OCM-18900 | fix: Improve proxy validation error messages for special characters in passwords

[olucasfreitas]

Details

This PR fixes a usability issue where rosa create cluster --http-proxy was displaying unhelpful error messages when proxy passwords contained special characters like forward slashes, making it difficult for users to understand what was wrong with their input.

---

Problem (Before)

rosa create cluster --http-proxy "http://proxyuser:QvoZjyy/trkCiY5@10.0.0.161:8080"

Output:

E: Invalid http-proxy value 'http://proxyuser:QvoZjyy/trkCiY5@10.0.0.161:8080'

The user has no idea what's wrong with the URL.

---

Fixed Behavior (After)

./rosa create cluster --http-proxy "http://proxyuser:QvoZjyy/trkCiY5@10.0.0.161:8080"

Output:

ERR: invalid http-proxy value: password contains invalid character '/'

Now the user knows exactly what's wrong.

---

Additional Validations

The implementation validates special characters in both username and password fields:

1. Forward slash in password:

   rosa edit cluster --cluster=my-cluster --http-proxy "http://user:pass/word@10.0.0.161:8080"

   Output:

   ERR: invalid http-proxy value: password contains invalid character '/'
   

2. @ symbol in password:

   rosa edit cluster --cluster=my-cluster --http-proxy "http://user:p@ssword@10.0.0.161:8080"

   Output:

   ERR: invalid http-proxy value: password contains invalid character '@'
   

3. Question mark in password:

   rosa edit cluster --cluster=my-cluster --http-proxy "http://user:pass?word@10.0.0.161:8080"

   Output:

   ERR: invalid http-proxy value: password contains invalid character '?'
   

4. Hash in password:

   rosa edit cluster --cluster=my-cluster --http-proxy "http://user:pass#word@10.0.0.161:8080"

   Output:

   ERR: invalid http-proxy value: password contains invalid character '#'
   

5. Invalid character in username:

   rosa edit cluster --cluster=my-cluster --http-proxy "http://us/er:password@10.0.0.161:8080"

   Output:

   ERR: invalid http-proxy value: username contains invalid character '/'
   

6. Missing scheme:

   rosa edit cluster --cluster=my-cluster --http-proxy "user:password@10.0.0.161:8080"

   Output:

   ERR: invalid http-proxy value: URL is missing scheme (expected '://')
   

7. HTTPS proxy validation:

   rosa edit cluster --cluster=my-cluster --https-proxy "https://user:pass/word@10.0.0.161:8080"

   Output:

   ERR: invalid https-proxy value: password contains invalid character '/'
   

---

Ticket

Closes OCM-18900

[codecov]

Codecov Report

❌ Patch coverage is 88.67925% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 24.08%. Comparing base (c854a37) to head (dde1c46).
⚠️ Report is 107 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/ocm/helpers.go	87.87%	3 Missing and 1 partial ⚠️
cmd/create/cluster/cmd.go	0.00%	1 Missing ⚠️
cmd/edit/cluster/cmd.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3052      +/-   ##
==========================================
+ Coverage   23.91%   24.08%   +0.17%     
==========================================
  Files         317      330      +13     
  Lines       35202    35941     +739     
==========================================
+ Hits         8418     8657     +239     
- Misses      26143    26631     +488     
- Partials      641      653      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[olucasfreitas]

/retest-required

[olucasfreitas]

/retest-required

[olucasfreitas]

/retest-required

[hunterkepley]

The test case in the bug ticket does not seem to pass:

E: parse "http://proxyuser:QvoZjyy/trkCiY5@10.0.0.161:8080": invalid port ":QvoZjyy" after host

I think there may be a bug in the parse code

[olucasfreitas]

@hunterkepley I just did some tests here, and it seems to be working after the fix, did you test it with the branch locally ?

[olucasfreitas]

/retest-required

[olucasfreitas]

/retest-required

[hunterkepley]

/test e2e-presubmits-pr-rosa-hcp-advanced

[hunterkepley]

/test e2e-presubmits-pr-rosa-sts-advanced

[openshift-ci]

@olucasfreitas: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/coverage	2637639	link	true	/test coverage

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[olucasfreitas]

/retest

[hunterkepley]

could we provide a copyright notice in the brand new file(s)?

[olucasfreitas]

/retest

[marcolan018]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: marcolan018, olucasfreitas

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [marcolan018]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment