@@ -67,7 +67,7 @@ func (s *influxdbSource) GetUsagePercentile(kind api.ResourceName, perc int64, i
query:=fmt.Sprintf("select percentile(value, %v), count(pod_id) from %v where container_base_image%v%v and time > '%v' and time < '%v'",perc,series,imgPattern,namespaceCond,start.UTC().Format(timeFormat),end.UTC().Format(timeFormat))
if_,err:=s.query(query);err!=nil{
return0,0,fmt.Errorf("Error while trying to query InfluxDB: %v",err)
return0,0,fmt.Errorf("error while trying to query InfluxDB: %v",err)
returnadmission.NewForbidden(a,fmt.Errorf("Unable to %s %v at this time because there was an error enforcing limit ranges",a.GetOperation(),a.GetResource()))
returnadmission.NewForbidden(a,fmt.Errorf("unable to %s %v at this time because there was an error enforcing limit ranges",a.GetOperation(),a.GetResource()))
}
// if there are no items held in our indexer, check our live-lookup LRU, if that misses, do the live lookup to prime it.
returnadmission.NewForbidden(a,fmt.Errorf("Error looking up service account %s/%s: %v",a.GetNamespace(),pod.Spec.ServiceAccountName,err))
returnadmission.NewForbidden(a,fmt.Errorf("error looking up service account %s/%s: %v",a.GetNamespace(),pod.Spec.ServiceAccountName,err))
}
ifserviceAccount==nil{
// TODO: convert to a ServerTimeout error (or other error that sends a Retry-After header)
...
...
@@ -324,7 +324,7 @@ func (s *serviceAccount) limitSecretReferences(serviceAccount *api.ServiceAccoun
}
secretName:=source.Secret.SecretName
if!mountableSecrets.Has(secretName){
returnfmt.Errorf("Volume with secret.secretName=\"%s\" is not allowed because service account %s does not reference that secret",secretName,serviceAccount.Name)
returnfmt.Errorf("volume with secret.secretName=\"%s\" is not allowed because service account %s does not reference that secret",secretName,serviceAccount.Name)
}
}
...
...
@@ -332,7 +332,7 @@ func (s *serviceAccount) limitSecretReferences(serviceAccount *api.ServiceAccoun
returnfmt.Errorf("Init container %s with envVar %s referencing secret.secretName=\"%s\" is not allowed because service account %s does not reference that secret",container.Name,env.Name,env.ValueFrom.SecretKeyRef.Name,serviceAccount.Name)
returnfmt.Errorf("init container %s with envVar %s referencing secret.secretName=\"%s\" is not allowed because service account %s does not reference that secret",container.Name,env.Name,env.ValueFrom.SecretKeyRef.Name,serviceAccount.Name)
}
}
}
...
...
@@ -342,7 +342,7 @@ func (s *serviceAccount) limitSecretReferences(serviceAccount *api.ServiceAccoun
returnfmt.Errorf("Container %s with envVar %s referencing secret.secretName=\"%s\" is not allowed because service account %s does not reference that secret",container.Name,env.Name,env.ValueFrom.SecretKeyRef.Name,serviceAccount.Name)
returnfmt.Errorf("container %s with envVar %s referencing secret.secretName=\"%s\" is not allowed because service account %s does not reference that secret",container.Name,env.Name,env.ValueFrom.SecretKeyRef.Name,serviceAccount.Name)