Accept csv or yaml list of ip whitelist values

2023-04-13 11:23:53 -07:00 · 2023-04-13 11:23:53 -07:00 · b4c560f902
commit b4c560f902
parent 4e8d0b5836
2 changed files with 18 additions and 1 deletions
--- a/internal/ingress/annotations/ipwhitelist/main.go
+++ b/internal/ingress/annotations/ipwhitelist/main.go
@ -18,6 +18,7 @@ package ipwhitelist

 import (
 	"fmt"
+	"gopkg.in/yaml.v3"
 	"sort"
 	"strings"

@ -73,7 +74,15 @@ func (a ipwhitelist) Parse(ing *networking.Ingress) (interface{}, error) {
 		return &SourceRange{CIDR: defaultWhitelistSourceRange}, nil
 	}

-	values := strings.Split(val, ",")
+	var values []string
+
+	// Attempt to unmarshal the YAML list
+	err = yaml.Unmarshal([]byte(val), &values)
+	if err != nil || values == nil {
+		// If unmarshalling fails, attempt to split the comma-separated string
+		values = strings.Split(val, ",")
+	}
+
 	ipnets, ips, err := net.ParseIPNets(values...)
 	if err != nil && len(ips) == 0 {
 		return &SourceRange{CIDR: defaultWhitelistSourceRange}, ing_errors.LocationDenied{
--- a/internal/ingress/annotations/ipwhitelist/main_test.go
+++ b/internal/ingress/annotations/ipwhitelist/main_test.go
@ -170,6 +170,14 @@ func TestParseAnnotationsWithDefaultConfig(t *testing.T) {
 			expectCidr: []string{"1.1.1.1/32", "2.2.2.2/32", "3.3.3.0/24"},
 			expectErr:  false,
 		},
+		"test parse multiple valid cidr with newlines and comments": {
+			net: "- 2.2.2.2/32\n" +
+				"- 1.1.1.1/32\n" +
+				"# Comment describing this next IP\n" +
+				"- 3.3.3.0/24\n",
+			expectCidr: []string{"1.1.1.1/32", "2.2.2.2/32", "3.3.3.0/24"},
+			expectErr:  false,
+		},
 	}

 	for testName, test := range tests {