Loosen label and annotation validation and related tests #4628
Comments
|
Yes on the freedom question. I assume we will spec case-sensitivity? ----- Original Message -----
|
|
You mean "yes, it is case sensitive"? Yes, sure. On Thu, Feb 19, 2015 at 2:45 PM, Clayton Coleman notifications@github.com
|
|
Thanks. Yes, I'm happy with this. Do we auto-lowercase label keys today? |
bgrant0607
added
area/api
|
We do not, we fail validation (in master at right now) ----- Original Message -----
|
|
Yes, I'm reasonably happy with that, from my as yet limited perspective. My personal preference would be to ultimately support both hierarchical names and hierarchical namespaces, somehow (e.g. something like "subdept.dept.acme.com/workgroup/product/user/resource" means (subdept.dept.acme.com, workgroup/product/user/resource), as this makes for convenient ACL's and the like. So I support your "We could allow that..." part, and associated semantics. |
|
I'm not sure we want to zoom in to do ACLs or things on segments of the On Thu, Feb 19, 2015 at 3:27 PM, Quinton Hoole notifications@github.com
|
|
I can write this change, but there's a couple of things to decide:
|
|
|
On Thu, Feb 26, 2015 at 8:24 AM, Clayton Coleman
I don't think this is a big deal, but I agree - given that DNS names
Previously it was max(dns_label + max(dns_subdomain) + 1. I think
by 50, Clayton obviously means 64. |
|
SGTM |
|
Obviously
|
|
There's a small issue with label values: they were not checked until now. E.g. in guestbook example there's a comma used in label value, which is forbidden both in current implementation and Brendans suggestion, but it was OK, as it was never checked. I don't know how many things will brake when we'll turn the value validation on. In addition current implementation allows backslashes and Brandans suggestion does not - is this a mistake, or is it by design? |
|
@gmarek. By design, @smarterclayton suggested to 'preserve' backslash for future uses. I translated it in 'admit it'. |
|
I'm sorry, but I don't understand. Is Brendans suggestion by design omit backslash, or originally it was there by design? (I guess you meant the former, but I don't know here the original discussion was) |
|
@gmarek as far as I remember during the discussion someone (guessing @smarterclayton) raised the point about unicode and char to be esacped. But I cannot find anymore asked me to reserve backslash for future uses. That's why I modified the regexp and I specifically added an entry in unit test for this. The starting discussion was here: #341 And by design I mean "by design" we permit the backslash char. |
|
For label queries, reserving backslash for escaping values we might use in the future. For values themselves I don't believe we need any escaping.
|
|
PR for this #4898 |
|
Oh, I missed those updates. I'll add a backslash on Monday. |
|
wait wait. I do not think that adding backslash to the allowed set is what was Let's discuss comma - I don't want it in the set, but is it worth a On Fri, Feb 27, 2015 at 8:43 AM, gmarek notifications@github.com wrote:
|
|
Well, comma is only a special case because it's used in Guestbook example (frontend-controller.json). Because this example is the most visible one (at least for us in Warsaw), my feeling is that it was copied a lot of times as a framework, hence making it invalid may be problematic... Generally adding any nontrivial validation can break something, but I guess we'll need to live with it. |
|
If we have to add comma, it's not the end of the world, but we could also I'm open to arguments either way with comma. I'd rather not do it, but On Fri, Feb 27, 2015 at 10:09 AM, gmarek notifications@github.com wrote:
|
|
I don't like commas in values of labels. It's a natural separator.
|
|
I'm inclined to fix the example and take the hit on this one, while we On Fri, Feb 27, 2015 at 10:25 AM, Clayton Coleman notifications@github.com
|
|
Comma is out. I don't really want to think about escaping right now. |
|
BTW, I think "reserving for future use" means that we have to DISALLOW such characters now, lest people start using them in ways that are incompatible with our future plans. We can add flexibility in the future, but it's impossible to take away. |
|
Right
|
|
Let's all make a pact to challenge anyone who adds a "string" type to the On Fri, Feb 27, 2015 at 2:14 PM, Clayton Coleman notifications@github.com
|
|
On Feb 27, 2015 2:18 PM, "Tim Hockin" notifications@github.com wrote:
+100 ! I'd be in favor of systematically getting rid of string as a Q
|
|
As @thockin suggested, we're changing regexp for label values. Tim suggested to have the same rules for values and qualified name pieces (i.e. '.' should not be correct label value), with the difference that we allow empty values. Are everyone OK, with the new regexp: |
|
I think this is done. |
From #4486
Proposed:
what we allow today. We can say that convention is to use dns-compatible
domain + label, but still allow things like FOO/B_A.R. This DOES NOT allow for foo.com/bat/bat - is that an important affordance to anyone? We could allow that, but we need to be clear that "bar/bat" means (bar, bat) while "foo.com/bar/bat" means (foo.com, bar/bat).
@smarterclayton does that give you enough freedom?
@bgrant0607 does that give you enough consistency?
@quinton-hoole-google does this make the qualified name type now viable for your use case in kube-proxy?
The text was updated successfully, but these errors were encountered: