From 48624c9e3ebbe15bbf4cf24e791385e5303996e5 Mon Sep 17 00:00:00 2001
From: Shivam-nagar23 <shivam@devtron.ai>
Date: Fri, 7 Nov 2025 17:16:35 +0530
Subject: [PATCH 1/2] added validation

---
 api/cluster/EnvironmentRestHandler.go | 36 +++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/api/cluster/EnvironmentRestHandler.go b/api/cluster/EnvironmentRestHandler.go
index a4866feee4..154d2626f5 100644
--- a/api/cluster/EnvironmentRestHandler.go
+++ b/api/cluster/EnvironmentRestHandler.go
@@ -25,6 +25,7 @@ import (
 	"github.com/devtron-labs/devtron/pkg/cluster/environment/read"
 	"github.com/devtron-labs/devtron/util/commonEnforcementFunctionsUtil"
 	"net/http"
+	"regexp"
 	"strconv"
 	"strings"
 	"sync"
@@ -106,6 +107,34 @@ func NewEnvironmentRestHandlerImpl(svc request.EnvironmentService, environmentRe
 	}
 }
 
+var (
+	// Regex patterns for environment name validation
+	envNameAlphanumericRegex = regexp.MustCompile(`^[a-z0-9-]+$`)
+	envNameNoStartEndHyphen  = regexp.MustCompile(`^(?![-]).*[^-]$`)
+	envNameLengthRegex       = regexp.MustCompile(`^.{1,16}$`)
+)
+
+// validateEnvironmentName validates the environment name against multiple regex patterns
+// Note: Required validation is already handled by struct validation tag
+func (impl EnvironmentRestHandlerImpl) validateEnvironmentName(envName string) error {
+	// Validation 1: Use only lowercase alphanumeric characters or '-'
+	if !envNameAlphanumericRegex.MatchString(envName) {
+		return errors.New("Use only lowercase alphanumeric characters or '-'")
+	}
+
+	// Validation 2: Cannot start/end with '-'
+	if !envNameNoStartEndHyphen.MatchString(envName) {
+		return errors.New("Cannot start/end with '-'")
+	}
+
+	// Validation 3: Minimum 1 and Maximum 16 characters required
+	if !envNameLengthRegex.MatchString(envName) {
+		return errors.New("Minimum 1 and Maximum 16 characters required")
+	}
+
+	return nil
+}
+
 func (impl EnvironmentRestHandlerImpl) Create(w http.ResponseWriter, r *http.Request) {
 	decoder := json.NewDecoder(r.Body)
 	userId, err := impl.userService.GetLoggedInUser(r)
@@ -128,6 +157,13 @@ func (impl EnvironmentRestHandlerImpl) Create(w http.ResponseWriter, r *http.Req
 		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
 		return
 	}
+	// Validate environment name
+	err = impl.validateEnvironmentName(bean.Environment)
+	if err != nil {
+		impl.logger.Errorw("environment name validation err, Create", "err", err, "envName", bean.Environment)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
 
 	// RBAC enforcer applying
 	token := r.Header.Get("token")

From a506a187e26ae128f37d2fcea3d9f204647f43d7 Mon Sep 17 00:00:00 2001
From: Shivam-nagar23 <shivam@devtron.ai>
Date: Fri, 7 Nov 2025 17:41:10 +0530
Subject: [PATCH 2/2] refactor: improve environment name validation logic

---
 api/cluster/EnvironmentRestHandler.go | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/api/cluster/EnvironmentRestHandler.go b/api/cluster/EnvironmentRestHandler.go
index 154d2626f5..0fd75e8715 100644
--- a/api/cluster/EnvironmentRestHandler.go
+++ b/api/cluster/EnvironmentRestHandler.go
@@ -49,6 +49,12 @@ import (
 
 const ENV_DELETE_SUCCESS_RESP = "Environment deleted successfully."
 
+var (
+	// Regex patterns for environment name validation
+	envNameAlphanumericRegex = regexp.MustCompile(`^[a-z0-9-]+$`)
+	envNameLengthRegex       = regexp.MustCompile(`^.{1,16}$`)
+)
+
 type EnvironmentRestHandler interface {
 	Create(w http.ResponseWriter, r *http.Request)
 	Get(w http.ResponseWriter, r *http.Request)
@@ -107,13 +113,6 @@ func NewEnvironmentRestHandlerImpl(svc request.EnvironmentService, environmentRe
 	}
 }
 
-var (
-	// Regex patterns for environment name validation
-	envNameAlphanumericRegex = regexp.MustCompile(`^[a-z0-9-]+$`)
-	envNameNoStartEndHyphen  = regexp.MustCompile(`^(?![-]).*[^-]$`)
-	envNameLengthRegex       = regexp.MustCompile(`^.{1,16}$`)
-)
-
 // validateEnvironmentName validates the environment name against multiple regex patterns
 // Note: Required validation is already handled by struct validation tag
 func (impl EnvironmentRestHandlerImpl) validateEnvironmentName(envName string) error {
@@ -123,7 +122,7 @@ func (impl EnvironmentRestHandlerImpl) validateEnvironmentName(envName string) e
 	}
 
 	// Validation 2: Cannot start/end with '-'
-	if !envNameNoStartEndHyphen.MatchString(envName) {
+	if strings.HasPrefix(envName, "-") || strings.HasSuffix(envName, "-") {
 		return errors.New("Cannot start/end with '-'")
 	}