WIP: Add minimal sanitization for applylib

[justinsb]

No description provided.

[justinsb]

cc @apelisse ... I'm wondering if this sanitization should be in client-go? And maybe we should URL-escape path components? Without this I got a cryptic error:

W0830 09:55:50.497538 3069319 applyset.go:130] error from apply on porch.kpt.dev/v1alpha1, Kind=PackageRevision default/infra/gkecluster-environment-packagename: error from apply: the server could not find the requested resource
I0830 09:55:50.497699 3069319 request.go:1073] Request Body: {"kind":"PackageRevision","apiVersion":"porch.kpt.dev/v1alpha1","metadata":{"name":"infra/configcontroller-environment-packagename","namespace":"default",...
I0830 09:55:50.497803 3069319 round_trippers.go:463] PATCH https://34.70.82.72/apis/porch.kpt.dev/v1alpha1/namespaces/default/packagerevisions/infra/configcontroller-environment-packagename?fieldManager=klippy-default-deployment-3afc33326786e6002aead189fc8e5cdf53861662&force=true
I0830 09:55:50.497818 3069319 round_trippers.go:469] Request Headers:
I0830 09:55:50.497838 3069319 round_trippers.go:473]     User-Agent: controllers/v0.0.0 (linux/amd64) kubernetes/$Format
I0830 09:55:50.497855 3069319 round_trippers.go:473]     Accept: application/json
I0830 09:55:50.497872 3069319 round_trippers.go:473]     Content-Type: application/apply-patch+yaml
I0830 09:55:50.581283 3069319 round_trippers.go:574] Response Status: 404 Not Found in 83 milliseconds
I0830 09:55:50.581316 3069319 round_trippers.go:577] Response Headers:
...
I0830 09:55:50.581507 3069319 request.go:1073] Response Body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"the server could not find the requested resource","reason":"NotFound","details":{},"code":404}

/assign @apelisse

[apelisse]

So you get a 404 when you specify the wrong name? That's not too bad, especially since on POST (create), the name is not part of the URL so this will fail to create with a proper error I would guess?

[apelisse]

For server-side apply that's a different story though since you can create through patch.

[apelisse]

This is probably a reasonable criteria for validating a name:
https://github.com/kubernetes/kubernetes/blob/5debf63a742fab8f3d9b3672a1fd3f14d2289dce/staging/src/k8s.io/apimachinery/pkg/util/validation/validation.go#L207-L218

[apelisse]

Apparently we already do that somewhere:
https://github.com/kubernetes/kubernetes/blob/5debf63a742fab8f3d9b3672a1fd3f14d2289dce/staging/src/k8s.io/client-go/rest/request.go#L280-L283

But the URL is constructed differently when using the dynamic client:
https://github.com/kubernetes/kubernetes/blob/5debf63a742fab8f3d9b3672a1fd3f14d2289dce/staging/src/k8s.io/client-go/dynamic/simple.go#L369-L388

So I guess this is missing here.