search

kube-rs / kube

Rust Kubernetes client and controller runtime
https://kube.rs
Apache License 2.0
2.91k stars 304 forks source link

Prevent empty string object name requests from being sent to the apiserver #1541

Closed xMAC94x closed 2 months ago

xMAC94x commented 2 months ago

Due to the URL-nature a get with an empty name is processed as a list call.

kube then fails to parse the result from the server. Other HTTP METHODS, like "DELETE" are also affected and e.g. cause the deletion of ALL objects. See the issue for more info.

Fixes #1540

Motivation

As described in #1540 I accidentally had a &str empty and was wondering about the weird serde error and though that something was broken somewhere else. Having a early on client-side validation makes the error clear. During testing I found out that DELETE was also affected and might have quite some impact.

Solution

Many Requests have some kind of params validation, similar I introduced a validate_name fn for those requests that operator on a single instance (e.g. get delete patch replace). Requests like list and watch are unaffected.

I added a single test for the get, idk if its necessrary to check all, but I could also provide more checks

xMAC94x commented 2 months ago

Thank you , hopes the DCO works now :)

codecov[bot] commented 2 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 75.2%. Comparing base (e57b060) to head (dd45e6f).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1541 +/- ## ======================================= + Coverage 75.2% 75.2% +0.1% ======================================= Files 78 78 Lines 6989 7007 +18 ======================================= + Hits 5249 5267 +18 Misses 1740 1740 ``` | [Files](https://app.codecov.io/gh/kube-rs/kube/pull/1541?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kube-rs) | Coverage Δ | | |---|---|---| | [kube-core/src/request.rs](https://app.codecov.io/gh/kube-rs/kube/pull/1541?src=pr&el=tree&filepath=kube-core%2Fsrc%2Frequest.rs&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kube-rs#diff-a3ViZS1jb3JlL3NyYy9yZXF1ZXN0LnJz) | `98.9% <100.0%> (+0.1%)` | :arrow_up: |
clux commented 2 months ago

Thanks again!

Edited your post ever so slightly for the generated release notes.