j-griffith · June 12, 2018 23:49
diff --git a/gistfile1.txt b/gistfile1.txt
 diff --git a/pkg/virt-api/validating-webhook/validating-webhook.go b/pkg/virt-api/validating-webhook/validating-webhook.go
 index f714e93d..2a158889 100644
 --- a/pkg/virt-api/validating-webhook/validating-webhook.go
 +++ b/pkg/virt-api/validating-webhook/validating-webhook.go
 @@ -25,6 +25,7 @@ import (
        "fmt"
        "io/ioutil"
        "net/http"
 +       "regexp"
 
        v1beta1 "k8s.io/api/admission/v1beta1"
        metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 @@ -41,6 +42,7 @@ const (
        cloudInitMaxLen = 2048
        arrayLenMax     = 256
        maxNetworks     = 1
 +       maxStrLeng      = 36
 )
 
 func getAdmissionReview(r *http.Request) (*v1beta1.AdmissionReview, error) {
 @@ -184,6 +186,25 @@ func validateDisks(field *k8sfield.Path, disks []v1.Disk) []metav1.StatusCause {
                                Field:   field.Index(idx).Child("bootorder").String(),
                        })
                }
 +
 +               // Verify serial number is made up of valid characters for libvirt, if provided
 +               isValid := regexp.MustCompile(`^[A-Za-z0-9_.+-]+$`).MatchString
 +               if disk.Serial != "" && !isValid(disk.Serial){
 +                               causes = append(causes, metav1.StatusCause{
 +                                       Type: metav1.CauseTypeFieldValueInvalid,
 +                                       Message: fmt.Sprintf("%s must be made up of the following characters [A-Za-z0-9_.+-], if specified", field.Index(idx).String()),
 +                                       Field: field.Index(idx).Child("serial").String(),
 +                               })
 +
 +               // Verify serial number is within valid length, if provided
 +           if disk.Serial != "" && len([]rune(disk.Serial)) > maxStrLeng {
 +                               causes = append(causes, metav1.StatusCause{
 +                                       Type: metav1.CauseTypeFieldValueInvalid,
 +                                       Message: fmt.Sprintf("%s must be less than or equal to %s in length, if specified", field.Index(idx).String(), maxStrLeng),
 +                                       Field: field.Index(idx).Child("serial").String(),
 +                               })
 +                       }
 +           }
        }
 
        return causes
	diff --git a/pkg/virt-api/validating-webhook/validating-webhook.go b/pkg/virt-api/validating-webhook/validating-webhook.go
	index f714e93d..2a158889 100644
	--- a/pkg/virt-api/validating-webhook/validating-webhook.go
	+++ b/pkg/virt-api/validating-webhook/validating-webhook.go
	@@ -25,6 +25,7 @@ import (
	"fmt"
	"io/ioutil"
	"net/http"
	+ "regexp"

	v1beta1 "k8s.io/api/admission/v1beta1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	@@ -41,6 +42,7 @@ const (
	cloudInitMaxLen = 2048
	arrayLenMax = 256
	maxNetworks = 1
	+ maxStrLeng = 36
	)

	func getAdmissionReview(r http.Request) (v1beta1.AdmissionReview, error) {
	@@ -184,6 +186,25 @@ func validateDisks(field *k8sfield.Path, disks []v1.Disk) []metav1.StatusCause {
	Field: field.Index(idx).Child("bootorder").String(),
	})
	}
	+
	+ // Verify serial number is made up of valid characters for libvirt, if provided
	+ isValid := regexp.MustCompile(`^[A-Za-z0-9_.+-]+$`).MatchString
	+ if disk.Serial != "" && !isValid(disk.Serial){
	+ causes = append(causes, metav1.StatusCause{
	+ Type: metav1.CauseTypeFieldValueInvalid,
	+ Message: fmt.Sprintf("%s must be made up of the following characters [A-Za-z0-9_.+-], if specified", field.Index(idx).String()),
	+ Field: field.Index(idx).Child("serial").String(),
	+ })
	+
	+ // Verify serial number is within valid length, if provided
	+ if disk.Serial != "" && len([]rune(disk.Serial)) > maxStrLeng {
	+ causes = append(causes, metav1.StatusCause{
	+ Type: metav1.CauseTypeFieldValueInvalid,
	+ Message: fmt.Sprintf("%s must be less than or equal to %s in length, if specified", field.Index(idx).String(), maxStrLeng),
	+ Field: field.Index(idx).Child("serial").String(),
	+ })
	+ }
	+ }
	}

	return causes