Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Limit the number of operations in a single json patch to be 10,000 #74000

merged 1 commit into from Feb 14, 2019
Changes from all commits
File filter...
Filter file types
Jump to…
Jump to file or symbol
Failed to load files and symbols.
+80 −0
Diff settings


Just for now

@@ -49,6 +49,11 @@ import (
utiltrace ""

const (
// maximum number of operations a single json patch may contain.
maxJSONPatchOperations = 10000

// PatchResource returns a function that will handle a resource patch.
func PatchResource(r rest.Patcher, scope RequestScope, admit admission.Interface, patchTypes []string) http.HandlerFunc {
return func(w http.ResponseWriter, req *http.Request) {
@@ -331,6 +336,11 @@ func (p *jsonPatcher) applyJSPatch(versionedJS []byte) (patchedJS []byte, retErr
if err != nil {
return nil, errors.NewBadRequest(err.Error())
if len(patchObj) > maxJSONPatchOperations {
return nil, errors.NewRequestEntityTooLargeError(

This comment has been minimized.


caesarxuchao Feb 13, 2019

Author Member

I had also considered 422 unprocessable entity, but that's for semantic error.

fmt.Sprintf("The allowed maximum operations in a JSON patch is %d, got %d",
maxJSONPatchOperations, len(patchObj)))
patchedJS, err := patchObj.Apply(versionedJS)
if err != nil {
return nil, errors.NewGenericServerResponse(http.StatusUnprocessableEntity, "", schema.GroupResource{}, "", err.Error(), 0, false)
@@ -11,6 +11,7 @@ go_test(
srcs = [
@@ -0,0 +1,69 @@
Copyright 2018 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.

package apiserver

import (

metav1 ""

// Tests that the apiserver limits the number of operations in a json patch.
func TestMaxJSONPatchOperations(t *testing.T) {
stopCh := make(chan struct{})
defer close(stopCh)
clientSet, _ := framework.StartTestServer(t, stopCh, framework.TestServerSetup{
ModifyServerRunOptions: func(opts *options.ServerRunOptions) {
opts.GenericServerRunOptions.MaxRequestBodyBytes = 1024 * 1024

p := `{"op":"add","path":"/x","value":"y"}`
// maxJSONPatchOperations = 10000
hugePatch := []byte("[" + strings.Repeat(p+",", 10000) + p + "]")

c := clientSet.CoreV1().RESTClient()
// Create a secret so we can patch it.
secret := &v1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "test",
_, err := clientSet.CoreV1().Secrets("default").Create(secret)
if err != nil {

err = c.Patch(types.JSONPatchType).AbsPath(fmt.Sprintf("/api/v1/namespaces/default/secrets/test")).
if err == nil {
t.Fatalf("unexpected no error")
if !errors.IsRequestEntityTooLargeError(err) {
t.Errorf("expected requested entity too large err, got %v", err)
if !strings.Contains(err.Error(), "The allowed maximum operations in a JSON patch is") {
t.Errorf("expected the error message to be about maximum operations, got %v", err)
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.