Skip to content

bug(K8s): sandbox create does not validate name against Kubernetes naming constraints #2115

Description

@varshaprasad96

Agent Diagnostic

  • Loaded openshell-cli skill and explored the sandbox creation flow across CLI, gateway, and Kubernetes driver.
  • Traced the name through the code: CLI passes --name to the gateway's CreateSandbox gRPC call. The gateway's validate_sandbox_spec (crates/openshell-server/src/grpc/validation.rs:93) checks name length and -- substring but does not validate character set.
  • The gateway calls validate_sandbox_create on the Kubernetes driver (crates/openshell-driver-kubernetes/src/driver.rs:344), which validates GPU requirements and driver config but not the name.
  • The name reaches create_sandbox at driver.rs:474 where it is used directly as metadata.name on the Sandbox CRD object. Kubernetes rejects it with an RFC 1123 validation error.
  • The Docker driver already handles this — sanitize_docker_name (crates/openshell-driver-docker/src/lib.rs:2958) lowercases and replaces invalid characters before creating the container, so names like my_sandbox and MySandbox work fine on Docker. The Kubernetes driver has no equivalent sanitization or validation.
  • Auto-generated names (petname, e.g. crack-krait) are always valid. Only user-provided --name values trigger this.

Description

openshell sandbox create --name "my_sandbox" on the Kubernetes driver passes the name through gateway validation (which only checks length and --), through the Kubernetes driver's validate_sandbox_create (which only checks GPU and driver config), and fails at the Kubernetes API because underscores are not valid in Kubernetes resource names.

The same names work fine on the Docker driver because sanitize_docker_name (crates/openshell-driver-docker/src/lib.rs:2958) lowercases the name and replaces invalid characters with - before creating the container. The Kubernetes driver should either validate and reject early, or sanitize the name to be Kubernetes-compatible, matching the level of input handling the Docker driver already provides.

The Kubernetes driver's validate_sandbox_create (crates/openshell-driver-kubernetes/src/driver.rs:344) already validates GPU requirements and driver config — adding a name check against Kubernetes naming constraints here would catch invalid names before they reach the API.

Reproduction Steps

  1. Deploy OpenShell on a Kubernetes cluster (kind, minikube, etc.) using the Helm chart
  2. Run openshell sandbox create --from base --name "my_sandbox" -- echo test
  3. Observe the Kubernetes API rejection
  4. Also try openshell sandbox create --from base --name "MySandbox" -- echo test
  5. Compare: the same names work on a Docker-backed gateway

Environment

  • OS: macOS (Darwin 25.5.0, Apple Silicon)
  • OpenShell CLI: 0.0.70
  • Gateway: 0.0.75-dev.2 (Helm chart 0.0.0-dev)
  • Kubernetes: v1.31.0 (kind with Podman)
  • Compute driver: kubernetes

  • I pointed my agent at the repo and had it investigate this issue
  • I loaded relevant skills (e.g., debug-openshell-cluster, debug-inference, openshell-cli)
  • My agent could not resolve this — the diagnostic above explains why - (my agent could just fix it by providing a new name, but it is a good practice to perform validation on the client side to the extent possible before send req to the server)

Metadata

Metadata

Assignees

No one assigned

    Labels

    state:triage-neededOpened without agent diagnostics and needs triage

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions