90 lines
3.3 KiB
Go
90 lines
3.3 KiB
Go
/*
|
|
Copyright 2015 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package validation
|
|
|
|
import (
|
|
"reflect"
|
|
"strings"
|
|
|
|
apivalidation "k8s.io/kubernetes/pkg/api/validation"
|
|
"k8s.io/kubernetes/pkg/apis/storage"
|
|
"k8s.io/kubernetes/pkg/util/validation"
|
|
"k8s.io/kubernetes/pkg/util/validation/field"
|
|
)
|
|
|
|
// ValidateStorageClass validates a StorageClass.
|
|
func ValidateStorageClass(storageClass *storage.StorageClass) field.ErrorList {
|
|
allErrs := apivalidation.ValidateObjectMeta(&storageClass.ObjectMeta, false, apivalidation.NameIsDNSSubdomain, field.NewPath("metadata"))
|
|
allErrs = append(allErrs, validateProvisioner(storageClass.Provisioner, field.NewPath("provisioner"))...)
|
|
allErrs = append(allErrs, validateParameters(storageClass.Parameters, field.NewPath("parameters"))...)
|
|
|
|
return allErrs
|
|
}
|
|
|
|
// ValidateStorageClassUpdate tests if an update to StorageClass is valid.
|
|
func ValidateStorageClassUpdate(storageClass, oldStorageClass *storage.StorageClass) field.ErrorList {
|
|
allErrs := apivalidation.ValidateObjectMetaUpdate(&storageClass.ObjectMeta, &oldStorageClass.ObjectMeta, field.NewPath("metadata"))
|
|
if !reflect.DeepEqual(oldStorageClass.Parameters, storageClass.Parameters) {
|
|
allErrs = append(allErrs, field.Forbidden(field.NewPath("parameters"), "updates to parameters are forbidden."))
|
|
}
|
|
|
|
if strings.Compare(storageClass.Provisioner, oldStorageClass.Provisioner) != 0 {
|
|
allErrs = append(allErrs, field.Forbidden(field.NewPath("provisioner"), "updates to provisioner are forbidden."))
|
|
}
|
|
return allErrs
|
|
}
|
|
|
|
// validateProvisioner tests if provisioner is a valid qualified name.
|
|
func validateProvisioner(provisioner string, fldPath *field.Path) field.ErrorList {
|
|
allErrs := field.ErrorList{}
|
|
if len(provisioner) == 0 {
|
|
allErrs = append(allErrs, field.Required(fldPath, provisioner))
|
|
}
|
|
if len(provisioner) > 0 {
|
|
for _, msg := range validation.IsQualifiedName(strings.ToLower(provisioner)) {
|
|
allErrs = append(allErrs, field.Invalid(fldPath, provisioner, msg))
|
|
}
|
|
}
|
|
return allErrs
|
|
}
|
|
|
|
const maxProvisionerParameterSize = 256 * (1 << 10) // 256 kB
|
|
const maxProvisionerParameterLen = 512
|
|
|
|
// validateParameters tests that keys are qualified names and that provisionerParameter are < 256kB.
|
|
func validateParameters(params map[string]string, fldPath *field.Path) field.ErrorList {
|
|
var totalSize int64
|
|
allErrs := field.ErrorList{}
|
|
|
|
if len(params) > maxProvisionerParameterLen {
|
|
allErrs = append(allErrs, field.TooLong(fldPath, "Provisioner Parameters exceeded max allowed", maxProvisionerParameterLen))
|
|
return allErrs
|
|
}
|
|
|
|
for k, v := range params {
|
|
if len(k) < 1 {
|
|
allErrs = append(allErrs, field.Invalid(fldPath, k, "field can not be empty."))
|
|
}
|
|
totalSize += (int64)(len(k)) + (int64)(len(v))
|
|
}
|
|
|
|
if totalSize > maxProvisionerParameterSize {
|
|
allErrs = append(allErrs, field.TooLong(fldPath, "", maxProvisionerParameterSize))
|
|
}
|
|
return allErrs
|
|
}
|