Merge pull request #326 from thockin/valid2

First piece ofn actual validation
This commit is contained in:
brendandburns 2014-07-01 15:40:13 -07:00
commit ec01289aeb
3 changed files with 121 additions and 7 deletions

57
pkg/api/validation.go Normal file
View File

@ -0,0 +1,57 @@
/*
Copyright 2014 Google Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package api
import (
"fmt"
"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
)
func isSupportedManifestVersion(value string) bool {
switch value {
case "v1beta1", "v1beta2":
return true
}
return false
}
func isInvalid(field string, value interface{}) error {
return fmt.Errorf("%s is invalid: '%v'", field, value)
}
func isNotSupported(field string, value interface{}) error {
return fmt.Errorf("%s is not supported: '%v'", field, value)
}
// ValidateManifest tests that the specified ContainerManifest has valid data.
// This includes checking formatting and uniqueness. It also canonicalizes the
// structure by setting default values and implementing any backwards-compatibility
// tricks.
func ValidateManifest(manifest *ContainerManifest) error {
if len(manifest.Version) == 0 {
return isInvalid("ContainerManifest.Version", manifest.Version)
}
if !isSupportedManifestVersion(manifest.Version) {
return isNotSupported("ContainerManifest.Version", manifest.Version)
}
if len(manifest.ID) > 255 || !util.IsDNSSubdomain(manifest.ID) {
return isInvalid("ContainerManifest.ID", manifest.ID)
}
// TODO(thockin): finish validation.
return nil
}

View File

@ -0,0 +1,50 @@
/*
Copyright 2014 Google Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package api
import (
"strings"
"testing"
)
func TestValidateManifest(t *testing.T) {
successCases := []ContainerManifest{
{Version: "v1beta1", ID: "abc"},
{Version: "v1beta1", ID: "123"},
{Version: "v1beta1", ID: "abc.123.do-re-mi"},
}
for _, manifest := range successCases {
err := ValidateManifest(&manifest)
if err != nil {
t.Errorf("expected success: %v", err)
}
}
errorCases := map[string]ContainerManifest{
"empty version": {Version: "", ID: "abc"},
"invalid version": {Version: "bogus", ID: "abc"},
"zero-length id": {Version: "v1beta1", ID: ""},
"id > 255 characters": {Version: "v1beta1", ID: strings.Repeat("a", 256)},
"id not a DNS subdomain": {Version: "v1beta1", ID: "a.b.c."},
}
for k, v := range errorCases {
err := ValidateManifest(&v)
if err == nil {
t.Errorf("expected failure for %s", k)
}
}
}

View File

@ -141,7 +141,7 @@ func (kl *Kubelet) RunKubelet(config_path, manifest_url, etcd_servers, address,
}
go util.Forever(func() { s.ListenAndServe() }, 0)
}
kl.RunSyncLoop(updateChannel, kl)
kl.syncLoop(updateChannel, kl)
}
// Interface implemented by Kubelet, for testability
@ -730,13 +730,13 @@ func (kl *Kubelet) SyncManifests(config []api.ContainerManifest) error {
return err
}
// runSyncLoop is the main loop for processing changes. It watches for changes from
// syncLoop is the main loop for processing changes. It watches for changes from
// four channels (file, etcd, server, and http) and creates a union of them. For
// any new change seen, will run a sync against desired state and running state. If
// no changes are seen to the configuration, will synchronize the last known desired
// state every sync_frequency seconds.
// Never returns.
func (kl *Kubelet) RunSyncLoop(updateChannel <-chan manifestUpdate, handler SyncHandler) {
func (kl *Kubelet) syncLoop(updateChannel <-chan manifestUpdate, handler SyncHandler) {
last := make(map[string][]api.ContainerManifest)
for {
select {
@ -746,12 +746,19 @@ func (kl *Kubelet) RunSyncLoop(updateChannel <-chan manifestUpdate, handler Sync
case <-time.After(kl.SyncFrequency):
}
manifests := []api.ContainerManifest{}
for _, m := range last {
manifests = append(manifests, m...)
allManifests := []api.ContainerManifest{}
for src, srcManifests := range last {
for i := range srcManifests {
m := &srcManifests[i]
if err := api.ValidateManifest(m); err != nil {
glog.Warningf("Manifest from %s failed validation, ignoring: %v", src, err)
continue
}
}
allManifests = append(allManifests, srcManifests...)
}
err := handler.SyncManifests(manifests)
err := handler.SyncManifests(allManifests)
if err != nil {
glog.Errorf("Couldn't sync containers : %v", err)
}