validation

package
v1.10.11-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 13, 2018 License: Apache-2.0 Imports: 38 Imported by: 0

Documentation

Overview

Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid.

Index

Constants

View Source
const (
	ReportingInstanceLengthLimit = 128
	ActionLengthLimit            = 128
	ReasonLengthLimit            = 128
	NoteLengthLimit              = 1024
)
View Source
const (
	// Limits on various DNS parameters. These are derived from
	// restrictions in Linux libc name resolution handling.
	// Max number of DNS name servers.
	MaxDNSNameservers = 3
	// Max number of domains in search path.
	MaxDNSSearchPaths = 6
	// Max number of characters in search path.
	MaxDNSSearchListChars = 256
)
View Source
const (
	// a sysctl segment regex, concatenated with dots to form a sysctl name
	SysctlSegmentFmt string = "[a-z0-9]([-_a-z0-9]*[a-z0-9])?"

	// a sysctl name regex
	SysctlFmt string = "(" + SysctlSegmentFmt + "\\.)*" + SysctlSegmentFmt

	// the maximal length of a sysctl name
	SysctlMaxLength int = 253
)

Variables

BannedOwners is a black list of object that are not allowed to be owners.

TODO: delete this global variable when we enable the validation of common fields by default.

View Source
var ValidateClassName = NameIsDNSSubdomain

ValidateClassName can be used to check whether the given class name is valid. It is defined here to avoid import cycle between pkg/apis/storage/validation (where it should be) and this file.

ValidateClusterName can be used to check whether the given cluster name is valid.

View Source
var ValidateConfigMapName = NameIsDNSSubdomain

ValidateConfigMapName can be used to check whether the given ConfigMap name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateEndpointsName = NameIsDNSSubdomain

ValidateEndpointsName can be used to check whether the given endpoints name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateLimitRangeName = NameIsDNSSubdomain

ValidateLimitRangeName can be used to check whether the given limit range name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

ValidateNamespaceName can be used to check whether the given namespace name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateNodeName = NameIsDNSSubdomain

ValidateNodeName can be used to check whether the given node name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidatePersistentVolumeName = NameIsDNSSubdomain

ValidatePersistentVolumeName checks that a name is appropriate for a PersistentVolumeName object.

View Source
var ValidatePodName = NameIsDNSSubdomain

ValidatePodName can be used to check whether the given pod name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidatePriorityClassName = NameIsDNSSubdomain

ValidatePiorityClassName can be used to check whether the given priority class name is valid.

View Source
var ValidateReplicationControllerName = NameIsDNSSubdomain

ValidateReplicationControllerName can be used to check whether the given replication controller name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateResourceQuotaName = NameIsDNSSubdomain

ValidateResourceQuotaName can be used to check whether the given resource quota name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateSecretName = NameIsDNSSubdomain

ValidateSecretName can be used to check whether the given secret name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

ValidateServiceAccountName can be used to check whether the given service account name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateServiceName = NameIsDNS1035Label

ValidateServiceName can be used to check whether the given service name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

Functions

func AccumulateUniqueHostPorts

func AccumulateUniqueHostPorts(containers []core.Container, accumulator *sets.String, fldPath *field.Path) field.ErrorList

AccumulateUniqueHostPorts extracts each HostPort of each Container, accumulating the results and returning an error if any ports conflict.

func GetVolumeDeviceMap

func GetVolumeDeviceMap(devices []core.VolumeDevice) map[string]string

func GetVolumeMountMap

func GetVolumeMountMap(mounts []core.VolumeMount) map[string]string

func IsDecremented added in v1.10.8

func IsDecremented(update, old *int32) bool

func IsMatchedVolume

func IsMatchedVolume(name string, volumes map[string]core.VolumeSource) bool

func IsValidSysctlName

func IsValidSysctlName(name string) bool

IsValidSysctlName checks that the given string is a valid sysctl name, i.e. matches SysctlFmt.

func NameIsDNS1035Label

func NameIsDNS1035Label(name string, prefix bool) []string

NameIsDNS1035Label is a ValidateNameFunc for names that must be a DNS 952 label.

func NameIsDNSSubdomain

func NameIsDNSSubdomain(name string, prefix bool) []string

TODO update all references to these functions to point to the apimachineryvalidation ones NameIsDNSSubdomain is a ValidateNameFunc for names that must be a DNS subdomain.

func ValidateAnnotations

func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAnnotations validates that a set of annotations are correctly defined.

func ValidateAppArmorPodAnnotations

func ValidateAppArmorPodAnnotations(annotations map[string]string, spec *core.PodSpec, fldPath *field.Path) field.ErrorList

func ValidateAvoidPodsInNodeAnnotations

func ValidateAvoidPodsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAvoidPodsInNodeAnnotations tests that the serialized AvoidPods in Node.Annotations has valid data

func ValidateCIDR

func ValidateCIDR(cidr string) (*net.IPNet, error)

ValidateCIDR validates whether a CIDR matches the conventions expected by net.ParseCIDR

func ValidateConfigMap

func ValidateConfigMap(cfg *core.ConfigMap) field.ErrorList

ValidateConfigMap tests whether required fields in the ConfigMap are set.

func ValidateConfigMapUpdate

func ValidateConfigMapUpdate(newCfg, oldCfg *core.ConfigMap) field.ErrorList

ValidateConfigMapUpdate tests if required fields in the ConfigMap are set.

func ValidateContainerStateTransition added in v1.10.8

func ValidateContainerStateTransition(newStatuses, oldStatuses []core.ContainerStatus, fldpath *field.Path, restartPolicy core.RestartPolicy) field.ErrorList

ValidateContainerStateTransition test to if any illegal container state transitions are being attempted

func ValidateContainerUpdates

func ValidateContainerUpdates(newContainers, oldContainers []core.Container, fldPath *field.Path) (allErrs field.ErrorList, stop bool)

func ValidateDNS1123Label

func ValidateDNS1123Label(value string, fldPath *field.Path) field.ErrorList

func ValidateDNS1123Subdomain

func ValidateDNS1123Subdomain(value string, fldPath *field.Path) field.ErrorList

ValidateDNS1123Subdomain validates that a name is a proper DNS subdomain.

func ValidateEndpoints

func ValidateEndpoints(endpoints *core.Endpoints) field.ErrorList

ValidateEndpoints tests if required fields are set.

func ValidateEndpointsSpecificAnnotations

func ValidateEndpointsSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateEndpointsUpdate

func ValidateEndpointsUpdate(newEndpoints, oldEndpoints *core.Endpoints) field.ErrorList

ValidateEndpointsUpdate tests to make sure an endpoints update can be applied.

func ValidateEnv

func ValidateEnv(vars []core.EnvVar, fldPath *field.Path) field.ErrorList

ValidateEnv validates env vars

func ValidateEnvFrom

func ValidateEnvFrom(vars []core.EnvFromSource, fldPath *field.Path) field.ErrorList

func ValidateEvent

func ValidateEvent(event *core.Event) field.ErrorList

ValidateEvent makes sure that the event makes sense.

func ValidateHasLabel

func ValidateHasLabel(meta metav1.ObjectMeta, fldPath *field.Path, key, expectedValue string) field.ErrorList

ValidateHasLabel requires that metav1.ObjectMeta has a Label with key and expectedValue

func ValidateHostAliases

func ValidateHostAliases(hostAliases []core.HostAlias, fldPath *field.Path) field.ErrorList

func ValidateImmutableAnnotation

func ValidateImmutableAnnotation(newVal string, oldVal string, annotation string, fldPath *field.Path) field.ErrorList

func ValidateImmutableField

func ValidateImmutableField(newVal, oldVal interface{}, fldPath *field.Path) field.ErrorList

func ValidateLimitRange

func ValidateLimitRange(limitRange *core.LimitRange) field.ErrorList

ValidateLimitRange tests if required fields in the LimitRange are set.

func ValidateLoadBalancerStatus

func ValidateLoadBalancerStatus(status *core.LoadBalancerStatus, fldPath *field.Path) field.ErrorList

ValidateLoadBalancerStatus validates required fields on a LoadBalancerStatus

func ValidateNamespace

func ValidateNamespace(namespace *core.Namespace) field.ErrorList

ValidateNamespace tests if required fields are set.

func ValidateNamespaceFinalizeUpdate

func ValidateNamespaceFinalizeUpdate(newNamespace, oldNamespace *core.Namespace) field.ErrorList

ValidateNamespaceFinalizeUpdate tests to see if the update is legal for an end user to make. newNamespace is updated with fields that cannot be changed.

func ValidateNamespaceStatusUpdate

func ValidateNamespaceStatusUpdate(newNamespace, oldNamespace *core.Namespace) field.ErrorList

ValidateNamespaceStatusUpdate tests to see if the update is legal for an end user to make. newNamespace is updated with fields that cannot be changed.

func ValidateNamespaceUpdate

func ValidateNamespaceUpdate(newNamespace *core.Namespace, oldNamespace *core.Namespace) field.ErrorList

ValidateNamespaceUpdate tests to make sure a namespace update can be applied. newNamespace is updated with fields that cannot be changed

func ValidateNode

func ValidateNode(node *core.Node) field.ErrorList

ValidateNode tests if required fields in the node are set.

func ValidateNodeResources

func ValidateNodeResources(node *core.Node) field.ErrorList

ValidateNodeResources is used to make sure a node has valid capacity and allocatable values.

func ValidateNodeSelector

func ValidateNodeSelector(nodeSelector *core.NodeSelector, fldPath *field.Path) field.ErrorList

ValidateNodeSelector tests that the specified nodeSelector fields has valid data

func ValidateNodeSelectorRequirement

func ValidateNodeSelectorRequirement(rq core.NodeSelectorRequirement, fldPath *field.Path) field.ErrorList

ValidateNodeSelectorRequirement tests that the specified NodeSelectorRequirement fields has valid data

func ValidateNodeSelectorTerm

func ValidateNodeSelectorTerm(term core.NodeSelectorTerm, fldPath *field.Path) field.ErrorList

ValidateNodeSelectorTerm tests that the specified node selector term has valid data

func ValidateNodeSpecificAnnotations

func ValidateNodeSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateNodeUpdate

func ValidateNodeUpdate(node, oldNode *core.Node) field.ErrorList

ValidateNodeUpdate tests to make sure a node update can be applied. Modifies oldNode.

func ValidateNonEmptySelector

func ValidateNonEmptySelector(selectorMap map[string]string, fldPath *field.Path) field.ErrorList

Validates that the given selector is non-empty.

func ValidateNonnegativeField

func ValidateNonnegativeField(value int64, fldPath *field.Path) field.ErrorList

Validates that given value is not negative.

func ValidateNonnegativeQuantity

func ValidateNonnegativeQuantity(value resource.Quantity, fldPath *field.Path) field.ErrorList

Validates that a Quantity is not negative

func ValidateObjectMeta

func ValidateObjectMeta(meta *metav1.ObjectMeta, requiresNamespace bool, nameFn ValidateNameFunc, fldPath *field.Path) field.ErrorList

ValidateObjectMeta validates an object's metadata on creation. It expects that name generation has already been performed. It doesn't return an error for rootscoped resources with namespace, because namespace should already be cleared before. TODO: Remove calls to this method scattered in validations of specific resources, e.g., ValidatePodUpdate.

func ValidateObjectMetaUpdate

func ValidateObjectMetaUpdate(newMeta, oldMeta *metav1.ObjectMeta, fldPath *field.Path) field.ErrorList

ValidateObjectMetaUpdate validates an object's metadata when updated

func ValidatePersistentVolume

func ValidatePersistentVolume(pv *core.PersistentVolume) field.ErrorList

func ValidatePersistentVolumeClaim

func ValidatePersistentVolumeClaim(pvc *core.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaim validates a PersistentVolumeClaim

func ValidatePersistentVolumeClaimSpec

func ValidatePersistentVolumeClaimSpec(spec *core.PersistentVolumeClaimSpec, fldPath *field.Path) field.ErrorList

ValidatePersistentVolumeClaimSpec validates a PersistentVolumeClaimSpec

func ValidatePersistentVolumeClaimStatusUpdate

func ValidatePersistentVolumeClaimStatusUpdate(newPvc, oldPvc *core.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaimStatusUpdate validates an update to status of a PersistentVolumeClaim

func ValidatePersistentVolumeClaimUpdate

func ValidatePersistentVolumeClaimUpdate(newPvc, oldPvc *core.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaimUpdate validates an update to a PersistentVolumeClaim

func ValidatePersistentVolumeStatusUpdate

func ValidatePersistentVolumeStatusUpdate(newPv, oldPv *core.PersistentVolume) field.ErrorList

ValidatePersistentVolumeStatusUpdate tests to see if the status update is legal for an end user to make. newPv is updated with fields that cannot be changed.

func ValidatePersistentVolumeUpdate

func ValidatePersistentVolumeUpdate(newPv, oldPv *core.PersistentVolume) field.ErrorList

ValidatePersistentVolumeUpdate tests to see if the update is legal for an end user to make. newPv is updated with fields that cannot be changed.

func ValidatePod

func ValidatePod(pod *core.Pod) field.ErrorList

ValidatePod tests if required fields in the pod are set.

func ValidatePodBinding

func ValidatePodBinding(binding *core.Binding) field.ErrorList

ValidatePodBinding tests if required fields in the pod binding are legal.

func ValidatePodLogOptions

func ValidatePodLogOptions(opts *core.PodLogOptions) field.ErrorList

func ValidatePodSecurityContext

func ValidatePodSecurityContext(securityContext *core.PodSecurityContext, spec *core.PodSpec, specPath, fldPath *field.Path) field.ErrorList

ValidatePodSecurityContext test that the specified PodSecurityContext has valid data.

func ValidatePodSpec

func ValidatePodSpec(spec *core.PodSpec, fldPath *field.Path) field.ErrorList

ValidatePodSpec tests that the specified PodSpec has valid data. This includes checking formatting and uniqueness. It also canonicalizes the structure by setting default values and implementing any backwards-compatibility tricks.

func ValidatePodSpecificAnnotationUpdates

func ValidatePodSpecificAnnotationUpdates(newPod, oldPod *core.Pod, fldPath *field.Path) field.ErrorList

func ValidatePodSpecificAnnotations

func ValidatePodSpecificAnnotations(annotations map[string]string, spec *core.PodSpec, fldPath *field.Path) field.ErrorList

func ValidatePodStatusUpdate

func ValidatePodStatusUpdate(newPod, oldPod *core.Pod) field.ErrorList

ValidatePodStatusUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePodTemplate

func ValidatePodTemplate(pod *core.PodTemplate) field.ErrorList

ValidatePodTemplate tests if required fields in the pod template are set.

func ValidatePodTemplateSpec

func ValidatePodTemplateSpec(spec *core.PodTemplateSpec, fldPath *field.Path) field.ErrorList

ValidatePodTemplateSpec validates the spec of a pod template

func ValidatePodTemplateSpecForRC

func ValidatePodTemplateSpecForRC(template *core.PodTemplateSpec, selectorMap map[string]string, replicas int32, fldPath *field.Path) field.ErrorList

Validates the given template and ensures that it is in accordance with the desired selector and replicas.

func ValidatePodTemplateUpdate

func ValidatePodTemplateUpdate(newPod, oldPod *core.PodTemplate) field.ErrorList

ValidatePodTemplateUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePodUpdate

func ValidatePodUpdate(newPod, oldPod *core.Pod) field.ErrorList

ValidatePodUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePortNumOrName

func ValidatePortNumOrName(port intstr.IntOrString, fldPath *field.Path) field.ErrorList

func ValidatePositiveQuantityValue

func ValidatePositiveQuantityValue(value resource.Quantity, fldPath *field.Path) field.ErrorList

Validates that a Quantity is positive

func ValidatePreferredSchedulingTerms

func ValidatePreferredSchedulingTerms(terms []core.PreferredSchedulingTerm, fldPath *field.Path) field.ErrorList

ValidatePreferredSchedulingTerms tests that the specified SoftNodeAffinity fields has valid data

func ValidateReadOnlyPersistentDisks

func ValidateReadOnlyPersistentDisks(volumes []core.Volume, fldPath *field.Path) field.ErrorList

func ValidateReplicationController

func ValidateReplicationController(controller *core.ReplicationController) field.ErrorList

ValidateReplicationController tests if required fields in the replication controller are set.

func ValidateReplicationControllerSpec

func ValidateReplicationControllerSpec(spec *core.ReplicationControllerSpec, fldPath *field.Path) field.ErrorList

ValidateReplicationControllerSpec tests if required fields in the replication controller spec are set.

func ValidateReplicationControllerStatus

func ValidateReplicationControllerStatus(status core.ReplicationControllerStatus, statusPath *field.Path) field.ErrorList

func ValidateReplicationControllerStatusUpdate

func ValidateReplicationControllerStatusUpdate(controller, oldController *core.ReplicationController) field.ErrorList

ValidateReplicationControllerStatusUpdate tests if required fields in the replication controller are set.

func ValidateReplicationControllerUpdate

func ValidateReplicationControllerUpdate(controller, oldController *core.ReplicationController) field.ErrorList

ValidateReplicationControllerUpdate tests if required fields in the replication controller are set.

func ValidateResourceQuantityValue

func ValidateResourceQuantityValue(resource string, value resource.Quantity, fldPath *field.Path) field.ErrorList

ValidateResourceQuantityValue enforces that specified quantity is valid for specified resource

func ValidateResourceQuota

func ValidateResourceQuota(resourceQuota *core.ResourceQuota) field.ErrorList

ValidateResourceQuota tests if required fields in the ResourceQuota are set.

func ValidateResourceQuotaResourceName

func ValidateResourceQuotaResourceName(value string, fldPath *field.Path) field.ErrorList

Validate resource names that can go in a resource quota Refer to docs/design/resources.md for more details.

func ValidateResourceQuotaSpec

func ValidateResourceQuotaSpec(resourceQuotaSpec *core.ResourceQuotaSpec, fld *field.Path) field.ErrorList

func ValidateResourceQuotaStatus

func ValidateResourceQuotaStatus(status *core.ResourceQuotaStatus, fld *field.Path) field.ErrorList

func ValidateResourceQuotaStatusUpdate

func ValidateResourceQuotaStatusUpdate(newResourceQuota, oldResourceQuota *core.ResourceQuota) field.ErrorList

ValidateResourceQuotaStatusUpdate tests to see if the status update is legal for an end user to make. newResourceQuota is updated with fields that cannot be changed.

func ValidateResourceQuotaUpdate

func ValidateResourceQuotaUpdate(newResourceQuota, oldResourceQuota *core.ResourceQuota) field.ErrorList

ValidateResourceQuotaUpdate tests to see if the update is legal for an end user to make. newResourceQuota is updated with fields that cannot be changed.

func ValidateResourceRequirements

func ValidateResourceRequirements(requirements *core.ResourceRequirements, fldPath *field.Path) field.ErrorList

Validates resource requirement spec.

func ValidateSeccompPodAnnotations

func ValidateSeccompPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateSeccompProfile

func ValidateSeccompProfile(p string, fldPath *field.Path) field.ErrorList

func ValidateSecret

func ValidateSecret(secret *core.Secret) field.ErrorList

ValidateSecret tests if required fields in the Secret are set.

func ValidateSecretUpdate

func ValidateSecretUpdate(newSecret, oldSecret *core.Secret) field.ErrorList

ValidateSecretUpdate tests if required fields in the Secret are set.

func ValidateSecurityContext

func ValidateSecurityContext(sc *core.SecurityContext, fldPath *field.Path) field.ErrorList

ValidateSecurityContext ensure the security context contains valid settings

func ValidateService

func ValidateService(service *core.Service) field.ErrorList

ValidateService tests if required fields/annotations of a Service are valid.

func ValidateServiceAccount

func ValidateServiceAccount(serviceAccount *core.ServiceAccount) field.ErrorList

ValidateServiceAccount tests if required fields in the ServiceAccount are set.

func ValidateServiceAccountUpdate

func ValidateServiceAccountUpdate(newServiceAccount, oldServiceAccount *core.ServiceAccount) field.ErrorList

ValidateServiceAccountUpdate tests if required fields in the ServiceAccount are set.

func ValidateServiceExternalTrafficFieldsCombination

func ValidateServiceExternalTrafficFieldsCombination(service *core.Service) field.ErrorList

ValidateServiceExternalTrafficFieldsCombination validates if ExternalTrafficPolicy, HealthCheckNodePort and Type combination are legal. For update, it should be called after clearing externalTraffic related fields for the ease of transitioning between different service types.

func ValidateServiceStatusUpdate

func ValidateServiceStatusUpdate(service, oldService *core.Service) field.ErrorList

ValidateServiceStatusUpdate tests if required fields in the Service are set when updating status.

func ValidateServiceUpdate

func ValidateServiceUpdate(service, oldService *core.Service) field.ErrorList

ValidateServiceUpdate tests if required fields in the service are set during an update

func ValidateTaintsInNodeAnnotations

func ValidateTaintsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateTaintsInNodeAnnotations tests that the serialized taints in Node.Annotations has valid data

func ValidateTolerations

func ValidateTolerations(tolerations []core.Toleration, fldPath *field.Path) field.ErrorList

ValidateTolerations tests if given tolerations have valid data.

func ValidateTolerationsInPodAnnotations

func ValidateTolerationsInPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateTolerationsInPodAnnotations tests that the serialized tolerations in Pod.Annotations has valid data

func ValidateVolumeDevices

func ValidateVolumeDevices(devices []core.VolumeDevice, volmounts map[string]string, volumes map[string]core.VolumeSource, fldPath *field.Path) field.ErrorList

func ValidateVolumeMounts

func ValidateVolumeMounts(mounts []core.VolumeMount, voldevices map[string]string, volumes map[string]core.VolumeSource, container *core.Container, fldPath *field.Path) field.ErrorList

func ValidateVolumes

func ValidateVolumes(volumes []core.Volume, fldPath *field.Path) (map[string]core.VolumeSource, field.ErrorList)

Types

type ValidateNameFunc

ValidateNameFunc validates that the provided name is valid for a given resource type. Not all resources have the same validation rules for names. Prefix is true if the name will have a value appended to it. If the name is not valid, this returns a list of descriptions of individual characteristics of the value that were not valid. Otherwise this returns an empty list or nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL