From 149095436e8c0694397682377d71c0feafc4af8b Mon Sep 17 00:00:00 2001
From: Francesco Cheinasso <cheinasso.francesco@gmail.com>
Date: Wed, 6 Dec 2023 11:52:38 +0100
Subject: [PATCH] Network: firewall controller webhook uniqe table name

---
 .../firewallconfiguration.go                     |  5 +----
 .../webhooks/firewallconfiguration/table.go      | 16 ++++++++--------
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/pkg/liqo-controller-manager/webhooks/firewallconfiguration/firewallconfiguration.go b/pkg/liqo-controller-manager/webhooks/firewallconfiguration/firewallconfiguration.go
index 21ed37674c..04876c8c82 100644
--- a/pkg/liqo-controller-manager/webhooks/firewallconfiguration/firewallconfiguration.go
+++ b/pkg/liqo-controller-manager/webhooks/firewallconfiguration/firewallconfiguration.go
@@ -90,10 +90,7 @@ func (w *webhookMutate) Handle(_ context.Context, req admission.Request) admissi
 		return admission.Errored(http.StatusBadRequest, err)
 	}
 
-	table := firewallConfiguration.Spec.Table
-	chains := table.Chains
-
-	generateRuleNames(chains)
+	generateRuleNames(firewallConfiguration.Spec.Table.Chains)
 
 	return w.CreatePatchResponse(&req, firewallConfiguration)
 }
diff --git a/pkg/liqo-controller-manager/webhooks/firewallconfiguration/table.go b/pkg/liqo-controller-manager/webhooks/firewallconfiguration/table.go
index f1e24466b2..52b084be54 100644
--- a/pkg/liqo-controller-manager/webhooks/firewallconfiguration/table.go
+++ b/pkg/liqo-controller-manager/webhooks/firewallconfiguration/table.go
@@ -17,6 +17,7 @@ package firewallconfiguration
 import (
 	"context"
 	"fmt"
+	"maps"
 
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
@@ -41,7 +42,8 @@ func checkUniqueChainName(chains []firewallapi.Chain) error {
 
 // checkImmutableTableName checks if the table name is immutable.
 func checkImmutableTableName(fwcfg, oldFwcfg *networkingv1alpha1.FirewallConfiguration) error {
-	if oldFwcfg.Spec.Table.Name != fwcfg.Spec.Table.Name {
+	if fwcfg.Spec.Table.Name != nil && oldFwcfg.Spec.Table.Name != nil &&
+		*oldFwcfg.Spec.Table.Name != *fwcfg.Spec.Table.Name {
 		return fmt.Errorf("table name is immutable")
 	}
 	return nil
@@ -60,17 +62,15 @@ func checkUniqueTableName(ctx context.Context, cl client.Client, currentFwcfg *n
 	if err := cl.List(ctx, &fwcfglist); err != nil {
 		return err
 	}
+
 	for i := range fwcfglist.Items {
 		if fwcfglist.Items[i].UID == currentFwcfg.UID {
 			continue
 		}
-		fwcfg := fwcfglist.Items[i]
-		tableName := fwcfg.Spec.Table.Name
-		if tableName == nil {
-			return fmt.Errorf("table name is nil")
-		}
-		if *tableName == *currentTableName {
-			return fmt.Errorf("table name %v is duplicated", *tableName)
+		if *fwcfglist.Items[i].Spec.Table.Name == *currentFwcfg.Spec.Table.Name &&
+			maps.Equal(currentFwcfg.GetLabels(), fwcfglist.Items[i].GetLabels()) {
+			return fmt.Errorf("table name %s with labels %s already used",
+				*currentTableName, currentFwcfg.GetLabels())
 		}
 	}
 	return nil