validation

package
v1.8.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 23, 2018 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Overview

Package validation has functions for validating the correctness of api objects and explaining what is wrong with them when they aren't valid.

Index

Constants

View Source
const (
	// a sysctl segment regex, concatenated with dots to form a sysctl name
	SysctlSegmentFmt string = "[a-z0-9]([-_a-z0-9]*[a-z0-9])?"

	// a sysctl name regex
	SysctlFmt string = "(" + SysctlSegmentFmt + "\\.)*" + SysctlSegmentFmt

	// the maximal length of a sysctl name
	SysctlMaxLength int = 253
)

Variables

BannedOwners is a black list of object that are not allowed to be owners.

TODO: delete this global variable when we enable the validation of common fields by default.

View Source
var ValidateClassName = NameIsDNSSubdomain

ValidateClassName can be used to check whether the given class name is valid. It is defined here to avoid import cycle between pkg/apis/storage/validation (where it should be) and this file.

ValidateClusterName can be used to check whether the given cluster name is valid.

View Source
var ValidateConfigMapName = NameIsDNSSubdomain

ValidateConfigMapName can be used to check whether the given ConfigMap name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateEndpointsName = NameIsDNSSubdomain

ValidateEndpointsName can be used to check whether the given endpoints name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateLimitRangeName = NameIsDNSSubdomain

ValidateLimitRangeName can be used to check whether the given limit range name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

ValidateNamespaceName can be used to check whether the given namespace name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateNodeName = NameIsDNSSubdomain

ValidateNodeName can be used to check whether the given node name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidatePersistentVolumeName = NameIsDNSSubdomain

ValidatePersistentVolumeName checks that a name is appropriate for a PersistentVolumeName object.

View Source
var ValidatePodName = NameIsDNSSubdomain

ValidatePodName can be used to check whether the given pod name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidatePriorityClassName = NameIsDNSSubdomain

ValidatePiorityClassName can be used to check whether the given priority class name is valid.

View Source
var ValidateReplicationControllerName = NameIsDNSSubdomain

ValidateReplicationControllerName can be used to check whether the given replication controller name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateResourceQuotaName = NameIsDNSSubdomain

ValidateResourceQuotaName can be used to check whether the given resource quota name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateSecretName = NameIsDNSSubdomain

ValidateSecretName can be used to check whether the given secret name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

ValidateServiceAccountName can be used to check whether the given service account name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

View Source
var ValidateServiceName = NameIsDNS1035Label

ValidateServiceName can be used to check whether the given service name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

Functions

func AccumulateUniqueHostPorts added in v0.21.2

func AccumulateUniqueHostPorts(containers []api.Container, accumulator *sets.String, fldPath *field.Path) field.ErrorList

AccumulateUniqueHostPorts extracts each HostPort of each Container, accumulating the results and returning an error if any ports conflict.

func IsValidSysctlName added in v1.4.5

func IsValidSysctlName(name string) bool

IsValidSysctlName checks that the given string is a valid sysctl name, i.e. matches SysctlFmt.

func NameIsDNS1035Label added in v1.4.5

func NameIsDNS1035Label(name string, prefix bool) []string

NameIsDNS1035Label is a ValidateNameFunc for names that must be a DNS 952 label.

func NameIsDNSLabel added in v1.3.0

func NameIsDNSLabel(name string, prefix bool) []string

NameIsDNSLabel is a ValidateNameFunc for names that must be a DNS 1123 label.

func NameIsDNSSubdomain added in v1.3.0

func NameIsDNSSubdomain(name string, prefix bool) []string

TODO update all references to these functions to point to the genericvalidation ones NameIsDNSSubdomain is a ValidateNameFunc for names that must be a DNS subdomain.

func ValidateAnnotations

func ValidateAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAnnotations validates that a set of annotations are correctly defined.

func ValidateAppArmorPodAnnotations added in v1.4.5

func ValidateAppArmorPodAnnotations(annotations map[string]string, spec *api.PodSpec, fldPath *field.Path) field.ErrorList

func ValidateAvoidPodsInNodeAnnotations added in v1.4.5

func ValidateAvoidPodsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateAvoidPodsInNodeAnnotations tests that the serialized AvoidPods in Node.Annotations has valid data

func ValidateConfigMap added in v1.3.0

func ValidateConfigMap(cfg *api.ConfigMap) field.ErrorList

ValidateConfigMap tests whether required fields in the ConfigMap are set.

func ValidateConfigMapUpdate added in v1.3.0

func ValidateConfigMapUpdate(newCfg, oldCfg *api.ConfigMap) field.ErrorList

ValidateConfigMapUpdate tests if required fields in the ConfigMap are set.

func ValidateContainerUpdates added in v1.4.5

func ValidateContainerUpdates(newContainers, oldContainers []api.Container, fldPath *field.Path) (allErrs field.ErrorList, stop bool)

func ValidateDNS1123Label added in v1.4.5

func ValidateDNS1123Label(value string, fldPath *field.Path) field.ErrorList

func ValidateDNS1123Subdomain added in v1.4.5

func ValidateDNS1123Subdomain(value string, fldPath *field.Path) field.ErrorList

ValidateDNS1123Subdomain validates that a name is a proper DNS subdomain.

func ValidateEndpoints

func ValidateEndpoints(endpoints *api.Endpoints) field.ErrorList

ValidateEndpoints tests if required fields are set.

func ValidateEndpointsSpecificAnnotations added in v1.3.0

func ValidateEndpointsSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateEndpointsUpdate

func ValidateEndpointsUpdate(newEndpoints, oldEndpoints *api.Endpoints) field.ErrorList

ValidateEndpointsUpdate tests to make sure an endpoints update can be applied.

func ValidateEnv added in v1.7.0

func ValidateEnv(vars []api.EnvVar, fldPath *field.Path) field.ErrorList

ValidateEnv validates env vars

func ValidateEnvFrom added in v1.7.0

func ValidateEnvFrom(vars []api.EnvFromSource, fldPath *field.Path) field.ErrorList

func ValidateEvent

func ValidateEvent(event *api.Event) field.ErrorList

ValidateEvent makes sure that the event makes sense.

func ValidateHasLabel added in v1.3.0

func ValidateHasLabel(meta metav1.ObjectMeta, fldPath *field.Path, key, expectedValue string) field.ErrorList

ValidateHasLabel requires that metav1.ObjectMeta has a Label with key and expectedValue

func ValidateHostAliases added in v1.7.0

func ValidateHostAliases(hostAliases []api.HostAlias, fldPath *field.Path) field.ErrorList

func ValidateImmutableAnnotation added in v1.7.0

func ValidateImmutableAnnotation(newVal string, oldVal string, annotation string, fldPath *field.Path) field.ErrorList

func ValidateImmutableField added in v1.3.0

func ValidateImmutableField(newVal, oldVal interface{}, fldPath *field.Path) field.ErrorList

func ValidateLimitRange

func ValidateLimitRange(limitRange *api.LimitRange) field.ErrorList

ValidateLimitRange tests if required fields in the LimitRange are set.

func ValidateLoadBalancerStatus added in v1.3.0

func ValidateLoadBalancerStatus(status *api.LoadBalancerStatus, fldPath *field.Path) field.ErrorList

ValidateLoadBalancerStatus validates required fields on a LoadBalancerStatus

func ValidateNamespace

func ValidateNamespace(namespace *api.Namespace) field.ErrorList

ValidateNamespace tests if required fields are set.

func ValidateNamespaceFinalizeUpdate

func ValidateNamespaceFinalizeUpdate(newNamespace, oldNamespace *api.Namespace) field.ErrorList

ValidateNamespaceFinalizeUpdate tests to see if the update is legal for an end user to make. newNamespace is updated with fields that cannot be changed.

func ValidateNamespaceStatusUpdate

func ValidateNamespaceStatusUpdate(newNamespace, oldNamespace *api.Namespace) field.ErrorList

ValidateNamespaceStatusUpdate tests to see if the update is legal for an end user to make. newNamespace is updated with fields that cannot be changed.

func ValidateNamespaceUpdate

func ValidateNamespaceUpdate(newNamespace *api.Namespace, oldNamespace *api.Namespace) field.ErrorList

ValidateNamespaceUpdate tests to make sure a namespace update can be applied. newNamespace is updated with fields that cannot be changed

func ValidateNoNewFinalizers added in v1.4.5

func ValidateNoNewFinalizers(newFinalizers []string, oldFinalizers []string, fldPath *field.Path) field.ErrorList

func ValidateNode added in v0.21.2

func ValidateNode(node *api.Node) field.ErrorList

ValidateNode tests if required fields in the node are set.

func ValidateNodeResources added in v1.8.8

func ValidateNodeResources(node *api.Node) field.ErrorList

ValidateNodeResources is used to make sure a node has valid capacity and allocatable values.

func ValidateNodeSelector added in v1.3.0

func ValidateNodeSelector(nodeSelector *api.NodeSelector, fldPath *field.Path) field.ErrorList

ValidateNodeSelector tests that the specified nodeSelector fields has valid data

func ValidateNodeSelectorRequirement added in v1.3.0

func ValidateNodeSelectorRequirement(rq api.NodeSelectorRequirement, fldPath *field.Path) field.ErrorList

ValidateNodeSelectorRequirement tests that the specified NodeSelectorRequirement fields has valid data

func ValidateNodeSelectorTerm added in v1.3.0

func ValidateNodeSelectorTerm(term api.NodeSelectorTerm, fldPath *field.Path) field.ErrorList

ValidateNodeSelectorTerm tests that the specified node selector term has valid data

func ValidateNodeSpecificAnnotations added in v1.3.0

func ValidateNodeSpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateNodeUpdate added in v0.21.2

func ValidateNodeUpdate(node, oldNode *api.Node) field.ErrorList

ValidateNodeUpdate tests to make sure a node update can be applied. Modifies oldNode.

func ValidateNonEmptySelector added in v1.3.0

func ValidateNonEmptySelector(selectorMap map[string]string, fldPath *field.Path) field.ErrorList

Validates that the given selector is non-empty.

func ValidateNonnegativeField added in v1.3.0

func ValidateNonnegativeField(value int64, fldPath *field.Path) field.ErrorList

Validates that given value is not negative.

func ValidateNonnegativeQuantity added in v1.3.0

func ValidateNonnegativeQuantity(value resource.Quantity, fldPath *field.Path) field.ErrorList

Validates that a Quantity is not negative

func ValidateObjectMeta

func ValidateObjectMeta(meta *metav1.ObjectMeta, requiresNamespace bool, nameFn ValidateNameFunc, fldPath *field.Path) field.ErrorList

ValidateObjectMeta validates an object's metadata on creation. It expects that name generation has already been performed. It doesn't return an error for rootscoped resources with namespace, because namespace should already be cleared before. TODO: Remove calls to this method scattered in validations of specific resources, e.g., ValidatePodUpdate.

func ValidateObjectMetaUpdate

func ValidateObjectMetaUpdate(newMeta, oldMeta *metav1.ObjectMeta, fldPath *field.Path) field.ErrorList

ValidateObjectMetaUpdate validates an object's metadata when updated

func ValidateOwnerReferences added in v1.3.0

func ValidateOwnerReferences(ownerReferences []metav1.OwnerReference, fldPath *field.Path) field.ErrorList

func ValidatePersistentVolume

func ValidatePersistentVolume(pv *api.PersistentVolume) field.ErrorList

func ValidatePersistentVolumeClaim

func ValidatePersistentVolumeClaim(pvc *api.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaim validates a PersistentVolumeClaim

func ValidatePersistentVolumeClaimSpec added in v1.4.5

func ValidatePersistentVolumeClaimSpec(spec *api.PersistentVolumeClaimSpec, fldPath *field.Path) field.ErrorList

ValidatePersistentVolumeClaimSpec validates a PersistentVolumeClaimSpec

func ValidatePersistentVolumeClaimStatusUpdate

func ValidatePersistentVolumeClaimStatusUpdate(newPvc, oldPvc *api.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaimStatusUpdate validates an update to status of a PersistentVolumeClaim

func ValidatePersistentVolumeClaimUpdate

func ValidatePersistentVolumeClaimUpdate(newPvc, oldPvc *api.PersistentVolumeClaim) field.ErrorList

ValidatePersistentVolumeClaimUpdate validates an update to a PersistentVolumeClaim

func ValidatePersistentVolumeStatusUpdate

func ValidatePersistentVolumeStatusUpdate(newPv, oldPv *api.PersistentVolume) field.ErrorList

ValidatePersistentVolumeStatusUpdate tests to see if the status update is legal for an end user to make. newPv is updated with fields that cannot be changed.

func ValidatePersistentVolumeUpdate

func ValidatePersistentVolumeUpdate(newPv, oldPv *api.PersistentVolume) field.ErrorList

ValidatePersistentVolumeUpdate tests to see if the update is legal for an end user to make. newPv is updated with fields that cannot be changed.

func ValidatePod

func ValidatePod(pod *api.Pod) field.ErrorList

ValidatePod tests if required fields in the pod are set.

func ValidatePodBinding added in v1.3.0

func ValidatePodBinding(binding *api.Binding) field.ErrorList

ValidatePodBinding tests if required fields in the pod binding are legal.

func ValidatePodLogOptions added in v1.3.0

func ValidatePodLogOptions(opts *api.PodLogOptions) field.ErrorList

func ValidatePodSecurityContext added in v1.3.0

func ValidatePodSecurityContext(securityContext *api.PodSecurityContext, spec *api.PodSpec, specPath, fldPath *field.Path) field.ErrorList

ValidatePodSecurityContext test that the specified PodSecurityContext has valid data.

func ValidatePodSpec

func ValidatePodSpec(spec *api.PodSpec, fldPath *field.Path) field.ErrorList

ValidatePodSpec tests that the specified PodSpec has valid data. This includes checking formatting and uniqueness. It also canonicalizes the structure by setting default values and implementing any backwards-compatibility tricks.

func ValidatePodSpecificAnnotationUpdates added in v1.4.5

func ValidatePodSpecificAnnotationUpdates(newPod, oldPod *api.Pod, fldPath *field.Path) field.ErrorList

func ValidatePodSpecificAnnotations added in v1.3.0

func ValidatePodSpecificAnnotations(annotations map[string]string, spec *api.PodSpec, fldPath *field.Path) field.ErrorList

func ValidatePodStatusUpdate

func ValidatePodStatusUpdate(newPod, oldPod *api.Pod) field.ErrorList

ValidatePodStatusUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePodTemplate added in v0.21.2

func ValidatePodTemplate(pod *api.PodTemplate) field.ErrorList

ValidatePodTemplate tests if required fields in the pod template are set.

func ValidatePodTemplateSpec

func ValidatePodTemplateSpec(spec *api.PodTemplateSpec, fldPath *field.Path) field.ErrorList

ValidatePodTemplateSpec validates the spec of a pod template

func ValidatePodTemplateSpecForRC added in v1.3.0

func ValidatePodTemplateSpecForRC(template *api.PodTemplateSpec, selectorMap map[string]string, replicas int32, fldPath *field.Path) field.ErrorList

Validates the given template and ensures that it is in accordance with the desired selector and replicas.

func ValidatePodTemplateUpdate added in v0.21.2

func ValidatePodTemplateUpdate(newPod, oldPod *api.PodTemplate) field.ErrorList

ValidatePodTemplateUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePodUpdate

func ValidatePodUpdate(newPod, oldPod *api.Pod) field.ErrorList

ValidatePodUpdate tests to see if the update is legal for an end user to make. newPod is updated with fields that cannot be changed.

func ValidatePortNumOrName added in v1.4.5

func ValidatePortNumOrName(port intstr.IntOrString, fldPath *field.Path) field.ErrorList

func ValidatePreferredSchedulingTerms added in v1.3.0

func ValidatePreferredSchedulingTerms(terms []api.PreferredSchedulingTerm, fldPath *field.Path) field.ErrorList

ValidatePreferredSchedulingTerms tests that the specified SoftNodeAffinity fields has valid data

func ValidateReadOnlyPersistentDisks

func ValidateReadOnlyPersistentDisks(volumes []api.Volume, fldPath *field.Path) field.ErrorList

func ValidateReplicationController

func ValidateReplicationController(controller *api.ReplicationController) field.ErrorList

ValidateReplicationController tests if required fields in the replication controller are set.

func ValidateReplicationControllerSpec

func ValidateReplicationControllerSpec(spec *api.ReplicationControllerSpec, fldPath *field.Path) field.ErrorList

ValidateReplicationControllerSpec tests if required fields in the replication controller spec are set.

func ValidateReplicationControllerStatus added in v1.7.0

func ValidateReplicationControllerStatus(status api.ReplicationControllerStatus, statusPath *field.Path) field.ErrorList

func ValidateReplicationControllerStatusUpdate added in v1.3.0

func ValidateReplicationControllerStatusUpdate(controller, oldController *api.ReplicationController) field.ErrorList

ValidateReplicationControllerStatusUpdate tests if required fields in the replication controller are set.

func ValidateReplicationControllerUpdate

func ValidateReplicationControllerUpdate(controller, oldController *api.ReplicationController) field.ErrorList

ValidateReplicationControllerUpdate tests if required fields in the replication controller are set.

func ValidateResourceQuantityValue added in v1.4.5

func ValidateResourceQuantityValue(resource string, value resource.Quantity, fldPath *field.Path) field.ErrorList

ValidateResourceQuantityValue enforces that specified quantity is valid for specified resource

func ValidateResourceQuota

func ValidateResourceQuota(resourceQuota *api.ResourceQuota) field.ErrorList

ValidateResourceQuota tests if required fields in the ResourceQuota are set.

func ValidateResourceQuotaResourceName added in v1.4.5

func ValidateResourceQuotaResourceName(value string, fldPath *field.Path) field.ErrorList

Validate resource names that can go in a resource quota Refer to docs/design/resources.md for more details.

func ValidateResourceQuotaSpec added in v1.4.5

func ValidateResourceQuotaSpec(resourceQuotaSpec *api.ResourceQuotaSpec, fld *field.Path) field.ErrorList

func ValidateResourceQuotaStatus added in v1.4.5

func ValidateResourceQuotaStatus(status *api.ResourceQuotaStatus, fld *field.Path) field.ErrorList

func ValidateResourceQuotaStatusUpdate

func ValidateResourceQuotaStatusUpdate(newResourceQuota, oldResourceQuota *api.ResourceQuota) field.ErrorList

ValidateResourceQuotaStatusUpdate tests to see if the status update is legal for an end user to make. newResourceQuota is updated with fields that cannot be changed.

func ValidateResourceQuotaUpdate

func ValidateResourceQuotaUpdate(newResourceQuota, oldResourceQuota *api.ResourceQuota) field.ErrorList

ValidateResourceQuotaUpdate tests to see if the update is legal for an end user to make. newResourceQuota is updated with fields that cannot be changed.

func ValidateResourceRequirements added in v0.21.2

func ValidateResourceRequirements(requirements *api.ResourceRequirements, fldPath *field.Path) field.ErrorList

Validates resource requirement spec.

func ValidateSeccompPodAnnotations added in v1.3.0

func ValidateSeccompPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

func ValidateSeccompProfile added in v1.7.0

func ValidateSeccompProfile(p string, fldPath *field.Path) field.ErrorList

func ValidateSecret

func ValidateSecret(secret *api.Secret) field.ErrorList

ValidateSecret tests if required fields in the Secret are set.

func ValidateSecretUpdate added in v0.21.2

func ValidateSecretUpdate(newSecret, oldSecret *api.Secret) field.ErrorList

ValidateSecretUpdate tests if required fields in the Secret are set.

func ValidateSecurityContext added in v0.21.2

func ValidateSecurityContext(sc *api.SecurityContext, fldPath *field.Path) field.ErrorList

ValidateSecurityContext ensure the security context contains valid settings

func ValidateService

func ValidateService(service *api.Service) field.ErrorList

ValidateService tests if required fields/annotations of a Service are valid.

func ValidateServiceAccount added in v0.21.2

func ValidateServiceAccount(serviceAccount *api.ServiceAccount) field.ErrorList

ValidateServiceAccount tests if required fields in the ServiceAccount are set.

func ValidateServiceAccountUpdate added in v0.21.2

func ValidateServiceAccountUpdate(newServiceAccount, oldServiceAccount *api.ServiceAccount) field.ErrorList

ValidateServiceAccountUpdate tests if required fields in the ServiceAccount are set.

func ValidateServiceExternalTrafficFieldsCombination added in v1.7.0

func ValidateServiceExternalTrafficFieldsCombination(service *api.Service) field.ErrorList

ValidateServiceExternalTrafficFieldsCombination validates if ExternalTrafficPolicy, HealthCheckNodePort and Type combination are legal. For update, it should be called after clearing externalTraffic related fields for the ease of transitioning between different service types.

func ValidateServiceStatusUpdate added in v1.3.0

func ValidateServiceStatusUpdate(service, oldService *api.Service) field.ErrorList

ValidateServiceStatusUpdate tests if required fields in the Service are set when updating status.

func ValidateServiceUpdate

func ValidateServiceUpdate(service, oldService *api.Service) field.ErrorList

ValidateServiceUpdate tests if required fields in the service are set during an update

func ValidateTaintsInNodeAnnotations added in v1.3.0

func ValidateTaintsInNodeAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateTaintsInNodeAnnotations tests that the serialized taints in Node.Annotations has valid data

func ValidateTolerations added in v1.7.0

func ValidateTolerations(tolerations []api.Toleration, fldPath *field.Path) field.ErrorList

ValidateTolerations tests if given tolerations have valid data.

func ValidateTolerationsInPodAnnotations added in v1.3.0

func ValidateTolerationsInPodAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidateTolerationsInPodAnnotations tests that the serialized tolerations in Pod.Annotations has valid data

func ValidateVolumeMounts added in v1.7.0

func ValidateVolumeMounts(mounts []api.VolumeMount, volumes sets.String, container *api.Container, fldPath *field.Path) field.ErrorList

func ValidateVolumes added in v1.7.0

func ValidateVolumes(volumes []api.Volume, fldPath *field.Path) (sets.String, field.ErrorList)

Types

type ValidateNameFunc

ValidateNameFunc validates that the provided name is valid for a given resource type. Not all resources have the same validation rules for names. Prefix is true if the name will have a value appended to it. If the name is not valid, this returns a list of descriptions of individual characteristics of the value that were not valid. Otherwise this returns an empty list or nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL