diff --git a/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta.go b/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta.go index 3e234eb11dc..4d9efe3f72b 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta.go +++ b/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta.go @@ -33,7 +33,7 @@ import ( // FieldImmutableErrorMsg is a error message for field is immutable. const FieldImmutableErrorMsg string = `field is immutable` -const totalAnnotationSizeLimitB int = 256 * (1 << 10) // 256 kB +const TotalAnnotationSizeLimitB int = 256 * (1 << 10) // 256 kB // BannedOwners is a black list of object that are not allowed to be owners. var BannedOwners = map[schema.GroupVersionKind]struct{}{ @@ -46,19 +46,28 @@ var ValidateClusterName = NameIsDNS1035Label // ValidateAnnotations validates that a set of annotations are correctly defined. func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} - var totalSize int64 - for k, v := range annotations { + for k := range annotations { for _, msg := range validation.IsQualifiedName(strings.ToLower(k)) { allErrs = append(allErrs, field.Invalid(fldPath, k, msg)) } - totalSize += (int64)(len(k)) + (int64)(len(v)) } - if totalSize > (int64)(totalAnnotationSizeLimitB) { - allErrs = append(allErrs, field.TooLong(fldPath, "", totalAnnotationSizeLimitB)) + if err := ValidateAnnotationsSize(annotations); err != nil { + allErrs = append(allErrs, field.TooLong(fldPath, "", TotalAnnotationSizeLimitB)) } return allErrs } +func ValidateAnnotationsSize(annotations map[string]string) error { + var totalSize int64 + for k, v := range annotations { + totalSize += (int64)(len(k)) + (int64)(len(v)) + } + if totalSize > (int64)(TotalAnnotationSizeLimitB) { + return fmt.Errorf("annotations size %d is larger than limit %d", totalSize, TotalAnnotationSizeLimitB) + } + return nil +} + func validateOwnerReference(ownerReference metav1.OwnerReference, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} gvk := schema.FromAPIVersionAndKind(ownerReference.APIVersion, ownerReference.Kind) diff --git a/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta_test.go b/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta_test.go index ebd6c7e7c7a..349da67f8aa 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta_test.go +++ b/staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta_test.go @@ -452,10 +452,10 @@ func TestValidateAnnotations(t *testing.T) { {"1234/5678": "bar"}, {"1.2.3.4/5678": "bar"}, {"UpperCase123": "bar"}, - {"a": strings.Repeat("b", totalAnnotationSizeLimitB-1)}, + {"a": strings.Repeat("b", TotalAnnotationSizeLimitB-1)}, { - "a": strings.Repeat("b", totalAnnotationSizeLimitB/2-1), - "c": strings.Repeat("d", totalAnnotationSizeLimitB/2-1), + "a": strings.Repeat("b", TotalAnnotationSizeLimitB/2-1), + "c": strings.Repeat("d", TotalAnnotationSizeLimitB/2-1), }, } for i := range successCases { @@ -485,10 +485,10 @@ func TestValidateAnnotations(t *testing.T) { } } totalSizeErrorCases := []map[string]string{ - {"a": strings.Repeat("b", totalAnnotationSizeLimitB)}, + {"a": strings.Repeat("b", TotalAnnotationSizeLimitB)}, { - "a": strings.Repeat("b", totalAnnotationSizeLimitB/2), - "c": strings.Repeat("d", totalAnnotationSizeLimitB/2), + "a": strings.Repeat("b", TotalAnnotationSizeLimitB/2), + "c": strings.Repeat("d", TotalAnnotationSizeLimitB/2), }, } for i := range totalSizeErrorCases { diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/lastappliedupdater.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/lastappliedupdater.go index ad651a2b59d..7cd4eb1289b 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/lastappliedupdater.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/lastappliedupdater.go @@ -21,12 +21,11 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/meta" + apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime" ) -const totalAnnotationSizeLimitB int64 = 256 * (1 << 10) // 256 kB - type lastAppliedUpdater struct { fieldManager Manager } @@ -94,7 +93,7 @@ func setLastApplied(obj runtime.Object, value string) error { annotations = map[string]string{} } annotations[corev1.LastAppliedConfigAnnotation] = value - if isAnnotationsValid(annotations) != nil { + if err := apimachineryvalidation.ValidateAnnotationsSize(annotations); err != nil { delete(annotations, corev1.LastAppliedConfigAnnotation) } accessor.SetAnnotations(annotations) @@ -120,14 +119,3 @@ func buildLastApplied(obj runtime.Object) (string, error) { } return string(lastApplied), nil } - -func isAnnotationsValid(annotations map[string]string) error { - var totalSize int64 - for k, v := range annotations { - totalSize += (int64)(len(k)) + (int64)(len(v)) - } - if totalSize > (int64)(totalAnnotationSizeLimitB) { - return fmt.Errorf("annotations size %d is larger than limit %d", totalSize, totalAnnotationSizeLimitB) - } - return nil -}