github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-01 07:47:56 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #102150 from julianvmodesto/ssa-big-last-applied-followup

Browse Source 
Make apimachineryvalidation.totalAnnotationSizeLimitB public
This commit is contained in:
Kubernetes Prow Robot 2021-05-25 17:03:20 -07:00 committed by GitHub
commit 5078091aa5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta.go
View File

@ -33,7 +33,7 @@ import (
// FieldImmutableErrorMsg is a error message for field is immutable. // FieldImmutableErrorMsg is a error message for field is immutable.
const FieldImmutableErrorMsg string = `field is immutable` const FieldImmutableErrorMsg string = `field is immutable`
const totalAnnotationSizeLimitB int = 256 * (1 << 10) // 256 kB const TotalAnnotationSizeLimitB int = 256 * (1 << 10) // 256 kB
// BannedOwners is a black list of object that are not allowed to be owners. // BannedOwners is a black list of object that are not allowed to be owners.
var BannedOwners = map[schema.GroupVersionKind]struct{}{ var BannedOwners = map[schema.GroupVersionKind]struct{}{
@ -46,19 +46,28 @@ var ValidateClusterName = NameIsDNS1035Label
// ValidateAnnotations validates that a set of annotations are correctly defined. // ValidateAnnotations validates that a set of annotations are correctly defined.
func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList { func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{} allErrs := field.ErrorList{}
var totalSize int64 for k := range annotations {
for k, v := range annotations {
for _, msg := range validation.IsQualifiedName(strings.ToLower(k)) { for _, msg := range validation.IsQualifiedName(strings.ToLower(k)) {
allErrs = append(allErrs, field.Invalid(fldPath, k, msg)) allErrs = append(allErrs, field.Invalid(fldPath, k, msg))
} }
totalSize += (int64)(len(k)) + (int64)(len(v))
} }
if totalSize > (int64)(totalAnnotationSizeLimitB) { if err := ValidateAnnotationsSize(annotations); err != nil {
allErrs = append(allErrs, field.TooLong(fldPath, "", totalAnnotationSizeLimitB)) allErrs = append(allErrs, field.TooLong(fldPath, "", TotalAnnotationSizeLimitB))
} }
return allErrs return allErrs
} }
func ValidateAnnotationsSize(annotations map[string]string) error {
var totalSize int64
for k, v := range annotations {
totalSize += (int64)(len(k)) + (int64)(len(v))
}
if totalSize > (int64)(TotalAnnotationSizeLimitB) {
return fmt.Errorf("annotations size %d is larger than limit %d", totalSize, TotalAnnotationSizeLimitB)
}
return nil
}
func validateOwnerReference(ownerReference metav1.OwnerReference, fldPath *field.Path) field.ErrorList { func validateOwnerReference(ownerReference metav1.OwnerReference, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{} allErrs := field.ErrorList{}
gvk := schema.FromAPIVersionAndKind(ownerReference.APIVersion, ownerReference.Kind) gvk := schema.FromAPIVersionAndKind(ownerReference.APIVersion, ownerReference.Kind)

12
staging/src/k8s.io/apimachinery/pkg/api/validation/objectmeta_test.go
View File

@ -452,10 +452,10 @@ func TestValidateAnnotations(t *testing.T) {
{"1234/5678": "bar"}, {"1234/5678": "bar"},
{"1.2.3.4/5678": "bar"}, {"1.2.3.4/5678": "bar"},
{"UpperCase123": "bar"}, {"UpperCase123": "bar"},
{"a": strings.Repeat("b", totalAnnotationSizeLimitB-1)}, {"a": strings.Repeat("b", TotalAnnotationSizeLimitB-1)},
{ {
"a": strings.Repeat("b", totalAnnotationSizeLimitB/2-1), "a": strings.Repeat("b", TotalAnnotationSizeLimitB/2-1),
"c": strings.Repeat("d", totalAnnotationSizeLimitB/2-1), "c": strings.Repeat("d", TotalAnnotationSizeLimitB/2-1),
}, },
} }
for i := range successCases { for i := range successCases {
@ -485,10 +485,10 @@ func TestValidateAnnotations(t *testing.T) {
} }
} }
totalSizeErrorCases := []map[string]string{ totalSizeErrorCases := []map[string]string{
{"a": strings.Repeat("b", totalAnnotationSizeLimitB)}, {"a": strings.Repeat("b", TotalAnnotationSizeLimitB)},
{ {
"a": strings.Repeat("b", totalAnnotationSizeLimitB/2), "a": strings.Repeat("b", TotalAnnotationSizeLimitB/2),
"c": strings.Repeat("d", totalAnnotationSizeLimitB/2), "c": strings.Repeat("d", TotalAnnotationSizeLimitB/2),
}, },
} }
for i := range totalSizeErrorCases { for i := range totalSizeErrorCases {

16
staging/src/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/lastappliedupdater.go
View File

@ -21,12 +21,11 @@ import (
corev1 "k8s.io/api/core/v1" corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/meta" "k8s.io/apimachinery/pkg/api/meta"
apimachineryvalidation "k8s.io/apimachinery/pkg/api/validation"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime"
) )
const totalAnnotationSizeLimitB int64 = 256 * (1 << 10) // 256 kB
type lastAppliedUpdater struct { type lastAppliedUpdater struct {
fieldManager Manager fieldManager Manager
} }
@ -94,7 +93,7 @@ func setLastApplied(obj runtime.Object, value string) error {
annotations = map[string]string{} annotations = map[string]string{}
} }
annotations[corev1.LastAppliedConfigAnnotation] = value annotations[corev1.LastAppliedConfigAnnotation] = value
if isAnnotationsValid(annotations) != nil { if err := apimachineryvalidation.ValidateAnnotationsSize(annotations); err != nil {
delete(annotations, corev1.LastAppliedConfigAnnotation) delete(annotations, corev1.LastAppliedConfigAnnotation)
} }
accessor.SetAnnotations(annotations) accessor.SetAnnotations(annotations)
@ -120,14 +119,3 @@ func buildLastApplied(obj runtime.Object) (string, error) {
} }
return string(lastApplied), nil return string(lastApplied), nil
} }
func isAnnotationsValid(annotations map[string]string) error {
var totalSize int64
for k, v := range annotations {
totalSize += (int64)(len(k)) + (int64)(len(v))
}
if totalSize > (int64)(totalAnnotationSizeLimitB) {
return fmt.Errorf("annotations size %d is larger than limit %d", totalSize, totalAnnotationSizeLimitB)
}
return nil
}