From 3a110546ed8ab319a3997b788889c943cdb6f05d Mon Sep 17 00:00:00 2001 From: Dan Winship Date: Wed, 14 Oct 2020 13:12:11 -0400 Subject: [PATCH] Move SCTP to GA --- .../core/validation/conditional_validation.go | 118 --------- .../validation/conditional_validation_test.go | 225 ------------------ pkg/apis/core/validation/validation_test.go | 4 +- pkg/apis/networking/validation/BUILD | 16 +- .../validation/conditional_validation.go | 59 ----- .../validation/conditional_validation_test.go | 108 --------- .../networking/validation/validation_test.go | 5 - pkg/features/kube_features.go | 4 +- pkg/registry/apps/daemonset/BUILD | 1 - pkg/registry/apps/daemonset/strategy.go | 6 +- pkg/registry/apps/deployment/BUILD | 1 - pkg/registry/apps/deployment/strategy.go | 6 +- pkg/registry/apps/replicaset/BUILD | 1 - pkg/registry/apps/replicaset/strategy.go | 6 +- pkg/registry/apps/statefulset/BUILD | 1 - pkg/registry/apps/statefulset/strategy.go | 6 +- pkg/registry/batch/cronjob/BUILD | 1 - pkg/registry/batch/cronjob/strategy.go | 12 +- pkg/registry/batch/job/BUILD | 1 - pkg/registry/batch/job/strategy.go | 6 +- pkg/registry/core/endpoint/strategy.go | 8 +- pkg/registry/core/pod/strategy.go | 9 +- pkg/registry/core/podtemplate/strategy.go | 8 +- .../core/replicationcontroller/strategy.go | 5 +- .../networking/networkpolicy/strategy.go | 5 +- 25 files changed, 21 insertions(+), 601 deletions(-) delete mode 100644 pkg/apis/networking/validation/conditional_validation.go delete mode 100644 pkg/apis/networking/validation/conditional_validation_test.go diff --git a/pkg/apis/core/validation/conditional_validation.go b/pkg/apis/core/validation/conditional_validation.go index fc7661a2bdf..cc2393d4de9 100644 --- a/pkg/apis/core/validation/conditional_validation.go +++ b/pkg/apis/core/validation/conditional_validation.go @@ -33,12 +33,6 @@ import ( // is the cluster default, although the clusterIP here dictates the family defaulting. func ValidateConditionalService(service, oldService *api.Service, allowedIPFamilies []api.IPFamily) field.ErrorList { var errs field.ErrorList - // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it - if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(serviceSCTPFields(oldService)) == 0 { - for _, f := range serviceSCTPFields(service) { - errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) - } - } errs = append(errs, validateIPFamily(service, oldService, allowedIPFamilies)...) @@ -114,115 +108,3 @@ func joinIPFamilies(families []api.IPFamily, separator string) string { } return b.String() } - -func serviceSCTPFields(service *api.Service) []*field.Path { - if service == nil { - return nil - } - fields := []*field.Path{} - for pIndex, p := range service.Spec.Ports { - if p.Protocol == api.ProtocolSCTP { - fields = append(fields, field.NewPath("spec.ports").Index(pIndex).Child("protocol")) - } - } - return fields -} - -// ValidateConditionalEndpoints validates conditionally valid fields. -func ValidateConditionalEndpoints(endpoints, oldEndpoints *api.Endpoints) field.ErrorList { - var errs field.ErrorList - // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it - if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(endpointsSCTPFields(oldEndpoints)) == 0 { - for _, f := range endpointsSCTPFields(endpoints) { - errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) - } - } - return errs -} - -func endpointsSCTPFields(endpoints *api.Endpoints) []*field.Path { - if endpoints == nil { - return nil - } - fields := []*field.Path{} - for sIndex, s := range endpoints.Subsets { - for pIndex, p := range s.Ports { - if p.Protocol == api.ProtocolSCTP { - fields = append(fields, field.NewPath("subsets").Index(sIndex).Child("ports").Index(pIndex).Child("protocol")) - } - } - } - return fields -} - -// ValidateConditionalPodTemplate validates conditionally valid fields. -// This should be called from Validate/ValidateUpdate for all resources containing a PodTemplateSpec -func ValidateConditionalPodTemplate(podTemplate, oldPodTemplate *api.PodTemplateSpec, fldPath *field.Path) field.ErrorList { - var ( - podSpec *api.PodSpec - oldPodSpec *api.PodSpec - ) - if podTemplate != nil { - podSpec = &podTemplate.Spec - } - if oldPodTemplate != nil { - oldPodSpec = &oldPodTemplate.Spec - } - return validateConditionalPodSpec(podSpec, oldPodSpec, fldPath.Child("spec")) -} - -// ValidateConditionalPod validates conditionally valid fields. -// This should be called from Validate/ValidateUpdate for all resources containing a Pod -func ValidateConditionalPod(pod, oldPod *api.Pod, fldPath *field.Path) field.ErrorList { - var ( - podSpec *api.PodSpec - oldPodSpec *api.PodSpec - ) - if pod != nil { - podSpec = &pod.Spec - } - if oldPod != nil { - oldPodSpec = &oldPod.Spec - } - return validateConditionalPodSpec(podSpec, oldPodSpec, fldPath.Child("spec")) -} - -func validateConditionalPodSpec(podSpec, oldPodSpec *api.PodSpec, fldPath *field.Path) field.ErrorList { - // Always make sure we have a non-nil current pod spec - if podSpec == nil { - podSpec = &api.PodSpec{} - } - - errs := field.ErrorList{} - - // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it - if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(podSCTPFields(oldPodSpec, nil)) == 0 { - for _, f := range podSCTPFields(podSpec, fldPath) { - errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) - } - } - - return errs -} - -func podSCTPFields(podSpec *api.PodSpec, fldPath *field.Path) []*field.Path { - if podSpec == nil { - return nil - } - fields := []*field.Path{} - for cIndex, c := range podSpec.InitContainers { - for pIndex, p := range c.Ports { - if p.Protocol == api.ProtocolSCTP { - fields = append(fields, fldPath.Child("initContainers").Index(cIndex).Child("ports").Index(pIndex).Child("protocol")) - } - } - } - for cIndex, c := range podSpec.Containers { - for pIndex, p := range c.Ports { - if p.Protocol == api.ProtocolSCTP { - fields = append(fields, fldPath.Child("containers").Index(cIndex).Child("ports").Index(pIndex).Child("protocol")) - } - } - } - return fields -} diff --git a/pkg/apis/core/validation/conditional_validation_test.go b/pkg/apis/core/validation/conditional_validation_test.go index b6a836eb145..fe1c7737ab3 100644 --- a/pkg/apis/core/validation/conditional_validation_test.go +++ b/pkg/apis/core/validation/conditional_validation_test.go @@ -17,7 +17,6 @@ limitations under the License. package validation import ( - "fmt" "reflect" "strings" "testing" @@ -29,230 +28,6 @@ import ( "k8s.io/kubernetes/pkg/features" ) -func TestValidatePodSCTP(t *testing.T) { - objectWithValue := func() *api.Pod { - return &api.Pod{ - Spec: api.PodSpec{ - Containers: []api.Container{{Name: "container1", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 80, Protocol: api.ProtocolSCTP}}}}, - InitContainers: []api.Container{{Name: "container2", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 90, Protocol: api.ProtocolSCTP}}}}, - }, - } - } - objectWithoutValue := func() *api.Pod { - return &api.Pod{ - Spec: api.PodSpec{ - Containers: []api.Container{{Name: "container1", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 80, Protocol: api.ProtocolTCP}}}}, - InitContainers: []api.Container{{Name: "container2", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 90, Protocol: api.ProtocolTCP}}}}, - }, - } - } - - objectInfo := []struct { - description string - hasValue bool - object func() *api.Pod - }{ - { - description: "has value", - hasValue: true, - object: objectWithValue, - }, - { - description: "does not have value", - hasValue: false, - object: objectWithoutValue, - }, - { - description: "is nil", - hasValue: false, - object: func() *api.Pod { return nil }, - }, - } - - for _, enabled := range []bool{true, false} { - for _, oldPodInfo := range objectInfo { - for _, newPodInfo := range objectInfo { - oldPodHasValue, oldPod := oldPodInfo.hasValue, oldPodInfo.object() - newPodHasValue, newPod := newPodInfo.hasValue, newPodInfo.object() - if newPod == nil { - continue - } - - t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldPodInfo.description, newPodInfo.description), func(t *testing.T) { - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() - errs := ValidateConditionalPod(newPod, oldPod, nil) - // objects should never be changed - if !reflect.DeepEqual(oldPod, oldPodInfo.object()) { - t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldPod, oldPodInfo.object())) - } - if !reflect.DeepEqual(newPod, newPodInfo.object()) { - t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newPod, newPodInfo.object())) - } - - switch { - case enabled || oldPodHasValue || !newPodHasValue: - if len(errs) > 0 { - t.Errorf("unexpected errors: %v", errs) - } - default: - if len(errs) != 2 { - t.Errorf("expected 2 errors, got %v", errs) - } - } - }) - } - } - } -} - -func TestValidateServiceSCTP(t *testing.T) { - objectWithValue := func() *api.Service { - return &api.Service{ - Spec: api.ServiceSpec{ - Ports: []api.ServicePort{{Protocol: api.ProtocolSCTP}}, - }, - } - } - objectWithoutValue := func() *api.Service { - return &api.Service{ - Spec: api.ServiceSpec{ - Ports: []api.ServicePort{{Protocol: api.ProtocolTCP}}, - }, - } - } - - objectInfo := []struct { - description string - hasValue bool - object func() *api.Service - }{ - { - description: "has value", - hasValue: true, - object: objectWithValue, - }, - { - description: "does not have value", - hasValue: false, - object: objectWithoutValue, - }, - { - description: "is nil", - hasValue: false, - object: func() *api.Service { return nil }, - }, - } - - for _, enabled := range []bool{true, false} { - for _, oldServiceInfo := range objectInfo { - for _, newServiceInfo := range objectInfo { - oldServiceHasValue, oldService := oldServiceInfo.hasValue, oldServiceInfo.object() - newServiceHasValue, newService := newServiceInfo.hasValue, newServiceInfo.object() - if newService == nil { - continue - } - - t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldServiceInfo.description, newServiceInfo.description), func(t *testing.T) { - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() - errs := ValidateConditionalService(newService, oldService, []api.IPFamily{api.IPv4Protocol}) - // objects should never be changed - if !reflect.DeepEqual(oldService, oldServiceInfo.object()) { - t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldService, oldServiceInfo.object())) - } - if !reflect.DeepEqual(newService, newServiceInfo.object()) { - t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newService, newServiceInfo.object())) - } - - switch { - case enabled || oldServiceHasValue || !newServiceHasValue: - if len(errs) > 0 { - t.Errorf("unexpected errors: %v", errs) - } - default: - if len(errs) != 1 { - t.Errorf("expected 1 error, got %v", errs) - } - } - }) - } - } - } -} - -func TestValidateEndpointsSCTP(t *testing.T) { - objectWithValue := func() *api.Endpoints { - return &api.Endpoints{ - Subsets: []api.EndpointSubset{ - {Ports: []api.EndpointPort{{Protocol: api.ProtocolSCTP}}}, - }, - } - } - objectWithoutValue := func() *api.Endpoints { - return &api.Endpoints{ - Subsets: []api.EndpointSubset{ - {Ports: []api.EndpointPort{{Protocol: api.ProtocolTCP}}}, - }, - } - } - - objectInfo := []struct { - description string - hasValue bool - object func() *api.Endpoints - }{ - { - description: "has value", - hasValue: true, - object: objectWithValue, - }, - { - description: "does not have value", - hasValue: false, - object: objectWithoutValue, - }, - { - description: "is nil", - hasValue: false, - object: func() *api.Endpoints { return nil }, - }, - } - - for _, enabled := range []bool{true, false} { - for _, oldEndpointsInfo := range objectInfo { - for _, newEndpointsInfo := range objectInfo { - oldEndpointsHasValue, oldEndpoints := oldEndpointsInfo.hasValue, oldEndpointsInfo.object() - newEndpointsHasValue, newEndpoints := newEndpointsInfo.hasValue, newEndpointsInfo.object() - if newEndpoints == nil { - continue - } - - t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldEndpointsInfo.description, newEndpointsInfo.description), func(t *testing.T) { - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() - errs := ValidateConditionalEndpoints(newEndpoints, oldEndpoints) - // objects should never be changed - if !reflect.DeepEqual(oldEndpoints, oldEndpointsInfo.object()) { - t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldEndpoints, oldEndpointsInfo.object())) - } - if !reflect.DeepEqual(newEndpoints, newEndpointsInfo.object()) { - t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newEndpoints, newEndpointsInfo.object())) - } - - switch { - case enabled || oldEndpointsHasValue || !newEndpointsHasValue: - if len(errs) > 0 { - t.Errorf("unexpected errors: %v", errs) - } - default: - if len(errs) != 1 { - t.Errorf("expected 1 error, got %v", errs) - } - } - }) - } - } - } -} - func TestValidateServiceIPFamily(t *testing.T) { ipv4 := api.IPv4Protocol ipv6 := api.IPv6Protocol diff --git a/pkg/apis/core/validation/validation_test.go b/pkg/apis/core/validation/validation_test.go index b892b4043fd..e4019568918 100644 --- a/pkg/apis/core/validation/validation_test.go +++ b/pkg/apis/core/validation/validation_test.go @@ -4410,12 +4410,11 @@ func TestValidateResourceQuotaWithAlphaLocalStorageCapacityIsolation(t *testing. } func TestValidatePorts(t *testing.T) { - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, true)() successCase := []core.ContainerPort{ {Name: "abc", ContainerPort: 80, HostPort: 80, Protocol: "TCP"}, {Name: "easy", ContainerPort: 82, Protocol: "TCP"}, {Name: "as", ContainerPort: 83, Protocol: "UDP"}, - {Name: "do-re-me", ContainerPort: 84, Protocol: "UDP"}, + {Name: "do-re-me", ContainerPort: 84, Protocol: "SCTP"}, {ContainerPort: 85, Protocol: "TCP"}, } if errs := validateContainerPorts(successCase, field.NewPath("field")); len(errs) != 0 { @@ -9894,7 +9893,6 @@ func TestValidatePodEphemeralContainersUpdate(t *testing.T) { } func TestValidateServiceCreate(t *testing.T) { - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, true)() defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.ServiceTopology, true)() testCases := []struct { diff --git a/pkg/apis/networking/validation/BUILD b/pkg/apis/networking/validation/BUILD index f7e5a2b2da8..24253843628 100644 --- a/pkg/apis/networking/validation/BUILD +++ b/pkg/apis/networking/validation/BUILD @@ -8,41 +8,30 @@ load( go_test( name = "go_default_test", - srcs = [ - "conditional_validation_test.go", - "validation_test.go", - ], + srcs = ["validation_test.go"], embed = [":go_default_library"], deps = [ "//pkg/apis/core:go_default_library", "//pkg/apis/networking:go_default_library", - "//pkg/features:go_default_library", "//staging/src/k8s.io/api/networking/v1:go_default_library", "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//staging/src/k8s.io/apimachinery/pkg/util/diff:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/intstr:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", - "//staging/src/k8s.io/component-base/featuregate/testing:go_default_library", "//vendor/k8s.io/utils/pointer:go_default_library", ], ) go_library( name = "go_default_library", - srcs = [ - "conditional_validation.go", - "validation.go", - ], + srcs = ["validation.go"], importpath = "k8s.io/kubernetes/pkg/apis/networking/validation", deps = [ "//pkg/apis/core:go_default_library", "//pkg/apis/core/validation:go_default_library", "//pkg/apis/networking:go_default_library", - "//pkg/features:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/api/networking/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/validation:go_default_library", @@ -53,7 +42,6 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", - "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", ], ) diff --git a/pkg/apis/networking/validation/conditional_validation.go b/pkg/apis/networking/validation/conditional_validation.go deleted file mode 100644 index 90d746756a7..00000000000 --- a/pkg/apis/networking/validation/conditional_validation.go +++ /dev/null @@ -1,59 +0,0 @@ -/* -Copyright 2019 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "k8s.io/apimachinery/pkg/util/validation/field" - utilfeature "k8s.io/apiserver/pkg/util/feature" - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/networking" - "k8s.io/kubernetes/pkg/features" -) - -// ValidateConditionalNetworkPolicy validates conditionally valid fields. -func ValidateConditionalNetworkPolicy(np, oldNP *networking.NetworkPolicy) field.ErrorList { - var errs field.ErrorList - // If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it - if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(sctpFields(oldNP)) == 0 { - for _, f := range sctpFields(np) { - errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)})) - } - } - return errs -} - -func sctpFields(np *networking.NetworkPolicy) []*field.Path { - if np == nil { - return nil - } - fields := []*field.Path{} - for iIndex, e := range np.Spec.Ingress { - for pIndex, p := range e.Ports { - if p.Protocol != nil && *p.Protocol == api.ProtocolSCTP { - fields = append(fields, field.NewPath("spec.ingress").Index(iIndex).Child("ports").Index(pIndex).Child("protocol")) - } - } - } - for eIndex, e := range np.Spec.Egress { - for pIndex, p := range e.Ports { - if p.Protocol != nil && *p.Protocol == api.ProtocolSCTP { - fields = append(fields, field.NewPath("spec.egress").Index(eIndex).Child("ports").Index(pIndex).Child("protocol")) - } - } - } - return fields -} diff --git a/pkg/apis/networking/validation/conditional_validation_test.go b/pkg/apis/networking/validation/conditional_validation_test.go deleted file mode 100644 index d9f06bdba67..00000000000 --- a/pkg/apis/networking/validation/conditional_validation_test.go +++ /dev/null @@ -1,108 +0,0 @@ -/* -Copyright 2019 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "fmt" - "reflect" - "testing" - - "k8s.io/apimachinery/pkg/util/diff" - utilfeature "k8s.io/apiserver/pkg/util/feature" - featuregatetesting "k8s.io/component-base/featuregate/testing" - api "k8s.io/kubernetes/pkg/apis/core" - "k8s.io/kubernetes/pkg/apis/networking" - "k8s.io/kubernetes/pkg/features" -) - -func TestValidateNetworkPolicySCTP(t *testing.T) { - sctpProtocol := api.ProtocolSCTP - tcpProtocol := api.ProtocolTCP - objectWithValue := func() *networking.NetworkPolicy { - return &networking.NetworkPolicy{ - Spec: networking.NetworkPolicySpec{ - Ingress: []networking.NetworkPolicyIngressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &sctpProtocol}}}}, - Egress: []networking.NetworkPolicyEgressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &sctpProtocol}}}}, - }, - } - } - objectWithoutValue := func() *networking.NetworkPolicy { - return &networking.NetworkPolicy{ - Spec: networking.NetworkPolicySpec{ - Ingress: []networking.NetworkPolicyIngressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &tcpProtocol}}}}, - Egress: []networking.NetworkPolicyEgressRule{{Ports: []networking.NetworkPolicyPort{{Protocol: &tcpProtocol}}}}, - }, - } - } - - objectInfo := []struct { - description string - hasValue bool - object func() *networking.NetworkPolicy - }{ - { - description: "has value", - hasValue: true, - object: objectWithValue, - }, - { - description: "does not have value", - hasValue: false, - object: objectWithoutValue, - }, - { - description: "is nil", - hasValue: false, - object: func() *networking.NetworkPolicy { return nil }, - }, - } - - for _, enabled := range []bool{true, false} { - for _, oldNetworkPolicyInfo := range objectInfo { - for _, newNetworkPolicyInfo := range objectInfo { - oldNetworkPolicyHasValue, oldNetworkPolicy := oldNetworkPolicyInfo.hasValue, oldNetworkPolicyInfo.object() - newNetworkPolicyHasValue, newNetworkPolicy := newNetworkPolicyInfo.hasValue, newNetworkPolicyInfo.object() - if newNetworkPolicy == nil { - continue - } - - t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldNetworkPolicyInfo.description, newNetworkPolicyInfo.description), func(t *testing.T) { - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)() - errs := ValidateConditionalNetworkPolicy(newNetworkPolicy, oldNetworkPolicy) - // objects should never be changed - if !reflect.DeepEqual(oldNetworkPolicy, oldNetworkPolicyInfo.object()) { - t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldNetworkPolicy, oldNetworkPolicyInfo.object())) - } - if !reflect.DeepEqual(newNetworkPolicy, newNetworkPolicyInfo.object()) { - t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newNetworkPolicy, newNetworkPolicyInfo.object())) - } - - switch { - case enabled || oldNetworkPolicyHasValue || !newNetworkPolicyHasValue: - if len(errs) > 0 { - t.Errorf("unexpected errors: %v", errs) - } - default: - if len(errs) != 2 { - t.Errorf("expected 2 errors, got %v", errs) - } - } - }) - } - } - } -} diff --git a/pkg/apis/networking/validation/validation_test.go b/pkg/apis/networking/validation/validation_test.go index fde1be039e4..82973a11cb3 100644 --- a/pkg/apis/networking/validation/validation_test.go +++ b/pkg/apis/networking/validation/validation_test.go @@ -28,11 +28,8 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/util/validation/field" - utilfeature "k8s.io/apiserver/pkg/util/feature" - featuregatetesting "k8s.io/component-base/featuregate/testing" api "k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/apis/networking" - "k8s.io/kubernetes/pkg/features" utilpointer "k8s.io/utils/pointer" ) @@ -42,8 +39,6 @@ func TestValidateNetworkPolicy(t *testing.T) { protocolICMP := api.Protocol("ICMP") protocolSCTP := api.ProtocolSCTP - defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, true)() - successCases := []networking.NetworkPolicy{ { ObjectMeta: metav1.ObjectMeta{Name: "foo", Namespace: "bar"}, diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go index e8320433564..dff61f92d70 100644 --- a/pkg/features/kube_features.go +++ b/pkg/features/kube_features.go @@ -326,6 +326,8 @@ const ( // owner: @janosi // alpha: v1.12 + // beta: v1.18 + // GA: v1.20 // // Enables SCTP as new protocol for Service ports, NetworkPolicy, and ContainerPort in Pod/Containers definition SCTPSupport featuregate.Feature = "SCTPSupport" @@ -704,7 +706,7 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS CSIVolumeFSGroupPolicy: {Default: false, PreRelease: featuregate.Alpha}, RuntimeClass: {Default: true, PreRelease: featuregate.Beta}, NodeLease: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, - SCTPSupport: {Default: true, PreRelease: featuregate.Beta}, + SCTPSupport: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.22 VolumeSnapshotDataSource: {Default: true, PreRelease: featuregate.Beta}, ProcMountType: {Default: false, PreRelease: featuregate.Alpha}, TTLAfterFinished: {Default: false, PreRelease: featuregate.Alpha}, diff --git a/pkg/registry/apps/daemonset/BUILD b/pkg/registry/apps/daemonset/BUILD index 97fd09d50ad..68ae8aefac1 100644 --- a/pkg/registry/apps/daemonset/BUILD +++ b/pkg/registry/apps/daemonset/BUILD @@ -18,7 +18,6 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", - "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", diff --git a/pkg/registry/apps/daemonset/strategy.go b/pkg/registry/apps/daemonset/strategy.go index 02d80a61a71..436aac5aa45 100644 --- a/pkg/registry/apps/daemonset/strategy.go +++ b/pkg/registry/apps/daemonset/strategy.go @@ -33,7 +33,6 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" - corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // daemonSetStrategy implements verification logic for daemon sets. @@ -116,9 +115,7 @@ func (daemonSetStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime. // Validate validates a new daemon set. func (daemonSetStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { daemonSet := obj.(*apps.DaemonSet) - allErrs := validation.ValidateDaemonSet(daemonSet) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&daemonSet.Spec.Template, nil, field.NewPath("spec.template"))...) - return allErrs + return validation.ValidateDaemonSet(daemonSet) } // Canonicalize normalizes the object after validation. @@ -137,7 +134,6 @@ func (daemonSetStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Ob oldDaemonSet := old.(*apps.DaemonSet) allErrs := validation.ValidateDaemonSet(obj.(*apps.DaemonSet)) allErrs = append(allErrs, validation.ValidateDaemonSetUpdate(newDaemonSet, oldDaemonSet)...) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&newDaemonSet.Spec.Template, &oldDaemonSet.Spec.Template, field.NewPath("spec.template"))...) // Update is not allowed to set Spec.Selector for apps/v1 and apps/v1beta2 (allowed for extensions/v1beta1). // If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector) diff --git a/pkg/registry/apps/deployment/BUILD b/pkg/registry/apps/deployment/BUILD index 8e67835fde4..1ba9a291035 100644 --- a/pkg/registry/apps/deployment/BUILD +++ b/pkg/registry/apps/deployment/BUILD @@ -18,7 +18,6 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", - "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/pkg/registry/apps/deployment/strategy.go b/pkg/registry/apps/deployment/strategy.go index bca13ba27b9..8b1af655ee0 100644 --- a/pkg/registry/apps/deployment/strategy.go +++ b/pkg/registry/apps/deployment/strategy.go @@ -34,7 +34,6 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" - corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // deploymentStrategy implements behavior for Deployments. @@ -80,9 +79,7 @@ func (deploymentStrategy) PrepareForCreate(ctx context.Context, obj runtime.Obje // Validate validates a new deployment. func (deploymentStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { deployment := obj.(*apps.Deployment) - allErrs := validation.ValidateDeployment(deployment) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&deployment.Spec.Template, nil, field.NewPath("spec.template"))...) - return allErrs + return validation.ValidateDeployment(deployment) } // Canonicalize normalizes the object after validation. @@ -116,7 +113,6 @@ func (deploymentStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.O newDeployment := obj.(*apps.Deployment) oldDeployment := old.(*apps.Deployment) allErrs := validation.ValidateDeploymentUpdate(newDeployment, oldDeployment) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&newDeployment.Spec.Template, &oldDeployment.Spec.Template, field.NewPath("spec.template"))...) // Update is not allowed to set Spec.Selector for all groups/versions except extensions/v1beta1. // If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector) diff --git a/pkg/registry/apps/replicaset/BUILD b/pkg/registry/apps/replicaset/BUILD index 5784b261e9b..bce7b57ba80 100644 --- a/pkg/registry/apps/replicaset/BUILD +++ b/pkg/registry/apps/replicaset/BUILD @@ -18,7 +18,6 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", - "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/api/extensions/v1beta1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", diff --git a/pkg/registry/apps/replicaset/strategy.go b/pkg/registry/apps/replicaset/strategy.go index 750cf406da0..163b786eb1d 100644 --- a/pkg/registry/apps/replicaset/strategy.go +++ b/pkg/registry/apps/replicaset/strategy.go @@ -41,7 +41,6 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" - corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // rsStrategy implements verification logic for ReplicaSets. @@ -109,9 +108,7 @@ func (rsStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) // Validate validates a new ReplicaSet. func (rsStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { rs := obj.(*apps.ReplicaSet) - allErrs := validation.ValidateReplicaSet(rs) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&rs.Spec.Template, nil, field.NewPath("spec.template"))...) - return allErrs + return validation.ValidateReplicaSet(rs) } // Canonicalize normalizes the object after validation. @@ -130,7 +127,6 @@ func (rsStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) f oldReplicaSet := old.(*apps.ReplicaSet) allErrs := validation.ValidateReplicaSet(obj.(*apps.ReplicaSet)) allErrs = append(allErrs, validation.ValidateReplicaSetUpdate(newReplicaSet, oldReplicaSet)...) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&newReplicaSet.Spec.Template, &oldReplicaSet.Spec.Template, field.NewPath("spec.template"))...) // Update is not allowed to set Spec.Selector for all groups/versions except extensions/v1beta1. // If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector) diff --git a/pkg/registry/apps/statefulset/BUILD b/pkg/registry/apps/statefulset/BUILD index b20cedbfc39..91d62f93092 100644 --- a/pkg/registry/apps/statefulset/BUILD +++ b/pkg/registry/apps/statefulset/BUILD @@ -18,7 +18,6 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/apps:go_default_library", "//pkg/apis/apps/validation:go_default_library", - "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/apps/v1beta1:go_default_library", "//staging/src/k8s.io/api/apps/v1beta2:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/api/equality:go_default_library", diff --git a/pkg/registry/apps/statefulset/strategy.go b/pkg/registry/apps/statefulset/strategy.go index 2b259dc87e5..4bca4d693eb 100644 --- a/pkg/registry/apps/statefulset/strategy.go +++ b/pkg/registry/apps/statefulset/strategy.go @@ -32,7 +32,6 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/apps" "k8s.io/kubernetes/pkg/apis/apps/validation" - corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // statefulSetStrategy implements verification logic for Replication StatefulSets. @@ -97,9 +96,7 @@ func (statefulSetStrategy) PrepareForUpdate(ctx context.Context, obj, old runtim // Validate validates a new StatefulSet. func (statefulSetStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { statefulSet := obj.(*apps.StatefulSet) - allErrs := validation.ValidateStatefulSet(statefulSet) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&statefulSet.Spec.Template, nil, field.NewPath("spec.template"))...) - return allErrs + return validation.ValidateStatefulSet(statefulSet) } // Canonicalize normalizes the object after validation. @@ -117,7 +114,6 @@ func (statefulSetStrategy) ValidateUpdate(ctx context.Context, obj, old runtime. oldStatefulSet := old.(*apps.StatefulSet) validationErrorList := validation.ValidateStatefulSet(newStatefulSet) updateErrorList := validation.ValidateStatefulSetUpdate(newStatefulSet, oldStatefulSet) - updateErrorList = append(updateErrorList, corevalidation.ValidateConditionalPodTemplate(&newStatefulSet.Spec.Template, &oldStatefulSet.Spec.Template, field.NewPath("spec.template"))...) return append(validationErrorList, updateErrorList...) } diff --git a/pkg/registry/batch/cronjob/BUILD b/pkg/registry/batch/cronjob/BUILD index f92330d56ad..40cc472645c 100644 --- a/pkg/registry/batch/cronjob/BUILD +++ b/pkg/registry/batch/cronjob/BUILD @@ -18,7 +18,6 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/batch/validation:go_default_library", - "//pkg/apis/core/validation:go_default_library", "//staging/src/k8s.io/api/batch/v1beta1:go_default_library", "//staging/src/k8s.io/api/batch/v2alpha1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", diff --git a/pkg/registry/batch/cronjob/strategy.go b/pkg/registry/batch/cronjob/strategy.go index 15780e795fe..e103067c76d 100644 --- a/pkg/registry/batch/cronjob/strategy.go +++ b/pkg/registry/batch/cronjob/strategy.go @@ -31,7 +31,6 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/batch" "k8s.io/kubernetes/pkg/apis/batch/validation" - corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" ) // cronJobStrategy implements verification logic for Replication Controllers. @@ -84,9 +83,7 @@ func (cronJobStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Ob // Validate validates a new scheduled job. func (cronJobStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { cronJob := obj.(*batch.CronJob) - allErrs := validation.ValidateCronJob(cronJob) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&cronJob.Spec.JobTemplate.Spec.Template, nil, field.NewPath("spec.jobTemplate.spec.template"))...) - return allErrs + return validation.ValidateCronJob(cronJob) } // Canonicalize normalizes the object after validation. @@ -106,12 +103,7 @@ func (cronJobStrategy) AllowCreateOnUpdate() bool { func (cronJobStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { newCronJob := obj.(*batch.CronJob) oldCronJob := old.(*batch.CronJob) - allErrs := validation.ValidateCronJobUpdate(newCronJob, oldCronJob) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate( - &newCronJob.Spec.JobTemplate.Spec.Template, - &oldCronJob.Spec.JobTemplate.Spec.Template, - field.NewPath("spec.jobTemplate.spec.template"))...) - return allErrs + return validation.ValidateCronJobUpdate(newCronJob, oldCronJob) } type cronJobStatusStrategy struct { diff --git a/pkg/registry/batch/job/BUILD b/pkg/registry/batch/job/BUILD index ee05958900b..9e886479452 100644 --- a/pkg/registry/batch/job/BUILD +++ b/pkg/registry/batch/job/BUILD @@ -18,7 +18,6 @@ go_library( "//pkg/api/pod:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/batch/validation:go_default_library", - "//pkg/apis/core/validation:go_default_library", "//pkg/features:go_default_library", "//staging/src/k8s.io/api/batch/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/pkg/registry/batch/job/strategy.go b/pkg/registry/batch/job/strategy.go index e6ece3d538d..e755178a289 100644 --- a/pkg/registry/batch/job/strategy.go +++ b/pkg/registry/batch/job/strategy.go @@ -38,7 +38,6 @@ import ( "k8s.io/kubernetes/pkg/api/pod" "k8s.io/kubernetes/pkg/apis/batch" "k8s.io/kubernetes/pkg/apis/batch/validation" - corevalidation "k8s.io/kubernetes/pkg/apis/core/validation" "k8s.io/kubernetes/pkg/features" ) @@ -104,9 +103,7 @@ func (jobStrategy) Validate(ctx context.Context, obj runtime.Object) field.Error if job.Spec.ManualSelector == nil || *job.Spec.ManualSelector == false { generateSelector(job) } - allErrs := validation.ValidateJob(job) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&job.Spec.Template, nil, field.NewPath("spec.template"))...) - return allErrs + return validation.ValidateJob(job) } // generateSelector adds a selector to a job and labels to its template @@ -178,7 +175,6 @@ func (jobStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) oldJob := old.(*batch.Job) validationErrorList := validation.ValidateJob(job) updateErrorList := validation.ValidateJobUpdate(job, oldJob) - updateErrorList = append(updateErrorList, corevalidation.ValidateConditionalPodTemplate(&job.Spec.Template, &oldJob.Spec.Template, field.NewPath("spec.template"))...) return append(validationErrorList, updateErrorList...) } diff --git a/pkg/registry/core/endpoint/strategy.go b/pkg/registry/core/endpoint/strategy.go index 9feb751ae84..2d1c7501917 100644 --- a/pkg/registry/core/endpoint/strategy.go +++ b/pkg/registry/core/endpoint/strategy.go @@ -52,9 +52,7 @@ func (endpointsStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime. // Validate validates a new endpoints. func (endpointsStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { - allErrs := validation.ValidateEndpointsCreate(obj.(*api.Endpoints)) - allErrs = append(allErrs, validation.ValidateConditionalEndpoints(obj.(*api.Endpoints), nil)...) - return allErrs + return validation.ValidateEndpointsCreate(obj.(*api.Endpoints)) } // Canonicalize normalizes the object after validation. @@ -68,9 +66,7 @@ func (endpointsStrategy) AllowCreateOnUpdate() bool { // ValidateUpdate is the default update validation for an end user. func (endpointsStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { - errorList := validation.ValidateEndpointsUpdate(obj.(*api.Endpoints), old.(*api.Endpoints)) - errorList = append(errorList, validation.ValidateConditionalEndpoints(obj.(*api.Endpoints), old.(*api.Endpoints))...) - return errorList + return validation.ValidateEndpointsUpdate(obj.(*api.Endpoints), old.(*api.Endpoints)) } func (endpointsStrategy) AllowUnconditionalUpdate() bool { diff --git a/pkg/registry/core/pod/strategy.go b/pkg/registry/core/pod/strategy.go index 8c671e35070..fe9fe3c8496 100644 --- a/pkg/registry/core/pod/strategy.go +++ b/pkg/registry/core/pod/strategy.go @@ -95,10 +95,7 @@ func (podStrategy) Validate(ctx context.Context, obj runtime.Object) field.Error // Allow multiple huge pages on pod create if feature is enabled AllowMultipleHugePageResources: utilfeature.DefaultFeatureGate.Enabled(features.HugePageStorageMediumSize), } - allErrs := validation.ValidatePodCreate(pod, opts) - allErrs = append(allErrs, validation.ValidateConditionalPod(pod, nil, field.NewPath(""))...) - - return allErrs + return validation.ValidatePodCreate(pod, opts) } // Canonicalize normalizes the object after validation. @@ -117,9 +114,7 @@ func (podStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) // Allow multiple huge pages on pod create if feature is enabled or if the old pod already has multiple hugepages specified AllowMultipleHugePageResources: oldFailsSingleHugepagesValidation || utilfeature.DefaultFeatureGate.Enabled(features.HugePageStorageMediumSize), } - errorList := validation.ValidatePodUpdate(obj.(*api.Pod), old.(*api.Pod), opts) - errorList = append(errorList, validation.ValidateConditionalPod(obj.(*api.Pod), old.(*api.Pod), field.NewPath(""))...) - return errorList + return validation.ValidatePodUpdate(obj.(*api.Pod), old.(*api.Pod), opts) } // AllowUnconditionalUpdate allows pods to be overwritten diff --git a/pkg/registry/core/podtemplate/strategy.go b/pkg/registry/core/podtemplate/strategy.go index 3d856097f5a..eb79e1ee3c6 100644 --- a/pkg/registry/core/podtemplate/strategy.go +++ b/pkg/registry/core/podtemplate/strategy.go @@ -53,9 +53,7 @@ func (podTemplateStrategy) PrepareForCreate(ctx context.Context, obj runtime.Obj // Validate validates a new pod template. func (podTemplateStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { template := obj.(*api.PodTemplate) - allErrs := corevalidation.ValidatePodTemplate(template) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&template.Template, nil, field.NewPath("template"))...) - return allErrs + return corevalidation.ValidatePodTemplate(template) } // Canonicalize normalizes the object after validation. @@ -79,9 +77,7 @@ func (podTemplateStrategy) PrepareForUpdate(ctx context.Context, obj, old runtim func (podTemplateStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { template := obj.(*api.PodTemplate) oldTemplate := old.(*api.PodTemplate) - allErrs := corevalidation.ValidatePodTemplateUpdate(template, oldTemplate) - allErrs = append(allErrs, corevalidation.ValidateConditionalPodTemplate(&template.Template, &oldTemplate.Template, field.NewPath("template"))...) - return allErrs + return corevalidation.ValidatePodTemplateUpdate(template, oldTemplate) } func (podTemplateStrategy) AllowUnconditionalUpdate() bool { diff --git a/pkg/registry/core/replicationcontroller/strategy.go b/pkg/registry/core/replicationcontroller/strategy.go index 2bbdad49a53..38c1cc911f3 100644 --- a/pkg/registry/core/replicationcontroller/strategy.go +++ b/pkg/registry/core/replicationcontroller/strategy.go @@ -108,9 +108,7 @@ func (rcStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) // Validate validates a new replication controller. func (rcStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { controller := obj.(*api.ReplicationController) - allErrs := validation.ValidateReplicationController(controller) - allErrs = append(allErrs, validation.ValidateConditionalPodTemplate(controller.Spec.Template, nil, field.NewPath("spec.template"))...) - return allErrs + return validation.ValidateReplicationController(controller) } // Canonicalize normalizes the object after validation. @@ -130,7 +128,6 @@ func (rcStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) f validationErrorList := validation.ValidateReplicationController(newRc) updateErrorList := validation.ValidateReplicationControllerUpdate(newRc, oldRc) - updateErrorList = append(updateErrorList, validation.ValidateConditionalPodTemplate(newRc.Spec.Template, oldRc.Spec.Template, field.NewPath("spec.template"))...) errs := append(validationErrorList, updateErrorList...) for key, value := range helper.NonConvertibleFields(oldRc.Annotations) { diff --git a/pkg/registry/networking/networkpolicy/strategy.go b/pkg/registry/networking/networkpolicy/strategy.go index 521c37585b8..8dc3ea7edea 100644 --- a/pkg/registry/networking/networkpolicy/strategy.go +++ b/pkg/registry/networking/networkpolicy/strategy.go @@ -64,9 +64,7 @@ func (networkPolicyStrategy) PrepareForUpdate(ctx context.Context, obj, old runt // Validate validates a new NetworkPolicy. func (networkPolicyStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { networkPolicy := obj.(*networking.NetworkPolicy) - allErrs := validation.ValidateNetworkPolicy(networkPolicy) - allErrs = append(allErrs, validation.ValidateConditionalNetworkPolicy(networkPolicy, nil)...) - return allErrs + return validation.ValidateNetworkPolicy(networkPolicy) } // Canonicalize normalizes the object after validation. @@ -81,7 +79,6 @@ func (networkPolicyStrategy) AllowCreateOnUpdate() bool { func (networkPolicyStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { validationErrorList := validation.ValidateNetworkPolicy(obj.(*networking.NetworkPolicy)) updateErrorList := validation.ValidateNetworkPolicyUpdate(obj.(*networking.NetworkPolicy), old.(*networking.NetworkPolicy)) - updateErrorList = append(updateErrorList, validation.ValidateConditionalNetworkPolicy(obj.(*networking.NetworkPolicy), old.(*networking.NetworkPolicy))...) return append(validationErrorList, updateErrorList...) }