Merge pull request kubernetes-sigs#1447 from k8s-infra-cherrypick-robot/cherry-pick-1445-to-release-0.7

k8s-ci-robot · web-flow · commit 2d8a5bdd992c · 2023-01-17T03:44:32.000-08:00
[release-0.7] 🐛 fix nil-pointer in initial reconciliation loop with empty status field
diff --git a/pkg/cloud/services/loadbalancer/loadbalancer.go b/pkg/cloud/services/loadbalancer/loadbalancer.go
@@ -227,16 +227,26 @@ func (s *Service) getOrUpdateAllowedCIDRS(openStackCluster *infrav1.OpenStackClu
 	if len(openStackCluster.Spec.APIServerLoadBalancer.AllowedCIDRs) > 0 {
 		allowedCIDRs = append(allowedCIDRs, openStackCluster.Spec.APIServerLoadBalancer.AllowedCIDRs...)
 
-		if openStackCluster.Spec.Bastion.Enabled {
-			allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Bastion.FloatingIP, openStackCluster.Status.Bastion.IP)
-		}
+		// In the first reconciliation loop, only the Ready field is set in openStackCluster.Status
+		// All other fields are empty/nil
+		if openStackCluster.Status.Bastion != nil {
+			if openStackCluster.Status.Bastion.FloatingIP != "" {
+				allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Bastion.FloatingIP)
+			}
 
-		if openStackCluster.Status.Network.Subnet.CIDR != "" {
-			allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Network.Subnet.CIDR)
+			if openStackCluster.Status.Bastion.IP != "" {
+				allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Bastion.IP)
+			}
 		}
 
-		if len(openStackCluster.Status.Network.Router.IPs) > 0 {
-			allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Network.Router.IPs...)
+		if openStackCluster.Status.Network != nil {
+			if openStackCluster.Status.Network.Subnet.CIDR != "" {
+				allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Network.Subnet.CIDR)
+			}
+
+			if len(openStackCluster.Status.Network.Router.IPs) > 0 {
+				allowedCIDRs = append(allowedCIDRs, openStackCluster.Status.Network.Router.IPs...)
+			}
 		}
 	}
 
