github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secret API resource

Browse Source
This commit is contained in:
Paul Morie
2015-02-17 20:24:50 -05:00
parent 48a98f97a1
commit fb001ada21
29 changed files with 852 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
pkg/api/validation/validation.go
View File

@@ -247,6 +247,10 @@ func validateSource(source *api.VolumeSource) errs.ValidationErrorList {
numVolumes++
allErrs = append(allErrs, validateGCEPersistentDisk(source.GCEPersistentDisk).Prefix("persistentDisk")...)
}
if source.Secret != nil {
numVolumes++
allErrs = append(allErrs, validateSecretSource(source.Secret).Prefix("secret")...)
}
if numVolumes != 1 {
allErrs = append(allErrs, errs.NewFieldInvalid("", source, "exactly 1 volume type is required"))
}
@@ -283,6 +287,20 @@ func validateGCEPersistentDisk(PD *api.GCEPersistentDisk) errs.ValidationErrorLi
return allErrs
}
func validateSecretSource(secretSource *api.SecretSource) errs.ValidationErrorList {
allErrs := errs.ValidationErrorList{}
if secretSource.Target.Name == "" {
allErrs = append(allErrs, errs.NewFieldRequired("target.name", ""))
}
if secretSource.Target.Namespace == "" {
allErrs = append(allErrs, errs.NewFieldRequired("target.namespace", ""))
}
if secretSource.Target.Kind != "Secret" {
allErrs = append(allErrs, errs.NewFieldInvalid("target.kind", secretSource.Target.Kind, "Secret"))
}
return allErrs
}
var supportedPortProtocols = util.NewStringSet(string(api.ProtocolTCP), string(api.ProtocolUDP))
func validatePorts(ports []api.Port) errs.ValidationErrorList {
@@ -820,6 +838,31 @@ func ValidateLimitRange(limitRange *api.LimitRange) errs.ValidationErrorList {
return allErrs
}
// ValidateSecret tests if required fields in the Secret are set.
func ValidateSecret(secret *api.Secret) errs.ValidationErrorList {
allErrs := errs.ValidationErrorList{}
if len(secret.Name) == 0 {
allErrs = append(allErrs, errs.NewFieldRequired("name", secret.Name))
} else if !util.IsDNSSubdomain(secret.Name) {
allErrs = append(allErrs, errs.NewFieldInvalid("name", secret.Name, ""))
}
if len(secret.Namespace) == 0 {
allErrs = append(allErrs, errs.NewFieldRequired("namespace", secret.Namespace))
} else if !util.IsDNSSubdomain(secret.Namespace) {
allErrs = append(allErrs, errs.NewFieldInvalid("namespace", secret.Namespace, ""))
}
totalSize := 0
for _, value := range secret.Data {
totalSize += len(value)
}
if totalSize > api.MaxSecretSize {
allErrs = append(allErrs, errs.NewFieldForbidden("data", "Maximum secret size exceeded"))
}
return allErrs
}
func validateBasicResource(quantity resource.Quantity) errs.ValidationErrorList {
if quantity.Value() < 0 {
return errs.ValidationErrorList{fmt.Errorf("%v is not a valid resource quantity", quantity.Value())}