Merge pull request #57990 from krmayankk/disrupt

Automatic merge from submit-queue (batch tested with PRs 57973, 57990). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Fix RunAsUserId validation Use validation.IsValidUserID to properly check for valid UserId in RunAsUser field of SecurityContext. release-note NONE
2025-07-21 19:01:49 +00:00 · 2018-01-25 18:29:34 -08:00 · 2018-01-25 18:29:34 -08:00 · d32624ab85
commit d32624ab85
parent bf111161b7 eac49159a9
2 changed files with 3 additions and 3 deletions
--- a/pkg/apis/core/validation/validation.go
+++ b/pkg/apis/core/validation/validation.go
@ -4813,8 +4813,8 @@ func ValidateSecurityContext(sc *core.SecurityContext, fldPath *field.Path) fiel
 	}

 	if sc.RunAsUser != nil {
-		if *sc.RunAsUser < 0 {
-			allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, isNegativeErrorMsg))
+		for _, msg := range validation.IsValidUserID(*sc.RunAsUser) {
+			allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *sc.RunAsUser, msg))
 		}
 	}

--- a/pkg/apis/core/validation/validation_test.go
+++ b/pkg/apis/core/validation/validation_test.go
@ -11752,7 +11752,7 @@ func TestValidateSecurityContext(t *testing.T) {
 		"negative RunAsUser": {
 			sc:          negativeRunAsUser,
 			errorType:   "FieldValueInvalid",
-			errorDetail: isNegativeErrorMsg,
+			errorDetail: "must be between",
 		},
 	}
 	for k, v := range errorCases {