validate that object name adheres to RFC 1123 for flux create commands

Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2026-02-06 19:05:55 +00:00 · 2022-02-16 10:47:20 +01:00
parent 8c2983c958
commit 4a893b13f8
6 changed files with 77 additions and 4 deletions
--- a/cmd/flux/create.go
+++ b/cmd/flux/create.go
@@ -19,6 +19,7 @@ package main
 import (
 	"context"
 	"fmt"
 	"regexp"
 	"strings"
 	"time"
@@ -51,6 +52,18 @@ func init() {
 	createCmd.PersistentFlags().BoolVar(&createArgs.export, "export", false, "export in YAML format to stdout")
 	createCmd.PersistentFlags().StringSliceVar(&createArgs.labels, "label", nil,
 		"set labels on the resource (can specify multiple labels with commas: label1=value1,label2=value2)")
 	createCmd.PersistentPreRunE = func(cmd *cobra.Command, args []string) error {
 		if len(args) < 1 {
 			return fmt.Errorf("name is required")
 		}
 		name := args[0]
 		if !validateObjectName(name) {
 			return fmt.Errorf("name '%s' is invalid, it should adhere to standard defined in RFC 1123", name)
 		}
 		return nil
 	}
 	rootCmd.AddCommand(createCmd)
 }
@@ -150,3 +163,8 @@ func parseLabels() (map[string]string, error) {
 	return result, nil
 }
 func validateObjectName(name string) bool {
 	r := regexp.MustCompile("^[a-z0-9]([a-z0-9\\-]){0,61}[a-z0-9]$")
 	return r.MatchString(name)
 }
--- a/cmd/flux/create_secret_git_test.go
+++ b/cmd/flux/create_secret_git_test.go
@@ -13,7 +13,7 @@ func TestCreateGitSecret(t *testing.T) {
 		{
 			name:   "no args",
 			args:   "create secret git",
-			assert: assertError("secret name is required"),
+			assert: assertError("name is required"),
 		},
 		{
 			name:   "basic secret",
--- a/cmd/flux/create_secret_helm_test.go
+++ b/cmd/flux/create_secret_helm_test.go
@@ -12,7 +12,7 @@ func TestCreateHelmSecret(t *testing.T) {
 	}{
 		{
 			args:   "create secret helm",
-			assert: assertError("secret name is required"),
+			assert: assertError("name is required"),
 		},
 		{
 			args:   "create secret helm helm-secret --username=my-username --password=my-password --namespace=my-namespace --export",
--- a/cmd/flux/create_secret_tls_test.go
+++ b/cmd/flux/create_secret_tls_test.go
@@ -12,7 +12,7 @@ func TestCreateTlsSecretNoArgs(t *testing.T) {
 	}{
 		{
 			args:   "create secret tls",
-			assert: assertError("secret name is required"),
+			assert: assertError("name is required"),
 		},
 		{
 			args:   "create secret tls certs --namespace=my-namespace --cert-file=./testdata/create_secret/tls/test-cert.pem --key-file=./testdata/create_secret/tls/test-key.pem --export",
--- a/cmd/flux/create_source_git_test.go
+++ b/cmd/flux/create_source_git_test.go
@@ -96,7 +96,7 @@ func TestCreateSourceGit(t *testing.T) {
 		{
 			"NoArgs",
 			"create source git",
-			assertError("GitRepository source name is required"),
+			assertError("name is required"),
 			nil,
 		}, {
 			"Succeeded",
--- a/cmd/flux/create_test.go
+++ b/cmd/flux/create_test.go
@@ -0,0 +1,55 @@
 package main
 import (
 	"testing"
 	"k8s.io/apimachinery/pkg/util/rand"
 )
 func Test_validateObjectName(t *testing.T) {
 	tests := []struct {
 		name  string
 		valid bool
 	}{
 		{
 			name:  "flux-system",
 			valid: true,
 		},
 		{
 			name:  "-flux-system",
 			valid: false,
 		},
 		{
 			name:  "-flux-system-",
 			valid: false,
 		},
 		{
 			name:  "third.first",
 			valid: false,
 		},
 		{
 			name:  "THirdfirst",
 			valid: false,
 		},
 		{
 			name:  "THirdfirst",
 			valid: false,
 		},
 		{
 			name:  rand.String(63),
 			valid: true,
 		},
 		{
 			name:  rand.String(64),
 			valid: false,
 		},
 	}
 	for _, tt := range tests {
 		valid := validateObjectName(tt.name)
 		if valid != tt.valid {
 			t.Errorf("expected name %q to return %t for validateObjectName func but got %t",
 				tt.name, tt.valid, valid)
 		}
 	}
 }