From 2156ef0d7ec42004f5930b2512a4ad4a1e0efa3d Mon Sep 17 00:00:00 2001
From: hzma <hzma@alauda.io>
Date: Wed, 7 Dec 2022 17:24:25 +0800
Subject: [PATCH] check if subnet cidr is correct (#2136)

---
 pkg/util/validator.go  | 6 ++++++
 pkg/webhook/webhook.go | 1 -
 yamls/webhook.yaml     | 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/pkg/util/validator.go b/pkg/util/validator.go
index 0f39b675110..0d54733ea26 100644
--- a/pkg/util/validator.go
+++ b/pkg/util/validator.go
@@ -47,6 +47,12 @@ func ValidateSubnet(subnet kubeovnv1.Subnet) error {
 		}
 	}
 
+	for _, cidr := range strings.Split(subnet.Spec.CIDRBlock, ",") {
+		if _, _, err := net.ParseCIDR(cidr); err != nil {
+			return fmt.Errorf("subnet %s cidr %s is invalid", subnet.Name, cidr)
+		}
+	}
+
 	allow := subnet.Spec.AllowSubnets
 	for _, cidr := range allow {
 		if _, _, err := net.ParseCIDR(cidr); err != nil {
diff --git a/pkg/webhook/webhook.go b/pkg/webhook/webhook.go
index ce58beef5bd..683a1614800 100644
--- a/pkg/webhook/webhook.go
+++ b/pkg/webhook/webhook.go
@@ -48,7 +48,6 @@ func NewValidatingHook(c cache.Cache) (*ValidatingHook, error) {
 	updateHooks[subnetGVK] = v.SubnetUpdateHook
 
 	deleteHooks[subnetGVK] = v.SubnetDeleteHook
-
 	deleteHooks[vpcGVK] = v.VpcDeleteHook
 
 	return v, nil
diff --git a/yamls/webhook.yaml b/yamls/webhook.yaml
index 1d2a717518c..0b5b1c3f853 100644
--- a/yamls/webhook.yaml
+++ b/yamls/webhook.yaml
@@ -33,7 +33,7 @@ spec:
       hostNetwork: true
       containers:
         - name: kube-ovn-webhook
-          image: "kubeovn/kube-ovn:v1.10.0"
+          image: "kubeovn/kube-ovn:v1.11.0"
           imagePullPolicy: IfNotPresent
           command:
             - /kube-ovn/kube-ovn-webhook