upcoming: [M3-9519] - Allow LKE-E IP ACL addresses to be optional with an explicit acknowledgement

[mjac0bs]

Description 📝

Currently, the ACL section for LKE-E is enabled by default. Currently, this setting cannot be disabled and requires the user to enter at least 1 IP Address to proceed with cluster creation. In general, we do want to encourage that an ACL has an IP Address to avoid user error preventing an inability to access the cluster control plane.

However, there may be workflows where a customer does not want to specify an IP address upon creation and would prefer to add one later, which is acceptable as long as they understand that their cluster will not be accessible.

This PR will introduce an acknowledgement checkbox to confirm they explicitly intend to enable ACL without IP addresses.

Changes 🔄

• Adds an acknowledgement checkbox to the ACL flows
  • If the user checks the checkbox, IP addresses will not be a required field (no validation error).
  • If the user does not check the checkbox and submits without at least 1 IP address, validation will run and show the existing error.
• Updates test coverage

Target release date 🗓️

3/25

Preview 📷

LKE Create flow	LKE details page - ACL drawer

How to test 🧪

Prerequisites

(How to setup test environment)

• Have LKE-E feature flag enabled and LKE-E customer tag on your account (see project tracker)
  • For confirming the ACL drawer: If you do not already have an LKE-E cluster and your account can no longer create one, ping me for which test account to use.

Reproduction steps

(How to reproduce the issue, if applicable)

• Go to the create flow, try to submit an LKE-E cluster without an IP address defined, and observe the validation error
• With an existing LKE-E cluster, go to the details page > ACL drawer > try to edit by saving 0 IP addresses and observe the validation error

Verification steps

(How to verify changes)

• Go to the create flow, try to submit an LKE-E cluster without an IP address defined, and observe the validation error UNLESS the user checks the acknowledgement checkbox. Once checked, confirm you can submit without an validation error.
• With an existing LKE-E cluster, go to the details page > ACL drawer > try to edit by saving 0 IP addresses and observe the validation error UNLESS the user checks the acknowledgement checkbox. Once checked, confirm you can submit without an validation error.
• Confirm acknowledgement checkboxes show for LKE-E clusters only. There should be no changes to LKE standard.
• Test coverage passes for lke-update.spec.ts and lke-create.spec.ts
• Note that there's currently some existing behavior going on where the ACL drawer doesn't accept edits to the revision ID for LKE-E. This is a backend issue.

Author Checklists

As an Author, to speed up the review process, I considered 🤔

👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support

• I have read and considered all applicable items listed above.

As an Author, before moving this PR from Draft to Open, I confirmed ✅

• All unit tests are passing
• TypeScript compilation succeeded without errors
• Code passes all linting rules

[hana-akamai]

Can we fix the padding for the Create LKE-E error notice?

[linode-gh-bot]

Cloud Manager UI test results

🔺 2 failing tests on test run #5 ↗︎

❌ Failing	✅ Passing	↪️ Skipped	🕐 Duration
2 Failing	538 Passing	3 Skipped	118m 52s

Details

Failing Tests
	Spec	Test
❌	smoke-community-stackscripts.spec.ts	Community Stackscripts integration tests » pagination works with infinite scrolling
❌	delete-firewall.spec.ts	delete firewall » deletes a firewall

Troubleshooting

Use this command to re-run the failing tests:

pnpm cy:run -s "cypress/e2e/core/stackscripts/smoke-community-stackscripts.spec.ts,cypress/e2e/core/firewalls/delete-firewall.spec.ts"

[carrillo-erik]

What do you think of placing the tier name at the beginning of these constants to make them more distinguishable.
For example:
CREATE_CLUSTER_ENTERPRISE_TIER_ACL_COPY --> ENTERPRISE_TIER_CREATE_CLUSTER_ACL_COPY
CREATE_CLUSTER_STANDARD_TIER_ACL_COPY --> STANDARD_TIER_CREATE_CLUSTER_ACL_COPY

[mjac0bs]

Fair point. I'm going to merge as is so this doesn't hold up a release branch cut, but we'll keep this in mind when we do some refactoring with the RHF PR that will have some clean up to do.