validation

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 17, 2016 License: Apache-2.0, Apache-2.0 Imports: 32 Imported by: 0

Documentation

Overview

Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid.

Index

Constants

View Source
const (
	// a sysctl segment regex, concatenated with dots to form a sysctl name
	SysctlSegmentFmt string = "[a-z0-9]([-_a-z0-9]*[a-z0-9])?"

	// a sysctl name regex
	SysctlFmt string = "(" + SysctlSegmentFmt + "\\.)*" + SysctlSegmentFmt

	// the maximal length of a sysctl name
	SysctlMaxLength int = 253
)

Variables

View Source
var BannedOwners = map[unversioned.GroupVersionKind]struct{}{
	v1.SchemeGroupVersion.WithKind("Event"): {},
}

BannedOwners is a black list of object that are not allowed to be owners.

View Source
var NameMayNotBe = []string{".", ".."}

NameMayNotBe specifies strings that cannot be used as names specified as path segments (like the REST API or etcd store)

View Source
var NameMayNotContain = []string{"/", "%"}

NameMayNotContain specifies substrings that cannot be used in names specified as path segments (like the REST API or etcd store)

View Source
var RepairMalformedUpdates bool = true

TODO: delete this global variable when we enable the validation of common fields by default.

View Source
var ValidateClusterName = NameIsDNS1035Label

ValidateClusterName can be used to check whether the given cluster name is valid.

View Source
var ValidateConfigMapName = NameIsDNSSubdomain

ValidateConfigMapName can be used to check whether the given ConfigMap name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateEndpointsName = NameIsDNSSubdomain

ValidateEndpointsName can be used to check whether the given endpoints name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateLimitRangeName = NameIsDNSSubdomain

ValidateLimitRangeName can be used to check whether the given limit range name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateNamespaceName = NameIsDNSLabel

ValidateNamespaceName can be used to check whether the given namespace name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateNodeName = NameIsDNSSubdomain

ValidateNodeName can be used to check whether the given node name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidatePersistentVolumeName = NameIsDNSSubdomain

ValidatePersistentVolumeName checks that a name is appropriate for a PersistentVolumeName object.

View Source
var ValidatePodName = NameIsDNSSubdomain

ValidatePodName can be used to check whether the given pod name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateReplicationControllerName = NameIsDNSSubdomain

ValidateReplicationControllerName can be used to check whether the given replication controller name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateResourceQuotaName = NameIsDNSSubdomain

ValidateResourceQuotaName can be used to check whether the given resource quota name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateSecretName = NameIsDNSSubdomain

ValidateSecretName can be used to check whether the given secret name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateServiceAccountName = NameIsDNSSubdomain

ValidateServiceAccountName can be used to check whether the given service account name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateServiceName = NameIsDNS1035Label

ValidateServiceName can be used to check whether the given service name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

Functions

func AccumulateUniqueHostPorts

func AccumulateUniqueHostPorts(containers []api.Container, accumulator *sets.String, fldPath *field.Path) field.ErrorList

AccumulateUniqueHostPorts extracts each HostPort of each Container, accumulating the results and returning an error if any ports conflict.

func IsValidPathSegmentName

func IsValidPathSegmentName(name string) []string

IsValidPathSegmentName validates the name can be safely encoded as a path segment

func IsValidPathSegmentPrefix

func IsValidPathSegmentPrefix(name string) []string

IsValidPathSegmentPrefix validates the name can be used as a prefix for a name which will be encoded as a path segment It does not check for exact matches with disallowed names, since an arbitrary suffix might make the name valid

func IsValidSysctlName

func IsValidSysctlName(name string) bool

IsValidSysctlName checks that the given string is a valid sysctl name, i.e. matches SysctlFmt.

func NameIsDNS1035Label

func NameIsDNS1035Label(name string, prefix bool) []string

NameIsDNS1035Label is a ValidateNameFunc for names that must be a DNS 952 label.

func NameIsDNSLabel

func NameIsDNSLabel(name string, prefix bool) []string

NameIsDNSLabel is a ValidateNameFunc for names that must be a DNS 1123 label.

func NameIsDNSSubdomain

func NameIsDNSSubdomain(name string, prefix bool) []string

NameIsDNSSubdomain is a ValidateNameFunc for names that must be a DNS subdomain.

func NewInvalidTypeError

func NewInvalidTypeError(expected reflect.Kind, observed reflect.Kind, fieldName string) error

func ValidateAffinityInPodAnnotations

func ValidateAffinityInPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAffinityInPodAnnotations tests that the serialized Affinity in Pod.Annotations has valid data

func ValidateAnnotations

func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAnnotations validates that a set of annotations are correctly defined.

func ValidateAppArmorPodAnnotations

func ValidateAppArmorPodAnnotations(annotations map[string]string, spec *api.PodSpec, fldPath *field.Path) field.ErrorList

func ValidateAvoidPodsInNodeAnnotations

func ValidateAvoidPodsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAvoidPodsInNodeAnnotations tests that the serialized AvoidPods in Node.Annotations has valid data

func ValidateConfigMap

func ValidateConfigMap(cfg *api.ConfigMap) field.ErrorList

ValidateConfigMap tests whether required fields in the ConfigMap are set.

func ValidateConfigMapUpdate

func ValidateConfigMapUpdate(newCfg, oldCfg *api.ConfigMap) field.ErrorList

ValidateConfigMapUpdate tests if required fields in the ConfigMap are set.

func ValidateContainerUpdates

func ValidateContainerUpdates(newContainers, oldContainers []api.Container, fldPath *field.Path) (allErrs field.ErrorList, stop bool)

func ValidateDNS1123Label

func ValidateDNS1123Label(value string, fldPath *field.Path) field.ErrorList

func ValidateDNS1123Subdomain

func ValidateDNS1123Subdomain(value string, fldPath *field.Path) field.ErrorList

ValidateDNS1123Subdomain validates that a name is a proper DNS subdomain.

func ValidateEndpoints

func ValidateEndpoints(endpoints *api.Endpoints) field.ErrorList

ValidateEndpoints tests if required fields are set.

func ValidateEndpointsSpecificAnnotations

func ValidateEndpointsSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateEndpointsUpdate

func ValidateEndpointsUpdate(newEndpoints, oldEndpoints *api.Endpoints) field.ErrorList

ValidateEndpointsUpdate tests to make sure an endpoints update can be applied.

func ValidateEvent

func ValidateEvent(event *api.Event) field.ErrorList

ValidateEvent makes sure that the event makes sense.

func ValidateHasLabel

func ValidateHasLabel(meta api.ObjectMeta, fldPath *field.Path, key, expectedValue string) field.ErrorList

ValidateHasLabel requires that api.ObjectMeta has a Label with key and expectedValue

func ValidateImmutableField

func ValidateImmutableField(newVal, oldVal interface{}, fldPath *field.Path) field.ErrorList

func ValidateLimitRange

func ValidateLimitRange(limitRange *api.LimitRange) field.ErrorList

ValidateLimitRange tests if required fields in the LimitRange are set.

func ValidateLoadBalancerStatus

func ValidateLoadBalancerStatus(status *api.LoadBalancerStatus, fldPath *field.Path) field.ErrorList

ValidateLoadBalancerStatus validates required fields on a LoadBalancerStatus

func ValidateNamespace

func ValidateNamespace(namespace *api.Namespace) field.ErrorList

ValidateNamespace tests if required fields are set.

func ValidateNamespaceFinalizeUpdate

func ValidateNamespaceFinalizeUpdate(newNamespace, oldNamespace *api.Namespace) field.ErrorList

ValidateNamespaceFinalizeUpdate tests to see if the update is legal for an end user to make. newNamespace is updated with fields that cannot be changed.

func ValidateNamespaceStatusUpdate

func ValidateNamespaceStatusUpdate(newNamespace, oldNamespace *api.Namespace) field.ErrorList

ValidateNamespaceStatusUpdate tests to see if the update is legal for an end user to make. newNamespace is updated with fields that cannot be changed.

func ValidateNamespaceUpdate

func ValidateNamespaceUpdate(newNamespace *api.Namespace, oldNamespace *api.Namespace) field.ErrorList

ValidateNamespaceUpdate tests to make sure a namespace update can be applied. newNamespace is updated with fields that cannot be changed

func ValidateNoNewFinalizers

func ValidateNoNewFinalizers(newFinalizers []string, oldFinalizers []string, fldPath *field.Path) field.ErrorList

func ValidateNode

func ValidateNode(node *api.Node) field.ErrorList

ValidateNode tests if required fields in the node are set.

func ValidateNodeSelector

func ValidateNodeSelector(nodeSelector *api.NodeSelector, fldPath *field.Path) field.ErrorList

ValidateNodeSelector tests that the specified nodeSelector fields has valid data

func ValidateNodeSelectorRequirement

func ValidateNodeSelectorRequirement(rq api.NodeSelectorRequirement, fldPath *field.Path) field.ErrorList

ValidateNodeSelectorRequirement tests that the specified NodeSelectorRequirement fields has valid data

func ValidateNodeSelectorTerm

func ValidateNodeSelectorTerm(term api.NodeSelectorTerm, fldPath *field.Path) field.ErrorList

ValidateNodeSelectorTerm tests that the specified node selector term has valid data

func ValidateNodeSpecificAnnotations

func ValidateNodeSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateNodeUpdate

func ValidateNodeUpdate(node, oldNode *api.Node) field.ErrorList

ValidateNodeUpdate tests to make sure a node update can be applied. Modifies oldNode.

func ValidateNonEmptySelector

func ValidateNonEmptySelector(selectorMap map[string]string, fldPath *field.Path) field.ErrorList

Validates that the given selector is non-empty.

func ValidateNonnegativeField

func ValidateNonnegativeField(value int64, fldPath *field.Path) field.ErrorList

Validates that given value is not negative.

func ValidateNonnegativeQuantity

func ValidateNonnegativeQuantity(value resource.Quantity, fldPath *field.Path) field.ErrorList

Validates that a Quantity is not negative

func ValidateObjectMeta

func ValidateObjectMeta(meta *api.ObjectMeta, requiresNamespace bool, nameFn ValidateNameFunc, fldPath *field.Path) field.ErrorList

ValidateObjectMeta validates an object's metadata on creation. It expects that name generation has already been performed. It doesn't return an error for rootscoped resources with namespace, because namespace should already be cleared before. TODO: Remove calls to this method scattered in validations of specific resources, e.g., ValidatePodUpdate.

func ValidateObjectMetaUpdate

func ValidateObjectMetaUpdate(newMeta, oldMeta *api.ObjectMeta, fldPath *field.Path) field.ErrorList

ValidateObjectMetaUpdate validates an object's metadata when updated

func ValidateOwnerReferences

func ValidateOwnerReferences(ownerReferences []api.OwnerReference, fldPath *field.Path) field.ErrorList

func ValidatePathSegmentName

func ValidatePathSegmentName(name string, prefix bool) []string

ValidatePathSegmentName validates the name can be safely encoded as a path segment

func ValidatePersistentVolume

func ValidatePersistentVolume(pv *api.PersistentVolume) field.ErrorList

func ValidatePersistentVolumeClaim

func ValidatePersistentVolumeClaim(pvc *api.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaim validates a PersistentVolumeClaim

func ValidatePersistentVolumeClaimSpec

func ValidatePersistentVolumeClaimSpec(spec *api.PersistentVolumeClaimSpec, fldPath *field.Path) field.ErrorList

ValidatePersistentVolumeClaimSpec validates a PersistentVolumeClaimSpec

func ValidatePersistentVolumeClaimStatusUpdate

func ValidatePersistentVolumeClaimStatusUpdate(newPvc, oldPvc *api.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaimStatusUpdate validates an update to status of a PeristentVolumeClaim

func ValidatePersistentVolumeClaimUpdate

func ValidatePersistentVolumeClaimUpdate(newPvc, oldPvc *api.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaimUpdate validates an update to a PeristentVolumeClaim

func ValidatePersistentVolumeStatusUpdate

func ValidatePersistentVolumeStatusUpdate(newPv, oldPv *api.PersistentVolume) field.ErrorList

ValidatePersistentVolumeStatusUpdate tests to see if the status update is legal for an end user to make. newPv is updated with fields that cannot be changed.

func ValidatePersistentVolumeUpdate

func ValidatePersistentVolumeUpdate(newPv, oldPv *api.PersistentVolume) field.ErrorList

ValidatePersistentVolumeUpdate tests to see if the update is legal for an end user to make. newPv is updated with fields that cannot be changed.

func ValidatePod

func ValidatePod(pod *api.Pod) field.ErrorList

ValidatePod tests if required fields in the pod are set.

func ValidatePodBinding

func ValidatePodBinding(binding *api.Binding) field.ErrorList

ValidatePodBinding tests if required fields in the pod binding are legal.

func ValidatePodLogOptions

func ValidatePodLogOptions(opts *api.PodLogOptions) field.ErrorList

func ValidatePodSecurityContext

func ValidatePodSecurityContext(securityContext *api.PodSecurityContext, spec *api.PodSpec, specPath, fldPath *field.Path) field.ErrorList

ValidatePodSecurityContext test that the specified PodSecurityContext has valid data.

func ValidatePodSpec

func ValidatePodSpec(spec *api.PodSpec, fldPath *field.Path) field.ErrorList

ValidatePodSpec tests that the specified PodSpec has valid data. This includes checking formatting and uniqueness. It also canonicalizes the structure by setting default values and implementing any backwards-compatibility tricks.

func ValidatePodSpecificAnnotationUpdates

func ValidatePodSpecificAnnotationUpdates(newPod, oldPod *api.Pod, fldPath *field.Path) field.ErrorList

func ValidatePodSpecificAnnotations

func ValidatePodSpecificAnnotations(annotations map[string]string, spec *api.PodSpec, fldPath *field.Path) field.ErrorList

func ValidatePodStatusUpdate

func ValidatePodStatusUpdate(newPod, oldPod *api.Pod) field.ErrorList

ValidatePodStatusUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePodTemplate

func ValidatePodTemplate(pod *api.PodTemplate) field.ErrorList

ValidatePodTemplate tests if required fields in the pod template are set.

func ValidatePodTemplateSpec

func ValidatePodTemplateSpec(spec *api.PodTemplateSpec, fldPath *field.Path) field.ErrorList

ValidatePodTemplateSpec validates the spec of a pod template

func ValidatePodTemplateSpecForRC

func ValidatePodTemplateSpecForRC(template *api.PodTemplateSpec, selectorMap map[string]string, replicas int32, fldPath *field.Path) field.ErrorList

Validates the given template and ensures that it is in accordance with the desired selector and replicas.

func ValidatePodTemplateUpdate

func ValidatePodTemplateUpdate(newPod, oldPod *api.PodTemplate) field.ErrorList

ValidatePodTemplateUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePodUpdate

func ValidatePodUpdate(newPod, oldPod *api.Pod) field.ErrorList

ValidatePodUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePortNumOrName

func ValidatePortNumOrName(port intstr.IntOrString, fldPath *field.Path) field.ErrorList

func ValidatePreferredSchedulingTerms

func ValidatePreferredSchedulingTerms(terms []api.PreferredSchedulingTerm, fldPath *field.Path) field.ErrorList

ValidatePreferredSchedulingTerms tests that the specified SoftNodeAffinity fields has valid data

func ValidateReadOnlyPersistentDisks

func ValidateReadOnlyPersistentDisks(volumes []api.Volume, fldPath *field.Path) field.ErrorList

func ValidateReplicationController

func ValidateReplicationController(controller *api.ReplicationController) field.ErrorList

ValidateReplicationController tests if required fields in the replication controller are set.

func ValidateReplicationControllerSpec

func ValidateReplicationControllerSpec(spec *api.ReplicationControllerSpec, fldPath *field.Path) field.ErrorList

ValidateReplicationControllerSpec tests if required fields in the replication controller spec are set.

func ValidateReplicationControllerStatusUpdate

func ValidateReplicationControllerStatusUpdate(controller, oldController *api.ReplicationController) field.ErrorList

ValidateReplicationControllerStatusUpdate tests if required fields in the replication controller are set.

func ValidateReplicationControllerUpdate

func ValidateReplicationControllerUpdate(controller, oldController *api.ReplicationController) field.ErrorList

ValidateReplicationControllerUpdate tests if required fields in the replication controller are set.

func ValidateResourceQuantityValue

func ValidateResourceQuantityValue(resource string, value resource.Quantity, fldPath *field.Path) field.ErrorList

ValidateResourceQuantityValue enforces that specified quantity is valid for specified resource

func ValidateResourceQuota

func ValidateResourceQuota(resourceQuota *api.ResourceQuota) field.ErrorList

ValidateResourceQuota tests if required fields in the ResourceQuota are set.

func ValidateResourceQuotaResourceName

func ValidateResourceQuotaResourceName(value string, fldPath *field.Path) field.ErrorList

Validate resource names that can go in a resource quota Refer to docs/design/resources.md for more details.

func ValidateResourceQuotaSpec

func ValidateResourceQuotaSpec(resourceQuotaSpec *api.ResourceQuotaSpec, fld *field.Path) field.ErrorList

func ValidateResourceQuotaStatus

func ValidateResourceQuotaStatus(status *api.ResourceQuotaStatus, fld *field.Path) field.ErrorList

func ValidateResourceQuotaStatusUpdate

func ValidateResourceQuotaStatusUpdate(newResourceQuota, oldResourceQuota *api.ResourceQuota) field.ErrorList

ValidateResourceQuotaStatusUpdate tests to see if the status update is legal for an end user to make. newResourceQuota is updated with fields that cannot be changed.

func ValidateResourceQuotaUpdate

func ValidateResourceQuotaUpdate(newResourceQuota, oldResourceQuota *api.ResourceQuota) field.ErrorList

ValidateResourceQuotaUpdate tests to see if the update is legal for an end user to make. newResourceQuota is updated with fields that cannot be changed.

func ValidateResourceRequirements

func ValidateResourceRequirements(requirements *api.ResourceRequirements, fldPath *field.Path) field.ErrorList

Validates resource requirement spec.

func ValidateSeccompPodAnnotations

func ValidateSeccompPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateSecret

func ValidateSecret(secret *api.Secret) field.ErrorList

ValidateSecret tests if required fields in the Secret are set.

func ValidateSecretUpdate

func ValidateSecretUpdate(newSecret, oldSecret *api.Secret) field.ErrorList

ValidateSecretUpdate tests if required fields in the Secret are set.

func ValidateSecurityContext

func ValidateSecurityContext(sc *api.SecurityContext, fldPath *field.Path) field.ErrorList

ValidateSecurityContext ensure the security context contains valid settings

func ValidateService

func ValidateService(service *api.Service) field.ErrorList

ValidateService tests if required fields in the service are set.

func ValidateServiceAccount

func ValidateServiceAccount(serviceAccount *api.ServiceAccount) field.ErrorList

ValidateServiceAccount tests if required fields in the ServiceAccount are set.

func ValidateServiceAccountUpdate

func ValidateServiceAccountUpdate(newServiceAccount, oldServiceAccount *api.ServiceAccount) field.ErrorList

ValidateServiceAccountUpdate tests if required fields in the ServiceAccount are set.

func ValidateServiceStatusUpdate

func ValidateServiceStatusUpdate(service, oldService *api.Service) field.ErrorList

ValidateServiceStatusUpdate tests if required fields in the Service are set when updating status.

func ValidateServiceUpdate

func ValidateServiceUpdate(service, oldService *api.Service) field.ErrorList

ValidateServiceUpdate tests if required fields in the service are set during an update

func ValidateTaintsInNodeAnnotations

func ValidateTaintsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateTaintsInNodeAnnotations tests that the serialized taints in Node.Annotations has valid data

func ValidateTolerationsInPodAnnotations

func ValidateTolerationsInPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateTolerationsInPodAnnotations tests that the serialized tolerations in Pod.Annotations has valid data

Types

type InvalidTypeError

type InvalidTypeError struct {
	ExpectedKind reflect.Kind
	ObservedKind reflect.Kind
	FieldName    string
}

func (*InvalidTypeError) Error

func (i *InvalidTypeError) Error() string

type NullSchema

type NullSchema struct{}

func (NullSchema) ValidateBytes

func (NullSchema) ValidateBytes(data []byte) error

type Schema

type Schema interface {
	ValidateBytes(data []byte) error
}

Schema is an interface that knows how to validate an API object serialized to a byte array.

func NewSwaggerSchemaFromBytes

func NewSwaggerSchemaFromBytes(data []byte, factory Schema) (Schema, error)

type SwaggerSchema

type SwaggerSchema struct {
	// contains filtered or unexported fields
}

func (*SwaggerSchema) ValidateBytes

func (s *SwaggerSchema) ValidateBytes(data []byte) error

func (*SwaggerSchema) ValidateObject

func (s *SwaggerSchema) ValidateObject(obj interface{}, fieldName, typeName string) []error

type TypeNotFoundError

type TypeNotFoundError string

TypeNotFoundError is returned when specified type can not found in schema

func (TypeNotFoundError) Error

func (tnfe TypeNotFoundError) Error() string

type ValidateNameFunc

type ValidateNameFunc func(name string, prefix bool) []string

ValidateNameFunc validates that the provided name is valid for a given resource type. Not all resources have the same validation rules for names. Prefix is true if the name will have a value appended to it. If the name is not valid, this returns a list of descriptions of individual characteristics of the value that were not valid. Otherwise this returns an empty list or nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL