mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-08-08 03:33:56 +00:00
added ratcheting validation for embedded resource and x-kubernetes-list-type validation
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
This commit is contained in:
Nikhil Sharma
Paco Xu
parent
132f29769d
commit
400f52d491
@ -22,6 +22,7 @@ import (
|
|||||||
"sigs.k8s.io/structured-merge-diff/v4/fieldpath"
|
"sigs.k8s.io/structured-merge-diff/v4/fieldpath"
|
||||||
|
|
||||||
"k8s.io/apiextensions-apiserver/pkg/apiserver/schema/cel"
|
"k8s.io/apiextensions-apiserver/pkg/apiserver/schema/cel"
|
||||||
|
structurallisttype "k8s.io/apiextensions-apiserver/pkg/apiserver/schema/listtype"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
"k8s.io/apimachinery/pkg/util/validation/field"
|
"k8s.io/apimachinery/pkg/util/validation/field"
|
||||||
@ -97,6 +98,11 @@ func (a statusStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Obj
|
|||||||
|
|
||||||
v := obj.GetObjectKind().GroupVersionKind().Version
|
v := obj.GetObjectKind().GroupVersionKind().Version
|
||||||
|
|
||||||
|
// ratcheting validation of x-kubernetes-list-type value map and set
|
||||||
|
if oldErrs := structurallisttype.ValidateListSetsAndMaps(nil, a.structuralSchemas[v], uOld.Object); len(oldErrs) == 0 {
|
||||||
|
errs = append(errs, structurallisttype.ValidateListSetsAndMaps(nil, a.structuralSchemas[v], uNew.Object)...)
|
||||||
|
}
|
||||||
|
|
||||||
// validate x-kubernetes-validations rules
|
// validate x-kubernetes-validations rules
|
||||||
if celValidator, ok := a.customResourceStrategy.celValidators[v]; ok {
|
if celValidator, ok := a.customResourceStrategy.celValidators[v]; ok {
|
||||||
if has, err := hasBlockingErr(errs); has {
|
if has, err := hasBlockingErr(errs); has {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user