kubectl: Rejecting valid Environment Variable Names

Kubernetes version:

Client Version: version.Info{Major:"1", Minor:"7", GitVersion:"v1.7.0", GitCommit:"d3ada0119e776222f11ec7945e6d860061339aad", GitTreeState:"clean", BuildDate:"2017-06-29T23 15:59Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"windows/amd64"}
Server Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.6", GitCommit:"7fa1c1756d8bc963f1a389f4a6937dc71f08ada2", GitTreeState:"clean", BuildDate:"2017-06-16T18 21:54Z", GoVersion:"go1.7.6", Compiler:"gc", Platform:"linux/amd64"}

Environment:

  • Cloud provider or hardware configuration: Azure Container Service
  • OS: Windows 10
  • Install tools:
  • Others:

What happened: I was invoking the following command: kubectl run myname --image=myimage:86 --port=80 --env="ConnectionStrings:DefaultConnection=Data Source=tcp:mySqlServer,1433;Initial Catalog=myDB;User Id=myUser;Password=mypassword;" I got errors about invalid env: error: invalid env: ConnectionStrings:DefaultConnection=Data Source=tcp:mySqlServer

I tried this with a YAML file as well and got a better error message stating I was using invalid characters for my name. However, : is valid the only values not allowed in names is “=”. To work around this I removed the : then I got an error because it split my value on “,” between my server and port.

What you expected to happen: I expected a new environment variable to be created with the following information:

  • name: ConnectionStrings:DefaultConnection
  • value: Data Source=tcp:mySqlServer,1433;Initial Catalog=myDB;User Id=myUser;Password=mypassword;

How to reproduce it (as minimally and precisely as possible): Just try and set the environment variable name to something that includes a “:” and have a value that contains a “,”. The splitting should not split on “,” in the value of the environment variable.

Anything else we need to know: I am using .NET Core and it allows you to create nested configurations that are built using a : in the environment variable name. I was able to use this just fine with docker run commands against my own host because docker and Linux does support the string as I originally submitted it. This only breaks because of the validation of values and parsing logic of kubectl.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 31 (25 by maintainers)

Most upvoted comments

Your code is perfectly fine. The problem is with backward compatibility. If we start inserting these newly permitted object in the database, it might be a problem when you have multiple masters running at the same time (and not being updated at the same time), or if you fallback your master upgrade to a former version. Then those objects are no longer valid (this is an API change) and will be “stuck” in etcd.

+1
apelisse on Jun 11, 2019
Read more comments on GitHub
← kubectl: Mention namespace in "pods not found" error message
kubectl: Rollout status hangs for 5 minutes after success message →