summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2022-04-26 15:53:36 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2022-04-27 04:39:05 -0400
commit7259a6315c7f7d97665d928de6357fc3cbcae136 (patch)
treea47443744f1e5cd7504e15bba29fb0a661ef6f3d /libpod
parent5ac00a7287e4a9e6292f4a6ca5dfa9a02e5ca907 (diff)
downloadpodman-7259a6315c7f7d97665d928de6357fc3cbcae136.tar.gz
podman-7259a6315c7f7d97665d928de6357fc3cbcae136.tar.bz2
podman-7259a6315c7f7d97665d928de6357fc3cbcae136.zip
Truncate annotations when generating kubernetes yaml files
Kubernetes only allows 63 characters in an annotation. Make sure that we only add 63 or less charaters when generating kube. Warn if containers or pods have longer length and truncate. Discussion: https://github.com/containers/podman/discussions/13901 Fixes: https://github.com/containers/podman/issues/13962 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r--libpod/define/annotations.go2
-rw-r--r--libpod/kube.go38
2 files changed, 30 insertions, 10 deletions
diff --git a/libpod/define/annotations.go b/libpod/define/annotations.go
index a83fbff0b..8f5279981 100644
--- a/libpod/define/annotations.go
+++ b/libpod/define/annotations.go
@@ -135,6 +135,8 @@ const (
// creating a checkpoint image to specify the name of host distribution on
// which the checkpoint was created.
CheckpointAnnotationDistributionName = "io.podman.annotations.checkpoint.distribution.name"
+ // MaxKubeAnnotation is the max length of annotations allowed by Kubernetes.
+ MaxKubeAnnotation = 63
)
// IsReservedAnnotation returns true if the specified value corresponds to an
diff --git a/libpod/kube.go b/libpod/kube.go
index eb62643fe..2e2b956d9 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -10,6 +10,7 @@ import (
"strconv"
"strings"
"time"
+ "unicode/utf8"
"github.com/containers/common/libnetwork/types"
"github.com/containers/common/pkg/config"
@@ -288,6 +289,16 @@ func newServicePortState() servicePortState {
}
}
+func TruncateKubeAnnotation(str string) string {
+ str = strings.TrimSpace(str)
+ if utf8.RuneCountInString(str) < define.MaxKubeAnnotation {
+ return str
+ }
+ trunc := string([]rune(str)[:define.MaxKubeAnnotation])
+ logrus.Warnf("Truncation Annotation: %q to %q: Kubernetes only allows %d characters", str, trunc, define.MaxKubeAnnotation)
+ return trunc
+}
+
// containerPortsToServicePorts takes a slice of containerports and generates a
// slice of service ports
func (state *servicePortState) containerPortsToServicePorts(containerPorts []v1.ContainerPort) ([]v1.ServicePort, error) {
@@ -348,11 +359,13 @@ func (p *Pod) podWithContainers(ctx context.Context, containers []*Container, po
for _, ctr := range containers {
if !ctr.IsInfra() {
+ for k, v := range ctr.config.Spec.Annotations {
+ podAnnotations[fmt.Sprintf("%s/%s", k, removeUnderscores(ctr.Name()))] = TruncateKubeAnnotation(v)
+ }
// Convert auto-update labels into kube annotations
- for k, v := range getAutoUpdateAnnotations(removeUnderscores(ctr.Name()), ctr.Labels()) {
- podAnnotations[k] = v
+ for k, v := range getAutoUpdateAnnotations(ctr.Name(), ctr.Labels()) {
+ podAnnotations[k] = TruncateKubeAnnotation(v)
}
-
isInit := ctr.IsInitCtr()
ctr, volumes, _, annotations, err := containerToV1Container(ctx, ctr)
@@ -360,7 +373,7 @@ func (p *Pod) podWithContainers(ctx context.Context, containers []*Container, po
return nil, err
}
for k, v := range annotations {
- podAnnotations[define.BindMountPrefix+k] = strings.TrimSpace(v)
+ podAnnotations[define.BindMountPrefix+k] = TruncateKubeAnnotation(v)
}
// Since port bindings for the pod are handled by the
// infra container, wipe them here.
@@ -466,10 +479,14 @@ func simplePodWithV1Containers(ctx context.Context, ctrs []*Container) (*v1.Pod,
kubeAnnotations := make(map[string]string)
ctrNames := make([]string, 0, len(ctrs))
for _, ctr := range ctrs {
- ctrNames = append(ctrNames, strings.ReplaceAll(ctr.Name(), "_", ""))
+ ctrNames = append(ctrNames, removeUnderscores(ctr.Name()))
+ for k, v := range ctr.config.Spec.Annotations {
+ kubeAnnotations[fmt.Sprintf("%s/%s", k, removeUnderscores(ctr.Name()))] = TruncateKubeAnnotation(v)
+ }
+
// Convert auto-update labels into kube annotations
- for k, v := range getAutoUpdateAnnotations(removeUnderscores(ctr.Name()), ctr.Labels()) {
- kubeAnnotations[k] = v
+ for k, v := range getAutoUpdateAnnotations(ctr.Name(), ctr.Labels()) {
+ kubeAnnotations[k] = TruncateKubeAnnotation(v)
}
isInit := ctr.IsInitCtr()
@@ -482,7 +499,7 @@ func simplePodWithV1Containers(ctx context.Context, ctrs []*Container) (*v1.Pod,
return nil, err
}
for k, v := range annotations {
- kubeAnnotations[define.BindMountPrefix+k] = strings.TrimSpace(v)
+ kubeAnnotations[define.BindMountPrefix+k] = TruncateKubeAnnotation(v)
}
if isInit {
kubeInitCtrs = append(kubeInitCtrs, kubeCtr)
@@ -523,7 +540,7 @@ func simplePodWithV1Containers(ctx context.Context, ctrs []*Container) (*v1.Pod,
}
} // end if ctrDNS
}
- podName := strings.ReplaceAll(ctrs[0].Name(), "_", "")
+ podName := removeUnderscores(ctrs[0].Name())
// Check if the pod name and container name will end up conflicting
// Append -pod if so
if util.StringInSlice(podName, ctrNames) {
@@ -1051,12 +1068,13 @@ func getAutoUpdateAnnotations(ctrName string, ctrLabels map[string]string) map[s
autoUpdateLabel := "io.containers.autoupdate"
annotations := make(map[string]string)
+ ctrName = removeUnderscores(ctrName)
for k, v := range ctrLabels {
if strings.Contains(k, autoUpdateLabel) {
// since labels can variate between containers within a pod, they will be
// identified with the container name when converted into kube annotations
kc := fmt.Sprintf("%s/%s", k, ctrName)
- annotations[kc] = v
+ annotations[kc] = TruncateKubeAnnotation(v)
}
}