github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/pkg/api/validation/validation_test.go

6374 lines
189 KiB
Go
Raw Normal View History

First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
/*
Make copyright ownership statement generic Instead of saying "Google Inc." (which is not always correct) say "The Kubernetes Authors", which is generic.
2015-05-01 16:19:44 +00:00
Copyright 2014 The Kubernetes Authors All rights reserved.
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
Split api into api, api/common, api/validation & apitools
2014-08-29 22:48:41 +00:00
package validation
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
import (
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
"math/rand"
Add liveness/readiness probe parameters - PeriodSeconds - How often to probe - SuccessThreshold - Number of successful probes to go from failure to success state - FailureThreshold - Number of failing probes to go from success to failure state This commit includes to changes in behavior: 1. InitialDelaySeconds now defaults to 10 seconds, rather than the kubelet sync interval (although that also defaults to 10 seconds). 2. Prober only retries on probe error, not failure. To compensate, the default FailureThreshold is set to the maxRetries, 3.
2015-11-05 23:38:46 +00:00
"reflect"
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
"strings"
"testing"
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
"time"
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
rewrite go imports
2015-08-05 22:03:47 +00:00
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/api/resource"
LB Source Ranges: Move validation into API layer Had to move other things around too to avoid a weird api -> cloudprovider dependency. Also adding fixes per code reviews. (This is a squash of the previously approved commits)
2016-03-01 01:56:39 +00:00
"k8s.io/kubernetes/pkg/api/service"
rewrite go imports
2015-08-05 22:03:47 +00:00
"k8s.io/kubernetes/pkg/api/testapi"
Move pkg/util.Time to pkg/api/unversioned.Time Along with our time.Duration wrapper, as suggested by @lavalamp.
2015-09-17 22:21:55 +00:00
"k8s.io/kubernetes/pkg/api/unversioned"
rewrite go imports
2015-08-05 22:03:47 +00:00
"k8s.io/kubernetes/pkg/capabilities"
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
"k8s.io/kubernetes/pkg/util/intstr"
Move util.StringSet into its own package A lot of packages use StringSet, but they don't use anything else from the util package. Moving StringSet into another package will shrink their dependency trees significantly.
2015-09-09 17:45:01 +00:00
"k8s.io/kubernetes/pkg/util/sets"
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
"k8s.io/kubernetes/pkg/util/validation/field"
First piece of validation I'm adding pieces incrementally to make sure we get full testing of each piece. Make syncLoop() private
2014-07-01 20:01:39 +00:00
)
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
func expectPrefix(t *testing.T, prefix string, errs field.ErrorList) {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
if f, p := errs[i].Field, prefix; !strings.HasPrefix(f, p) {
fix error message in validation test
2014-10-07 20:54:41 +00:00
t.Errorf("expected prefix '%s' for field '%s' (%v)", p, f, errs[i])
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
}
}
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
// Ensure custom name functions are allowed
func TestValidateObjectMetaCustomName(t *testing.T) {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
errs := ValidateObjectMeta(
&api.ObjectMeta{Name: "test", GenerateName: "foo"},
false,
Make name validators return string slices
2015-12-16 06:03:20 +00:00
func(s string, prefix bool) []string {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
if s == "test" {
Make name validators return string slices
2015-12-16 06:03:20 +00:00
return nil
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
}
Make name validators return string slices
2015-12-16 06:03:20 +00:00
return []string{"name-gen"}
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"))
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
if len(errs) != 1 {
t.Fatalf("unexpected errors: %v", errs)
}
if !strings.Contains(errs[0].Error(), "name-gen") {
t.Errorf("unexpected error message: %v", errs)
}
}
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
// Ensure namespace names follow dns label format
func TestValidateObjectMetaNamespaces(t *testing.T) {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
errs := ValidateObjectMeta(
&api.ObjectMeta{Name: "test", Namespace: "foo.bar"},
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
true,
Make name validators return string slices
2015-12-16 06:03:20 +00:00
func(s string, prefix bool) []string {
return nil
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"))
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
if len(errs) != 1 {
t.Fatalf("unexpected errors: %v", errs)
}
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
if !strings.Contains(errs[0].Error(), `Invalid value: "foo.bar"`) {
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
t.Errorf("unexpected error message: %v", errs)
}
maxLength := 63
letters := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
b := make([]rune, maxLength+1)
for i := range b {
b[i] = letters[rand.Intn(len(letters))]
}
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
errs = ValidateObjectMeta(
&api.ObjectMeta{Name: "test", Namespace: string(b)},
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
true,
Make name validators return string slices
2015-12-16 06:03:20 +00:00
func(s string, prefix bool) []string {
return nil
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"))
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
if len(errs) != 2 {
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
t.Fatalf("unexpected errors: %v", errs)
}
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
if !strings.Contains(errs[0].Error(), "Invalid value") || !strings.Contains(errs[1].Error(), "Invalid value") {
Updating namespaces to be DNS labels instead of DNS names.
2015-05-12 22:13:03 +00:00
t.Errorf("unexpected error message: %v", errs)
}
}
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
func TestValidateObjectMetaOwnerReferences(t *testing.T) {
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
trueVar := true
falseVar := false
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
testCases := []struct {
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
description string
ownerReferences []api.OwnerReference
expectError bool
expectedErrorMessage string
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
}{
{
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
description: "simple success - third party extension.",
ownerReferences: []api.OwnerReference{
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "1",
},
},
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
expectError: false,
expectedErrorMessage: "",
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
},
{
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
description: "simple failures - event shouldn't be set as an owner",
ownerReferences: []api.OwnerReference{
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
{
APIVersion: "v1",
Kind: "Event",
Name: "name",
UID: "1",
},
},
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
expectError: true,
expectedErrorMessage: "is disallowed from being an owner",
},
{
description: "simple controller ref success - one reference with Controller set",
ownerReferences: []api.OwnerReference{
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "1",
Controller: &falseVar,
},
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "2",
Controller: &trueVar,
},
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "3",
Controller: &falseVar,
},
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "4",
},
},
expectError: false,
expectedErrorMessage: "",
},
{
description: "simple controller ref failure - two references with Controller set",
ownerReferences: []api.OwnerReference{
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "1",
Controller: &falseVar,
},
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "2",
Controller: &trueVar,
},
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "3",
Controller: &trueVar,
},
{
APIVersion: "thirdpartyVersion",
Kind: "thirdpartyKind",
Name: "name",
UID: "4",
},
},
expectError: true,
expectedErrorMessage: "Only one reference can have Controller set to true",
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
},
}
for _, tc := range testCases {
errs := ValidateObjectMeta(
&api.ObjectMeta{Name: "test", Namespace: "test", OwnerReferences: tc.ownerReferences},
true,
Make name validators return string slices
2015-12-16 06:03:20 +00:00
func(s string, prefix bool) []string {
return nil
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
},
field.NewPath("field"))
if len(errs) != 0 && !tc.expectError {
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
t.Errorf("unexpected error: %v in test case %v", errs, tc.description)
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
}
if len(errs) == 0 && tc.expectError {
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
t.Errorf("expect error in test case %v", tc.description)
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
}
Add Controller field to OwnerReference
2016-05-11 11:42:17 +00:00
if len(errs) != 0 && !strings.Contains(errs[0].Error(), tc.expectedErrorMessage) {
t.Errorf("unexpected error message: %v in test case %v", errs, tc.description)
API changes for finalizers and system-wide garbage collector
2016-04-06 17:16:15 +00:00
}
}
}
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
func TestValidateObjectMetaUpdateIgnoresCreationTimestamp(t *testing.T) {
if errs := ValidateObjectMetaUpdate(
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1"},
Move pkg/util.Time to pkg/api/unversioned.Time Along with our time.Duration wrapper, as suggested by @lavalamp.
2015-09-17 22:21:55 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: unversioned.NewTime(time.Unix(10, 0))},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"),
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
); len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
if errs := ValidateObjectMetaUpdate(
Move pkg/util.Time to pkg/api/unversioned.Time Along with our time.Duration wrapper, as suggested by @lavalamp.
2015-09-17 22:21:55 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: unversioned.NewTime(time.Unix(10, 0))},
Improve signature consistency for ValidateObjectMetaUpdate Fixes #9340 Signed-off-by: Jason Sommer <jsdirv@gmail.com>
2015-06-08 07:56:22 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1"},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"),
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
); len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
if errs := ValidateObjectMetaUpdate(
Move pkg/util.Time to pkg/api/unversioned.Time Along with our time.Duration wrapper, as suggested by @lavalamp.
2015-09-17 22:21:55 +00:00
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: unversioned.NewTime(time.Unix(10, 0))},
&api.ObjectMeta{Name: "test", ResourceVersion: "1", CreationTimestamp: unversioned.NewTime(time.Unix(11, 0))},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"),
Ignore changes to creation timestamp from clients on update CreationTimestamp is not an authoritative field (like UID) so mismatches can be safely ignored.
2015-03-09 16:04:35 +00:00
); len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
}
Validate deletion timestamp doesn't change on update
2016-04-28 15:50:48 +00:00
func TestValidateObjectMetaUpdatePreventsDeletionFieldMutation(t *testing.T) {
now := unversioned.NewTime(time.Unix(1000, 0).UTC())
later := unversioned.NewTime(time.Unix(2000, 0).UTC())
gracePeriodShort := int64(30)
gracePeriodLong := int64(40)
testcases := map[string]struct {
Old api.ObjectMeta
New api.ObjectMeta
ExpectedNew api.ObjectMeta
ExpectedErrs []string
}{
"valid without deletion fields": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
ExpectedErrs: []string{},
},
"valid with deletion fields": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &gracePeriodShort},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &gracePeriodShort},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &gracePeriodShort},
ExpectedErrs: []string{},
},
"invalid set deletionTimestamp": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now},
ExpectedErrs: []string{"field.deletionTimestamp: Invalid value: \"1970-01-01T00:16:40Z\": field is immutable; may only be changed via deletion"},
},
"invalid clear deletionTimestamp": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now},
ExpectedErrs: []string{}, // no errors, validation copies the old value
},
"invalid change deletionTimestamp": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &later},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionTimestamp: &now},
ExpectedErrs: []string{}, // no errors, validation copies the old value
},
"invalid set deletionGracePeriodSeconds": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodShort},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodShort},
ExpectedErrs: []string{"field.deletionGracePeriodSeconds: Invalid value: 30: field is immutable; may only be changed via deletion"},
},
"invalid clear deletionGracePeriodSeconds": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodShort},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1"},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodShort},
ExpectedErrs: []string{}, // no errors, validation copies the old value
},
"invalid change deletionGracePeriodSeconds": {
Old: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodShort},
New: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodLong},
ExpectedNew: api.ObjectMeta{Name: "test", ResourceVersion: "1", DeletionGracePeriodSeconds: &gracePeriodLong},
ExpectedErrs: []string{"field.deletionGracePeriodSeconds: Invalid value: 40: field is immutable; may only be changed via deletion"},
},
}
for k, tc := range testcases {
errs := ValidateObjectMetaUpdate(&tc.New, &tc.Old, field.NewPath("field"))
if len(errs) != len(tc.ExpectedErrs) {
t.Logf("%s: Expected: %#v", k, tc.ExpectedErrs)
t.Logf("%s: Got: %#v", k, errs)
t.Errorf("%s: expected %d errors, got %d", k, len(tc.ExpectedErrs), len(errs))
continue
}
for i := range errs {
if errs[i].Error() != tc.ExpectedErrs[i] {
t.Errorf("%s: error #%d: expected %q, got %q", k, i, tc.ExpectedErrs[i], errs[i].Error())
}
}
if !reflect.DeepEqual(tc.New, tc.ExpectedNew) {
t.Errorf("%s: Expected after validation:\n%#v\ngot\n%#v", k, tc.ExpectedNew, tc.New)
}
}
}
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
// Ensure trailing slash is allowed in generate name
func TestValidateObjectMetaTrimsTrailingSlash(t *testing.T) {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
errs := ValidateObjectMeta(
&api.ObjectMeta{Name: "test", GenerateName: "foo-"},
false,
NameIsDNSSubdomain,
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.NewPath("field"))
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
if len(errs) != 0 {
t.Fatalf("unexpected errors: %v", errs)
}
}
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
func TestValidateAnnotations(t *testing.T) {
successCases := []map[string]string{
{"simple": "bar"},
{"now-with-dashes": "bar"},
{"1-starts-with-num": "bar"},
{"1234": "bar"},
{"simple/simple": "bar"},
{"now-with-dashes/simple": "bar"},
{"now-with-dashes/now-with-dashes": "bar"},
{"now.with.dots/simple": "bar"},
{"now-with.dashes-and.dots/simple": "bar"},
{"1-num.2-num/3-num": "bar"},
{"1234/5678": "bar"},
{"1.2.3.4/5678": "bar"},
{"UpperCase123": "bar"},
Increase the annotation size limit to 256k
2015-10-21 22:22:47 +00:00
{"a": strings.Repeat("b", totalAnnotationSizeLimitB-1)},
apply comments
2015-03-02 13:41:13 +00:00
{
Increase the annotation size limit to 256k
2015-10-21 22:22:47 +00:00
"a": strings.Repeat("b", totalAnnotationSizeLimitB/2-1),
"c": strings.Repeat("d", totalAnnotationSizeLimitB/2-1),
apply comments
2015-03-02 13:41:13 +00:00
},
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
}
for i := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
errs := ValidateAnnotations(successCases[i], field.NewPath("field"))
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
if len(errs) != 0 {
t.Errorf("case[%d] expected success, got %#v", i, errs)
}
}
apply comments
2015-03-02 13:41:13 +00:00
Make IsQualifiedName return error strings
2015-12-16 05:28:42 +00:00
nameErrorCases := []struct {
annotations map[string]string
expect string
}{
{map[string]string{"nospecialchars^=@": "bar"}, "must match the regex"},
{map[string]string{"cantendwithadash-": "bar"}, "must match the regex"},
{map[string]string{"only/one/slash": "bar"}, "must match the regex"},
{map[string]string{strings.Repeat("a", 254): "bar"}, "must be no more than"},
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
}
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
for i := range nameErrorCases {
Make IsQualifiedName return error strings
2015-12-16 05:28:42 +00:00
errs := ValidateAnnotations(nameErrorCases[i].annotations, field.NewPath("field"))
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
if len(errs) != 1 {
Make IsQualifiedName return error strings
2015-12-16 05:28:42 +00:00
t.Errorf("case[%d]: expected failure", i)
} else {
if !strings.Contains(errs[0].Detail, nameErrorCases[i].expect) {
t.Errorf("case[%d]: error details do not include %q: %q", i, nameErrorCases[i].expect, errs[0].Detail)
}
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}
}
apply comments
2015-03-02 13:41:13 +00:00
totalSizeErrorCases := []map[string]string{
Increase the annotation size limit to 256k
2015-10-21 22:22:47 +00:00
{"a": strings.Repeat("b", totalAnnotationSizeLimitB)},
apply comments
2015-03-02 13:41:13 +00:00
{
Increase the annotation size limit to 256k
2015-10-21 22:22:47 +00:00
"a": strings.Repeat("b", totalAnnotationSizeLimitB/2),
"c": strings.Repeat("d", totalAnnotationSizeLimitB/2),
apply comments
2015-03-02 13:41:13 +00:00
},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}
apply comments
2015-03-02 13:41:13 +00:00
for i := range totalSizeErrorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
errs := ValidateAnnotations(totalSizeErrorCases[i], field.NewPath("field"))
Slightly relax annotation validation The more aggressive validation on annotations broke openshift (and backwards compat for our data). This change relaxes to allow mixed case so we can continue working in the short term, try to see if we can agree on relaxation, and if we can't, apply the stronger validation here.
2015-02-02 00:03:04 +00:00
if len(errs) != 1 {
t.Errorf("case[%d] expected failure", i)
}
}
}
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
func testVolume(name string, namespace string, spec api.PersistentVolumeSpec) *api.PersistentVolume {
objMeta := api.ObjectMeta{Name: name}
if namespace != "" {
objMeta.Namespace = namespace
}
return &api.PersistentVolume{
ObjectMeta: objMeta,
Spec: spec,
}
}
func TestValidatePersistentVolumes(t *testing.T) {
scenarios := map[string]struct {
isExpectedFailure bool
volume *api.PersistentVolume
}{
"good-volume": {
isExpectedFailure: false,
volume: testVolume("foo", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
added validation for AccessModes
2015-07-24 19:55:54 +00:00
"invalid-accessmode": {
isExpectedFailure: true,
volume: testVolume("foo", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
AccessModes: []api.PersistentVolumeAccessMode{"fakemode"},
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
"unexpected-namespace": {
isExpectedFailure: true,
volume: testVolume("foo", "unexpected-namespace", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
"bad-name": {
isExpectedFailure: true,
volume: testVolume("123*Bad(Name", "unexpected-namespace", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
Bi-directional bind between pv.Spec.ClaimRef and pvc.Spec.VolumeName
2015-05-13 00:44:29 +00:00
}),
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
},
"missing-name": {
isExpectedFailure: true,
volume: testVolume("", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{api.ReadWriteOnce},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
}),
},
"missing-capacity": {
isExpectedFailure: true,
volume: testVolume("foo", "", api.PersistentVolumeSpec{}),
},
Bi-directional bind between pv.Spec.ClaimRef and pvc.Spec.VolumeName
2015-05-13 00:44:29 +00:00
"missing-accessmodes": {
isExpectedFailure: true,
volume: testVolume("goodname", "missing-accessmodes", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
},
}),
},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
"too-many-sources": {
isExpectedFailure: true,
volume: testVolume("", "", api.PersistentVolumeSpec{
Capacity: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("5G"),
},
PersistentVolumeSource: api.PersistentVolumeSource{
HostPath: &api.HostPathVolumeSource{Path: "/foo"},
GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "foo", FSType: "ext4"},
},
}),
},
}
for name, scenario := range scenarios {
errs := ValidatePersistentVolume(scenario.volume)
if len(errs) == 0 && scenario.isExpectedFailure {
t.Errorf("Unexpected success for scenario: %s", name)
}
if len(errs) > 0 && !scenario.isExpectedFailure {
t.Errorf("Unexpected failure for scenario: %s - %+v", name, errs)
}
}
}
func testVolumeClaim(name string, namespace string, spec api.PersistentVolumeClaimSpec) *api.PersistentVolumeClaim {
return &api.PersistentVolumeClaim{
ObjectMeta: api.ObjectMeta{Name: name, Namespace: namespace},
Spec: spec,
}
}
func TestValidatePersistentVolumeClaim(t *testing.T) {
scenarios := map[string]struct {
isExpectedFailure bool
claim *api.PersistentVolumeClaim
}{
"good-claim": {
isExpectedFailure: false,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Add selector to PersistentVolumeClaim
2016-05-07 03:18:54 +00:00
Selector: &unversioned.LabelSelector{
MatchExpressions: []unversioned.LabelSelectorRequirement{
{
Key: "key2",
Operator: "Exists",
},
},
},
AccessModes: []api.PersistentVolumeAccessMode{
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"invalid-label-selector": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Selector: &unversioned.LabelSelector{
MatchExpressions: []unversioned.LabelSelectorRequirement{
{
Key: "key2",
Operator: "InvalidOp",
Values: []string{"value1", "value2"},
},
},
},
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
added validation for AccessModes
2015-07-24 19:55:54 +00:00
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"invalid-accessmode": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
AccessModes: []api.PersistentVolumeAccessMode{"fakemode"},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"missing-namespace": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"no-access-modes": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
}),
},
"no-resource-requests": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
api.ReadWriteOnce,
},
}),
},
changed claimed validation from length check to specific storage check
2015-03-31 15:37:09 +00:00
"invalid-resource-requests": {
isExpectedFailure: true,
claim: testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
Rename AccessMode to PersistentVolumeAccessMode
2015-05-18 20:22:30 +00:00
AccessModes: []api.PersistentVolumeAccessMode{
changed claimed validation from length check to specific storage check
2015-03-31 15:37:09 +00:00
api.ReadWriteOnce,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
}),
},
PersistentVolume & PersistentVolumeClaim API types
2015-03-23 18:18:11 +00:00
}
for name, scenario := range scenarios {
errs := ValidatePersistentVolumeClaim(scenario.claim)
if len(errs) == 0 && scenario.isExpectedFailure {
t.Errorf("Unexpected success for scenario: %s", name)
}
if len(errs) > 0 && !scenario.isExpectedFailure {
t.Errorf("Unexpected failure for scenario: %s - %+v", name, errs)
}
}
}
Improve persistent volume claim validation
2016-02-09 20:28:37 +00:00
func TestValidatePersistentVolumeClaimUpdate(t *testing.T) {
validClaim := testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
AccessModes: []api.PersistentVolumeAccessMode{
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
})
validUpdateClaim := testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
AccessModes: []api.PersistentVolumeAccessMode{
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
VolumeName: "volume",
})
invalidUpdateClaimResources := testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
AccessModes: []api.PersistentVolumeAccessMode{
api.ReadWriteOnce,
api.ReadOnlyMany,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("20G"),
},
},
VolumeName: "volume",
})
invalidUpdateClaimAccessModes := testVolumeClaim("foo", "ns", api.PersistentVolumeClaimSpec{
AccessModes: []api.PersistentVolumeAccessMode{
api.ReadWriteOnce,
},
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceStorage): resource.MustParse("10G"),
},
},
VolumeName: "volume",
})
scenarios := map[string]struct {
isExpectedFailure bool
oldClaim *api.PersistentVolumeClaim
newClaim *api.PersistentVolumeClaim
}{
"valid-update": {
isExpectedFailure: false,
oldClaim: validClaim,
newClaim: validUpdateClaim,
},
"invalid-update-change-resources-on-bound-claim": {
isExpectedFailure: true,
oldClaim: validUpdateClaim,
newClaim: invalidUpdateClaimResources,
},
"invalid-update-change-access-modes-on-bound-claim": {
isExpectedFailure: true,
oldClaim: validUpdateClaim,
newClaim: invalidUpdateClaimAccessModes,
},
}
for name, scenario := range scenarios {
// ensure we have a resource version specified for updates
scenario.oldClaim.ResourceVersion = "1"
scenario.newClaim.ResourceVersion = "1"
errs := ValidatePersistentVolumeClaimUpdate(scenario.newClaim, scenario.oldClaim)
if len(errs) == 0 && scenario.isExpectedFailure {
t.Errorf("Unexpected success for scenario: %s", name)
}
if len(errs) > 0 && !scenario.isExpectedFailure {
t.Errorf("Unexpected failure for scenario: %s - %+v", name, errs)
}
}
}
Add validation of Volumes
2014-07-01 21:40:36 +00:00
func TestValidateVolumes(t *testing.T) {
Fix the rest of the code
2016-04-27 04:35:14 +00:00
lun := int32(1)
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.Volume{
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
{Name: "abc", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/mnt/path1"}}},
{Name: "123", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/mnt/path2"}}},
{Name: "abc-123", VolumeSource: api.VolumeSource{HostPath: &api.HostPathVolumeSource{Path: "/mnt/path3"}}},
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
{Name: "empty", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
{Name: "gcepd", VolumeSource: api.VolumeSource{GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}},
{Name: "awsebs", VolumeSource: api.VolumeSource{AWSElasticBlockStore: &api.AWSElasticBlockStoreVolumeSource{VolumeID: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}},
Add directory in GitRepo and updated tests. Update validate and gitRepo Update generated code
2015-10-10 10:10:45 +00:00
{Name: "gitrepo", VolumeSource: api.VolumeSource{GitRepo: &api.GitRepoVolumeSource{Repository: "my-repo", Revision: "hashstring", Directory: "target"}}},
{Name: "gitrepodot", VolumeSource: api.VolumeSource{GitRepo: &api.GitRepoVolumeSource{Repository: "my-repo", Directory: "."}}},
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
{Name: "iscsidisk", VolumeSource: api.VolumeSource{ISCSI: &api.ISCSIVolumeSource{TargetPortal: "127.0.0.1", IQN: "iqn.2015-02.example.com:test", Lun: 1, FSType: "ext4", ReadOnly: false}}},
{Name: "secret", VolumeSource: api.VolumeSource{Secret: &api.SecretVolumeSource{SecretName: "my-secret"}}},
{Name: "glusterfs", VolumeSource: api.VolumeSource{Glusterfs: &api.GlusterfsVolumeSource{EndpointsName: "host1", Path: "path", ReadOnly: false}}},
Add flocker volume plugin Flocker [1] is an open-source container data volume manager for Dockerized applications. This PR adds a volume plugin for Flocker. The plugin interfaces the Flocker Control Service REST API [2] to attachment attach the volume to the pod. Each kubelet host should run Flocker agents (Container Agent and Dataset Agent). The kubelet will also require environment variables that contain the host and port of the Flocker Control Service. (see Flocker architecture [3] for more). - `FLOCKER_CONTROL_SERVICE_HOST` - `FLOCKER_CONTROL_SERVICE_PORT` The contribution introduces a new 'flocker' volume type to the API with fields: - `datasetName`: which indicates the name of the dataset in Flocker added to metadata; - `size`: a human-readable number that indicates the maximum size of the requested dataset. Full documentation can be found docs/user-guide/volumes.md and examples can be found at the examples/ folder [1] https://clusterhq.com/flocker/introduction/ [2] https://docs.clusterhq.com/en/1.3.1/reference/api.html [3] https://docs.clusterhq.com/en/1.3.1/concepts/architecture.html
2015-09-25 19:22:23 +00:00
{Name: "flocker", VolumeSource: api.VolumeSource{Flocker: &api.FlockerVolumeSource{DatasetName: "datasetName"}}},
add rados block device(rbd) volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-07 17:22:23 +00:00
{Name: "rbd", VolumeSource: api.VolumeSource{RBD: &api.RBDVolumeSource{CephMonitors: []string{"foo"}, RBDImage: "bar", FSType: "ext4"}}},
Fixing all the "composite literal uses unkeyed fields" Vet errors.
2016-03-23 23:45:24 +00:00
{Name: "cinder", VolumeSource: api.VolumeSource{Cinder: &api.CinderVolumeSource{VolumeID: "29ea5088-4f60-4757-962e-dba678767887", FSType: "ext4", ReadOnly: false}}},
implement Ceph FS volume plugin and add to e2e volume test Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-09 18:05:24 +00:00
{Name: "cephfs", VolumeSource: api.VolumeSource{CephFS: &api.CephFSVolumeSource{Monitors: []string{"foo"}}}},
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
{Name: "downwardapi", VolumeSource: api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "labels", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "annotations", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.annotations"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "namespace", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.namespace"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "name", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.name"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "path/withslash/andslash", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "path/./withdot", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "path/with..dot", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "second-level-dirent-can-have/..dot", FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
{Path: "cpu_limit", ResourceFieldRef: &api.ResourceFieldSelector{
ContainerName: "test-container",
Resource: "limits.cpu"}},
{Path: "cpu_request", ResourceFieldRef: &api.ResourceFieldSelector{
ContainerName: "test-container",
Resource: "requests.cpu"}},
{Path: "memory_limit", ResourceFieldRef: &api.ResourceFieldSelector{
ContainerName: "test-container",
Resource: "limits.memory"}},
{Path: "memory_request", ResourceFieldRef: &api.ResourceFieldSelector{
ContainerName: "test-container",
Resource: "requests.memory"}},
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
}}}},
Fixing all the "composite literal uses unkeyed fields" Vet errors.
2016-03-23 23:45:24 +00:00
{Name: "fc", VolumeSource: api.VolumeSource{FC: &api.FCVolumeSource{TargetWWNs: []string{"some_wwn"}, Lun: &lun, FSType: "ext4", ReadOnly: false}}},
Add support for flex volume. Flex volume adds support for thirdparty(vendor) volumes and custom mounts.
2015-09-30 18:31:53 +00:00
{Name: "flexvolume", VolumeSource: api.VolumeSource{FlexVolume: &api.FlexVolumeSource{Driver: "kubernetes.io/blue", FSType: "ext4"}}},
Fixing all the "composite literal uses unkeyed fields" Vet errors.
2016-03-23 23:45:24 +00:00
{Name: "azure", VolumeSource: api.VolumeSource{AzureFile: &api.AzureFileVolumeSource{SecretName: "key", ShareName: "share", ReadOnly: false}}},
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
names, errs := validateVolumes(successCase, field.NewPath("field"))
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
if len(errs) != 0 {
t.Errorf("expected success: %v", errs)
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
Add support for flex volume. Flex volume adds support for thirdparty(vendor) volumes and custom mounts.
2015-09-30 18:31:53 +00:00
if len(names) != len(successCase) || !names.HasAll("abc", "123", "abc-123", "empty", "gcepd", "gitrepo", "secret", "iscsidisk", "cinder", "cephfs", "flexvolume", "fc") {
Add validation of Volumes
2014-07-01 21:40:36 +00:00
t.Errorf("wrong names result: %v", names)
}
Rename volume source types to be consistent.
2015-02-20 06:27:27 +00:00
emptyVS := api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
emptyPortal := api.VolumeSource{ISCSI: &api.ISCSIVolumeSource{TargetPortal: "", IQN: "iqn.2015-02.example.com:test", Lun: 1, FSType: "ext4", ReadOnly: false}}
emptyIQN := api.VolumeSource{ISCSI: &api.ISCSIVolumeSource{TargetPortal: "127.0.0.1", IQN: "", Lun: 1, FSType: "ext4", ReadOnly: false}}
emptyHosts := api.VolumeSource{Glusterfs: &api.GlusterfsVolumeSource{EndpointsName: "", Path: "path", ReadOnly: false}}
emptyPath := api.VolumeSource{Glusterfs: &api.GlusterfsVolumeSource{EndpointsName: "host", Path: "", ReadOnly: false}}
Add flocker volume plugin Flocker [1] is an open-source container data volume manager for Dockerized applications. This PR adds a volume plugin for Flocker. The plugin interfaces the Flocker Control Service REST API [2] to attachment attach the volume to the pod. Each kubelet host should run Flocker agents (Container Agent and Dataset Agent). The kubelet will also require environment variables that contain the host and port of the Flocker Control Service. (see Flocker architecture [3] for more). - `FLOCKER_CONTROL_SERVICE_HOST` - `FLOCKER_CONTROL_SERVICE_PORT` The contribution introduces a new 'flocker' volume type to the API with fields: - `datasetName`: which indicates the name of the dataset in Flocker added to metadata; - `size`: a human-readable number that indicates the maximum size of the requested dataset. Full documentation can be found docs/user-guide/volumes.md and examples can be found at the examples/ folder [1] https://clusterhq.com/flocker/introduction/ [2] https://docs.clusterhq.com/en/1.3.1/reference/api.html [3] https://docs.clusterhq.com/en/1.3.1/concepts/architecture.html
2015-09-25 19:22:23 +00:00
emptyName := api.VolumeSource{Flocker: &api.FlockerVolumeSource{DatasetName: ""}}
add rados block device(rbd) volume plugin Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-07 17:22:23 +00:00
emptyMon := api.VolumeSource{RBD: &api.RBDVolumeSource{CephMonitors: []string{}, RBDImage: "bar", FSType: "ext4"}}
emptyImage := api.VolumeSource{RBD: &api.RBDVolumeSource{CephMonitors: []string{"foo"}, RBDImage: "", FSType: "ext4"}}
implement Ceph FS volume plugin and add to e2e volume test Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-04-09 18:05:24 +00:00
emptyCephFSMon := api.VolumeSource{CephFS: &api.CephFSVolumeSource{Monitors: []string{}}}
Add directory in GitRepo and updated tests. Update validate and gitRepo Update generated code
2015-10-10 10:10:45 +00:00
startsWithDots := api.VolumeSource{GitRepo: &api.GitRepoVolumeSource{Repository: "foo", Directory: "..dots/bar"}}
containsDots := api.VolumeSource{GitRepo: &api.GitRepoVolumeSource{Repository: "foo", Directory: "dots/../bar"}}
absPath := api.VolumeSource{GitRepo: &api.GitRepoVolumeSource{Repository: "foo", Directory: "/abstarget"}}
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
emptyPathName := api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{{Path: "",
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}}},
}}
absolutePathName := api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{{Path: "/absolutepath",
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}}},
}}
dotDotInPath := api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{{Path: "../../passwd",
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}}},
}}
dotDotPathName := api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{{Path: "..badFileName",
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}}},
}}
dotDotFirstLevelDirent := api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{{Path: "..badDirName/goodFileName",
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
FieldRef: &api.ObjectFieldSelector{
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
APIVersion: "v1",
FieldPath: "metadata.labels"}}},
}}
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
fieldRefandResourceFieldRef := api.VolumeSource{DownwardAPI: &api.DownwardAPIVolumeSource{Items: []api.DownwardAPIVolumeFile{{Path: "test",
FieldRef: &api.ObjectFieldSelector{
APIVersion: "v1",
FieldPath: "metadata.labels"},
ResourceFieldRef: &api.ResourceFieldSelector{
ContainerName: "test-container",
Resource: "requests.memory"}}},
}}
Fixing all the "composite literal uses unkeyed fields" Vet errors.
2016-03-23 23:45:24 +00:00
zeroWWN := api.VolumeSource{FC: &api.FCVolumeSource{TargetWWNs: []string{}, Lun: &lun, FSType: "ext4", ReadOnly: false}}
emptyLun := api.VolumeSource{FC: &api.FCVolumeSource{TargetWWNs: []string{"wwn"}, Lun: nil, FSType: "ext4", ReadOnly: false}}
Add flocker volume plugin Flocker [1] is an open-source container data volume manager for Dockerized applications. This PR adds a volume plugin for Flocker. The plugin interfaces the Flocker Control Service REST API [2] to attachment attach the volume to the pod. Each kubelet host should run Flocker agents (Container Agent and Dataset Agent). The kubelet will also require environment variables that contain the host and port of the Flocker Control Service. (see Flocker architecture [3] for more). - `FLOCKER_CONTROL_SERVICE_HOST` - `FLOCKER_CONTROL_SERVICE_PORT` The contribution introduces a new 'flocker' volume type to the API with fields: - `datasetName`: which indicates the name of the dataset in Flocker added to metadata; - `size`: a human-readable number that indicates the maximum size of the requested dataset. Full documentation can be found docs/user-guide/volumes.md and examples can be found at the examples/ folder [1] https://clusterhq.com/flocker/introduction/ [2] https://docs.clusterhq.com/en/1.3.1/reference/api.html [3] https://docs.clusterhq.com/en/1.3.1/concepts/architecture.html
2015-09-25 19:22:23 +00:00
slashInName := api.VolumeSource{Flocker: &api.FlockerVolumeSource{DatasetName: "foo/bar"}}
Fixing all the "composite literal uses unkeyed fields" Vet errors.
2016-03-23 23:45:24 +00:00
emptyAzureSecret := api.VolumeSource{AzureFile: &api.AzureFileVolumeSource{SecretName: "", ShareName: "share", ReadOnly: false}}
emptyAzureShare := api.VolumeSource{AzureFile: &api.AzureFileVolumeSource{SecretName: "name", ShareName: "", ReadOnly: false}}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errorCases := map[string]struct {
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
V []api.Volume
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
T field.ErrorType
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
F string
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
D string
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}{
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"zero-length name": {
[]api.Volume{{Name: "", VolumeSource: emptyVS}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"name", "",
},
"name > 63 characters": {
[]api.Volume{{Name: strings.Repeat("a", 64), VolumeSource: emptyVS}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
"name", "must be no more than",
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"name not a DNS label": {
[]api.Volume{{Name: "a.b.c", VolumeSource: emptyVS}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
"name", "must match the regex",
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"name not unique": {
[]api.Volume{{Name: "abc", VolumeSource: emptyVS}, {Name: "abc", VolumeSource: emptyVS}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeDuplicate,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"[1].name", "",
},
"empty portal": {
[]api.Volume{{Name: "badportal", VolumeSource: emptyPortal}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"iscsi.targetPortal", "",
},
"empty iqn": {
[]api.Volume{{Name: "badiqn", VolumeSource: emptyIQN}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"iscsi.iqn", "",
},
"empty hosts": {
[]api.Volume{{Name: "badhost", VolumeSource: emptyHosts}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"glusterfs.endpoints", "",
},
"empty path": {
[]api.Volume{{Name: "badpath", VolumeSource: emptyPath}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"glusterfs.path", "",
},
"empty datasetName": {
[]api.Volume{{Name: "badname", VolumeSource: emptyName}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"flocker.datasetName", "",
},
"empty mon": {
[]api.Volume{{Name: "badmon", VolumeSource: emptyMon}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"rbd.monitors", "",
},
"empty image": {
[]api.Volume{{Name: "badimage", VolumeSource: emptyImage}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"rbd.image", "",
},
"empty cephfs mon": {
[]api.Volume{{Name: "badmon", VolumeSource: emptyCephFSMon}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"cephfs.monitors", "",
},
"empty metatada path": {
[]api.Volume{{Name: "emptyname", VolumeSource: emptyPathName}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"downwardAPI.path", "",
},
"absolute path": {
[]api.Volume{{Name: "absolutepath", VolumeSource: absolutePathName}},
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"downwardAPI.path", "",
},
"dot dot path": {
[]api.Volume{{Name: "dotdotpath", VolumeSource: dotDotInPath}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
audit validation errors to not double-print field names
2015-11-14 16:44:50 +00:00
"downwardAPI.path", `must not contain '..'`,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"dot dot file name": {
[]api.Volume{{Name: "dotdotfilename", VolumeSource: dotDotPathName}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
audit validation errors to not double-print field names
2015-11-14 16:44:50 +00:00
"downwardAPI.path", `must not start with '..'`,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"dot dot first level dirent": {
[]api.Volume{{Name: "dotdotdirfilename", VolumeSource: dotDotFirstLevelDirent}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
audit validation errors to not double-print field names
2015-11-14 16:44:50 +00:00
"downwardAPI.path", `must not start with '..'`,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"empty wwn": {
[]api.Volume{{Name: "badimage", VolumeSource: zeroWWN}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"fc.targetWWNs", "",
},
"empty lun": {
[]api.Volume{{Name: "badimage", VolumeSource: emptyLun}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"fc.lun", "",
},
"slash in datasetName": {
[]api.Volume{{Name: "slashinname", VolumeSource: slashInName}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"flocker.datasetName", "must not contain '/'",
},
"starts with '..'": {
[]api.Volume{{Name: "badprefix", VolumeSource: startsWithDots}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
audit validation errors to not double-print field names
2015-11-14 16:44:50 +00:00
"gitRepo.directory", `must not start with '..'`,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"contains '..'": {
[]api.Volume{{Name: "containsdots", VolumeSource: containsDots}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
audit validation errors to not double-print field names
2015-11-14 16:44:50 +00:00
"gitRepo.directory", `must not contain '..'`,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
},
"absolute target": {
[]api.Volume{{Name: "absolutetarget", VolumeSource: absPath}},
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"gitRepo.directory", "",
},
support Azure File Service volume Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-11-13 16:47:04 +00:00
"empty secret": {
[]api.Volume{{Name: "emptyaccount", VolumeSource: emptyAzureSecret}},
field.ErrorTypeRequired,
"azureFile.secretName", "",
},
"empty share": {
[]api.Volume{{Name: "emptyaccount", VolumeSource: emptyAzureShare}},
field.ErrorTypeRequired,
"azureFile.shareName", "",
},
Downward API implementation for resources limits and requests
2016-05-23 22:08:22 +00:00
"fieldRef and ResourceFieldRef together": {
[]api.Volume{{Name: "testvolume", VolumeSource: fieldRefandResourceFieldRef}},
field.ErrorTypeInvalid,
"downwardAPI", "fieldRef and resourceFieldRef can not be specified simultaneously",
},
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
for k, v := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
_, errs := validateVolumes(v.V, field.NewPath("field"))
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
if len(errs) == 0 {
Fix #1683
2014-10-10 22:34:48 +00:00
t.Errorf("expected failure %s for %v", k, v.V)
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
continue
}
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
if errs[i].Type != v.T {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
t.Errorf("%s: expected error to have type %q: %q", k, v.T, errs[i].Type)
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
if !strings.Contains(errs[i].Field, v.F) {
t.Errorf("%s: expected error field %q: %q", k, v.F, errs[i].Field)
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
if !strings.Contains(errs[i].Detail, v.D) {
t.Errorf("%s: expected error detail %q, got %q", k, v.D, errs[i].Detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
}
}
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
func TestValidatePorts(t *testing.T) {
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
successCase := []api.ContainerPort{
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
{Name: "abc", ContainerPort: 80, HostPort: 80, Protocol: "TCP"},
{Name: "easy", ContainerPort: 82, Protocol: "TCP"},
{Name: "as", ContainerPort: 83, Protocol: "UDP"},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{Name: "do-re-me", ContainerPort: 84, Protocol: "UDP"},
{ContainerPort: 85, Protocol: "TCP"},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateContainerPorts(successCase, field.NewPath("field")); len(errs) != 0 {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
t.Errorf("expected success: %v", errs)
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
nonCanonicalCase := []api.ContainerPort{
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{ContainerPort: 80, Protocol: "TCP"},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateContainerPorts(nonCanonicalCase, field.NewPath("field")); len(errs) != 0 {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
t.Errorf("expected success: %v", errs)
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errorCases := map[string]struct {
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
P []api.ContainerPort
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
T field.ErrorType
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
F string
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
D string
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}{
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"name > 15 characters": {
[]api.ContainerPort{{Name: strings.Repeat("a", 16), ContainerPort: 80, Protocol: "TCP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"name", PortNameErrorMsg,
},
"name not a IANA svc name ": {
[]api.ContainerPort{{Name: "a.b.c", ContainerPort: 80, Protocol: "TCP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"name", PortNameErrorMsg,
},
"name not a IANA svc name (i.e. a number)": {
[]api.ContainerPort{{Name: "80", ContainerPort: 80, Protocol: "TCP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"name", PortNameErrorMsg,
},
"name not unique": {
[]api.ContainerPort{
{Name: "abc", ContainerPort: 80, Protocol: "TCP"},
{Name: "abc", ContainerPort: 81, Protocol: "TCP"},
},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeDuplicate,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"[1].name", "",
},
"zero container port": {
[]api.ContainerPort{{ContainerPort: 0, Protocol: "TCP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"containerPort", PortRangeErrorMsg,
},
"invalid container port": {
[]api.ContainerPort{{ContainerPort: 65536, Protocol: "TCP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"containerPort", PortRangeErrorMsg,
},
"invalid host port": {
[]api.ContainerPort{{ContainerPort: 80, HostPort: 65536, Protocol: "TCP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeInvalid,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"hostPort", PortRangeErrorMsg,
},
"invalid protocol case": {
[]api.ContainerPort{{ContainerPort: 80, Protocol: "tcp"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeNotSupported,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"protocol", "supported values: TCP, UDP",
},
"invalid protocol": {
[]api.ContainerPort{{ContainerPort: 80, Protocol: "ICMP"}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeNotSupported,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"protocol", "supported values: TCP, UDP",
},
"protocol required": {
[]api.ContainerPort{{Name: "abc", ContainerPort: 80}},
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
field.ErrorTypeRequired,
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"protocol", "",
},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
for k, v := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
errs := validateContainerPorts(v.P, field.NewPath("field"))
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
if len(errs) == 0 {
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
t.Errorf("expected failure for %s", k)
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
if errs[i].Type != v.T {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
t.Errorf("%s: expected error to have type %q: %q", k, v.T, errs[i].Type)
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
if !strings.Contains(errs[i].Field, v.F) {
t.Errorf("%s: expected error field %q: %q", k, v.F, errs[i].Field)
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
if !strings.Contains(errs[i].Detail, v.D) {
t.Errorf("%s: expected error detail %q, got %q", k, v.D, errs[i].Detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
}
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
}
}
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
func TestValidateEnv(t *testing.T) {
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.EnvVar{
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
{Name: "abc", Value: "value"},
{Name: "ABC", Value: "value"},
{Name: "AbC_123", Value: "value"},
{Name: "abc", Value: ""},
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
update testapi to eliminate redundant fields
2015-11-30 20:28:48 +00:00
APIVersion: testapi.Default.GroupVersion().String(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.name",
},
},
},
Add validation for variant-type of EnvVarSource
2016-01-18 20:07:48 +00:00
{
Name: "secret_value",
ValueFrom: &api.EnvVarSource{
SecretKeyRef: &api.SecretKeySelector{
LocalObjectReference: api.LocalObjectReference{
Name: "some-secret",
},
Key: "secret-key",
},
},
},
Add validation for EnvVarSource variant
2016-01-19 03:31:29 +00:00
{
Name: "ENV_VAR_1",
ValueFrom: &api.EnvVarSource{
ConfigMapKeyRef: &api.ConfigMapKeySelector{
LocalObjectReference: api.LocalObjectReference{
Name: "some-config-map",
},
Key: "some-key",
},
},
},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateEnv(successCase, field.NewPath("field")); len(errs) != 0 {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
t.Errorf("expected success: %v", errs)
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
errorCases := []struct {
name string
envs []api.EnvVar
expectedError string
}{
{
name: "zero-length name",
envs: []api.EnvVar{{Name: ""}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: "[0].name: Required value",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "name not a C identifier",
envs: []api.EnvVar{{Name: "a.b.c"}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `[0].name: Invalid value: "a.b.c": must be a C identifier (matching regex [A-Za-z_][A-Za-z0-9_]*): e.g. "my_name" or "MyName"`,
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "value and valueFrom specified",
envs: []api.EnvVar{{
Name: "abc",
Value: "foo",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
update testapi to eliminate redundant fields
2015-11-30 20:28:48 +00:00
APIVersion: testapi.Default.GroupVersion().String(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.name",
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: "[0].valueFrom: Invalid value: \"\": may not be specified when `value` is not empty",
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
Add validation for variant-type of EnvVarSource
2016-01-18 20:07:48 +00:00
{
Add validation for EnvVarSource variant
2016-01-19 03:31:29 +00:00
name: "valueFrom.fieldRef and valueFrom.secretKeyRef specified",
Add validation for variant-type of EnvVarSource
2016-01-18 20:07:48 +00:00
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
FieldRef: &api.ObjectFieldSelector{
APIVersion: testapi.Default.GroupVersion().String(),
FieldPath: "metadata.name",
},
SecretKeyRef: &api.SecretKeySelector{
LocalObjectReference: api.LocalObjectReference{
Name: "a-secret",
},
Key: "a-key",
},
},
}},
expectedError: "[0].valueFrom: Invalid value: \"\": may not have more than one field specified at a time",
},
Add validation for EnvVarSource variant
2016-01-19 03:31:29 +00:00
{
name: "valueFrom.fieldRef and valueFrom.configMapKeyRef set",
envs: []api.EnvVar{{
Name: "some_var_name",
ValueFrom: &api.EnvVarSource{
FieldRef: &api.ObjectFieldSelector{
APIVersion: testapi.Default.GroupVersion().String(),
FieldPath: "metadata.name",
},
ConfigMapKeyRef: &api.ConfigMapKeySelector{
LocalObjectReference: api.LocalObjectReference{
Name: "some-config-map",
},
Key: "some-key",
},
},
}},
expectedError: `[0].valueFrom: Invalid value: "": may not have more than one field specified at a time`,
},
{
name: "valueFrom.fieldRef and valueFrom.secretKeyRef specified",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
FieldRef: &api.ObjectFieldSelector{
APIVersion: testapi.Default.GroupVersion().String(),
FieldPath: "metadata.name",
},
SecretKeyRef: &api.SecretKeySelector{
LocalObjectReference: api.LocalObjectReference{
Name: "a-secret",
},
Key: "a-key",
},
ConfigMapKeyRef: &api.ConfigMapKeySelector{
LocalObjectReference: api.LocalObjectReference{
Name: "some-config-map",
},
Key: "some-key",
},
},
}},
expectedError: `[0].valueFrom: Invalid value: "": may not have more than one field specified at a time`,
},
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
{
name: "missing FieldPath on ObjectFieldSelector",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
update testapi to eliminate redundant fields
2015-11-30 20:28:48 +00:00
APIVersion: testapi.Default.GroupVersion().String(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `[0].valueFrom.fieldRef.fieldPath: Required value`,
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "missing APIVersion on ObjectFieldSelector",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.name",
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `[0].valueFrom.fieldRef.apiVersion: Required value`,
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
{
name: "invalid fieldPath",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "metadata.whoops",
update testapi to eliminate redundant fields
2015-11-30 20:28:48 +00:00
APIVersion: testapi.Default.GroupVersion().String(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `[0].valueFrom.fieldRef.fieldPath: Invalid value: "metadata.whoops": error converting fieldPath`,
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
{
name: "invalid fieldPath labels",
envs: []api.EnvVar{{
Name: "labels",
ValueFrom: &api.EnvVarSource{
FieldRef: &api.ObjectFieldSelector{
FieldPath: "metadata.labels",
APIVersion: "v1",
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `[0].valueFrom.fieldRef.fieldPath: Unsupported value: "metadata.labels": supported values: metadata.name, metadata.namespace, status.podIP`,
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
},
{
name: "invalid fieldPath annotations",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
FieldRef: &api.ObjectFieldSelector{
FieldPath: "metadata.annotations",
APIVersion: "v1",
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `[0].valueFrom.fieldRef.fieldPath: Unsupported value: "metadata.annotations": supported values: metadata.name, metadata.namespace, status.podIP`,
adding downward api volume plugin
2015-02-20 05:36:23 +00:00
},
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
{
name: "unsupported fieldPath",
envs: []api.EnvVar{{
Name: "abc",
ValueFrom: &api.EnvVarSource{
Change EnvVarSource.FieldPath -> FieldRef and add example
2015-05-04 17:31:36 +00:00
FieldRef: &api.ObjectFieldSelector{
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
FieldPath: "status.phase",
update testapi to eliminate redundant fields
2015-11-30 20:28:48 +00:00
APIVersion: testapi.Default.GroupVersion().String(),
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
},
}},
Change how one-of blocks are validated I took a hard look at error output and played until I was happier. This now prints JSON for structs in the error, rather than go's format. Also made the error message easier to read. Fixed tests.
2015-11-15 06:36:25 +00:00
expectedError: `valueFrom.fieldRef.fieldPath: Unsupported value: "status.phase": supported values: metadata.name, metadata.namespace, status.podIP`,
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
}
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
for _, tc := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateEnv(tc.envs, field.NewPath("field")); len(errs) == 0 {
Add downward API for environment vars
2015-04-23 20:57:30 +00:00
t.Errorf("expected failure for %s", tc.name)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
} else {
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
str := errs[i].Error()
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
if str != "" && !strings.Contains(str, tc.expectedError) {
t.Errorf("%s: expected error detail either empty or %q, got %q", tc.name, tc.expectedError, str)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
}
Add validation of Volumes
2014-07-01 21:40:36 +00:00
}
}
}
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
func TestValidateVolumeMounts(t *testing.T) {
Move util.StringSet into its own package A lot of packages use StringSet, but they don't use anything else from the util package. Moving StringSet into another package will shrink their dependency trees significantly.
2015-09-09 17:45:01 +00:00
volumes := sets.NewString("abc", "123", "abc-123")
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.VolumeMount{
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
{Name: "abc", MountPath: "/foo"},
Validate that volume mountpoints are unique
2016-03-18 03:52:34 +00:00
{Name: "123", MountPath: "/bar"},
{Name: "abc-123", MountPath: "/baz"},
Introduce subPath in VolumeMount
2016-03-05 01:40:15 +00:00
{Name: "abc-123", MountPath: "/baa", SubPath: ""},
{Name: "abc-123", MountPath: "/bab", SubPath: "baz"},
{Name: "abc-123", MountPath: "/bac", SubPath: ".baz"},
{Name: "abc-123", MountPath: "/bad", SubPath: "..baz"},
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
}
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateVolumeMounts(successCase, volumes, field.NewPath("field")); len(errs) != 0 {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
t.Errorf("expected success: %v", errs)
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
errorCases := map[string][]api.VolumeMount{
Validate that volume mountpoints are unique
2016-03-18 03:52:34 +00:00
"empty name": {{Name: "", MountPath: "/foo"}},
"name not found": {{Name: "", MountPath: "/foo"}},
"empty mountpath": {{Name: "abc", MountPath: ""}},
"colon mountpath": {{Name: "abc", MountPath: "foo:bar"}},
"mountpath collision": {{Name: "foo", MountPath: "/path/a"}, {Name: "bar", MountPath: "/path/a"}},
Introduce subPath in VolumeMount
2016-03-05 01:40:15 +00:00
"absolute subpath": {{Name: "abc", MountPath: "/bar", SubPath: "/baz"}},
"subpath in ..": {{Name: "abc", MountPath: "/bar", SubPath: "../baz"}},
"subpath contains ..": {{Name: "abc", MountPath: "/bar", SubPath: "baz/../bat"}},
"subpath ends in ..": {{Name: "abc", MountPath: "/bar", SubPath: "./.."}},
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
}
for k, v := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateVolumeMounts(v, volumes, field.NewPath("field")); len(errs) == 0 {
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
t.Errorf("expected failure for %s", k)
}
}
}
add validation for api.Probe
2015-02-15 07:02:07 +00:00
func TestValidateProbe(t *testing.T) {
handler := api.Handler{Exec: &api.ExecAction{Command: []string{"echo"}}}
Add liveness/readiness probe parameters - PeriodSeconds - How often to probe - SuccessThreshold - Number of successful probes to go from failure to success state - FailureThreshold - Number of failing probes to go from success to failure state This commit includes to changes in behavior: 1. InitialDelaySeconds now defaults to 10 seconds, rather than the kubelet sync interval (although that also defaults to 10 seconds). 2. Prober only retries on probe error, not failure. To compensate, the default FailureThreshold is set to the maxRetries, 3.
2015-11-05 23:38:46 +00:00
// These fields must be positive.
positiveFields := [...]string{"InitialDelaySeconds", "TimeoutSeconds", "PeriodSeconds", "SuccessThreshold", "FailureThreshold"}
successCases := []*api.Probe{nil}
for _, field := range positiveFields {
probe := &api.Probe{Handler: handler}
reflect.ValueOf(probe).Elem().FieldByName(field).SetInt(10)
successCases = append(successCases, probe)
add validation for api.Probe
2015-02-15 07:02:07 +00:00
}
Add liveness/readiness probe parameters - PeriodSeconds - How often to probe - SuccessThreshold - Number of successful probes to go from failure to success state - FailureThreshold - Number of failing probes to go from success to failure state This commit includes to changes in behavior: 1. InitialDelaySeconds now defaults to 10 seconds, rather than the kubelet sync interval (although that also defaults to 10 seconds). 2. Prober only retries on probe error, not failure. To compensate, the default FailureThreshold is set to the maxRetries, 3.
2015-11-05 23:38:46 +00:00
add validation for api.Probe
2015-02-15 07:02:07 +00:00
for _, p := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateProbe(p, field.NewPath("field")); len(errs) != 0 {
add validation for api.Probe
2015-02-15 07:02:07 +00:00
t.Errorf("expected success: %v", errs)
}
}
Add liveness/readiness probe parameters - PeriodSeconds - How often to probe - SuccessThreshold - Number of successful probes to go from failure to success state - FailureThreshold - Number of failing probes to go from success to failure state This commit includes to changes in behavior: 1. InitialDelaySeconds now defaults to 10 seconds, rather than the kubelet sync interval (although that also defaults to 10 seconds). 2. Prober only retries on probe error, not failure. To compensate, the default FailureThreshold is set to the maxRetries, 3.
2015-11-05 23:38:46 +00:00
errorCases := []*api.Probe{{TimeoutSeconds: 10, InitialDelaySeconds: 10}}
for _, field := range positiveFields {
probe := &api.Probe{Handler: handler}
reflect.ValueOf(probe).Elem().FieldByName(field).SetInt(-10)
errorCases = append(errorCases, probe)
add validation for api.Probe
2015-02-15 07:02:07 +00:00
}
for _, p := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateProbe(p, field.NewPath("field")); len(errs) == 0 {
add validation for api.Probe
2015-02-15 07:02:07 +00:00
t.Errorf("expected failure for %v", p)
}
}
}
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
func TestValidateHandler(t *testing.T) {
successCases := []api.Handler{
{Exec: &api.ExecAction{Command: []string{"echo"}}},
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: intstr.FromInt(1), Host: "", Scheme: "HTTP"}},
{HTTPGet: &api.HTTPGetAction{Path: "/foo", Port: intstr.FromInt(65535), Host: "host", Scheme: "HTTP"}},
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: intstr.FromString("port"), Host: "", Scheme: "HTTP"}},
Add httpHeaders to httpGet liveness probe Also update existing documentation and try to steer users away from 'host'. Add validation.
2016-02-02 15:03:50 +00:00
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: intstr.FromString("port"), Host: "", Scheme: "HTTP", HTTPHeaders: []api.HTTPHeader{{"Host", "foo.example.com"}}}},
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: intstr.FromString("port"), Host: "", Scheme: "HTTP", HTTPHeaders: []api.HTTPHeader{{"X-Forwarded-For", "1.2.3.4"}, {"X-Forwarded-For", "5.6.7.8"}}}},
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
}
for _, h := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateHandler(&h, field.NewPath("field")); len(errs) != 0 {
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
t.Errorf("expected success: %v", errs)
}
}
errorCases := []api.Handler{
{},
{Exec: &api.ExecAction{Command: []string{}}},
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
{HTTPGet: &api.HTTPGetAction{Path: "", Port: intstr.FromInt(0), Host: ""}},
{HTTPGet: &api.HTTPGetAction{Path: "/foo", Port: intstr.FromInt(65536), Host: "host"}},
{HTTPGet: &api.HTTPGetAction{Path: "", Port: intstr.FromString(""), Host: ""}},
Add httpHeaders to httpGet liveness probe Also update existing documentation and try to steer users away from 'host'. Add validation.
2016-02-02 15:03:50 +00:00
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: intstr.FromString("port"), Host: "", Scheme: "HTTP", HTTPHeaders: []api.HTTPHeader{{"Host:", "foo.example.com"}}}},
{HTTPGet: &api.HTTPGetAction{Path: "/", Port: intstr.FromString("port"), Host: "", Scheme: "HTTP", HTTPHeaders: []api.HTTPHeader{{"X_Forwarded_For", "foo.example.com"}}}},
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
}
for _, h := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateHandler(&h, field.NewPath("field")); len(errs) == 0 {
Add defaults for HTTGetAction.Path & test actions The comment says optional - this makes it optional. Test handler actions.
2015-02-28 01:33:58 +00:00
t.Errorf("expected failure for %#v", h)
}
}
}
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
func TestValidatePullPolicy(t *testing.T) {
type T struct {
Container api.Container
ExpectedPolicy api.PullPolicy
}
testCases := map[string]T{
"NotPresent1": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc", Image: "image:latest", ImagePullPolicy: "IfNotPresent"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullIfNotPresent,
},
"NotPresent2": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc1", Image: "image", ImagePullPolicy: "IfNotPresent"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullIfNotPresent,
},
"Always1": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "123", Image: "image:latest", ImagePullPolicy: "Always"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullAlways,
},
"Always2": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "1234", Image: "image", ImagePullPolicy: "Always"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullAlways,
},
"Never1": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc-123", Image: "image:latest", ImagePullPolicy: "Never"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullNever,
},
"Never2": {
Change PullPolicy constants to match
2015-01-21 04:30:42 +00:00
api.Container{Name: "abc-1234", Image: "image", ImagePullPolicy: "Never"},
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
api.PullNever,
},
}
for k, v := range testCases {
ctr := &v.Container
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
errs := validatePullPolicy(ctr.ImagePullPolicy, field.NewPath("field"))
Introduce validatePullPolicyWithDefault to validation.
2015-01-16 23:02:36 +00:00
if len(errs) != 0 {
t.Errorf("case[%s] expected success, got %#v", k, errs)
}
if ctr.ImagePullPolicy != v.ExpectedPolicy {
t.Errorf("case[%s] expected policy %v, got %v", k, v.ExpectedPolicy, ctr.ImagePullPolicy)
}
}
}
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
func getResourceLimits(cpu, memory string) api.ResourceList {
res := api.ResourceList{}
res[api.ResourceCPU] = resource.MustParse(cpu)
res[api.ResourceMemory] = resource.MustParse(memory)
return res
}
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
func TestValidateContainers(t *testing.T) {
Move util.StringSet into its own package A lot of packages use StringSet, but they don't use anything else from the util package. Moving StringSet into another package will shrink their dependency trees significantly.
2015-09-09 17:45:01 +00:00
volumes := sets.String{}
Refactor to clean up names.
2014-09-16 22:18:33 +00:00
capabilities.SetForTests(capabilities.Capabilities{
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
AllowPrivileged: true,
})
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCase := []api.Container{
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"},
{Name: "123", Image: "image", ImagePullPolicy: "IfNotPresent"},
{Name: "abc-123", Image: "image", ImagePullPolicy: "IfNotPresent"},
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
Exec: &api.ExecAction{Command: []string{"ls", "-l"}},
},
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
{
Name: "resources-test",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
WIP v0 NVIDIA GPU support Implements part of #24071 I am not familiar with the scheduler enough to know what to do with the scores. Punting for now. Missing items from the implementation plan: limitranger, rkt support, kubectl support and user docs
2016-04-27 00:54:19 +00:00
{
Name: "resources-test-with-gpu",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName(api.ResourceNvidiaGPU): resource.MustParse("1"),
},
},
ImagePullPolicy: "IfNotPresent",
},
Add support for request
2015-07-30 19:59:22 +00:00
{
Name: "resources-request-limit-simple",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("8"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
},
},
ImagePullPolicy: "IfNotPresent",
},
{
Name: "resources-request-limit-edge",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
},
ImagePullPolicy: "IfNotPresent",
},
{
Name: "resources-request-limit-partials",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("9.5"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName("my.org/resource"): resource.MustParse("10m"),
},
},
ImagePullPolicy: "IfNotPresent",
},
{
Name: "resources-request",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("9.5"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
ImagePullPolicy: "IfNotPresent",
},
Allow same-hostport-different-protocol
2015-05-19 05:18:40 +00:00
{
Name: "same-host-port-different-protocol",
Image: "image",
Ports: []api.ContainerPort{
{ContainerPort: 80, HostPort: 80, Protocol: "TCP"},
{ContainerPort: 80, HostPort: 80, Protocol: "UDP"},
},
ImagePullPolicy: "IfNotPresent",
},
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
{Name: "abc-1234", Image: "image", ImagePullPolicy: "IfNotPresent", SecurityContext: fakeValidSecurityContext(true)},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
}
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateContainers(successCase, volumes, field.NewPath("field")); len(errs) != 0 {
Accumulate validation errors Rather than report the first error, accumulate all errors and report them all at once.
2014-07-08 06:20:30 +00:00
t.Errorf("expected success: %v", errs)
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
}
Refactor to clean up names.
2014-09-16 22:18:33 +00:00
capabilities.SetForTests(capabilities.Capabilities{
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
AllowPrivileged: false,
})
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
errorCases := map[string][]api.Container{
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"zero-length name": {{Name: "", Image: "image", ImagePullPolicy: "IfNotPresent"}},
"name > 63 characters": {{Name: strings.Repeat("a", 64), Image: "image", ImagePullPolicy: "IfNotPresent"}},
"name not a DNS label": {{Name: "a.b.c", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
"name not unique": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"},
{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"zero-length image": {{Name: "abc", Image: "", ImagePullPolicy: "IfNotPresent"}},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
"host port not unique": {
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
{Name: "abc", Image: "image", Ports: []api.ContainerPort{{ContainerPort: 80, HostPort: 80, Protocol: "TCP"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent"},
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
{Name: "def", Image: "image", Ports: []api.ContainerPort{{ContainerPort: 81, HostPort: 80, Protocol: "TCP"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent"},
Add validation of Ports Also do caseless compares for "enum" strings.
2014-07-08 04:32:56 +00:00
},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
"invalid env var name": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
{Name: "abc", Image: "image", Env: []api.EnvVar{{Name: "ev.1"}}, ImagePullPolicy: "IfNotPresent"},
Add validation for Container.Env This includes backwards compat with the older "key" field.
2014-07-01 22:56:30 +00:00
},
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
"unknown volume name": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
{Name: "abc", Image: "image", VolumeMounts: []api.VolumeMount{{Name: "anything", MountPath: "/foo"}},
ImagePullPolicy: "IfNotPresent"},
Add validation of VolumeMounts
2014-07-05 02:46:56 +00:00
},
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
"invalid lifecycle, no exec command.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
Exec: &api.ExecAction{},
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
},
"invalid lifecycle, no http path.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
HTTPGet: &api.HTTPGetAction{},
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
},
TCPSocket could not be used as it was not checked in validation Attempting to use it gave the error "must register one handler". Added more tests for it.
2015-02-27 03:20:34 +00:00
"invalid lifecycle, no tcp socket port.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
TCPSocket: &api.TCPSocketAction{},
},
},
ImagePullPolicy: "IfNotPresent",
},
},
"invalid lifecycle, zero tcp socket port.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{
TCPSocket: &api.TCPSocketAction{
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
Port: intstr.FromInt(0),
TCPSocket could not be used as it was not checked in validation Attempting to use it gave the error "must register one handler". Added more tests for it.
2015-02-27 03:20:34 +00:00
},
},
},
ImagePullPolicy: "IfNotPresent",
},
},
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
"invalid lifecycle, no action.": {
{
Name: "life-123",
Image: "image",
Lifecycle: &api.Lifecycle{
PreStop: &api.Handler{},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Add some lifecycle validation.
2014-09-12 23:04:10 +00:00
},
},
TCPSocket could not be used as it was not checked in validation Attempting to use it gave the error "must register one handler". Added more tests for it.
2015-02-27 03:20:34 +00:00
"invalid liveness probe, no tcp socket port.": {
{
Name: "life-123",
Image: "image",
LivenessProbe: &api.Probe{
Handler: api.Handler{
TCPSocket: &api.TCPSocketAction{},
},
},
ImagePullPolicy: "IfNotPresent",
},
},
"invalid liveness probe, no action.": {
{
Name: "life-123",
Image: "image",
LivenessProbe: &api.Probe{
Handler: api.Handler{},
},
ImagePullPolicy: "IfNotPresent",
},
},
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
"privilege disabled": {
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
{Name: "abc", Image: "image", SecurityContext: fakeValidSecurityContext(true)},
Add a flag to reject privileged containers in the apiserver.
2014-09-16 14:04:12 +00:00
},
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
"invalid compute resource": {
{
Name: "abc-123",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: api.ResourceList{
"disk": resource.MustParse("10G"),
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
},
"Resource CPU invalid": {
{
Name: "abc-123",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("-10", "0"),
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
},
Improve container resource requirements validation
2015-04-20 18:56:15 +00:00
"Resource Requests CPU invalid": {
{
Name: "abc-123",
Image: "image",
Resources: api.ResourceRequirements{
Requests: getResourceLimits("-10", "0"),
},
ImagePullPolicy: "IfNotPresent",
},
},
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
"Resource Memory invalid": {
{
Name: "abc-123",
Image: "image",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("0", "-10"),
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
ImagePullPolicy: "IfNotPresent",
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
},
},
WIP v0 NVIDIA GPU support Implements part of #24071 I am not familiar with the scheduler enough to know what to do with the scores. Punting for now. Missing items from the implementation plan: limitranger, rkt support, kubectl support and user docs
2016-04-27 00:54:19 +00:00
"Resource can only have GPU limit": {
{
Name: "resources-request-limit-edge",
Image: "image",
Resources: api.ResourceRequirements{
Requests: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName(api.ResourceNvidiaGPU): resource.MustParse("1"),
},
Limits: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName(api.ResourceNvidiaGPU): resource.MustParse("1"),
},
},
ImagePullPolicy: "IfNotPresent",
},
},
Add support for request
2015-07-30 19:59:22 +00:00
"Request limit simple invalid": {
{
Name: "abc-123",
Image: "image",
Resources: api.ResourceRequirements{
Limits: getResourceLimits("5", "3"),
Requests: getResourceLimits("6", "3"),
},
ImagePullPolicy: "IfNotPresent",
},
},
"Request limit multiple invalid": {
{
Name: "abc-123",
Image: "image",
Resources: api.ResourceRequirements{
Limits: getResourceLimits("5", "3"),
Requests: getResourceLimits("6", "4"),
},
ImagePullPolicy: "IfNotPresent",
},
},
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
}
for k, v := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateContainers(v, volumes, field.NewPath("field")); len(errs) == 0 {
Add basic validation of Containers
2014-07-01 22:14:25 +00:00
t.Errorf("expected failure for %s", k)
}
}
}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
func TestValidateRestartPolicy(t *testing.T) {
successCases := []api.RestartPolicy{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
api.RestartPolicyAlways,
api.RestartPolicyOnFailure,
api.RestartPolicyNever,
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
}
for _, policy := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateRestartPolicy(&policy, field.NewPath("field")); len(errs) != 0 {
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
t.Errorf("expected success: %v", errs)
}
}
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
errorCases := []api.RestartPolicy{"", "newpolicy"}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
for k, policy := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateRestartPolicy(&policy, field.NewPath("field")); len(errs) == 0 {
Fix format specifiers in Printf-type functions.
2014-10-10 00:06:32 +00:00
t.Errorf("expected failure for %d", k)
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
}
}
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
Beef up validation tests
2015-01-06 19:11:52 +00:00
func TestValidateDNSPolicy(t *testing.T) {
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
successCases := []api.DNSPolicy{api.DNSClusterFirst, api.DNSDefault, api.DNSPolicy(api.DNSClusterFirst)}
Beef up validation tests
2015-01-06 19:11:52 +00:00
for _, policy := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateDNSPolicy(&policy, field.NewPath("field")); len(errs) != 0 {
Beef up validation tests
2015-01-06 19:11:52 +00:00
t.Errorf("expected success: %v", errs)
}
}
errorCases := []api.DNSPolicy{api.DNSPolicy("invalid")}
for _, policy := range errorCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := validateDNSPolicy(&policy, field.NewPath("field")); len(errs) == 0 {
Beef up validation tests
2015-01-06 19:11:52 +00:00
t.Errorf("expected failure for %v", policy)
}
}
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
}
Beef up validation tests
2015-01-06 19:11:52 +00:00
func TestValidatePodSpec(t *testing.T) {
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
activeDeadlineSeconds := int64(30)
Validate uids and gids for securitycontext
2015-11-20 02:42:02 +00:00
minID := int64(0)
maxID := int64(2147483647)
Beef up validation tests
2015-01-06 19:11:52 +00:00
successCases := []api.PodSpec{
{ // Populate basic fields, leave defaults for most.
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
{ // Populate all fields.
Volumes: []api.Volume{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Beef up validation tests
2015-01-06 19:11:52 +00:00
NodeSelector: map[string]string{
"key": "value",
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
},
update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go
2015-05-22 23:40:57 +00:00
NodeName: "foobar",
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
DNSPolicy: api.DNSClusterFirst,
ActiveDeadlineSeconds: &activeDeadlineSeconds,
Rename pod.spec.serviceAccount -> pod.spec.serviceAccountName for v1
2015-06-19 02:35:42 +00:00
ServiceAccountName: "acct",
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Add HostNetworking container option to API. This allows a container to run within the same networking namespace as the host. This will be locked down by default using a flag on the master and nodes (similar to how privileged is handled today).
2015-03-23 23:34:35 +00:00
{ // Populate HostNetwork.
Containers: []api.Container{
{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", Ports: []api.ContainerPort{
{HostPort: 8080, ContainerPort: 8080, Protocol: "TCP"}},
},
},
Add PodSecurityContext and backward compatibility tests
2015-09-14 21:56:51 +00:00
SecurityContext: &api.PodSecurityContext{
HostNetwork: true,
},
Add HostNetworking container option to API. This allows a container to run within the same networking namespace as the host. This will be locked down by default using a flag on the master and nodes (similar to how privileged is handled today).
2015-03-23 23:34:35 +00:00
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Validate uids and gids for securitycontext
2015-11-20 02:42:02 +00:00
{ // Populate RunAsUser SupplementalGroups FSGroup with minID 0
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
SupplementalGroups: []int64{minID},
RunAsUser: &minID,
FSGroup: &minID,
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
{ // Populate RunAsUser SupplementalGroups FSGroup with maxID 2147483647
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
SupplementalGroups: []int64{maxID},
RunAsUser: &maxID,
FSGroup: &maxID,
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
use infra container ns for ipc
2015-09-21 15:34:02 +00:00
{ // Populate HostIPC.
Add PodSecurityContext and backward compatibility tests
2015-09-14 21:56:51 +00:00
SecurityContext: &api.PodSecurityContext{
HostIPC: true,
},
use infra container ns for ipc
2015-09-21 15:34:02 +00:00
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
{ // Populate HostPID.
Add PodSecurityContext and backward compatibility tests
2015-09-14 21:56:51 +00:00
SecurityContext: &api.PodSecurityContext{
HostPID: true,
},
use infra container ns for ipc
2015-09-21 15:34:02 +00:00
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
{ // Populate Affinity.
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for i := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := ValidatePodSpec(&successCases[i], field.NewPath("field")); len(errs) != 0 {
Beef up validation tests
2015-01-06 19:11:52 +00:00
t.Errorf("expected success: %v", errs)
}
}
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
activeDeadlineSeconds = int64(0)
Validate uids and gids for securitycontext
2015-11-20 02:42:02 +00:00
minID = int64(-1)
maxID = int64(2147483648)
Beef up validation tests
2015-01-06 19:11:52 +00:00
failureCases := map[string]api.PodSpec{
"bad volume": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
Volumes: []api.Volume{{}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
},
"no containers": {
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
"bad container": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
Containers: []api.Container{{}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
"bad DNS policy": {
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSPolicy("invalid"),
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
},
Validate service account name in pod spec
2015-06-11 21:16:58 +00:00
"bad service account name": {
Rename pod.spec.serviceAccount -> pod.spec.serviceAccountName for v1
2015-06-19 02:35:42 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
ServiceAccountName: "invalidName",
Validate service account name in pod spec
2015-06-11 21:16:58 +00:00
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
"bad restart policy": {
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: "UnknowPolicy",
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Add HostNetworking container option to API. This allows a container to run within the same networking namespace as the host. This will be locked down by default using a flag on the master and nodes (similar to how privileged is handled today).
2015-03-23 23:34:35 +00:00
"with hostNetwork hostPort not equal to containerPort": {
Containers: []api.Container{
{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", Ports: []api.ContainerPort{
{HostPort: 8080, ContainerPort: 2600, Protocol: "TCP"}},
},
},
Add PodSecurityContext and backward compatibility tests
2015-09-14 21:56:51 +00:00
SecurityContext: &api.PodSecurityContext{
HostNetwork: true,
},
Add HostNetworking container option to API. This allows a container to run within the same networking namespace as the host. This will be locked down by default using a flag on the master and nodes (similar to how privileged is handled today).
2015-03-23 23:34:35 +00:00
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Validate uids and gids for securitycontext
2015-11-20 02:42:02 +00:00
"bad supplementalGroups large than math.MaxInt32": {
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
HostNetwork: false,
SupplementalGroups: []int64{maxID, 1234},
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
"bad supplementalGroups less than 0": {
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
HostNetwork: false,
SupplementalGroups: []int64{minID, 1234},
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
"bad runAsUser large than math.MaxInt32": {
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
HostNetwork: false,
RunAsUser: &maxID,
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
"bad runAsUser less than 0": {
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
HostNetwork: false,
RunAsUser: &minID,
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
"bad fsGroup large than math.MaxInt32": {
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
HostNetwork: false,
FSGroup: &maxID,
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
"bad fsGroup less than 0": {
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
SecurityContext: &api.PodSecurityContext{
HostNetwork: false,
FSGroup: &minID,
},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
"bad-active-deadline-seconds": {
Volumes: []api.Volume{
{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
},
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
NodeSelector: map[string]string{
"key": "value",
},
update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go
2015-05-22 23:40:57 +00:00
NodeName: "foobar",
Kubelet kills a pod that exceeds ActiveDeadlineSeconds
2015-05-09 05:01:43 +00:00
DNSPolicy: api.DNSClusterFirst,
ActiveDeadlineSeconds: &activeDeadlineSeconds,
},
Validate pod spec.nodeName
2015-11-30 19:35:34 +00:00
"bad nodeName": {
NodeName: "node name",
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for k, v := range failureCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := ValidatePodSpec(&v, field.NewPath("field")); len(errs) == 0 {
Beef up validation tests
2015-01-06 19:11:52 +00:00
t.Errorf("expected failure for %q", k)
}
}
}
func TestValidatePod(t *testing.T) {
successCases := []api.Pod{
{ // Basic fields.
ObjectMeta: api.ObjectMeta{Name: "123", Namespace: "ns"},
Spec: api.PodSpec{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
Volumes: []api.Volume{{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}}},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Introduce the simplest RestartPolicy and handling.
2014-08-26 18:25:17 +00:00
},
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
{ // Just about everything.
ObjectMeta: api.ObjectMeta{Name: "abc.123.do-re-mi", Namespace: "ns"},
Spec: api.PodSpec{
Volumes: []api.Volume{
Embed VolumeSource in v1beta3 and internal.
2015-03-03 22:48:55 +00:00
{Name: "vol", VolumeSource: api.VolumeSource{EmptyDir: &api.EmptyDirVolumeSource{}}},
Beef up validation tests
2015-01-06 19:11:52 +00:00
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Beef up validation tests
2015-01-06 19:11:52 +00:00
DNSPolicy: api.DNSClusterFirst,
NodeSelector: map[string]string{
"key": "value",
},
update PodSpec.Host to PodSpec.NodeName in /pkg/api/types.go and /pkg/api/v1beta3/types.go
2015-05-22 23:40:57 +00:00
NodeName: "foobar",
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
},
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
},
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
{ // Serialized affinity requirements in annotations.
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
// TODO: Uncomment and move this block into Annotations map once
// RequiredDuringSchedulingRequiredDuringExecution is implemented
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
// "requiredDuringSchedulingRequiredDuringExecution": {
// "nodeSelectorTerms": [{
// "matchExpressions": [{
// "key": "key1",
// "operator": "Exists"
// }]
// }]
// },
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"nodeAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": {
"nodeSelectorTerms": [{
"matchExpressions": [{
"key": "key2",
"operator": "In",
"values": ["value1", "value2"]
}]
}]
},
"preferredDuringSchedulingIgnoredDuringExecution": [
{
"weight": 10,
"preference": {"matchExpressions": [
{
"key": "foo",
"operator": "In", "values": ["bar"]
}
]}
}
]
}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
{ // Serialized pod affinity in affinity requirements in annotations.
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
// TODO: Uncomment and move this block into Annotations map once
// RequiredDuringSchedulingRequiredDuringExecution is implemented
// "requiredDuringSchedulingRequiredDuringExecution": [{
// "labelSelector": {
// "matchExpressions": [{
// "key": "key2",
// "operator": "In",
// "values": ["value1", "value2"]
// }]
// },
// "namespaces":["ns"],
// "topologyKey": "zone"
// }]
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": [{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "In",
"values": ["value1", "value2"]
}]
},
"topologyKey": "zone",
"namespaces": ["ns"]
}],
"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm": {
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "NotIn",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": "region"
}
}]
}}`,
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
},
Spec: api.PodSpec{
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
{ // Serialized pod anti affinity with different Label Operators in affinity requirements in annotations.
Added validation for annotations
2015-01-24 14:36:22 +00:00
ObjectMeta: api.ObjectMeta{
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
Name: "123",
Added validation for annotations
2015-01-24 14:36:22 +00:00
Namespace: "ns",
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
// TODO: Uncomment and move this block into Annotations map once
// RequiredDuringSchedulingRequiredDuringExecution is implemented
// "requiredDuringSchedulingRequiredDuringExecution": [{
// "labelSelector": {
// "matchExpressions": [{
// "key": "key2",
// "operator": "In",
// "values": ["value1", "value2"]
// }]
// },
// "namespaces":["ns"],
// "topologyKey": "zone"
// }]
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAntiAffinity": {
"requiredDuringSchedulingIgnoredDuringExecution": [{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "Exists"
}]
},
"topologyKey": "zone",
"namespaces": ["ns"]
}],
"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm": {
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "DoesNotExist"
}]
},
"namespaces": ["ns"],
"topologyKey": "region"
}
}]
}}`,
Added validation for annotations
2015-01-24 14:36:22 +00:00
},
},
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
Spec: api.PodSpec{
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
},
Added validation for annotations
2015-01-24 14:36:22 +00:00
},
implement taints and tolerations
2016-03-31 03:42:57 +00:00
{ // populate tolerations equal operator in annotations.
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "foo",
"operator": "Equal",
"value": "bar",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
{ // populate tolerations exists operator in annotations.
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "foo",
"operator": "Exists",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
{ // empty operator is ok for toleration
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "foo",
"value": "bar",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
{ // empty efffect is ok for toleration
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "foo",
"operator": "Equal",
"value": "bar"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
Move seccomp annotation validation into api/validation
2016-06-10 08:02:36 +00:00
{ // docker default seccomp profile
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompPodAnnotationKey: "docker/default",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
{ // unconfined seccomp profile
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompPodAnnotationKey: "unconfined",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
{ // localhost seccomp profile
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompPodAnnotationKey: "localhost/foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
{ // localhost seccomp profile for a container
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompContainerAnnotationKeyPrefix + "foo": "localhost/foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
}
for _, pod := range successCases {
if errs := ValidatePod(&pod); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := map[string]api.Pod{
implement taints and tolerations
2016-03-31 03:42:57 +00:00
"bad name": {
ObjectMeta: api.ObjectMeta{Name: "", Namespace: "ns"},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
},
},
"bad namespace": {
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: ""},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
},
},
"bad spec": {
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "ns"},
Spec: api.PodSpec{
Containers: []api.Container{{}},
},
},
"bad label": {
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "ns",
Labels: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
"invalid json of node affinity in pod annotations": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"nodeAffinity": {
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
"requiredDuringSchedulingIgnoredDuringExecution": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
"nodeSelectorTerms": [{
`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
"invalid node selector requirement in node affinity in pod annotations, operator can't be null": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
{"nodeAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
"nodeSelectorTerms": [{
"matchExpressions": [{
"key": "key1",
}]
}]
}}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
"invalid preferredSchedulingTerm in node affinity in pod annotations, weight should be in range 1-100": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"nodeAffinity": {"preferredDuringSchedulingIgnoredDuringExecution": [
{
"weight": 199,
"preference": {"matchExpressions": [
{
"key": "foo",
"operator": "In",
"values": ["bar"]
}
]}
}
]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
"invalid requiredDuringSchedulingIgnoredDuringExecution node selector, nodeSelectorTerms must have at least one term": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"nodeAffinity": {
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
"requiredDuringSchedulingIgnoredDuringExecution": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
"nodeSelectorTerms": []
},
}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
"invalid requiredDuringSchedulingIgnoredDuringExecution node selector term, matchExpressions must have at least one node selector requirement": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"nodeAffinity": {
Comment out NodeAffinity.RequiredDuringSchedulingRequiredDuringExecution because it is not yet implemented.
2016-02-11 07:06:33 +00:00
"requiredDuringSchedulingIgnoredDuringExecution": {
implement Node affinity and NodeSelector
2016-01-26 23:03:18 +00:00
"nodeSelectorTerms": [{
"matchExpressions": []
}]
},
}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
implement inter pod topological affinity and anti-affinity
2016-05-04 06:50:31 +00:00
"invalid weight in preferredDuringSchedulingIgnoredDuringExecution in pod affinity annotations, weight should be in range 1-100": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAffinity": {"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 109,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "NotIn",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": "region"
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid labelSelector in preferredDuringSchedulingIgnoredDuringExecution in podaffinity annotations, values should be empty if the operator is Exists": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAffinity": {"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "Exists",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": "region"
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid name space in preferredDuringSchedulingIgnoredDuringExecution in podaffinity annotations, name space shouldbe valid": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAffinity": {"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "Exists",
"values": ["value1", "value2"]
}]
},
"namespaces": ["INVALID_NAMESPACE"],
"topologyKey": "region"
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid labelOperator in preferredDuringSchedulingIgnoredDuringExecution in podantiaffinity annotations, labelOperator should be proper": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAntiAffinity": {"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "WrongOp",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": "region"
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid pod affinity, empty topologyKey is not allowed for hard pod affinity": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "In",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": ""
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid pod anti-affinity, empty topologyKey is not allowed for hard pod anti-affinity": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAntiAffinity": {"requiredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "In",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": ""
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid pod anti-affinity, empty topologyKey is not allowed for soft pod affinity": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.AffinityAnnotationKey: `
{"podAffinity": {"preferredDuringSchedulingIgnoredDuringExecution": [{
"weight": 10,
"podAffinityTerm":
{
"labelSelector": {
"matchExpressions": [{
"key": "key2",
"operator": "In",
"values": ["value1", "value2"]
}]
},
"namespaces": ["ns"],
"topologyKey": ""
}
}]}}`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
implement taints and tolerations
2016-03-31 03:42:57 +00:00
"invalid toleration key": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "nospecialchars^=@",
"operator": "Equal",
"value": "bar",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"invalid toleration operator": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "foo",
"operator": "In",
"value": "bar",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"value must be empty when `operator` is 'Exists'": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.TolerationsAnnotationKey: `
[{
"key": "foo",
"operator": "Exists",
"value": "bar",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
Move seccomp annotation validation into api/validation
2016-06-10 08:02:36 +00:00
"must be a valid pod seccomp profile": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompPodAnnotationKey: "foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"must be a valid container seccomp profile": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompContainerAnnotationKeyPrefix + "foo": "foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"must be a non-empty container name in seccomp annotation": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompContainerAnnotationKeyPrefix: "foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"must be a non-empty container profile in seccomp annotation": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompContainerAnnotationKeyPrefix + "foo": "",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"must be a relative path in a node-local seccomp profile annotation": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompPodAnnotationKey: "localhost//foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
"must not start with '../'": {
ObjectMeta: api.ObjectMeta{
Name: "123",
Namespace: "ns",
Annotations: map[string]string{
api.SeccompPodAnnotationKey: "localhost/../foo",
},
},
Spec: api.PodSpec{
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
},
},
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
for k, v := range errorCases {
if errs := ValidatePod(&v); len(errs) == 0 {
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
t.Errorf("expected failure for %q", k)
Beef up validation tests
2015-01-06 19:11:52 +00:00
}
add RFC952 label validation
2014-10-23 20:14:13 +00:00
}
Add RestartPolicy to Pod and PodTemplate
2014-07-22 18:45:12 +00:00
}
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
func TestValidatePodUpdate(t *testing.T) {
Allow pod.Spec.ActiveDeadlineSeconds to be updateable
2016-01-26 20:52:14 +00:00
var (
activeDeadlineSecondsZero = int64(0)
activeDeadlineSecondsNegative = int64(-30)
activeDeadlineSecondsPositive = int64(30)
activeDeadlineSecondsLarger = int64(31)
now = unversioned.Now()
grace = int64(30)
grace2 = int64(31)
)
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
tests := []struct {
a api.Pod
b api.Pod
isValid bool
test string
}{
{api.Pod{}, api.Pod{}, true, "nothing"},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "bar"},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
false,
"ids",
},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"foo": "bar",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"bar": "foo",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
true,
"labels",
},
Added validation for annotations
2015-01-24 14:36:22 +00:00
{
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Annotations: map[string]string{
"foo": "bar",
},
},
},
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Annotations: map[string]string{
"bar": "foo",
},
},
},
true,
"annotations",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
},
{
Image: "bar:V2",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
false,
"more containers",
},
{
api.Pod{
Validate deletion timestamp doesn't change on update
2016-04-28 15:50:48 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
Add TerminationGracePeriodSeconds to API Set defaulting for pod spec
2015-08-19 23:59:43 +00:00
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
api.Pod{
Validate deletion timestamp doesn't change on update
2016-04-28 15:50:48 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo", DeletionTimestamp: &now},
Add TerminationGracePeriodSeconds to API Set defaulting for pod spec
2015-08-19 23:59:43 +00:00
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
true,
"deletion timestamp filled out",
},
{
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &grace},
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo", DeletionTimestamp: &now, DeletionGracePeriodSeconds: &grace2},
Spec: api.PodSpec{Containers: []api.Container{{Image: "foo:V1"}}},
},
false,
"deletion grace period seconds cleared",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
true,
"image change",
},
Allow pod.Spec.ActiveDeadlineSeconds to be updateable
2016-01-26 20:52:14 +00:00
{
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo"},
Spec: api.PodSpec{
Containers: []api.Container{
{},
},
},
},
api.Pod{
ObjectMeta: api.ObjectMeta{Name: "foo"},
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
},
},
},
},
false,
"image change to empty",
},
{
api.Pod{
Spec: api.PodSpec{},
},
api.Pod{
Spec: api.PodSpec{},
},
true,
"activeDeadlineSeconds no change, nil",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
true,
"activeDeadlineSeconds no change, set",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
api.Pod{},
true,
"activeDeadlineSeconds change to positive from nil",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsLarger,
},
},
true,
"activeDeadlineSeconds change to smaller positive",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsLarger,
},
},
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
false,
"activeDeadlineSeconds change to larger positive",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsNegative,
},
},
api.Pod{},
false,
"activeDeadlineSeconds change to negative from nil",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsNegative,
},
},
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
false,
"activeDeadlineSeconds change to negative from positive",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsZero,
},
},
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
true,
"activeDeadlineSeconds change to zero from positive",
},
{
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsZero,
},
},
api.Pod{},
true,
"activeDeadlineSeconds change to zero from nil",
},
{
api.Pod{},
api.Pod{
Spec: api.PodSpec{
ActiveDeadlineSeconds: &activeDeadlineSecondsPositive,
},
},
false,
"activeDeadlineSeconds change to nil from positive",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("100m", "0"),
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
Rename ResourceRequirementSpec to ResourceRequirements.
2015-02-09 22:44:32 +00:00
Resources: api.ResourceRequirements{
Adding ResourceRequirementSpec to v1beta1, v1beta2, and v1beta3 APIs. The old resource quantities 'CPU' and 'Memory' will be preserved until support for v1beta1 and v1beta2 APIs are dropped. Improved resource validation in the process.
2015-01-25 04:19:36 +00:00
Limits: getResourceLimits("1000m", "0"),
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
false,
"cpu change",
},
{
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V1",
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
Ports: []api.ContainerPort{
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
{HostPort: 8080, ContainerPort: 80},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
},
api.Pod{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "foo"},
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
Spec: api.PodSpec{
Containers: []api.Container{
{
Image: "foo:V2",
Rename type Port to ContainerPort Sadly I had to do this by hand - I just could not get gorename to fix up users of it.
2015-02-23 22:25:56 +00:00
Ports: []api.ContainerPort{
v1beta3 Pod refactor
2014-11-13 15:52:13 +00:00
{HostPort: 8000, ContainerPort: 80},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
},
},
},
},
},
false,
"port change",
},
Add a few extra test cases for API validation of labels that would have caught a bug that was in past versions. Also, copy the label key format requirements from the API types.go comments into the labels doc.
2015-02-04 22:21:34 +00:00
{
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"foo": "bar",
},
},
},
api.Pod{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{
"Bar": "foo",
},
},
},
true,
"bad label change",
},
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
}
for _, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.a.ObjectMeta.ResourceVersion = "1"
test.b.ObjectMeta.ResourceVersion = "1"
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
errs := ValidatePodUpdate(&test.a, &test.b)
if test.isValid {
if len(errs) != 0 {
Allow pod.Spec.ActiveDeadlineSeconds to be updateable
2016-01-26 20:52:14 +00:00
t.Errorf("unexpected invalid: %s (%+v)\nA: %+v\nB: %+v", test.test, errs, test.a, test.b)
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
}
} else {
if len(errs) == 0 {
Allow pod.Spec.ActiveDeadlineSeconds to be updateable
2016-01-26 20:52:14 +00:00
t.Errorf("unexpected valid: %s\nA: %+v\nB: %+v", test.test, test.a, test.b)
Add update to the pod etcd handler.
2014-10-10 03:30:34 +00:00
}
}
}
}
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
func makeValidService() api.Service {
return api.Service{
ObjectMeta: api.ObjectMeta{
Name: "valid",
Namespace: "valid",
Labels: map[string]string{},
Annotations: map[string]string{},
ResourceVersion: "1",
},
Spec: api.ServiceSpec{
Selector: map[string]string{"key": "val"},
SessionAffinity: "None",
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
Type: api.ServiceTypeClusterIP,
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
Ports: []api.ServicePort{{Name: "p", Protocol: "TCP", Port: 8675, TargetPort: intstr.FromInt(8675)}},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
},
}
}
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
func TestValidateService(t *testing.T) {
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
testCases := []struct {
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
name string
tweakSvc func(svc *api.Service) // given a basic valid service, each test case can customize it
numErrs int
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
}{
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing namespace",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Namespace = ""
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid namespace",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Namespace = "-123"
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Name = ""
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
},
Update test cases to use default context
2014-09-29 21:18:18 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Name = "-123"
Update test cases to use default context
2014-09-29 21:18:18 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "too long name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Name = strings.Repeat("a", 25)
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
Make validation check for legal serive port numbers.
2014-08-22 21:44:21 +00:00
},
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid generateName",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.GenerateName = "-123"
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "too long generateName",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.GenerateName = strings.Repeat("a", 25)
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid label",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Labels["NoUppercaseOrSpecialCharsLike=Equals"] = "bar"
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid annotation",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Annotations["NoSpecialCharsLike=Equals"] = "bar"
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
numErrs: 1,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "nil selector",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Selector = nil
},
numErrs: 0,
},
add a 'protocol' field to api.Service
2014-09-10 16:53:40 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid selector",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Spec.Selector["NoSpecialCharsLike=Equals"] = "bar"
add a 'protocol' field to api.Service
2014-09-10 16:53:40 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing session affinity",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
s.Spec.SessionAffinity = ""
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
{
name: "missing type",
tweakSvc: func(s *api.Service) {
s.Spec.Type = ""
},
numErrs: 1,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "missing ports",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports = nil
},
numErrs: 1,
},
Headless services should not need to declare ports
2015-11-06 17:53:57 +00:00
{
name: "missing ports but headless",
tweakSvc: func(s *api.Service) {
s.Spec.Ports = nil
s.Spec.ClusterIP = api.ClusterIPNone
},
numErrs: 0,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "empty port[0] name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Name = ""
},
numErrs: 0,
},
{
name: "empty port[1] name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "", Protocol: "TCP", Port: 12345, TargetPort: intstr.FromInt(12345)})
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
},
numErrs: 1,
},
Service port names are required for multi-port There is no provision for the first port to be unnamed. I think I initially allowed that, but then the Subset struct became a sorted struct, so the first-ness of the port got lost. If you have a Service with one named and one unnamed port, what happens is that the EndpointController fails to create Endpoints (validation error).
2015-05-05 18:51:51 +00:00
{
name: "empty multi-port port[0] name",
tweakSvc: func(s *api.Service) {
s.Spec.Ports[0].Name = ""
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p", Protocol: "TCP", Port: 12345, TargetPort: intstr.FromInt(12345)})
Service port names are required for multi-port There is no provision for the first port to be unnamed. I think I initially allowed that, but then the Subset struct became a sorted struct, so the first-ness of the port got lost. If you have a Service with one named and one unnamed port, what happens is that the EndpointController fails to create Endpoints (validation error).
2015-05-05 18:51:51 +00:00
},
numErrs: 1,
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
{
name: "invalid port name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Name = "INVALID"
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing protocol",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Protocol = ""
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid protocol",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Protocol = "INVALID"
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "invalid cluster ip",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
s.Spec.ClusterIP = "invalid"
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
},
numErrs: 1,
},
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "missing port",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Port = 0
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
},
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "invalid port",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Port = 65536
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
{
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
name: "invalid TargetPort int",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports[0].TargetPort = intstr.FromInt(65536)
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 1,
},
Ensure headless service port equal to targetPort
2015-11-27 08:09:13 +00:00
{
name: "valid port headless",
tweakSvc: func(s *api.Service) {
s.Spec.Ports[0].Port = 11722
s.Spec.Ports[0].TargetPort = intstr.FromInt(11722)
s.Spec.ClusterIP = api.ClusterIPNone
},
numErrs: 0,
},
{
Restore service port validation compatibility with 1.0/1.1
2016-02-23 04:06:16 +00:00
name: "invalid port headless 1",
Ensure headless service port equal to targetPort
2015-11-27 08:09:13 +00:00
tweakSvc: func(s *api.Service) {
s.Spec.Ports[0].Port = 11722
s.Spec.Ports[0].TargetPort = intstr.FromInt(11721)
s.Spec.ClusterIP = api.ClusterIPNone
},
Restore service port validation compatibility with 1.0/1.1
2016-02-23 04:06:16 +00:00
// in the v1 API, targetPorts on headless services were tolerated.
// once we have version-specific validation, we can reject this on newer API versions, but until then, we have to tolerate it for compatibility.
// numErrs: 1,
numErrs: 0,
Ensure headless service port equal to targetPort
2015-11-27 08:09:13 +00:00
},
{
Restore service port validation compatibility with 1.0/1.1
2016-02-23 04:06:16 +00:00
name: "invalid port headless 2",
Ensure headless service port equal to targetPort
2015-11-27 08:09:13 +00:00
tweakSvc: func(s *api.Service) {
s.Spec.Ports[0].Port = 11722
s.Spec.Ports[0].TargetPort = intstr.FromString("target")
s.Spec.ClusterIP = api.ClusterIPNone
},
Restore service port validation compatibility with 1.0/1.1
2016-02-23 04:06:16 +00:00
// in the v1 API, targetPorts on headless services were tolerated.
// once we have version-specific validation, we can reject this on newer API versions, but until then, we have to tolerate it for compatibility.
// numErrs: 1,
numErrs: 0,
Ensure headless service port equal to targetPort
2015-11-27 08:09:13 +00:00
},
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
{
name: "invalid publicIPs localhost",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
External IPs support.
2015-08-12 00:18:21 +00:00
s.Spec.ExternalIPs = []string{"127.0.0.1"}
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
numErrs: 1,
},
{
name: "invalid publicIPs",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
External IPs support.
2015-08-12 00:18:21 +00:00
s.Spec.ExternalIPs = []string{"0.0.0.0"}
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
numErrs: 1,
},
{
External IPs support.
2015-08-12 00:18:21 +00:00
name: "invalid publicIPs host",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
External IPs support.
2015-08-12 00:18:21 +00:00
s.Spec.ExternalIPs = []string{"myhost.mydomain"}
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
External IPs support.
2015-08-12 00:18:21 +00:00
numErrs: 1,
Validate Service.Spec.publicIPs to be a valid IP that is not a localhost
2015-03-16 14:03:05 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
{
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
name: "dup port name",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Name = "p"
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
numErrs: 1,
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
{
* Added UDP LB support (for GCE)
2015-09-28 20:57:58 +00:00
name: "valid load balancer protocol UDP 1",
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
s.Spec.Ports[0].Protocol = "UDP"
},
* Added UDP LB support (for GCE)
2015-09-28 20:57:58 +00:00
numErrs: 0,
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
{
* Added UDP LB support (for GCE)
2015-09-28 20:57:58 +00:00
name: "valid load balancer protocol UDP 2",
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
add service validation for mix protocol
2016-02-03 22:54:32 +00:00
s.Spec.Ports[0] = api.ServicePort{Name: "q", Port: 12345, Protocol: "UDP", TargetPort: intstr.FromInt(12345)}
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
* Added UDP LB support (for GCE)
2015-09-28 20:57:58 +00:00
numErrs: 0,
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
add service validation for mix protocol
2016-02-03 22:54:32 +00:00
{
name: "invalid load balancer with mix protocol",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "UDP", TargetPort: intstr.FromInt(12345)})
},
numErrs: 1,
},
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "valid 1",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
// do nothing
Add some validation for externalized service ports.
2014-10-31 06:03:52 +00:00
},
numErrs: 0,
},
add RFC952 label validation
2014-10-23 20:14:13 +00:00
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "valid 2",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
WIP: Implement multi-port Services
2015-03-13 15:16:41 +00:00
s.Spec.Ports[0].Protocol = "UDP"
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports[0].TargetPort = intstr.FromInt(12345)
Allow an empty service
2014-11-18 17:49:00 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 0,
Allow an empty service
2014-11-18 17:49:00 +00:00
},
{
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
name: "valid 3",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports[0].TargetPort = intstr.FromString("http")
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
numErrs: 0,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "valid cluster ip - none ",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
s.Spec.ClusterIP = "None"
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
},
numErrs: 0,
},
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "valid cluster ip - empty",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(s *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
s.Spec.ClusterIP = ""
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports[0].TargetPort = intstr.FromString("http")
Headless Services: Adding option to specify None for PortalIP
2015-03-16 21:36:30 +00:00
},
numErrs: 0,
},
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
{
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
name: "valid type - cluster",
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
},
numErrs: 0,
},
{
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
name: "valid type - loadbalancer",
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
},
numErrs: 0,
},
{
name: "valid type loadbalancer 2 ports",
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
numErrs: 0,
},
{
name: "valid external load balancer 2 ports",
tweakSvc: func(s *api.Service) {
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Move validation of load balancers only supporting TCP ports to validation.go.
2015-04-03 19:06:25 +00:00
},
numErrs: 0,
},
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
{
name: "duplicate nodeports",
tweakSvc: func(s *api.Service) {
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
s.Spec.Type = api.ServiceTypeNodePort
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 1, Protocol: "TCP", NodePort: 1, TargetPort: intstr.FromInt(1)})
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "r", Port: 2, Protocol: "TCP", NodePort: 1, TargetPort: intstr.FromInt(2)})
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
numErrs: 1,
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
{
name: "duplicate nodeports (different protocols)",
tweakSvc: func(s *api.Service) {
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
s.Spec.Type = api.ServiceTypeNodePort
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 1, Protocol: "TCP", NodePort: 1, TargetPort: intstr.FromInt(1)})
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "r", Port: 2, Protocol: "UDP", NodePort: 1, TargetPort: intstr.FromInt(2)})
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
numErrs: 0,
},
{
name: "valid type - cluster",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
},
numErrs: 0,
},
{
name: "valid type - nodeport",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
},
numErrs: 0,
},
{
name: "valid type - loadbalancer",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
},
numErrs: 0,
},
{
name: "valid type loadbalancer 2 ports",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid type loadbalancer with NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", NodePort: 12345, TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid type=NodePort service with NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", NodePort: 12345, TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid type=NodePort service without NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "valid cluster service without NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
},
{
name: "invalid cluster service with NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeClusterIP
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", NodePort: 12345, TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 1,
},
{
name: "invalid public service with duplicate NodePort",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeNodePort
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p1", Port: 1, Protocol: "TCP", NodePort: 1, TargetPort: intstr.FromInt(1)})
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "p2", Port: 2, Protocol: "TCP", NodePort: 1, TargetPort: intstr.FromInt(2)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 1,
},
{
name: "valid type=LoadBalancer",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "q", Port: 12345, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
},
numErrs: 0,
Add NodePort to ServicePort We prevent it from being set by validation
2015-05-22 21:54:19 +00:00
},
Automatically open a firewall when creating a GCE load balancer.
2015-07-09 05:02:10 +00:00
{
// For now we open firewalls, and its insecure if we open 10250, remove this
// when we have better protections in place.
name: "invalid port type=LoadBalancer",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
Refactor IntOrString into a new pkg pkg/util/intstr is a cleaner encapsulation for this type and supporting functions. No behavioral change.
2015-11-10 06:28:45 +00:00
s.Spec.Ports = append(s.Spec.Ports, api.ServicePort{Name: "kubelet", Port: 10250, Protocol: "TCP", TargetPort: intstr.FromInt(12345)})
Automatically open a firewall when creating a GCE load balancer.
2015-07-09 05:02:10 +00:00
},
numErrs: 1,
},
LB Source Ranges: Move validation into API layer Had to move other things around too to avoid a weird api -> cloudprovider dependency. Also adding fixes per code reviews. (This is a squash of the previously approved commits)
2016-03-01 01:56:39 +00:00
{
name: "valid LoadBalancer source range annotation",
tweakSvc: func(s *api.Service) {
promote sourceRange into service spec
2016-05-17 23:55:04 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
LB Source Ranges: Move validation into API layer Had to move other things around too to avoid a weird api -> cloudprovider dependency. Also adding fixes per code reviews. (This is a squash of the previously approved commits)
2016-03-01 01:56:39 +00:00
s.Annotations[service.AnnotationLoadBalancerSourceRangesKey] = "1.2.3.4/8, 5.6.7.8/16"
},
numErrs: 0,
},
{
name: "empty LoadBalancer source range annotation",
tweakSvc: func(s *api.Service) {
promote sourceRange into service spec
2016-05-17 23:55:04 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
LB Source Ranges: Move validation into API layer Had to move other things around too to avoid a weird api -> cloudprovider dependency. Also adding fixes per code reviews. (This is a squash of the previously approved commits)
2016-03-01 01:56:39 +00:00
s.Annotations[service.AnnotationLoadBalancerSourceRangesKey] = ""
},
numErrs: 0,
},
{
name: "invalid LoadBalancer source range annotation (hostname)",
tweakSvc: func(s *api.Service) {
s.Annotations[service.AnnotationLoadBalancerSourceRangesKey] = "foo.bar"
},
promote sourceRange into service spec
2016-05-17 23:55:04 +00:00
numErrs: 2,
LB Source Ranges: Move validation into API layer Had to move other things around too to avoid a weird api -> cloudprovider dependency. Also adding fixes per code reviews. (This is a squash of the previously approved commits)
2016-03-01 01:56:39 +00:00
},
{
name: "invalid LoadBalancer source range annotation (invalid CIDR)",
tweakSvc: func(s *api.Service) {
promote sourceRange into service spec
2016-05-17 23:55:04 +00:00
s.Spec.Type = api.ServiceTypeLoadBalancer
LB Source Ranges: Move validation into API layer Had to move other things around too to avoid a weird api -> cloudprovider dependency. Also adding fixes per code reviews. (This is a squash of the previously approved commits)
2016-03-01 01:56:39 +00:00
s.Annotations[service.AnnotationLoadBalancerSourceRangesKey] = "1.2.3.4/33"
},
numErrs: 1,
},
promote sourceRange into service spec
2016-05-17 23:55:04 +00:00
{
name: "invalid source range for non LoadBalancer type service",
tweakSvc: func(s *api.Service) {
s.Spec.LoadBalancerSourceRanges = []string{"1.2.3.4/8", "5.6.7.8/16"}
},
numErrs: 1,
},
{
name: "valid LoadBalancer source range",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
s.Spec.LoadBalancerSourceRanges = []string{"1.2.3.4/8", "5.6.7.8/16"}
},
numErrs: 0,
},
{
name: "empty LoadBalancer source range",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
s.Spec.LoadBalancerSourceRanges = []string{" "}
},
numErrs: 1,
},
{
name: "invalid LoadBalancer source range",
tweakSvc: func(s *api.Service) {
s.Spec.Type = api.ServiceTypeLoadBalancer
s.Spec.LoadBalancerSourceRanges = []string{"foo.bar"}
},
numErrs: 1,
},
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
}
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
for _, tc := range testCases {
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
svc := makeValidService()
tc.tweakSvc(&svc)
Make testing service validation easier Part of multi-port services. If people like this, we could start to apply this pattern elsewhere. TL;DR: don't redefine objects over and over changing one thing each time. Instead provide a func that mutates a base object to test facets of validation. Much easier to read and to update.
2015-03-08 05:40:18 +00:00
errs := ValidateService(&svc)
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
if len(errs) != tc.numErrs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
t.Errorf("Unexpected error list for case %q: %v", tc.name, errs.ToAggregate())
make service validation test be table-driven
2014-09-10 16:41:31 +00:00
}
Add initial validation of Service objects
2014-07-10 19:45:01 +00:00
}
}
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
Add replication controller status subresource
2015-09-28 19:39:57 +00:00
func TestValidateReplicationControllerStatusUpdate(t *testing.T) {
validSelector := map[string]string{"a": "b"}
validPodTemplate := api.PodTemplate{
Template: api.PodTemplateSpec{
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
},
},
}
type rcUpdateTest struct {
old api.ReplicationController
update api.ReplicationController
}
successCases := []rcUpdateTest{
{
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &validPodTemplate.Template,
},
Status: api.ReplicationControllerStatus{
Replicas: 2,
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 3,
Selector: validSelector,
Template: &validPodTemplate.Template,
},
Status: api.ReplicationControllerStatus{
Replicas: 4,
},
},
},
}
for _, successCase := range successCases {
successCase.old.ObjectMeta.ResourceVersion = "1"
successCase.update.ObjectMeta.ResourceVersion = "1"
Make order of fun consistent
2015-11-04 07:47:11 +00:00
if errs := ValidateReplicationControllerStatusUpdate(&successCase.update, &successCase.old); len(errs) != 0 {
Add replication controller status subresource
2015-09-28 19:39:57 +00:00
t.Errorf("expected success: %v", errs)
}
}
errorCases := map[string]rcUpdateTest{
"negative replicas": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &validPodTemplate.Template,
},
Status: api.ReplicationControllerStatus{
Replicas: 3,
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: validSelector,
Template: &validPodTemplate.Template,
},
Status: api.ReplicationControllerStatus{
Replicas: -3,
},
},
},
}
for testName, errorCase := range errorCases {
Make order of fun consistent
2015-11-04 07:47:11 +00:00
if errs := ValidateReplicationControllerStatusUpdate(&errorCase.update, &errorCase.old); len(errs) == 0 {
Add replication controller status subresource
2015-09-28 19:39:57 +00:00
t.Errorf("expected failure: %s", testName)
}
}
}
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
func TestValidateReplicationControllerUpdate(t *testing.T) {
validSelector := map[string]string{"a": "b"}
validPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
}
readWriteVolumePodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
Volumes: []api.Volume{{Name: "gcepd", VolumeSource: api.VolumeSource{GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}}},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
}
invalidSelector := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
invalidPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
DNSPolicy: api.DNSClusterFirst,
},
ObjectMeta: api.ObjectMeta{
Labels: invalidSelector,
},
},
}
type rcUpdateTest struct {
old api.ReplicationController
update api.ReplicationController
}
successCases := []rcUpdateTest{
{
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 3,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
{
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 1,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
}
for _, successCase := range successCases {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
successCase.old.ObjectMeta.ResourceVersion = "1"
successCase.update.ObjectMeta.ResourceVersion = "1"
Make order of fun consistent
2015-11-04 07:47:11 +00:00
if errs := ValidateReplicationControllerUpdate(&successCase.update, &successCase.old); len(errs) != 0 {
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
t.Errorf("expected success: %v", errs)
}
}
errorCases := map[string]rcUpdateTest{
"more than one read/write": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
"invalid selector": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: invalidSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
"invalid pod": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 2,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &invalidPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
"negative replicas": {
old: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
update: api.ReplicationController{
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: -1,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
},
}
for testName, errorCase := range errorCases {
Make order of fun consistent
2015-11-04 07:47:11 +00:00
if errs := ValidateReplicationControllerUpdate(&errorCase.update, &errorCase.old); len(errs) == 0 {
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
t.Errorf("expected failure: %s", testName)
}
}
}
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
func TestValidateReplicationController(t *testing.T) {
validSelector := map[string]string{"a": "b"}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
validPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
}
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
readWriteVolumePodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.PodSpec{
Correcting all go vet errors
2015-08-08 01:52:23 +00:00
Volumes: []api.Volume{{Name: "gcepd", VolumeSource: api.VolumeSource{GCEPersistentDisk: &api.GCEPersistentDiskVolumeSource{PDName: "my-PD", FSType: "ext4", Partition: 1, ReadOnly: false}}}},
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Fix tests in validation_test Some tests expect the error cases to fail for a specific reason, but they could fail for other reasons and still pass. This caused some changes to break the tests without noticing the breakage. Example are the recent defaulting PR This change fixes such tests and also updates some obsolete tests.
2015-02-04 23:44:46 +00:00
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Adds support for attaching GCEPersitentDisks Adds GCEPersistentDisk volume struct Adds gce-utils to attach disk to kubelet's VM. Updates config to give compute-rw to every minion. Adds GCEPersistentDisk to API Adds ability to mount attached disks Generalizes PD and adds tests. PD now uses an pluggable API interface. Unit Tests more cleanly separates TearDown and SetUp Modify boilerplate hook to omit build tags Adds Mounter interface; mount is now built by OS TearDown() for PD now detaches disk on final refcount Un-generalized PD; GCE calls moved to cloudprovider Address comments.
2014-08-05 17:58:43 +00:00
},
},
}
add RFC952 label validation
2014-10-23 20:14:13 +00:00
invalidSelector := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
invalidPodTemplate := api.PodTemplate{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: api.PodTemplateSpec{
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyAlways,
Factor out API defaulting from validation logic Currently, the validation logic validates fields in an object and supply default values wherever applies. This change factors out defaulting to a set of defaulting callback functions for decoding (see #1502 for more discussion). * This change is based on pull request 2587. * Most defaulting has been migrated to defaults.go where the defaulting functions are added. * validation_test.go and converter_test.go have been adapted to not testing the default values. * Fixed all tests with that create invalid objects with the absence of defaulting logic.
2015-01-26 17:52:50 +00:00
DNSPolicy: api.DNSClusterFirst,
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
ObjectMeta: api.ObjectMeta{
Labels: invalidSelector,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
successCases := []api.ReplicationController{
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
{
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc-123", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
{
ObjectMeta: api.ObjectMeta{Name: "abc-123", Namespace: api.NamespaceDefault},
Spec: api.ReplicationControllerSpec{
Replicas: 1,
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
},
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
}
for _, successCase := range successCases {
if errs := ValidateReplicationController(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Make validation work when not in the api package.
2014-08-30 01:20:27 +00:00
errorCases := map[string]api.ReplicationController{
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
"zero-length ID": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Update test cases to use default context
2014-09-29 21:18:18 +00:00
},
},
"missing-namespace": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc-123"},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
"empty selector": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
Add a validation that replicaSelector matches PodTemplate.Labels
2014-08-22 00:02:39 +00:00
"selector_doesnt_match": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: map[string]string{"foo": "bar"},
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
Add a validation that replicaSelector matches PodTemplate.Labels
2014-08-22 00:02:39 +00:00
},
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
"invalid manifest": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
},
},
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
"read-write persistent disk with > 1 pod": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc"},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Adjust replication controller validation to be more flexible about read/write volumes. Update docs to reflect reality as it is implemented.
2015-02-05 04:55:16 +00:00
Replicas: 2,
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &readWriteVolumePodTemplate.Template,
Adds support for attaching GCEPersitentDisks Adds GCEPersistentDisk volume struct Adds gce-utils to attach disk to kubelet's VM. Updates config to give compute-rw to every minion. Adds GCEPersistentDisk to API Adds ability to mount attached disks Generalizes PD and adds tests. PD now uses an pluggable API interface. Unit Tests more cleanly separates TearDown and SetUp Modify boilerplate hook to omit build tags Adds Mounter interface; mount is now built by OS TearDown() for PD now detaches disk on final refcount Un-generalized PD; GCE calls moved to cloudprovider Address comments.
2014-08-05 17:58:43 +00:00
},
},
Validate on replicas being non-negative
2014-08-04 19:02:51 +00:00
"negative_replicas": {
Refactor tests to split ObjectMeta from TypeMeta
2014-10-23 20:51:34 +00:00
ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: api.NamespaceDefault},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Replicas: -1,
Selector: validSelector,
Validate on replicas being non-negative
2014-08-04 19:02:51 +00:00
},
},
add RFC952 label validation
2014-10-23 20:14:13 +00:00
"invalid_label": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
Labels: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &validPodTemplate.Template,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
"invalid_label 2": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
Labels: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
Spec: api.ReplicationControllerSpec{
Rename PodTemplate.Spec to PodTemplate.Template
2015-03-04 15:46:27 +00:00
Template: &invalidPodTemplate.Template,
},
},
"invalid_annotation": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
Annotations: map[string]string{
"NoUppercaseOrSpecialCharsLike=Equals": "bar",
},
},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &validPodTemplate.Template,
add RFC952 label validation
2014-10-23 20:14:13 +00:00
},
},
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
"invalid restart policy 1": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &api.PodTemplateSpec{
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
},
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
},
},
},
"invalid restart policy 2": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Namespace: api.NamespaceDefault,
},
Spec: api.ReplicationControllerSpec{
Selector: validSelector,
Template: &api.PodTemplateSpec{
Spec: api.PodSpec{
Convert RestartPolicy to string for v1beta3. Fixed #3607 and spiritually support #5475
2015-03-14 01:38:07 +00:00
RestartPolicy: api.RestartPolicyNever,
DNSPolicy: api.DNSClusterFirst,
Validate that there is at least one container in the pod
2015-03-18 15:00:18 +00:00
Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent"}},
Add pod restart policy validation for replication controller.
2014-11-18 04:08:23 +00:00
},
ObjectMeta: api.ObjectMeta{
Labels: validSelector,
},
},
},
},
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
}
for k, v := range errorCases {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
errs := ValidateReplicationController(&v)
if len(errs) == 0 {
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
t.Errorf("expected failure for %s", k)
}
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
field := errs[i].Field
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
if !strings.HasPrefix(field, "spec.template.") &&
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
field != "metadata.name" &&
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
field != "metadata.namespace" &&
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
field != "spec.selector" &&
field != "spec.template" &&
Adds support for attaching GCEPersitentDisks Adds GCEPersistentDisk volume struct Adds gce-utils to attach disk to kubelet's VM. Updates config to give compute-rw to every minion. Adds GCEPersistentDisk to API Adds ability to mount attached disks Generalizes PD and adds tests. PD now uses an pluggable API interface. Unit Tests more cleanly separates TearDown and SetUp Modify boilerplate hook to omit build tags Adds Mounter interface; mount is now built by OS TearDown() for PD now detaches disk on final refcount Un-generalized PD; GCE calls moved to cloudprovider Address comments.
2014-08-05 17:58:43 +00:00
field != "GCEPersistentDisk.ReadOnly" &&
Update the validation logic to test PodTemplateSpec
2014-11-07 02:08:46 +00:00
field != "spec.replicas" &&
clean up error message on labels validation errs
2014-11-20 05:55:45 +00:00
field != "spec.template.labels" &&
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
field != "metadata.annotations" &&
Add replication controller status subresource
2015-09-28 19:39:57 +00:00
field != "metadata.labels" &&
field != "status.replicas" {
Convert field errors into a selector for the object Satisfies the "Field" condition for a Cause. Also addresses parts of #914.
2014-08-20 03:54:20 +00:00
t.Errorf("%s: missing prefix for: %v", k, errs[i])
}
}
Extend validation for ReplicationController Provide type safe checks for empty sets of selectors.
2014-07-25 16:15:17 +00:00
}
}
Read BoundPods from etcd instead of ContainerManifestList There are three values that uniquely identify a pod on a host - the configuration source (etcd, file, http), the pod name, and the pod namespace. This change ensures that configuration properly makes those names unique by changing podFullName to contain both name (currently ID in v1beta1, Name in v1beta3) and namespace. The Kubelet does not properly handle information requests for pods not in the default namespace at this time.
2014-10-08 19:56:02 +00:00
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
func TestValidateNode(t *testing.T) {
Centralize minion validation
2014-11-12 17:38:15 +00:00
validSelector := map[string]string{"a": "b"}
invalidSelector := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
successCases := []api.Node{
Centralize minion validation
2014-11-12 17:38:15 +00:00
{
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
ObjectMeta: api.ObjectMeta{
Name: "abc",
Labels: validSelector,
},
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
api.ResourceName("my.org/gpu"): resource.MustParse("10"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
},
{
Add name generation and normalize common create flows Adds `ObjectMeta.GenerateName`, an optional string field that defines name generation behavior if a Name is not provided. Adds `pkg/api/rest`, which defines the default Kubernetes API pattern for creation (and will cover update as well). Will allow registries and REST objects to be merged by moving logic on api out of those places. Add `pkg/api/rest/resttest`, which will be the test suite that verifies a RESTStorage object follows the Kubernetes API conventions and begin reducing our duplicated tests.
2015-01-27 23:56:38 +00:00
ObjectMeta: api.ObjectMeta{
Name: "abc",
},
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("0"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
},
implement taints and tolerations
2016-03-31 03:42:57 +00:00
{
ObjectMeta: api.ObjectMeta{
Name: "dedicated-node1",
// Add a valid taint to a node
Annotations: map[string]string{
api.TaintsAnnotationKey: `
[{
"key": "GPU",
"value": "true",
"effect": "NoSchedule"
}]`,
},
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("0"),
},
},
Spec: api.NodeSpec{
ExternalID: "external",
},
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
}
for _, successCase := range successCases {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
if errs := ValidateNode(&successCase); len(errs) != 0 {
Centralize minion validation
2014-11-12 17:38:15 +00:00
t.Errorf("expected success: %v", errs)
}
}
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
errorCases := map[string]api.Node{
Centralize minion validation
2014-11-12 17:38:15 +00:00
"zero-length Name": {
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
ObjectMeta: api.ObjectMeta{
Name: "",
Labels: validSelector,
},
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
},
"invalid-labels": {
Move the internal minion representation to match v1beta3 Moves to 'Spec' and 'Status' internally and removes duplicate fields. Moves Capacity into Spec and drops use of NodeResources
2014-11-19 22:39:10 +00:00
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Labels: invalidSelector,
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Spec: api.NodeSpec{
ExternalID: "external",
},
Add validation for node creation.
2015-03-24 17:24:07 +00:00
},
"missing-external-id": {
ObjectMeta: api.ObjectMeta{
Name: "abc-123",
Labels: validSelector,
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Add validation for node creation.
2015-03-24 17:24:07 +00:00
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("10G"),
},
},
},
implement taints and tolerations
2016-03-31 03:42:57 +00:00
"missing-taint-key": {
ObjectMeta: api.ObjectMeta{
Name: "dedicated-node1",
// Add a taint with an empty key to a node
Annotations: map[string]string{
api.TaintsAnnotationKey: `
[{
"key": "",
"value": "special-user-1",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.NodeSpec{
ExternalID: "external",
},
},
"bad-taint-key": {
ObjectMeta: api.ObjectMeta{
Name: "dedicated-node1",
// Add a taint with an empty key to a node
Annotations: map[string]string{
api.TaintsAnnotationKey: `
[{
"key": "NoUppercaseOrSpecialCharsLike=Equals",
"value": "special-user-1",
"effect": "NoSchedule"
}]`,
},
},
Spec: api.NodeSpec{
ExternalID: "external",
},
},
"bad-taint-value": {
ObjectMeta: api.ObjectMeta{
Name: "dedicated-node2",
Annotations: map[string]string{
api.TaintsAnnotationKey: `
[{
"key": "dedicated",
"value": "some\\bad\\value",
"effect": "NoSchedule"
}]`,
},
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("0"),
},
},
// Add a taint with an empty value to a node
Spec: api.NodeSpec{
ExternalID: "external",
},
},
"missing-taint-effect": {
ObjectMeta: api.ObjectMeta{
Name: "dedicated-node3",
// Add a taint with an empty effect to a node
Annotations: map[string]string{
api.TaintsAnnotationKey: `
[{
"key": "dedicated",
"value": "special-user-3",
"effect": ""
}]`,
},
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("0"),
},
},
Spec: api.NodeSpec{
ExternalID: "external",
},
},
"invalide-taint-effect": {
ObjectMeta: api.ObjectMeta{
Name: "dedicated-node3",
// Add a taint with an empty effect to a node
Annotations: map[string]string{
api.TaintsAnnotationKey: `
[{
"key": "dedicated",
"value": "special-user-3",
"effect": "NoExecute"
}]`,
},
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "something"},
},
Capacity: api.ResourceList{
api.ResourceName(api.ResourceCPU): resource.MustParse("10"),
api.ResourceName(api.ResourceMemory): resource.MustParse("0"),
},
},
Spec: api.NodeSpec{
ExternalID: "external",
},
},
Centralize minion validation
2014-11-12 17:38:15 +00:00
}
for k, v := range errorCases {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
errs := ValidateNode(&v)
Centralize minion validation
2014-11-12 17:38:15 +00:00
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
field := errs[i].Field
Add validation for node creation.
2015-03-24 17:24:07 +00:00
expectedFields := map[string]bool{
implement taints and tolerations
2016-03-31 03:42:57 +00:00
"metadata.name": true,
"metadata.labels": true,
"metadata.annotations": true,
"metadata.namespace": true,
"spec.externalID": true,
"metadata.annotations.scheduler.alpha.kubernetes.io/taints[0].key": true,
"metadata.annotations.scheduler.alpha.kubernetes.io/taints[0].value": true,
"metadata.annotations.scheduler.alpha.kubernetes.io/taints[0].effect": true,
Add validation for node creation.
2015-03-24 17:24:07 +00:00
}
implement taints and tolerations
2016-03-31 03:42:57 +00:00
if val, ok := expectedFields[field]; ok {
if !val {
t.Errorf("%s: missing prefix for: %v", k, errs[i])
}
Centralize minion validation
2014-11-12 17:38:15 +00:00
}
}
}
}
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
func TestValidateNodeUpdate(t *testing.T) {
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
tests := []struct {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
oldNode api.Node
node api.Node
valid bool
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}{
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{}, api.Node{}, true},
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "bar"},
}, false},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "bar"},
},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
}, api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, true},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
}, api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, true},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
{api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "foo"},
},
Internal rename api.Minion -> api.Node
2014-12-08 03:44:27 +00:00
}, api.Node{
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, true},
pod cidr validation
2016-01-31 03:49:31 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
PodCIDR: "",
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
PodCIDR: "192.168.0.0/16",
},
}, true},
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
PodCIDR: "192.123.0.0/16",
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
PodCIDR: "192.168.0.0/16",
},
}, false},
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("10000"),
api.ResourceMemory: resource.MustParse("100"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, true},
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "foo"},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("10000"),
api.ResourceMemory: resource.MustParse("100"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "fooobaz"},
},
Move Capacity from NodeSpec to NodeStatus
2015-03-25 13:44:40 +00:00
Status: api.NodeStatus{
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
Capacity: api.ResourceList{
ParseOrDie -> MustParse; stop returning pointer
2015-01-07 01:20:01 +00:00
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
Make it easier to update nodes, make it possible to update capacity.
2014-12-12 05:39:56 +00:00
},
},
}, true},
Clear node status before the validation check.
2014-12-22 19:04:57 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "foo"},
},
Status: api.NodeStatus{
Node addresses
2015-02-13 19:07:23 +00:00
Addresses: []api.NodeAddress{
{Type: api.NodeLegacyHostIP, Address: "1.2.3.4"},
},
Clear node status before the validation check.
2014-12-22 19:04:57 +00:00
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"bar": "fooobaz"},
},
}, true},
Add a few extra test cases for API validation of labels that would have caught a bug that was in past versions. Also, copy the label key format requirements from the API types.go comments into the labels doc.
2015-02-04 22:21:34 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"foo": "baz"},
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Labels: map[string]string{"Foo": "baz"},
},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}, true},
Allow admin user to explicitly unschedule the node Setting Unschedulable on the node will not touch any existing pods on the node but will block scheduling of new pods on the node.
2015-02-17 20:03:14 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: false,
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: true,
},
}, true},
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: false,
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeExternalIP, Address: "1.1.1.1"},
{Type: api.NodeExternalIP, Address: "1.1.1.1"},
},
},
}, false},
{api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Spec: api.NodeSpec{
Unschedulable: false,
},
}, api.Node{
ObjectMeta: api.ObjectMeta{
Name: "foo",
},
Status: api.NodeStatus{
Addresses: []api.NodeAddress{
{Type: api.NodeExternalIP, Address: "1.1.1.1"},
{Type: api.NodeInternalIP, Address: "10.1.1.1"},
},
},
}, true},
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
for i, test := range tests {
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
test.oldNode.ObjectMeta.ResourceVersion = "1"
test.node.ObjectMeta.ResourceVersion = "1"
Make order of fun consistent
2015-11-04 07:47:11 +00:00
errs := ValidateNodeUpdate(&test.node, &test.oldNode)
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
if test.valid && len(errs) > 0 {
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
t.Errorf("%d: Unexpected error: %v", i, errs)
Validate Node IPs; clean up validation code
2015-04-22 17:55:05 +00:00
t.Logf("%#v vs %#v", test.oldNode.ObjectMeta, test.node.ObjectMeta)
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}
if !test.valid && len(errs) == 0 {
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
t.Errorf("%d: Unexpected non-error", i)
}
}
}
func TestValidateServiceUpdate(t *testing.T) {
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
testCases := []struct {
name string
tweakSvc func(oldSvc, newSvc *api.Service) // given basic valid services, each test case can customize them
numErrs int
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
}{
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
{
name: "no change",
tweakSvc: func(oldSvc, newSvc *api.Service) {
// do nothing
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
name: "change name",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Name += "2"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
name: "change namespace",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Namespace += "2"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
name: "change label valid",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Labels["key"] = "other-value"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
name: "add label",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Labels["key2"] = "value2"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "change cluster IP",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(oldSvc, newSvc *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
oldSvc.Spec.ClusterIP = "1.2.3.4"
newSvc.Spec.ClusterIP = "8.6.7.5"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
name: "remove cluster IP",
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
tweakSvc: func(oldSvc, newSvc *api.Service) {
Rename 'portal IP' to 'cluster IP' most everywhere This covers obvious transforms, but not --portal_net, $PORTAL_NET and similar.
2015-05-23 20:41:11 +00:00
oldSvc.Spec.ClusterIP = "1.2.3.4"
newSvc.Spec.ClusterIP = ""
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
{
name: "change affinity",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.SessionAffinity = "ClientIP"
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 0,
},
{
name: "remove affinity",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.SessionAffinity = ""
Add a few extra test cases for API validation of labels that would have caught a bug that was in past versions. Also, copy the label key format requirements from the API types.go comments into the labels doc.
2015-02-04 22:21:34 +00:00
},
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
numErrs: 1,
},
Add Type to ServiceSpec: ClusterIP or LoadBalancer
2015-05-22 21:49:26 +00:00
{
name: "change type",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.Type = api.ServiceTypeLoadBalancer
},
numErrs: 0,
},
{
name: "remove type",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.Type = ""
},
numErrs: 1,
},
Add ServiceType = NodePort; wire everything up
2015-05-20 15:59:34 +00:00
{
name: "change type -> nodeport",
tweakSvc: func(oldSvc, newSvc *api.Service) {
newSvc.Spec.Type = api.ServiceTypeNodePort
},
numErrs: 0,
},
Unify validation logic for create and update paths Ensure ObjectMeta is consistently validated on both create and update Make PortalIP uncleareable
2015-01-27 23:55:54 +00:00
}
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
for _, tc := range testCases {
oldSvc := makeValidService()
newSvc := makeValidService()
tc.tweakSvc(&oldSvc, &newSvc)
Make order of fun consistent
2015-11-04 07:47:11 +00:00
errs := ValidateServiceUpdate(&newSvc, &oldSvc)
fix tests broken by stronger validation
2015-03-31 18:13:44 +00:00
if len(errs) != tc.numErrs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
t.Errorf("Unexpected error list for case %q: %v", tc.name, errs.ToAggregate())
Add more validation for updating node.
2014-11-17 18:22:27 +00:00
}
}
}
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
func TestValidateResourceNames(t *testing.T) {
table := []struct {
input string
success bool
Make IsQualifiedName return error strings
2015-12-16 05:28:42 +00:00
expect string
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
}{
Make IsQualifiedName return error strings
2015-12-16 05:28:42 +00:00
{"memory", true, ""},
{"cpu", true, ""},
{"network", false, ""},
{"disk", false, ""},
{"", false, ""},
{".", false, ""},
{"..", false, ""},
{"my.favorite.app.co/12345", true, ""},
{"my.favorite.app.co/_12345", false, ""},
{"my.favorite.app.co/12345_", false, ""},
{"kubernetes.io/..", false, ""},
{"kubernetes.io/" + strings.Repeat("a", 63), true, ""},
{"kubernetes.io/" + strings.Repeat("a", 64), false, ""},
{"kubernetes.io//", false, ""},
{"kubernetes.io", false, ""},
{"kubernetes.io/will/not/work/", false, ""},
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
for k, item := range table {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
err := validateResourceName(item.input, field.NewPath("field"))
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
if len(err) != 0 && item.success {
t.Errorf("expected no failure for input %q", item.input)
} else if len(err) == 0 && !item.success {
t.Errorf("expected failure for input %q", item.input)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
for i := range err {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
detail := err[i].Detail
Make IsQualifiedName return error strings
2015-12-16 05:28:42 +00:00
if detail != "" && !strings.Contains(detail, item.expect) {
t.Errorf("%d: expected error detail either empty or %s, got %s", k, item.expect, detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
}
Adding a 'Typename' strongtype for representing all compute resource types.
2015-01-17 00:34:47 +00:00
}
}
}
Add a limit range resource
2015-01-22 21:52:40 +00:00
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
func getResourceList(cpu, memory string) api.ResourceList {
res := api.ResourceList{}
if cpu != "" {
res[api.ResourceCPU] = resource.MustParse(cpu)
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
}
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
if memory != "" {
res[api.ResourceMemory] = resource.MustParse(memory)
Revert "Revert "LimitRange updates for Resource Requirements Requests""
2015-08-28 16:26:36 +00:00
}
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
return res
}
Revert "Revert "LimitRange updates for Resource Requirements Requests""
2015-08-28 16:26:36 +00:00
Fix validation of resources (cpu, memory, storage) for limit range types.
2016-03-09 23:11:26 +00:00
func getStorageResourceList(storage string) api.ResourceList {
res := api.ResourceList{}
if storage != "" {
res[api.ResourceStorage] = resource.MustParse(storage)
}
return res
}
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
func TestValidateLimitRange(t *testing.T) {
successCases := []struct {
name string
spec api.LimitRangeSpec
}{
{
name: "all-fields-valid",
spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: getResourceList("100m", "10000Mi"),
Min: getResourceList("5m", "100Mi"),
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
MaxLimitRequestRatio: getResourceList("10", ""),
},
{
Type: api.LimitTypeContainer,
Max: getResourceList("100m", "10000Mi"),
Min: getResourceList("5m", "100Mi"),
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
Default: getResourceList("50m", "500Mi"),
DefaultRequest: getResourceList("10m", "200Mi"),
MaxLimitRequestRatio: getResourceList("10", ""),
},
Revert "Revert "LimitRange updates for Resource Requirements Requests""
2015-08-28 16:26:36 +00:00
},
},
},
Add a limit range resource
2015-01-22 21:52:40 +00:00
{
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
name: "all-fields-valid-big-numbers",
spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
Type: api.LimitTypeContainer,
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
Max: getResourceList("100m", "10000T"),
Min: getResourceList("5m", "100Mi"),
Default: getResourceList("50m", "500Mi"),
DefaultRequest: getResourceList("10m", "200Mi"),
MaxLimitRequestRatio: getResourceList("10", ""),
},
},
Add a limit range resource
2015-01-22 21:52:40 +00:00
},
},
Fix validation of resources (cpu, memory, storage) for limit range types.
2016-03-09 23:11:26 +00:00
{
name: "thirdparty-fields-all-valid-standard-container-resources",
spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: "thirdparty.com/foo",
Max: getResourceList("100m", "10000T"),
Min: getResourceList("5m", "100Mi"),
Default: getResourceList("50m", "500Mi"),
DefaultRequest: getResourceList("10m", "200Mi"),
MaxLimitRequestRatio: getResourceList("10", ""),
},
},
},
},
{
name: "thirdparty-fields-all-valid-storage-resources",
spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: "thirdparty.com/foo",
Max: getStorageResourceList("10000T"),
Min: getStorageResourceList("100Mi"),
Default: getStorageResourceList("500Mi"),
DefaultRequest: getStorageResourceList("200Mi"),
MaxLimitRequestRatio: getStorageResourceList(""),
},
},
},
},
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
Add a limit range resource
2015-01-22 21:52:40 +00:00
for _, successCase := range successCases {
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
limitRange := &api.LimitRange{ObjectMeta: api.ObjectMeta{Name: successCase.name, Namespace: "foo"}, Spec: successCase.spec}
if errs := ValidateLimitRange(limitRange); len(errs) != 0 {
t.Errorf("Case %v, unexpected error: %v", successCase.name, errs)
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errorCases := map[string]struct {
R api.LimitRange
D string
}{
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
"zero-length-name": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "", Namespace: "foo"}, Spec: api.LimitRangeSpec{}},
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
"name or generateName is required",
Add a limit range resource
2015-01-22 21:52:40 +00:00
},
"zero-length-namespace": {
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: ""}, Spec: api.LimitRangeSpec{}},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
"",
},
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
"invalid-name": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "^Invalid", Namespace: "foo"}, Spec: api.LimitRangeSpec{}},
Make IsDNS1123Subdomain return error strings
2015-12-17 05:58:09 +00:00
"must match the regex",
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
},
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
"invalid-namespace": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "^Invalid"}, Spec: api.LimitRangeSpec{}},
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
"must match the regex",
Add a limit range resource
2015-01-22 21:52:40 +00:00
},
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
"duplicate-limit-type": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: getResourceList("100m", "10000m"),
Min: getResourceList("0m", "100m"),
},
{
Type: api.LimitTypePod,
Min: getResourceList("0m", "100m"),
},
},
}},
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
"",
},
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
"default-limit-type-pod": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: getResourceList("100m", "10000m"),
Min: getResourceList("0m", "100m"),
Default: getResourceList("10m", "100m"),
},
},
}},
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
"may not be specified when `type` is 'Pod'",
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
},
"default-request-limit-type-pod": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: getResourceList("100m", "10000m"),
Min: getResourceList("0m", "100m"),
DefaultRequest: getResourceList("10m", "100m"),
},
},
}},
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
"may not be specified when `type` is 'Pod'",
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
},
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
"min value 100m is greater than max value 10m": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
Max: getResourceList("10m", ""),
Min: getResourceList("100m", ""),
},
},
}},
"min value 100m is greater than max value 10m",
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
},
"invalid spec default outside range": {
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
Type: api.LimitTypeContainer,
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
Max: getResourceList("1", ""),
Min: getResourceList("100m", ""),
Default: getResourceList("2000m", ""),
},
},
}},
"default value 2 is greater than max value 1",
Add LimitRange range validation
2015-06-16 20:16:34 +00:00
},
Revert "Revert "LimitRange updates for Resource Requirements Requests""
2015-08-28 16:26:36 +00:00
"invalid spec defaultrequest outside range": {
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Validate LimitRange default and defaultRequest are not supported for limits of type Pod
2015-09-10 20:39:59 +00:00
Type: api.LimitTypeContainer,
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
Max: getResourceList("1", ""),
Min: getResourceList("100m", ""),
DefaultRequest: getResourceList("2000m", ""),
},
},
}},
"default request value 2 is greater than max value 1",
Revert "Revert "LimitRange updates for Resource Requirements Requests""
2015-08-28 16:26:36 +00:00
},
"invalid spec defaultrequest more than default": {
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypeContainer,
Max: getResourceList("2", ""),
Min: getResourceList("100m", ""),
Default: getResourceList("500m", ""),
DefaultRequest: getResourceList("800m", ""),
},
},
}},
"default request value 800m is greater than default limit value 500m",
Revert "Revert "LimitRange updates for Resource Requirements Requests""
2015-08-28 16:26:36 +00:00
},
Add validation to MaxLimitRequestRatio in LimitRange MaxLimitRequestRatio should >=1 MaxLimitRequestRatio should <= max/min(if both are specified)
2015-09-11 07:38:38 +00:00
"invalid spec maxLimitRequestRatio less than 1": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypePod,
MaxLimitRequestRatio: getResourceList("800m", ""),
},
},
}},
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"ratio 800m is less than 1",
Add validation to MaxLimitRequestRatio in LimitRange MaxLimitRequestRatio should >=1 MaxLimitRequestRatio should <= max/min(if both are specified)
2015-09-11 07:38:38 +00:00
},
"invalid spec maxLimitRequestRatio greater than max/min": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: api.LimitTypeContainer,
Max: getResourceList("", "2Gi"),
Min: getResourceList("", "512Mi"),
MaxLimitRequestRatio: getResourceList("", "10"),
},
},
}},
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
"ratio 10 is greater than max/min = 4.000000",
Add validation to MaxLimitRequestRatio in LimitRange MaxLimitRequestRatio should >=1 MaxLimitRequestRatio should <= max/min(if both are specified)
2015-09-11 07:38:38 +00:00
},
Fix validation of resources (cpu, memory, storage) for limit range types.
2016-03-09 23:11:26 +00:00
"invalid non standard limit type": {
api.LimitRange{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: api.LimitRangeSpec{
Limits: []api.LimitRangeItem{
{
Type: "foo",
Max: getStorageResourceList("10000T"),
Min: getStorageResourceList("100Mi"),
Default: getStorageResourceList("500Mi"),
DefaultRequest: getStorageResourceList("200Mi"),
MaxLimitRequestRatio: getStorageResourceList(""),
},
},
}},
"must be a standard limit type or fully qualified",
},
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
Add a limit range resource
2015-01-22 21:52:40 +00:00
for k, v := range errorCases {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errs := ValidateLimitRange(&v.R)
Add a limit range resource
2015-01-22 21:52:40 +00:00
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
for i := range errs {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
detail := errs[i].Detail
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
if !strings.Contains(detail, v.D) {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
t.Errorf("[%s]: expected error detail either empty or %q, got %q", k, v.D, detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
}
Fix precision handling in validating LimitRange
2015-09-08 18:49:54 +00:00
Add a limit range resource
2015-01-22 21:52:40 +00:00
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
func TestValidateResourceQuota(t *testing.T) {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
spec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
api.ResourceMemory: resource.MustParse("10000"),
ResourceQuota API validation for scopes and new resource types
2016-02-22 16:14:11 +00:00
api.ResourceRequestsCPU: resource.MustParse("100"),
api.ResourceRequestsMemory: resource.MustParse("10000"),
api.ResourceLimitsCPU: resource.MustParse("100"),
api.ResourceLimitsMemory: resource.MustParse("10000"),
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.ResourcePods: resource.MustParse("10"),
Ensure ResourceQuota values are non-negative
2015-09-24 14:15:40 +00:00
api.ResourceServices: resource.MustParse("0"),
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.ResourceReplicationControllers: resource.MustParse("10"),
api.ResourceQuotas: resource.MustParse("10"),
Add resource quota for ConfigMap
2016-02-29 17:02:05 +00:00
api.ResourceConfigMaps: resource.MustParse("10"),
api.ResourceSecrets: resource.MustParse("10"),
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
},
}
ResourceQuota API validation for scopes and new resource types
2016-02-22 16:14:11 +00:00
terminatingSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
api.ResourceLimitsCPU: resource.MustParse("200"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScopeTerminating},
}
nonTerminatingSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScopeNotTerminating},
}
bestEffortSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourcePods: resource.MustParse("100"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScopeBestEffort},
}
nonBestEffortSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScopeNotBestEffort},
}
// storage is not yet supported as a quota tracked resource
invalidQuotaResourceSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceStorage: resource.MustParse("10"),
},
}
Ensure ResourceQuota values are non-negative
2015-09-24 14:15:40 +00:00
negativeSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("-100"),
api.ResourceMemory: resource.MustParse("-10000"),
api.ResourcePods: resource.MustParse("-10"),
api.ResourceServices: resource.MustParse("-10"),
api.ResourceReplicationControllers: resource.MustParse("-10"),
api.ResourceQuotas: resource.MustParse("-10"),
Add resource quota for ConfigMap
2016-02-29 17:02:05 +00:00
api.ResourceConfigMaps: resource.MustParse("-10"),
api.ResourceSecrets: resource.MustParse("-10"),
Ensure ResourceQuota values are non-negative
2015-09-24 14:15:40 +00:00
},
}
Resource Quota should not let fractional values for API resources
2015-10-13 21:27:56 +00:00
fractionalComputeSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100m"),
},
}
fractionalPodSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourcePods: resource.MustParse(".1"),
api.ResourceServices: resource.MustParse(".5"),
api.ResourceReplicationControllers: resource.MustParse("1.25"),
api.ResourceQuotas: resource.MustParse("2.5"),
},
}
ResourceQuota API validation for scopes and new resource types
2016-02-22 16:14:11 +00:00
invalidTerminatingScopePairsSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScopeTerminating, api.ResourceQuotaScopeNotTerminating},
}
invalidBestEffortScopePairsSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourcePods: resource.MustParse("100"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScopeBestEffort, api.ResourceQuotaScopeNotBestEffort},
}
invalidScopeNameSpec := api.ResourceQuotaSpec{
Hard: api.ResourceList{
api.ResourceCPU: resource.MustParse("100"),
},
Scopes: []api.ResourceQuotaScope{api.ResourceQuotaScope("foo")},
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
successCases := []api.ResourceQuota{
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
Spec: spec,
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
},
Resource Quota should not let fractional values for API resources
2015-10-13 21:27:56 +00:00
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Spec: fractionalComputeSpec,
},
ResourceQuota API validation for scopes and new resource types
2016-02-22 16:14:11 +00:00
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Spec: terminatingSpec,
},
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Spec: nonTerminatingSpec,
},
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Spec: bestEffortSpec,
},
{
ObjectMeta: api.ObjectMeta{
Name: "abc",
Namespace: "foo",
},
Spec: nonBestEffortSpec,
},
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
}
for _, successCase := range successCases {
if errs := ValidateResourceQuota(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errorCases := map[string]struct {
R api.ResourceQuota
D string
}{
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
"zero-length Name": {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "", Namespace: "foo"}, Spec: spec},
Limit field errors to a single field name
2015-08-12 15:26:23 +00:00
"name or generateName is required",
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
},
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
"zero-length Namespace": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: ""}, Spec: spec},
"",
},
"invalid Name": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "^Invalid", Namespace: "foo"}, Spec: spec},
Make IsDNS1123Subdomain return error strings
2015-12-17 05:58:09 +00:00
"must match the regex",
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
},
"invalid Namespace": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "^Invalid"}, Spec: spec},
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
"must match the regex",
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
},
Ensure ResourceQuota values are non-negative
2015-09-24 14:15:40 +00:00
"negative-limits": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: negativeSpec},
isNegativeErrorMsg,
},
Resource Quota should not let fractional values for API resources
2015-10-13 21:27:56 +00:00
"fractional-api-resource": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: fractionalPodSpec},
isNotIntegerErrorMsg,
},
ResourceQuota API validation for scopes and new resource types
2016-02-22 16:14:11 +00:00
"invalid-quota-resource": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidQuotaResourceSpec},
isInvalidQuotaResource,
},
"invalid-quota-terminating-pair": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidTerminatingScopePairsSpec},
"conflicting scopes",
},
"invalid-quota-besteffort-pair": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidBestEffortScopePairsSpec},
"conflicting scopes",
},
"invalid-quota-scope-name": {
api.ResourceQuota{ObjectMeta: api.ObjectMeta{Name: "abc", Namespace: "foo"}, Spec: invalidScopeNameSpec},
"unsupported scope",
},
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
}
for k, v := range errorCases {
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
errs := ValidateResourceQuota(&v.R)
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
for i := range errs {
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
if !strings.Contains(errs[i].Detail, v.D) {
Convert validation to use FieldPath Before this change we have a mish-mash of ways to pass field names around for error generation. Sometimes string fieldnames, sometimes .Prefix(), sometimes neither, often wrong names or not indexed when it should be. Instead of that mess, this is part one of a couple of commits that will make it more strongly typed and hopefully encourage correct behavior. At least you will have to think about field names, which is better than nothing. It turned out to be really hard to do this incrementally.
2015-11-04 21:52:14 +00:00
t.Errorf("[%s]: expected error detail either empty or %s, got %s", k, v.D, errs[i].Detail)
Add more information to Validator error messages.
2015-02-05 00:36:27 +00:00
}
Introduce a ResourceQuota object
2015-01-23 17:38:30 +00:00
}
}
}
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
func TestValidateNamespace(t *testing.T) {
validLabels := map[string]string{"a": "b"}
invalidLabels := map[string]string{"NoUppercaseOrSpecialCharsLike=Equals": "b"}
successCases := []api.Namespace{
{
ObjectMeta: api.ObjectMeta{Name: "abc", Labels: validLabels},
},
{
ObjectMeta: api.ObjectMeta{Name: "abc-123"},
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"example.com/something", "example.com/other"},
},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
},
}
for _, successCase := range successCases {
if errs := ValidateNamespace(&successCase); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
}
errorCases := map[string]struct {
R api.Namespace
D string
}{
"zero-length name": {
api.Namespace{ObjectMeta: api.ObjectMeta{Name: ""}},
"",
},
"defined-namespace": {
api.Namespace{ObjectMeta: api.ObjectMeta{Name: "abc-123", Namespace: "makesnosense"}},
"",
},
"invalid-labels": {
api.Namespace{ObjectMeta: api.ObjectMeta{Name: "abc", Labels: invalidLabels}},
"",
},
}
for k, v := range errorCases {
errs := ValidateNamespace(&v.R)
if len(errs) == 0 {
t.Errorf("expected failure for %s", k)
}
}
}
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
func TestValidateNamespaceFinalizeUpdate(t *testing.T) {
tests := []struct {
oldNamespace api.Namespace
namespace api.Namespace
valid bool
}{
{api.Namespace{}, api.Namespace{}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"Foo"},
},
}, false},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"foo.com/bar"},
},
},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"foo.com/bar", "what.com/bar"},
},
}, true},
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "fooemptyfinalizer"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"foo.com/bar"},
},
},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "fooemptyfinalizer"},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"", "foo.com/bar", "what.com/bar"},
},
}, false},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
}
for i, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.namespace.ObjectMeta.ResourceVersion = "1"
test.oldNamespace.ObjectMeta.ResourceVersion = "1"
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
errs := ValidateNamespaceFinalizeUpdate(&test.namespace, &test.oldNamespace)
if test.valid && len(errs) > 0 {
t.Errorf("%d: Unexpected error: %v", i, errs)
t.Logf("%#v vs %#v", test.oldNamespace, test.namespace)
}
if !test.valid && len(errs) == 0 {
t.Errorf("%d: Unexpected non-error", i)
}
}
}
func TestValidateNamespaceStatusUpdate(t *testing.T) {
Move pkg/util.Time to pkg/api/unversioned.Time Along with our time.Duration wrapper, as suggested by @lavalamp.
2015-09-17 22:21:55 +00:00
now := unversioned.Now()
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
tests := []struct {
oldNamespace api.Namespace
namespace api.Namespace
valid bool
}{
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
{api.Namespace{}, api.Namespace{
Status: api.NamespaceStatus{
Phase: api.NamespaceActive,
},
}, true},
Validate deletion timestamp doesn't change on update
2016-04-28 15:50:48 +00:00
// Cannot set deletionTimestamp via status update
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
Name: "foo",
DeletionTimestamp: &now},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
Validate deletion timestamp doesn't change on update
2016-04-28 15:50:48 +00:00
}, false},
// Can update phase via status update
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo",
DeletionTimestamp: &now}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo",
DeletionTimestamp: &now},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
}, true},
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, false},
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo"}},
api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "bar"},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, false},
}
for i, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.namespace.ObjectMeta.ResourceVersion = "1"
test.oldNamespace.ObjectMeta.ResourceVersion = "1"
Improve validation and fix not throwing an error during ns delete
2015-04-10 15:41:18 +00:00
errs := ValidateNamespaceStatusUpdate(&test.namespace, &test.oldNamespace)
Namespace.Spec.Finalizer support
2015-03-20 16:48:12 +00:00
if test.valid && len(errs) > 0 {
t.Errorf("%d: Unexpected error: %v", i, errs)
t.Logf("%#v vs %#v", test.oldNamespace.ObjectMeta, test.namespace.ObjectMeta)
}
if !test.valid && len(errs) == 0 {
t.Errorf("%d: Unexpected non-error", i)
}
}
}
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
func TestValidateNamespaceUpdate(t *testing.T) {
tests := []struct {
oldNamespace api.Namespace
namespace api.Namespace
valid bool
}{
{api.Namespace{}, api.Namespace{}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo1"}},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "bar1"},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
}, false},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo2",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "bar"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo2",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo3",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo3",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo4",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"bar": "foo"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo4",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, true},
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo5",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"foo": "baz"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
Name: "foo5",
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
Labels: map[string]string{"Foo": "baz"},
},
Loosen label and annotation validation and related tests
2015-02-27 15:08:02 +00:00
}, true},
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
{api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo6",
Labels: map[string]string{"foo": "baz"},
},
}, api.Namespace{
ObjectMeta: api.ObjectMeta{
Name: "foo6",
Labels: map[string]string{"Foo": "baz"},
},
Spec: api.NamespaceSpec{
Finalizers: []api.FinalizerName{"kubernetes"},
},
Status: api.NamespaceStatus{
Phase: api.NamespaceTerminating,
},
}, true},
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
}
for i, test := range tests {
Give better error message for PUTs with no resource version
2015-03-20 00:51:07 +00:00
test.namespace.ObjectMeta.ResourceVersion = "1"
test.oldNamespace.ObjectMeta.ResourceVersion = "1"
Client must specifiy a resource version on finalize
2015-03-31 21:00:04 +00:00
errs := ValidateNamespaceUpdate(&test.namespace, &test.oldNamespace)
Add support for Namespace as Kind Add example for using namespaces
2015-01-19 21:50:00 +00:00
if test.valid && len(errs) > 0 {
t.Errorf("%d: Unexpected error: %v", i, errs)
t.Logf("%#v vs %#v", test.oldNamespace.ObjectMeta, test.namespace.ObjectMeta)
}
if !test.valid && len(errs) == 0 {
t.Errorf("%d: Unexpected non-error", i)
}
}
}
Secret API resource
2015-02-18 01:24:50 +00:00
func TestValidateSecret(t *testing.T) {
Add ServiceAccountToken SecretType
2015-04-28 03:51:20 +00:00
// Opaque secret validation
Secret API resource
2015-02-18 01:24:50 +00:00
validSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Data: map[string][]byte{
Add secret volume plugin and e2e test
2015-02-18 01:26:41 +00:00
"data-1": []byte("bar"),
Secret API resource
2015-02-18 01:24:50 +00:00
},
}
}
var (
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
emptyName = validSecret()
invalidName = validSecret()
emptyNs = validSecret()
invalidNs = validSecret()
overMaxSize = validSecret()
invalidKey = validSecret()
leadingDotKey = validSecret()
dotKey = validSecret()
doubleDotKey = validSecret()
Secret API resource
2015-02-18 01:24:50 +00:00
)
emptyName.Name = ""
invalidName.Name = "NoUppercaseOrSpecialCharsLike=Equals"
emptyNs.Namespace = ""
invalidNs.Namespace = "NoUppercaseOrSpecialCharsLike=Equals"
overMaxSize.Data = map[string][]byte{
"over": make([]byte, api.MaxSecretSize+1),
}
Add secret volume plugin and e2e test
2015-02-18 01:26:41 +00:00
invalidKey.Data["a..b"] = []byte("whoops")
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
leadingDotKey.Data[".key"] = []byte("bar")
dotKey.Data["."] = []byte("bar")
doubleDotKey.Data[".."] = []byte("bar")
Secret API resource
2015-02-18 01:24:50 +00:00
Add ServiceAccountToken SecretType
2015-04-28 03:51:20 +00:00
// kubernetes.io/service-account-token secret validation
validServiceAccountTokenSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{
Name: "foo",
Namespace: "bar",
Annotations: map[string]string{
api.ServiceAccountNameKey: "foo",
},
},
Type: api.SecretTypeServiceAccountToken,
Data: map[string][]byte{
"data-1": []byte("bar"),
},
}
}
var (
emptyTokenAnnotation = validServiceAccountTokenSecret()
missingTokenAnnotation = validServiceAccountTokenSecret()
missingTokenAnnotations = validServiceAccountTokenSecret()
)
emptyTokenAnnotation.Annotations[api.ServiceAccountNameKey] = ""
delete(missingTokenAnnotation.Annotations, api.ServiceAccountNameKey)
missingTokenAnnotations.Annotations = nil
Secret API resource
2015-02-18 01:24:50 +00:00
tests := map[string]struct {
secret api.Secret
valid bool
}{
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
"valid": {validSecret(), true},
"empty name": {emptyName, false},
"invalid name": {invalidName, false},
"empty namespace": {emptyNs, false},
"invalid namespace": {invalidNs, false},
"over max size": {overMaxSize, false},
"invalid key": {invalidKey, false},
Add ServiceAccountToken SecretType
2015-04-28 03:51:20 +00:00
"valid service-account-token secret": {validServiceAccountTokenSecret(), true},
"empty service-account-token annotation": {emptyTokenAnnotation, false},
"missing service-account-token annotation": {missingTokenAnnotation, false},
"missing service-account-token annotations": {missingTokenAnnotations, false},
allow leading dots in secret keys
2015-05-11 19:03:10 +00:00
"leading dot key": {leadingDotKey, true},
"dot key": {dotKey, false},
"double dot key": {doubleDotKey, false},
Secret API resource
2015-02-18 01:24:50 +00:00
}
for name, tc := range tests {
errs := ValidateSecret(&tc.secret)
add dockercfg secret types
2015-05-06 14:09:18 +00:00
if tc.valid && len(errs) > 0 {
t.Errorf("%v: Unexpected error: %v", name, errs)
}
if !tc.valid && len(errs) == 0 {
t.Errorf("%v: Unexpected non-error", name)
}
}
}
func TestValidateDockerConfigSecret(t *testing.T) {
validDockerSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Type: api.SecretTypeDockercfg,
Data: map[string][]byte{
api.DockerConfigKey: []byte(`{"https://index.docker.io/v1/": {"auth": "Y2x1ZWRyb29sZXIwMDAxOnBhc3N3b3Jk","email": "fake@example.com"}}`),
},
}
}
Validate kubernetes.io/dockerconfigjson secrets Added unit test.
2015-12-16 22:13:18 +00:00
validDockerSecret2 := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Type: api.SecretTypeDockerConfigJson,
Data: map[string][]byte{
api.DockerConfigJsonKey: []byte(`{"auths":{"https://index.docker.io/v1/": {"auth": "Y2x1ZWRyb29sZXIwMDAxOnBhc3N3b3Jk","email": "fake@example.com"}}}`),
},
}
}
add dockercfg secret types
2015-05-06 14:09:18 +00:00
var (
Validate kubernetes.io/dockerconfigjson secrets Added unit test.
2015-12-16 22:13:18 +00:00
missingDockerConfigKey = validDockerSecret()
emptyDockerConfigKey = validDockerSecret()
invalidDockerConfigKey = validDockerSecret()
missingDockerConfigKey2 = validDockerSecret2()
emptyDockerConfigKey2 = validDockerSecret2()
invalidDockerConfigKey2 = validDockerSecret2()
add dockercfg secret types
2015-05-06 14:09:18 +00:00
)
delete(missingDockerConfigKey.Data, api.DockerConfigKey)
emptyDockerConfigKey.Data[api.DockerConfigKey] = []byte("")
invalidDockerConfigKey.Data[api.DockerConfigKey] = []byte("bad")
Validate kubernetes.io/dockerconfigjson secrets Added unit test.
2015-12-16 22:13:18 +00:00
delete(missingDockerConfigKey2.Data, api.DockerConfigJsonKey)
emptyDockerConfigKey2.Data[api.DockerConfigJsonKey] = []byte("")
invalidDockerConfigKey2.Data[api.DockerConfigJsonKey] = []byte("bad")
add dockercfg secret types
2015-05-06 14:09:18 +00:00
tests := map[string]struct {
secret api.Secret
valid bool
}{
Validate kubernetes.io/dockerconfigjson secrets Added unit test.
2015-12-16 22:13:18 +00:00
"valid dockercfg": {validDockerSecret(), true},
"missing dockercfg": {missingDockerConfigKey, false},
"empty dockercfg": {emptyDockerConfigKey, false},
"invalid dockercfg": {invalidDockerConfigKey, false},
"valid config.json": {validDockerSecret2(), true},
"missing config.json": {missingDockerConfigKey2, false},
"empty config.json": {emptyDockerConfigKey2, false},
"invalid config.json": {invalidDockerConfigKey2, false},
add dockercfg secret types
2015-05-06 14:09:18 +00:00
}
Additional SecretTypes
2015-09-10 15:30:58 +00:00
for name, tc := range tests {
errs := ValidateSecret(&tc.secret)
if tc.valid && len(errs) > 0 {
t.Errorf("%v: Unexpected error: %v", name, errs)
}
if !tc.valid && len(errs) == 0 {
t.Errorf("%v: Unexpected non-error", name)
}
}
}
func TestValidateBasicAuthSecret(t *testing.T) {
validBasicAuthSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Type: api.SecretTypeBasicAuth,
Data: map[string][]byte{
api.BasicAuthUsernameKey: []byte("username"),
api.BasicAuthPasswordKey: []byte("password"),
},
}
}
var (
missingBasicAuthUsernamePasswordKeys = validBasicAuthSecret()
// invalidBasicAuthUsernamePasswordKey = validBasicAuthSecret()
// emptyBasicAuthUsernameKey = validBasicAuthSecret()
// emptyBasicAuthPasswordKey = validBasicAuthSecret()
)
delete(missingBasicAuthUsernamePasswordKeys.Data, api.BasicAuthUsernameKey)
delete(missingBasicAuthUsernamePasswordKeys.Data, api.BasicAuthPasswordKey)
// invalidBasicAuthUsernamePasswordKey.Data[api.BasicAuthUsernameKey] = []byte("bad")
// invalidBasicAuthUsernamePasswordKey.Data[api.BasicAuthPasswordKey] = []byte("bad")
// emptyBasicAuthUsernameKey.Data[api.BasicAuthUsernameKey] = []byte("")
// emptyBasicAuthPasswordKey.Data[api.BasicAuthPasswordKey] = []byte("")
tests := map[string]struct {
secret api.Secret
valid bool
}{
"valid": {validBasicAuthSecret(), true},
"missing username and password": {missingBasicAuthUsernamePasswordKeys, false},
// "invalid username and password": {invalidBasicAuthUsernamePasswordKey, false},
// "empty username": {emptyBasicAuthUsernameKey, false},
// "empty password": {emptyBasicAuthPasswordKey, false},
}
for name, tc := range tests {
errs := ValidateSecret(&tc.secret)
if tc.valid && len(errs) > 0 {
t.Errorf("%v: Unexpected error: %v", name, errs)
}
if !tc.valid && len(errs) == 0 {
t.Errorf("%v: Unexpected non-error", name)
}
}
}
func TestValidateSSHAuthSecret(t *testing.T) {
validSSHAuthSecret := func() api.Secret {
return api.Secret{
ObjectMeta: api.ObjectMeta{Name: "foo", Namespace: "bar"},
Type: api.SecretTypeSSHAuth,
Data: map[string][]byte{
api.SSHAuthPrivateKey: []byte("foo-bar-baz"),
},
}
}
missingSSHAuthPrivateKey := validSSHAuthSecret()
delete(missingSSHAuthPrivateKey.Data, api.SSHAuthPrivateKey)
tests := map[string]struct {
secret api.Secret
valid bool
}{
"valid": {validSSHAuthSecret(), true},
"missing private key": {missingSSHAuthPrivateKey, false},
}
add dockercfg secret types
2015-05-06 14:09:18 +00:00
for name, tc := range tests {
errs := ValidateSecret(&tc.secret)
Secret API resource
2015-02-18 01:24:50 +00:00
if tc.valid && len(errs) > 0 {
t.Errorf("%v: Unexpected error: %v", name, errs)
}
if !tc.valid && len(errs) == 0 {
t.Errorf("%v: Unexpected non-error", name)
}
}
}
Implement multi-port endpoints Instead of endpoints being a flat list, it is now a list of "subsets" where each is a struct of {Addresses, Ports}. To generate the list of endpoints you need to take union of the Cartesian products of the subsets. This is compact in the vast majority of cases, yet still represents named ports and corner cases (e.g. each pod has a different port number). This also stores subsets in a deterministic order (sorted by hash) to avoid spurious updates and comparison problems. This is a fully compatible change - old objects and clients will keepworking as long as they don't need the new functionality. This is the prep for multi-port Services, which will add API to produce endpoints in this new structure.
2015-03-20 21:24:43 +00:00
func TestValidateEndpoints(t *testing.T) {
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
successCases := map[string]api.Endpoints{
"simple endpoint": {
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}, {IP: "10.10.2.2"}},
Ports: []api.EndpointPort{{Name: "a", Port: 8675, Protocol: "TCP"}, {Name: "b", Port: 309, Protocol: "TCP"}},
},
{
Addresses: []api.EndpointAddress{{IP: "10.10.3.3"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}, {Name: "b", Port: 76, Protocol: "TCP"}},
},
},
},
"empty subsets": {
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
},
"no name required for singleton port": {
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Port: 8675, Protocol: "TCP"}},
},
},
},
}
for k, v := range successCases {
if errs := ValidateEndpoints(&v); len(errs) != 0 {
t.Errorf("Expected success for %s, got %v", k, errs)
}
}
errorCases := map[string]struct {
endpoints api.Endpoints
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
errorType field.ErrorType
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
errorDetail string
}{
"missing namespace": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Name: "mysvc"}},
errorType: "FieldValueRequired",
},
"missing name": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Namespace: "namespace"}},
errorType: "FieldValueRequired",
},
"invalid namespace": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "no@#invalid.;chars\"allowed"}},
errorType: "FieldValueInvalid",
Make IsDNS1123Label return error strings
2015-12-16 07:49:58 +00:00
errorDetail: "must match the regex",
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"invalid name": {
endpoints: api.Endpoints{ObjectMeta: api.ObjectMeta{Name: "-_Invliad^&Characters", Namespace: "namespace"}},
errorType: "FieldValueInvalid",
Make IsDNS1123Subdomain return error strings
2015-12-17 05:58:09 +00:00
errorDetail: "must match the regex",
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"empty addresses": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueRequired",
},
"empty ports": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.3.3"}},
},
},
},
errorType: "FieldValueRequired",
},
"invalid IP": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Removing IPv4 enforcement on Endpoints Signed-off-by: André Martins <aanm90@gmail.com>
2016-03-22 04:54:32 +00:00
Addresses: []api.EndpointAddress{{IP: "[2001:0db8:85a3:0042:1000:8a2e:0370:7334]"}},
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
Removing IPv4 enforcement on Endpoints Signed-off-by: André Martins <aanm90@gmail.com>
2016-03-22 04:54:32 +00:00
errorDetail: "must be a valid IP address",
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"Multiple ports, one without name": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Port: 8675, Protocol: "TCP"}, {Name: "b", Port: 309, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueRequired",
},
"Invalid port number": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Port: 66000, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
refactor validation.go to avoid duplicating
2015-10-12 03:26:17 +00:00
errorDetail: PortRangeErrorMsg,
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"Invalid protocol": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "Protocol"}},
},
},
},
errorType: "FieldValueNotSupported",
},
"Address missing IP": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{}},
Ports: []api.EndpointPort{{Name: "a", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
Removing IPv4 enforcement on Endpoints Signed-off-by: André Martins <aanm90@gmail.com>
2016-03-22 04:54:32 +00:00
errorDetail: "must be a valid IP address",
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"Port missing number": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
refactor validation.go to avoid duplicating
2015-10-12 03:26:17 +00:00
errorDetail: PortRangeErrorMsg,
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
},
"Port missing protocol": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "10.10.1.1"}},
Ports: []api.EndpointPort{{Name: "a", Port: 93}},
},
},
},
errorType: "FieldValueRequired",
},
Check loopback and link-local multicast endpoints Previously we just disallowed link-local (unicast). This disallows loopback and link-local multicast.
2015-07-04 04:05:15 +00:00
"Address is loopback": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "127.0.0.1"}},
Ports: []api.EndpointPort{{Name: "p", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "loopback",
},
Don't allow link-local Endpoints
2015-06-03 04:49:51 +00:00
"Address is link-local": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "169.254.169.254"}},
Ports: []api.EndpointPort{{Name: "p", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "link-local",
},
Check loopback and link-local multicast endpoints Previously we just disallowed link-local (unicast). This disallows loopback and link-local multicast.
2015-07-04 04:05:15 +00:00
"Address is link-local multicast": {
endpoints: api.Endpoints{
ObjectMeta: api.ObjectMeta{Name: "mysvc", Namespace: "namespace"},
Subsets: []api.EndpointSubset{
{
Addresses: []api.EndpointAddress{{IP: "224.0.0.1"}},
Ports: []api.EndpointPort{{Name: "p", Port: 93, Protocol: "TCP"}},
},
},
},
errorType: "FieldValueInvalid",
errorDetail: "link-local multicast",
},
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
}
for k, v := range errorCases {
Stronger typing for validation ErrorList
2015-11-04 00:08:20 +00:00
if errs := ValidateEndpoints(&v.endpoints); len(errs) == 0 || errs[0].Type != v.errorType || !strings.Contains(errs[0].Detail, v.errorDetail) {
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
t.Errorf("[%s] Expected error type %s with detail %q, got %v", k, v.errorType, v.errorDetail, errs)
Add validation for Endpoints
2015-03-20 14:40:20 +00:00
}
}
Implement multi-port endpoints Instead of endpoints being a flat list, it is now a list of "subsets" where each is a struct of {Addresses, Ports}. To generate the list of endpoints you need to take union of the Cartesian products of the subsets. This is compact in the vast majority of cases, yet still represents named ports and corner cases (e.g. each pod has a different port number). This also stores subsets in a deterministic order (sorted by hash) to avoid spurious updates and comparison problems. This is a fully compatible change - old objects and clients will keepworking as long as they don't need the new functionality. This is the prep for multi-port Services, which will add API to produce endpoints in this new structure.
2015-03-20 21:24:43 +00:00
}
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
Basic TLS support.
2016-01-17 00:06:40 +00:00
func TestValidateTLSSecret(t *testing.T) {
successCases := map[string]api.Secret{
"emtpy certificate chain": {
ObjectMeta: api.ObjectMeta{Name: "tls-cert", Namespace: "namespace"},
Data: map[string][]byte{
api.TLSCertKey: []byte("public key"),
api.TLSPrivateKeyKey: []byte("private key"),
},
},
}
for k, v := range successCases {
if errs := ValidateSecret(&v); len(errs) != 0 {
t.Errorf("Expected success for %s, got %v", k, errs)
}
}
errorCases := map[string]struct {
secrets api.Secret
errorType field.ErrorType
errorDetail string
}{
"missing public key": {
secrets: api.Secret{
ObjectMeta: api.ObjectMeta{Name: "tls-cert"},
Data: map[string][]byte{
api.TLSCertKey: []byte("public key"),
},
},
errorType: "FieldValueRequired",
},
"missing private key": {
secrets: api.Secret{
ObjectMeta: api.ObjectMeta{Name: "tls-cert"},
Data: map[string][]byte{
api.TLSCertKey: []byte("public key"),
},
},
errorType: "FieldValueRequired",
},
}
for k, v := range errorCases {
if errs := ValidateSecret(&v.secrets); len(errs) == 0 || errs[0].Type != v.errorType || !strings.Contains(errs[0].Detail, v.errorDetail) {
t.Errorf("[%s] Expected error type %s with detail %q, got %v", k, v.errorType, v.errorDetail, errs)
}
}
}
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
func TestValidateSecurityContext(t *testing.T) {
priv := false
var runAsUser int64 = 1
fullValidSC := func() *api.SecurityContext {
return &api.SecurityContext{
Privileged: &priv,
Capabilities: &api.Capabilities{
rename CapabilityType Capability
2015-05-18 20:37:10 +00:00
Add: []api.Capability{"foo"},
Drop: []api.Capability{"bar"},
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
},
SELinuxOptions: &api.SELinuxOptions{
User: "user",
Role: "role",
Type: "type",
Level: "level",
},
RunAsUser: &runAsUser,
}
}
//setup data
allSettings := fullValidSC()
noCaps := fullValidSC()
noCaps.Capabilities = nil
noSELinux := fullValidSC()
noSELinux.SELinuxOptions = nil
noPrivRequest := fullValidSC()
noPrivRequest.Privileged = nil
noRunAsUser := fullValidSC()
noRunAsUser.RunAsUser = nil
successCases := map[string]struct {
sc *api.SecurityContext
}{
"all settings": {allSettings},
"no capabilities": {noCaps},
"no selinux": {noSELinux},
"no priv request": {noPrivRequest},
"no run as user": {noRunAsUser},
}
for k, v := range successCases {
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
if errs := ValidateSecurityContext(v.sc, field.NewPath("field")); len(errs) != 0 {
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
t.Errorf("[%s] Expected success, got %v", k, errs)
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
}
}
privRequestWithGlobalDeny := fullValidSC()
requestPrivileged := true
privRequestWithGlobalDeny.Privileged = &requestPrivileged
negativeRunAsUser := fullValidSC()
var negativeUser int64 = -1
negativeRunAsUser.RunAsUser = &negativeUser
errorCases := map[string]struct {
sc *api.SecurityContext
Move FieldPath and errors to a sub-package This makes the naming and reading a lot simpler.
2015-11-06 23:30:52 +00:00
errorType field.ErrorType
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
errorDetail string
}{
"request privileged when capabilities forbids": {
sc: privRequestWithGlobalDeny,
errorType: "FieldValueForbidden",
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
errorDetail: "disallowed by policy",
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
},
"negative RunAsUser": {
sc: negativeRunAsUser,
errorType: "FieldValueInvalid",
Clean up and document validation strings Also add a detail string for Required and Forbidden. Fix tests.
2015-11-14 20:26:04 +00:00
errorDetail: isNegativeErrorMsg,
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
},
}
for k, v := range errorCases {
audit validation errors to not double-print field names
2015-11-14 16:44:50 +00:00
if errs := ValidateSecurityContext(v.sc, field.NewPath("field")); len(errs) == 0 || errs[0].Type != v.errorType || !strings.Contains(errs[0].Detail, v.errorDetail) {
t.Errorf("[%s] Expected error type %q with detail %q, got %v", k, v.errorType, v.errorDetail, errs)
Revert "Revert "Security context - types, kubelet, admission""
2015-05-05 23:02:13 +00:00
}
}
}
func fakeValidSecurityContext(priv bool) *api.SecurityContext {
return &api.SecurityContext{
Privileged: &priv,
}
}
Support extended pod logging options Increase the supported controls on pod logging. Add validaiton to pod log options. Ensure the Kubelet is using a consistent, structured way to process pod log arguments. Add ?sinceSeconds=<durationInSeconds>, &sinceTime=<RFC3339>, ?timestamps=<bool>, ?tailLines=<number>, and ?limitBytes=<number>
2015-09-10 03:46:11 +00:00
func TestValidPodLogOptions(t *testing.T) {
now := unversioned.Now()
negative := int64(-1)
zero := int64(0)
positive := int64(1)
tests := []struct {
opt api.PodLogOptions
errs int
}{
{api.PodLogOptions{}, 0},
{api.PodLogOptions{Previous: true}, 0},
{api.PodLogOptions{Follow: true}, 0},
{api.PodLogOptions{TailLines: &zero}, 0},
{api.PodLogOptions{TailLines: &negative}, 1},
{api.PodLogOptions{TailLines: &positive}, 0},
{api.PodLogOptions{LimitBytes: &zero}, 1},
{api.PodLogOptions{LimitBytes: &negative}, 1},
{api.PodLogOptions{LimitBytes: &positive}, 0},
{api.PodLogOptions{SinceSeconds: &negative}, 1},
{api.PodLogOptions{SinceSeconds: &positive}, 0},
{api.PodLogOptions{SinceSeconds: &zero}, 1},
{api.PodLogOptions{SinceTime: &now}, 0},
}
for i, test := range tests {
errs := ValidatePodLogOptions(&test.opt)
if test.errs != len(errs) {
t.Errorf("%d: Unexpected errors: %v", i, errs)
}
}
}
Move ConfigMap to main API
2016-01-15 16:48:36 +00:00
func TestValidateConfigMap(t *testing.T) {
newConfigMap := func(name, namespace string, data map[string]string) api.ConfigMap {
return api.ConfigMap{
ObjectMeta: api.ObjectMeta{
Name: name,
Namespace: namespace,
},
Data: data,
}
}
var (
validConfigMap = newConfigMap("validname", "validns", map[string]string{"key": "value"})
maxKeyLength = newConfigMap("validname", "validns", map[string]string{strings.Repeat("a", 253): "value"})
emptyName = newConfigMap("", "validns", nil)
invalidName = newConfigMap("NoUppercaseOrSpecialCharsLike=Equals", "validns", nil)
emptyNs = newConfigMap("validname", "", nil)
invalidNs = newConfigMap("validname", "NoUppercaseOrSpecialCharsLike=Equals", nil)
invalidKey = newConfigMap("validname", "validns", map[string]string{"a..b": "value"})
leadingDotKey = newConfigMap("validname", "validns", map[string]string{".ab": "value"})
dotKey = newConfigMap("validname", "validns", map[string]string{".": "value"})
doubleDotKey = newConfigMap("validname", "validns", map[string]string{"..": "value"})
overMaxKeyLength = newConfigMap("validname", "validns", map[string]string{strings.Repeat("a", 254): "value"})
Add size limit for ConfigMap
2016-01-21 04:14:37 +00:00
overMaxSize = newConfigMap("validname", "validns", map[string]string{"key": strings.Repeat("a", api.MaxSecretSize+1)})
Move ConfigMap to main API
2016-01-15 16:48:36 +00:00
)
tests := map[string]struct {
cfg api.ConfigMap
isValid bool
}{
"valid": {validConfigMap, true},
"max key length": {maxKeyLength, true},
"leading dot key": {leadingDotKey, true},
"empty name": {emptyName, false},
"invalid name": {invalidName, false},
"invalid key": {invalidKey, false},
"empty namespace": {emptyNs, false},
"invalid namespace": {invalidNs, false},
"dot key": {dotKey, false},
"double dot key": {doubleDotKey, false},
"over max key length": {overMaxKeyLength, false},
Add size limit for ConfigMap
2016-01-21 04:14:37 +00:00
"over max size": {overMaxSize, false},
Move ConfigMap to main API
2016-01-15 16:48:36 +00:00
}
for name, tc := range tests {
errs := ValidateConfigMap(&tc.cfg)
if tc.isValid && len(errs) > 0 {
t.Errorf("%v: unexpected error: %v", name, errs)
}
if !tc.isValid && len(errs) == 0 {
t.Errorf("%v: unexpected non-error", name)
}
}
}
func TestValidateConfigMapUpdate(t *testing.T) {
newConfigMap := func(version, name, namespace string, data map[string]string) api.ConfigMap {
return api.ConfigMap{
ObjectMeta: api.ObjectMeta{
Name: name,
Namespace: namespace,
ResourceVersion: version,
},
Data: data,
}
}
var (
validConfigMap = newConfigMap("1", "validname", "validns", map[string]string{"key": "value"})
noVersion = newConfigMap("", "validname", "validns", map[string]string{"key": "value"})
)
cases := []struct {
name string
newCfg api.ConfigMap
oldCfg api.ConfigMap
isValid bool
}{
{
name: "valid",
newCfg: validConfigMap,
oldCfg: validConfigMap,
isValid: true,
},
{
name: "invalid",
newCfg: noVersion,
oldCfg: validConfigMap,
isValid: false,
},
}
for _, tc := range cases {
errs := ValidateConfigMapUpdate(&tc.newCfg, &tc.oldCfg)
if tc.isValid && len(errs) > 0 {
t.Errorf("%v: unexpected error: %v", tc.name, errs)
}
if !tc.isValid && len(errs) == 0 {
t.Errorf("%v: unexpected non-error", tc.name)
}
}
}
Add a validation helper function. I will use this in a subsequent PR as part of #12298
2016-02-12 22:38:22 +00:00
func TestValidateHasLabel(t *testing.T) {
successCase := api.ObjectMeta{
Name: "123",
Namespace: "ns",
Labels: map[string]string{
"other": "blah",
"foo": "bar",
},
}
if errs := ValidateHasLabel(successCase, field.NewPath("field"), "foo", "bar"); len(errs) != 0 {
t.Errorf("expected success: %v", errs)
}
missingCase := api.ObjectMeta{
Name: "123",
Namespace: "ns",
Labels: map[string]string{
"other": "blah",
},
}
if errs := ValidateHasLabel(missingCase, field.NewPath("field"), "foo", "bar"); len(errs) == 0 {
t.Errorf("expected failure")
}
wrongValueCase := api.ObjectMeta{
Name: "123",
Namespace: "ns",
Labels: map[string]string{
"other": "blah",
"foo": "notbar",
},
}
if errs := ValidateHasLabel(wrongValueCase, field.NewPath("field"), "foo", "bar"); len(errs) == 0 {
t.Errorf("expected failure")
}
}