github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/pkg/api/validation/validation_test.go

3699 lines
106 KiB
Go
Raw Normal View History

First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
/*
Make copyright ownership statement generic Instead of saying "Google Inc." (which is not always correct) say "The Kubernetes Authors", which is generic.
2015-05-01 16:19:44 +00:00
Copyright 2014 The Kubernetes Authors All rights reserved.
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
Split api into api, api/common, api/validation & apitools
2014-08-29 22:48:41 +00:00
package validation
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
import (
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
"math/rand"
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
"strings"
"testing"
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
"time"
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
rewrite go imports
2015-08-05 22:03:47 +00:00
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/resource"
"k8s.io/kubernetes/pkg/api/testapi"
"k8s.io/kubernetes/pkg/capabilities"
"k8s.io/kubernetes/pkg/util"
utilerrors "k8s.io/kubernetes/pkg/util/errors"
"k8s.io/kubernetes/pkg/util/fielderrors"
errors "k8s.io/kubernetes/pkg/util/fielderrors"
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
)
Move field errors to pkg/util/fielderrors Allows pkg/api to take a reference to labels.Selector and fields.Selector
2015-03-22 21:40:47 +00:00
func expectPrefix(t *testing.T, prefix string, errs fielderrors.ValidationErrorList) {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
for i := range errs {
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
if f, p := errs[i].(*errors.ValidationError).Field, prefix; !strings.HasPrefix(f, p) {
fix error message in validation test
2014-10-07 20:54:41 +00:00
t.Errorf("expected prefix '%s' for field '%s' (%v)", p, f, errs[i])
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
}
}
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
// Ensure custom name functions are allowed
func TestValidateObjectMetaCustomName(t *testing.T) {
errs := ValidateObjectMeta(&api.ObjectMeta{Name: "test", GenerateName: "foo"}, false, func(s string, prefix bool) (bool, string) {
if s == "test" {
return true, ""
}
return false, "name-gen"
})
if len(errs) != 1 {
t.Fatalf("unexpected errors: %v", errs)
}
if !strings.Contains(errs[0].Error(), "name-gen") {
t.Errorf("unexpected error message: %v", errs)
}
}
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
// Ensure namespace names follow dns label format
func TestValidateObjectMetaNamespaces(t *testing.T) {
errs := ValidateObjectMeta(&api.ObjectMeta{Name: "test", Namespace: "foo.bar"}, false, func(s string, prefix bool) (bool, string) {
return true, ""
})
if len(errs) != 1 {
t.Fatalf("unexpected errors: %v", errs)
}
if !strings.Contains(errs[0].Error(), "invalid value 'foo.bar'") {
t.Errorf("unexpected error message: %v", errs)
}
maxLength := 63
letters := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
b := make([]rune, maxLength+1)
for i := range b {
b[i] = letters[rand.Intn(len(letters))]
}
errs = ValidateObjectMeta(&api.ObjectMeta{Name: "test", Namespace: string(b)}, false, func(s string, prefix bool) (bool, string) {
return true, ""
})
if len(errs) != 1 {
t.Fatalf("unexpected errors: %v", errs)
}
if !strings.Contains(errs[0].Error(), "invalid value") {
t.Errorf("unexpected error message: %v", errs)
}
}
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
func TestValidateObjectMetaUpdateIgnoresCreationTimestamp(t *testing.T) {
if errs := ValidateObjectMetaUpdate(
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1"},
Improve signature consistency for ValidateObjectMetaUpdate Fixes #9340 Signed-off-by: Jason Sommer <jsdirv@gmail.com>
2015-06-08 07:56:22 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: util.NewTime(time.Unix(10, 0))},
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
); len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
if errs := ValidateObjectMetaUpdate(
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: util.NewTime(time.Unix(10, 0))},
Improve signature consistency for ValidateObjectMetaUpdate Fixes #9340 Signed-off-by: Jason Sommer <jsdirv@gmail.com>
2015-06-08 07:56:22 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1"},
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
); len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
if errs := ValidateObjectMetaUpdate(
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: util.NewTime(time.Unix(10, 0))},
Improve signature consistency for ValidateObjectMetaUpdate Fixes #9340 Signed-off-by: Jason Sommer <jsdirv@gmail.com>
2015-06-08 07:56:22 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: util.NewTime(time.Unix(11, 0))},
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
); len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
}
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
// Ensure trailing slash is allowed in generate name
func TestValidateObjectMetaTrimsTrailingSlash(t *testing.T) {
expose common name validation methods
2015-06-09 12:53:30 +00:00
errs := ValidateObjectMeta(&api.ObjectMeta{Name: "test", GenerateName: "foo-"}, false, NameIsDNSSubdomain)
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
if len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
}
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
func TestValidateLabels(t *testing.T) {
successCases := []map[string]string{
{"simple": "bar"},
{"now-with-dashes": "bar"},
Loosen DNS 952 for labels
2014-11-20 06:27:11 +00:00
{"1-starts-with-num": "bar"},
{"1234": "bar"},
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
{"simple/simple": "bar"},
{"now-with-dashes/simple": "bar"},
{"now-with-dashes/now-with-dashes": "bar"},
{"now.with.dots/simple": "bar"},
{"now-with.dashes-and.dots/simple": "bar"},
Loosen DNS 952 for labels
2014-11-20 06:27:11 +00:00
{"1-num.2-num/3-num": "bar"},
{"1234/5678": "bar"},
{"1.2.3.4/5678": "bar"},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
{"UpperCaseAreOK123": "bar"},
apply comments
2015-03-02 13:41:13 +00:00
{"goodvalue": "123_-.BaR"},
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
}
for i := range successCases {
Expose ValidateLabels in validation.go for reuse by other components Label validation is common to anyone building kube resources.
2015-01-20 03:32:39 +00:00
errs := ValidateLabels(successCases[i], "field")
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
if len(errs) != 0 {
t.Errorf("case[%d] expected success, got %#v", i, errs)
}
}
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
labelNameErrorCases := []map[string]string{
Loosen DNS 952 for labels
2014-11-20 06:27:11 +00:00
{"nospecialchars^=@": "bar"},
{"cantendwithadash-": "bar"},
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
{"only/one/slash": "bar"},
Loosen DNS 952 for labels
2014-11-20 06:27:11 +00:00
{strings.Repeat("a", 254): "bar"},
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
}
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
for i := range labelNameErrorCases {
errs := ValidateLabels(labelNameErrorCases[i], "field")
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
if len(errs) != 1 {
t.Errorf("case[%d] expected failure", i)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
} else {
detail := errs[0].(*errors.ValidationError).Detail
if detail != qualifiedNameErrorMsg {
t.Errorf("error detail %s should be equal %s", detail, qualifiedNameErrorMsg)
}
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
}
}
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
labelValueErrorCases := []map[string]string{
{"toolongvalue": strings.Repeat("a", 64)},
{"backslashesinvalue": "some\\bad\\value"},
apply comments
2015-03-02 13:41:13 +00:00
{"nocommasallowed": "bad,value"},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
{"strangecharsinvalue": "?#$notsogood"},
}
for i := range labelValueErrorCases {
errs := ValidateLabels(labelValueErrorCases[i], "field")
if len(errs) != 1 {
t.Errorf("case[%d] expected failure", i)
} else {
detail := errs[0].(*errors.ValidationError).Detail
if detail != labelValueErrorMsg {
t.Errorf("error detail %s should be equal %s", detail, labelValueErrorMsg)
}
}
}
Add namespacing for label keys
2014-11-20 06:27:11 +00:00
}
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
func TestValidateAnnotations(t *testing.T) {
successCases := []map[string]string{
{"simple": "bar"},
{"now-with-dashes": "bar"},
{"1-starts-with-num": "bar"},
{"1234": "bar"},
{"simple/simple": "bar"},
{"now-with-dashes/simple": "bar"},
{"now-with-dashes/now-with-dashes": "bar"},
{"now.with.dots/simple": "bar"},
{"now-with.dashes-and.dots/simple": "bar"},
{"1-num.2-num/3-num": "bar"},
{"1234/5678": "bar"},
{"1.2.3.4/5678": "bar"},
{"UpperCase123": "bar"},
apply comments
2015-03-02 13:41:13 +00:00
{"a": strings.Repeat("b", (64*1024)-1)},
{
"a": strings.Repeat("b", (32*1024)-1),
"c": strings.Repeat("d", (32*1024)-1),
},
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
}
for i := range successCases {
errs := ValidateAnnotations(successCases[i], "field")
if len(errs) != 0 {
t.Errorf("case[%d] expected success, got %#v", i, errs)
}
}
apply comments
2015-03-02 13:41:13 +00:00
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
nameErrorCases := []map[string]string{
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
{"nospecialchars^=@": "bar"},
{"cantendwithadash-": "bar"},
{"only/one/slash": "bar"},
{strings.Repeat("a", 254): "bar"},
}
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
for i := range nameErrorCases {
errs := ValidateAnnotations(nameErrorCases[i], "field")
if len(errs) != 1 {
t.Errorf("case[%d] expected failure", i)
}
detail := errs[0].(*errors.ValidationError).Detail
if detail != qualifiedNameErrorMsg {
t.Errorf("error detail %s should be equal %s", detail, qualifiedNameErrorMsg)
}
}
apply comments
2015-03-02 13:41:13 +00:00
totalSizeErrorCases := []map[string]string{
{"a": strings.Repeat("b", 64*1024)},
{
"a": strings.Repeat("b", 32*1024),
"c": strings.Repeat("d", 32*1024),
},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}
apply comments
2015-03-02 13:41:13 +00:00
for i := range totalSizeErrorCases {
errs := ValidateAnnotations(totalSizeErrorCases[i], "field")
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
if len(errs) != 1 {
t.Errorf("case[%d] expected failure", i)
}
}
}
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
func testVolume(name string, namespace string, spec api.PersistentVolumeSpec) *api.PersistentVolume {
objMeta := api.ObjectMeta{Name: name}
if namespace != "" {
objMeta.Namespace = namespace
}
return &api.PersistentVolume{
ObjectMeta: objMeta,
Spec: spec,
}
}
func TestValidatePersistentVolumes(t *testing.T) {
scenarios := map[string]struct {
isExpectedFailure bool
volume *api.PersistentVolume
}{
"good-volume": {
isExpectedFailure: false,
volume: testVolume("foo", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
added validation for AccessModes
2015-07-24 19:55:54 +00:00
"invalid-accessmode": {
isExpectedFailure: true,
volume: testVolume("foo", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
AccessModes: []api.PersistentVolumeAccessMode{"fakemode"},
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
"unexpected-namespace": {
isExpectedFailure: true,
volume: testVolume("foo", "unexpected-namespace", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
"bad-name": {
isExpectedFailure: true,
volume: testVolume("123*Bad(Name", "unexpected-namespace", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
Bi-directional bind between pv.Spec.ClaimRef and pvc.Spec.VolumeName
2015-05-13 00:44:29 +00:00
}),
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
},
"missing-name": {
isExpectedFailure: true,
volume: testVolume("", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
}),
},
"missing-capacity": {
isExpectedFailure: true,
volume: testVolume("foo", "", api.PersistentVolumeSpec{}),
},
Bi-directional bind between pv.Spec.ClaimRef and pvc.Spec.VolumeName
2015-05-13 00:44:29 +00:00
"missing-accessmodes": {
isExpectedFailure: true,
volume: testVolume("goodname", "missing-accessmodes", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
"too-many-sources": {
isExpectedFailure: true,
volume: testVolume("", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("5G"),
},
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "foo", FSType: "ext4"},
},
}),
},
}
for name, scenario := range scenarios {
errs := ValidatePersistentVolume(scenario.volume)
if len(errs) == 0 && scenario.isExpectedFailure {
t.Errorf("Unexpected success for scenario: %s", name)
}
if len(errs) > 0 && !scenario.isExpectedFailure {
t.Errorf("Unexpected failure for scenario: %s - %+v", name, errs)
}
}
}
func testVolumeClaim(name string, namespace string, spec api.PersistentVolumeClaimSpec) *api.PersistentVolumeClaim {
return &api.PersistentVolumeClaim{
ObjectMeta: api.ObjectMeta{Name: name, Namespace: namespace},
Spec: spec,
}
}
func TestValidatePersistentVolumeClaim(t *testing.T) {
scenarios := map[string]struct {
isExpectedFailure bool
claim *api.PersistentVolumeClaim
}{
"good-claim": {
isExpectedFailure: false,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
added validation for AccessModes
2015-07-24 19:55:54 +00:00
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"invalid-accessmode": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
AccessModes: []api.PersistentVolumeAccessMode{"fakemode"},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"missing-namespace": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"no-access-modes": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"no-resource-requests": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ReadWriteOnce,
},
}),
},
changed claimed validation from length check to specific storage check
2015-03-31 15:37:09 +00:00
"invalid-resource-requests": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
changed claimed validation from length check to specific storage check
2015-03-31 15:37:09 +00:00
api.ReadWriteOnce,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
}),
},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
}
for name, scenario := range scenarios {
errs := ValidatePersistentVolumeClaim(scenario.claim)
if len(errs) == 0 && scenario.isExpectedFailure {
t.Errorf("Unexpected success for scenario: %s", name)
}
if len(errs) > 0 && !scenario.isExpectedFailure {
t.Errorf("Unexpected failure for scenario: %s - %+v", name, errs)
}
}
}
Add validation of Volumes
2014-07-01 21:40:36 +00:00
func TestValidateVolumes(t *testing.T) {
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.Volume{
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
{Name: "abc", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/mnt/path1"}}},
{Name: "123", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/mnt/path2"}}},
{Name: "abc-123", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/mnt/path3"}}},
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
{Name: "empty", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
{Name: "gcepd", VolumeSource: api.VolumeSource{GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}},
{Name: "awsebs", VolumeSource: api.VolumeSource{AWSElasticBlockStore: &api.AWSElasticBlockStoreVolumeSource{VolumeID: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}},
{Name: "gitrepo", VolumeSource: api.VolumeSource{GitRepo: &api.GitRepoVolumeSource{Repository: "my-repo", Revision: "hashstring"}}},
{Name: "iscsidisk", VolumeSource: api.VolumeSource{ISCSI: &api.ISCSIVolumeSource{TargetPortal: "127.0.0.1", IQN: "iqn.2015-02.example.com:test", Lun: 1, FSType: "ext4", ReadOnly: false}}},
{Name: "secret", VolumeSource: api.VolumeSource{Secret: &api.SecretVolumeSource{SecretName: "my-secret"}}},
{Name: "glusterfs", VolumeSource: api.VolumeSource{Glusterfs: &api.GlusterfsVolumeSource{EndpointsName: "host1", Path: "path", ReadOnly: false}}},
add rados block device(rbd) volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-07 17:22:23 +00:00
{Name: "rbd", VolumeSource: api.VolumeSource{RBD: &api.RBDVolumeSource{CephMonitors: []string{"foo"}, RBDImage: "bar", FSType: "ext4"}}},
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
names, errs := validateVolumes(successCase)
if len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
add iscsi volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-03-13 21:31:13 +00:00
if len(names) != len(successCase) || !names.HasAll("abc", "123", "abc-123", "empty", "gcepd", "gitrepo", "secret", "iscsidisk") {
Add validation of Volumes
2014-07-01 21:40:36 +00:00
t.Errorf("wrong names result: %v", names)
}
Rename volume source types to be consistent.
2015-02-20 06:27:27 +00:00
emptyVS := api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
emptyPortal := api.VolumeSource{ISCSI: &api.ISCSIVolumeSource{TargetPortal: "", IQN: "iqn.2015-02.example.com:test", Lun: 1, FSType: "ext4", ReadOnly: false}}
emptyIQN := api.VolumeSource{ISCSI: &api.ISCSIVolumeSource{TargetPortal: "127.0.0.1", IQN: "", Lun: 1, FSType: "ext4", ReadOnly: false}}
emptyHosts := api.VolumeSource{Glusterfs: &api.GlusterfsVolumeSource{EndpointsName: "", Path: "path", ReadOnly: false}}
emptyPath := api.VolumeSource{Glusterfs: &api.GlusterfsVolumeSource{EndpointsName: "host", Path: "", ReadOnly: false}}
add rados block device(rbd) volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-07 17:22:23 +00:00
emptyMon := api.VolumeSource{RBD: &api.RBDVolumeSource{CephMonitors: []string{}, RBDImage: "bar", FSType: "ext4"}}
emptyImage := api.VolumeSource{RBD: &api.RBDVolumeSource{CephMonitors: []string{"foo"}, RBDImage: "", FSType: "ext4"}}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errorCases := map[string]struct {
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
V []api.Volume
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
T errors.ValidationErrorType
F string
}{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
"zero-length name": {[]api.Volume{{Name: "", VolumeSource: emptyVS}}, errors.ValidationErrorTypeRequired, "[0].name"},
"name > 63 characters": {[]api.Volume{{Name: strings.Repeat("a", 64), VolumeSource: emptyVS}}, errors.ValidationErrorTypeInvalid, "[0].name"},
"name not a DNS label": {[]api.Volume{{Name: "a.b.c", VolumeSource: emptyVS}}, errors.ValidationErrorTypeInvalid, "[0].name"},
"name not unique": {[]api.Volume{{Name: "abc", VolumeSource: emptyVS}, {Name: "abc", VolumeSource: emptyVS}}, errors.ValidationErrorTypeDuplicate, "[1].name"},
add iscsi volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-03-13 21:31:13 +00:00
"empty portal": {[]api.Volume{{Name: "badportal", VolumeSource: emptyPortal}}, errors.ValidationErrorTypeRequired, "[0].source.iscsi.targetPortal"},
"empty iqn": {[]api.Volume{{Name: "badiqn", VolumeSource: emptyIQN}}, errors.ValidationErrorTypeRequired, "[0].source.iscsi.iqn"},
implement glusterfs volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-03-26 18:53:21 +00:00
"empty hosts": {[]api.Volume{{Name: "badhost", VolumeSource: emptyHosts}}, errors.ValidationErrorTypeRequired, "[0].source.glusterfs.endpoints"},
"empty path": {[]api.Volume{{Name: "badpath", VolumeSource: emptyPath}}, errors.ValidationErrorTypeRequired, "[0].source.glusterfs.path"},
add rados block device(rbd) volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-07 17:22:23 +00:00
"empty mon": {[]api.Volume{{Name: "badmon", VolumeSource: emptyMon}}, errors.ValidationErrorTypeRequired, "[0].source.rbd.monitors"},
"empty image": {[]api.Volume{{Name: "badimage", VolumeSource: emptyImage}}, errors.ValidationErrorTypeRequired, "[0].source.rbd.image"},
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
for k, v := range errorCases {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
_, errs := validateVolumes(v.V)
if len(errs) == 0 {
Fix #1683
2014-10-10 22:34:48 +00:00
t.Errorf("expected failure %s for %v", k, v.V)
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
continue
}
for i := range errs {
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
if errs[i].(*errors.ValidationError).Type != v.T {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
t.Errorf("%s: expected errors to have type %s: %v", k, v.T, errs[i])
}
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
if errs[i].(*errors.ValidationError).Field != v.F {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
t.Errorf("%s: expected errors to have field %s: %v", k, v.F, errs[i])
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
detail := errs[i].(*errors.ValidationError).Detail
expose common name validation methods
2015-06-09 12:53:30 +00:00
if detail != "" && detail != DNS1123LabelErrorMsg {
t.Errorf("%s: expected error detail either empty or %s, got %s", k, DNS1123LabelErrorMsg, detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
}
}
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
func TestValidatePorts(t *testing.T) {
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
successCase := []api.ContainerPort{
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
{Name: "abc", ContainerPort: 80, HostPort: 80, Protocol: "TCP"},
{Name: "easy", ContainerPort: 82, Protocol: "TCP"},
{Name: "as", ContainerPort: 83, Protocol: "UDP"},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{Name: "do-re-me", ContainerPort: 84, Protocol: "UDP"},
{ContainerPort: 85, Protocol: "TCP"},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validatePorts(successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
nonCanonicalCase := []api.ContainerPort{
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{ContainerPort: 80, Protocol: "TCP"},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validatePorts(nonCanonicalCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errorCases := map[string]struct {
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
P []api.ContainerPort
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
T errors.ValidationErrorType
F string
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
D string
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}{
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
"name > 15 characters": {[]api.ContainerPort{{Name: strings.Repeat("a", 16), ContainerPort: 80, Protocol: "TCP"}}, errors.ValidationErrorTypeInvalid, "[0].name", portNameErrorMsg},
"name not a IANA svc name ": {[]api.ContainerPort{{Name: "a.b.c", ContainerPort: 80, Protocol: "TCP"}}, errors.ValidationErrorTypeInvalid, "[0].name", portNameErrorMsg},
"name not a IANA svc name (i.e. a number)": {[]api.ContainerPort{{Name: "80", ContainerPort: 80, Protocol: "TCP"}}, errors.ValidationErrorTypeInvalid, "[0].name", portNameErrorMsg},
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
"name not unique": {[]api.ContainerPort{
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{Name: "abc", ContainerPort: 80, Protocol: "TCP"},
{Name: "abc", ContainerPort: 81, Protocol: "TCP"},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}, errors.ValidationErrorTypeDuplicate, "[1].name", ""},
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
"zero container port": {[]api.ContainerPort{{ContainerPort: 0, Protocol: "TCP"}}, errors.ValidationErrorTypeInvalid, "[0].containerPort", portRangeErrorMsg},
"invalid container port": {[]api.ContainerPort{{ContainerPort: 65536, Protocol: "TCP"}}, errors.ValidationErrorTypeInvalid, "[0].containerPort", portRangeErrorMsg},
"invalid host port": {[]api.ContainerPort{{ContainerPort: 80, HostPort: 65536, Protocol: "TCP"}}, errors.ValidationErrorTypeInvalid, "[0].hostPort", portRangeErrorMsg},
Improving an error message
2015-06-24 22:09:43 +00:00
"invalid protocol case": {[]api.ContainerPort{{ContainerPort: 80, Protocol: "tcp"}}, errors.ValidationErrorTypeNotSupported, "[0].protocol", "supported values: TCP, UDP"},
"invalid protocol": {[]api.ContainerPort{{ContainerPort: 80, Protocol: "ICMP"}}, errors.ValidationErrorTypeNotSupported, "[0].protocol", "supported values: TCP, UDP"},
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
"protocol required": {[]api.ContainerPort{{Name: "abc", ContainerPort: 80}}, errors.ValidationErrorTypeRequired, "[0].protocol", ""},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
for k, v := range errorCases {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errs := validatePorts(v.P)
if len(errs) == 0 {
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
t.Errorf("expected failure for %s", k)
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
for i := range errs {
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
if errs[i].(*errors.ValidationError).Type != v.T {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
t.Errorf("%s: expected errors to have type %s: %v", k, v.T, errs[i])
}
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
if errs[i].(*errors.ValidationError).Field != v.F {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
t.Errorf("%s: expected errors to have field %s: %v", k, v.F, errs[i])
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
detail := errs[i].(*errors.ValidationError).Detail
if detail != v.D {
t.Errorf("%s: expected error detail either empty or %s, got %s", k, v.D, detail)
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
}
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
func TestValidateEnv(t *testing.T) {
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.EnvVar{
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
{Name: "abc", Value: "value"},
{Name: "ABC", Value: "value"},
{Name: "AbC_123", Value: "value"},
{Name: "abc", Value: ""},
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Stop exposing v1beta3 by default
2015-06-30 02:30:14 +00:00
APIVersion: testapi.Version(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.name",
},
},
},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validateEnv(successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
errorCases := []struct {
name string
envs []api.EnvVar
expectedError string
}{
{
name: "zero-length name",
envs: []api.EnvVar{{Name: ""}},
expectedError: "[0].name: required value",
},
{
name: "name not a C identifier",
envs: []api.EnvVar{{Name: "a.b.c"}},
improve the error message of update pod
2015-07-31 23:43:39 +00:00
expectedError: `[0].name: invalid value 'a.b.c', Details: must be a C identifier (matching regex [A-Za-z_][A-Za-z0-9_]*): e.g. "my_name" or "MyName"`,
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "value and valueFrom specified",
envs: []api.EnvVar{{
Name: "abc",
Value: "foo",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Stop exposing v1beta3 by default
2015-06-30 02:30:14 +00:00
APIVersion: testapi.Version(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.name",
},
},
}},
improve the error message of update pod
2015-07-31 23:43:39 +00:00
expectedError: "[0].valueFrom: invalid value '', Details: sources cannot be specified when value is not empty",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "missing FieldPath on ObjectFieldSelector",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Stop exposing v1beta3 by default
2015-06-30 02:30:14 +00:00
APIVersion: testapi.Version(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
},
}},
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
expectedError: "[0].valueFrom.fieldRef.fieldPath: required value",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "missing APIVersion on ObjectFieldSelector",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.name",
},
},
}},
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
expectedError: "[0].valueFrom.fieldRef.apiVersion: required value",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "invalid fieldPath",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.whoops",
Stop exposing v1beta3 by default
2015-06-30 02:30:14 +00:00
APIVersion: testapi.Version(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
},
}},
improve the error message of update pod
2015-07-31 23:43:39 +00:00
expectedError: "[0].valueFrom.fieldRef.fieldPath: invalid value 'metadata.whoops', Details: error converting fieldPath",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "unsupported fieldPath",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "status.phase",
Stop exposing v1beta3 by default
2015-06-30 02:30:14 +00:00
APIVersion: testapi.Version(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
},
}},
Add status.podIP as a valid downward API target Getting the public IP a container is supposed to use is O(hard), and usually involves ugly gyrations in python or with interfaces. Using the downward API means that the IP Kube is announcing to other endpoints is also visible inside the container for pods to identify themselves.
2015-08-12 18:14:49 +00:00
expectedError: "[0].valueFrom.fieldRef.fieldPath: unsupported value 'status.phase', Details: supported values: metadata.name, metadata.namespace, status.podIP",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
for _, tc := range errorCases {
if errs := validateEnv(tc.envs); len(errs) == 0 {
t.Errorf("expected failure for %s", tc.name)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
} else {
for i := range errs {
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
str := errs[i].(*errors.ValidationError).Error()
if str != "" && str != tc.expectedError {
t.Errorf("%s: expected error detail either empty or %s, got %s", tc.name, tc.expectedError, str)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
}
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
}
}
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
func TestValidateVolumeMounts(t *testing.T) {
volumes := util.NewStringSet("abc", "123", "abc-123")
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.VolumeMount{
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
{Name: "abc", MountPath: "/foo"},
{Name: "123", MountPath: "/foo"},
{Name: "abc-123", MountPath: "/bar"},
}
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validateVolumeMounts(successCase, volumes); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
errorCases := map[string][]api.VolumeMount{
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
"empty name": {{Name: "", MountPath: "/foo"}},
"name not found": {{Name: "", MountPath: "/foo"}},
"empty mountpath": {{Name: "abc", MountPath: ""}},
}
for k, v := range errorCases {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validateVolumeMounts(v, volumes); len(errs) == 0 {
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
t.Errorf("expected failure for %s", k)
}
}
}
add validation for api.Probe
2015-02-15 07:02:07 +00:00
func TestValidateProbe(t *testing.T) {
handler := api.Handler{Exec: &api.ExecAction{Command: []string{"echo"}}}
successCases := []*api.Probe{
nil,
{TimeoutSeconds: 10, InitialDelaySeconds: 0, Handler: handler},
{TimeoutSeconds: 0, InitialDelaySeconds: 10, Handler: handler},
}
for _, p := range successCases {
if errs := validateProbe(p); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := []*api.Probe{
{TimeoutSeconds: 10, InitialDelaySeconds: 10},
{TimeoutSeconds: 10, InitialDelaySeconds: -10, Handler: handler},
{TimeoutSeconds: -10, InitialDelaySeconds: 10, Handler: handler},
{TimeoutSeconds: -10, InitialDelaySeconds: -10, Handler: handler},
}
for _, p := range errorCases {
if errs := validateProbe(p); len(errs) == 0 {
t.Errorf("expected failure for %v", p)
}
}
}
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
func TestValidateHandler(t *testing.T) {
successCases := []api.Handler{
{Exec: &api.ExecAction{Command: []string{"echo"}}},
Changed HTTPGetAction to allow user-defined schemes
2015-06-25 17:53:41 +00:00
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: util.NewIntOrStringFromInt(1), Host: "", Scheme: "HTTP"}},
{HTTPGet: &api.HTTPGetAction{Path: "/foo", Port: util.NewIntOrStringFromInt(65535), Host: "host", Scheme: "HTTP"}},
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: util.NewIntOrStringFromString("port"), Host: "", Scheme: "HTTP"}},
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
}
for _, h := range successCases {
if errs := validateHandler(&h); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := []api.Handler{
{},
{Exec: &api.ExecAction{Command: []string{}}},
{HTTPGet: &api.HTTPGetAction{Path: "", Port: util.NewIntOrStringFromInt(0), Host: ""}},
{HTTPGet: &api.HTTPGetAction{Path: "/foo", Port: util.NewIntOrStringFromInt(65536), Host: "host"}},
{HTTPGet: &api.HTTPGetAction{Path: "", Port: util.NewIntOrStringFromString(""), Host: ""}},
}
for _, h := range errorCases {
if errs := validateHandler(&h); len(errs) == 0 {
t.Errorf("expected failure for %#v", h)
}
}
}
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
func TestValidatePullPolicy(t *testing.T) {
type T struct {
Container api.Container
ExpectedPolicy api.PullPolicy
}
testCases := map[string]T{
"NotPresent1": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc", Image: "image:latest", ImagePullPolicy: "IfNotPresent"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullIfNotPresent,
},
"NotPresent2": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc1", Image: "image", ImagePullPolicy: "IfNotPresent"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullIfNotPresent,
},
"Always1": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "123", Image: "image:latest", ImagePullPolicy: "Always"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullAlways,
},
"Always2": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "1234", Image: "image", ImagePullPolicy: "Always"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullAlways,
},
"Never1": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc-123", Image: "image:latest", ImagePullPolicy: "Never"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullNever,
},
"Never2": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc-1234", Image: "image", ImagePullPolicy: "Never"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullNever,
},
}
for k, v := range testCases {
ctr := &v.Container
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
errs := validatePullPolicy(ctr)
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
if len(errs) != 0 {
t.Errorf("case[%s] expected success, got %#v", k, errs)
}
if ctr.ImagePullPolicy != v.ExpectedPolicy {
t.Errorf("case[%s] expected policy %v, got %v", k, v.ExpectedPolicy, ctr.ImagePullPolicy)
}
}
}
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
func getResourceLimits(cpu, memory string) api.ResourceList {
res := api.ResourceList{}
res[api.ResourceCPU] = resource.MustParse(cpu)
res[api.ResourceMemory] = resource.MustParse(memory)
return res
}
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
func TestValidateContainers(t *testing.T) {
volumes := util.StringSet{}
Refactor to clean up names.
2014-09-16 22:18:33 +00:00
capabilities.SetForTests(capabilities.Capabilities{
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
AllowPrivileged: true,
})
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.Container{
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"},
{Name: "123", Image: "image", ImagePullPolicy: "IfNotPresent"},
{Name: "abc-123", Image: "image", ImagePullPolicy: "IfNotPresent"},
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
Exec: &api.ExecAction{Command: []string{"ls", "-l"}},
},
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
{
Name: "resources-test",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
Add support for request
2015-07-30 19:59:22 +00:00
{
Name: "resources-request-limit-simple",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("8"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
},
},
ImagePullPolicy: "IfNotPresent",
},
{
Name: "resources-request-limit-edge",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
},
ImagePullPolicy: "IfNotPresent",
},
{
Name: "resources-request-limit-partials",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("9.5"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
},
ImagePullPolicy: "IfNotPresent",
},
{
Name: "resources-request",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("9.5"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
ImagePullPolicy: "IfNotPresent",
},
Allow same-hostport-different-protocol
2015-05-19 05:18:40 +00:00
{
Name: "same-host-port-different-protocol",
Image: "image",
Ports: []api.ContainerPort{
{ContainerPort: 80, HostPort: 80, Protocol: "TCP"},
{ContainerPort: 80, HostPort: 80, Protocol: "UDP"},
},
ImagePullPolicy: "IfNotPresent",
},
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
{Name: "abc-1234", Image: "image", ImagePullPolicy: "IfNotPresent", SecurityContext: fakeValidSecurityContext(true)},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
}
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validateContainers(successCase, volumes); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
}
Refactor to clean up names.
2014-09-16 22:18:33 +00:00
capabilities.SetForTests(capabilities.Capabilities{
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
AllowPrivileged: false,
})
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
errorCases := map[string][]api.Container{
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"zero-length name": {{Name: "", Image: "image", ImagePullPolicy: "IfNotPresent"}},
"name > 63 characters": {{Name: strings.Repeat("a", 64), Image: "image", ImagePullPolicy: "IfNotPresent"}},
"name not a DNS label": {{Name: "a.b.c", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
"name not unique": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"},
{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"zero-length image": {{Name: "abc", Image: "", ImagePullPolicy: "IfNotPresent"}},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
"host port not unique": {
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
{Name: "abc", Image: "image", Ports: []api.ContainerPort{{ContainerPort: 80, HostPort: 80, Protocol: "TCP"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent"},
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
{Name: "def", Image: "image", Ports: []api.ContainerPort{{ContainerPort: 81, HostPort: 80, Protocol: "TCP"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent"},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
"invalid env var name": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
{Name: "abc", Image: "image", Env: []api.EnvVar{{Name: "ev.1"}}, ImagePullPolicy: "IfNotPresent"},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
},
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
"unknown volume name": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
{Name: "abc", Image: "image", VolumeMounts: []api.VolumeMount{{Name: "anything", MountPath: "/foo"}},
ImagePullPolicy: "IfNotPresent"},
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
},
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
"invalid lifecycle, no exec command.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
Exec: &api.ExecAction{},
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
},
"invalid lifecycle, no http path.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
HTTPGet: &api.HTTPGetAction{},
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
},
TCPSocket could not be used as it was not checked in validation Attempting to use it gave the error "must register one handler". Added more tests for it.
2015-02-27 03:20:34 +00:00
"invalid lifecycle, no tcp socket port.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
TCPSocket: &api.TCPSocketAction{},
},
},
ImagePullPolicy: "IfNotPresent",
},
},
"invalid lifecycle, zero tcp socket port.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
TCPSocket: &api.TCPSocketAction{
Port: util.IntOrString{IntVal: 0},
},
},
},
ImagePullPolicy: "IfNotPresent",
},
},
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
"invalid lifecycle, no action.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
},
TCPSocket could not be used as it was not checked in validation Attempting to use it gave the error "must register one handler". Added more tests for it.
2015-02-27 03:20:34 +00:00
"invalid liveness probe, no tcp socket port.": {
{
Name: "life-123",
Image: "image",
LivenessProbe: &api.Probe{
Handler: api.Handler{
TCPSocket: &api.TCPSocketAction{},
},
},
ImagePullPolicy: "IfNotPresent",
},
},
"invalid liveness probe, no action.": {
{
Name: "life-123",
Image: "image",
LivenessProbe: &api.Probe{
Handler: api.Handler{},
},
ImagePullPolicy: "IfNotPresent",
},
},
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
"privilege disabled": {
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
{Name: "abc", Image: "image", SecurityContext: fakeValidSecurityContext(true)},
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
},
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
"invalid compute resource": {
{
Name: "abc-123",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: api.ResourceList{
"disk": resource.MustParse("10G"),
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
},
"Resource CPU invalid": {
{
Name: "abc-123",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("-10", "0"),
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
},
Improve container resource requirements validation
2015-04-20 18:56:15 +00:00
"Resource Requests CPU invalid": {
{
Name: "abc-123",
Image: "image",
Resources: api.ResourceRequirements{
Requests: getResourceLimits("-10", "0"),
},
ImagePullPolicy: "IfNotPresent",
},
},
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
"Resource Memory invalid": {
{
Name: "abc-123",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("0", "-10"),
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
},
Add support for request
2015-07-30 19:59:22 +00:00
"Request limit simple invalid": {
{
Name: "abc-123",
Image: "image",
Resources: api.ResourceRequirements{
Limits: getResourceLimits("5", "3"),
Requests: getResourceLimits("6", "3"),
},
ImagePullPolicy: "IfNotPresent",
},
},
"Request limit multiple invalid": {
{
Name: "abc-123",
Image: "image",
Resources: api.ResourceRequirements{
Limits: getResourceLimits("5", "3"),
Requests: getResourceLimits("6", "4"),
},
ImagePullPolicy: "IfNotPresent",
},
},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
}
for k, v := range errorCases {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if errs := validateContainers(v, volumes); len(errs) == 0 {
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
t.Errorf("expected failure for %s", k)
}
}
}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
func TestValidateRestartPolicy(t *testing.T) {
successCases := []api.RestartPolicy{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
api.RestartPolicyAlways,
api.RestartPolicyOnFailure,
api.RestartPolicyNever,
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
}
for _, policy := range successCases {
if errs := validateRestartPolicy(&policy); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
errorCases := []api.RestartPolicy{"", "newpolicy"}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
for k, policy := range errorCases {
if errs := validateRestartPolicy(&policy); len(errs) == 0 {
Fix format specifiers in Printf-type functions.
2014-10-10 00:06:32 +00:00
t.Errorf("expected failure for %d", k)
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
}
}
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
Beef up validation tests
2015-01-06 19:11:52 +00:00
func TestValidateDNSPolicy(t *testing.T) {
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
successCases := []api.DNSPolicy{api.DNSClusterFirst, api.DNSDefault, api.DNSPolicy(api.DNSClusterFirst)}
Beef up validation tests
2015-01-06 19:11:52 +00:00
for _, policy := range successCases {
if errs := validateDNSPolicy(&policy); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := []api.DNSPolicy{api.DNSPolicy("invalid")}
for _, policy := range errorCases {
if errs := validateDNSPolicy(&policy); len(errs) == 0 {
t.Errorf("expected failure for %v", policy)
}
}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
}
Beef up validation tests
2015-01-06 19:11:52 +00:00
func TestValidatePodSpec(t *testing.T) {
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
activeDeadlineSeconds := int64(30)
Beef up validation tests
2015-01-06 19:11:52 +00:00
successCases := []api.PodSpec{
{ // Populate basic fields, leave defaults for most.
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
{ // Populate all fields.
Volumes: []api.Volume{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Beef up validation tests
2015-01-06 19:11:52 +00:00
NodeSelector: map[string]string{
"key": "value",
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
},
update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go
2015-05-22 23:40:57 +00:00
NodeName: "foobar",
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
DNSPolicy: api.DNSClusterFirst,
ActiveDeadlineSeconds: &activeDeadlineSeconds,
Rename pod.spec.serviceAccount -> pod.spec.serviceAccountName for v1
2015-06-19 02:35:42 +00:00
ServiceAccountName: "acct",
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Add HostNetworking container option to API. This allows a container to run within the same networking namespace as the host. This will be locked down by default using a flag on the master and nodes (similar to how privileged is handled today).
2015-03-23 23:34:35 +00:00
{ // Populate HostNetwork.
Containers: []api.Container{
{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", Ports: []api.ContainerPort{
{HostPort: 8080, ContainerPort: 8080, Protocol: "TCP"}},
},
},
HostNetwork: true,
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for i := range successCases {
if errs := ValidatePodSpec(&successCases[i]); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
activeDeadlineSeconds = int64(0)
Beef up validation tests
2015-01-06 19:11:52 +00:00
failureCases := map[string]api.PodSpec{
"bad volume": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
Volumes: []api.Volume{{}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
},
"no containers": {
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
"bad container": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
Containers: []api.Container{{}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
"bad DNS policy": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSPolicy("invalid"),
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
},
Validate service account name in pod spec
2015-06-11 21:16:58 +00:00
"bad service account name": {
Rename pod.spec.serviceAccount -> pod.spec.serviceAccountName for v1
2015-06-19 02:35:42 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
ServiceAccountName: "invalidName",
Validate service account name in pod spec
2015-06-11 21:16:58 +00:00
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"bad restart policy": {
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: "UnknowPolicy",
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Add HostNetworking container option to API. This allows a container to run within the same networking namespace as the host. This will be locked down by default using a flag on the master and nodes (similar to how privileged is handled today).
2015-03-23 23:34:35 +00:00
"with hostNetwork hostPort not equal to containerPort": {
Containers: []api.Container{
{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", Ports: []api.ContainerPort{
{HostPort: 8080, ContainerPort: 2600, Protocol: "TCP"}},
},
},
HostNetwork: true,
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
"bad-active-deadline-seconds": {
Volumes: []api.Volume{
{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
},
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
NodeSelector: map[string]string{
"key": "value",
},
update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go
2015-05-22 23:40:57 +00:00
NodeName: "foobar",
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
DNSPolicy: api.DNSClusterFirst,
ActiveDeadlineSeconds: &activeDeadlineSeconds,
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for k, v := range failureCases {
if errs := ValidatePodSpec(&v); len(errs) == 0 {
t.Errorf("expected failure for %q", k)
}
}
}
func TestValidatePod(t *testing.T) {
successCases := []api.Pod{
{ // Basic fields.
ObjectMeta: api.ObjectMeta{Name: "123", Namespace: "ns"},
Spec: api.PodSpec{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
},
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
{ // Just about everything.
ObjectMeta: api.ObjectMeta{Name: "abc.123.do-re-mi", Namespace: "ns"},
Spec: api.PodSpec{
Volumes: []api.Volume{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Beef up validation tests
2015-01-06 19:11:52 +00:00
DNSPolicy: api.DNSClusterFirst,
NodeSelector: map[string]string{
"key": "value",
},
update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go
2015-05-22 23:40:57 +00:00
NodeName: "foobar",
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
},
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for _, pod := range successCases {
if errs := ValidatePod(&pod); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
}
Beef up validation tests
2015-01-06 19:11:52 +00:00
errorCases := map[string]api.Pod{
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"bad name": {
ObjectMeta: api.ObjectMeta{Name: "", Namespace: "ns"},
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
},
},
"bad namespace": {
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: ""},
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
},
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
"bad spec": {
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "ns"},
Spec: api.PodSpec{
Containers: []api.Container{{}},
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
Added validation for annotations
2015-01-24 14:36:22 +00:00
"bad label": {
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "ns",
Labels: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
},
Added validation for annotations
2015-01-24 14:36:22 +00:00
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for k, v := range errorCases {
if errs := ValidatePod(&v); len(errs) == 0 {
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
t.Errorf("expected failure for %q", k)
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
add RFC952 label validation
2014-10-23 20:14:13 +00:00
}
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
}
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
func TestValidatePodUpdate(t *testing.T) {
Add TerminationGracePeriodSeconds to API Set defaulting for pod spec
2015-08-19 23:59:43 +00:00
now := util.Now()
grace := int64(30)
grace2 := int64(31)
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
tests := []struct {
a api.Pod
b api.Pod
isValid bool
test string
}{
{api.Pod{}, api.Pod{}, true, "nothing"},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "bar"},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
false,
"ids",
},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"foo": "bar",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"bar": "foo",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
true,
"labels",
},
Added validation for annotations
2015-01-24 14:36:22 +00:00
{
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Annotations: map[string]string{
"foo": "bar",
},
},
},
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Annotations: map[string]string{
"bar": "foo",
},
},
},
true,
"annotations",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
},
{
Image: "bar:V2",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
false,
"more containers",
},
{
api.Pod{
Add TerminationGracePeriodSeconds to API Set defaulting for pod spec
2015-08-19 23:59:43 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo", DeletionTimestamp: &now},
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo"},
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
true,
"deletion timestamp filled out",
},
{
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &grace},
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &grace2},
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
false,
"deletion grace period seconds cleared",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
true,
"image change",
},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("100m", "0"),
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("1000m", "0"),
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
false,
"cpu change",
},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
Ports: []api.ContainerPort{
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
{HostPort: 8080, ContainerPort: 80},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
Ports: []api.ContainerPort{
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
{HostPort: 8000, ContainerPort: 80},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
},
false,
"port change",
},
Add a few extra test cases for API validation of labels that would have caught a bug that was in past versions. Also, copy the label key format requirements from the API types.go comments into the labels doc.
2015-02-04 22:21:34 +00:00
{
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"foo": "bar",
},
},
},
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"Bar": "foo",
},
},
},
true,
"bad label change",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
}
for _, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.a.ObjectMeta.ResourceVersion = "1"
test.b.ObjectMeta.ResourceVersion = "1"
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
errs := ValidatePodUpdate(&test.a, &test.b)
if test.isValid {
if len(errs) != 0 {
t.Errorf("unexpected invalid: %s %v, %v", test.test, test.a, test.b)
}
} else {
if len(errs) == 0 {
t.Errorf("unexpected valid: %s %v, %v", test.test, test.a, test.b)
}
}
}
}
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
func makeValidService() api.Service {
return api.Service{
ObjectMeta: api.ObjectMeta{
Name: "valid",
Namespace: "valid",
Labels: map[string]string{},
Annotations: map[string]string{},
ResourceVersion: "1",
},
Spec: api.ServiceSpec{
Selector: map[string]string{"key": "val"},
SessionAffinity: "None",
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
Type: api.ServiceTypeClusterIP,
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
Ports: []api.ServicePort{{Name: "p", Protocol: "TCP", Port: 8675, TargetPort: util.NewIntOrStringFromInt(8675)}},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
},
}
}
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
func TestValidateService(t *testing.T) {
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
testCases := []struct {
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
name string
tweakSvc func(svc *api.Service) // given a basic valid service, each test case can customize it
numErrs int
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
}{
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing namespace",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Namespace = ""
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid namespace",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Namespace = "-123"
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Name = ""
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
},
Update test cases to use default context
2014-09-29 21:18:18 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Name = "-123"
Update test cases to use default context
2014-09-29 21:18:18 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "too long name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Name = strings.Repeat("a", 25)
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
Make validation check for legal serive port numbers.
2014-08-22 21:44:21 +00:00
},
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid generateName",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.GenerateName = "-123"
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "too long generateName",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.GenerateName = strings.Repeat("a", 25)
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid label",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Labels["NoUppercaseOrSpecialCharsLike=Equals"] = "bar"
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid annotation",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Annotations["NoSpecialCharsLike=Equals"] = "bar"
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "nil selector",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Selector = nil
},
numErrs: 0,
},
add a 'protocol' field to api.Service
2014-09-10 16:53:40 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid selector",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Spec.Selector["NoSpecialCharsLike=Equals"] = "bar"
add a 'protocol' field to api.Service
2014-09-10 16:53:40 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing session affinity",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Spec.SessionAffinity = ""
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
{
name: "missing type",
tweakSvc: func(s *api.Service) {
s.Spec.Type = ""
},
numErrs: 1,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "missing ports",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports = nil
},
numErrs: 1,
},
{
name: "empty port[0] name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Name = ""
},
numErrs: 0,
},
{
name: "empty port[1] name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "", Protocol: "TCP", Port: 12345, TargetPort: util.NewIntOrStringFromInt(12345)})
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
},
numErrs: 1,
},
Service port names are required for multi-port There is no provision for the first port to be unnamed. I think I initially allowed that, but then the Subset struct became a sorted struct, so the first-ness of the port got lost. If you have a Service with one named and one unnamed port, what happens is that the EndpointController fails to create Endpoints (validation error).
2015-05-05 18:51:51 +00:00
{
name: "empty multi-port port[0] name",
tweakSvc: func(s *api.Service) {
s.Spec.Ports[0].Name = ""
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p", Protocol: "TCP", Port: 12345, TargetPort: util.NewIntOrStringFromInt(12345)})
Service port names are required for multi-port There is no provision for the first port to be unnamed. I think I initially allowed that, but then the Subset struct became a sorted struct, so the first-ness of the port got lost. If you have a Service with one named and one unnamed port, what happens is that the EndpointController fails to create Endpoints (validation error).
2015-05-05 18:51:51 +00:00
},
numErrs: 1,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "invalid port name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Name = "INVALID"
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing protocol",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Protocol = ""
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid protocol",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Protocol = "INVALID"
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "invalid cluster ip",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
s.Spec.ClusterIP = "invalid"
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing port",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Port = 0
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
},
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid port",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Port = 65536
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
{
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
name: "invalid TargetPort int",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].TargetPort = util.NewIntOrStringFromInt(65536)
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
},
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
{
name: "invalid publicIPs localhost",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
External IPs support.
2015-08-12 00:18:21 +00:00
s.Spec.ExternalIPs = []string{"127.0.0.1"}
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
numErrs: 1,
},
{
name: "invalid publicIPs",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
External IPs support.
2015-08-12 00:18:21 +00:00
s.Spec.ExternalIPs = []string{"0.0.0.0"}
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
numErrs: 1,
},
{
External IPs support.
2015-08-12 00:18:21 +00:00
name: "invalid publicIPs host",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
External IPs support.
2015-08-12 00:18:21 +00:00
s.Spec.ExternalIPs = []string{"myhost.mydomain"}
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
External IPs support.
2015-08-12 00:18:21 +00:00
numErrs: 1,
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
{
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
name: "dup port name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Name = "p"
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
numErrs: 1,
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
{
name: "invalid load balancer protocol 1",
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
s.Spec.Ports[0].Protocol = "UDP"
},
numErrs: 1,
},
{
name: "invalid load balancer protocol 2",
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "UDP", TargetPort: util.NewIntOrStringFromInt(12345)})
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
numErrs: 1,
},
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "valid 1",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
// do nothing
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
numErrs: 0,
},
add RFC952 label validation
2014-10-23 20:14:13 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "valid 2",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Protocol = "UDP"
s.Spec.Ports[0].TargetPort = util.NewIntOrStringFromInt(12345)
Allow an empty service
2014-11-18 17:49:00 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 0,
Allow an empty service
2014-11-18 17:49:00 +00:00
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "valid 3",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].TargetPort = util.NewIntOrStringFromString("http")
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 0,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "valid cluster ip - none ",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
s.Spec.ClusterIP = "None"
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
},
numErrs: 0,
},
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "valid cluster ip - empty",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
s.Spec.ClusterIP = ""
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].TargetPort = util.NewIntOrStringFromString("http")
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
},
numErrs: 0,
},
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
{
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
name: "valid type - cluster",
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
},
numErrs: 0,
},
{
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
name: "valid type - loadbalancer",
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
},
numErrs: 0,
},
{
name: "valid type loadbalancer 2 ports",
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
numErrs: 0,
},
{
name: "valid external load balancer 2 ports",
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
numErrs: 0,
},
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
{
name: "duplicate nodeports",
tweakSvc: func(s *api.Service) {
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
s.Spec.Type = api.ServiceTypeNodePort
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 1, Protocol: "TCP", NodePort: 1, TargetPort: util.NewIntOrStringFromInt(1)})
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "r", Port: 2, Protocol: "TCP", NodePort: 1, TargetPort: util.NewIntOrStringFromInt(2)})
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
numErrs: 1,
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
{
name: "duplicate nodeports (different protocols)",
tweakSvc: func(s *api.Service) {
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
s.Spec.Type = api.ServiceTypeNodePort
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 1, Protocol: "TCP", NodePort: 1, TargetPort: util.NewIntOrStringFromInt(1)})
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "r", Port: 2, Protocol: "UDP", NodePort: 1, TargetPort: util.NewIntOrStringFromInt(2)})
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
numErrs: 0,
},
{
name: "valid type - cluster",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
},
numErrs: 0,
},
{
name: "valid type - nodeport",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
},
numErrs: 0,
},
{
name: "valid type - loadbalancer",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
},
numErrs: 0,
},
{
name: "valid type loadbalancer 2 ports",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid type loadbalancer with NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", NodePort: 12345, TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid type=NodePort service with NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", NodePort: 12345, TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid type=NodePort service without NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid cluster service without NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "invalid cluster service with NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", NodePort: 12345, TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 1,
},
{
name: "invalid public service with duplicate NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p1", Port: 1, Protocol: "TCP", NodePort: 1, TargetPort: util.NewIntOrStringFromInt(1)})
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p2", Port: 2, Protocol: "TCP", NodePort: 1, TargetPort: util.NewIntOrStringFromInt(2)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 1,
},
{
name: "valid type=LoadBalancer",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
To add validation for service ports when defined as string (fixing issue #9734)
2015-06-12 16:33:11 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
Automatically open a firewall when creating a GCE load balancer.
2015-07-09 05:02:10 +00:00
{
// For now we open firewalls, and its insecure if we open 10250, remove this
// when we have better protections in place.
name: "invalid port type=LoadBalancer",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "kubelet", Port: 10250, Protocol: "TCP", TargetPort: util.NewIntOrStringFromInt(12345)})
},
numErrs: 1,
},
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
}
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
for _, tc := range testCases {
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
svc := makeValidService()
tc.tweakSvc(&svc)
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
errs := ValidateService(&svc)
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
if len(errs) != tc.numErrs {
change everything to use new util/errors
2015-01-09 06:10:03 +00:00
t.Errorf("Unexpected error list for case %q: %v", tc.name, utilerrors.NewAggregate(errs))
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
}
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
}
}
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
func TestValidateReplicationControllerUpdate(t *testing.T) {
validSelector := map[string]string{"a": "b"}
validPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
}
readWriteVolumePodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
Volumes: []api.Volume{{Name: "gcepd", VolumeSource: api.VolumeSource{GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}}},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
}
invalidSelector := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
invalidPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
DNSPolicy: api.DNSClusterFirst,
},
ObjectMeta: api.ObjectMeta{
Labels: invalidSelector,
},
},
}
type rcUpdateTest struct {
old api.ReplicationController
update api.ReplicationController
}
successCases := []rcUpdateTest{
{
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 3,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
{
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 1,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
}
for _, successCase := range successCases {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
successCase.old.ObjectMeta.ResourceVersion = "1"
successCase.update.ObjectMeta.ResourceVersion = "1"
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
if errs := ValidateReplicationControllerUpdate(&successCase.old, &successCase.update); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := map[string]rcUpdateTest{
"more than one read/write": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
"invalid selector": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: invalidSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
"invalid pod": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &invalidPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
"negative replicas": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: -1,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
}
for testName, errorCase := range errorCases {
if errs := ValidateReplicationControllerUpdate(&errorCase.old, &errorCase.update); len(errs) == 0 {
t.Errorf("expected failure: %s", testName)
}
}
}
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
func TestValidateReplicationController(t *testing.T) {
validSelector := map[string]string{"a": "b"}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
validPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
}
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
readWriteVolumePodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.PodSpec{
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
Volumes: []api.Volume{{Name: "gcepd", VolumeSource: api.VolumeSource{GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Adds support for attaching GCEPersitentDisks Adds GCEPersistentDisk volume struct Adds gce-utils to attach disk to kubelet's VM. Updates config to give compute-rw to every minion. Adds GCEPersistentDisk to API Adds ability to mount attached disks Generalizes PD and adds tests. PD now uses an pluggable API interface. Unit Tests more cleanly separates TearDown and SetUp Modify boilerplate hook to omit build tags Adds Mounter interface; mount is now built by OS TearDown() for PD now detaches disk on final refcount Un-generalized PD; GCE calls moved to cloudprovider Address comments.
2014-08-05 17:58:43 +00:00
},
},
}
add RFC952 label validation
2014-10-23 20:14:13 +00:00
invalidSelector := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
invalidPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
ObjectMeta: api.ObjectMeta{
Labels: invalidSelector,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCases := []api.ReplicationController{
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc-123", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
{
ObjectMeta: api.ObjectMeta{Name: "abc-123", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 1,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
}
for _, successCase := range successCases {
if errs := ValidateReplicationController(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
errorCases := map[string]api.ReplicationController{
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
"zero-length ID": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Update test cases to use default context
2014-09-29 21:18:18 +00:00
},
},
"missing-namespace": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc-123"},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
"empty selector": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
Add a validation that replicaSelector matches PodTemplate.Labels
2014-08-22 00:02:39 +00:00
"selector_doesnt_match": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: map[string]string{"foo": "bar"},
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Add a validation that replicaSelector matches PodTemplate.Labels
2014-08-22 00:02:39 +00:00
},
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
"invalid manifest": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
"read-write persistent disk with > 1 pod": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc"},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
Replicas: 2,
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adds support for attaching GCEPersitentDisks Adds GCEPersistentDisk volume struct Adds gce-utils to attach disk to kubelet's VM. Updates config to give compute-rw to every minion. Adds GCEPersistentDisk to API Adds ability to mount attached disks Generalizes PD and adds tests. PD now uses an pluggable API interface. Unit Tests more cleanly separates TearDown and SetUp Modify boilerplate hook to omit build tags Adds Mounter interface; mount is now built by OS TearDown() for PD now detaches disk on final refcount Un-generalized PD; GCE calls moved to cloudprovider Address comments.
2014-08-05 17:58:43 +00:00
},
},
Validate on replicas being non-negative
2014-08-04 19:02:51 +00:00
"negative_replicas": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Replicas: -1,
Selector: validSelector,
Validate on replicas being non-negative
2014-08-04 19:02:51 +00:00
},
},
add RFC952 label validation
2014-10-23 20:14:13 +00:00
"invalid_label": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
Labels: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
"invalid_label 2": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
Labels: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &invalidPodTemplate.Template,
},
},
"invalid_annotation": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
Annotations: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &validPodTemplate.Template,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
"invalid restart policy 1": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &api.PodTemplateSpec{
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
},
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
},
},
},
"invalid restart policy 2": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &api.PodTemplateSpec{
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyNever,
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
},
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
},
},
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
}
for k, v := range errorCases {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errs := ValidateReplicationController(&v)
if len(errs) == 0 {
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
t.Errorf("expected failure for %s", k)
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
for i := range errs {
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
field := errs[i].(*errors.ValidationError).Field
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
if !strings.HasPrefix(field, "spec.template.") &&
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
field != "metadata.name" &&
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
field != "metadata.namespace" &&
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
field != "spec.selector" &&
field != "spec.template" &&
Adds support for attaching GCEPersitentDisks Adds GCEPersistentDisk volume struct Adds gce-utils to attach disk to kubelet's VM. Updates config to give compute-rw to every minion. Adds GCEPersistentDisk to API Adds ability to mount attached disks Generalizes PD and adds tests. PD now uses an pluggable API interface. Unit Tests more cleanly separates TearDown and SetUp Modify boilerplate hook to omit build tags Adds Mounter interface; mount is now built by OS TearDown() for PD now detaches disk on final refcount Un-generalized PD; GCE calls moved to cloudprovider Address comments.
2014-08-05 17:58:43 +00:00
field != "GCEPersistentDisk.ReadOnly" &&
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
field != "spec.replicas" &&
clean up error message on labels validation errs
2014-11-20 05:55:45 +00:00
field != "spec.template.labels" &&
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
field != "metadata.annotations" &&
field != "metadata.labels" {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
t.Errorf("%s: missing prefix for: %v", k, errs[i])
}
}
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
}
}
Read BoundPods from etcd instead of ContainerManifestList There are three values that uniquely identify a pod on a host - the configuration source (etcd, file, http), the pod name, and the pod namespace. This change ensures that configuration properly makes those names unique by changing podFullName to contain both name (currently ID in v1beta1, Name in v1beta3) and namespace. The Kubelet does not properly handle information requests for pods not in the default namespace at this time.
2014-10-08 19:56:02 +00:00
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
func TestValidateNode(t *testing.T) {
Centralize minion validation
2014-11-12 17:38:15 +00:00
validSelector := map[string]string{"a": "b"}
invalidSelector := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
successCases := []api.Node{
Centralize minion validation
2014-11-12 17:38:15 +00:00
{
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
ObjectMeta: api.ObjectMeta{
Name: "abc",
Labels: validSelector,
},
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/gpu"): resource.MustParse("10"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
},
{
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
ObjectMeta: api.ObjectMeta{
Name: "abc",
},
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("0"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
},
}
for _, successCase := range successCases {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
if errs := ValidateNode(&successCase); len(errs) != 0 {
Centralize minion validation
2014-11-12 17:38:15 +00:00
t.Errorf("expected success: %v", errs)
}
}
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
errorCases := map[string]api.Node{
Centralize minion validation
2014-11-12 17:38:15 +00:00
"zero-length Name": {
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
ObjectMeta: api.ObjectMeta{
Name: "",
Labels: validSelector,
},
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
},
"invalid-labels": {
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Labels: invalidSelector,
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
},
"missing-external-id": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Labels: validSelector,
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
}
for k, v := range errorCases {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
errs := ValidateNode(&v)
Centralize minion validation
2014-11-12 17:38:15 +00:00
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
for i := range errs {
Change ValidationError to a pointer In Prep for adding at leats one more field, make this operate more list StatusError.
2014-11-20 22:11:23 +00:00
field := errs[i].(*errors.ValidationError).Field
Add validation for node creation.
2015-03-24 17:24:07 +00:00
expectedFields := map[string]bool{
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
"metadata.name": true,
"metadata.labels": true,
"metadata.annotations": true,
"metadata.namespace": true,
"spec.ExternalID": true,
Add validation for node creation.
2015-03-24 17:24:07 +00:00
}
if expectedFields[field] == false {
Centralize minion validation
2014-11-12 17:38:15 +00:00
t.Errorf("%s: missing prefix for: %v", k, errs[i])
}
}
}
}
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
func TestValidateNodeUpdate(t *testing.T) {
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
tests := []struct {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
oldNode api.Node
node api.Node
valid bool
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}{
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{}, api.Node{}, true},
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "bar"},
}, false},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "bar"},
},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
}, api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, true},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
}, api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, true},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "foo"},
},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
}, api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, true},
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("10000"),
api.ResourceMemory: resource.MustParse("100"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, true},
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "foo"},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("10000"),
api.ResourceMemory: resource.MustParse("100"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "fooobaz"},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, true},
Clear node status before the validation check.
2014-12-22 19:04:57 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "foo"},
},
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "1.2.3.4"},
},
Clear node status before the validation check.
2014-12-22 19:04:57 +00:00
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "fooobaz"},
},
}, true},
Add a few extra test cases for API validation of labels that would have caught a bug that was in past versions. Also, copy the label key format requirements from the API types.go comments into the labels doc.
2015-02-04 22:21:34 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"Foo": "baz"},
},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}, true},
Allow admin user to explicitly unschedule the node Setting Unschedulable on the node will not touch any existing pods on the node but will block scheduling of new pods on the node.
2015-02-17 20:03:14 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: false,
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: true,
},
}, true},
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: false,
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeExternalIP, Address: "1.1.1.1"},
{Type: api.NodeExternalIP, Address: "1.1.1.1"},
},
},
}, false},
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: false,
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeExternalIP, Address: "1.1.1.1"},
{Type: api.NodeInternalIP, Address: "10.1.1.1"},
},
},
}, true},
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
for i, test := range tests {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
test.oldNode.ObjectMeta.ResourceVersion = "1"
test.node.ObjectMeta.ResourceVersion = "1"
errs := ValidateNodeUpdate(&test.oldNode, &test.node)
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
if test.valid && len(errs) > 0 {
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
t.Errorf("%d: Unexpected error: %v", i, errs)
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
t.Logf("%#v vs %#v", test.oldNode.ObjectMeta, test.node.ObjectMeta)
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}
if !test.valid && len(errs) == 0 {
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
t.Errorf("%d: Unexpected non-error", i)
}
}
}
func TestValidateServiceUpdate(t *testing.T) {
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
testCases := []struct {
name string
tweakSvc func(oldSvc, newSvc *api.Service) // given basic valid services, each test case can customize them
numErrs int
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
}{
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
{
name: "no change",
tweakSvc: func(oldSvc, newSvc *api.Service) {
// do nothing
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
name: "change name",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Name += "2"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
name: "change namespace",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Namespace += "2"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
name: "change label valid",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Labels["key"] = "other-value"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
name: "add label",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Labels["key2"] = "value2"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "change cluster IP",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(oldSvc, newSvc *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
oldSvc.Spec.ClusterIP = "1.2.3.4"
newSvc.Spec.ClusterIP = "8.6.7.5"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "remove cluster IP",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(oldSvc, newSvc *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
oldSvc.Spec.ClusterIP = "1.2.3.4"
newSvc.Spec.ClusterIP = ""
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
name: "change affinity",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.SessionAffinity = "ClientIP"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
name: "remove affinity",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.SessionAffinity = ""
Add a few extra test cases for API validation of labels that would have caught a bug that was in past versions. Also, copy the label key format requirements from the API types.go comments into the labels doc.
2015-02-04 22:21:34 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
{
name: "change type",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.Type = api.ServiceTypeLoadBalancer
},
numErrs: 0,
},
{
name: "remove type",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.Type = ""
},
numErrs: 1,
},
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
{
name: "change type -> nodeport",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.Type = api.ServiceTypeNodePort
},
numErrs: 0,
},
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
}
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
for _, tc := range testCases {
oldSvc := makeValidService()
newSvc := makeValidService()
tc.tweakSvc(&oldSvc, &newSvc)
errs := ValidateServiceUpdate(&oldSvc, &newSvc)
if len(errs) != tc.numErrs {
t.Errorf("Unexpected error list for case %q: %v", tc.name, utilerrors.NewAggregate(errs))
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}
}
}
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
func TestValidateResourceNames(t *testing.T) {
table := []struct {
input string
success bool
}{
{"memory", true},
{"cpu", true},
{"network", false},
{"disk", false},
{"", false},
{".", false},
{"..", false},
{"my.favorite.app.co/12345", true},
apply comments
2015-03-02 13:41:13 +00:00
{"my.favorite.app.co/_12345", false},
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
{"my.favorite.app.co/12345_", false},
{"kubernetes.io/..", false},
Somewhat better error messages for common formats Clearer strings with examples.
2015-05-13 04:24:41 +00:00
{"kubernetes.io/" + strings.Repeat("a", 63), true},
{"kubernetes.io/" + strings.Repeat("a", 64), false},
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
{"kubernetes.io//", false},
{"kubernetes.io", false},
{"kubernetes.io/will/not/work/", false},
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
for k, item := range table {
err := validateResourceName(item.input, "sth")
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
if len(err) != 0 && item.success {
t.Errorf("expected no failure for input %q", item.input)
} else if len(err) == 0 && !item.success {
t.Errorf("expected failure for input %q", item.input)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
for i := range err {
detail := err[i].(*errors.ValidationError).Detail
if detail != "" && detail != qualifiedNameErrorMsg {
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
t.Errorf("%d: expected error detail either empty or %s, got %s", k, qualifiedNameErrorMsg, detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
}
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
}
}
}
Add a limit range resource
2015-01-22 21:52:40 +00:00
func TestValidateLimitRange(t *testing.T) {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
spec := api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
},
Min: api.ResourceList{
Revert "LimitRange updates for Resource Requirements Requests"
2015-08-27 08:50:50 +00:00
api.ResourceCPU: resource.MustParse("0"),
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.ResourceMemory: resource.MustParse("100"),
},
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
Default: api.ResourceList{
api.ResourceCPU: resource.MustParse("50"),
api.ResourceMemory: resource.MustParse("500"),
},
},
},
}
invalidSpecDuplicateType := api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
},
Min: api.ResourceList{
api.ResourceCPU: resource.MustParse("0"),
api.ResourceMemory: resource.MustParse("100"),
},
},
{
Type: api.LimitTypePod,
Min: api.ResourceList{
api.ResourceCPU: resource.MustParse("0"),
api.ResourceMemory: resource.MustParse("100"),
},
},
},
}
invalidSpecRangeMaxLessThanMin := api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: api.ResourceList{
api.ResourceCPU: resource.MustParse("10"),
},
Min: api.ResourceList{
api.ResourceCPU: resource.MustParse("1000"),
},
},
},
}
invalidSpecRangeDefaultOutsideRange := api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: api.ResourceList{
api.ResourceCPU: resource.MustParse("1000"),
},
Min: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
},
Default: api.ResourceList{
api.ResourceCPU: resource.MustParse("2000"),
},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
},
},
}
Add a limit range resource
2015-01-22 21:52:40 +00:00
successCases := []api.LimitRange{
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
Spec: spec,
Add a limit range resource
2015-01-22 21:52:40 +00:00
},
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
Add a limit range resource
2015-01-22 21:52:40 +00:00
for _, successCase := range successCases {
if errs := ValidateLimitRange(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errorCases := map[string]struct {
R api.LimitRange
D string
}{
Add a limit range resource
2015-01-22 21:52:40 +00:00
"zero-length Name": {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "", Namespace: "foo"}, Spec: spec},
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
"name or generateName is required",
Add a limit range resource
2015-01-22 21:52:40 +00:00
},
"zero-length-namespace": {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: ""}, Spec: spec},
"",
},
"invalid Name": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "^Invalid", Namespace: "foo"}, Spec: spec},
expose common name validation methods
2015-06-09 12:53:30 +00:00
DNSSubdomainErrorMsg,
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
},
"invalid Namespace": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "^Invalid"}, Spec: spec},
expose common name validation methods
2015-06-09 12:53:30 +00:00
DNS1123LabelErrorMsg,
Add a limit range resource
2015-01-22 21:52:40 +00:00
},
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
"duplicate limit type": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidSpecDuplicateType},
"",
},
"min value 1k is greater than max value 10": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidSpecRangeMaxLessThanMin},
"min value 1k is greater than max value 10",
},
"invalid spec default outside range": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidSpecRangeDefaultOutsideRange},
"default value 2k is greater than max value 1k",
},
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
for k, v := range errorCases {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errs := ValidateLimitRange(&v.R)
Add a limit range resource
2015-01-22 21:52:40 +00:00
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
for i := range errs {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
detail := errs[i].(*errors.ValidationError).Detail
if detail != v.D {
t.Errorf("%s: expected error detail either empty or %s, got %s", k, v.D, detail)
}
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
}
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
func TestValidateResourceQuota(t *testing.T) {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
spec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
api.ResourcePods: resource.MustParse("10"),
api.ResourceServices: resource.MustParse("10"),
api.ResourceReplicationControllers: resource.MustParse("10"),
api.ResourceQuotas: resource.MustParse("10"),
},
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
successCases := []api.ResourceQuota{
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
Spec: spec,
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
},
}
for _, successCase := range successCases {
if errs := ValidateResourceQuota(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errorCases := map[string]struct {
R api.ResourceQuota
D string
}{
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
"zero-length Name": {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "", Namespace: "foo"}, Spec: spec},
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
"name or generateName is required",
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
"zero-length Namespace": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: ""}, Spec: spec},
"",
},
"invalid Name": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "^Invalid", Namespace: "foo"}, Spec: spec},
expose common name validation methods
2015-06-09 12:53:30 +00:00
DNSSubdomainErrorMsg,
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
},
"invalid Namespace": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "^Invalid"}, Spec: spec},
expose common name validation methods
2015-06-09 12:53:30 +00:00
DNS1123LabelErrorMsg,
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
},
}
for k, v := range errorCases {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errs := ValidateResourceQuota(&v.R)
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
for i := range errs {
field := errs[i].(*errors.ValidationError).Field
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
detail := errs[i].(*errors.ValidationError).Detail
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
if field != "metadata.name" && field != "metadata.namespace" {
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
t.Errorf("%s: missing prefix for: %v", k, field)
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
if detail != v.D {
t.Errorf("%s: expected error detail either empty or %s, got %s", k, v.D, detail)
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
}
}
}
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
func TestValidateNamespace(t *testing.T) {
validLabels := map[string]string{"a": "b"}
invalidLabels := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
successCases := []api.Namespace{
{
ObjectMeta: api.ObjectMeta{Name: "abc", Labels: validLabels},
},
{
ObjectMeta: api.ObjectMeta{Name: "abc-123"},
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"example.com/something", "example.com/other"},
},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
},
}
for _, successCase := range successCases {
if errs := ValidateNamespace(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := map[string]struct {
R api.Namespace
D string
}{
"zero-length name": {
api.Namespace{ObjectMeta: api.ObjectMeta{Name: ""}},
"",
},
"defined-namespace": {
api.Namespace{ObjectMeta: api.ObjectMeta{Name: "abc-123", Namespace: "makesnosense"}},
"",
},
"invalid-labels": {
api.Namespace{ObjectMeta: api.ObjectMeta{Name: "abc", Labels: invalidLabels}},
"",
},
}
for k, v := range errorCases {
errs := ValidateNamespace(&v.R)
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
}
}
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
func TestValidateNamespaceFinalizeUpdate(t *testing.T) {
tests := []struct {
oldNamespace api.Namespace
namespace api.Namespace
valid bool
}{
{api.Namespace{}, api.Namespace{}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"Foo"},
},
}, false},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"foo.com/bar"},
},
},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"foo.com/bar", "what.com/bar"},
},
}, true},
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "fooemptyfinalizer"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"foo.com/bar"},
},
},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "fooemptyfinalizer"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"", "foo.com/bar", "what.com/bar"},
},
}, false},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
}
for i, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.namespace.ObjectMeta.ResourceVersion = "1"
test.oldNamespace.ObjectMeta.ResourceVersion = "1"
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
errs := ValidateNamespaceFinalizeUpdate(&test.namespace, &test.oldNamespace)
if test.valid && len(errs) > 0 {
t.Errorf("%d: Unexpected error: %v", i, errs)
t.Logf("%#v vs %#v", test.oldNamespace, test.namespace)
}
if !test.valid && len(errs) == 0 {
t.Errorf("%d: Unexpected non-error", i)
}
}
}
func TestValidateNamespaceStatusUpdate(t *testing.T) {
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
now := util.Now()
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
tests := []struct {
oldNamespace api.Namespace
namespace api.Namespace
valid bool
}{
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
{api.Namespace{}, api.Namespace{
Status: api.NamespaceStatus{
Phase: api.NamespaceActive,
},
}, true},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
Name: "foo",
DeletionTimestamp: &now},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, true},
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, false},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "bar"},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, false},
}
for i, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.namespace.ObjectMeta.ResourceVersion = "1"
test.oldNamespace.ObjectMeta.ResourceVersion = "1"
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
errs := ValidateNamespaceStatusUpdate(&test.namespace, &test.oldNamespace)
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
if test.valid && len(errs) > 0 {
t.Errorf("%d: Unexpected error: %v", i, errs)
t.Logf("%#v vs %#v", test.oldNamespace.ObjectMeta, test.namespace.ObjectMeta)
}
if !test.valid && len(errs) == 0 {
t.Errorf("%d: Unexpected non-error", i)
}
}
}
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
func TestValidateNamespaceUpdate(t *testing.T) {
tests := []struct {
oldNamespace api.Namespace
namespace api.Namespace
valid bool
}{
{api.Namespace{}, api.Namespace{}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo1"}},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "bar1"},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
}, false},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo2",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "bar"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo2",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo3",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo3",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo4",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"bar": "foo"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo4",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo5",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo5",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"Foo": "baz"},
},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}, true},
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo6",
Labels: map[string]string{"foo": "baz"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo6",
Labels: map[string]string{"Foo": "baz"},
},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"kubernetes"},
},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, true},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
}
for i, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.namespace.ObjectMeta.ResourceVersion = "1"
test.oldNamespace.ObjectMeta.ResourceVersion = "1"
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
errs := ValidateNamespaceUpdate(&test.namespace, &test.oldNamespace)
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
if test.valid && len(errs) > 0 {
t.Errorf("%d: Unexpected error: %v", i, errs)
t.Logf("%#v vs %#v", test.oldNamespace.ObjectMeta, test.namespace.ObjectMeta)
}
if !test.valid && len(errs) == 0 {
t.Errorf("%d: Unexpected non-error", i)
}
}
}
Secret API resource
2015-02-18 01:24:50 +00:00
func TestValidateSecret(t *testing.T) {
Add ServiceAccountToken SecretType
2015-04-28 03:51:20 +00:00
// Opaque secret validation
Secret API resource
2015-02-18 01:24:50 +00:00
validSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Data: map[string][]byte{
Add secret volume plugin and e2e test
2015-02-18 01:26:41 +00:00
"data-1": []byte("bar"),
Secret API resource
2015-02-18 01:24:50 +00:00
},
}
}
var (
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
emptyName = validSecret()
invalidName = validSecret()
emptyNs = validSecret()
invalidNs = validSecret()
overMaxSize = validSecret()
invalidKey = validSecret()
leadingDotKey = validSecret()
dotKey = validSecret()
doubleDotKey = validSecret()
Secret API resource
2015-02-18 01:24:50 +00:00
)
emptyName.Name = ""
invalidName.Name = "NoUppercaseOrSpecialCharsLike=Equals"
emptyNs.Namespace = ""
invalidNs.Namespace = "NoUppercaseOrSpecialCharsLike=Equals"
overMaxSize.Data = map[string][]byte{
"over": make([]byte, api.MaxSecretSize+1),
}
Add secret volume plugin and e2e test
2015-02-18 01:26:41 +00:00
invalidKey.Data["a..b"] = []byte("whoops")
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
leadingDotKey.Data[".key"] = []byte("bar")
dotKey.Data["."] = []byte("bar")
doubleDotKey.Data[".."] = []byte("bar")
Secret API resource
2015-02-18 01:24:50 +00:00
Add ServiceAccountToken SecretType
2015-04-28 03:51:20 +00:00
// kubernetes.io/service-account-token secret validation
validServiceAccountTokenSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Namespace: "bar",
Annotations: map[string]string{
api.ServiceAccountNameKey: "foo",
},
},
Type: api.SecretTypeServiceAccountToken,
Data: map[string][]byte{
"data-1": []byte("bar"),
},
}
}
var (
emptyTokenAnnotation = validServiceAccountTokenSecret()
missingTokenAnnotation = validServiceAccountTokenSecret()
missingTokenAnnotations = validServiceAccountTokenSecret()
)
emptyTokenAnnotation.Annotations[api.ServiceAccountNameKey] = ""
delete(missingTokenAnnotation.Annotations, api.ServiceAccountNameKey)
missingTokenAnnotations.Annotations = nil
Secret API resource
2015-02-18 01:24:50 +00:00
tests := map[string]struct {
secret api.Secret
valid bool
}{
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
"valid": {validSecret(), true},
"empty name": {emptyName, false},
"invalid name": {invalidName, false},
"empty namespace": {emptyNs, false},
"invalid namespace": {invalidNs, false},
"over max size": {overMaxSize, false},
"invalid key": {invalidKey, false},
Add ServiceAccountToken SecretType
2015-04-28 03:51:20 +00:00
"valid service-account-token secret": {validServiceAccountTokenSecret(), true},
"empty service-account-token annotation": {emptyTokenAnnotation, false},
"missing service-account-token annotation": {missingTokenAnnotation, false},
"missing service-account-token annotations": {missingTokenAnnotations, false},
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
"leading dot key": {leadingDotKey, true},
"dot key": {dotKey, false},
"double dot key": {doubleDotKey, false},
Secret API resource
2015-02-18 01:24:50 +00:00
}
for name, tc := range tests {
errs := ValidateSecret(&tc.secret)
add dockercfg secret types
2015-05-06 14:09:18 +00:00
if tc.valid && len(errs) > 0 {
t.Errorf("%v: Unexpected error: %v", name, errs)
}
if !tc.valid && len(errs) == 0 {
t.Errorf("%v: Unexpected non-error", name)
}
}
}
func TestValidateDockerConfigSecret(t *testing.T) {
validDockerSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Type: api.SecretTypeDockercfg,
Data: map[string][]byte{
api.DockerConfigKey: []byte(`{"https://index.docker.io/v1/": {"auth": "Y2x1ZWRyb29sZXIwMDAxOnBhc3N3b3Jk","email": "fake@example.com"}}`),
},
}
}
var (
missingDockerConfigKey = validDockerSecret()
emptyDockerConfigKey = validDockerSecret()
invalidDockerConfigKey = validDockerSecret()
)
delete(missingDockerConfigKey.Data, api.DockerConfigKey)
emptyDockerConfigKey.Data[api.DockerConfigKey] = []byte("")
invalidDockerConfigKey.Data[api.DockerConfigKey] = []byte("bad")
tests := map[string]struct {
secret api.Secret
valid bool
}{
"valid": {validDockerSecret(), true},
"missing dockercfg": {missingDockerConfigKey, false},
"empty dockercfg": {emptyDockerConfigKey, false},
"invalid dockercfg": {invalidDockerConfigKey, false},
}
for name, tc := range tests {
errs := ValidateSecret(&tc.secret)
Secret API resource
2015-02-18 01:24:50 +00:00
if tc.valid && len(errs) > 0 {
t.Errorf("%v: Unexpected error: %v", name, errs)
}
if !tc.valid && len(errs) == 0 {
t.Errorf("%v: Unexpected non-error", name)
}
}
}
Implement multi-port endpoints Instead of endpoints being a flat list, it is now a list of "subsets" where each is a struct of {Addresses, Ports}. To generate the list of endpoints you need to take union of the Cartesian products of the subsets. This is compact in the vast majority of cases, yet still represents named ports and corner cases (e.g. each pod has a different port number). This also stores subsets in a deterministic order (sorted by hash) to avoid spurious updates and comparison problems. This is a fully compatible change - old objects and clients will keepworking as long as they don't need the new functionality. This is the prep for multi-port Services, which will add API to produce endpoints in this new structure.
2015-03-20 21:24:43 +00:00
func TestValidateEndpoints(t *testing.T) {
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
successCases := map[string]api.Endpoints{
"simple endpoint": {
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}, {IP: "10.10.2.2"}},
Ports: []api.EndpointPort{{Name: "a", Port: 8675, Protocol: "TCP"}, {Name: "b", Port: 309, Protocol: "TCP"}},
},
{
Addresses: []api.EndpointAddress{{IP: "10.10.3.3"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}, {Name: "b", Port: 76, Protocol: "TCP"}},
},
},
},
"empty subsets": {
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
},
"no name required for singleton port": {
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Port: 8675, Protocol: "TCP"}},
},
},
},
}
for k, v := range successCases {
if errs := ValidateEndpoints(&v); len(errs) != 0 {
t.Errorf("Expected success for %s, got %v", k, errs)
}
}
errorCases := map[string]struct {
endpoints api.Endpoints
errorType fielderrors.ValidationErrorType
errorDetail string
}{
"missing namespace": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Name: "mysvc"}},
errorType: "FieldValueRequired",
},
"missing name": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Namespace: "namespace"}},
errorType: "FieldValueRequired",
},
"invalid namespace": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "no@#invalid.;chars\"allowed"}},
errorType: "FieldValueInvalid",
expose common name validation methods
2015-06-09 12:53:30 +00:00
errorDetail: DNS1123LabelErrorMsg,
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"invalid name": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Name: "-_Invliad^&Characters", Namespace: "namespace"}},
errorType: "FieldValueInvalid",
expose common name validation methods
2015-06-09 12:53:30 +00:00
errorDetail: DNSSubdomainErrorMsg,
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"empty addresses": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueRequired",
},
"empty ports": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.3.3"}},
},
},
},
errorType: "FieldValueRequired",
},
"invalid IP": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "2001:0db8:85a3:0042:1000:8a2e:0370:7334"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "invalid IPv4 address",
},
"Multiple ports, one without name": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Port: 8675, Protocol: "TCP"}, {Name: "b", Port: 309, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueRequired",
},
"Invalid port number": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Port: 66000, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: portRangeErrorMsg,
},
"Invalid protocol": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "Protocol"}},
},
},
},
errorType: "FieldValueNotSupported",
},
"Address missing IP": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "invalid IPv4 address",
},
"Port missing number": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: portRangeErrorMsg,
},
"Port missing protocol": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93}},
},
},
},
errorType: "FieldValueRequired",
},
Check loopback and link-local multicast endpoints Previously we just disallowed link-local (unicast). This disallows loopback and link-local multicast.
2015-07-04 04:05:15 +00:00
"Address is loopback": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "127.0.0.1"}},
Ports: []api.EndpointPort{{Name: "p", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "loopback",
},
Don't allow link-local Endpoints
2015-06-03 04:49:51 +00:00
"Address is link-local": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "169.254.169.254"}},
Ports: []api.EndpointPort{{Name: "p", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "link-local",
},
Check loopback and link-local multicast endpoints Previously we just disallowed link-local (unicast). This disallows loopback and link-local multicast.
2015-07-04 04:05:15 +00:00
"Address is link-local multicast": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "224.0.0.1"}},
Ports: []api.EndpointPort{{Name: "p", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "link-local multicast",
},
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
}
for k, v := range errorCases {
Don't allow link-local Endpoints
2015-06-03 04:49:51 +00:00
if errs := ValidateEndpoints(&v.endpoints); len(errs) == 0 || errs[0].(*errors.ValidationError).Type != v.errorType || !strings.Contains(errs[0].(*errors.ValidationError).Detail, v.errorDetail) {
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
t.Errorf("Expected error type %s with detail %s for %s, got %v", v.errorType, v.errorDetail, k, errs)
}
}
Implement multi-port endpoints Instead of endpoints being a flat list, it is now a list of "subsets" where each is a struct of {Addresses, Ports}. To generate the list of endpoints you need to take union of the Cartesian products of the subsets. This is compact in the vast majority of cases, yet still represents named ports and corner cases (e.g. each pod has a different port number). This also stores subsets in a deterministic order (sorted by hash) to avoid spurious updates and comparison problems. This is a fully compatible change - old objects and clients will keepworking as long as they don't need the new functionality. This is the prep for multi-port Services, which will add API to produce endpoints in this new structure.
2015-03-20 21:24:43 +00:00
}
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
func TestValidateSecurityContext(t *testing.T) {
priv := false
var runAsUser int64 = 1
fullValidSC := func() *api.SecurityContext {
return &api.SecurityContext{
Privileged: &priv,
Capabilities: &api.Capabilities{
rename CapabilityType Capability
2015-05-18 20:37:10 +00:00
Add: []api.Capability{"foo"},
Drop: []api.Capability{"bar"},
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
},
SELinuxOptions: &api.SELinuxOptions{
User: "user",
Role: "role",
Type: "type",
Level: "level",
},
RunAsUser: &runAsUser,
}
}
//setup data
allSettings := fullValidSC()
noCaps := fullValidSC()
noCaps.Capabilities = nil
noSELinux := fullValidSC()
noSELinux.SELinuxOptions = nil
noPrivRequest := fullValidSC()
noPrivRequest.Privileged = nil
noRunAsUser := fullValidSC()
noRunAsUser.RunAsUser = nil
successCases := map[string]struct {
sc *api.SecurityContext
}{
"all settings": {allSettings},
"no capabilities": {noCaps},
"no selinux": {noSELinux},
"no priv request": {noPrivRequest},
"no run as user": {noRunAsUser},
}
for k, v := range successCases {
if errs := ValidateSecurityContext(v.sc); len(errs) != 0 {
t.Errorf("Expected success for %s, got %v", k, errs)
}
}
privRequestWithGlobalDeny := fullValidSC()
requestPrivileged := true
privRequestWithGlobalDeny.Privileged = &requestPrivileged
negativeRunAsUser := fullValidSC()
var negativeUser int64 = -1
negativeRunAsUser.RunAsUser = &negativeUser
errorCases := map[string]struct {
sc *api.SecurityContext
errorType fielderrors.ValidationErrorType
errorDetail string
}{
"request privileged when capabilities forbids": {
sc: privRequestWithGlobalDeny,
errorType: "FieldValueForbidden",
errorDetail: "",
},
"negative RunAsUser": {
sc: negativeRunAsUser,
errorType: "FieldValueInvalid",
errorDetail: "runAsUser cannot be negative",
},
}
for k, v := range errorCases {
if errs := ValidateSecurityContext(v.sc); len(errs) == 0 || errs[0].(*errors.ValidationError).Type != v.errorType || errs[0].(*errors.ValidationError).Detail != v.errorDetail {
t.Errorf("Expected error type %s with detail %s for %s, got %v", v.errorType, v.errorDetail, k, errs)
}
}
}
func fakeValidSecurityContext(priv bool) *api.SecurityContext {
return &api.SecurityContext{
Privileged: &priv,
}
}