github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-30 06:54:01 +00:00
Code Issues Projects Releases Wiki Activity

Add size limit for ConfigMap

Browse Source
This commit is contained in:
Paul Morie 2016-01-20 23:14:37 -05:00
parent 298028dc8b
commit defd1d0544
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/api/validation/validation.go
View File

@ -1999,10 +1999,16 @@ func ValidateConfigMap(cfg *api.ConfigMap) field.ErrorList {
allErrs := field.ErrorList{} allErrs := field.ErrorList{}
allErrs = append(allErrs, ValidateObjectMeta(&cfg.ObjectMeta, true, ValidateConfigMapName, field.NewPath("metadata"))...) allErrs = append(allErrs, ValidateObjectMeta(&cfg.ObjectMeta, true, ValidateConfigMapName, field.NewPath("metadata"))...)
for key := range cfg.Data { totalSize := 0
for key, value := range cfg.Data {
if !IsSecretKey(key) { if !IsSecretKey(key) {
allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, fmt.Sprintf("must have at most %d characters and match regex %s", validation.DNS1123SubdomainMaxLength, SecretKeyFmt))) allErrs = append(allErrs, field.Invalid(field.NewPath("data").Key(key), key, fmt.Sprintf("must have at most %d characters and match regex %s", validation.DNS1123SubdomainMaxLength, SecretKeyFmt)))
} }
totalSize += len(value)
}
if totalSize > api.MaxSecretSize {
allErrs = append(allErrs, field.TooLong(field.NewPath("data"), "", api.MaxSecretSize))
} }
return allErrs return allErrs

2
pkg/api/validation/validation_test.go
View File

@ -4480,6 +4480,7 @@ func TestValidateConfigMap(t *testing.T) {
dotKey = newConfigMap("validname", "validns", map[string]string{".": "value"}) dotKey = newConfigMap("validname", "validns", map[string]string{".": "value"})
doubleDotKey = newConfigMap("validname", "validns", map[string]string{"..": "value"}) doubleDotKey = newConfigMap("validname", "validns", map[string]string{"..": "value"})
overMaxKeyLength = newConfigMap("validname", "validns", map[string]string{strings.Repeat("a", 254): "value"}) overMaxKeyLength = newConfigMap("validname", "validns", map[string]string{strings.Repeat("a", 254): "value"})
overMaxSize = newConfigMap("validname", "validns", map[string]string{"key": strings.Repeat("a", api.MaxSecretSize+1)})
) )
tests := map[string]struct { tests := map[string]struct {
@ -4497,6 +4498,7 @@ func TestValidateConfigMap(t *testing.T) {
"dot key": {dotKey, false}, "dot key": {dotKey, false},
"double dot key": {doubleDotKey, false}, "double dot key": {doubleDotKey, false},
"over max key length": {overMaxKeyLength, false}, "over max key length": {overMaxKeyLength, false},
"over max size": {overMaxSize, false},
} }
for name, tc := range tests { for name, tc := range tests {