From 56be55141650cb9237900649f4c7192db79b5e47 Mon Sep 17 00:00:00 2001
From: Tim Hockin <thockin@google.com>
Date: Mon, 29 Feb 2016 13:22:45 -0800
Subject: [PATCH] Validate volume paths do not have ':'

---
 api/swagger-spec/batch_v1.json                         | 2 +-
 api/swagger-spec/extensions_v1beta1.json               | 2 +-
 api/swagger-spec/v1.json                               | 2 +-
 docs/api-reference/extensions/v1beta1/definitions.html | 4 ++--
 docs/api-reference/v1/definitions.html                 | 4 ++--
 pkg/api/types.go                                       | 2 +-
 pkg/api/v1/types.go                                    | 3 ++-
 pkg/api/v1/types_swagger_doc_generated.go              | 2 +-
 pkg/api/validation/validation.go                       | 2 ++
 pkg/api/validation/validation_test.go                  | 1 +
 10 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/api/swagger-spec/batch_v1.json b/api/swagger-spec/batch_v1.json
index e635a55657a..ef7df557159 100644
--- a/api/swagger-spec/batch_v1.json
+++ b/api/swagger-spec/batch_v1.json
@@ -1965,7 +1965,7 @@
      },
      "mountPath": {
       "type": "string",
-      "description": "Path within the container at which the volume should be mounted."
+      "description": "Path within the container at which the volume should be mounted.  Must not contain ':'."
      }
     }
    },
diff --git a/api/swagger-spec/extensions_v1beta1.json b/api/swagger-spec/extensions_v1beta1.json
index a63416a7725..78673810f9b 100644
--- a/api/swagger-spec/extensions_v1beta1.json
+++ b/api/swagger-spec/extensions_v1beta1.json
@@ -6293,7 +6293,7 @@
      },
      "mountPath": {
       "type": "string",
-      "description": "Path within the container at which the volume should be mounted."
+      "description": "Path within the container at which the volume should be mounted.  Must not contain ':'."
      }
     }
    },
diff --git a/api/swagger-spec/v1.json b/api/swagger-spec/v1.json
index 7090c15a9ad..1039410c265 100644
--- a/api/swagger-spec/v1.json
+++ b/api/swagger-spec/v1.json
@@ -16826,7 +16826,7 @@
      },
      "mountPath": {
       "type": "string",
-      "description": "Path within the container at which the volume should be mounted."
+      "description": "Path within the container at which the volume should be mounted.  Must not contain ':'."
      }
     }
    },
diff --git a/docs/api-reference/extensions/v1beta1/definitions.html b/docs/api-reference/extensions/v1beta1/definitions.html
index c91c13282a8..c91639ef4fc 100755
--- a/docs/api-reference/extensions/v1beta1/definitions.html
+++ b/docs/api-reference/extensions/v1beta1/definitions.html
@@ -814,7 +814,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
 </tr>
 <tr>
 <td class="tableblock halign-left valign-top"><p class="tableblock">mountPath</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">Path within the container at which the volume should be mounted.</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Path within the container at which the volume should be mounted.  Must not contain <em>:</em>.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">true</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
 <td class="tableblock halign-left valign-top"></td>
@@ -5591,7 +5591,7 @@ Populated by the system when a graceful deletion is requested. Read-only. More i
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2016-02-27 01:28:36 UTC
+Last updated 2016-02-29 20:12:48 UTC
 </div>
 </div>
 </body>
diff --git a/docs/api-reference/v1/definitions.html b/docs/api-reference/v1/definitions.html
index 0c992b11876..2bb43ced058 100755
--- a/docs/api-reference/v1/definitions.html
+++ b/docs/api-reference/v1/definitions.html
@@ -764,7 +764,7 @@ span.icon > [class^="icon-"], span.icon > [class*=" icon-"] { cursor: default; }
 </tr>
 <tr>
 <td class="tableblock halign-left valign-top"><p class="tableblock">mountPath</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock">Path within the container at which the volume should be mounted.</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Path within the container at which the volume should be mounted.  Must not contain <em>:</em>.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">true</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
 <td class="tableblock halign-left valign-top"></td>
@@ -7488,7 +7488,7 @@ The resulting set of endpoints can be viewed as:<br>
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2016-02-27 01:28:28 UTC
+Last updated 2016-02-29 20:12:40 UTC
 </div>
 </div>
 </body>
diff --git a/pkg/api/types.go b/pkg/api/types.go
index b8693cf3c10..483864a867f 100644
--- a/pkg/api/types.go
+++ b/pkg/api/types.go
@@ -742,7 +742,7 @@ type VolumeMount struct {
 	Name string `json:"name"`
 	// Optional: Defaults to false (read-write).
 	ReadOnly bool `json:"readOnly,omitempty"`
-	// Required.
+	// Required. Must not contain ':'.
 	MountPath string `json:"mountPath"`
 }
 
diff --git a/pkg/api/v1/types.go b/pkg/api/v1/types.go
index 0dea6b477dc..cb52979602f 100644
--- a/pkg/api/v1/types.go
+++ b/pkg/api/v1/types.go
@@ -866,7 +866,8 @@ type VolumeMount struct {
 	// Mounted read-only if true, read-write otherwise (false or unspecified).
 	// Defaults to false.
 	ReadOnly bool `json:"readOnly,omitempty"`
-	// Path within the container at which the volume should be mounted.
+	// Path within the container at which the volume should be mounted.  Must
+	// not contain ':'.
 	MountPath string `json:"mountPath"`
 }
 
diff --git a/pkg/api/v1/types_swagger_doc_generated.go b/pkg/api/v1/types_swagger_doc_generated.go
index 31c102194a5..8a73b803b2f 100644
--- a/pkg/api/v1/types_swagger_doc_generated.go
+++ b/pkg/api/v1/types_swagger_doc_generated.go
@@ -1565,7 +1565,7 @@ var map_VolumeMount = map[string]string{
 	"":          "VolumeMount describes a mounting of a Volume within a container.",
 	"name":      "This must match the Name of a Volume.",
 	"readOnly":  "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.",
-	"mountPath": "Path within the container at which the volume should be mounted.",
+	"mountPath": "Path within the container at which the volume should be mounted.  Must not contain ':'.",
 }
 
 func (VolumeMount) SwaggerDoc() map[string]string {
diff --git a/pkg/api/validation/validation.go b/pkg/api/validation/validation.go
index 5f0d8767be1..ffca7a8d112 100644
--- a/pkg/api/validation/validation.go
+++ b/pkg/api/validation/validation.go
@@ -1091,6 +1091,8 @@ func validateVolumeMounts(mounts []api.VolumeMount, volumes sets.String, fldPath
 		}
 		if len(mnt.MountPath) == 0 {
 			allErrs = append(allErrs, field.Required(idxPath.Child("mountPath"), ""))
+		} else if strings.Contains(mnt.MountPath, ":") {
+			allErrs = append(allErrs, field.Invalid(idxPath.Child("mountPath"), mnt.MountPath, "must not contain ':'"))
 		}
 	}
 	return allErrs
diff --git a/pkg/api/validation/validation_test.go b/pkg/api/validation/validation_test.go
index daa43655165..b8b6e68b413 100644
--- a/pkg/api/validation/validation_test.go
+++ b/pkg/api/validation/validation_test.go
@@ -1134,6 +1134,7 @@ func TestValidateVolumeMounts(t *testing.T) {
 		"empty name":      {{Name: "", MountPath: "/foo"}},
 		"name not found":  {{Name: "", MountPath: "/foo"}},
 		"empty mountpath": {{Name: "abc", MountPath: ""}},
+		"colon mountpath": {{Name: "abc", MountPath: "foo:bar"}},
 	}
 	for k, v := range errorCases {
 		if errs := validateVolumeMounts(v, volumes, field.NewPath("field")); len(errs) == 0 {