Merge pull request #103390 from ironyman/validators

Use system-validators v1.5.0
This commit is contained in:
Kubernetes Prow Robot 2021-07-07 08:56:56 -07:00 committed by GitHub
commit f166221f10
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 24 additions and 10 deletions

4
go.mod
View File

@ -131,7 +131,7 @@ require (
k8s.io/mount-utils v0.0.0
k8s.io/pod-security-admission v0.0.0
k8s.io/sample-apiserver v0.0.0
k8s.io/system-validators v1.4.0
k8s.io/system-validators v1.5.0
k8s.io/utils v0.0.0-20210521133846-da695404a2bc
sigs.k8s.io/structured-merge-diff/v4 v4.1.2
sigs.k8s.io/yaml v1.2.0
@ -514,7 +514,7 @@ replace (
k8s.io/sample-apiserver => ./staging/src/k8s.io/sample-apiserver
k8s.io/sample-cli-plugin => ./staging/src/k8s.io/sample-cli-plugin
k8s.io/sample-controller => ./staging/src/k8s.io/sample-controller
k8s.io/system-validators => k8s.io/system-validators v1.4.0
k8s.io/system-validators => k8s.io/system-validators v1.5.0
k8s.io/utils => k8s.io/utils v0.0.0-20210521133846-da695404a2bc
modernc.org/cc => modernc.org/cc v1.0.0
modernc.org/golex => modernc.org/golex v1.0.0

4
go.sum
View File

@ -589,8 +589,8 @@ k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM=
k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e h1:KLHHjkdQFomZy8+06csTWZ0m1343QqxZhR2LJ1OxCYM=
k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
k8s.io/system-validators v1.4.0 h1:8ruXIHkuTAGfv9rHJproNWFW8oLASThFkCOxeHPYkNU=
k8s.io/system-validators v1.4.0/go.mod h1:bPldcLgkIUK22ALflnsXk8pvkTEndYdNuaHH6gRrl0Q=
k8s.io/system-validators v1.5.0 h1:gGgluCTkpKc/zUszjamp4LFfMVM0wuYG2qjIFL4MMeQ=
k8s.io/system-validators v1.5.0/go.mod h1:bPldcLgkIUK22ALflnsXk8pvkTEndYdNuaHH6gRrl0Q=
k8s.io/utils v0.0.0-20210521133846-da695404a2bc h1:dx6VGe+PnOW/kD/2UV4aUSsRfJGd7+lcqgJ6Xg0HwUs=
k8s.io/utils v0.0.0-20210521133846-da695404a2bc/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw=

View File

@ -17,6 +17,7 @@ limitations under the License.
package system
import (
"bytes"
"encoding/json"
"os/exec"
"regexp"
@ -63,16 +64,27 @@ func (d *DockerValidator) Validate(spec SysSpec) ([]error, []error) {
// Run 'docker info' with a JSON output and unmarshal it into a dockerInfo object
info := dockerInfo{}
out, err := exec.Command("docker", "info", "--format", "{{json .}}").CombinedOutput()
cmd := exec.Command("docker", "info", "--format", "{{json .}}")
// Stderr can contain warnings despite docker info success.
var outb, errb bytes.Buffer
cmd.Stdout = &outb
cmd.Stderr = &errb
err := cmd.Run()
if err != nil {
return nil, []error{errors.Errorf(`failed executing "docker info --format '{{json .}}'"\noutput: %s\nerror: %v`, string(out), err)}
return nil, []error{errors.Errorf(`failed executing "docker info --format '{{json .}}'"\noutput: %s\nstderr: %s\nerror: %v`, outb.String(), errb.String(), err)}
}
if err := d.unmarshalDockerInfo(out, &info); err != nil {
if err := d.unmarshalDockerInfo(outb.Bytes(), &info); err != nil {
return nil, []error{err}
}
// validate the resulted docker info object against the spec
return d.validateDockerInfo(spec.RuntimeSpec.DockerSpec, info)
warnings, errs := d.validateDockerInfo(spec.RuntimeSpec.DockerSpec, info)
if len(errb.String()) > 0 {
warnings = append(warnings, errors.Errorf(`the command "docker info --format '{{json.}}'" succeeded with potential warnings\noutput: %s`, errb.String()))
}
return warnings, errs
}
func (d *DockerValidator) unmarshalDockerInfo(b []byte, info *dockerInfo) error {

View File

@ -57,6 +57,8 @@ var DefaultSysSpec = SysSpec{
{Name: "BLK_DEV_DM", Description: "Required for devicemapper."},
{Name: "CFS_BANDWIDTH", Description: "Required for CPU quota."},
{Name: "CGROUP_HUGETLB", Description: "Required for hugetlb cgroup."},
{Name: "SECCOMP", Description: "Required for seccomp."},
{Name: "SECCOMP_FILTER", Description: "Required for seccomp mode 2."},
},
Forbidden: []KernelConfig{},
},

4
vendor/modules.txt vendored
View File

@ -2262,7 +2262,7 @@ k8s.io/sample-apiserver/pkg/generated/openapi
k8s.io/sample-apiserver/pkg/registry
k8s.io/sample-apiserver/pkg/registry/wardle/fischer
k8s.io/sample-apiserver/pkg/registry/wardle/flunder
# k8s.io/system-validators v1.4.0 => k8s.io/system-validators v1.4.0
# k8s.io/system-validators v1.5.0 => k8s.io/system-validators v1.5.0
## explicit
k8s.io/system-validators/validators
# k8s.io/utils v0.0.0-20210521133846-da695404a2bc => k8s.io/utils v0.0.0-20210521133846-da695404a2bc
@ -2748,7 +2748,7 @@ sigs.k8s.io/yaml
# k8s.io/sample-apiserver => ./staging/src/k8s.io/sample-apiserver
# k8s.io/sample-cli-plugin => ./staging/src/k8s.io/sample-cli-plugin
# k8s.io/sample-controller => ./staging/src/k8s.io/sample-controller
# k8s.io/system-validators => k8s.io/system-validators v1.4.0
# k8s.io/system-validators => k8s.io/system-validators v1.5.0
# k8s.io/utils => k8s.io/utils v0.0.0-20210521133846-da695404a2bc
# modernc.org/cc => modernc.org/cc v1.0.0
# modernc.org/golex => modernc.org/golex v1.0.0