Skip to content

Commit

Permalink
Merge pull request #10599 from olemarkus/validate-cloud-labels
Browse files Browse the repository at this point in the history 
Validate cluster cloud labels
  • Loading branch information
@k8s-ci-robot
k8s-ci-robot committed Jan 17, 2021
2 parents 892aca0 + 381875b commit 70a9804
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 2 deletions.
41 changes: 41 additions & 0 deletions pkg/apis/kops/validation/cluster.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ limitations under the License.
package validation

import (
"fmt"
"strings"

"k8s.io/apimachinery/pkg/util/validation/field"
"k8s.io/kops/pkg/apis/kops"
"k8s.io/kops/upup/pkg/fi"
Expand Down Expand Up @@ -51,6 +54,8 @@ func ValidateClusterUpdate(obj *kops.Cluster, status *kops.ClusterStatus, old *k
}
}

allErrs = append(allErrs, validateClusterCloudLabels(obj, field.NewPath("spec", "cloudLabels"))...)

return allErrs
}

Expand Down Expand Up @@ -119,3 +124,39 @@ func validateEtcdMemberUpdate(fp *field.Path, obj kops.EtcdMemberSpec, status *k

return allErrs
}

func validateClusterCloudLabels(cluster *kops.Cluster, fldPath *field.Path) (allErrs field.ErrorList) {
labels := cluster.Spec.CloudLabels
if labels == nil {
return allErrs
}

reservedKeys := []string{
"Name",
"KubernetesCluster",
}

for _, reservedKey := range reservedKeys {
_, hasKey := labels[reservedKey]
if hasKey {
allErrs = append(allErrs, field.Forbidden(fldPath.Child(reservedKey), fmt.Sprintf("%q is a reserved label and cannot be used as a custom label", reservedKey)))
}
}

reservedPrefixes := []string{
"kops.k8s.io/",
"k8s.io/",
"kubernetes.io/",
}

for _, reservedPrefix := range reservedPrefixes {
for label := range labels {
if strings.HasPrefix(label, reservedPrefix) {
allErrs = append(allErrs, field.Forbidden(fldPath.Child(label), fmt.Sprintf("%q is a reserved label prefix and cannot be used as a custom label", reservedPrefix)))

}
}
}

return allErrs
}
4 changes: 2 additions & 2 deletions pkg/apis/kops/validation/instancegroup.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ func ValidateInstanceGroup(g *kops.InstanceGroup, cloud fi.Cloud) field.ErrorLis
}

if g.Spec.CloudLabels != nil {
allErrs = append(allErrs, validateCloudLabels(g, field.NewPath("spec", "cloudLabels"))...)
allErrs = append(allErrs, validateIGCloudLabels(g, field.NewPath("spec", "cloudLabels"))...)
}

if cloud != nil && cloud.ProviderID() == kops.CloudProviderAWS {
Expand Down Expand Up @@ -275,7 +275,7 @@ func validateNodeLabels(labels map[string]string, fldPath *field.Path) (allErrs
return allErrs
}

func validateCloudLabels(ig *kops.InstanceGroup, fldPath *field.Path) (allErrs field.ErrorList) {
func validateIGCloudLabels(ig *kops.InstanceGroup, fldPath *field.Path) (allErrs field.ErrorList) {
labels := ig.Spec.CloudLabels
if labels == nil {
return allErrs
Expand Down

0 comments on commit 70a9804

Please sign in to comment.