func ValidateClientNameField(value string, field string) fielderrors.ValidationErrorList {
if len(value) == 0 {
return fielderrors.ValidationErrorList{fielderrors.NewFieldRequired(field)}
} else if ok, msg := validation.NameIsDNSSubdomain(value, false); !ok {
return fielderrors.ValidationErrorList{fielderrors.NewFieldInvalid(field, value, msg)}
}
return fielderrors.ValidationErrorList{}
}
func ValidateClientNameField(value string, fldPath *field.Path) field.ErrorList {
if len(value) == 0 {
return field.ErrorList{field.Required(fldPath, "")}
} else if ok, msg := validation.NameIsDNSSubdomain(value, false); !ok {
return field.ErrorList{field.Invalid(fldPath, value, msg)}
}
return field.ErrorList{}
}
func ValidateClientNameField(value string, fldPath *field.Path) field.ErrorList {
if len(value) == 0 {
return field.ErrorList{field.Required(fldPath, "")}
} else if _, saName, err := serviceaccount.SplitUsername(value); err == nil {
if reasons := validation.ValidateServiceAccountName(saName, false); len(reasons) != 0 {
return field.ErrorList{field.Invalid(fldPath, value, strings.Join(reasons, ", "))}
}
} else if reasons := validation.NameIsDNSSubdomain(value, false); len(reasons) != 0 {
return field.ErrorList{field.Invalid(fldPath, value, strings.Join(reasons, ", "))}
}
return field.ErrorList{}
}
func ValidateClientNameField(value string, fldPath *field.Path) field.ErrorList {
if len(value) == 0 {
return field.ErrorList{field.Required(fldPath, "")}
} else if _, saName, err := serviceaccount.SplitUsername(value); err == nil {
if ok, errString := validation.ValidateServiceAccountName(saName, false); !ok {
return field.ErrorList{field.Invalid(fldPath, value, errString)}
}
} else if ok, msg := validation.NameIsDNSSubdomain(value, false); !ok {
return field.ErrorList{field.Invalid(fldPath, value, msg)}
}
return field.ErrorList{}
}
// GetValidDNSSubdomainName massages the given name to be a valid dns subdomain name.
// Most resources (such as secrets, clusters) require the names to be valid dns subdomain.
// This is a generic function (not specific to federation). Should be moved to a more generic location if others want to use it.
func GetValidDNSSubdomainName(name string) (string, error) {
// "_" are not allowed. Replace them by "-".
name = regexp.MustCompile("_").ReplaceAllLiteralString(name, "-")
maxLength := validation_util.DNS1123SubdomainMaxLength
if len(name) > maxLength {
name = name[0 : maxLength-1]
}
// Verify that name now passes the validation.
if errors := validation.NameIsDNSSubdomain(name, false); len(errors) != 0 {
return "", fmt.Errorf("errors in converting name to a valid DNS subdomain %s", errors)
}
return name, nil
}
func ValidateThirdPartyResourceName(name string, prefix bool) []string {
// Make sure it's a valid DNS subdomain
if msgs := apivalidation.NameIsDNSSubdomain(name, prefix); len(msgs) != 0 {
return msgs
}
// Make sure it's at least three segments (kind + two-segment group name)
if !prefix {
parts := strings.Split(name, ".")
if len(parts) < 3 {
return []string{"must be at least three segments long: <kind>.<domain>.<tld>"}
}
}
return nil
}
func ValidateThirdPartyResourceName(name string, prefix bool) (bool, string) {
// Make sure it's a valid DNS subdomain
if ok, msg := apivalidation.NameIsDNSSubdomain(name, prefix); !ok {
return ok, msg
}
// Make sure it's at least three segments (kind + two-segment group name)
if !prefix {
parts := strings.Split(name, ".")
if len(parts) < 3 {
return false, "must be at least three segments long: <kind>.<domain>.<tld>"
}
}
return true, ""
}
func validateIngressRules(IngressRules []extensions.IngressRule, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
if len(IngressRules) == 0 {
return append(allErrs, field.Required(fldPath, ""))
}
for i, ih := range IngressRules {
if len(ih.Host) > 0 {
// TODO: Ports and ips are allowed in the host part of a url
// according to RFC 3986, consider allowing them.
if valid, errMsg := apivalidation.NameIsDNSSubdomain(ih.Host, false); !valid {
allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, errMsg))
}
if isIP := (net.ParseIP(ih.Host) != nil); isIP {
allErrs = append(allErrs, field.Invalid(fldPath.Index(i).Child("host"), ih.Host, "must be a DNS name, not an IP address"))
}
}
allErrs = append(allErrs, validateIngressRuleValue(&ih.IngressRuleValue, fldPath.Index(0))...)
}
return allErrs
}
func validateIngressRules(IngressRules []extensions.IngressRule) errs.ValidationErrorList {
allErrs := errs.ValidationErrorList{}
if len(IngressRules) == 0 {
return append(allErrs, errs.NewFieldRequired("IngressRules"))
}
for _, ih := range IngressRules {
if len(ih.Host) > 0 {
// TODO: Ports and ips are allowed in the host part of a url
// according to RFC 3986, consider allowing them.
if valid, errMsg := apivalidation.NameIsDNSSubdomain(ih.Host, false); !valid {
allErrs = append(allErrs, errs.NewFieldInvalid("host", ih.Host, errMsg))
}
if isIP := (net.ParseIP(ih.Host) != nil); isIP {
allErrs = append(allErrs, errs.NewFieldInvalid("host", ih.Host, "Host must be a DNS name, not ip address"))
}
}
allErrs = append(allErrs, validateIngressRuleValue(&ih.IngressRuleValue).Prefix("ingressRule")...)
}
return allErrs
}
// ValidateConfigMapName can be used to check whether the given ConfigMap name is valid.
// Prefix indicates this name will be used as part of generation, in which case
// trailing dashes are allowed.
func ValidateConfigMapName(name string, prefix bool) (bool, string) {
return apivalidation.NameIsDNSSubdomain(name, prefix)
}
// Validates that the given name can be used as a deployment name.
func ValidateDeploymentName(name string, prefix bool) (bool, string) {
return apivalidation.NameIsDNSSubdomain(name, prefix)
}
func ValidateThirdPartyResourceName(name string, prefix bool) (bool, string) {
return apivalidation.NameIsDNSSubdomain(name, prefix)
}
// ValidatePodSecurityPolicyName can be used to check whether the given
// pod security policy name is valid.
// Prefix indicates this name will be used as part of generation, in which case
// trailing dashes are allowed.
func ValidatePodSecurityPolicyName(name string, prefix bool) (bool, string) {
return apivalidation.NameIsDNSSubdomain(name, prefix)
}
// ValidateNetworkPolicyName can be used to check whether the given networkpolicy
// name is valid.
func ValidateNetworkPolicyName(name string, prefix bool) []string {
return apivalidation.NameIsDNSSubdomain(name, prefix)
}
// ValidateStatefulSetName can be used to check whether the given StatefulSet name is valid.
// Prefix indicates this name will be used as part of generation, in which case
// trailing dashes are allowed.
func ValidateStatefulSetName(name string, prefix bool) []string {
// TODO: Validate that there's name for the suffix inserted by the pods.
// Currently this is just "-index". In the future we may allow a user
// specified list of suffixes and we need to validate the longest one.
return apivalidation.NameIsDNSSubdomain(name, prefix)
}
func ValidateClusterName(name string, prefix bool) (bool, string) {
return validation.NameIsDNSSubdomain(name, prefix)
}