Remove special-case object name validation

Author: seans3

pkg/object/objmetadata.go

@@ -28,7 +28,6 @@ import (
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/validation"
 	"k8s.io/cli-runtime/pkg/resource"
 )
 
@@ -72,11 +71,6 @@ func CreateObjMetadata(namespace string, name string, gk schema.GroupKind) (ObjM
 	if name == "" {
 		return ObjMetadata{}, fmt.Errorf("empty name for object")
 	}
-	// Manually validate name, since by the time k8s reports the error
-	// the invalid name has already been encoded into the inventory object.
-	if !validateNameChars(name, gk) {
-		return ObjMetadata{}, fmt.Errorf("invalid characters in object name: %s", name)
-	}
 	if gk.Empty() {
 		return ObjMetadata{}, fmt.Errorf("empty GroupKind for object")
 	}
@@ -87,27 +81,6 @@ func CreateObjMetadata(namespace string, name string, gk schema.GroupKind) (ObjM
 	}, nil
 }
 
-// validateNameChars returns false if the passed name is not a valid
-// resource name; true otherwise. For almost all resources, the following
-// characters are allowed:
-//
-//   Most resource types require a name that can be used as a DNS label name
-//   as defined in RFC 1123. This means the name must:
-//
-//   * contain no more than 253 characters
-//   * contain only lowercase alphanumeric characters, '-'
-//   * start with an alphanumeric character
-//   * end with an alphanumeric character
-//
-// For RBAC resources we also allow the colon character.
-func validateNameChars(name string, gk schema.GroupKind) bool {
-	if _, exists := RBACGroupKind[gk]; exists {
-		name = strings.ReplaceAll(name, ":", "")
-	}
-	errs := validation.IsDNS1123Subdomain(name)
-	return len(errs) == 0
-}
-
 // ParseObjMetadata takes a string, splits it into its four fields,
 // and returns an ObjMetadata struct storing the four fields.
 // Example inventory string:
@@ -143,6 +116,10 @@ func ParseObjMetadata(s string) (ObjMetadata, error) {
 	// Finally, second field name. Name may contain colon transcoded as double underscore.
 	name := s[:index]
 	name = strings.ReplaceAll(name, colonTranscoded, ":")
+	// Check that there are no extra fields by search for fieldSeparator.
+	if strings.Contains(name, fieldSeparator) {
+		return ObjMetadata{}, fmt.Errorf("too many fields within: %s", s)
+	}
 	// Create the ObjMetadata object from the four parsed fields.
 	gk := schema.GroupKind{
 		Group: strings.TrimSpace(group),

pkg/object/objmetadata_test.go

@@ -56,36 +56,6 @@ func TestCreateObjMetadata(t *testing.T) {
 			expected:  "",
 			isError:   true,
 		},
-		"Underscore is invalid name character": {
-			namespace: "test-namespace",
-			name:      "test_name", // Invalid "_" character
-			gk: schema.GroupKind{
-				Group: "apps",
-				Kind:  "ReplicaSet",
-			},
-			expected: "",
-			isError:  true,
-		},
-		"Name not starting with alphanumeric character is error": {
-			namespace: "test-namespace",
-			name:      "-test",
-			gk: schema.GroupKind{
-				Group: "apps",
-				Kind:  "ReplicaSet",
-			},
-			expected: "",
-			isError:  true,
-		},
-		"Name not ending with alphanumeric character is error": {
-			namespace: "test-namespace",
-			name:      "test-",
-			gk: schema.GroupKind{
-				Group: "apps",
-				Kind:  "ReplicaSet",
-			},
-			expected: "",
-			isError:  true,
-		},
 		"Colon is allowed in the name for RBAC resources": {
 			namespace: "test-namespace",
 			name:      "system::kube-scheduler",
@@ -96,16 +66,6 @@ func TestCreateObjMetadata(t *testing.T) {
 			expected: "test-namespace_system____kube-scheduler_rbac.authorization.k8s.io_Role",
 			isError:  false,
 		},
-		"Colon is not allowed in the name for non-RBAC resources": {
-			namespace: "test-namespace",
-			name:      "system::kube-scheduler",
-			gk: schema.GroupKind{
-				Group: "",
-				Kind:  "Pod",
-			},
-			expected: "",
-			isError:  true,
-		},
 	}
 
 	for name, tc := range tests {