func (m *buildSpecMutator) Mutate(fn ImageReferenceMutateFunc) field.ErrorList { var errs field.ErrorList for i, image := range m.spec.Source.Images { if err := fn(&image.From); err != nil { errs = append(errs, field.InternalError(m.path.Child("source", "images").Index(i).Child("from", "name"), err)) continue } } if s := m.spec.Strategy.CustomStrategy; s != nil { if err := fn(&s.From); err != nil { errs = append(errs, field.InternalError(m.path.Child("strategy", "customStrategy", "from", "name"), err)) } } if s := m.spec.Strategy.DockerStrategy; s != nil { if s.From != nil { if err := fn(s.From); err != nil { errs = append(errs, field.InternalError(m.path.Child("strategy", "dockerStrategy", "from", "name"), err)) } } } if s := m.spec.Strategy.SourceStrategy; s != nil { if err := fn(&s.From); err != nil { errs = append(errs, field.InternalError(m.path.Child("strategy", "sourceStrategy", "from", "name"), err)) } } return errs }
// Mutate applies fn to all containers and init containers. If fn changes the Kind to // any value other than "DockerImage", an error is set on that field. func (m *podSpecMutator) Mutate(fn ImageReferenceMutateFunc) field.ErrorList { var errs field.ErrorList for i := range m.spec.InitContainers { ref := kapi.ObjectReference{Kind: "DockerImage", Name: m.spec.InitContainers[i].Image} if err := fn(&ref); err != nil { errs = append(errs, field.InternalError(m.path.Child("initContainers").Index(i).Child("image"), err)) continue } if ref.Kind != "DockerImage" { errs = append(errs, field.InternalError(m.path.Child("initContainers").Index(i).Child("image"), fmt.Errorf("pod specs may only contain references to docker images, not %q", ref.Kind))) continue } m.spec.InitContainers[i].Image = ref.Name } for i := range m.spec.Containers { ref := kapi.ObjectReference{Kind: "DockerImage", Name: m.spec.Containers[i].Image} if err := fn(&ref); err != nil { errs = append(errs, field.InternalError(m.path.Child("containers").Index(i).Child("image"), err)) continue } if ref.Kind != "DockerImage" { errs = append(errs, field.InternalError(m.path.Child("containers").Index(i).Child("image"), fmt.Errorf("pod specs may only contain references to docker images, not %q", ref.Kind))) continue } m.spec.Containers[i].Image = ref.Name } return errs }
// Validate validates a new client func (s strategy) Validate(ctx kapi.Context, obj runtime.Object) field.ErrorList { auth := obj.(*api.OAuthClientAuthorization) validationErrors := validation.ValidateClientAuthorization(auth) client, err := s.clientGetter.GetClient(ctx, auth.ClientName) if err != nil { return append(validationErrors, field.InternalError(field.NewPath("clientName"), err)) } if err := scopeauthorizer.ValidateScopeRestrictions(client, auth.Scopes...); err != nil { return append(validationErrors, field.InternalError(field.NewPath("clientName"), err)) } return validationErrors }
func (v *RuntimeObjectsValidator) ValidateUpdate(obj, old runtime.Object) field.ErrorList { if obj == nil && old == nil { return field.ErrorList{} } if newType, oldType := reflect.TypeOf(obj), reflect.TypeOf(old); newType != oldType { return field.ErrorList{field.Invalid(field.NewPath("kind"), newType.Kind(), validation.NewInvalidTypeError(oldType.Kind(), newType.Kind(), "runtime.Object").Error())} } allErrs := field.ErrorList{} specificValidationInfo, err := v.getSpecificValidationInfo(obj) if err != nil { if fieldErr, ok := err.(*field.Error); ok { allErrs = append(allErrs, fieldErr) } else { allErrs = append(allErrs, field.InternalError(nil, err)) } return allErrs } allErrs = append(allErrs, specificValidationInfo.Validator.ValidateUpdate(obj, old)...) // no errors so far, make sure that the new object is actually valid against the original validator if len(allErrs) == 0 { allErrs = append(allErrs, specificValidationInfo.Validator.Validate(obj)...) } return allErrs }
func (v *RuntimeObjectsValidator) Validate(obj runtime.Object) field.ErrorList { if obj == nil { return field.ErrorList{} } allErrs := field.ErrorList{} specificValidationInfo, err := v.getSpecificValidationInfo(obj) if err != nil { allErrs = append(allErrs, field.InternalError(nil, err)) return allErrs } allErrs = append(allErrs, specificValidationInfo.Validator.Validate(obj)...) return allErrs }
func validateObject(obj runtime.Object) (errors field.ErrorList) { switch t := obj.(type) { case *api.ReplicationController: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateReplicationController(t) case *api.ReplicationControllerList: for i := range t.Items { errors = append(errors, validateObject(&t.Items[i])...) } case *api.Service: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateService(t) case *api.ServiceList: for i := range t.Items { errors = append(errors, validateObject(&t.Items[i])...) } case *api.Pod: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidatePod(t) case *api.PodList: for i := range t.Items { errors = append(errors, validateObject(&t.Items[i])...) } case *api.PersistentVolume: errors = validation.ValidatePersistentVolume(t) case *api.PersistentVolumeClaim: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidatePersistentVolumeClaim(t) case *api.PodTemplate: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidatePodTemplate(t) case *api.Endpoints: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateEndpoints(t) case *api.Namespace: errors = validation.ValidateNamespace(t) case *api.Secret: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateSecret(t) case *api.LimitRange: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateLimitRange(t) case *api.ResourceQuota: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateResourceQuota(t) case *extensions.Deployment: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateDeployment(t) case *extensions.Job: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateJob(t) case *extensions.Ingress: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateIngress(t) case *extensions.DaemonSet: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateDaemonSet(t) default: return field.ErrorList{field.InternalError(field.NewPath(""), fmt.Errorf("no validation defined for %#v", obj))} } return errors }
func validateObject(obj runtime.Object) (errors field.ErrorList) { switch t := obj.(type) { case *api.ReplicationController: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateReplicationController(t) case *api.ReplicationControllerList: for i := range t.Items { errors = append(errors, validateObject(&t.Items[i])...) } case *api.Service: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateService(t) case *api.ServiceList: for i := range t.Items { errors = append(errors, validateObject(&t.Items[i])...) } case *api.Pod: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidatePod(t) case *api.PodList: for i := range t.Items { errors = append(errors, validateObject(&t.Items[i])...) } case *api.PersistentVolume: errors = validation.ValidatePersistentVolume(t) case *api.PersistentVolumeClaim: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidatePersistentVolumeClaim(t) case *api.PodTemplate: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidatePodTemplate(t) case *api.Endpoints: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateEndpoints(t) case *api.Namespace: errors = validation.ValidateNamespace(t) case *api.Secret: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateSecret(t) case *api.LimitRange: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateLimitRange(t) case *api.ResourceQuota: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = validation.ValidateResourceQuota(t) case *extensions.Deployment: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateDeployment(t) case *extensions.Job: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } // Job needs generateSelector called before validation, and job.Validate does this. // See: https://github.com/kubernetes/kubernetes/issues/20951#issuecomment-187787040 t.ObjectMeta.UID = types.UID("fakeuid") errors = job.Strategy.Validate(nil, t) case *extensions.Ingress: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateIngress(t) case *extensions.DaemonSet: if t.Namespace == "" { t.Namespace = api.NamespaceDefault } errors = expvalidation.ValidateDaemonSet(t) default: errors = field.ErrorList{} errors = append(errors, field.InternalError(field.NewPath(""), fmt.Errorf("no validation defined for %#v", obj))) } return errors }