github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-30 06:54:01 +00:00
Code Issues Projects Releases Wiki Activity

Fix up existing NetworkPolicy validation

Browse Source 
Paths were wrong for most errors.
Field name was wrong for namespaceSelector.
This commit is contained in:
Dan Winship 2017-01-11 17:17:01 -05:00
parent 4f8f6006cf
commit 83ac613b89
1 changed files with 12 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
pkg/apis/extensions/validation/validation.go
View File

@ -828,26 +828,25 @@ func ValidateNetworkPolicySpec(spec *extensions.NetworkPolicySpec, fldPath *fiel
allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(&spec.PodSelector, fldPath.Child("podSelector"))...)
// Validate ingress rules.
for _, i := range spec.Ingress {
for i, ingress := range spec.Ingress {
ingressPath := fldPath.Child("ingress").Index(i)
// TODO: Update From to be a pointer to slice as soon as auto-generation supports it.
for _, f := range i.From {
for i, from := range ingress.From {
fromPath := ingressPath.Child("from").Index(i)
numFroms := 0
if f.PodSelector != nil {
if from.PodSelector != nil {
numFroms++
allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(f.PodSelector, fldPath.Child("podSelector"))...)
allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(from.PodSelector, fromPath.Child("podSelector"))...)
}
if f.NamespaceSelector != nil {
if numFroms > 0 {
allErrs = append(allErrs, field.Forbidden(fldPath, "may not specify more than 1 from type"))
} else {
numFroms++
allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(f.NamespaceSelector, fldPath.Child("namespaces"))...)
}
if from.NamespaceSelector != nil {
numFroms++
allErrs = append(allErrs, unversionedvalidation.ValidateLabelSelector(from.NamespaceSelector, fromPath.Child("namespaceSelector"))...)
}
if numFroms == 0 {
// At least one of PodSelector and NamespaceSelector must be defined.
allErrs = append(allErrs, field.Required(fldPath, "must specify a from type"))
allErrs = append(allErrs, field.Required(fromPath, "must specify a from type"))
} else if numFroms > 1 {
allErrs = append(allErrs, field.Forbidden(fromPath, "may not specify more than 1 from type"))
}
}
}