From 4a893b13f8683ff127ffb4a83e64e5a5495c2bbe Mon Sep 17 00:00:00 2001 From: Somtochi Onyekwere Date: Wed, 16 Feb 2022 10:47:20 +0100 Subject: [PATCH 1/2] validate that object name adheres to RFC 1123 for flux create commands Signed-off-by: Somtochi Onyekwere --- cmd/flux/create.go | 18 ++++++++++ cmd/flux/create_secret_git_test.go | 2 +- cmd/flux/create_secret_helm_test.go | 2 +- cmd/flux/create_secret_tls_test.go | 2 +- cmd/flux/create_source_git_test.go | 2 +- cmd/flux/create_test.go | 55 +++++++++++++++++++++++++++++ 6 files changed, 77 insertions(+), 4 deletions(-) create mode 100644 cmd/flux/create_test.go diff --git a/cmd/flux/create.go b/cmd/flux/create.go index 758a2f54..1c3d99ef 100644 --- a/cmd/flux/create.go +++ b/cmd/flux/create.go @@ -19,6 +19,7 @@ package main import ( "context" "fmt" + "regexp" "strings" "time" @@ -51,6 +52,18 @@ func init() { createCmd.PersistentFlags().BoolVar(&createArgs.export, "export", false, "export in YAML format to stdout") createCmd.PersistentFlags().StringSliceVar(&createArgs.labels, "label", nil, "set labels on the resource (can specify multiple labels with commas: label1=value1,label2=value2)") + createCmd.PersistentPreRunE = func(cmd *cobra.Command, args []string) error { + if len(args) < 1 { + return fmt.Errorf("name is required") + } + + name := args[0] + if !validateObjectName(name) { + return fmt.Errorf("name '%s' is invalid, it should adhere to standard defined in RFC 1123", name) + } + + return nil + } rootCmd.AddCommand(createCmd) } @@ -150,3 +163,8 @@ func parseLabels() (map[string]string, error) { return result, nil } + +func validateObjectName(name string) bool { + r := regexp.MustCompile("^[a-z0-9]([a-z0-9\\-]){0,61}[a-z0-9]$") + return r.MatchString(name) +} diff --git a/cmd/flux/create_secret_git_test.go b/cmd/flux/create_secret_git_test.go index 01a3e929..16ff400a 100644 --- a/cmd/flux/create_secret_git_test.go +++ b/cmd/flux/create_secret_git_test.go @@ -13,7 +13,7 @@ func TestCreateGitSecret(t *testing.T) { { name: "no args", args: "create secret git", - assert: assertError("secret name is required"), + assert: assertError("name is required"), }, { name: "basic secret", diff --git a/cmd/flux/create_secret_helm_test.go b/cmd/flux/create_secret_helm_test.go index 04c96dbb..fe0bc0c9 100644 --- a/cmd/flux/create_secret_helm_test.go +++ b/cmd/flux/create_secret_helm_test.go @@ -12,7 +12,7 @@ func TestCreateHelmSecret(t *testing.T) { }{ { args: "create secret helm", - assert: assertError("secret name is required"), + assert: assertError("name is required"), }, { args: "create secret helm helm-secret --username=my-username --password=my-password --namespace=my-namespace --export", diff --git a/cmd/flux/create_secret_tls_test.go b/cmd/flux/create_secret_tls_test.go index 8085c584..31d49200 100644 --- a/cmd/flux/create_secret_tls_test.go +++ b/cmd/flux/create_secret_tls_test.go @@ -12,7 +12,7 @@ func TestCreateTlsSecretNoArgs(t *testing.T) { }{ { args: "create secret tls", - assert: assertError("secret name is required"), + assert: assertError("name is required"), }, { args: "create secret tls certs --namespace=my-namespace --cert-file=./testdata/create_secret/tls/test-cert.pem --key-file=./testdata/create_secret/tls/test-key.pem --export", diff --git a/cmd/flux/create_source_git_test.go b/cmd/flux/create_source_git_test.go index 1b391bce..73c1724a 100644 --- a/cmd/flux/create_source_git_test.go +++ b/cmd/flux/create_source_git_test.go @@ -96,7 +96,7 @@ func TestCreateSourceGit(t *testing.T) { { "NoArgs", "create source git", - assertError("GitRepository source name is required"), + assertError("name is required"), nil, }, { "Succeeded", diff --git a/cmd/flux/create_test.go b/cmd/flux/create_test.go new file mode 100644 index 00000000..ee38fe50 --- /dev/null +++ b/cmd/flux/create_test.go @@ -0,0 +1,55 @@ +package main + +import ( + "testing" + + "k8s.io/apimachinery/pkg/util/rand" +) + +func Test_validateObjectName(t *testing.T) { + tests := []struct { + name string + valid bool + }{ + { + name: "flux-system", + valid: true, + }, + { + name: "-flux-system", + valid: false, + }, + { + name: "-flux-system-", + valid: false, + }, + { + name: "third.first", + valid: false, + }, + { + name: "THirdfirst", + valid: false, + }, + { + name: "THirdfirst", + valid: false, + }, + { + name: rand.String(63), + valid: true, + }, + { + name: rand.String(64), + valid: false, + }, + } + + for _, tt := range tests { + valid := validateObjectName(tt.name) + if valid != tt.valid { + t.Errorf("expected name %q to return %t for validateObjectName func but got %t", + tt.name, tt.valid, valid) + } + } +} From d7129d6b5563d7c1b07f7056508e9e99c49fab7b Mon Sep 17 00:00:00 2001 From: Somtochi Onyekwere Date: Wed, 16 Feb 2022 11:04:05 +0100 Subject: [PATCH 2/2] Remove validation from sub-commands Signed-off-by: Somtochi Onyekwere --- cmd/flux/create.go | 2 +- cmd/flux/create_alert.go | 3 --- cmd/flux/create_alertprovider.go | 3 --- cmd/flux/create_helmrelease.go | 3 --- cmd/flux/create_image_policy.go | 3 --- cmd/flux/create_image_repository.go | 3 --- cmd/flux/create_image_update.go | 3 --- cmd/flux/create_kustomization.go | 3 --- cmd/flux/create_receiver.go | 3 --- cmd/flux/create_secret_git.go | 3 --- cmd/flux/create_secret_helm.go | 4 ---- cmd/flux/create_secret_tls.go | 4 ---- cmd/flux/create_source_bucket.go | 3 --- cmd/flux/create_source_git.go | 3 --- cmd/flux/create_source_helm.go | 3 --- cmd/flux/create_tenant.go | 3 --- 16 files changed, 1 insertion(+), 48 deletions(-) diff --git a/cmd/flux/create.go b/cmd/flux/create.go index 1c3d99ef..9aed0c43 100644 --- a/cmd/flux/create.go +++ b/cmd/flux/create.go @@ -59,7 +59,7 @@ func init() { name := args[0] if !validateObjectName(name) { - return fmt.Errorf("name '%s' is invalid, it should adhere to standard defined in RFC 1123", name) + return fmt.Errorf("name '%s' is invalid, it should adhere to standard defined in RFC 1123, the name can only contain alphanumeric characters or '-'", name) } return nil diff --git a/cmd/flux/create_alert.go b/cmd/flux/create_alert.go index 0a5ea93a..7f9968b8 100644 --- a/cmd/flux/create_alert.go +++ b/cmd/flux/create_alert.go @@ -63,9 +63,6 @@ func init() { } func createAlertCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("Alert name is required") - } name := args[0] if alertArgs.providerRef == "" { diff --git a/cmd/flux/create_alertprovider.go b/cmd/flux/create_alertprovider.go index 7d5bf640..2663482c 100644 --- a/cmd/flux/create_alertprovider.go +++ b/cmd/flux/create_alertprovider.go @@ -73,9 +73,6 @@ func init() { } func createAlertProviderCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("Provider name is required") - } name := args[0] if alertProviderArgs.alertType == "" { diff --git a/cmd/flux/create_helmrelease.go b/cmd/flux/create_helmrelease.go index 2072c720..d8f37cc5 100644 --- a/cmd/flux/create_helmrelease.go +++ b/cmd/flux/create_helmrelease.go @@ -139,9 +139,6 @@ func init() { } func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("HelmRelease name is required") - } name := args[0] if helmReleaseArgs.chart == "" { diff --git a/cmd/flux/create_image_policy.go b/cmd/flux/create_image_policy.go index 05cb5c14..b9d8eb1a 100644 --- a/cmd/flux/create_image_policy.go +++ b/cmd/flux/create_image_policy.go @@ -84,9 +84,6 @@ func (obj imagePolicyAdapter) getObservedGeneration() int64 { } func createImagePolicyRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("ImagePolicy name is required") - } objectName := args[0] if imagePolicyArgs.imageRef == "" { diff --git a/cmd/flux/create_image_repository.go b/cmd/flux/create_image_repository.go index b5ffdcb8..140658f3 100644 --- a/cmd/flux/create_image_repository.go +++ b/cmd/flux/create_image_repository.go @@ -83,9 +83,6 @@ func init() { } func createImageRepositoryRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("ImageRepository name is required") - } objectName := args[0] if imageRepoArgs.image == "" { diff --git a/cmd/flux/create_image_update.go b/cmd/flux/create_image_update.go index f1b7e2ca..a67f6bc3 100644 --- a/cmd/flux/create_image_update.go +++ b/cmd/flux/create_image_update.go @@ -94,9 +94,6 @@ func init() { } func createImageUpdateRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("ImageUpdateAutomation name is required") - } objectName := args[0] if imageUpdateArgs.gitRepoName == "" { diff --git a/cmd/flux/create_kustomization.go b/cmd/flux/create_kustomization.go index d523374d..4d0ebb99 100644 --- a/cmd/flux/create_kustomization.go +++ b/cmd/flux/create_kustomization.go @@ -119,9 +119,6 @@ func NewKustomizationFlags() kustomizationFlags { } func createKsCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("Kustomization name is required") - } name := args[0] if kustomizationArgs.path == "" { diff --git a/cmd/flux/create_receiver.go b/cmd/flux/create_receiver.go index d6004dc1..6533f173 100644 --- a/cmd/flux/create_receiver.go +++ b/cmd/flux/create_receiver.go @@ -67,9 +67,6 @@ func init() { } func createReceiverCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("Receiver name is required") - } name := args[0] if receiverArgs.receiverType == "" { diff --git a/cmd/flux/create_secret_git.go b/cmd/flux/create_secret_git.go index 769c2526..0effc1b5 100644 --- a/cmd/flux/create_secret_git.go +++ b/cmd/flux/create_secret_git.go @@ -112,9 +112,6 @@ func NewSecretGitFlags() secretGitFlags { } func createSecretGitCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("secret name is required") - } name := args[0] if secretGitArgs.url == "" { return fmt.Errorf("url is required") diff --git a/cmd/flux/create_secret_helm.go b/cmd/flux/create_secret_helm.go index 8f9df1b5..80a7ce9d 100644 --- a/cmd/flux/create_secret_helm.go +++ b/cmd/flux/create_secret_helm.go @@ -18,7 +18,6 @@ package main import ( "context" - "fmt" "github.com/spf13/cobra" corev1 "k8s.io/api/core/v1" @@ -68,9 +67,6 @@ func init() { } func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("secret name is required") - } name := args[0] labels, err := parseLabels() diff --git a/cmd/flux/create_secret_tls.go b/cmd/flux/create_secret_tls.go index a308066e..b89a2601 100644 --- a/cmd/flux/create_secret_tls.go +++ b/cmd/flux/create_secret_tls.go @@ -18,7 +18,6 @@ package main import ( "context" - "fmt" "github.com/spf13/cobra" "github.com/spf13/pflag" @@ -67,9 +66,6 @@ func init() { } func createSecretTLSCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("secret name is required") - } name := args[0] labels, err := parseLabels() diff --git a/cmd/flux/create_source_bucket.go b/cmd/flux/create_source_bucket.go index 50858c5b..31279799 100644 --- a/cmd/flux/create_source_bucket.go +++ b/cmd/flux/create_source_bucket.go @@ -93,9 +93,6 @@ func NewSourceBucketFlags() sourceBucketFlags { } func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("Bucket source name is required") - } name := args[0] if sourceBucketArgs.name == "" { diff --git a/cmd/flux/create_source_git.go b/cmd/flux/create_source_git.go index 17a928b6..2f13dd9c 100644 --- a/cmd/flux/create_source_git.go +++ b/cmd/flux/create_source_git.go @@ -150,9 +150,6 @@ func newSourceGitFlags() sourceGitFlags { } func createSourceGitCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("GitRepository source name is required") - } name := args[0] if sourceGitArgs.url == "" { diff --git a/cmd/flux/create_source_helm.go b/cmd/flux/create_source_helm.go index 81b5a05f..2d3f2513 100644 --- a/cmd/flux/create_source_helm.go +++ b/cmd/flux/create_source_helm.go @@ -91,9 +91,6 @@ func init() { } func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("HelmRepository source name is required") - } name := args[0] if sourceHelmArgs.url == "" { diff --git a/cmd/flux/create_tenant.go b/cmd/flux/create_tenant.go index 88b8eda6..4ac8eb96 100644 --- a/cmd/flux/create_tenant.go +++ b/cmd/flux/create_tenant.go @@ -70,9 +70,6 @@ func init() { } func createTenantCmdRun(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return fmt.Errorf("tenant name is required") - } tenant := args[0] if err := validation.IsQualifiedName(tenant); len(err) > 0 { return fmt.Errorf("invalid tenant name '%s': %v", tenant, err)