Ejemplo n.º 1
0
func ValidateClientNameField(value string, field string) fielderrors.ValidationErrorList {
	if len(value) == 0 {
		return fielderrors.ValidationErrorList{fielderrors.NewFieldRequired(field)}
	} else if ok, msg := validation.NameIsDNSSubdomain(value, false); !ok {
		return fielderrors.ValidationErrorList{fielderrors.NewFieldInvalid(field, value, msg)}
	}
	return fielderrors.ValidationErrorList{}
}
Ejemplo n.º 2
0
func ValidateClientNameField(value string, fldPath *field.Path) field.ErrorList {
	if len(value) == 0 {
		return field.ErrorList{field.Required(fldPath, "")}
	} else if ok, msg := validation.NameIsDNSSubdomain(value, false); !ok {
		return field.ErrorList{field.Invalid(fldPath, value, msg)}
	}
	return field.ErrorList{}
}
Ejemplo n.º 3
0
func ValidateClientNameField(value string, fldPath *field.Path) field.ErrorList {
	if len(value) == 0 {
		return field.ErrorList{field.Required(fldPath, "")}
	} else if _, saName, err := serviceaccount.SplitUsername(value); err == nil {
		if reasons := validation.ValidateServiceAccountName(saName, false); len(reasons) != 0 {
			return field.ErrorList{field.Invalid(fldPath, value, strings.Join(reasons, ", "))}
		}
	} else if reasons := validation.NameIsDNSSubdomain(value, false); len(reasons) != 0 {
		return field.ErrorList{field.Invalid(fldPath, value, strings.Join(reasons, ", "))}
	}
	return field.ErrorList{}
}
Ejemplo n.º 4
0
func ValidateClientNameField(value string, fldPath *field.Path) field.ErrorList {
	if len(value) == 0 {
		return field.ErrorList{field.Required(fldPath, "")}
	} else if _, saName, err := serviceaccount.SplitUsername(value); err == nil {
		if ok, errString := validation.ValidateServiceAccountName(saName, false); !ok {
			return field.ErrorList{field.Invalid(fldPath, value, errString)}
		}
	} else if ok, msg := validation.NameIsDNSSubdomain(value, false); !ok {
		return field.ErrorList{field.Invalid(fldPath, value, msg)}
	}
	return field.ErrorList{}
}
Ejemplo n.º 5
0
// GetValidDNSSubdomainName massages the given name to be a valid dns subdomain name.
// Most resources (such as secrets, clusters) require the names to be valid dns subdomain.
// This is a generic function (not specific to federation). Should be moved to a more generic location if others want to use it.
func GetValidDNSSubdomainName(name string) (string, error) {
	// "_" are not allowed. Replace them by "-".
	name = regexp.MustCompile("_").ReplaceAllLiteralString(name, "-")
	maxLength := validation_util.DNS1123SubdomainMaxLength
	if len(name) > maxLength {
		name = name[0 : maxLength-1]
	}
	// Verify that name now passes the validation.
	if errors := validation.NameIsDNSSubdomain(name, false); len(errors) != 0 {
		return "", fmt.Errorf("errors in converting name to a valid DNS subdomain %s", errors)
	}
	return name, nil
}
Ejemplo n.º 6
0
func ValidateThirdPartyResourceName(name string, prefix bool) []string {
	// Make sure it's a valid DNS subdomain
	if msgs := apivalidation.NameIsDNSSubdomain(name, prefix); len(msgs) != 0 {
		return msgs
	}

	// Make sure it's at least three segments (kind + two-segment group name)
	if !prefix {
		parts := strings.Split(name, ".")
		if len(parts) < 3 {
			return []string{"must be at least three segments long: <kind>.<domain>.<tld>"}
		}
	}

	return nil
}
Ejemplo n.º 7
0
func ValidateThirdPartyResourceName(name string, prefix bool) (bool, string) {
	// Make sure it's a valid DNS subdomain
	if ok, msg := apivalidation.NameIsDNSSubdomain(name, prefix); !ok {
		return ok, msg
	}

	// Make sure it's at least three segments (kind + two-segment group name)
	if !prefix {
		parts := strings.Split(name, ".")
		if len(parts) < 3 {
			return false, "must be at least three segments long: <kind>.<domain>.<tld>"
		}
	}

	return true, ""
}
Ejemplo n.º 8
0
func validateIngressRules(IngressRules []extensions.IngressRule, fldPath *field.Path) field.ErrorList {
	allErrs := field.ErrorList{}
	if len(IngressRules) == 0 {
		return append(allErrs, field.Required(fldPath, ""))
	}
	for i, ih := range IngressRules {
		if len(ih.Host) > 0 {
			// TODO: Ports and ips are allowed in the host part of a url
			// according to RFC 3986, consider allowing them.
			if valid, errMsg := apivalidation.NameIsDNSSubdomain(ih.Host, false); !valid {
				allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, errMsg))
			}
			if isIP := (net.ParseIP(ih.Host) != nil); isIP {
				allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, "must be a DNS name, not an IP address"))
			}
		}
		allErrs = append(allErrs, validateIngressRuleValue(&ih.IngressRuleValue, fldPath.Index(0))...)
	}
	return allErrs
}
Ejemplo n.º 9
0
func validateIngressRules(IngressRules []extensions.IngressRule) errs.ValidationErrorList {
	allErrs := errs.ValidationErrorList{}
	if len(IngressRules) == 0 {
		return append(allErrs, errs.NewFieldRequired("IngressRules"))
	}
	for _, ih := range IngressRules {
		if len(ih.Host) > 0 {
			// TODO: Ports and ips are allowed in the host part of a url
			// according to RFC 3986, consider allowing them.
			if valid, errMsg := apivalidation.NameIsDNSSubdomain(ih.Host, false); !valid {
				allErrs = append(allErrs, errs.NewFieldInvalid("host", ih.Host, errMsg))
			}
			if isIP := (net.ParseIP(ih.Host) != nil); isIP {
				allErrs = append(allErrs, errs.NewFieldInvalid("host", ih.Host, "Host must be a DNS name, not ip address"))
			}
		}
		allErrs = append(allErrs, validateIngressRuleValue(&ih.IngressRuleValue).Prefix("ingressRule")...)
	}
	return allErrs
}
Ejemplo n.º 10
0
// ValidateConfigMapName can be used to check whether the given ConfigMap name is valid.
// Prefix indicates this name will be used as part of generation, in which case
// trailing dashes are allowed.
func ValidateConfigMapName(name string, prefix bool) (bool, string) {
	return apivalidation.NameIsDNSSubdomain(name, prefix)
}
Ejemplo n.º 11
0
// Validates that the given name can be used as a deployment name.
func ValidateDeploymentName(name string, prefix bool) (bool, string) {
	return apivalidation.NameIsDNSSubdomain(name, prefix)
}
Ejemplo n.º 12
0
func ValidateThirdPartyResourceName(name string, prefix bool) (bool, string) {
	return apivalidation.NameIsDNSSubdomain(name, prefix)
}
Ejemplo n.º 13
0
// ValidatePodSecurityPolicyName can be used to check whether the given
// pod security policy name is valid.
// Prefix indicates this name will be used as part of generation, in which case
// trailing dashes are allowed.
func ValidatePodSecurityPolicyName(name string, prefix bool) (bool, string) {
	return apivalidation.NameIsDNSSubdomain(name, prefix)
}
Ejemplo n.º 14
0
// ValidateNetworkPolicyName can be used to check whether the given networkpolicy
// name is valid.
func ValidateNetworkPolicyName(name string, prefix bool) []string {
	return apivalidation.NameIsDNSSubdomain(name, prefix)
}
Ejemplo n.º 15
0
// ValidateStatefulSetName can be used to check whether the given StatefulSet name is valid.
// Prefix indicates this name will be used as part of generation, in which case
// trailing dashes are allowed.
func ValidateStatefulSetName(name string, prefix bool) []string {
	// TODO: Validate that there's name for the suffix inserted by the pods.
	// Currently this is just "-index". In the future we may allow a user
	// specified list of suffixes and we need  to validate the longest one.
	return apivalidation.NameIsDNSSubdomain(name, prefix)
}
Ejemplo n.º 16
0
func ValidateClusterName(name string, prefix bool) (bool, string) {
	return validation.NameIsDNSSubdomain(name, prefix)
}