From 131ce993c4856b469f701bf9eb356db62efa5c1b Mon Sep 17 00:00:00 2001 From: markturansky Date: Sat, 24 Jan 2015 09:36:22 -0500 Subject: [PATCH] Added validation for annotations --- pkg/api/validation/validation.go | 6 ++ pkg/api/validation/validation_test.go | 79 ++++++++++++++++++++++++++- 2 files changed, 83 insertions(+), 2 deletions(-) diff --git a/pkg/api/validation/validation.go b/pkg/api/validation/validation.go index 01d0a734c75..c7bf09c8204 100644 --- a/pkg/api/validation/validation.go +++ b/pkg/api/validation/validation.go @@ -399,6 +399,7 @@ func ValidatePod(pod *api.Pod) errs.ValidationErrorList { } allErrs = append(allErrs, ValidatePodSpec(&pod.Spec).Prefix("spec")...) allErrs = append(allErrs, ValidateLabels(pod.Labels, "labels")...) + allErrs = append(allErrs, ValidateLabels(pod.Annotations, "annotations")...) return allErrs } @@ -482,6 +483,7 @@ func ValidateService(service *api.Service, lister ServiceLister, ctx api.Context allErrs = append(allErrs, ValidateLabels(service.Spec.Selector, "spec.selector")...) } allErrs = append(allErrs, ValidateLabels(service.Labels, "labels")...) + allErrs = append(allErrs, ValidateLabels(service.Annotations, "annotations")...) if service.Spec.CreateExternalLoadBalancer { services, err := lister.ListServices(ctx) @@ -518,6 +520,7 @@ func ValidateReplicationController(controller *api.ReplicationController) errs.V } allErrs = append(allErrs, ValidateReplicationControllerSpec(&controller.Spec).Prefix("spec")...) allErrs = append(allErrs, ValidateLabels(controller.Labels, "labels")...) + allErrs = append(allErrs, ValidateLabels(controller.Annotations, "annotations")...) return allErrs } @@ -540,6 +543,7 @@ func ValidateReplicationControllerSpec(spec *api.ReplicationControllerSpec) errs if !selector.Matches(labels) { allErrs = append(allErrs, errs.NewFieldInvalid("template.labels", spec.Template.Labels, "selector does not match template")) } + allErrs = append(allErrs, ValidateLabels(spec.Template.Annotations, "annotations")...) allErrs = append(allErrs, ValidatePodTemplateSpec(spec.Template).Prefix("template")...) // RestartPolicy has already been first-order validated as per ValidatePodTemplateSpec(). if spec.Template.Spec.RestartPolicy.Always == nil { @@ -555,6 +559,7 @@ func ValidateReplicationControllerSpec(spec *api.ReplicationControllerSpec) errs func ValidatePodTemplateSpec(spec *api.PodTemplateSpec) errs.ValidationErrorList { allErrs := errs.ValidationErrorList{} allErrs = append(allErrs, ValidateLabels(spec.Labels, "labels")...) + allErrs = append(allErrs, ValidateLabels(spec.Annotations, "annotations")...) allErrs = append(allErrs, ValidatePodSpec(&spec.Spec).Prefix("spec")...) allErrs = append(allErrs, ValidateReadOnlyPersistentDisks(spec.Spec.Volumes).Prefix("spec.volumes")...) return allErrs @@ -599,6 +604,7 @@ func ValidateMinion(minion *api.Node) errs.ValidationErrorList { allErrs = append(allErrs, errs.NewFieldRequired("name", minion.Name)) } allErrs = append(allErrs, ValidateLabels(minion.Labels, "labels")...) + allErrs = append(allErrs, ValidateLabels(minion.Annotations, "annotations")...) return allErrs } diff --git a/pkg/api/validation/validation_test.go b/pkg/api/validation/validation_test.go index 5d1bd72a8aa..58d47a69e6b 100644 --- a/pkg/api/validation/validation_test.go +++ b/pkg/api/validation/validation_test.go @@ -567,6 +567,24 @@ func TestValidatePod(t *testing.T) { Containers: []api.Container{{}}, }, }, + "bad label": { + ObjectMeta: api.ObjectMeta{ + Name: "abc", + Namespace: "ns", + Labels: map[string]string{ + "NoUppercaseOrSpecialCharsLike=Equals": "bar", + }, + }, + }, + "bad annotation": { + ObjectMeta: api.ObjectMeta{ + Name: "abc", + Namespace: "ns", + Annotations: map[string]string{ + "NoUppercaseOrSpecialCharsLike=Equals": "bar", + }, + }, + }, } for k, v := range errorCases { if errs := ValidatePod(&v); len(errs) == 0 { @@ -613,6 +631,26 @@ func TestValidatePodUpdate(t *testing.T) { true, "labels", }, + { + api.Pod{ + ObjectMeta: api.ObjectMeta{ + Name: "foo", + Annotations: map[string]string{ + "foo": "bar", + }, + }, + }, + api.Pod{ + ObjectMeta: api.ObjectMeta{ + Name: "foo", + Annotations: map[string]string{ + "bar": "foo", + }, + }, + }, + true, + "annotations", + }, { api.Pod{ ObjectMeta: api.ObjectMeta{ @@ -1008,6 +1046,22 @@ func TestValidateService(t *testing.T) { }, numErrs: 1, }, + { + name: "invalid annotation", + svc: api.Service{ + ObjectMeta: api.ObjectMeta{ + Name: "abc123", + Namespace: api.NamespaceDefault, + Annotations: map[string]string{ + "NoUppercaseOrSpecialCharsLike=Equals": "bar", + }, + }, + Spec: api.ServiceSpec{ + Port: 8675, + }, + }, + numErrs: 1, + }, { name: "invalid selector", svc: api.Service{ @@ -1173,6 +1227,19 @@ func TestValidateReplicationController(t *testing.T) { Template: &invalidPodTemplate.Spec, }, }, + "invalid_annotation": { + ObjectMeta: api.ObjectMeta{ + Name: "abc-123", + Namespace: api.NamespaceDefault, + Annotations: map[string]string{ + "NoUppercaseOrSpecialCharsLike=Equals": "bar", + }, + }, + Spec: api.ReplicationControllerSpec{ + Selector: validSelector, + Template: &validPodTemplate.Spec, + }, + }, "invalid restart policy 1": { ObjectMeta: api.ObjectMeta{ Name: "abc-123", @@ -1227,7 +1294,8 @@ func TestValidateReplicationController(t *testing.T) { field != "GCEPersistentDisk.ReadOnly" && field != "spec.replicas" && field != "spec.template.labels" && - field != "labels" { + field != "labels" && + field != "annotations" { t.Errorf("%s: missing prefix for: %v", k, errs[i]) } } @@ -1294,6 +1362,12 @@ func TestValidateMinion(t *testing.T) { Labels: invalidSelector, }, }, + "invalid-annotations": { + ObjectMeta: api.ObjectMeta{ + Name: "abc-123", + Annotations: invalidSelector, + }, + }, } for k, v := range errorCases { errs := ValidateMinion(&v) @@ -1303,7 +1377,8 @@ func TestValidateMinion(t *testing.T) { for i := range errs { field := errs[i].(*errors.ValidationError).Field if field != "name" && - field != "labels" { + field != "labels" && + field != "annotations" { t.Errorf("%s: missing prefix for: %v", k, errs[i]) } }