mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 04:06:03 +00:00
Add size limit for ConfigMap
This commit is contained in:
parent
298028dc8b
commit
defd1d0544
@ -1999,10 +1999,16 @@ func ValidateConfigMap(cfg *api.ConfigMap) field.ErrorList {
|
||||
allErrs := field.ErrorList{}
|
||||
allErrs = append(allErrs, ValidateObjectMeta(&cfg.ObjectMeta, true, ValidateConfigMapName, field.NewPath("metadata"))...)
|
||||
|
||||
for key := range cfg.Data {
|
||||
totalSize := 0
|
||||
|
||||
for key, value := range cfg.Data {
|
||||
if !IsSecretKey(key) {
|
||||
allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, fmt.Sprintf("must have at most %d characters and match regex %s", validation.DNS1123SubdomainMaxLength, SecretKeyFmt)))
|
||||
}
|
||||
totalSize += len(value)
|
||||
}
|
||||
if totalSize > api.MaxSecretSize {
|
||||
allErrs = append(allErrs, field.TooLong(field.NewPath("data"), "", api.MaxSecretSize))
|
||||
}
|
||||
|
||||
return allErrs
|
||||
|
@ -4480,6 +4480,7 @@ func TestValidateConfigMap(t *testing.T) {
|
||||
dotKey = newConfigMap("validname", "validns", map[string]string{".": "value"})
|
||||
doubleDotKey = newConfigMap("validname", "validns", map[string]string{"..": "value"})
|
||||
overMaxKeyLength = newConfigMap("validname", "validns", map[string]string{strings.Repeat("a", 254): "value"})
|
||||
overMaxSize = newConfigMap("validname", "validns", map[string]string{"key": strings.Repeat("a", api.MaxSecretSize+1)})
|
||||
)
|
||||
|
||||
tests := map[string]struct {
|
||||
@ -4497,6 +4498,7 @@ func TestValidateConfigMap(t *testing.T) {
|
||||
"dot key": {dotKey, false},
|
||||
"double dot key": {doubleDotKey, false},
|
||||
"over max key length": {overMaxKeyLength, false},
|
||||
"over max size": {overMaxSize, false},
|
||||
}
|
||||
|
||||
for name, tc := range tests {
|
||||
|
Loading…
Reference in New Issue
Block a user