remove networkID from secret (#95)

Signed-off-by: Felix Breuer <f.breuer94@gmail.com>

Author: breuerfelix

pkg/provider/apis/validation/validation.go

@@ -124,8 +124,10 @@ func ValidateProviderSpecNSecret(spec *api.ProviderSpec, secrets *corev1.Secret)
 		}
 	}
 
-	// Validate Networking
-	if spec.Networking != nil {
+	// Validate Networking (required)
+	if spec.Networking == nil {
+		errors = append(errors, fmt.Errorf("providerSpec.networking is required"))
+	} else {
 		networkingErrors := validateNetworking(spec.Networking)
 		errors = append(errors, networkingErrors...)
 	}

pkg/provider/apis/validation/validation_core_labels_test.go

@@ -20,6 +20,9 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 			MachineType: "c2i.2",
 			ImageID:     "550e8400-e29b-41d4-a716-446655440000",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		secret = &corev1.Secret{
 			Data: map[string][]byte{
@@ -72,8 +75,9 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 		It("should fail when both required fields are empty", func() {
 			providerSpec.MachineType = ""
 			providerSpec.ImageID = ""
+			providerSpec.Networking = nil
 			errors := ValidateProviderSpecNSecret(providerSpec, secret)
-			Expect(errors).To(HaveLen(2))
+			Expect(errors).To(HaveLen(3))
 		})
 
 		It("should succeed when Labels is nil", func() {

pkg/provider/apis/validation/validation_fields_test.go

@@ -20,6 +20,9 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 			MachineType: "c2i.2",
 			ImageID:     "550e8400-e29b-41d4-a716-446655440000",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		secret = &corev1.Secret{
 			Data: map[string][]byte{

pkg/provider/apis/validation/validation_networking_test.go

@@ -49,10 +49,11 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 			Expect(errors).To(BeEmpty())
 		})
 
-		It("should succeed when Networking is nil", func() {
+		It("should fail when Networking is nil", func() {
 			providerSpec.Networking = nil
 			errors := ValidateProviderSpecNSecret(providerSpec, secret)
-			Expect(errors).To(BeEmpty())
+			Expect(errors).NotTo(BeEmpty())
+			Expect(errors[0].Error()).To(ContainSubstring("networking is required"))
 		})
 
 		It("should fail when Networking has neither NetworkID nor NICIDs", func() {

pkg/provider/apis/validation/validation_secgroup_test.go

@@ -20,6 +20,9 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 			MachineType: "c2i.2",
 			ImageID:     "550e8400-e29b-41d4-a716-446655440000",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		secret = &corev1.Secret{
 			Data: map[string][]byte{

pkg/provider/apis/validation/validation_secret_test.go

@@ -20,6 +20,9 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 			MachineType: "c2i.2",
 			ImageID:     "550e8400-e29b-41d4-a716-446655440000",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		secret = &corev1.Secret{
 			Data: map[string][]byte{

pkg/provider/apis/validation/validation_volumes_test.go

@@ -20,6 +20,9 @@ var _ = Describe("ValidateProviderSpecNSecret", func() {
 			MachineType: "c2i.2",
 			ImageID:     "550e8400-e29b-41d4-a716-446655440000",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		secret = &corev1.Secret{
 			Data: map[string][]byte{

pkg/provider/create.go

@@ -90,7 +90,7 @@ func (p *Provider) CreateMachine(ctx context.Context, req *driver.CreateMachineR
 	}, nil
 }
 
-//nolint:gocyclo // TODO: will be fixed next PR
+// nolint: gocyclo // this function is already pretty simple
 func (p *Provider) createServerRequest(req *driver.CreateMachineRequest, providerSpec *api.ProviderSpec) *client.CreateServerRequest {
 	// Build labels: merge ProviderSpec labels with MCM-specific labels
 	labels := make(map[string]string)
@@ -114,19 +114,11 @@ func (p *Provider) createServerRequest(req *driver.CreateMachineRequest, provide
 	}
 
 	// Add networking configuration (required in v2 API)
-	// If not specified in ProviderSpec, try to use networkId from Secret, or use empty
 	if providerSpec.Networking != nil {
 		createReq.Networking = &client.ServerNetworkingRequest{
 			NetworkID: providerSpec.Networking.NetworkID,
 			NICIDs:    providerSpec.Networking.NICIDs,
 		}
-	} else {
-		// v2 API requires networking field - use networkId from Secret if available
-		// This allows tests/deployments to specify a default network without modifying each MachineClass
-		networkID := string(req.Secret.Data["networkId"])
-		createReq.Networking = &client.ServerNetworkingRequest{
-			NetworkID: networkID, // Can be empty string if not in Secret
-		}
 	}
 
 	// Add security groups if specified

pkg/provider/create_basic_test.go

@@ -36,12 +36,10 @@ var _ = Describe("CreateMachine", func() {
 			client: mockClient,
 		}
 
-		// Create secret with projectId and networkId (required for v2 API)
 		secret = &corev1.Secret{
 			Data: map[string][]byte{
 				"project-id":          []byte("11111111-2222-3333-4444-555555555555"),
 				"serviceaccount.json": []byte(`{"credentials":{"iss":"test"}}`),
-				"networkId":           []byte("770e8400-e29b-41d4-a716-446655440000"),
 			},
 		}
 
@@ -50,6 +48,9 @@ var _ = Describe("CreateMachine", func() {
 			MachineType: "c2i.2",
 			ImageID:     "12345678-1234-1234-1234-123456789abc",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		providerSpecRaw, _ := mock.EncodeProviderSpec(providerSpec)
 

pkg/provider/create_config_test.go

@@ -33,12 +33,10 @@ var _ = Describe("CreateMachine", func() {
 			client: mockClient,
 		}
 
-		// Create secret with projectId and networkId (required for v2 API)
 		secret = &corev1.Secret{
 			Data: map[string][]byte{
 				"project-id":          []byte("11111111-2222-3333-4444-555555555555"),
 				"serviceaccount.json": []byte(`{"credentials":{"iss":"test"}}`),
-				"networkId":           []byte("770e8400-e29b-41d4-a716-446655440000"),
 			},
 		}
 
@@ -47,6 +45,9 @@ var _ = Describe("CreateMachine", func() {
 			MachineType: "c2i.2",
 			ImageID:     "12345678-1234-1234-1234-123456789abc",
 			Region:      "eu01",
+			Networking: &api.NetworkingSpec{
+				NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+			},
 		}
 		providerSpecRaw, _ := mock.EncodeProviderSpec(providerSpec)
 
@@ -82,6 +83,9 @@ var _ = Describe("CreateMachine", func() {
 			providerSpec := &api.ProviderSpec{
 				MachineType: "c2i.2",
 				Region:      "eu01",
+				Networking: &api.NetworkingSpec{
+					NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+				},
 				ImageID:     "12345678-1234-1234-1234-123456789abc",
 				KeypairName: "my-ssh-key",
 			}
@@ -127,9 +131,12 @@ var _ = Describe("CreateMachine", func() {
 	Context("with availabilityZone", func() {
 		It("should pass AvailabilityZone to API when specified", func() {
 			providerSpec := &api.ProviderSpec{
-				MachineType:      "c2i.2",
-				ImageID:          "12345678-1234-1234-1234-123456789abc",
-				Region:           "eu01",
+				MachineType: "c2i.2",
+				ImageID:     "12345678-1234-1234-1234-123456789abc",
+				Region:      "eu01",
+				Networking: &api.NetworkingSpec{
+					NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+				},
 				AvailabilityZone: "eu01-1",
 			}
 			providerSpecRaw, _ := mock.EncodeProviderSpec(providerSpec)
@@ -174,8 +181,11 @@ var _ = Describe("CreateMachine", func() {
 	Context("with affinityGroup", func() {
 		It("should pass AffinityGroup to API when specified", func() {
 			providerSpec := &api.ProviderSpec{
-				MachineType:   "c2i.2",
-				Region:        "eu01",
+				MachineType: "c2i.2",
+				Region:      "eu01",
+				Networking: &api.NetworkingSpec{
+					NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+				},
 				ImageID:       "12345678-1234-1234-1234-123456789abc",
 				AffinityGroup: "880e8400-e29b-41d4-a716-446655440000",
 			}
@@ -221,7 +231,10 @@ var _ = Describe("CreateMachine", func() {
 			providerSpec := &api.ProviderSpec{
 				MachineType: "c2i.2",
 				Region:      "eu01",
-				ImageID:     "12345678-1234-1234-1234-123456789abc",
+				Networking: &api.NetworkingSpec{
+					NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+				},
+				ImageID: "12345678-1234-1234-1234-123456789abc",
 				ServiceAccountMails: []string{
 					"my-service@sa.stackit.cloud",
 				},
@@ -272,6 +285,9 @@ var _ = Describe("CreateMachine", func() {
 				MachineType: "c2i.2",
 				ImageID:     "12345678-1234-1234-1234-123456789abc",
 				Region:      "eu01",
+				Networking: &api.NetworkingSpec{
+					NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+				},
 				Agent: &api.AgentSpec{
 					Provisioned: &provisioned,
 				},
@@ -319,7 +335,10 @@ var _ = Describe("CreateMachine", func() {
 			providerSpec := &api.ProviderSpec{
 				MachineType: "c2i.2",
 				Region:      "eu01",
-				ImageID:     "12345678-1234-1234-1234-123456789abc",
+				Networking: &api.NetworkingSpec{
+					NetworkID: "770e8400-e29b-41d4-a716-446655440000",
+				},
+				ImageID: "12345678-1234-1234-1234-123456789abc",
 				Metadata: map[string]interface{}{
 					"environment": "production",
 					"cost-center": "12345",