From 2d8e968191e0ad234717dd453d4a6a77cbca7c11 Mon Sep 17 00:00:00 2001
From: SungJin1212 <tjdwls1201@gmail.com>
Date: Mon, 23 Jun 2025 14:41:38 +0900
Subject: [PATCH] Add tenantID validation to regex validator

Signed-off-by: SungJin1212 <tjdwls1201@gmail.com>
---
 .../tenantfederation/regex_resolver.go        |  8 ++++++
 .../tenantfederation/regex_resolver_test.go   | 27 +++++++++++++++++++
 pkg/tenant/tenant.go                          | 18 ++++++++++++-
 3 files changed, 52 insertions(+), 1 deletion(-)

diff --git a/pkg/querier/tenantfederation/regex_resolver.go b/pkg/querier/tenantfederation/regex_resolver.go
index a17f57c0474..b185b251aeb 100644
--- a/pkg/querier/tenantfederation/regex_resolver.go
+++ b/pkg/querier/tenantfederation/regex_resolver.go
@@ -184,6 +184,14 @@ func (r *RegexValidator) TenantID(ctx context.Context) (string, error) {
 		return "", errInvalidRegex
 	}
 
+	if err := tenant.CheckTenantIDLength(id); err != nil {
+		return "", err
+	}
+
+	if err := tenant.CheckTenantIDIsSupported(id); err != nil {
+		return "", err
+	}
+
 	return id, nil
 }
 
diff --git a/pkg/querier/tenantfederation/regex_resolver_test.go b/pkg/querier/tenantfederation/regex_resolver_test.go
index 6e759e99837..bbe54ff0252 100644
--- a/pkg/querier/tenantfederation/regex_resolver_test.go
+++ b/pkg/querier/tenantfederation/regex_resolver_test.go
@@ -2,6 +2,8 @@ package tenantfederation
 
 import (
 	"context"
+	"errors"
+	"strings"
 	"testing"
 	"time"
 
@@ -120,6 +122,31 @@ func Test_RegexValidator(t *testing.T) {
 			orgID:       "[a-z",
 			expectedErr: errInvalidRegex,
 		},
+		{
+			description: "tenant ID is too long",
+			orgID:       strings.Repeat("a", 151),
+			expectedErr: errors.New("tenant ID is too long: max 150 characters"),
+		},
+		{
+			description: ".",
+			orgID:       ".",
+			expectedErr: errors.New("tenant ID is '.' or '..'"),
+		},
+		{
+			description: "..",
+			orgID:       "..",
+			expectedErr: errors.New("tenant ID is '.' or '..'"),
+		},
+		{
+			description: "__markers__",
+			orgID:       "__markers__",
+			expectedErr: errors.New("tenant ID '__markers__' is not allowed"),
+		},
+		{
+			description: "user-index.json.gz",
+			orgID:       "user-index.json.gz",
+			expectedErr: errors.New("tenant ID 'user-index.json.gz' is not allowed"),
+		},
 	}
 
 	for _, tc := range tests {
diff --git a/pkg/tenant/tenant.go b/pkg/tenant/tenant.go
index b38b50c742f..f8e97c6538b 100644
--- a/pkg/tenant/tenant.go
+++ b/pkg/tenant/tenant.go
@@ -54,7 +54,7 @@ func NormalizeTenantIDs(tenantIDs []string) []string {
 	return tenantIDs[0:posOut]
 }
 
-// ValidTenantID
+// ValidTenantID validate tenantID
 func ValidTenantID(s string) error {
 	// check if it contains invalid runes
 	for pos, r := range s {
@@ -66,10 +66,26 @@ func ValidTenantID(s string) error {
 		}
 	}
 
+	if err := CheckTenantIDLength(s); err != nil {
+		return err
+	}
+
+	if err := CheckTenantIDIsSupported(s); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func CheckTenantIDLength(s string) error {
 	if len(s) > 150 {
 		return errTenantIDTooLong
 	}
 
+	return nil
+}
+
+func CheckTenantIDIsSupported(s string) error {
 	// check tenantID is "__markers__"
 	if s == GlobalMarkersDir {
 		return errTenantIDMarkers