adding validations on kube-apiserver audit log options

Signed-off-by: huangjiuyuan <jiuyuan.huang@daocloud.io>
2025-07-29 06:27:05 +00:00 · 2017-07-17 17:13:00 +08:00 · 2017-07-17 17:13:00 +08:00 · 21d0f81564
commit 21d0f81564
parent e8eb858b2a
1 changed files with 12 additions and 0 deletions
--- a/staging/src/k8s.io/apiserver/pkg/server/options/audit.go
+++ b/staging/src/k8s.io/apiserver/pkg/server/options/audit.go
@ -119,6 +119,18 @@ func (o *AuditOptions) Validate() []error {
 			allErrors = append(allErrors, fmt.Errorf("invalid audit log format %s, allowed formats are %q", o.LogOptions.Format, strings.Join(pluginlog.AllowedFormats, ",")))
 		}
 	}
+
+	// Check validities of MaxAge, MaxBackups and MaxSize of log options
+	if o.LogOptions.MaxAge < 0 {
+		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxage %v can't be a negative number", o.LogOptions.MaxAge))
+	}
+	if o.LogOptions.MaxBackups < 0 {
+		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxbackup %v can't be a negative number", o.LogOptions.MaxBackups))
+	}
+	if o.LogOptions.MaxSize < 0 {
+		allErrors = append(allErrors, fmt.Errorf("--audit-log-maxsize %v can't be a negative number", o.LogOptions.MaxSize))
+	}
+
 	return allErrors
 }