-no-proxy.com, *.bad-proxy"
 				return c
 			}(),
-			expectedError: `^\QNoProxy: Invalid value: ".bad-proxy.": must be a CIDR or domain, without wildcard characters and without trailing dots ('.')\E$`,
+			expectedError: `^\QNoProxy: Invalid value: "*.bad-proxy": must be a CIDR or domain, without wildcard characters\E$`,
 		},
 		{
 			name: "invalid NoProxy CIDR",
@@ -624,16 +624,16 @@ func TestValidateInstallConfig(t *testing.T) {
 				c.Proxy.NoProxy = "good-no-proxy.com, 172.bad.CIDR.0/16"
 				return c
 			}(),
-			expectedError: `^\QNoProxy: Invalid value: "172.bad.CIDR.0/16": must be a CIDR or domain, without wildcard characters and without trailing dots ('.')\E$`,
+			expectedError: `^\QNoProxy: Invalid value: "172.bad.CIDR.0/16": must be a CIDR or domain, without wildcard characters\E$`,
 		},
 		{
 			name: "invalid NoProxy domain & CIDR",
 			installConfig: func() *types.InstallConfig {
 				c := validInstallConfig()
-				c.Proxy.NoProxy = "good-no-proxy.com, a-good-one, .bad-proxy., another,   172.bad.CIDR.0/16, good-end"
+				c.Proxy.NoProxy = "good-no-proxy.com, a-good-one, *.bad-proxy., another,   172.bad.CIDR.0/16, good-end"
 				return c
 			}(),
-			expectedError: `^\Q[NoProxy: Invalid value: ".bad-proxy.": must be a CIDR or domain, without wildcard characters and without trailing dots ('.'), NoProxy: Invalid value: "172.bad.CIDR.0/16": must be a CIDR or domain, without wildcard characters and without trailing dots ('.')]\E$`,
+			expectedError: `^\Q[NoProxy: Invalid value: "*.bad-proxy.": must be a CIDR or domain, without wildcard characters, NoProxy: Invalid value: "172.bad.CIDR.0/16": must be a CIDR or domain, without wildcard characters]\E$`,
 		},
 		{
 			name: "valid GCP platform",

pkg/validate/validate.go

@@ -65,9 +65,9 @@ func DomainName(v string, acceptTrailingDot bool) error {
 
 // NoProxyDomainName checks if the given string is a valid proxy noProxy domain name
 // and returns an error if not. Example valid noProxy domains are ".foo.com", "bar.com",
-// but not "*.foo.com", "bar.com."
+// "bar.com." but not "*.foo.com".
 func NoProxyDomainName(v string) error {
-	v = strings.TrimPrefix(v, ".")
+	v = strings.TrimSuffix(strings.TrimPrefix(v, "."), ".")
 	return validateSubdomain(v)
 }
 

pkg/validate/validate_test.go

@@ -184,10 +184,10 @@ func TestNoProxyDomainName(t *testing.T) {
 		{"1", true},
 		{"0.0", true},
 		{"1.2.3.4", true},
-		{"1.2.3.4.", false},
-		{"abc.", false},
+		{"1.2.3.4.", true},
+		{"abc.", true},
 		{"abc.com", true},
-		{"abc.com.", false},
+		{"abc.com.", true},
 		{"a.b.c.d.e.f", true},
 		{".abc", true},
 		{".abc.com", true},