github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make IsValid{User,Group}Id return error strings

Browse Source
This commit is contained in:
Tim Hockin
2016-01-29 00:05:34 -08:00
parent bb208a02b3
commit 3ad6c397d7
3 changed files with 32 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
pkg/api/validation/validation.go
View File

@@ -19,7 +19,6 @@ package validation
import (
"encoding/json"
"fmt"
"math"
"net"
"os"
"path"
@@ -54,7 +53,6 @@ const fieldImmutableErrorMsg string = `field is immutable`
const isNotIntegerErrorMsg string = `must be an integer`
var pdPartitionErrorMsg string = validation.InclusiveRangeError(1, 255)
var IdRangeErrorMsg string = validation.InclusiveRangeError(0, math.MaxInt32)
const totalAnnotationSizeLimitB int = 256 * (1 << 10) // 256 kB
@@ -1889,16 +1887,19 @@ func ValidatePodSecurityContext(securityContext *api.PodSecurityContext, spec *a
if securityContext != nil {
allErrs = append(allErrs, validateHostNetwork(securityContext.HostNetwork, spec.Containers, specPath.Child("containers"))...)
if securityContext.FSGroup != nil && !validation.IsValidGroupId(*securityContext.FSGroup) {
allErrs = append(allErrs, field.Invalid(fldPath.Child("fsGroup"), *(securityContext.FSGroup), IdRangeErrorMsg))
if securityContext.FSGroup != nil {
for _, msg := range validation.IsValidGroupId(*securityContext.FSGroup) {
allErrs = append(allErrs, field.Invalid(fldPath.Child("fsGroup"), *(securityContext.FSGroup), msg))
}
}
if securityContext.RunAsUser != nil && !validation.IsValidUserId(*securityContext.RunAsUser) {
allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *(securityContext.RunAsUser), IdRangeErrorMsg))
if securityContext.RunAsUser != nil {
for _, msg := range validation.IsValidUserId(*securityContext.RunAsUser) {
allErrs = append(allErrs, field.Invalid(fldPath.Child("runAsUser"), *(securityContext.RunAsUser), msg))
}
}
for i, gid := range securityContext.SupplementalGroups {
if !validation.IsValidGroupId(gid) {
supplementalGroup := fmt.Sprintf(`supplementalGroups[%d]`, i)
allErrs = append(allErrs, field.Invalid(fldPath.Child(supplementalGroup), gid, IdRangeErrorMsg))
for g, gid := range securityContext.SupplementalGroups {
for _, msg := range validation.IsValidGroupId(gid) {
allErrs = append(allErrs, field.Invalid(fldPath.Child("supplementalGroups").Index(g), gid, msg))
}
}
}