diff options
Diffstat (limited to 'vendor/k8s.io/apimachinery/pkg/util/validation/validation.go')
-rw-r--r-- | vendor/k8s.io/apimachinery/pkg/util/validation/validation.go | 503 |
1 files changed, 0 insertions, 503 deletions
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go b/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go deleted file mode 100644 index c8b419984..000000000 --- a/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go +++ /dev/null @@ -1,503 +0,0 @@ -/* -Copyright 2014 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package validation - -import ( - "fmt" - "math" - "net" - "regexp" - "strconv" - "strings" - - "k8s.io/apimachinery/pkg/util/validation/field" -) - -const qnameCharFmt string = "[A-Za-z0-9]" -const qnameExtCharFmt string = "[-A-Za-z0-9_.]" -const qualifiedNameFmt string = "(" + qnameCharFmt + qnameExtCharFmt + "*)?" + qnameCharFmt -const qualifiedNameErrMsg string = "must consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character" -const qualifiedNameMaxLength int = 63 - -var qualifiedNameRegexp = regexp.MustCompile("^" + qualifiedNameFmt + "$") - -// IsQualifiedName tests whether the value passed is what Kubernetes calls a -// "qualified name". This is a format used in various places throughout the -// system. If the value is not valid, a list of error strings is returned. -// Otherwise an empty list (or nil) is returned. -func IsQualifiedName(value string) []string { - var errs []string - parts := strings.Split(value, "/") - var name string - switch len(parts) { - case 1: - name = parts[0] - case 2: - var prefix string - prefix, name = parts[0], parts[1] - if len(prefix) == 0 { - errs = append(errs, "prefix part "+EmptyError()) - } else if msgs := IsDNS1123Subdomain(prefix); len(msgs) != 0 { - errs = append(errs, prefixEach(msgs, "prefix part ")...) - } - default: - return append(errs, "a qualified name "+RegexError(qualifiedNameErrMsg, qualifiedNameFmt, "MyName", "my.name", "123-abc")+ - " with an optional DNS subdomain prefix and '/' (e.g. 'example.com/MyName')") - } - - if len(name) == 0 { - errs = append(errs, "name part "+EmptyError()) - } else if len(name) > qualifiedNameMaxLength { - errs = append(errs, "name part "+MaxLenError(qualifiedNameMaxLength)) - } - if !qualifiedNameRegexp.MatchString(name) { - errs = append(errs, "name part "+RegexError(qualifiedNameErrMsg, qualifiedNameFmt, "MyName", "my.name", "123-abc")) - } - return errs -} - -// IsFullyQualifiedName checks if the name is fully qualified. This is similar -// to IsFullyQualifiedDomainName but requires a minimum of 3 segments instead of -// 2 and does not accept a trailing . as valid. -// TODO: This function is deprecated and preserved until all callers migrate to -// IsFullyQualifiedDomainName; please don't add new callers. -func IsFullyQualifiedName(fldPath *field.Path, name string) field.ErrorList { - var allErrors field.ErrorList - if len(name) == 0 { - return append(allErrors, field.Required(fldPath, "")) - } - if errs := IsDNS1123Subdomain(name); len(errs) > 0 { - return append(allErrors, field.Invalid(fldPath, name, strings.Join(errs, ","))) - } - if len(strings.Split(name, ".")) < 3 { - return append(allErrors, field.Invalid(fldPath, name, "should be a domain with at least three segments separated by dots")) - } - return allErrors -} - -// IsFullyQualifiedDomainName checks if the domain name is fully qualified. This -// is similar to IsFullyQualifiedName but only requires a minimum of 2 segments -// instead of 3 and accepts a trailing . as valid. -func IsFullyQualifiedDomainName(fldPath *field.Path, name string) field.ErrorList { - var allErrors field.ErrorList - if len(name) == 0 { - return append(allErrors, field.Required(fldPath, "")) - } - if strings.HasSuffix(name, ".") { - name = name[:len(name)-1] - } - if errs := IsDNS1123Subdomain(name); len(errs) > 0 { - return append(allErrors, field.Invalid(fldPath, name, strings.Join(errs, ","))) - } - if len(strings.Split(name, ".")) < 2 { - return append(allErrors, field.Invalid(fldPath, name, "should be a domain with at least two segments separated by dots")) - } - for _, label := range strings.Split(name, ".") { - if errs := IsDNS1123Label(label); len(errs) > 0 { - return append(allErrors, field.Invalid(fldPath, label, strings.Join(errs, ","))) - } - } - return allErrors -} - -// Allowed characters in an HTTP Path as defined by RFC 3986. A HTTP path may -// contain: -// * unreserved characters (alphanumeric, '-', '.', '_', '~') -// * percent-encoded octets -// * sub-delims ("!", "$", "&", "'", "(", ")", "*", "+", ",", ";", "=") -// * a colon character (":") -const httpPathFmt string = `[A-Za-z0-9/\-._~%!$&'()*+,;=:]+` - -var httpPathRegexp = regexp.MustCompile("^" + httpPathFmt + "$") - -// IsDomainPrefixedPath checks if the given string is a domain-prefixed path -// (e.g. acme.io/foo). All characters before the first "/" must be a valid -// subdomain as defined by RFC 1123. All characters trailing the first "/" must -// be valid HTTP Path characters as defined by RFC 3986. -func IsDomainPrefixedPath(fldPath *field.Path, dpPath string) field.ErrorList { - var allErrs field.ErrorList - if len(dpPath) == 0 { - return append(allErrs, field.Required(fldPath, "")) - } - - segments := strings.SplitN(dpPath, "/", 2) - if len(segments) != 2 || len(segments[0]) == 0 || len(segments[1]) == 0 { - return append(allErrs, field.Invalid(fldPath, dpPath, "must be a domain-prefixed path (such as \"acme.io/foo\")")) - } - - host := segments[0] - for _, err := range IsDNS1123Subdomain(host) { - allErrs = append(allErrs, field.Invalid(fldPath, host, err)) - } - - path := segments[1] - if !httpPathRegexp.MatchString(path) { - return append(allErrs, field.Invalid(fldPath, path, RegexError("Invalid path", httpPathFmt))) - } - - return allErrs -} - -const labelValueFmt string = "(" + qualifiedNameFmt + ")?" -const labelValueErrMsg string = "a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character" - -// LabelValueMaxLength is a label's max length -const LabelValueMaxLength int = 63 - -var labelValueRegexp = regexp.MustCompile("^" + labelValueFmt + "$") - -// IsValidLabelValue tests whether the value passed is a valid label value. If -// the value is not valid, a list of error strings is returned. Otherwise an -// empty list (or nil) is returned. -func IsValidLabelValue(value string) []string { - var errs []string - if len(value) > LabelValueMaxLength { - errs = append(errs, MaxLenError(LabelValueMaxLength)) - } - if !labelValueRegexp.MatchString(value) { - errs = append(errs, RegexError(labelValueErrMsg, labelValueFmt, "MyValue", "my_value", "12345")) - } - return errs -} - -const dns1123LabelFmt string = "[a-z0-9]([-a-z0-9]*[a-z0-9])?" -const dns1123LabelErrMsg string = "a lowercase RFC 1123 label must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character" - -// DNS1123LabelMaxLength is a label's max length in DNS (RFC 1123) -const DNS1123LabelMaxLength int = 63 - -var dns1123LabelRegexp = regexp.MustCompile("^" + dns1123LabelFmt + "$") - -// IsDNS1123Label tests for a string that conforms to the definition of a label in -// DNS (RFC 1123). -func IsDNS1123Label(value string) []string { - var errs []string - if len(value) > DNS1123LabelMaxLength { - errs = append(errs, MaxLenError(DNS1123LabelMaxLength)) - } - if !dns1123LabelRegexp.MatchString(value) { - errs = append(errs, RegexError(dns1123LabelErrMsg, dns1123LabelFmt, "my-name", "123-abc")) - } - return errs -} - -const dns1123SubdomainFmt string = dns1123LabelFmt + "(\\." + dns1123LabelFmt + ")*" -const dns1123SubdomainErrorMsg string = "a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character" - -// DNS1123SubdomainMaxLength is a subdomain's max length in DNS (RFC 1123) -const DNS1123SubdomainMaxLength int = 253 - -var dns1123SubdomainRegexp = regexp.MustCompile("^" + dns1123SubdomainFmt + "$") - -// IsDNS1123Subdomain tests for a string that conforms to the definition of a -// subdomain in DNS (RFC 1123). -func IsDNS1123Subdomain(value string) []string { - var errs []string - if len(value) > DNS1123SubdomainMaxLength { - errs = append(errs, MaxLenError(DNS1123SubdomainMaxLength)) - } - if !dns1123SubdomainRegexp.MatchString(value) { - errs = append(errs, RegexError(dns1123SubdomainErrorMsg, dns1123SubdomainFmt, "example.com")) - } - return errs -} - -const dns1035LabelFmt string = "[a-z]([-a-z0-9]*[a-z0-9])?" -const dns1035LabelErrMsg string = "a DNS-1035 label must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character" - -// DNS1035LabelMaxLength is a label's max length in DNS (RFC 1035) -const DNS1035LabelMaxLength int = 63 - -var dns1035LabelRegexp = regexp.MustCompile("^" + dns1035LabelFmt + "$") - -// IsDNS1035Label tests for a string that conforms to the definition of a label in -// DNS (RFC 1035). -func IsDNS1035Label(value string) []string { - var errs []string - if len(value) > DNS1035LabelMaxLength { - errs = append(errs, MaxLenError(DNS1035LabelMaxLength)) - } - if !dns1035LabelRegexp.MatchString(value) { - errs = append(errs, RegexError(dns1035LabelErrMsg, dns1035LabelFmt, "my-name", "abc-123")) - } - return errs -} - -// wildcard definition - RFC 1034 section 4.3.3. -// examples: -// - valid: *.bar.com, *.foo.bar.com -// - invalid: *.*.bar.com, *.foo.*.com, *bar.com, f*.bar.com, * -const wildcardDNS1123SubdomainFmt = "\\*\\." + dns1123SubdomainFmt -const wildcardDNS1123SubdomainErrMsg = "a wildcard DNS-1123 subdomain must start with '*.', followed by a valid DNS subdomain, which must consist of lower case alphanumeric characters, '-' or '.' and end with an alphanumeric character" - -// IsWildcardDNS1123Subdomain tests for a string that conforms to the definition of a -// wildcard subdomain in DNS (RFC 1034 section 4.3.3). -func IsWildcardDNS1123Subdomain(value string) []string { - wildcardDNS1123SubdomainRegexp := regexp.MustCompile("^" + wildcardDNS1123SubdomainFmt + "$") - - var errs []string - if len(value) > DNS1123SubdomainMaxLength { - errs = append(errs, MaxLenError(DNS1123SubdomainMaxLength)) - } - if !wildcardDNS1123SubdomainRegexp.MatchString(value) { - errs = append(errs, RegexError(wildcardDNS1123SubdomainErrMsg, wildcardDNS1123SubdomainFmt, "*.example.com")) - } - return errs -} - -const cIdentifierFmt string = "[A-Za-z_][A-Za-z0-9_]*" -const identifierErrMsg string = "a valid C identifier must start with alphabetic character or '_', followed by a string of alphanumeric characters or '_'" - -var cIdentifierRegexp = regexp.MustCompile("^" + cIdentifierFmt + "$") - -// IsCIdentifier tests for a string that conforms the definition of an identifier -// in C. This checks the format, but not the length. -func IsCIdentifier(value string) []string { - if !cIdentifierRegexp.MatchString(value) { - return []string{RegexError(identifierErrMsg, cIdentifierFmt, "my_name", "MY_NAME", "MyName")} - } - return nil -} - -// IsValidPortNum tests that the argument is a valid, non-zero port number. -func IsValidPortNum(port int) []string { - if 1 <= port && port <= 65535 { - return nil - } - return []string{InclusiveRangeError(1, 65535)} -} - -// IsInRange tests that the argument is in an inclusive range. -func IsInRange(value int, min int, max int) []string { - if value >= min && value <= max { - return nil - } - return []string{InclusiveRangeError(min, max)} -} - -// Now in libcontainer UID/GID limits is 0 ~ 1<<31 - 1 -// TODO: once we have a type for UID/GID we should make these that type. -const ( - minUserID = 0 - maxUserID = math.MaxInt32 - minGroupID = 0 - maxGroupID = math.MaxInt32 -) - -// IsValidGroupID tests that the argument is a valid Unix GID. -func IsValidGroupID(gid int64) []string { - if minGroupID <= gid && gid <= maxGroupID { - return nil - } - return []string{InclusiveRangeError(minGroupID, maxGroupID)} -} - -// IsValidUserID tests that the argument is a valid Unix UID. -func IsValidUserID(uid int64) []string { - if minUserID <= uid && uid <= maxUserID { - return nil - } - return []string{InclusiveRangeError(minUserID, maxUserID)} -} - -var portNameCharsetRegex = regexp.MustCompile("^[-a-z0-9]+$") -var portNameOneLetterRegexp = regexp.MustCompile("[a-z]") - -// IsValidPortName check that the argument is valid syntax. It must be -// non-empty and no more than 15 characters long. It may contain only [-a-z0-9] -// and must contain at least one letter [a-z]. It must not start or end with a -// hyphen, nor contain adjacent hyphens. -// -// Note: We only allow lower-case characters, even though RFC 6335 is case -// insensitive. -func IsValidPortName(port string) []string { - var errs []string - if len(port) > 15 { - errs = append(errs, MaxLenError(15)) - } - if !portNameCharsetRegex.MatchString(port) { - errs = append(errs, "must contain only alpha-numeric characters (a-z, 0-9), and hyphens (-)") - } - if !portNameOneLetterRegexp.MatchString(port) { - errs = append(errs, "must contain at least one letter or number (a-z, 0-9)") - } - if strings.Contains(port, "--") { - errs = append(errs, "must not contain consecutive hyphens") - } - if len(port) > 0 && (port[0] == '-' || port[len(port)-1] == '-') { - errs = append(errs, "must not begin or end with a hyphen") - } - return errs -} - -// IsValidIP tests that the argument is a valid IP address. -func IsValidIP(value string) []string { - if net.ParseIP(value) == nil { - return []string{"must be a valid IP address, (e.g. 10.9.8.7 or 2001:db8::ffff)"} - } - return nil -} - -// IsValidIPv4Address tests that the argument is a valid IPv4 address. -func IsValidIPv4Address(fldPath *field.Path, value string) field.ErrorList { - var allErrors field.ErrorList - ip := net.ParseIP(value) - if ip == nil || ip.To4() == nil { - allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IPv4 address")) - } - return allErrors -} - -// IsValidIPv6Address tests that the argument is a valid IPv6 address. -func IsValidIPv6Address(fldPath *field.Path, value string) field.ErrorList { - var allErrors field.ErrorList - ip := net.ParseIP(value) - if ip == nil || ip.To4() != nil { - allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IPv6 address")) - } - return allErrors -} - -const percentFmt string = "[0-9]+%" -const percentErrMsg string = "a valid percent string must be a numeric string followed by an ending '%'" - -var percentRegexp = regexp.MustCompile("^" + percentFmt + "$") - -// IsValidPercent checks that string is in the form of a percentage -func IsValidPercent(percent string) []string { - if !percentRegexp.MatchString(percent) { - return []string{RegexError(percentErrMsg, percentFmt, "1%", "93%")} - } - return nil -} - -const httpHeaderNameFmt string = "[-A-Za-z0-9]+" -const httpHeaderNameErrMsg string = "a valid HTTP header must consist of alphanumeric characters or '-'" - -var httpHeaderNameRegexp = regexp.MustCompile("^" + httpHeaderNameFmt + "$") - -// IsHTTPHeaderName checks that a string conforms to the Go HTTP library's -// definition of a valid header field name (a stricter subset than RFC7230). -func IsHTTPHeaderName(value string) []string { - if !httpHeaderNameRegexp.MatchString(value) { - return []string{RegexError(httpHeaderNameErrMsg, httpHeaderNameFmt, "X-Header-Name")} - } - return nil -} - -const envVarNameFmt = "[-._a-zA-Z][-._a-zA-Z0-9]*" -const envVarNameFmtErrMsg string = "a valid environment variable name must consist of alphabetic characters, digits, '_', '-', or '.', and must not start with a digit" - -var envVarNameRegexp = regexp.MustCompile("^" + envVarNameFmt + "$") - -// IsEnvVarName tests if a string is a valid environment variable name. -func IsEnvVarName(value string) []string { - var errs []string - if !envVarNameRegexp.MatchString(value) { - errs = append(errs, RegexError(envVarNameFmtErrMsg, envVarNameFmt, "my.env-name", "MY_ENV.NAME", "MyEnvName1")) - } - - errs = append(errs, hasChDirPrefix(value)...) - return errs -} - -const configMapKeyFmt = `[-._a-zA-Z0-9]+` -const configMapKeyErrMsg string = "a valid config key must consist of alphanumeric characters, '-', '_' or '.'" - -var configMapKeyRegexp = regexp.MustCompile("^" + configMapKeyFmt + "$") - -// IsConfigMapKey tests for a string that is a valid key for a ConfigMap or Secret -func IsConfigMapKey(value string) []string { - var errs []string - if len(value) > DNS1123SubdomainMaxLength { - errs = append(errs, MaxLenError(DNS1123SubdomainMaxLength)) - } - if !configMapKeyRegexp.MatchString(value) { - errs = append(errs, RegexError(configMapKeyErrMsg, configMapKeyFmt, "key.name", "KEY_NAME", "key-name")) - } - errs = append(errs, hasChDirPrefix(value)...) - return errs -} - -// MaxLenError returns a string explanation of a "string too long" validation -// failure. -func MaxLenError(length int) string { - return fmt.Sprintf("must be no more than %d characters", length) -} - -// RegexError returns a string explanation of a regex validation failure. -func RegexError(msg string, fmt string, examples ...string) string { - if len(examples) == 0 { - return msg + " (regex used for validation is '" + fmt + "')" - } - msg += " (e.g. " - for i := range examples { - if i > 0 { - msg += " or " - } - msg += "'" + examples[i] + "', " - } - msg += "regex used for validation is '" + fmt + "')" - return msg -} - -// EmptyError returns a string explanation of a "must not be empty" validation -// failure. -func EmptyError() string { - return "must be non-empty" -} - -func prefixEach(msgs []string, prefix string) []string { - for i := range msgs { - msgs[i] = prefix + msgs[i] - } - return msgs -} - -// InclusiveRangeError returns a string explanation of a numeric "must be -// between" validation failure. -func InclusiveRangeError(lo, hi int) string { - return fmt.Sprintf(`must be between %d and %d, inclusive`, lo, hi) -} - -func hasChDirPrefix(value string) []string { - var errs []string - switch { - case value == ".": - errs = append(errs, `must not be '.'`) - case value == "..": - errs = append(errs, `must not be '..'`) - case strings.HasPrefix(value, ".."): - errs = append(errs, `must not start with '..'`) - } - return errs -} - -// IsValidSocketAddr checks that string represents a valid socket address -// as defined in RFC 789. (e.g 0.0.0.0:10254 or [::]:10254)) -func IsValidSocketAddr(value string) []string { - var errs []string - ip, port, err := net.SplitHostPort(value) - if err != nil { - errs = append(errs, "must be a valid socket address format, (e.g. 0.0.0.0:10254 or [::]:10254)") - return errs - } - portInt, _ := strconv.Atoi(port) - errs = append(errs, IsValidPortNum(portInt)...) - errs = append(errs, IsValidIP(ip)...) - return errs -} |