[feature request] Post Request Body Validation rules

[allencloud]

Issue Description

For a HTTP request, if the method is POST, they may be a request body in it. Then pouch daemon side needs to validate these parameter. This issue is to track all the validation rules for this request body. In the issue, I only tracked fields which are in type of string, []string, map[string]interface{}.

We should make this validation rules clear, and add these restrictions in swagger.yml. After that, we generate struct codes and user generated validation funcs in APIxxx_bridge.go.

• ContainerCreateConfig
  • ContainerConfig
  • HostConfig
  • NetworkingConfig
• ExecCreateConfig: feature: add ExecConfig validation rule in swagger #453
• VolumeCreateConfig: feature: support validate volume create config #452
• NetworkCreateConfig

@rudyfly Please check the VolumeCreateConfig and NetworkCreateConfig;
@YaoZengzeng Please check whether CRI implementation side needs more restrictions;
@CodeJuan Please master this part, as in the future you will maintain all the API side of Pouch.
@sunyuan3 @Letty5411 Please get these validation aware and we will use these rules to test Pouch Daemon in the following steps.

Also /cc @skoo87 @yyb196 @Ace-Tang @zzchun @zeppp @ZouRui89

ContainerConfigWrapper

ContainerConfigWrapper.ContainerConfig

Parameter	type	length	pattern
Hostname	string
Domainname	string
User	string
ExposedPorts	string
Env	string
Cmd	string
Image	string
Volumes	map[string]xxx
WorkingDir	string
Entrypoint	[]string
MacAddress	string
OnBuild	string
Labels	string	3-129	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}=[a-zA-Z0-9][a-zA-Z0-9_-. ]{0,63}
StopSignal	string
StopTimeout	int64	0-max
Shell	[]string

ContainerConfigWrapper.HostConfig

Parameter	type	length	pattern
Binds	[]string	0-max
ContainerIDFile	string
LogConfig	map[string]string
NetworkMode	string
PortBindings	map[string]PortBinding
AutoRemove	string
VolumeDriver	string	1-64	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}
VolumesFrom	[]string
CapAdd	[]string
CapDrop	[]string
Dns	[]string
DnsOptions	[]string
DnsSearch	[]string
ExtraHosts	[]string
GroupAdd	[]string
IpcMode	string		(none)
Cgroup	string
Links	string
OomScoreAdj	int64
PidMode	string
SecurityOpt	[]string
StorageOpt	map[string]string
Tmpfs	map[string]string
UTSMode	string
UsernsMode	string
ShmSize	int64
Sysctls	map[string]string
Runtime	string
ConsoleSize	int64
Isolation	string		(default

ContainerConfigWrapper.NetworkingConfig.EndpointSettings

Parameter	type	length	pattern
Links	[]string
NetworkID	string
EndpointID	string
Gateway	string
IPAddress	string
IPPrefixLen	string
IPv6Gateway	string
GlobalIPv6Address	string
GlobalIPv6PrefixLen	string
MacAddress	string
DriverOpts	map[string]string

ExecCreateConfig

This config has been covered in #453.

Parameter	type	length	pattern
Cmd	[]string	1-max

VolumeCreateConfig

This config has been covered in #452.

Parameter	type	length	pattern
Name	string	1-64	[a-zA-Z0-9][a-zA-Z0-9-_.]{0,63}
Driver	string	1-64	[a-zA-Z0-9][a-zA-Z0-9-_.]{0,63}
DriverOpts	map[string]string	value:1-128	value:[a-zA-Z0-9][a-zA-Z0-9-_.]{0,127}
Labels	map[string]string	value:1-128	value:[a-zA-Z0-9][a-zA-Z0-9-_.]{0,127}

NetworkCreateConfig

Parameter	type	length	pattern
Name	string	1-64	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}
Driver	string	1-64	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}
Scope	string	1-64	(local)|(global)
Labels	string	3-129	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}=[a-zA-Z0-9][a-zA-Z0-9_-. ]{0,63}

NetworkCreateConfig.IPAM

Parameter	type	length	pattern
IPAM.Driver	string	1-64	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}=[a-zA-Z0-9][a-zA-Z0-9_-. ]{0,63}
IPAM.Options	map[string]string	value: 1-64	[a-zA-Z0-9][a-zA-Z0-9_-.]{0,63}[a-zA-Z0-9][a-zA-Z0-9_-. ]{0,63}
IPAM.Config	[]IPAMConfig	array length: 0-32

NetworkCreateConfig.IPAM.IPAMConfig

Parameter	type	length	pattern
Subnet	string	0-32
IPRange	string	0-32
Gateway	string	0-32
AuxAddress	string	0-32

[allencloud]

This is the work we mostly rely on swagger. @zhuangqh used to keep an eye on the development of swagger on this validation part. Could you sync something with us? This is a really huge part for PouchContainer to polish the api layer.

[zhuangqh]

I see. I'll track this matter continually. @allencloud

[zhuangqh]

The newest version of go-swagger has a lots fixes about validation. However, this version changed the behaviour to expand code. In short, the newly generated code is incompatible with the old one(v0.12). They are working to fix this problem and will release a new version after fix it. @allencloud
see go-swagger/go-swagger#1559

[allencloud]

Thanks to pr #2350 put forwards by @zhuangqh, now we have the foundation to make this issue move on. Could you help to take this one step by step?

I think there is more than one thing to add:

• make sure all to validations of input request boby's fields;
• add validation code in the pouchd.