diff --git a/WORKSPACE b/WORKSPACE index c826af804c..6777624d21 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -15,12 +15,12 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") load("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository") -# download basic go build rules at release v0.19.10 -go_build_rules_version = "v0.19.10" +# download basic go build rules at release v0.21.5 +go_build_rules_version = "v0.21.5" http_archive( name = "io_bazel_rules_go", - sha256 = "0a99597dd30ecfd94f64fc64717cd1b6c4bd9807918942a8501a3883990e4b1d", + sha256 = "effce27c4ef53af96397d538c1b9e37e9b8546e4a912ed9eb43590bb33cbbf95", urls = [ "https://storage.googleapis.com/bazel-mirror/github.com/bazelbuild/rules_go/releases/download/{}/rules_go-{}.tar.gz".format(go_build_rules_version, go_build_rules_version), "https://github.com/bazelbuild/rules_go/releases/download/{}/rules_go-{}.tar.gz".format(go_build_rules_version, go_build_rules_version), @@ -88,7 +88,7 @@ load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_depe go_rules_dependencies() go_register_toolchains( - go_version = "1.13.6", + go_version = "1.13.9", ) load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies", "go_repository") diff --git a/go.mod b/go.mod index 23ef918060..fed83bc236 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( k8s.io/kube-controller-manager v0.0.0 k8s.io/kubernetes v0.0.0 k8s.io/legacy-cloud-providers v0.0.0 - k8s.io/utils v0.0.0-20200229041039-0a110f9eb7ab + k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89 ) replace ( @@ -387,33 +387,33 @@ replace ( gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 grpc.go4.org => grpc.go4.org v0.0.0-20170609214715-11d0a25b4919 honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 - k8s.io/api v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/api v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/apiextensions-apiserver v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/apimachinery v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/apiserver v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/cli-runtime v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/client-go v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/client-go v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/cloud-provider v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/cluster-bootstrap v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/code-generator v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/component-base v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/component-base v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/cri-api v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/csi-translation-lib v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20200318022839-7d6d4662a9bf + k8s.io/api v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/api v0.0.0-20200325144952-9e991415386e + k8s.io/apiextensions-apiserver v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20200325144952-9e991415386e + k8s.io/apimachinery v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20200325144952-9e991415386e + k8s.io/apiserver v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20200325144952-9e991415386e + k8s.io/cli-runtime v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20200325144952-9e991415386e + k8s.io/client-go v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/client-go v0.0.0-20200325144952-9e991415386e + k8s.io/cloud-provider v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20200325144952-9e991415386e + k8s.io/cluster-bootstrap v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20200325144952-9e991415386e + k8s.io/code-generator v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20200325144952-9e991415386e + k8s.io/component-base v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/component-base v0.0.0-20200325144952-9e991415386e + k8s.io/cri-api v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20200325144952-9e991415386e + k8s.io/csi-translation-lib v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20200325144952-9e991415386e k8s.io/gengo => k8s.io/gengo v0.0.0-20190822140433-26a664648505 k8s.io/heapster => k8s.io/heapster v1.2.0-beta.1 k8s.io/klog => k8s.io/klog v1.0.0 - k8s.io/kube-aggregator v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/kube-controller-manager v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20200318022839-7d6d4662a9bf + k8s.io/kube-aggregator v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20200325144952-9e991415386e + k8s.io/kube-controller-manager v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20200325144952-9e991415386e k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c - k8s.io/kube-proxy v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/kube-scheduler v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/kubectl v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/kubelet v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/kubernetes => k8s.io/kubernetes v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/legacy-cloud-providers v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20200318022839-7d6d4662a9bf - k8s.io/metrics v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/metrics v0.0.0-20200318022839-7d6d4662a9bf + k8s.io/kube-proxy v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20200325144952-9e991415386e + k8s.io/kube-scheduler v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20200325144952-9e991415386e + k8s.io/kubectl v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20200325144952-9e991415386e + k8s.io/kubelet v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20200325144952-9e991415386e + k8s.io/kubernetes => k8s.io/kubernetes v0.0.0-20200325144952-9e991415386e + k8s.io/legacy-cloud-providers v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20200325144952-9e991415386e + k8s.io/metrics v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/metrics v0.0.0-20200325144952-9e991415386e k8s.io/repo-infra => k8s.io/repo-infra v0.0.1-alpha.1 - k8s.io/sample-apiserver v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20200318022839-7d6d4662a9bf + k8s.io/sample-apiserver v0.0.0 => k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20200325144952-9e991415386e k8s.io/system-validators => k8s.io/system-validators v1.0.4 k8s.io/utils => k8s.io/utils v0.0.0-20200117235808-5f6fbceb4c31 modernc.org/cc => modernc.org/cc v1.0.0 diff --git a/go.sum b/go.sum index c4dfc55658..27580a700b 100644 --- a/go.sum +++ b/go.sum @@ -479,41 +479,41 @@ k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c h1:/KUFqjjqAcY4Us6luF5RDNZ16KJtb49HfR3ZHB9qYXM= k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= -k8s.io/kubernetes v0.0.0-20200318022839-7d6d4662a9bf h1:g88x2qwGFsb3vaxx9tDqWM+223JqblDqVALoE1i2GcA= -k8s.io/kubernetes v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:3FlEmPB/uFv57hEsyZivA2SXF+lulwI2vneUzbauuBA= -k8s.io/kubernetes/staging/src/k8s.io/api v0.0.0-20200318022839-7d6d4662a9bf h1:bYiWMETnxzFt5k87xUSZpFEqRQ/KTaL1U4ChTlMAjXI= -k8s.io/kubernetes/staging/src/k8s.io/api v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:oMzWB6/RPBLYAObltLVSu5Ms1ZztBe7G8s1ni2rZY7w= -k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:G2Rc/kKjruoncpFY3D+WiCLdxWJChUkmAgQ0LP3Zuz0= -k8s.io/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20200318022839-7d6d4662a9bf h1:g+bSZV2mWjNEbiLn+A4XFqfCG2T4zfnlSe1cACqVY+g= -k8s.io/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:3Y3wDqxL/YFcgzyFD7r80Z6lMxpRJb/V+dds+b7A2NE= -k8s.io/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20200318022839-7d6d4662a9bf h1:XpDmLACWoMEEffgt/+dptq7/IfwfbSLk047fPojjD08= -k8s.io/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:J2PsBwpwVTxBSX9liTTyhF6A+9Wx707QocthOyHQuGU= -k8s.io/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:M8WtUx89NzNZ4Qx/1diDW/1TSs2Pv9J6//dIYvvtwSs= -k8s.io/kubernetes/staging/src/k8s.io/client-go v0.0.0-20200318022839-7d6d4662a9bf h1:6O0J91oykfylS+78t4IdQdZMxzJ4nkdggB6KYq/M/zQ= -k8s.io/kubernetes/staging/src/k8s.io/client-go v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:AYTyBUfnrjif++92WQZ+qyYd83B/Tl2oGGq7iSUQdGk= -k8s.io/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20200318022839-7d6d4662a9bf h1:MXtnhgcOY3ZbuTzBTFb7zlVXF9hA+lGDKqwTtlmvvrw= -k8s.io/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:t9CI4TqGiovY6qAN79Jn09zfjTfwumpg+RpQe4BKLOk= -k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:oHXhD/NqW/vlYggpTUWbP2x6disww69H1jdsyirbJl8= -k8s.io/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:Yai6SRJt/nb3VvQw4jKKZBtXRJF/OrswWmfjyF6FqP0= -k8s.io/kubernetes/staging/src/k8s.io/component-base v0.0.0-20200318022839-7d6d4662a9bf h1:7TjzIt6nfsR9u+ytZTLqsm/QLLu7pJhqZomSOPqCURc= -k8s.io/kubernetes/staging/src/k8s.io/component-base v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:i2P8Bn+4gdOSd7R55M/eQhRsr68ZMx7Mf1+C0CDlEq4= -k8s.io/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20200318022839-7d6d4662a9bf h1:AfcbDynRvWYjaiGGrj70Qbp1VtRGPPC/2m8xxYFMs1o= -k8s.io/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:O3AtmT8iqccYwp/fsXdy3h0N9X/yfvRMD2XS48PJrBk= -k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20200318022839-7d6d4662a9bf h1:4+nke//ZqVryP7CX2pUivBq2zW1w5fLYov7XSG9IcMg= -k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:BBW+zYPd9dNyl1qZ3U/coU05IW6AvRAbo3s86WKDfzU= -k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:iXjV0rODqMZ5ZH7P/po5p6h3RUrIJlBrZmowN2BvTiU= -k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20200318022839-7d6d4662a9bf h1:XW969ueeicoNnTM+kY6JFsAJYZpF4hSLgE1AWMTxvoY= -k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:pABoR/v0r2aJLFC1570FaaRJbXyiHhqdGHe5W8nk0XY= -k8s.io/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:GLAmLACy/nOND24DRGKyPH21F89pTcevjPRxEtbLJmU= -k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20200318022839-7d6d4662a9bf h1:627Hvz1H0VI15pWvCnrR44IEIjGh34mDzakh9NzLdvo= -k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:UNQ/Ff/Mq9mmCl0MYGl3ciCEIRQr9BT+/DSsoy6/ZMI= -k8s.io/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20200318022839-7d6d4662a9bf h1:mo1WXjA7zstAaIyrYqGgPS324XjKRD4S9OEPTRbtzJ8= -k8s.io/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:6mkQva1QfgZ9wJJvtKmQWjXenFWLqUOm48xUC2S6X50= -k8s.io/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:Raj75cxSm9NiVBoLk/lB1D4XvpBzTG4WoJ6nIH8Cyew= -k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20200318022839-7d6d4662a9bf h1:diDPkBkZikzN6M2+M27H7FhXtPJGGiNCrT7nyGd6Bj0= -k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:seYo/fpdL7p+xbjg+IMPpy2d+kh7zhOqCRyIySKj/Qs= -k8s.io/kubernetes/staging/src/k8s.io/metrics v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:xZM9EdJpWjqIWPvLiCP7vYKUEMwIgc0S8nc/MlLVK3Y= -k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20200318022839-7d6d4662a9bf/go.mod h1:gpiIUEAyQvSEXKbsH2taOEzkrHXvoZwHuArWgR+DpG8= +k8s.io/kubernetes v0.0.0-20200325144952-9e991415386e h1:qDRI4I7s1zm/HB4v4QZZgzX0z8oX+PyHsjcowu4bAJo= +k8s.io/kubernetes v0.0.0-20200325144952-9e991415386e/go.mod h1:z8xjOOO1Ljz+TaHpOxVGC7cxtF32TesIamoQ+BZrVS0= +k8s.io/kubernetes/staging/src/k8s.io/api v0.0.0-20200325144952-9e991415386e h1:tcH3BY/Up3AHGYDxExSVuqQ0Tyl+/1k0hzBQixP48OQ= +k8s.io/kubernetes/staging/src/k8s.io/api v0.0.0-20200325144952-9e991415386e/go.mod h1:oMzWB6/RPBLYAObltLVSu5Ms1ZztBe7G8s1ni2rZY7w= +k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v0.0.0-20200325144952-9e991415386e/go.mod h1:tMuEHO85+WtdJsLBJ1U4bh7oB23v/D4vP0BtL39qxM4= +k8s.io/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20200325144952-9e991415386e h1:js8VNludrLfxGoQK5WK7/rbrynJTdg/WZw/AE5bz0Zs= +k8s.io/kubernetes/staging/src/k8s.io/apimachinery v0.0.0-20200325144952-9e991415386e/go.mod h1:3Y3wDqxL/YFcgzyFD7r80Z6lMxpRJb/V+dds+b7A2NE= +k8s.io/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20200325144952-9e991415386e h1:16sKFNXRNnC36yEofhaDWwrdYQdlCf/Wt00xJ6NmxrY= +k8s.io/kubernetes/staging/src/k8s.io/apiserver v0.0.0-20200325144952-9e991415386e/go.mod h1:SeOQ7d1nUCULR978oKuSossKyGzova3DlaXEa1zJ1ns= +k8s.io/kubernetes/staging/src/k8s.io/cli-runtime v0.0.0-20200325144952-9e991415386e/go.mod h1:M8WtUx89NzNZ4Qx/1diDW/1TSs2Pv9J6//dIYvvtwSs= +k8s.io/kubernetes/staging/src/k8s.io/client-go v0.0.0-20200325144952-9e991415386e h1:Eiuxxa8ar45zRaJHZ8eUxBw7zmI1WEwoTlLKO407qZ0= +k8s.io/kubernetes/staging/src/k8s.io/client-go v0.0.0-20200325144952-9e991415386e/go.mod h1:Ck7kQmlFASfY0SaqYH1NwUrxeuAipkIbnuHi642eQ+I= +k8s.io/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20200325144952-9e991415386e h1:2bFqVIJCYKYqMVuZoNZvOFz4E2unbKkBsrC1JOanHGw= +k8s.io/kubernetes/staging/src/k8s.io/cloud-provider v0.0.0-20200325144952-9e991415386e/go.mod h1:jW0IWD1v1cNcp/vvXbVuovmZNSieKSZBdM7VmX1lrVI= +k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap v0.0.0-20200325144952-9e991415386e/go.mod h1:oHXhD/NqW/vlYggpTUWbP2x6disww69H1jdsyirbJl8= +k8s.io/kubernetes/staging/src/k8s.io/code-generator v0.0.0-20200325144952-9e991415386e/go.mod h1:Yai6SRJt/nb3VvQw4jKKZBtXRJF/OrswWmfjyF6FqP0= +k8s.io/kubernetes/staging/src/k8s.io/component-base v0.0.0-20200325144952-9e991415386e h1:747eH/XbhZgfD7YcPsUFzo1wWv8ZZGt40Tfb3ZMwRRA= +k8s.io/kubernetes/staging/src/k8s.io/component-base v0.0.0-20200325144952-9e991415386e/go.mod h1:zRlCznOsLYdwq5DB2b/26X/n/04fhV3U3rMC60t80/Q= +k8s.io/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20200325144952-9e991415386e h1:1aYd5EiOIByKAiu9mLW063INnmjGmTi5kH5a8nBqICw= +k8s.io/kubernetes/staging/src/k8s.io/cri-api v0.0.0-20200325144952-9e991415386e/go.mod h1:O3AtmT8iqccYwp/fsXdy3h0N9X/yfvRMD2XS48PJrBk= +k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20200325144952-9e991415386e h1:qrBEC5j0roOna+JSwVVmN6e7aOoIVq77HPC1Z/qvma4= +k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib v0.0.0-20200325144952-9e991415386e/go.mod h1:BBW+zYPd9dNyl1qZ3U/coU05IW6AvRAbo3s86WKDfzU= +k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator v0.0.0-20200325144952-9e991415386e/go.mod h1:EY3DrCVVj6X1xeVtHF/0lht5TZK9YhKLyfe6QBD3QvE= +k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20200325144952-9e991415386e h1:4c64fcmUvLjmgQtX0u9DA/QPvAK79rSXeKs23QP/KWU= +k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager v0.0.0-20200325144952-9e991415386e/go.mod h1:pABoR/v0r2aJLFC1570FaaRJbXyiHhqdGHe5W8nk0XY= +k8s.io/kubernetes/staging/src/k8s.io/kube-proxy v0.0.0-20200325144952-9e991415386e/go.mod h1:GLAmLACy/nOND24DRGKyPH21F89pTcevjPRxEtbLJmU= +k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20200325144952-9e991415386e h1:uESMsoCOlvPSMYJ/Zpo4ElZI2XOtHfuCiabII4ef6NI= +k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler v0.0.0-20200325144952-9e991415386e/go.mod h1:UNQ/Ff/Mq9mmCl0MYGl3ciCEIRQr9BT+/DSsoy6/ZMI= +k8s.io/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20200325144952-9e991415386e h1:wWOJUt3aN/c/GBTDyFExST2tRnLO2GsPqcp/LNGzuW0= +k8s.io/kubernetes/staging/src/k8s.io/kubectl v0.0.0-20200325144952-9e991415386e/go.mod h1:lLLodYzjtaBEMebmdtYz2Sh+X8/3DB79imNypXbONsE= +k8s.io/kubernetes/staging/src/k8s.io/kubelet v0.0.0-20200325144952-9e991415386e/go.mod h1:Raj75cxSm9NiVBoLk/lB1D4XvpBzTG4WoJ6nIH8Cyew= +k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20200325144952-9e991415386e h1:M14yFE2kHud/d7u7cEmfIKGfw/nMQinEVI3wmE5mK34= +k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v0.0.0-20200325144952-9e991415386e/go.mod h1:R6lK1g14jiec20OVuA1ArvsCKs5th4rxGL3eUMdQmyA= +k8s.io/kubernetes/staging/src/k8s.io/metrics v0.0.0-20200325144952-9e991415386e/go.mod h1:xZM9EdJpWjqIWPvLiCP7vYKUEMwIgc0S8nc/MlLVK3Y= +k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver v0.0.0-20200325144952-9e991415386e/go.mod h1:gpiIUEAyQvSEXKbsH2taOEzkrHXvoZwHuArWgR+DpG8= k8s.io/repo-infra v0.0.1-alpha.1/go.mod h1:wO1t9WaB99V80ljbeENTnayuEEwNZt7gECYh/CEyOJ8= k8s.io/system-validators v1.0.4/go.mod h1:HgSgTg4NAGNoYYjKsUyk52gdNi2PVDswQ9Iyn66R7NI= k8s.io/utils v0.0.0-20200117235808-5f6fbceb4c31 h1:KCcLuc/HD1RogJgEbZi9ObRuLv1bgiRCfAbidLKrUpg= diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-07-01/compute/virtualmachinesizes.go b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-07-01/compute/virtualmachinesizes.go index 286d942e89..55335fe9a5 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-07-01/compute/virtualmachinesizes.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2019-07-01/compute/virtualmachinesizes.go @@ -19,12 +19,11 @@ package compute import ( "context" - "net/http" - "github.com/Azure/go-autorest/autorest" "github.com/Azure/go-autorest/autorest/azure" "github.com/Azure/go-autorest/autorest/validation" "github.com/Azure/go-autorest/tracing" + "net/http" ) // VirtualMachineSizesClient is the compute Client diff --git a/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go b/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go index 363b8152b0..e53c3e61fd 100644 --- a/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go +++ b/vendor/k8s.io/apimachinery/pkg/api/errors/errors.go @@ -18,7 +18,6 @@ package errors import ( "encoding/json" - "errors" "fmt" "net/http" "reflect" @@ -484,141 +483,127 @@ func NewGenericServerResponse(code int, verb string, qualifiedResource schema.Gr } // IsNotFound returns true if the specified error was created by NewNotFound. -// It supports wrapped errors. func IsNotFound(err error) bool { return ReasonForError(err) == metav1.StatusReasonNotFound } // IsAlreadyExists determines if the err is an error which indicates that a specified resource already exists. -// It supports wrapped errors. func IsAlreadyExists(err error) bool { return ReasonForError(err) == metav1.StatusReasonAlreadyExists } // IsConflict determines if the err is an error which indicates the provided update conflicts. -// It supports wrapped errors. func IsConflict(err error) bool { return ReasonForError(err) == metav1.StatusReasonConflict } // IsInvalid determines if the err is an error which indicates the provided resource is not valid. -// It supports wrapped errors. func IsInvalid(err error) bool { return ReasonForError(err) == metav1.StatusReasonInvalid } // IsGone is true if the error indicates the requested resource is no longer available. -// It supports wrapped errors. func IsGone(err error) bool { return ReasonForError(err) == metav1.StatusReasonGone } // IsResourceExpired is true if the error indicates the resource has expired and the current action is // no longer possible. -// It supports wrapped errors. func IsResourceExpired(err error) bool { return ReasonForError(err) == metav1.StatusReasonExpired } // IsNotAcceptable determines if err is an error which indicates that the request failed due to an invalid Accept header -// It supports wrapped errors. func IsNotAcceptable(err error) bool { return ReasonForError(err) == metav1.StatusReasonNotAcceptable } // IsUnsupportedMediaType determines if err is an error which indicates that the request failed due to an invalid Content-Type header -// It supports wrapped errors. func IsUnsupportedMediaType(err error) bool { return ReasonForError(err) == metav1.StatusReasonUnsupportedMediaType } // IsMethodNotSupported determines if the err is an error which indicates the provided action could not // be performed because it is not supported by the server. -// It supports wrapped errors. func IsMethodNotSupported(err error) bool { return ReasonForError(err) == metav1.StatusReasonMethodNotAllowed } // IsServiceUnavailable is true if the error indicates the underlying service is no longer available. -// It supports wrapped errors. func IsServiceUnavailable(err error) bool { return ReasonForError(err) == metav1.StatusReasonServiceUnavailable } // IsBadRequest determines if err is an error which indicates that the request is invalid. -// It supports wrapped errors. func IsBadRequest(err error) bool { return ReasonForError(err) == metav1.StatusReasonBadRequest } // IsUnauthorized determines if err is an error which indicates that the request is unauthorized and // requires authentication by the user. -// It supports wrapped errors. func IsUnauthorized(err error) bool { return ReasonForError(err) == metav1.StatusReasonUnauthorized } // IsForbidden determines if err is an error which indicates that the request is forbidden and cannot // be completed as requested. -// It supports wrapped errors. func IsForbidden(err error) bool { return ReasonForError(err) == metav1.StatusReasonForbidden } // IsTimeout determines if err is an error which indicates that request times out due to long // processing. -// It supports wrapped errors. func IsTimeout(err error) bool { return ReasonForError(err) == metav1.StatusReasonTimeout } // IsServerTimeout determines if err is an error which indicates that the request needs to be retried // by the client. -// It supports wrapped errors. func IsServerTimeout(err error) bool { return ReasonForError(err) == metav1.StatusReasonServerTimeout } // IsInternalError determines if err is an error which indicates an internal server error. -// It supports wrapped errors. func IsInternalError(err error) bool { return ReasonForError(err) == metav1.StatusReasonInternalError } // IsTooManyRequests determines if err is an error which indicates that there are too many requests // that the server cannot handle. -// It supports wrapped errors. func IsTooManyRequests(err error) bool { if ReasonForError(err) == metav1.StatusReasonTooManyRequests { return true } - if status := APIStatus(nil); errors.As(err, &status) { - return status.Status().Code == http.StatusTooManyRequests + switch t := err.(type) { + case APIStatus: + return t.Status().Code == http.StatusTooManyRequests } return false } // IsRequestEntityTooLargeError determines if err is an error which indicates // the request entity is too large. -// It supports wrapped errors. func IsRequestEntityTooLargeError(err error) bool { if ReasonForError(err) == metav1.StatusReasonRequestEntityTooLarge { return true } - if status := APIStatus(nil); errors.As(err, &status) { - return status.Status().Code == http.StatusRequestEntityTooLarge + switch t := err.(type) { + case APIStatus: + return t.Status().Code == http.StatusRequestEntityTooLarge } return false } // IsUnexpectedServerError returns true if the server response was not in the expected API format, // and may be the result of another HTTP actor. -// It supports wrapped errors. func IsUnexpectedServerError(err error) bool { - if status := APIStatus(nil); errors.As(err, &status) && status.Status().Details != nil { - for _, cause := range status.Status().Details.Causes { - if cause.Type == metav1.CauseTypeUnexpectedServerResponse { - return true + switch t := err.(type) { + case APIStatus: + if d := t.Status().Details; d != nil { + for _, cause := range d.Causes { + if cause.Type == metav1.CauseTypeUnexpectedServerResponse { + return true + } } } } @@ -626,37 +611,38 @@ func IsUnexpectedServerError(err error) bool { } // IsUnexpectedObjectError determines if err is due to an unexpected object from the master. -// It supports wrapped errors. func IsUnexpectedObjectError(err error) bool { - uoe := &UnexpectedObjectError{} - return err != nil && errors.As(err, &uoe) + _, ok := err.(*UnexpectedObjectError) + return err != nil && ok } // SuggestsClientDelay returns true if this error suggests a client delay as well as the // suggested seconds to wait, or false if the error does not imply a wait. It does not // address whether the error *should* be retried, since some errors (like a 3xx) may // request delay without retry. -// It supports wrapped errors. func SuggestsClientDelay(err error) (int, bool) { - if t := APIStatus(nil); errors.As(err, &t) && t.Status().Details != nil { - switch t.Status().Reason { - // this StatusReason explicitly requests the caller to delay the action - case metav1.StatusReasonServerTimeout: - return int(t.Status().Details.RetryAfterSeconds), true - } - // If the client requests that we retry after a certain number of seconds - if t.Status().Details.RetryAfterSeconds > 0 { - return int(t.Status().Details.RetryAfterSeconds), true + switch t := err.(type) { + case APIStatus: + if t.Status().Details != nil { + switch t.Status().Reason { + // this StatusReason explicitly requests the caller to delay the action + case metav1.StatusReasonServerTimeout: + return int(t.Status().Details.RetryAfterSeconds), true + } + // If the client requests that we retry after a certain number of seconds + if t.Status().Details.RetryAfterSeconds > 0 { + return int(t.Status().Details.RetryAfterSeconds), true + } } } return 0, false } // ReasonForError returns the HTTP status for a particular error. -// It supports wrapped errors. func ReasonForError(err error) metav1.StatusReason { - if status := APIStatus(nil); errors.As(err, &status) { - return status.Status().Reason + switch t := err.(type) { + case APIStatus: + return t.Status().Reason } return metav1.StatusReasonUnknown } diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/helpers.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/helpers.go index ec016fd3c8..ad989ad75c 100644 --- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/helpers.go +++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/helpers.go @@ -252,7 +252,9 @@ func ResetObjectMetaForStatus(meta, existingMeta Object) { meta.SetAnnotations(existingMeta.GetAnnotations()) meta.SetFinalizers(existingMeta.GetFinalizers()) meta.SetOwnerReferences(existingMeta.GetOwnerReferences()) - meta.SetManagedFields(existingMeta.GetManagedFields()) + // managedFields must be preserved since it's been modified to + // track changed fields in the status update. + //meta.SetManagedFields(existingMeta.GetManagedFields()) } // MarshalJSON implements json.Marshaler diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/installer.go b/vendor/k8s.io/apiserver/pkg/endpoints/installer.go index 06e0b21189..37579820a4 100644 --- a/vendor/k8s.io/apiserver/pkg/endpoints/installer.go +++ b/vendor/k8s.io/apiserver/pkg/endpoints/installer.go @@ -381,11 +381,7 @@ func (a *APIInstaller) registerResourceHandlers(path string, storage rest.Storag resourceKind = kind } - tableProvider, isTableProvider := storage.(rest.TableConvertor) - if isLister && !isTableProvider { - // All listers must implement TableProvider - return nil, fmt.Errorf("%q must implement TableConvertor", resource) - } + tableProvider, _ := storage.(rest.TableConvertor) var apiResource metav1.APIResource if utilfeature.DefaultFeatureGate.Enabled(features.StorageVersionHash) && diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go index edd75bc2af..3993bd2366 100644 --- a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go +++ b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go @@ -1217,10 +1217,6 @@ func (e *Store) CompleteWithOptions(options *generic.StoreOptions) error { return fmt.Errorf("store for %s must set both KeyRootFunc and KeyFunc or neither", e.DefaultQualifiedResource.String()) } - if e.TableConvertor == nil { - return fmt.Errorf("store for %s must set TableConvertor; rest.NewDefaultTableConvertor(e.DefaultQualifiedResource) can be used to output just name/creation time", e.DefaultQualifiedResource.String()) - } - var isNamespaced bool switch { case e.CreateStrategy != nil: @@ -1381,7 +1377,7 @@ func (e *Store) ConvertToTable(ctx context.Context, object runtime.Object, table if e.TableConvertor != nil { return e.TableConvertor.ConvertToTable(ctx, object, tableOptions) } - return rest.NewDefaultTableConvertor(e.DefaultQualifiedResource).ConvertToTable(ctx, object, tableOptions) + return rest.NewDefaultTableConvertor(e.qualifiedResourceFromContext(ctx)).ConvertToTable(ctx, object, tableOptions) } func (e *Store) StorageVersion() runtime.GroupVersioner { diff --git a/vendor/k8s.io/apiserver/pkg/registry/rest/table.go b/vendor/k8s.io/apiserver/pkg/registry/rest/table.go index d90ae70762..31a46c7433 100644 --- a/vendor/k8s.io/apiserver/pkg/registry/rest/table.go +++ b/vendor/k8s.io/apiserver/pkg/registry/rest/table.go @@ -26,17 +26,15 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - genericapirequest "k8s.io/apiserver/pkg/endpoints/request" ) type defaultTableConvertor struct { - defaultQualifiedResource schema.GroupResource + qualifiedResource schema.GroupResource } -// NewDefaultTableConvertor creates a default convertor; the provided resource is used for error messages -// if no resource info can be determined from the context passed to ConvertToTable. -func NewDefaultTableConvertor(defaultQualifiedResource schema.GroupResource) TableConvertor { - return defaultTableConvertor{defaultQualifiedResource: defaultQualifiedResource} +// NewDefaultTableConvertor creates a default convertor for the provided resource. +func NewDefaultTableConvertor(resource schema.GroupResource) TableConvertor { + return defaultTableConvertor{qualifiedResource: resource} } var swaggerMetadataDescriptions = metav1.ObjectMeta{}.SwaggerDoc() @@ -46,11 +44,7 @@ func (c defaultTableConvertor) ConvertToTable(ctx context.Context, object runtim fn := func(obj runtime.Object) error { m, err := meta.Accessor(obj) if err != nil { - resource := c.defaultQualifiedResource - if info, ok := genericapirequest.RequestInfoFrom(ctx); ok { - resource = schema.GroupResource{Group: info.APIGroup, Resource: info.Resource} - } - return errNotAcceptable{resource: resource} + return errNotAcceptable{resource: c.qualifiedResource} } table.Rows = append(table.Rows, metav1.TableRow{ Cells: []interface{}{m.GetName(), m.GetCreationTimestamp().Time.UTC().Format(time.RFC3339)}, diff --git a/vendor/k8s.io/apiserver/pkg/server/options/BUILD.bazel b/vendor/k8s.io/apiserver/pkg/server/options/BUILD.bazel index b0bbb5133c..9aa806829a 100644 --- a/vendor/k8s.io/apiserver/pkg/server/options/BUILD.bazel +++ b/vendor/k8s.io/apiserver/pkg/server/options/BUILD.bazel @@ -18,8 +18,6 @@ go_library( "recommended.go", "server_run_options.go", "serving.go", - "serving_unix.go", - "serving_windows.go", "serving_with_loopback.go", "webhook.go", ], @@ -93,37 +91,5 @@ go_library( "//vendor/k8s.io/klog:go_default_library", "//vendor/k8s.io/kube-openapi/pkg/common:go_default_library", "//vendor/k8s.io/utils/path:go_default_library", - ] + select({ - "@io_bazel_rules_go//go/platform:android": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:darwin": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:dragonfly": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:freebsd": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:linux": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:nacl": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:netbsd": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:openbsd": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:plan9": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "@io_bazel_rules_go//go/platform:solaris": [ - "//vendor/golang.org/x/sys/unix:go_default_library", - ], - "//conditions:default": [], - }), + ], ) diff --git a/vendor/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go b/vendor/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go index 1c066313c2..483af3db24 100644 --- a/vendor/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go +++ b/vendor/k8s.io/apiserver/pkg/server/options/deprecated_insecure_serving.go @@ -43,7 +43,7 @@ type DeprecatedInsecureServingOptions struct { // ListenFunc can be overridden to create a custom listener, e.g. for mocking in tests. // It defaults to options.CreateListener. - ListenFunc func(network, addr string, config net.ListenConfig) (net.Listener, int, error) + ListenFunc func(network, addr string) (net.Listener, int, error) } // Validate ensures that the insecure port values within the range of the port. @@ -113,7 +113,7 @@ func (s *DeprecatedInsecureServingOptions) ApplyTo(c **server.DeprecatedInsecure listen = s.ListenFunc } addr := net.JoinHostPort(s.BindAddress.String(), fmt.Sprintf("%d", s.BindPort)) - s.Listener, s.BindPort, err = listen(s.BindNetwork, addr, net.ListenConfig{}) + s.Listener, s.BindPort, err = listen(s.BindNetwork, addr) if err != nil { return fmt.Errorf("failed to create listener: %v", err) } diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go index 372ab5eb8a..6789605231 100644 --- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go +++ b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go @@ -161,14 +161,15 @@ func GetTransformerOverrides(filepath string) (map[schema.GroupResource]value.Tr } defer f.Close() - result, err := parseEncryptionConfiguration(f) + result, err := ParseEncryptionConfiguration(f) if err != nil { return nil, fmt.Errorf("error while parsing encryption provider configuration file %q: %v", filepath, err) } return result, nil } -func parseEncryptionConfiguration(f io.Reader) (map[schema.GroupResource]value.Transformer, error) { +// ParseEncryptionConfiguration parses configuration data and returns the transformer overrides +func ParseEncryptionConfiguration(f io.Reader) (map[schema.GroupResource]value.Transformer, error) { configFileContents, err := ioutil.ReadAll(f) if err != nil { return nil, fmt.Errorf("could not read contents: %v", err) @@ -183,7 +184,7 @@ func parseEncryptionConfiguration(f io.Reader) (map[schema.GroupResource]value.T // For each entry in the configuration for _, resourceConfig := range config.Resources { - transformers, err := prefixTransformers(&resourceConfig) + transformers, err := GetPrefixTransformers(&resourceConfig) if err != nil { return nil, err } @@ -204,6 +205,7 @@ func parseEncryptionConfiguration(f io.Reader) (map[schema.GroupResource]value.T } +// loadConfig decodes data as a EncryptionConfiguration object. func loadConfig(data []byte) (*apiserverconfig.EncryptionConfiguration, error) { scheme := runtime.NewScheme() codecs := serializer.NewCodecFactory(scheme) @@ -225,7 +227,8 @@ func loadConfig(data []byte) (*apiserverconfig.EncryptionConfiguration, error) { // The factory to create kms service. This is to make writing test easier. var envelopeServiceFactory = envelope.NewGRPCService -func prefixTransformers(config *apiserverconfig.ResourceConfiguration) ([]value.PrefixTransformer, error) { +// GetPrefixTransformers constructs and returns the appropriate prefix transformers for the passed resource using its configuration. +func GetPrefixTransformers(config *apiserverconfig.ResourceConfiguration) ([]value.PrefixTransformer, error) { var result []value.PrefixTransformer for _, provider := range config.Providers { var ( @@ -235,18 +238,18 @@ func prefixTransformers(config *apiserverconfig.ResourceConfiguration) ([]value. switch { case provider.AESGCM != nil: - transformer, err = aesPrefixTransformer(provider.AESGCM, aestransformer.NewGCMTransformer, aesGCMTransformerPrefixV1) + transformer, err = GetAESPrefixTransformer(provider.AESGCM, aestransformer.NewGCMTransformer, aesGCMTransformerPrefixV1) case provider.AESCBC != nil: - transformer, err = aesPrefixTransformer(provider.AESCBC, aestransformer.NewCBCTransformer, aesCBCTransformerPrefixV1) + transformer, err = GetAESPrefixTransformer(provider.AESCBC, aestransformer.NewCBCTransformer, aesCBCTransformerPrefixV1) case provider.Secretbox != nil: - transformer, err = secretboxPrefixTransformer(provider.Secretbox) + transformer, err = GetSecretboxPrefixTransformer(provider.Secretbox) case provider.KMS != nil: envelopeService, err := envelopeServiceFactory(provider.KMS.Endpoint, provider.KMS.Timeout.Duration) if err != nil { return nil, fmt.Errorf("could not configure KMS plugin %q, error: %v", provider.KMS.Name, err) } - transformer, err = envelopePrefixTransformer(provider.KMS, envelopeService, kmsTransformerPrefixV1) + transformer, err = getEnvelopePrefixTransformer(provider.KMS, envelopeService, kmsTransformerPrefixV1) case provider.Identity != nil: transformer = value.PrefixTransformer{ Transformer: identity.NewEncryptCheckTransformer(), @@ -264,9 +267,12 @@ func prefixTransformers(config *apiserverconfig.ResourceConfiguration) ([]value. return result, nil } -type blockTransformerFunc func(cipher.Block) value.Transformer +// BlockTransformerFunc takes an AES cipher block and returns a value transformer. +type BlockTransformerFunc func(cipher.Block) value.Transformer -func aesPrefixTransformer(config *apiserverconfig.AESConfiguration, fn blockTransformerFunc, prefix string) (value.PrefixTransformer, error) { +// GetAESPrefixTransformer returns a prefix transformer from the provided configuration. +// Returns an AES transformer based on the provided prefix and block transformer. +func GetAESPrefixTransformer(config *apiserverconfig.AESConfiguration, fn BlockTransformerFunc, prefix string) (value.PrefixTransformer, error) { var result value.PrefixTransformer if len(config.Keys) == 0 { @@ -313,7 +319,8 @@ func aesPrefixTransformer(config *apiserverconfig.AESConfiguration, fn blockTran return result, nil } -func secretboxPrefixTransformer(config *apiserverconfig.SecretboxConfiguration) (value.PrefixTransformer, error) { +// GetSecretboxPrefixTransformer returns a prefix transformer from the provided configuration +func GetSecretboxPrefixTransformer(config *apiserverconfig.SecretboxConfiguration) (value.PrefixTransformer, error) { var result value.PrefixTransformer if len(config.Keys) == 0 { @@ -363,7 +370,9 @@ func secretboxPrefixTransformer(config *apiserverconfig.SecretboxConfiguration) return result, nil } -func envelopePrefixTransformer(config *apiserverconfig.KMSConfiguration, envelopeService envelope.Service, prefix string) (value.PrefixTransformer, error) { +// getEnvelopePrefixTransformer returns a prefix transformer from the provided config. +// envelopeService is used as the root of trust. +func getEnvelopePrefixTransformer(config *apiserverconfig.KMSConfiguration, envelopeService envelope.Service, prefix string) (value.PrefixTransformer, error) { envelopeTransformer, err := envelope.NewEnvelopeTransformer(envelopeService, int(*config.CacheSize), aestransformer.NewCBCTransformer) if err != nil { return value.PrefixTransformer{}, err diff --git a/vendor/k8s.io/apiserver/pkg/server/options/serving.go b/vendor/k8s.io/apiserver/pkg/server/options/serving.go index 65d95caaa7..f40de69828 100644 --- a/vendor/k8s.io/apiserver/pkg/server/options/serving.go +++ b/vendor/k8s.io/apiserver/pkg/server/options/serving.go @@ -17,7 +17,6 @@ limitations under the License. package options import ( - "context" "fmt" "net" "path" @@ -67,10 +66,6 @@ type SecureServingOptions struct { // HTTP2MaxStreamsPerConnection is the limit that the api server imposes on each client. // A value of zero means to use the default provided by golang's HTTP/2 support. HTTP2MaxStreamsPerConnection int - - // PermitPortSharing controls if SO_REUSEPORT is used when binding the port, which allows - // more than one instance to bind on the same address and port. - PermitPortSharing bool } type CertKey struct { @@ -197,10 +192,6 @@ func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet) { "The limit that the server gives to clients for "+ "the maximum number of streams in an HTTP/2 connection. "+ "Zero means to use golang's default.") - - fs.BoolVar(&s.PermitPortSharing, "permit-port-sharing", s.PermitPortSharing, - "If true, SO_REUSEPORT will be used when binding the port, which allows "+ - "more than one instance to bind on the same address and port. [default=false]") } // ApplyTo fills up serving information in the server configuration. @@ -215,14 +206,7 @@ func (s *SecureServingOptions) ApplyTo(config **server.SecureServingInfo) error if s.Listener == nil { var err error addr := net.JoinHostPort(s.BindAddress.String(), strconv.Itoa(s.BindPort)) - - c := net.ListenConfig{} - - if s.PermitPortSharing { - c.Control = permitPortReuse - } - - s.Listener, s.BindPort, err = CreateListener(s.BindNetwork, addr, c) + s.Listener, s.BindPort, err = CreateListener(s.BindNetwork, addr) if err != nil { return fmt.Errorf("failed to create listener: %v", err) } @@ -333,12 +317,11 @@ func (s *SecureServingOptions) MaybeDefaultWithSelfSignedCerts(publicAddress str return nil } -func CreateListener(network, addr string, config net.ListenConfig) (net.Listener, int, error) { +func CreateListener(network, addr string) (net.Listener, int, error) { if len(network) == 0 { network = "tcp" } - - ln, err := config.Listen(context.TODO(), network, addr) + ln, err := net.Listen(network, addr) if err != nil { return nil, 0, fmt.Errorf("failed to listen on %v: %v", addr, err) } diff --git a/vendor/k8s.io/apiserver/pkg/server/options/serving_unix.go b/vendor/k8s.io/apiserver/pkg/server/options/serving_unix.go deleted file mode 100644 index 221a5474bd..0000000000 --- a/vendor/k8s.io/apiserver/pkg/server/options/serving_unix.go +++ /dev/null @@ -1,31 +0,0 @@ -// +build !windows - -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package options - -import ( - "syscall" - - "golang.org/x/sys/unix" -) - -func permitPortReuse(network, addr string, conn syscall.RawConn) error { - return conn.Control(func(fd uintptr) { - syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, unix.SO_REUSEPORT, 1) - }) -} diff --git a/vendor/k8s.io/apiserver/pkg/server/options/serving_windows.go b/vendor/k8s.io/apiserver/pkg/server/options/serving_windows.go deleted file mode 100644 index 1941890234..0000000000 --- a/vendor/k8s.io/apiserver/pkg/server/options/serving_windows.go +++ /dev/null @@ -1,30 +0,0 @@ -// +build windows - -/* -Copyright 2020 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package options - -import ( - "fmt" - "syscall" -) - -// Windows only supports SO_REUSEADDR, which may cause undefined behavior, as -// there is no protection against port hijacking. -func permitPortReuse(network, address string, c syscall.RawConn) error { - return fmt.Errorf("port reuse is not supported on Windows") -} diff --git a/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go b/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go index 71bb6322e0..6dc8ec5f22 100644 --- a/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go +++ b/vendor/k8s.io/client-go/util/workqueue/default_rate_limiters.go @@ -62,6 +62,54 @@ func (r *BucketRateLimiter) NumRequeues(item interface{}) int { func (r *BucketRateLimiter) Forget(item interface{}) { } +// ItemBucketRateLimiter implements a workqueue ratelimiter API using standard rate.Limiter. +// Each key is using a separate limiter. +type ItemBucketRateLimiter struct { + r rate.Limit + burst int + + limitersLock sync.Mutex + limiters map[interface{}]*rate.Limiter +} + +var _ RateLimiter = &ItemBucketRateLimiter{} + +// NewItemBucketRateLimiter creates new ItemBucketRateLimiter instance. +func NewItemBucketRateLimiter(r rate.Limit, burst int) *ItemBucketRateLimiter { + return &ItemBucketRateLimiter{ + r: r, + burst: burst, + limiters: make(map[interface{}]*rate.Limiter), + } +} + +// When returns a time.Duration which we need to wait before item is processed. +func (r *ItemBucketRateLimiter) When(item interface{}) time.Duration { + r.limitersLock.Lock() + defer r.limitersLock.Unlock() + + limiter, ok := r.limiters[item] + if !ok { + limiter = rate.NewLimiter(r.r, r.burst) + r.limiters[item] = limiter + } + + return limiter.Reserve().Delay() +} + +// NumRequeues returns always 0 (doesn't apply to ItemBucketRateLimiter). +func (r *ItemBucketRateLimiter) NumRequeues(item interface{}) int { + return 0 +} + +// Forget removes item from the internal state. +func (r *ItemBucketRateLimiter) Forget(item interface{}) { + r.limitersLock.Lock() + defer r.limitersLock.Unlock() + + delete(r.limiters, item) +} + // ItemExponentialFailureRateLimiter does a simple baseDelay*2^ limit // dealing with max failures and expiration are up to the caller type ItemExponentialFailureRateLimiter struct { diff --git a/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go b/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go index eda5c10c27..be659416d8 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go @@ -119,7 +119,7 @@ func addTopology(pv *v1.PersistentVolume, topologyKey string, zones []string) er } } - zones = filteredZones.UnsortedList() + zones = filteredZones.List() if len(zones) < 1 { return errors.New("there are no valid zones to add to pv") } diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/BUILD.bazel b/vendor/k8s.io/kubernetes/test/e2e/framework/BUILD.bazel index df5a70e478..a5f958c924 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/BUILD.bazel +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/BUILD.bazel @@ -78,6 +78,7 @@ go_library( "//vendor/k8s.io/kubernetes/test/e2e/framework/metrics:go_default_library", "//vendor/k8s.io/kubernetes/test/e2e/framework/node:go_default_library", "//vendor/k8s.io/kubernetes/test/e2e/framework/pod:go_default_library", + "//vendor/k8s.io/kubernetes/test/e2e/framework/resource:go_default_library", "//vendor/k8s.io/kubernetes/test/e2e/framework/ssh:go_default_library", "//vendor/k8s.io/kubernetes/test/e2e/system:go_default_library", "//vendor/k8s.io/kubernetes/test/utils:go_default_library", diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/pod/BUILD.bazel b/vendor/k8s.io/kubernetes/test/e2e/framework/pod/BUILD.bazel index ebef3e5c4b..39fadbda91 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/pod/BUILD.bazel +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/pod/BUILD.bazel @@ -19,6 +19,7 @@ go_library( "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library", @@ -28,6 +29,7 @@ go_library( "//vendor/k8s.io/kubernetes/pkg/kubelet/types:go_default_library", "//vendor/k8s.io/kubernetes/pkg/kubelet/util/format:go_default_library", "//vendor/k8s.io/kubernetes/test/e2e/framework/log:go_default_library", + "//vendor/k8s.io/kubernetes/test/e2e/framework/resource:go_default_library", "//vendor/k8s.io/kubernetes/test/utils:go_default_library", "//vendor/k8s.io/kubernetes/test/utils/image:go_default_library", ], diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/pod/create.go b/vendor/k8s.io/kubernetes/test/e2e/framework/pod/create.go index d711fcab4f..2d3e9bf2e4 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/pod/create.go +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/pod/create.go @@ -33,21 +33,6 @@ var ( BusyBoxImage = imageutils.GetE2EImage(imageutils.BusyBox) ) -// Config is a struct containing all arguments for creating a pod. -// SELinux testing requires to pass HostIPC and HostPID as boolean arguments. -type Config struct { - NS string - PVCs []*v1.PersistentVolumeClaim - InlineVolumeSources []*v1.VolumeSource - IsPrivileged bool - Command string - HostIPC bool - HostPID bool - SeLinuxLabel *v1.SELinuxOptions - FsGroup *int64 - NodeSelection NodeSelection -} - // CreateUnschedulablePod with given claims based on node selector func CreateUnschedulablePod(client clientset.Interface, namespace string, nodeSelector map[string]string, pvclaims []*v1.PersistentVolumeClaim, isPrivileged bool, command string) (*v1.Pod, error) { pod := MakePod(namespace, nodeSelector, pvclaims, isPrivileged, command) @@ -94,29 +79,27 @@ func CreatePod(client clientset.Interface, namespace string, nodeSelector map[st } // CreateSecPod creates security pod with given claims -func CreateSecPod(client clientset.Interface, podConfig *Config, timeout time.Duration) (*v1.Pod, error) { - return CreateSecPodWithNodeSelection(client, podConfig, timeout) +func CreateSecPod(client clientset.Interface, namespace string, pvclaims []*v1.PersistentVolumeClaim, inlineVolumeSources []*v1.VolumeSource, isPrivileged bool, command string, hostIPC bool, hostPID bool, seLinuxLabel *v1.SELinuxOptions, fsGroup *int64, timeout time.Duration) (*v1.Pod, error) { + return CreateSecPodWithNodeSelection(client, namespace, pvclaims, inlineVolumeSources, isPrivileged, command, hostIPC, hostPID, seLinuxLabel, fsGroup, NodeSelection{}, timeout) } // CreateSecPodWithNodeSelection creates security pod with given claims -func CreateSecPodWithNodeSelection(client clientset.Interface, podConfig *Config, timeout time.Duration) (*v1.Pod, error) { - pod, err := MakeSecPod(podConfig) - if err != nil { - return nil, fmt.Errorf("Unable to create pod: %v", err) - } +func CreateSecPodWithNodeSelection(client clientset.Interface, namespace string, pvclaims []*v1.PersistentVolumeClaim, inlineVolumeSources []*v1.VolumeSource, isPrivileged bool, command string, hostIPC bool, hostPID bool, seLinuxLabel *v1.SELinuxOptions, fsGroup *int64, node NodeSelection, timeout time.Duration) (*v1.Pod, error) { + pod := MakeSecPod(namespace, pvclaims, inlineVolumeSources, isPrivileged, command, hostIPC, hostPID, seLinuxLabel, fsGroup) + SetNodeSelection(&pod.Spec, node) - pod, err = client.CoreV1().Pods(podConfig.NS).Create(context.TODO(), pod, metav1.CreateOptions{}) + pod, err := client.CoreV1().Pods(namespace).Create(context.TODO(), pod, metav1.CreateOptions{}) if err != nil { return nil, fmt.Errorf("pod Create API error: %v", err) } // Waiting for pod to be running - err = WaitTimeoutForPodRunningInNamespace(client, pod.Name, podConfig.NS, timeout) + err = WaitTimeoutForPodRunningInNamespace(client, pod.Name, namespace, timeout) if err != nil { return pod, fmt.Errorf("pod %q is not Running: %v", pod.Name, err) } // get fresh pod info - pod, err = client.CoreV1().Pods(podConfig.NS).Get(context.TODO(), pod.Name, metav1.GetOptions{}) + pod, err = client.CoreV1().Pods(namespace).Get(context.TODO(), pod.Name, metav1.GetOptions{}) if err != nil { return pod, fmt.Errorf("pod Get API error: %v", err) } @@ -170,16 +153,14 @@ func MakePod(ns string, nodeSelector map[string]string, pvclaims []*v1.Persisten // MakeSecPod returns a pod definition based on the namespace. The pod references the PVC's // name. A slice of BASH commands can be supplied as args to be run by the pod. -func MakeSecPod(podConfig *Config) (*v1.Pod, error) { - if podConfig.NS == "" { - return nil, fmt.Errorf("Cannot create pod with empty namespace") - } - if len(podConfig.Command) == 0 { - podConfig.Command = "trap exit TERM; while true; do sleep 1; done" +// SELinux testing requires to pass HostIPC and HostPID as booleansi arguments. +func MakeSecPod(ns string, pvclaims []*v1.PersistentVolumeClaim, inlineVolumeSources []*v1.VolumeSource, isPrivileged bool, command string, hostIPC bool, hostPID bool, seLinuxLabel *v1.SELinuxOptions, fsGroup *int64) *v1.Pod { + if len(command) == 0 { + command = "trap exit TERM; while true; do sleep 1; done" } podName := "security-context-" + string(uuid.NewUUID()) - if podConfig.FsGroup == nil { - podConfig.FsGroup = func(i int64) *int64 { + if fsGroup == nil { + fsGroup = func(i int64) *int64 { return &i }(1000) } @@ -190,22 +171,22 @@ func MakeSecPod(podConfig *Config) (*v1.Pod, error) { }, ObjectMeta: metav1.ObjectMeta{ Name: podName, - Namespace: podConfig.NS, + Namespace: ns, }, Spec: v1.PodSpec{ - HostIPC: podConfig.HostIPC, - HostPID: podConfig.HostPID, + HostIPC: hostIPC, + HostPID: hostPID, SecurityContext: &v1.PodSecurityContext{ - FSGroup: podConfig.FsGroup, + FSGroup: fsGroup, }, Containers: []v1.Container{ { Name: "write-pod", Image: imageutils.GetE2EImage(imageutils.BusyBox), Command: []string{"/bin/sh"}, - Args: []string{"-c", podConfig.Command}, + Args: []string{"-c", command}, SecurityContext: &v1.SecurityContext{ - Privileged: &podConfig.IsPrivileged, + Privileged: &isPrivileged, }, }, }, @@ -214,9 +195,9 @@ func MakeSecPod(podConfig *Config) (*v1.Pod, error) { } var volumeMounts = make([]v1.VolumeMount, 0) var volumeDevices = make([]v1.VolumeDevice, 0) - var volumes = make([]v1.Volume, len(podConfig.PVCs)+len(podConfig.InlineVolumeSources)) + var volumes = make([]v1.Volume, len(pvclaims)+len(inlineVolumeSources)) volumeIndex := 0 - for _, pvclaim := range podConfig.PVCs { + for _, pvclaim := range pvclaims { volumename := fmt.Sprintf("volume%v", volumeIndex+1) if pvclaim.Spec.VolumeMode != nil && *pvclaim.Spec.VolumeMode == v1.PersistentVolumeBlock { volumeDevices = append(volumeDevices, v1.VolumeDevice{Name: volumename, DevicePath: "/mnt/" + volumename}) @@ -227,7 +208,7 @@ func MakeSecPod(podConfig *Config) (*v1.Pod, error) { volumes[volumeIndex] = v1.Volume{Name: volumename, VolumeSource: v1.VolumeSource{PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ClaimName: pvclaim.Name, ReadOnly: false}}} volumeIndex++ } - for _, src := range podConfig.InlineVolumeSources { + for _, src := range inlineVolumeSources { volumename := fmt.Sprintf("volume%v", volumeIndex+1) // In-line volumes can be only filesystem, not block. volumeMounts = append(volumeMounts, v1.VolumeMount{Name: volumename, MountPath: "/mnt/" + volumename}) @@ -238,8 +219,6 @@ func MakeSecPod(podConfig *Config) (*v1.Pod, error) { podSpec.Spec.Containers[0].VolumeMounts = volumeMounts podSpec.Spec.Containers[0].VolumeDevices = volumeDevices podSpec.Spec.Volumes = volumes - podSpec.Spec.SecurityContext.SELinuxOptions = podConfig.SeLinuxLabel - - SetNodeSelection(&podSpec.Spec, podConfig.NodeSelection) - return podSpec, nil + podSpec.Spec.SecurityContext.SELinuxOptions = seLinuxLabel + return podSpec } diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/pod/wait.go b/vendor/k8s.io/kubernetes/test/e2e/framework/pod/wait.go index 9c2a0187d7..4d0053be87 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/pod/wait.go +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/pod/wait.go @@ -31,11 +31,13 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/kubernetes/pkg/kubelet/util/format" e2elog "k8s.io/kubernetes/test/e2e/framework/log" + e2eresource "k8s.io/kubernetes/test/e2e/framework/resource" testutils "k8s.io/kubernetes/test/utils" ) @@ -426,6 +428,40 @@ func PodsResponding(c clientset.Interface, ns, name string, wantName bool, pods return wait.PollImmediate(poll, podRespondingTimeout, NewProxyResponseChecker(c, ns, label, name, wantName, pods).CheckAllResponses) } +// WaitForControlledPodsRunning waits up to 10 minutes for pods to become Running. +func WaitForControlledPodsRunning(c clientset.Interface, ns, name string, kind schema.GroupKind) error { + rtObject, err := e2eresource.GetRuntimeObjectForKind(c, kind, ns, name) + if err != nil { + return err + } + selector, err := e2eresource.GetSelectorFromRuntimeObject(rtObject) + if err != nil { + return err + } + replicas, err := e2eresource.GetReplicasFromRuntimeObject(rtObject) + if err != nil { + return err + } + err = testutils.WaitForEnoughPodsWithLabelRunning(c, ns, selector, int(replicas)) + if err != nil { + return fmt.Errorf("Error while waiting for replication controller %s pods to be running: %v", name, err) + } + return nil +} + +// WaitForControlledPods waits up to podListTimeout for getting pods of the specified controller name and return them. +func WaitForControlledPods(c clientset.Interface, ns, name string, kind schema.GroupKind) (pods *v1.PodList, err error) { + rtObject, err := e2eresource.GetRuntimeObjectForKind(c, kind, ns, name) + if err != nil { + return nil, err + } + selector, err := e2eresource.GetSelectorFromRuntimeObject(rtObject) + if err != nil { + return nil, err + } + return WaitForPodsWithLabel(c, ns, selector) +} + // WaitForPodsWithLabelScheduled waits for all matching pods to become scheduled and at least one // matching pod exists. Return the list of matching pods. func WaitForPodsWithLabelScheduled(c clientset.Interface, ns string, label labels.Selector) (pods *v1.PodList, err error) { diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/resource/BUILD.bazel b/vendor/k8s.io/kubernetes/test/e2e/framework/resource/BUILD.bazel new file mode 100644 index 0000000000..9f69693c1f --- /dev/null +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/resource/BUILD.bazel @@ -0,0 +1,20 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["runtimeobj.go"], + importmap = "sigs.k8s.io/cloud-provider-azure/vendor/k8s.io/kubernetes/test/e2e/framework/resource", + importpath = "k8s.io/kubernetes/test/e2e/framework/resource", + visibility = ["//visibility:public"], + deps = [ + "//vendor/k8s.io/api/apps/v1:go_default_library", + "//vendor/k8s.io/api/batch/v1:go_default_library", + "//vendor/k8s.io/api/core/v1:go_default_library", + "//vendor/k8s.io/api/extensions/v1beta1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/k8s.io/client-go/kubernetes:go_default_library", + ], +) diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/resource/runtimeobj.go b/vendor/k8s.io/kubernetes/test/e2e/framework/resource/runtimeobj.go new file mode 100644 index 0000000000..4d498eb31f --- /dev/null +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/resource/runtimeobj.go @@ -0,0 +1,130 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package resource + +import ( + "context" + "fmt" + + appsv1 "k8s.io/api/apps/v1" + batchv1 "k8s.io/api/batch/v1" + v1 "k8s.io/api/core/v1" + extensionsv1beta1 "k8s.io/api/extensions/v1beta1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + clientset "k8s.io/client-go/kubernetes" +) + +var ( + kindReplicationController = schema.GroupKind{Kind: "ReplicationController"} + kindExtensionsReplicaSet = schema.GroupKind{Group: "extensions", Kind: "ReplicaSet"} + kindAppsReplicaSet = schema.GroupKind{Group: "apps", Kind: "ReplicaSet"} + kindExtensionsDeployment = schema.GroupKind{Group: "extensions", Kind: "Deployment"} + kindAppsDeployment = schema.GroupKind{Group: "apps", Kind: "Deployment"} + kindExtensionsDaemonSet = schema.GroupKind{Group: "extensions", Kind: "DaemonSet"} + kindBatchJob = schema.GroupKind{Group: "batch", Kind: "Job"} +) + +// GetRuntimeObjectForKind returns a runtime.Object based on its GroupKind, +// namespace and name. +func GetRuntimeObjectForKind(c clientset.Interface, kind schema.GroupKind, ns, name string) (runtime.Object, error) { + switch kind { + case kindReplicationController: + return c.CoreV1().ReplicationControllers(ns).Get(context.TODO(), name, metav1.GetOptions{}) + case kindExtensionsReplicaSet, kindAppsReplicaSet: + return c.AppsV1().ReplicaSets(ns).Get(context.TODO(), name, metav1.GetOptions{}) + case kindExtensionsDeployment, kindAppsDeployment: + return c.AppsV1().Deployments(ns).Get(context.TODO(), name, metav1.GetOptions{}) + case kindExtensionsDaemonSet: + return c.AppsV1().DaemonSets(ns).Get(context.TODO(), name, metav1.GetOptions{}) + case kindBatchJob: + return c.BatchV1().Jobs(ns).Get(context.TODO(), name, metav1.GetOptions{}) + default: + return nil, fmt.Errorf("Unsupported kind when getting runtime object: %v", kind) + } +} + +// GetSelectorFromRuntimeObject returns the labels for the given object. +func GetSelectorFromRuntimeObject(obj runtime.Object) (labels.Selector, error) { + switch typed := obj.(type) { + case *v1.ReplicationController: + return labels.SelectorFromSet(typed.Spec.Selector), nil + case *extensionsv1beta1.ReplicaSet: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + case *appsv1.ReplicaSet: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + case *extensionsv1beta1.Deployment: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + case *appsv1.Deployment: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + case *extensionsv1beta1.DaemonSet: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + case *appsv1.DaemonSet: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + case *batchv1.Job: + return metav1.LabelSelectorAsSelector(typed.Spec.Selector) + default: + return nil, fmt.Errorf("Unsupported kind when getting selector: %v", obj) + } +} + +// GetReplicasFromRuntimeObject returns the number of replicas for the given +// object. +func GetReplicasFromRuntimeObject(obj runtime.Object) (int32, error) { + switch typed := obj.(type) { + case *v1.ReplicationController: + if typed.Spec.Replicas != nil { + return *typed.Spec.Replicas, nil + } + return 0, nil + case *extensionsv1beta1.ReplicaSet: + if typed.Spec.Replicas != nil { + return *typed.Spec.Replicas, nil + } + return 0, nil + case *appsv1.ReplicaSet: + if typed.Spec.Replicas != nil { + return *typed.Spec.Replicas, nil + } + return 0, nil + case *extensionsv1beta1.Deployment: + if typed.Spec.Replicas != nil { + return *typed.Spec.Replicas, nil + } + return 0, nil + case *appsv1.Deployment: + if typed.Spec.Replicas != nil { + return *typed.Spec.Replicas, nil + } + return 0, nil + case *extensionsv1beta1.DaemonSet: + return 0, nil + case *appsv1.DaemonSet: + return 0, nil + case *batchv1.Job: + // TODO: currently we use pause pods so that's OK. When we'll want to switch to Pods + // that actually finish we need a better way to do this. + if typed.Spec.Parallelism != nil { + return *typed.Spec.Parallelism, nil + } + return 0, nil + default: + return -1, fmt.Errorf("Unsupported kind when getting number of replicas: %v", obj) + } +} diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/test_context.go b/vendor/k8s.io/kubernetes/test/e2e/framework/test_context.go index 496821f83c..90dab94f95 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/test_context.go +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/test_context.go @@ -173,9 +173,6 @@ type TestContextType struct { // SpecSummaryOutput is the file to write ginkgo.SpecSummary objects to as tests complete. Useful for debugging and test introspection. SpecSummaryOutput string - - // DockerConfigFile is a file that contains credentials which can be used to pull images from certain private registries, needed for a test. - DockerConfigFile string } // NodeKillerConfig describes configuration of NodeKiller -- a utility to @@ -305,7 +302,6 @@ func RegisterCommonFlags(flags *flag.FlagSet) { flags.StringVar(&TestContext.ProgressReportURL, "progress-report-url", "", "The URL to POST progress updates to as the suite runs to assist in aiding integrations. If empty, no messages sent.") flags.StringVar(&TestContext.SpecSummaryOutput, "spec-dump", "", "The file to dump all ginkgo.SpecSummary to after tests run. If empty, no objects are saved/printed.") - flags.StringVar(&TestContext.DockerConfigFile, "docker-config-file", "", "A file that contains credentials which can be used to pull images from certain private registries, needed for a test.") } // RegisterClusterFlags registers flags specific to the cluster e2e test suite. diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/util.go b/vendor/k8s.io/kubernetes/test/e2e/framework/util.go index 98ce75893d..2ba9a59526 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/util.go +++ b/vendor/k8s.io/kubernetes/test/e2e/framework/util.go @@ -52,6 +52,7 @@ import ( "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/uuid" "k8s.io/apimachinery/pkg/util/wait" @@ -60,6 +61,7 @@ import ( "k8s.io/client-go/kubernetes/scheme" "k8s.io/client-go/rest" restclient "k8s.io/client-go/rest" + scaleclient "k8s.io/client-go/scale" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" watchtools "k8s.io/client-go/tools/watch" @@ -77,6 +79,7 @@ import ( e2emetrics "k8s.io/kubernetes/test/e2e/framework/metrics" e2enode "k8s.io/kubernetes/test/e2e/framework/node" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" + e2eresource "k8s.io/kubernetes/test/e2e/framework/resource" e2essh "k8s.io/kubernetes/test/e2e/framework/ssh" ) @@ -143,6 +146,10 @@ const ( // SnapshotCreateTimeout is how long for snapshot to create snapshotContent. SnapshotCreateTimeout = 5 * time.Minute + // Number of objects that gc can delete in a second. + // GC issues 2 requestes for single delete. + gcThroughput = 10 + // Minimal number of nodes for the cluster to be considered large. largeClusterThreshold = 100 @@ -1126,6 +1133,139 @@ func NodeHasTaint(c clientset.Interface, nodeName string, taint *v1.Taint) (bool return true, nil } +// ScaleResource scales resource to the given size. +func ScaleResource( + clientset clientset.Interface, + scalesGetter scaleclient.ScalesGetter, + ns, name string, + size uint, + wait bool, + kind schema.GroupKind, + gvr schema.GroupVersionResource, +) error { + ginkgo.By(fmt.Sprintf("Scaling %v %s in namespace %s to %d", kind, name, ns, size)) + if err := testutils.ScaleResourceWithRetries(scalesGetter, ns, name, size, gvr); err != nil { + return fmt.Errorf("error while scaling RC %s to %d replicas: %v", name, size, err) + } + if !wait { + return nil + } + return e2epod.WaitForControlledPodsRunning(clientset, ns, name, kind) +} + +// DeleteResourceAndWaitForGC deletes only given resource and waits for GC to delete the pods. +func DeleteResourceAndWaitForGC(c clientset.Interface, kind schema.GroupKind, ns, name string) error { + ginkgo.By(fmt.Sprintf("deleting %v %s in namespace %s, will wait for the garbage collector to delete the pods", kind, name, ns)) + + rtObject, err := e2eresource.GetRuntimeObjectForKind(c, kind, ns, name) + if err != nil { + if apierrors.IsNotFound(err) { + Logf("%v %s not found: %v", kind, name, err) + return nil + } + return err + } + selector, err := e2eresource.GetSelectorFromRuntimeObject(rtObject) + if err != nil { + return err + } + replicas, err := e2eresource.GetReplicasFromRuntimeObject(rtObject) + if err != nil { + return err + } + + ps, err := testutils.NewPodStore(c, ns, selector, fields.Everything()) + if err != nil { + return err + } + + defer ps.Stop() + falseVar := false + deleteOption := metav1.DeleteOptions{OrphanDependents: &falseVar} + startTime := time.Now() + if err := testutils.DeleteResourceWithRetries(c, kind, ns, name, deleteOption); err != nil { + return err + } + deleteTime := time.Since(startTime) + Logf("Deleting %v %s took: %v", kind, name, deleteTime) + + var interval, timeout time.Duration + switch { + case replicas < 100: + interval = 100 * time.Millisecond + case replicas < 1000: + interval = 1 * time.Second + default: + interval = 10 * time.Second + } + if replicas < 5000 { + timeout = 10 * time.Minute + } else { + timeout = time.Duration(replicas/gcThroughput) * time.Second + // gcThroughput is pretty strict now, add a bit more to it + timeout = timeout + 3*time.Minute + } + + err = waitForPodsInactive(ps, interval, timeout) + if err != nil { + return fmt.Errorf("error while waiting for pods to become inactive %s: %v", name, err) + } + terminatePodTime := time.Since(startTime) - deleteTime + Logf("Terminating %v %s pods took: %v", kind, name, terminatePodTime) + + // In gce, at any point, small percentage of nodes can disappear for + // ~10 minutes due to hostError. 20 minutes should be long enough to + // restart VM in that case and delete the pod. + err = waitForPodsGone(ps, interval, 20*time.Minute) + if err != nil { + return fmt.Errorf("error while waiting for pods gone %s: %v", name, err) + } + return nil +} + +// waitForPodsGone waits until there are no pods left in the PodStore. +func waitForPodsGone(ps *testutils.PodStore, interval, timeout time.Duration) error { + var pods []*v1.Pod + err := wait.PollImmediate(interval, timeout, func() (bool, error) { + if pods = ps.List(); len(pods) == 0 { + return true, nil + } + return false, nil + }) + + if err == wait.ErrWaitTimeout { + for _, pod := range pods { + Logf("ERROR: Pod %q still exists. Node: %q", pod.Name, pod.Spec.NodeName) + } + return fmt.Errorf("there are %d pods left. E.g. %q on node %q", len(pods), pods[0].Name, pods[0].Spec.NodeName) + } + return err +} + +// waitForPodsInactive waits until there are no active pods left in the PodStore. +// This is to make a fair comparison of deletion time between DeleteRCAndPods +// and DeleteRCAndWaitForGC, because the RC controller decreases status.replicas +// when the pod is inactvie. +func waitForPodsInactive(ps *testutils.PodStore, interval, timeout time.Duration) error { + var activePods []*v1.Pod + err := wait.PollImmediate(interval, timeout, func() (bool, error) { + pods := ps.List() + activePods = controller.FilterActivePods(pods) + if len(activePods) != 0 { + return false, nil + } + return true, nil + }) + + if err == wait.ErrWaitTimeout { + for _, pod := range activePods { + Logf("ERROR: Pod %q running on %q is still active", pod.Name, pod.Spec.NodeName) + } + return fmt.Errorf("there are %d active pods. E.g. %q on node %q", len(activePods), activePods[0].Name, activePods[0].Spec.NodeName) + } + return err +} + // RunHostCmd runs the given cmd in the context of the given pod using `kubectl exec` // inside of a shell. func RunHostCmd(ns, name, cmd string) (string, error) { diff --git a/vendor/k8s.io/legacy-cloud-providers/azure/azure_vmss.go b/vendor/k8s.io/legacy-cloud-providers/azure/azure_vmss.go index bd32e086fd..b607ae0f73 100644 --- a/vendor/k8s.io/legacy-cloud-providers/azure/azure_vmss.go +++ b/vendor/k8s.io/legacy-cloud-providers/azure/azure_vmss.go @@ -917,6 +917,7 @@ func getVmssAndResourceGroupNameByVMProviderID(providerID string) (string, strin } func (ss *scaleSet) ensureVMSSInPool(service *v1.Service, nodes []*v1.Node, backendPoolID string, vmSetName string) error { + klog.V(2).Infof("ensureVMSSInPool: ensuring VMSS with backendPoolID %s", backendPoolID) vmssNamesMap := make(map[string]bool) // the standard load balancer supports multiple vmss in its backend while the basic sku doesn't @@ -926,7 +927,7 @@ func (ss *scaleSet) ensureVMSSInPool(service *v1.Service, nodes []*v1.Node, back continue } // in this scenario the vmSetName is an empty string and the name of vmss should be obtained from the provider IDs of nodes - vmssName, resourceGroupName, err := getVmssAndResourceGroupNameByVMProviderID(node.Spec.ProviderID) + resourceGroupName, vmssName, err := getVmssAndResourceGroupNameByVMProviderID(node.Spec.ProviderID) if err != nil { klog.V(4).Infof("ensureVMSSInPool: found VMAS node %s, will skip checking and continue", node.Name) continue @@ -940,6 +941,7 @@ func (ss *scaleSet) ensureVMSSInPool(service *v1.Service, nodes []*v1.Node, back vmssNamesMap[vmSetName] = true } + klog.V(2).Infof("ensureVMSSInPool begins to update VMSS %v with backendPoolID %s", vmssNamesMap, backendPoolID) for vmssName := range vmssNamesMap { vmss, err := ss.getVMSS(vmssName, azcache.CacheReadTypeDefault) if err != nil {