From 41267d26fc4d1403dac23c6d3bd854502e40146c Mon Sep 17 00:00:00 2001 From: Matt Moore Date: Fri, 19 Jun 2020 14:06:54 -0700 Subject: [PATCH 1/2] Enable webhook leader election. This also directs e2e tests to enable this and use 10 buckets. This also changes the e2e test configuration so that all of our tests are run with leaderelection enabled. Fixes: https://github.com/knative/serving/issues/8139 --- config/core/configmaps/leader-election.yaml | 4 +- go.mod | 4 +- go.sum | 4 + .../autoscaling/v1alpha1/metric/reconciler.go | 5 +- .../v1alpha1/podautoscaler/reconciler.go | 5 +- .../serving/v1/configuration/reconciler.go | 5 +- .../serving/v1/revision/reconciler.go | 5 +- .../reconciler/serving/v1/route/reconciler.go | 5 +- .../serving/v1/service/reconciler.go | 5 +- pkg/leaderelection/config.go | 4 +- pkg/leaderelection/config_test.go | 2 +- test/e2e-tests.sh | 73 ++++++++++--------- .../customresourcedefinition.go | 10 +-- .../mutatingwebhookconfiguration.go | 10 +-- .../validatingwebhookconfiguration.go | 10 +-- .../core/v1/namespace/reconciler.go | 5 +- .../generators/reconciler_reconciler.go | 5 +- vendor/knative.dev/pkg/hack/update-codegen.sh | 4 +- .../pkg/injection/sharedmain/main.go | 13 +++- .../webhook/apicoverage_recorder.go | 12 +-- vendor/knative.dev/pkg/webhook/admission.go | 12 +-- .../pkg/webhook/certificates/certificates.go | 26 ++++--- .../pkg/webhook/certificates/controller.go | 21 +++++- .../pkg/webhook/configmaps/configmaps.go | 43 ++++++----- .../pkg/webhook/configmaps/controller.go | 21 ++++-- vendor/knative.dev/pkg/webhook/conversion.go | 8 +- .../conversion/controller.go | 17 ++++- .../conversion/conversion.go | 8 +- .../conversion/reconciler.go | 26 +++++-- .../defaulting/controller.go | 18 ++++- .../defaulting/defaulting.go | 47 +++++++----- .../validation/controller.go | 18 ++++- .../validation/reconcile_config.go | 33 ++++++--- .../validation/validation_admit.go | 24 +++--- .../knative.dev/pkg/webhook/stats_reporter.go | 6 +- vendor/knative.dev/pkg/webhook/webhook.go | 12 +-- vendor/modules.txt | 10 +-- 37 files changed, 337 insertions(+), 203 deletions(-) rename vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/{v1beta1 => v1}/customresourcedefinition/customresourcedefinition.go (78%) rename vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/{v1beta1 => v1}/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go (79%) rename vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/{v1beta1 => v1}/validatingwebhookconfiguration/validatingwebhookconfiguration.go (79%) diff --git a/config/core/configmaps/leader-election.yaml b/config/core/configmaps/leader-election.yaml index 44960389cbd9..2ce6adbf939c 100644 --- a/config/core/configmaps/leader-election.yaml +++ b/config/core/configmaps/leader-election.yaml @@ -20,7 +20,7 @@ metadata: labels: serving.knative.dev/release: devel annotations: - knative.dev/example-checksum: ecc94014 + knative.dev/example-checksum: 2a1bda27 data: _example: | ################################ @@ -63,4 +63,4 @@ data: # - certcontroller # - istiocontroller # - nscontroller - enabledComponents: "controller,hpaautoscaler,certcontroller,istiocontroller,nscontroller" + enabledComponents: "controller,hpaautoscaler,certcontroller,istiocontroller,nscontroller,webhook" diff --git a/go.mod b/go.mod index d7fbf11c4fa7..d5111034b206 100644 --- a/go.mod +++ b/go.mod @@ -39,8 +39,8 @@ require ( k8s.io/kube-openapi v0.0.0-20200410145947-bcb3869e6f29 knative.dev/caching v0.0.0-20200606210318-787aec80f71c knative.dev/networking v0.0.0-20200619041525-1faac2ec5d38 - knative.dev/pkg v0.0.0-20200619020725-7df8fc5d7743 - knative.dev/test-infra v0.0.0-20200618184825-a7b2980a8884 + knative.dev/pkg v0.0.0-20200619182625-b6a13e2894ee + knative.dev/test-infra v0.0.0-20200619200026-0b0587234302 ) replace ( diff --git a/go.sum b/go.sum index 9cb46129132c..f03154251af0 100644 --- a/go.sum +++ b/go.sum @@ -1398,6 +1398,8 @@ knative.dev/pkg v0.0.0-20200611204322-2ddcfef739a2/go.mod h1:rA+FklsrVahwF4a+D63 knative.dev/pkg v0.0.0-20200618002824-96c250871fac/go.mod h1:4ty6MSlNjZk5qBaGb3Gt4gopjMD4gRknfTABblcFpQ8= knative.dev/pkg v0.0.0-20200619020725-7df8fc5d7743 h1:W1NKMizoXYYX5e2mkFXnn21T7X6ROKKwL8YetGu7xCQ= knative.dev/pkg v0.0.0-20200619020725-7df8fc5d7743/go.mod h1:DquzK0hsLDcg2q63Sn+CngAyRwv4cKMpt5F19YzBfb0= +knative.dev/pkg v0.0.0-20200619182625-b6a13e2894ee h1:nudgQQo72NJuzaB4gBHE7Vm2BJVBTmpRt7M2psgvKxY= +knative.dev/pkg v0.0.0-20200619182625-b6a13e2894ee/go.mod h1:DquzK0hsLDcg2q63Sn+CngAyRwv4cKMpt5F19YzBfb0= knative.dev/sample-controller v0.0.0-20200510050845-bf7c19498b7e/go.mod h1:D2ZDLrR9Dq9LiiVN7TatzI7WMcEPgk1MHbbhgBKE6W8= knative.dev/test-infra v0.0.0-20200407185800-1b88cb3b45a5/go.mod h1:xcdUkMJrLlBswIZqL5zCuBFOC22WIPMQoVX1L35i0vQ= knative.dev/test-infra v0.0.0-20200505052144-5ea2f705bb55/go.mod h1:WqF1Azka+FxPZ20keR2zCNtiQA1MP9ZB4BH4HuI+SIU= @@ -1412,6 +1414,8 @@ knative.dev/test-infra v0.0.0-20200615231324-3a016f44102c/go.mod h1:+BfrTJpc++rH knative.dev/test-infra v0.0.0-20200617235125-6382dba95484/go.mod h1:+BfrTJpc++rH30gX/C0QY6NT2eYVzycll52uw6CrQnc= knative.dev/test-infra v0.0.0-20200618184825-a7b2980a8884 h1:qGxu/U/8VxhAuyFedrrne4s0vfY+YfoRwJJCY0AKpbw= knative.dev/test-infra v0.0.0-20200618184825-a7b2980a8884/go.mod h1:qeiTuhDKO/HHheqVfepbxy5/q+O9toSJW6CO/DgjxFY= +knative.dev/test-infra v0.0.0-20200619200026-0b0587234302 h1:nGw173QprRCSZab6KT4uSj0GTp3WNRo0nfk9Lpo3F1I= +knative.dev/test-infra v0.0.0-20200619200026-0b0587234302/go.mod h1:H8QEB2Y35+vAuVtDbn7QBD+NQr9zQbbxNiovCLNH7F4= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= diff --git a/pkg/client/injection/reconciler/autoscaling/v1alpha1/metric/reconciler.go b/pkg/client/injection/reconciler/autoscaling/v1alpha1/metric/reconciler.go index 128d4be54807..3a0cf28f9533 100644 --- a/pkg/client/injection/reconciler/autoscaling/v1alpha1/metric/reconciler.go +++ b/pkg/client/injection/reconciler/autoscaling/v1alpha1/metric/reconciler.go @@ -21,6 +21,7 @@ package metric import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -161,7 +162,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } reconciler.PreProcessReconcile(ctx, resource) @@ -180,7 +181,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/pkg/client/injection/reconciler/autoscaling/v1alpha1/podautoscaler/reconciler.go b/pkg/client/injection/reconciler/autoscaling/v1alpha1/podautoscaler/reconciler.go index 2ad618ce82f7..beeb71b4ccc2 100644 --- a/pkg/client/injection/reconciler/autoscaling/v1alpha1/podautoscaler/reconciler.go +++ b/pkg/client/injection/reconciler/autoscaling/v1alpha1/podautoscaler/reconciler.go @@ -21,6 +21,7 @@ package podautoscaler import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -172,7 +173,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } reconciler.PreProcessReconcile(ctx, resource) @@ -191,7 +192,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/pkg/client/injection/reconciler/serving/v1/configuration/reconciler.go b/pkg/client/injection/reconciler/serving/v1/configuration/reconciler.go index 05870e9103ec..87e3c10ce058 100644 --- a/pkg/client/injection/reconciler/serving/v1/configuration/reconciler.go +++ b/pkg/client/injection/reconciler/serving/v1/configuration/reconciler.go @@ -21,6 +21,7 @@ package configuration import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -161,7 +162,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } reconciler.PreProcessReconcile(ctx, resource) @@ -180,7 +181,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/pkg/client/injection/reconciler/serving/v1/revision/reconciler.go b/pkg/client/injection/reconciler/serving/v1/revision/reconciler.go index 7c66c01cbd73..ffb3afee9919 100644 --- a/pkg/client/injection/reconciler/serving/v1/revision/reconciler.go +++ b/pkg/client/injection/reconciler/serving/v1/revision/reconciler.go @@ -21,6 +21,7 @@ package revision import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -161,7 +162,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } reconciler.PreProcessReconcile(ctx, resource) @@ -180,7 +181,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/pkg/client/injection/reconciler/serving/v1/route/reconciler.go b/pkg/client/injection/reconciler/serving/v1/route/reconciler.go index 292ebb0bcac1..6ee7cbb40180 100644 --- a/pkg/client/injection/reconciler/serving/v1/route/reconciler.go +++ b/pkg/client/injection/reconciler/serving/v1/route/reconciler.go @@ -21,6 +21,7 @@ package route import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -161,7 +162,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } reconciler.PreProcessReconcile(ctx, resource) @@ -180,7 +181,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/pkg/client/injection/reconciler/serving/v1/service/reconciler.go b/pkg/client/injection/reconciler/serving/v1/service/reconciler.go index 3483b8827b8a..d56e8e94a5ee 100644 --- a/pkg/client/injection/reconciler/serving/v1/service/reconciler.go +++ b/pkg/client/injection/reconciler/serving/v1/service/reconciler.go @@ -21,6 +21,7 @@ package service import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -161,7 +162,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } reconciler.PreProcessReconcile(ctx, resource) @@ -180,7 +181,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/pkg/leaderelection/config.go b/pkg/leaderelection/config.go index f15049d253e4..696e15260681 100644 --- a/pkg/leaderelection/config.go +++ b/pkg/leaderelection/config.go @@ -30,7 +30,9 @@ var ( "hpaautoscaler", "certcontroller", "istiocontroller", - "nscontroller") + "nscontroller", + "webhook", + ) ) // ValidateConfig enriches the leader election config validation diff --git a/pkg/leaderelection/config_test.go b/pkg/leaderelection/config_test.go index 141cc5c315e0..52d0fdb5b19b 100644 --- a/pkg/leaderelection/config_test.go +++ b/pkg/leaderelection/config_test.go @@ -79,7 +79,7 @@ func TestValidateConfig(t *testing.T) { data["enabledComponents"] = "controller,frobulator" return data }(), - err: errors.New(`invalid enabledComponent "frobulator": valid values are ["certcontroller" "controller" "hpaautoscaler" "istiocontroller" "nscontroller"]`), + err: errors.New(`invalid enabledComponent "frobulator": valid values are ["certcontroller" "controller" "hpaautoscaler" "istiocontroller" "nscontroller" "webhook"]`), }} for _, tc := range cases { diff --git a/test/e2e-tests.sh b/test/e2e-tests.sh index b8228b4f6638..6230fa9a9999 100755 --- a/test/e2e-tests.sh +++ b/test/e2e-tests.sh @@ -83,9 +83,47 @@ if (( HTTPS )); then fi # Enable allow-zero-initial-scale before running e2e tests (for test/e2e/initial_scale_test.go) -kubectl -n ${SYSTEM_NAMESPACE} patch configmap/config-autoscaler --type=merge --patch='{"data":{"allow-zero-initial-scale":"true"}}' +kubectl -n ${SYSTEM_NAMESPACE} patch configmap/config-autoscaler --type=merge --patch='{"data":{"allow-zero-initial-scale":"true"}}' || failed=1 add_trap "kubectl -n ${SYSTEM_NAMESPACE} patch configmap/config-autoscaler --type=merge --patch='{\"data\":{\"allow-zero-initial-scale\":\"false\"}}'" SIGKILL SIGTERM SIGQUIT +kubectl -n "${SYSTEM_NAMESPACE}" patch configmap/config-leader-election --type=merge \ + --patch='{"data":{"enabledComponents":"controller,hpaautoscaler,webhook", "buckets": "10"}}' || failed=1 +add_trap "kubectl get cm config-leader-election -n ${SYSTEM_NAMESPACE} -oyaml | sed '/.*enabledComponents.*/d' | kubectl replace -f -" SIGKILL SIGTERM SIGQUIT + +# Save activator HPA original values for later use. +min_replicas=$(kubectl get hpa activator -n "${SYSTEM_NAMESPACE}" -ojsonpath='{.spec.minReplicas}') +max_replicas=$(kubectl get hpa activator -n "${SYSTEM_NAMESPACE}" -ojsonpath='{.spec.maxReplicas}') +hpa_template='{"spec": {"maxReplicas": %s, "minReplicas": %s}}' + +kubectl patch hpa activator -n "${SYSTEM_NAMESPACE}" \ + --type "merge" \ + --patch "$(printf "$hpa_template" "2" "2")" || failed=1 +add_trap "kubectl patch hpa activator -n ${SYSTEM_NAMESPACE} \ + --type 'merge' \ + --patch $(printf "$hpa_template" "$max_replicas" "$min_replicas")" SIGKILL SIGTERM SIGQUIT + +for deployment in controller autoscaler-hpa webhook; do + # Make sure all pods run in leader-elected mode. + kubectl -n "${SYSTEM_NAMESPACE}" scale deployment "$deployment" --replicas=0 || failed=1 + # Give it time to kill the pods. + sleep 5 + # Scale up components for HA tests + kubectl -n "${SYSTEM_NAMESPACE}" scale deployment "$deployment" --replicas=2 || failed=1 +done +add_trap "for deployment in controller autoscaler-hpa webhook; do \ + kubectl -n ${SYSTEM_NAMESPACE} scale deployment $deployment --replicas=0; \ + kubectl -n ${SYSTEM_NAMESPACE} scale deployment $deployment --replicas=1; done" SIGKILL SIGTERM SIGQUIT + +# Wait for a new leader Controller to prevent race conditions during service reconciliation +wait_for_leader_controller || failed=1 + +# Dump the leases post-setup. +header "Leaders" +kubectl get lease -n "${SYSTEM_NAMESPACE}" + +# Give the controller time to sync with the rest of the system components. +sleep 30 + # Run conformance and e2e tests. go_test_e2e -timeout=30m \ @@ -105,7 +143,6 @@ if (( HTTPS )); then turn_off_auto_tls fi - # Certificate conformance tests must be run separately # because they need cert-manager specific configurations. kubectl apply -f ${TMP_DIR}/test/config/autotls/certmanager/selfsigned/ @@ -130,38 +167,6 @@ if [[ -n "${ISTIO_VERSION}" ]]; then fi # Run HA tests separately as they're stopping core Knative Serving pods -kubectl -n "${SYSTEM_NAMESPACE}" patch configmap/config-leader-election --type=merge \ - --patch='{"data":{"enabledComponents":"controller,hpaautoscaler"}}' -add_trap "kubectl get cm config-leader-election -n ${SYSTEM_NAMESPACE} -oyaml | sed '/.*enabledComponents.*/d' | kubectl replace -f -" SIGKILL SIGTERM SIGQUIT - -# Save activator HPA original values for later use. -min_replicas=$(kubectl get hpa activator -n "${SYSTEM_NAMESPACE}" -ojsonpath='{.spec.minReplicas}') -max_replicas=$(kubectl get hpa activator -n "${SYSTEM_NAMESPACE}" -ojsonpath='{.spec.maxReplicas}') -hpa_template='{"spec": {"maxReplicas": %s, "minReplicas": %s}}' - -kubectl patch hpa activator -n "${SYSTEM_NAMESPACE}" \ - --type "merge" \ - --patch "$(printf "$hpa_template" "2" "2")" -add_trap "kubectl patch hpa activator -n ${SYSTEM_NAMESPACE} \ - --type 'merge' \ - --patch $(printf "$hpa_template" "$max_replicas" "$min_replicas")" SIGKILL SIGTERM SIGQUIT - -for deployment in controller autoscaler-hpa; do - # Make sure all pods run in leader-elected mode. - kubectl -n "${SYSTEM_NAMESPACE}" scale deployment "$deployment" --replicas=0 - # Scale up components for HA tests - kubectl -n "${SYSTEM_NAMESPACE}" scale deployment "$deployment" --replicas=2 -done -add_trap "for deployment in controller autoscaler-hpa; do \ - kubectl -n ${SYSTEM_NAMESPACE} scale deployment $deployment --replicas=0; \ - kubectl -n ${SYSTEM_NAMESPACE} scale deployment $deployment --replicas=1; done" SIGKILL SIGTERM SIGQUIT - -# Wait for a new leader Controller to prevent race conditions during service reconciliation -wait_for_leader_controller || failed=1 - -# Give the controller time to sync with the rest of the system components. -sleep 30 - # Define short -spoofinterval to ensure frequent probing while stopping pods go_test_e2e -timeout=15m -failfast -parallel=1 ./test/ha -spoofinterval="10ms" || failed=1 diff --git a/vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1beta1/customresourcedefinition/customresourcedefinition.go b/vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1/customresourcedefinition/customresourcedefinition.go similarity index 78% rename from vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1beta1/customresourcedefinition/customresourcedefinition.go rename to vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1/customresourcedefinition/customresourcedefinition.go index b8835ae56fc2..9c7757d3e467 100644 --- a/vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1beta1/customresourcedefinition/customresourcedefinition.go +++ b/vendor/knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1/customresourcedefinition/customresourcedefinition.go @@ -21,7 +21,7 @@ package customresourcedefinition import ( context "context" - v1beta1 "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1" + v1 "k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1" factory "knative.dev/pkg/client/injection/apiextensions/informers/factory" controller "knative.dev/pkg/controller" injection "knative.dev/pkg/injection" @@ -37,16 +37,16 @@ type Key struct{} func withInformer(ctx context.Context) (context.Context, controller.Informer) { f := factory.Get(ctx) - inf := f.Apiextensions().V1beta1().CustomResourceDefinitions() + inf := f.Apiextensions().V1().CustomResourceDefinitions() return context.WithValue(ctx, Key{}, inf), inf.Informer() } // Get extracts the typed informer from the context. -func Get(ctx context.Context) v1beta1.CustomResourceDefinitionInformer { +func Get(ctx context.Context) v1.CustomResourceDefinitionInformer { untyped := ctx.Value(Key{}) if untyped == nil { logging.FromContext(ctx).Panic( - "Unable to fetch k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1beta1.CustomResourceDefinitionInformer from context.") + "Unable to fetch k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensions/v1.CustomResourceDefinitionInformer from context.") } - return untyped.(v1beta1.CustomResourceDefinitionInformer) + return untyped.(v1.CustomResourceDefinitionInformer) } diff --git a/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go b/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go similarity index 79% rename from vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go rename to vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go index 452bd44e210e..27b95afa6962 100644 --- a/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go +++ b/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/mutatingwebhookconfiguration/mutatingwebhookconfiguration.go @@ -21,7 +21,7 @@ package mutatingwebhookconfiguration import ( context "context" - v1beta1 "k8s.io/client-go/informers/admissionregistration/v1beta1" + v1 "k8s.io/client-go/informers/admissionregistration/v1" factory "knative.dev/pkg/client/injection/kube/informers/factory" controller "knative.dev/pkg/controller" injection "knative.dev/pkg/injection" @@ -37,16 +37,16 @@ type Key struct{} func withInformer(ctx context.Context) (context.Context, controller.Informer) { f := factory.Get(ctx) - inf := f.Admissionregistration().V1beta1().MutatingWebhookConfigurations() + inf := f.Admissionregistration().V1().MutatingWebhookConfigurations() return context.WithValue(ctx, Key{}, inf), inf.Informer() } // Get extracts the typed informer from the context. -func Get(ctx context.Context) v1beta1.MutatingWebhookConfigurationInformer { +func Get(ctx context.Context) v1.MutatingWebhookConfigurationInformer { untyped := ctx.Value(Key{}) if untyped == nil { logging.FromContext(ctx).Panic( - "Unable to fetch k8s.io/client-go/informers/admissionregistration/v1beta1.MutatingWebhookConfigurationInformer from context.") + "Unable to fetch k8s.io/client-go/informers/admissionregistration/v1.MutatingWebhookConfigurationInformer from context.") } - return untyped.(v1beta1.MutatingWebhookConfigurationInformer) + return untyped.(v1.MutatingWebhookConfigurationInformer) } diff --git a/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/validatingwebhookconfiguration/validatingwebhookconfiguration.go b/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration/validatingwebhookconfiguration.go similarity index 79% rename from vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/validatingwebhookconfiguration/validatingwebhookconfiguration.go rename to vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration/validatingwebhookconfiguration.go index 5ebe7b710abc..7cc5ac316ea8 100644 --- a/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/validatingwebhookconfiguration/validatingwebhookconfiguration.go +++ b/vendor/knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration/validatingwebhookconfiguration.go @@ -21,7 +21,7 @@ package validatingwebhookconfiguration import ( context "context" - v1beta1 "k8s.io/client-go/informers/admissionregistration/v1beta1" + v1 "k8s.io/client-go/informers/admissionregistration/v1" factory "knative.dev/pkg/client/injection/kube/informers/factory" controller "knative.dev/pkg/controller" injection "knative.dev/pkg/injection" @@ -37,16 +37,16 @@ type Key struct{} func withInformer(ctx context.Context) (context.Context, controller.Informer) { f := factory.Get(ctx) - inf := f.Admissionregistration().V1beta1().ValidatingWebhookConfigurations() + inf := f.Admissionregistration().V1().ValidatingWebhookConfigurations() return context.WithValue(ctx, Key{}, inf), inf.Informer() } // Get extracts the typed informer from the context. -func Get(ctx context.Context) v1beta1.ValidatingWebhookConfigurationInformer { +func Get(ctx context.Context) v1.ValidatingWebhookConfigurationInformer { untyped := ctx.Value(Key{}) if untyped == nil { logging.FromContext(ctx).Panic( - "Unable to fetch k8s.io/client-go/informers/admissionregistration/v1beta1.ValidatingWebhookConfigurationInformer from context.") + "Unable to fetch k8s.io/client-go/informers/admissionregistration/v1.ValidatingWebhookConfigurationInformer from context.") } - return untyped.(v1beta1.ValidatingWebhookConfigurationInformer) + return untyped.(v1.ValidatingWebhookConfigurationInformer) } diff --git a/vendor/knative.dev/pkg/client/injection/kube/reconciler/core/v1/namespace/reconciler.go b/vendor/knative.dev/pkg/client/injection/kube/reconciler/core/v1/namespace/reconciler.go index 4b7c037e310e..00c761a1d765 100644 --- a/vendor/knative.dev/pkg/client/injection/kube/reconciler/core/v1/namespace/reconciler.go +++ b/vendor/knative.dev/pkg/client/injection/kube/reconciler/core/v1/namespace/reconciler.go @@ -21,6 +21,7 @@ package namespace import ( context "context" json "encoding/json" + fmt "fmt" reflect "reflect" zap "go.uber.org/zap" @@ -160,7 +161,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return fmt.Errorf("failed to set finalizers: %w", err) } // Reconcile this copy of the resource and then write back any status @@ -175,7 +176,7 @@ func (r *reconcilerImpl) Reconcile(ctx context.Context, key string) error { // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return fmt.Errorf("failed to clear finalizers: %w", err) } } diff --git a/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/reconciler_reconciler.go b/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/reconciler_reconciler.go index 8b4d0c733180..df4d595ab244 100644 --- a/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/reconciler_reconciler.go +++ b/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/reconciler_reconciler.go @@ -147,6 +147,7 @@ func (g *reconcilerReconcilerGenerator) GenerateType(c *generator.Context, t *ty Package: "context", Name: "Context", }), + "fmtErrorf": c.Universe.Package("fmt").Function("Errorf"), "reflectDeepEqual": c.Universe.Package("reflect").Function("DeepEqual"), "equalitySemantic": c.Universe.Package("k8s.io/apimachinery/pkg/api/equality").Variable("Semantic"), "jsonMarshal": c.Universe.Package("encoding/json").Function("Marshal"), @@ -308,7 +309,7 @@ func (r *reconcilerImpl) Reconcile(ctx {{.contextContext|raw}}, key string) erro // Set and update the finalizer on resource if r.reconciler // implements Finalizer. if resource, err = r.setFinalizerIfFinalizer(ctx, resource); err != nil { - logger.Warnw("Failed to set finalizers", zap.Error(err)) + return {{.fmtErrorf|raw}}("failed to set finalizers: %w", err) } {{if .isKRShaped}} @@ -330,7 +331,7 @@ func (r *reconcilerImpl) Reconcile(ctx {{.contextContext|raw}}, key string) erro // and reconciled cleanly (nil or normal event), remove the finalizer. reconcileEvent = fin.FinalizeKind(ctx, resource) if resource, err = r.clearFinalizer(ctx, resource, reconcileEvent); err != nil { - logger.Warnw("Failed to clear finalizers", zap.Error(err)) + return {{.fmtErrorf|raw}}("failed to clear finalizers: %w", err) } } diff --git a/vendor/knative.dev/pkg/hack/update-codegen.sh b/vendor/knative.dev/pkg/hack/update-codegen.sh index d049c42cbc2c..1337f811001c 100644 --- a/vendor/knative.dev/pkg/hack/update-codegen.sh +++ b/vendor/knative.dev/pkg/hack/update-codegen.sh @@ -41,7 +41,7 @@ EXTERNAL_INFORMER_PKG="k8s.io/client-go/informers" \ ${REPO_ROOT_DIR}/hack/generate-knative.sh "injection" \ k8s.io/client-go \ k8s.io/api \ - "admissionregistration:v1beta1 apps:v1 autoscaling:v1,v2beta1 batch:v1,v1beta1 core:v1 rbac:v1" \ + "admissionregistration:v1beta1,v1 apps:v1 autoscaling:v1,v2beta1 batch:v1,v1beta1 core:v1 rbac:v1" \ --go-header-file ${REPO_ROOT_DIR}/hack/boilerplate/boilerplate.go.txt \ --force-genreconciler-kinds "Namespace" @@ -50,7 +50,7 @@ VERSIONED_CLIENTSET_PKG="k8s.io/apiextensions-apiserver/pkg/client/clientset/cli ${REPO_ROOT_DIR}/hack/generate-knative.sh "injection" \ k8s.io/apiextensions-apiserver/pkg/client \ k8s.io/apiextensions-apiserver/pkg/apis \ - "apiextensions:v1beta1" \ + "apiextensions:v1beta1,v1" \ --go-header-file ${REPO_ROOT_DIR}/hack/boilerplate/boilerplate.go.txt \ --force-genreconciler-kinds "CustomResourceDefinition" diff --git a/vendor/knative.dev/pkg/injection/sharedmain/main.go b/vendor/knative.dev/pkg/injection/sharedmain/main.go index 5c2ba94a36cb..fdc910ef0346 100644 --- a/vendor/knative.dev/pkg/injection/sharedmain/main.go +++ b/vendor/knative.dev/pkg/injection/sharedmain/main.go @@ -232,6 +232,18 @@ func WebhookMainWithConfig(ctx context.Context, component string, cfg *rest.Conf CheckK8sClientMinimumVersionOrDie(ctx, logger) cmw := SetupConfigMapWatchOrDie(ctx, logger) + + // Set up leader election config + leaderElectionConfig, err := GetLeaderElectionConfig(ctx) + if err != nil { + logger.Fatalf("Error loading leader election configuration: %v", err) + } + leConfig := leaderElectionConfig.GetComponentConfig(component) + if leConfig.LeaderElect { + // Signal that we are executing in a context with leader election. + ctx = kle.WithStandardLeaderElectorBuilder(ctx, kubeclient.Get(ctx), leConfig) + } + controllers, webhooks := ControllersAndWebhooksFromCtors(ctx, cmw, ctors...) WatchLoggingConfigOrDie(ctx, cmw, logger, atomicLevel, component) WatchObservabilityConfigOrDie(ctx, cmw, profilingHandler, logger, component) @@ -242,7 +254,6 @@ func WebhookMainWithConfig(ctx context.Context, component string, cfg *rest.Conf // If we have one or more admission controllers, then start the webhook // and pass them in. var wh *webhook.Webhook - var err error if len(webhooks) > 0 { // Register webhook metrics webhook.RegisterMetrics() diff --git a/vendor/knative.dev/pkg/test/webhook-apicoverage/webhook/apicoverage_recorder.go b/vendor/knative.dev/pkg/test/webhook-apicoverage/webhook/apicoverage_recorder.go index 814a4f1e8f54..d78f54194d88 100644 --- a/vendor/knative.dev/pkg/test/webhook-apicoverage/webhook/apicoverage_recorder.go +++ b/vendor/knative.dev/pkg/test/webhook-apicoverage/webhook/apicoverage_recorder.go @@ -25,8 +25,8 @@ import ( "reflect" "go.uber.org/zap" - "k8s.io/api/admission/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/api/admission/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/runtime/serializer" @@ -104,7 +104,7 @@ func (a *APICoverageRecorder) RecordResourceCoverage(w http.ResponseWriter, r *h err error ) - review := &v1beta1.AdmissionReview{} + review := &v1.AdmissionReview{} if body, err = ioutil.ReadAll(r.Body); err != nil { a.Logger.Errorf("Failed reading request body: %v", err) a.appendAndWriteAdmissionResponse(review, false, "Admission Denied", w) @@ -136,10 +136,10 @@ func (a *APICoverageRecorder) RecordResourceCoverage(w http.ResponseWriter, r *h a.appendAndWriteAdmissionResponse(review, true, "Welcome Aboard", w) } -func (a *APICoverageRecorder) appendAndWriteAdmissionResponse(review *v1beta1.AdmissionReview, allowed bool, message string, w http.ResponseWriter) { - review.Response = &v1beta1.AdmissionResponse{ +func (a *APICoverageRecorder) appendAndWriteAdmissionResponse(review *v1.AdmissionReview, allowed bool, message string, w http.ResponseWriter) { + review.Response = &v1.AdmissionResponse{ Allowed: allowed, - Result: &v1.Status{ + Result: &metav1.Status{ Message: message, }, } diff --git a/vendor/knative.dev/pkg/webhook/admission.go b/vendor/knative.dev/pkg/webhook/admission.go index da9c5263111f..086f39dab147 100644 --- a/vendor/knative.dev/pkg/webhook/admission.go +++ b/vendor/knative.dev/pkg/webhook/admission.go @@ -24,7 +24,7 @@ import ( "time" "go.uber.org/zap" - admissionv1beta1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" "knative.dev/pkg/logging" "knative.dev/pkg/logging/logkey" @@ -36,7 +36,7 @@ type AdmissionController interface { Path() string // Admit is the callback which is invoked when an HTTPS request comes in on Path(). - Admit(context.Context, *admissionv1beta1.AdmissionRequest) *admissionv1beta1.AdmissionResponse + Admit(context.Context, *admissionv1.AdmissionRequest) *admissionv1.AdmissionResponse } // StatelessAdmissionController is implemented by AdmissionControllers where Admit may be safely @@ -48,9 +48,9 @@ type StatelessAdmissionController interface { } // MakeErrorStatus creates an 'BadRequest' error AdmissionResponse -func MakeErrorStatus(reason string, args ...interface{}) *admissionv1beta1.AdmissionResponse { +func MakeErrorStatus(reason string, args ...interface{}) *admissionv1.AdmissionResponse { result := apierrors.NewBadRequest(fmt.Sprintf(reason, args...)).Status() - return &admissionv1beta1.AdmissionResponse{ + return &admissionv1.AdmissionResponse{ Result: &result, Allowed: false, } @@ -71,7 +71,7 @@ func admissionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c Admi logger := rootLogger logger.Infof("Webhook ServeHTTP request=%#v", r) - var review admissionv1beta1.AdmissionReview + var review admissionv1.AdmissionReview if err := json.NewDecoder(r.Body).Decode(&review); err != nil { http.Error(w, fmt.Sprintf("could not decode body: %v", err), http.StatusBadRequest) return @@ -88,7 +88,7 @@ func admissionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c Admi ctx := logging.WithLogger(r.Context(), logger) - var response admissionv1beta1.AdmissionReview + var response admissionv1.AdmissionReview reviewResponse := c.Admit(ctx, review.Request) var patchType string if reviewResponse.PatchType != nil { diff --git a/vendor/knative.dev/pkg/webhook/certificates/certificates.go b/vendor/knative.dev/pkg/webhook/certificates/certificates.go index 275bec9e3966..5e698d762b3b 100644 --- a/vendor/knative.dev/pkg/webhook/certificates/certificates.go +++ b/vendor/knative.dev/pkg/webhook/certificates/certificates.go @@ -23,11 +23,12 @@ import ( "time" apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" corelisters "k8s.io/client-go/listers/core/v1" "knative.dev/pkg/controller" "knative.dev/pkg/logging" - "knative.dev/pkg/system" + pkgreconciler "knative.dev/pkg/reconciler" certresources "knative.dev/pkg/webhook/certificates/resources" ) @@ -37,39 +38,46 @@ const ( ) type reconciler struct { + pkgreconciler.LeaderAwareFuncs + client kubernetes.Interface secretlister corelisters.SecretLister - secretName string + key types.NamespacedName serviceName string } var _ controller.Reconciler = (*reconciler)(nil) +var _ pkgreconciler.LeaderAware = (*reconciler)(nil) // Reconcile implements controller.Reconciler func (r *reconciler) Reconcile(ctx context.Context, key string) error { - return r.reconcileCertificate(ctx) + if r.IsLeaderFor(r.key) { + // only reconciler the certificate when we are leader. + return r.reconcileCertificate(ctx) + } + return nil } func (r *reconciler) reconcileCertificate(ctx context.Context) error { logger := logging.FromContext(ctx) - secret, err := r.secretlister.Secrets(system.Namespace()).Get(r.secretName) + secret, err := r.secretlister.Secrets(r.key.Namespace).Get(r.key.Name) if apierrors.IsNotFound(err) { // The secret should be created explicitly by a higher-level system // that's responsible for install/updates. We simply populate the // secret information. return nil } else if err != nil { - logger.Errorf("Error accessing certificate secret %q: %v", r.secretName, err) + logger.Errorf("Error accessing certificate secret %q: %v", r.key.Name, err) return err } if _, haskey := secret.Data[certresources.ServerKey]; !haskey { - logger.Infof("Certificate secret %q is missing key %q", r.secretName, certresources.ServerKey) + logger.Infof("Certificate secret %q is missing key %q", r.key.Name, certresources.ServerKey) } else if _, haskey := secret.Data[certresources.ServerCert]; !haskey { - logger.Infof("Certificate secret %q is missing key %q", r.secretName, certresources.ServerCert) + logger.Infof("Certificate secret %q is missing key %q", r.key.Name, certresources.ServerCert) } else if _, haskey := secret.Data[certresources.CACert]; !haskey { - logger.Infof("Certificate secret %q is missing key %q", r.secretName, certresources.CACert) + logger.Infof("Certificate secret %q is missing key %q", r.key.Name, certresources.CACert) } else { // Check the expiration date of the certificate to see if it needs to be updated cert, err := tls.X509KeyPair(secret.Data[certresources.ServerCert], secret.Data[certresources.ServerKey]) @@ -88,7 +96,7 @@ func (r *reconciler) reconcileCertificate(ctx context.Context) error { secret = secret.DeepCopy() // One of the secret's keys is missing, so synthesize a new one and update the secret. - newSecret, err := certresources.MakeSecret(ctx, r.secretName, system.Namespace(), r.serviceName) + newSecret, err := certresources.MakeSecret(ctx, r.key.Name, r.key.Namespace, r.serviceName) if err != nil { return err } diff --git a/vendor/knative.dev/pkg/webhook/certificates/controller.go b/vendor/knative.dev/pkg/webhook/certificates/controller.go index b8f408111137..a50acb39abcc 100644 --- a/vendor/knative.dev/pkg/webhook/certificates/controller.go +++ b/vendor/knative.dev/pkg/webhook/certificates/controller.go @@ -23,10 +23,12 @@ import ( kubeclient "knative.dev/pkg/client/injection/kube/client" secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/tools/cache" "knative.dev/pkg/configmap" "knative.dev/pkg/controller" "knative.dev/pkg/logging" + pkgreconciler "knative.dev/pkg/reconciler" "knative.dev/pkg/system" "knative.dev/pkg/webhook" ) @@ -44,20 +46,31 @@ func NewController( secretInformer := secretinformer.Get(ctx) options := webhook.GetOptions(ctx) + key := types.NamespacedName{ + Namespace: system.Namespace(), + Name: options.SecretName, + } + wh := &reconciler{ - secretName: options.SecretName, + LeaderAwareFuncs: pkgreconciler.LeaderAwareFuncs{ + // Enqueue the key whenever we become leader. + PromoteFunc: func(bkt pkgreconciler.Bucket, enq func(pkgreconciler.Bucket, types.NamespacedName)) error { + enq(bkt, key) + return nil + }, + }, + key: key, serviceName: options.ServiceName, client: client, secretlister: secretInformer.Lister(), } - logger := logging.FromContext(ctx) - c := controller.NewImpl(wh, logger, "WebhookCertificates") + c := controller.NewImpl(wh, logging.FromContext(ctx), "WebhookCertificates") // Reconcile when the cert bundle changes. secretInformer.Informer().AddEventHandler(cache.FilteringResourceEventHandler{ - FilterFunc: controller.FilterWithNameAndNamespace(system.Namespace(), wh.secretName), + FilterFunc: controller.FilterWithNameAndNamespace(key.Namespace, key.Name), // It doesn't matter what we enqueue because we will always Reconcile // the named MWH resource. Handler: controller.HandleAll(c.Enqueue), diff --git a/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go b/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go index 62d213eb372c..c2e7da0e6b16 100644 --- a/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go +++ b/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go @@ -24,12 +24,13 @@ import ( "fmt" "reflect" - admissionv1beta1 "k8s.io/api/admission/v1beta1" - admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1" + admissionv1 "k8s.io/api/admission/v1" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" - admissionlisters "k8s.io/client-go/listers/admissionregistration/v1beta1" + admissionlisters "k8s.io/client-go/listers/admissionregistration/v1" corelisters "k8s.io/client-go/listers/core/v1" "knative.dev/pkg/configmap" @@ -37,6 +38,7 @@ import ( "knative.dev/pkg/kmp" "knative.dev/pkg/logging" "knative.dev/pkg/ptr" + pkgreconciler "knative.dev/pkg/reconciler" "knative.dev/pkg/system" "knative.dev/pkg/webhook" certresources "knative.dev/pkg/webhook/certificates/resources" @@ -45,8 +47,9 @@ import ( // reconciler implements the AdmissionController for ConfigMaps type reconciler struct { webhook.StatelessAdmissionImpl + pkgreconciler.LeaderAwareFuncs - name string + key types.NamespacedName path string constructors map[string]reflect.Value @@ -58,6 +61,7 @@ type reconciler struct { } var _ controller.Reconciler = (*reconciler)(nil) +var _ pkgreconciler.LeaderAware = (*reconciler)(nil) var _ webhook.AdmissionController = (*reconciler)(nil) var _ webhook.StatelessAdmissionController = (*reconciler)(nil) @@ -65,6 +69,11 @@ var _ webhook.StatelessAdmissionController = (*reconciler)(nil) func (ac *reconciler) Reconcile(ctx context.Context, key string) error { logger := logging.FromContext(ctx) + if !ac.IsLeaderFor(ac.key) { + logger.Debugf("Skipping key %q, not the leader.", ac.key) + return nil + } + secret, err := ac.secretlister.Secrets(system.Namespace()).Get(ac.secretName) if err != nil { logger.Errorf("Error fetching secret: %v", err) @@ -85,20 +94,20 @@ func (ac *reconciler) Path() string { } // Admit implements AdmissionController -func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.AdmissionRequest) *admissionv1beta1.AdmissionResponse { +func (ac *reconciler) Admit(ctx context.Context, request *admissionv1.AdmissionRequest) *admissionv1.AdmissionResponse { logger := logging.FromContext(ctx) switch request.Operation { - case admissionv1beta1.Create, admissionv1beta1.Update: + case admissionv1.Create, admissionv1.Update: default: logger.Infof("Unhandled webhook operation, letting it through %v", request.Operation) - return &admissionv1beta1.AdmissionResponse{Allowed: true} + return &admissionv1.AdmissionResponse{Allowed: true} } if err := ac.validate(ctx, request); err != nil { return webhook.MakeErrorStatus("validation failed: %v", err) } - return &admissionv1beta1.AdmissionResponse{ + return &admissionv1.AdmissionResponse{ Allowed: true, } } @@ -106,13 +115,13 @@ func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.Admis func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []byte) error { logger := logging.FromContext(ctx) - ruleScope := admissionregistrationv1beta1.NamespacedScope - rules := []admissionregistrationv1beta1.RuleWithOperations{{ - Operations: []admissionregistrationv1beta1.OperationType{ - admissionregistrationv1beta1.Create, - admissionregistrationv1beta1.Update, + ruleScope := admissionregistrationv1.NamespacedScope + rules := []admissionregistrationv1.RuleWithOperations{{ + Operations: []admissionregistrationv1.OperationType{ + admissionregistrationv1.Create, + admissionregistrationv1.Update, }, - Rule: admissionregistrationv1beta1.Rule{ + Rule: admissionregistrationv1.Rule{ APIGroups: []string{""}, APIVersions: []string{"v1"}, Resources: []string{"configmaps/*"}, @@ -120,7 +129,7 @@ func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []b }, }} - configuredWebhook, err := ac.vwhlister.Get(ac.name) + configuredWebhook, err := ac.vwhlister.Get(ac.key.Name) if err != nil { return fmt.Errorf("error retrieving webhook: %w", err) } @@ -147,7 +156,7 @@ func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []b return fmt.Errorf("error diffing webhooks: %w", err) } else if !ok { logger.Info("Updating webhook") - vwhclient := ac.client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations() + vwhclient := ac.client.AdmissionregistrationV1().ValidatingWebhookConfigurations() if _, err := vwhclient.Update(webhook); err != nil { return fmt.Errorf("failed to update webhook: %w", err) } @@ -158,7 +167,7 @@ func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []b return nil } -func (ac *reconciler) validate(ctx context.Context, req *admissionv1beta1.AdmissionRequest) error { +func (ac *reconciler) validate(ctx context.Context, req *admissionv1.AdmissionRequest) error { logger := logging.FromContext(ctx) kind := req.Kind newBytes := req.Object.Raw diff --git a/vendor/knative.dev/pkg/webhook/configmaps/controller.go b/vendor/knative.dev/pkg/webhook/configmaps/controller.go index 1e62f58ecb87..895d07af72dd 100644 --- a/vendor/knative.dev/pkg/webhook/configmaps/controller.go +++ b/vendor/knative.dev/pkg/webhook/configmaps/controller.go @@ -22,13 +22,15 @@ import ( // Injection stuff kubeclient "knative.dev/pkg/client/injection/kube/client" - vwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/validatingwebhookconfiguration" + vwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration" secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret" + "knative.dev/pkg/logging" + pkgreconciler "knative.dev/pkg/reconciler" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/tools/cache" "knative.dev/pkg/configmap" "knative.dev/pkg/controller" - "knative.dev/pkg/logging" "knative.dev/pkg/system" "knative.dev/pkg/webhook" ) @@ -45,8 +47,18 @@ func NewAdmissionController( secretInformer := secretinformer.Get(ctx) options := webhook.GetOptions(ctx) + key := types.NamespacedName{Name: name} + wh := &reconciler{ - name: name, + LeaderAwareFuncs: pkgreconciler.LeaderAwareFuncs{ + // Have this reconciler enqueue our singleton whenever it becomes leader. + PromoteFunc: func(bkt pkgreconciler.Bucket, enq func(pkgreconciler.Bucket, types.NamespacedName)) error { + enq(bkt, key) + return nil + }, + }, + + key: key, path: path, constructors: make(map[string]reflect.Value), @@ -61,8 +73,7 @@ func NewAdmissionController( wh.registerConfig(configName, constructor) } - logger := logging.FromContext(ctx) - c := controller.NewImpl(wh, logger, "ConfigMapWebhook") + c := controller.NewImpl(wh, logging.FromContext(ctx), "ConfigMapWebhook") // Reconcile when the named ValidatingWebhookConfiguration changes. vwhInformer.Informer().AddEventHandler(cache.FilteringResourceEventHandler{ diff --git a/vendor/knative.dev/pkg/webhook/conversion.go b/vendor/knative.dev/pkg/webhook/conversion.go index 59575c34f760..146ac259f954 100644 --- a/vendor/knative.dev/pkg/webhook/conversion.go +++ b/vendor/knative.dev/pkg/webhook/conversion.go @@ -23,7 +23,7 @@ import ( "net/http" "go.uber.org/zap" - apixv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + apixv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "knative.dev/pkg/logging" ) @@ -33,7 +33,7 @@ type ConversionController interface { Path() string // Convert is the callback which is invoked when an HTTPS request comes in on Path(). - Convert(context.Context, *apixv1beta1.ConversionRequest) *apixv1beta1.ConversionResponse + Convert(context.Context, *apixv1.ConversionRequest) *apixv1.ConversionResponse } func conversionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c ConversionController) http.HandlerFunc { @@ -41,7 +41,7 @@ func conversionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c Con logger := rootLogger logger.Infof("Webhook ServeHTTP request=%#v", r) - var review apixv1beta1.ConversionReview + var review apixv1.ConversionReview if err := json.NewDecoder(r.Body).Decode(&review); err != nil { http.Error(w, fmt.Sprintf("could not decode body: %v", err), http.StatusBadRequest) return @@ -53,7 +53,7 @@ func conversionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c Con ) ctx := logging.WithLogger(r.Context(), logger) - response := apixv1beta1.ConversionReview{ + response := apixv1.ConversionReview{ Response: c.Convert(ctx, review.Request), } diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go index 1d107aacf710..a53915a87bad 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go @@ -25,10 +25,11 @@ import ( "k8s.io/client-go/tools/cache" "knative.dev/pkg/apis" apixclient "knative.dev/pkg/client/injection/apiextensions/client" - crdinformer "knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1beta1/customresourcedefinition" + crdinformer "knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1/customresourcedefinition" "knative.dev/pkg/controller" secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret" "knative.dev/pkg/logging" + pkgreconciler "knative.dev/pkg/reconciler" "knative.dev/pkg/system" "knative.dev/pkg/webhook" ) @@ -89,13 +90,23 @@ func NewConversionController( withContext func(context.Context) context.Context, ) *controller.Impl { - logger := logging.FromContext(ctx) secretInformer := secretinformer.Get(ctx) crdInformer := crdinformer.Get(ctx) client := apixclient.Get(ctx) options := webhook.GetOptions(ctx) r := &reconciler{ + LeaderAwareFuncs: pkgreconciler.LeaderAwareFuncs{ + // Have this reconciler enqueue our types whenever it becomes leader. + PromoteFunc: func(bkt pkgreconciler.Bucket, enq func(pkgreconciler.Bucket, types.NamespacedName)) error { + for _, gkc := range kinds { + name := gkc.DefinitionName + enq(bkt, types.NamespacedName{Name: name}) + } + return nil + }, + }, + kinds: kinds, path: path, secretName: options.SecretName, @@ -106,7 +117,7 @@ func NewConversionController( crdLister: crdInformer.Lister(), } - c := controller.NewImpl(r, logger, "ConversionWebhook") + c := controller.NewImpl(r, logging.FromContext(ctx), "ConversionWebhook") // Reconciler when the named CRDs change. for _, gkc := range kinds { diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go index 3fab95bad02d..5fa7beb9f1d2 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go @@ -23,7 +23,7 @@ import ( "go.uber.org/zap" - apixv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + apixv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" @@ -37,14 +37,14 @@ import ( // Convert implements webhook.ConversionController func (r *reconciler) Convert( ctx context.Context, - req *apixv1beta1.ConversionRequest, -) *apixv1beta1.ConversionResponse { + req *apixv1.ConversionRequest, +) *apixv1.ConversionResponse { if r.withContext != nil { ctx = r.withContext(ctx) } - res := &apixv1beta1.ConversionResponse{ + res := &apixv1.ConversionResponse{ UID: req.UID, Result: metav1.Status{ Status: metav1.StatusSuccess, diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go index ab8944620b24..e2709ee80031 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go @@ -20,21 +20,25 @@ import ( "context" "fmt" - apixv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + apixv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" apixclient "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset" - apixlisters "k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1" + apixlisters "k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" corelisters "k8s.io/client-go/listers/core/v1" "knative.dev/pkg/controller" "knative.dev/pkg/kmp" "knative.dev/pkg/logging" "knative.dev/pkg/ptr" + pkgreconciler "knative.dev/pkg/reconciler" "knative.dev/pkg/system" "knative.dev/pkg/webhook" certresources "knative.dev/pkg/webhook/certificates/resources" ) type reconciler struct { + pkgreconciler.LeaderAwareFuncs + kinds map[schema.GroupKind]GroupKindConversion path string secretName string @@ -47,6 +51,7 @@ type reconciler struct { var _ webhook.ConversionController = (*reconciler)(nil) var _ controller.Reconciler = (*reconciler)(nil) +var _ pkgreconciler.LeaderAware = (*reconciler)(nil) // Path implements webhook.ConversionController func (r *reconciler) Path() string { @@ -57,6 +62,11 @@ func (r *reconciler) Path() string { func (r *reconciler) Reconcile(ctx context.Context, key string) error { logger := logging.FromContext(ctx) + if !r.IsLeaderFor(types.NamespacedName{Name: key}) { + logger.Debugf("Skipping key %q, not the leader.", key) + return nil + } + // Look up the webhook secret, and fetch the CA cert bundle. secret, err := r.secretLister.Secrets(system.Namespace()).Get(r.secretName) if err != nil { @@ -83,20 +93,20 @@ func (r *reconciler) reconcileCRD(ctx context.Context, cacert []byte, key string crd := configuredCRD.DeepCopy() if crd.Spec.Conversion == nil || - crd.Spec.Conversion.Strategy != apixv1beta1.WebhookConverter || - crd.Spec.Conversion.WebhookClientConfig == nil || - crd.Spec.Conversion.WebhookClientConfig.Service == nil { + crd.Spec.Conversion.Strategy != apixv1.WebhookConverter || + crd.Spec.Conversion.Webhook.ClientConfig == nil || + crd.Spec.Conversion.Webhook.ClientConfig.Service == nil { return fmt.Errorf("custom resource %q isn't configured for webhook conversion", key) } - crd.Spec.Conversion.WebhookClientConfig.CABundle = cacert - crd.Spec.Conversion.WebhookClientConfig.Service.Path = ptr.String(r.path) + crd.Spec.Conversion.Webhook.ClientConfig.CABundle = cacert + crd.Spec.Conversion.Webhook.ClientConfig.Service.Path = ptr.String(r.path) if ok, err := kmp.SafeEqual(configuredCRD, crd); err != nil { return fmt.Errorf("error diffing custom resource definitions: %w", err) } else if !ok { logger.Infof("updating CRD") - crdClient := r.client.ApiextensionsV1beta1().CustomResourceDefinitions() + crdClient := r.client.ApiextensionsV1().CustomResourceDefinitions() if _, err := crdClient.Update(crd); err != nil { return fmt.Errorf("failed to update webhook: %w", err) } diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go index 8d99732b52b9..b331405880e2 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go @@ -21,13 +21,15 @@ import ( // Injection stuff kubeclient "knative.dev/pkg/client/injection/kube/client" - mwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration" + mwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/mutatingwebhookconfiguration" secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret" + "knative.dev/pkg/logging" + pkgreconciler "knative.dev/pkg/reconciler" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/tools/cache" "knative.dev/pkg/controller" - "knative.dev/pkg/logging" "knative.dev/pkg/system" "knative.dev/pkg/webhook" "knative.dev/pkg/webhook/resourcesemantics" @@ -47,8 +49,18 @@ func NewAdmissionController( secretInformer := secretinformer.Get(ctx) options := webhook.GetOptions(ctx) + key := types.NamespacedName{Name: name} + wh := &reconciler{ - name: name, + LeaderAwareFuncs: pkgreconciler.LeaderAwareFuncs{ + // Have this reconciler enqueue our singleton whenever it becomes leader. + PromoteFunc: func(bkt pkgreconciler.Bucket, enq func(pkgreconciler.Bucket, types.NamespacedName)) error { + enq(bkt, key) + return nil + }, + }, + + key: key, path: path, handlers: handlers, diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go index d84e6ed9c8b5..80d1dcc9adf7 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go @@ -28,12 +28,13 @@ import ( "github.com/markbates/inflect" "go.uber.org/zap" jsonpatch "gomodules.xyz/jsonpatch/v2" - admissionv1beta1 "k8s.io/api/admission/v1beta1" - admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1" + admissionv1 "k8s.io/api/admission/v1" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" - admissionlisters "k8s.io/client-go/listers/admissionregistration/v1beta1" + admissionlisters "k8s.io/client-go/listers/admissionregistration/v1" corelisters "k8s.io/client-go/listers/core/v1" "knative.dev/pkg/apis" "knative.dev/pkg/apis/duck" @@ -41,6 +42,7 @@ import ( "knative.dev/pkg/kmp" "knative.dev/pkg/logging" "knative.dev/pkg/ptr" + pkgreconciler "knative.dev/pkg/reconciler" "knative.dev/pkg/system" "knative.dev/pkg/webhook" certresources "knative.dev/pkg/webhook/certificates/resources" @@ -52,8 +54,9 @@ var errMissingNewObject = errors.New("the new object may not be nil") // reconciler implements the AdmissionController for resources type reconciler struct { webhook.StatelessAdmissionImpl + pkgreconciler.LeaderAwareFuncs - name string + key types.NamespacedName path string handlers map[schema.GroupVersionKind]resourcesemantics.GenericCRD @@ -68,6 +71,7 @@ type reconciler struct { } var _ controller.Reconciler = (*reconciler)(nil) +var _ pkgreconciler.LeaderAware = (*reconciler)(nil) var _ webhook.AdmissionController = (*reconciler)(nil) var _ webhook.StatelessAdmissionController = (*reconciler)(nil) @@ -75,6 +79,11 @@ var _ webhook.StatelessAdmissionController = (*reconciler)(nil) func (ac *reconciler) Reconcile(ctx context.Context, key string) error { logger := logging.FromContext(ctx) + if !ac.IsLeaderFor(ac.key) { + logger.Debugf("Skipping key %q, not the leader.", ac.key) + return nil + } + // Look up the webhook secret, and fetch the CA cert bundle. secret, err := ac.secretlister.Secrets(system.Namespace()).Get(ac.secretName) if err != nil { @@ -96,17 +105,17 @@ func (ac *reconciler) Path() string { } // Admit implements AdmissionController -func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.AdmissionRequest) *admissionv1beta1.AdmissionResponse { +func (ac *reconciler) Admit(ctx context.Context, request *admissionv1.AdmissionRequest) *admissionv1.AdmissionResponse { if ac.withContext != nil { ctx = ac.withContext(ctx) } logger := logging.FromContext(ctx) switch request.Operation { - case admissionv1beta1.Create, admissionv1beta1.Update: + case admissionv1.Create, admissionv1.Update: default: logger.Infof("Unhandled webhook operation, letting it through %v", request.Operation) - return &admissionv1beta1.AdmissionResponse{Allowed: true} + return &admissionv1.AdmissionResponse{Allowed: true} } patchBytes, err := ac.mutate(ctx, request) @@ -115,11 +124,11 @@ func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.Admis } logger.Infof("Kind: %q PatchBytes: %v", request.Kind, string(patchBytes)) - return &admissionv1beta1.AdmissionResponse{ + return &admissionv1.AdmissionResponse{ Patch: patchBytes, Allowed: true, - PatchType: func() *admissionv1beta1.PatchType { - pt := admissionv1beta1.PatchTypeJSONPatch + PatchType: func() *admissionv1.PatchType { + pt := admissionv1.PatchTypeJSONPatch return &pt }(), } @@ -128,16 +137,16 @@ func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.Admis func (ac *reconciler) reconcileMutatingWebhook(ctx context.Context, caCert []byte) error { logger := logging.FromContext(ctx) - rules := make([]admissionregistrationv1beta1.RuleWithOperations, 0, len(ac.handlers)) + rules := make([]admissionregistrationv1.RuleWithOperations, 0, len(ac.handlers)) for gvk := range ac.handlers { plural := strings.ToLower(inflect.Pluralize(gvk.Kind)) - rules = append(rules, admissionregistrationv1beta1.RuleWithOperations{ - Operations: []admissionregistrationv1beta1.OperationType{ - admissionregistrationv1beta1.Create, - admissionregistrationv1beta1.Update, + rules = append(rules, admissionregistrationv1.RuleWithOperations{ + Operations: []admissionregistrationv1.OperationType{ + admissionregistrationv1.Create, + admissionregistrationv1.Update, }, - Rule: admissionregistrationv1beta1.Rule{ + Rule: admissionregistrationv1.Rule{ APIGroups: []string{gvk.Group}, APIVersions: []string{gvk.Version}, Resources: []string{plural + "/*"}, @@ -157,7 +166,7 @@ func (ac *reconciler) reconcileMutatingWebhook(ctx context.Context, caCert []byt return lhs.Resources[0] < rhs.Resources[0] }) - configuredWebhook, err := ac.mwhlister.Get(ac.name) + configuredWebhook, err := ac.mwhlister.Get(ac.key.Name) if err != nil { return fmt.Errorf("error retrieving webhook: %w", err) } @@ -190,7 +199,7 @@ func (ac *reconciler) reconcileMutatingWebhook(ctx context.Context, caCert []byt return fmt.Errorf("error diffing webhooks: %w", err) } else if !ok { logger.Info("Updating webhook") - mwhclient := ac.client.AdmissionregistrationV1beta1().MutatingWebhookConfigurations() + mwhclient := ac.client.AdmissionregistrationV1().MutatingWebhookConfigurations() if _, err := mwhclient.Update(webhook); err != nil { return fmt.Errorf("failed to update webhook: %w", err) } @@ -200,7 +209,7 @@ func (ac *reconciler) reconcileMutatingWebhook(ctx context.Context, caCert []byt return nil } -func (ac *reconciler) mutate(ctx context.Context, req *admissionv1beta1.AdmissionRequest) ([]byte, error) { +func (ac *reconciler) mutate(ctx context.Context, req *admissionv1.AdmissionRequest) ([]byte, error) { kind := req.Kind newBytes := req.Object.Raw oldBytes := req.OldObject.Raw diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go index cbaeaa5b290d..14cf6dd73af2 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go @@ -21,13 +21,15 @@ import ( // Injection stuff kubeclient "knative.dev/pkg/client/injection/kube/client" - vwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/validatingwebhookconfiguration" + vwhinformer "knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration" secretinformer "knative.dev/pkg/injection/clients/namespacedkube/informers/core/v1/secret" + "knative.dev/pkg/logging" + pkgreconciler "knative.dev/pkg/reconciler" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/tools/cache" "knative.dev/pkg/controller" - "knative.dev/pkg/logging" "knative.dev/pkg/system" "knative.dev/pkg/webhook" "knative.dev/pkg/webhook/resourcesemantics" @@ -62,7 +64,17 @@ func NewAdmissionController( } wh := &reconciler{ - name: name, + LeaderAwareFuncs: pkgreconciler.LeaderAwareFuncs{ + // Have this reconciler enqueue our singleton whenever it becomes leader. + PromoteFunc: func(bkt pkgreconciler.Bucket, enq func(pkgreconciler.Bucket, types.NamespacedName)) error { + enq(bkt, types.NamespacedName{Name: name}) + return nil + }, + }, + + key: types.NamespacedName{ + Name: name, + }, path: path, handlers: handlers, callbacks: unwrappedCallbacks, diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go index c17db6281c4d..1537adc7892a 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go @@ -24,16 +24,18 @@ import ( "github.com/markbates/inflect" "go.uber.org/zap" - admissionregistrationv1beta1 "k8s.io/api/admissionregistration/v1beta1" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" - admissionlisters "k8s.io/client-go/listers/admissionregistration/v1beta1" + admissionlisters "k8s.io/client-go/listers/admissionregistration/v1" corelisters "k8s.io/client-go/listers/core/v1" "knative.dev/pkg/controller" "knative.dev/pkg/kmp" "knative.dev/pkg/logging" "knative.dev/pkg/ptr" + pkgreconciler "knative.dev/pkg/reconciler" "knative.dev/pkg/system" "knative.dev/pkg/webhook" certresources "knative.dev/pkg/webhook/certificates/resources" @@ -43,8 +45,9 @@ import ( // reconciler implements the AdmissionController for resources type reconciler struct { webhook.StatelessAdmissionImpl + pkgreconciler.LeaderAwareFuncs - name string + key types.NamespacedName path string handlers map[schema.GroupVersionKind]resourcesemantics.GenericCRD callbacks map[schema.GroupVersionKind]Callback @@ -60,6 +63,7 @@ type reconciler struct { } var _ controller.Reconciler = (*reconciler)(nil) +var _ pkgreconciler.LeaderAware = (*reconciler)(nil) var _ webhook.AdmissionController = (*reconciler)(nil) var _ webhook.StatelessAdmissionController = (*reconciler)(nil) @@ -72,6 +76,11 @@ func (ac *reconciler) Path() string { func (ac *reconciler) Reconcile(ctx context.Context, key string) error { logger := logging.FromContext(ctx) + if !ac.IsLeaderFor(ac.key) { + logger.Debugf("Skipping key %q, not the leader.", ac.key) + return nil + } + // Look up the webhook secret, and fetch the CA cert bundle. secret, err := ac.secretlister.Secrets(system.Namespace()).Get(ac.secretName) if err != nil { @@ -90,17 +99,17 @@ func (ac *reconciler) Reconcile(ctx context.Context, key string) error { func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []byte) error { logger := logging.FromContext(ctx) - rules := make([]admissionregistrationv1beta1.RuleWithOperations, 0, len(ac.handlers)) + rules := make([]admissionregistrationv1.RuleWithOperations, 0, len(ac.handlers)) for gvk := range ac.handlers { plural := strings.ToLower(inflect.Pluralize(gvk.Kind)) - rules = append(rules, admissionregistrationv1beta1.RuleWithOperations{ - Operations: []admissionregistrationv1beta1.OperationType{ - admissionregistrationv1beta1.Create, - admissionregistrationv1beta1.Update, - admissionregistrationv1beta1.Delete, + rules = append(rules, admissionregistrationv1.RuleWithOperations{ + Operations: []admissionregistrationv1.OperationType{ + admissionregistrationv1.Create, + admissionregistrationv1.Update, + admissionregistrationv1.Delete, }, - Rule: admissionregistrationv1beta1.Rule{ + Rule: admissionregistrationv1.Rule{ APIGroups: []string{gvk.Group}, APIVersions: []string{gvk.Version}, Resources: []string{plural + "/*"}, @@ -120,7 +129,7 @@ func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []b return lhs.Resources[0] < rhs.Resources[0] }) - configuredWebhook, err := ac.vwhlister.Get(ac.name) + configuredWebhook, err := ac.vwhlister.Get(ac.key.Name) if err != nil { return fmt.Errorf("error retrieving webhook: %w", err) } @@ -153,7 +162,7 @@ func (ac *reconciler) reconcileValidatingWebhook(ctx context.Context, caCert []b return fmt.Errorf("error diffing webhooks: %w", err) } else if !ok { logger.Info("Updating webhook") - vwhclient := ac.client.AdmissionregistrationV1beta1().ValidatingWebhookConfigurations() + vwhclient := ac.client.AdmissionregistrationV1().ValidatingWebhookConfigurations() if _, err := vwhclient.Update(webhook); err != nil { return fmt.Errorf("failed to update webhook: %w", err) } diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go index c547359ff9de..ad61de997456 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go @@ -24,7 +24,7 @@ import ( "fmt" "go.uber.org/zap" - admissionv1beta1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" "knative.dev/pkg/apis" @@ -61,7 +61,7 @@ func NewCallback(function func(context.Context, *unstructured.Unstructured) erro var _ webhook.AdmissionController = (*reconciler)(nil) // Admit implements AdmissionController -func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.AdmissionRequest) *admissionv1beta1.AdmissionResponse { +func (ac *reconciler) Admit(ctx context.Context, request *admissionv1.AdmissionRequest) *admissionv1.AdmissionResponse { if ac.withContext != nil { ctx = ac.withContext(ctx) } @@ -86,14 +86,14 @@ func (ac *reconciler) Admit(ctx context.Context, request *admissionv1beta1.Admis return webhook.MakeErrorStatus("validation callback failed: %v", err) } - return &admissionv1beta1.AdmissionResponse{Allowed: true} + return &admissionv1.AdmissionResponse{Allowed: true} } // decodeRequestAndPrepareContext deserializes the old and new GenericCrds from the incoming request and sets up the context. // nil oldObj or newObj denote absence of `old` (create) or `new` (delete) objects. func (ac *reconciler) decodeRequestAndPrepareContext( ctx context.Context, - req *admissionv1beta1.AdmissionRequest, + req *admissionv1.AdmissionRequest, gvk schema.GroupVersionKind) (context.Context, resourcesemantics.GenericCRD, error) { logger := logging.FromContext(ctx) @@ -142,11 +142,11 @@ func (ac *reconciler) decodeRequestAndPrepareContext( } switch req.Operation { - case admissionv1beta1.Update: + case admissionv1.Update: ctx = apis.WithinUpdate(ctx, oldObj) - case admissionv1beta1.Create: + case admissionv1.Create: ctx = apis.WithinCreate(ctx) - case admissionv1beta1.Delete: + case admissionv1.Delete: ctx = apis.WithinDelete(ctx) return ctx, oldObj, nil } @@ -154,14 +154,14 @@ func (ac *reconciler) decodeRequestAndPrepareContext( return ctx, newObj, nil } -func validate(ctx context.Context, resource resourcesemantics.GenericCRD, req *admissionv1beta1.AdmissionRequest) error { +func validate(ctx context.Context, resource resourcesemantics.GenericCRD, req *admissionv1.AdmissionRequest) error { logger := logging.FromContext(ctx) // Only run validation for supported create and update validaiton. switch req.Operation { - case admissionv1beta1.Create, admissionv1beta1.Update: + case admissionv1.Create, admissionv1.Update: // Supported verbs - case admissionv1beta1.Delete: + case admissionv1.Delete: return nil // Validation handled by optional Callback, but not validatable. default: logger.Infof("Unhandled webhook validation operation, letting it through %v", req.Operation) @@ -184,9 +184,9 @@ func validate(ctx context.Context, resource resourcesemantics.GenericCRD, req *a } // callback runs optional callbacks on admission -func (ac *reconciler) callback(ctx context.Context, req *admissionv1beta1.AdmissionRequest, gvk schema.GroupVersionKind) error { +func (ac *reconciler) callback(ctx context.Context, req *admissionv1.AdmissionRequest, gvk schema.GroupVersionKind) error { var toDecode []byte - if req.Operation == admissionv1beta1.Delete { + if req.Operation == admissionv1.Delete { toDecode = req.OldObject.Raw } else { toDecode = req.Object.Raw diff --git a/vendor/knative.dev/pkg/webhook/stats_reporter.go b/vendor/knative.dev/pkg/webhook/stats_reporter.go index 298bf499c9ae..13293200c00b 100644 --- a/vendor/knative.dev/pkg/webhook/stats_reporter.go +++ b/vendor/knative.dev/pkg/webhook/stats_reporter.go @@ -24,7 +24,7 @@ import ( "go.opencensus.io/stats" "go.opencensus.io/stats/view" "go.opencensus.io/tag" - admissionv1beta1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" "knative.dev/pkg/metrics" ) @@ -62,7 +62,7 @@ var ( // StatsReporter reports webhook metrics type StatsReporter interface { - ReportRequest(request *admissionv1beta1.AdmissionRequest, response *admissionv1beta1.AdmissionResponse, d time.Duration) error + ReportRequest(request *admissionv1.AdmissionRequest, response *admissionv1.AdmissionResponse, d time.Duration) error } // reporter implements StatsReporter interface @@ -83,7 +83,7 @@ func NewStatsReporter() (StatsReporter, error) { } // Captures req count metric, recording the count and the duration -func (r *reporter) ReportRequest(req *admissionv1beta1.AdmissionRequest, resp *admissionv1beta1.AdmissionResponse, d time.Duration) error { +func (r *reporter) ReportRequest(req *admissionv1.AdmissionRequest, resp *admissionv1.AdmissionResponse, d time.Duration) error { ctx, err := tag.New( r.ctx, tag.Insert(requestOperationKey, string(req.Operation)), diff --git a/vendor/knative.dev/pkg/webhook/webhook.go b/vendor/knative.dev/pkg/webhook/webhook.go index 869269b46d0f..1a2988c1c71e 100644 --- a/vendor/knative.dev/pkg/webhook/webhook.go +++ b/vendor/knative.dev/pkg/webhook/webhook.go @@ -30,7 +30,7 @@ import ( "go.uber.org/zap" "golang.org/x/sync/errgroup" - admissionv1beta1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" "k8s.io/client-go/kubernetes" corelisters "k8s.io/client-go/listers/core/v1" "knative.dev/pkg/logging" @@ -63,14 +63,14 @@ type Options struct { // Operation is the verb being operated on // it is aliasde in Validation from the k8s admission package -type Operation = admissionv1beta1.Operation +type Operation = admissionv1.Operation // Operation types const ( - Create Operation = admissionv1beta1.Create - Update Operation = admissionv1beta1.Update - Delete Operation = admissionv1beta1.Delete - Connect Operation = admissionv1beta1.Connect + Create Operation = admissionv1.Create + Update Operation = admissionv1.Update + Delete Operation = admissionv1.Delete + Connect Operation = admissionv1.Connect ) // Webhook implements the external webhook for validation of diff --git a/vendor/modules.txt b/vendor/modules.txt index 2e57b37d073d..c007794f08ed 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1032,7 +1032,7 @@ knative.dev/networking/pkg/client/injection/informers/networking/v1alpha1/server knative.dev/networking/pkg/client/injection/reconciler/networking/v1alpha1/serverlessservice knative.dev/networking/pkg/client/istio/listers/networking/v1alpha3 knative.dev/networking/pkg/client/listers/networking/v1alpha1 -# knative.dev/pkg v0.0.0-20200619020725-7df8fc5d7743 +# knative.dev/pkg v0.0.0-20200619182625-b6a13e2894ee ## explicit knative.dev/pkg/apiextensions/storageversion knative.dev/pkg/apiextensions/storageversion/cmd/migrate @@ -1046,12 +1046,12 @@ knative.dev/pkg/apis/testing/fuzzer knative.dev/pkg/apis/testing/roundtrip knative.dev/pkg/changeset knative.dev/pkg/client/injection/apiextensions/client -knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1beta1/customresourcedefinition +knative.dev/pkg/client/injection/apiextensions/informers/apiextensions/v1/customresourcedefinition knative.dev/pkg/client/injection/apiextensions/informers/factory knative.dev/pkg/client/injection/kube/client knative.dev/pkg/client/injection/kube/client/fake -knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/mutatingwebhookconfiguration -knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1beta1/validatingwebhookconfiguration +knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/mutatingwebhookconfiguration +knative.dev/pkg/client/injection/kube/informers/admissionregistration/v1/validatingwebhookconfiguration knative.dev/pkg/client/injection/kube/informers/apps/v1/deployment knative.dev/pkg/client/injection/kube/informers/apps/v1/deployment/fake knative.dev/pkg/client/injection/kube/informers/autoscaling/v2beta1/horizontalpodautoscaler @@ -1149,7 +1149,7 @@ knative.dev/pkg/webhook/resourcesemantics/conversion knative.dev/pkg/webhook/resourcesemantics/defaulting knative.dev/pkg/webhook/resourcesemantics/validation knative.dev/pkg/websocket -# knative.dev/test-infra v0.0.0-20200618184825-a7b2980a8884 +# knative.dev/test-infra v0.0.0-20200619200026-0b0587234302 ## explicit knative.dev/test-infra/scripts # sigs.k8s.io/yaml v1.2.0 From 3ebd764dd845c922254f0d14c56627fb20d29b82 Mon Sep 17 00:00:00 2001 From: Matt Moore Date: Mon, 22 Jun 2020 11:59:14 -0700 Subject: [PATCH 2/2] Fix admission v1 merge conflict --- .../api/admission/{v1beta1 => v1}/doc.go | 4 +- .../admission/{v1beta1 => v1}/generated.pb.go | 138 +++++++++--------- .../admission/{v1beta1 => v1}/generated.proto | 6 +- .../api/admission/{v1beta1 => v1}/register.go | 6 +- .../api/admission/{v1beta1 => v1}/types.go | 6 +- .../types_swagger_doc_generated.go | 4 +- .../{v1beta1 => v1}/zz_generated.deepcopy.go | 10 +- vendor/modules.txt | 2 +- 8 files changed, 88 insertions(+), 88 deletions(-) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/doc.go (87%) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/generated.pb.go (87%) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/generated.proto (98%) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/register.go (95%) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/types.go (98%) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/types_swagger_doc_generated.go (98%) rename vendor/k8s.io/api/admission/{v1beta1 => v1}/zz_generated.deepcopy.go (95%) diff --git a/vendor/k8s.io/api/admission/v1beta1/doc.go b/vendor/k8s.io/api/admission/v1/doc.go similarity index 87% rename from vendor/k8s.io/api/admission/v1beta1/doc.go rename to vendor/k8s.io/api/admission/v1/doc.go index 92f7c19d26d4..cbc6bb59dd96 100644 --- a/vendor/k8s.io/api/admission/v1beta1/doc.go +++ b/vendor/k8s.io/api/admission/v1/doc.go @@ -1,5 +1,5 @@ /* -Copyright 2017 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -20,4 +20,4 @@ limitations under the License. // +groupName=admission.k8s.io -package v1beta1 // import "k8s.io/api/admission/v1beta1" +package v1 // import "k8s.io/api/admission/v1" diff --git a/vendor/k8s.io/api/admission/v1beta1/generated.pb.go b/vendor/k8s.io/api/admission/v1/generated.pb.go similarity index 87% rename from vendor/k8s.io/api/admission/v1beta1/generated.pb.go rename to vendor/k8s.io/api/admission/v1/generated.pb.go index 10d3bead6f01..e6b4f7240efc 100644 --- a/vendor/k8s.io/api/admission/v1beta1/generated.pb.go +++ b/vendor/k8s.io/api/admission/v1/generated.pb.go @@ -15,9 +15,9 @@ limitations under the License. */ // Code generated by protoc-gen-gogo. DO NOT EDIT. -// source: k8s.io/kubernetes/vendor/k8s.io/api/admission/v1beta1/generated.proto +// source: k8s.io/kubernetes/vendor/k8s.io/api/admission/v1/generated.proto -package v1beta1 +package v1 import ( fmt "fmt" @@ -50,7 +50,7 @@ const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package func (m *AdmissionRequest) Reset() { *m = AdmissionRequest{} } func (*AdmissionRequest) ProtoMessage() {} func (*AdmissionRequest) Descriptor() ([]byte, []int) { - return fileDescriptor_b87c2352de86eab9, []int{0} + return fileDescriptor_4b73421fd5edef9f, []int{0} } func (m *AdmissionRequest) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -78,7 +78,7 @@ var xxx_messageInfo_AdmissionRequest proto.InternalMessageInfo func (m *AdmissionResponse) Reset() { *m = AdmissionResponse{} } func (*AdmissionResponse) ProtoMessage() {} func (*AdmissionResponse) Descriptor() ([]byte, []int) { - return fileDescriptor_b87c2352de86eab9, []int{1} + return fileDescriptor_4b73421fd5edef9f, []int{1} } func (m *AdmissionResponse) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -106,7 +106,7 @@ var xxx_messageInfo_AdmissionResponse proto.InternalMessageInfo func (m *AdmissionReview) Reset() { *m = AdmissionReview{} } func (*AdmissionReview) ProtoMessage() {} func (*AdmissionReview) Descriptor() ([]byte, []int) { - return fileDescriptor_b87c2352de86eab9, []int{2} + return fileDescriptor_4b73421fd5edef9f, []int{2} } func (m *AdmissionReview) XXX_Unmarshal(b []byte) error { return m.Unmarshal(b) @@ -132,75 +132,75 @@ func (m *AdmissionReview) XXX_DiscardUnknown() { var xxx_messageInfo_AdmissionReview proto.InternalMessageInfo func init() { - proto.RegisterType((*AdmissionRequest)(nil), "k8s.io.api.admission.v1beta1.AdmissionRequest") - proto.RegisterType((*AdmissionResponse)(nil), "k8s.io.api.admission.v1beta1.AdmissionResponse") - proto.RegisterMapType((map[string]string)(nil), "k8s.io.api.admission.v1beta1.AdmissionResponse.AuditAnnotationsEntry") - proto.RegisterType((*AdmissionReview)(nil), "k8s.io.api.admission.v1beta1.AdmissionReview") + proto.RegisterType((*AdmissionRequest)(nil), "k8s.io.api.admission.v1.AdmissionRequest") + proto.RegisterType((*AdmissionResponse)(nil), "k8s.io.api.admission.v1.AdmissionResponse") + proto.RegisterMapType((map[string]string)(nil), "k8s.io.api.admission.v1.AdmissionResponse.AuditAnnotationsEntry") + proto.RegisterType((*AdmissionReview)(nil), "k8s.io.api.admission.v1.AdmissionReview") } func init() { - proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/api/admission/v1beta1/generated.proto", fileDescriptor_b87c2352de86eab9) + proto.RegisterFile("k8s.io/kubernetes/vendor/k8s.io/api/admission/v1/generated.proto", fileDescriptor_4b73421fd5edef9f) } -var fileDescriptor_b87c2352de86eab9 = []byte{ - // 902 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x55, 0x4f, 0x6f, 0x1b, 0x45, - 0x14, 0xf7, 0xd6, 0x8e, 0xed, 0x1d, 0x87, 0xda, 0x9d, 0x82, 0xb4, 0xb2, 0xd0, 0xda, 0xe4, 0x80, - 0x82, 0xd4, 0xcc, 0x92, 0x08, 0xaa, 0xa8, 0xe2, 0x92, 0x25, 0x11, 0x0a, 0x48, 0x4d, 0x34, 0xad, - 0x51, 0xe1, 0x80, 0x34, 0xf6, 0x4e, 0xed, 0xc5, 0xf6, 0xcc, 0xb2, 0x33, 0xeb, 0xe0, 0x1b, 0xe2, - 0xca, 0x85, 0x6f, 0xc0, 0x87, 0xe1, 0x92, 0x63, 0x8f, 0x3d, 0x59, 0xc4, 0x7c, 0x8b, 0x9c, 0xd0, - 0xcc, 0xce, 0x7a, 0xb7, 0x76, 0x02, 0xfd, 0xc3, 0xc9, 0xf3, 0xfe, 0xfc, 0x7e, 0xef, 0xf9, 0xf7, - 0x76, 0xde, 0x80, 0x93, 0xf1, 0xa1, 0x40, 0x21, 0xf7, 0xc6, 0x49, 0x9f, 0xc6, 0x8c, 0x4a, 0x2a, - 0xbc, 0x19, 0x65, 0x01, 0x8f, 0x3d, 0x13, 0x20, 0x51, 0xe8, 0x91, 0x60, 0x1a, 0x0a, 0x11, 0x72, - 0xe6, 0xcd, 0xf6, 0xfb, 0x54, 0x92, 0x7d, 0x6f, 0x48, 0x19, 0x8d, 0x89, 0xa4, 0x01, 0x8a, 0x62, - 0x2e, 0x39, 0xfc, 0x30, 0xcd, 0x46, 0x24, 0x0a, 0xd1, 0x2a, 0x1b, 0x99, 0xec, 0xf6, 0xde, 0x30, - 0x94, 0xa3, 0xa4, 0x8f, 0x06, 0x7c, 0xea, 0x0d, 0xf9, 0x90, 0x7b, 0x1a, 0xd4, 0x4f, 0x9e, 0x6b, - 0x4b, 0x1b, 0xfa, 0x94, 0x92, 0xb5, 0x1f, 0x14, 0x4b, 0x27, 0x72, 0x44, 0x99, 0x0c, 0x07, 0x44, - 0xa6, 0xf5, 0xd7, 0x4b, 0xb7, 0x3f, 0xcb, 0xb3, 0xa7, 0x64, 0x30, 0x0a, 0x19, 0x8d, 0xe7, 0x5e, - 0x34, 0x1e, 0x2a, 0x87, 0xf0, 0xa6, 0x54, 0x92, 0x9b, 0x50, 0xde, 0x6d, 0xa8, 0x38, 0x61, 0x32, - 0x9c, 0xd2, 0x0d, 0xc0, 0xc3, 0xff, 0x02, 0x88, 0xc1, 0x88, 0x4e, 0xc9, 0x3a, 0x6e, 0xe7, 0x0f, - 0x1b, 0xb4, 0x8e, 0x32, 0x45, 0x30, 0xfd, 0x29, 0xa1, 0x42, 0x42, 0x1f, 0x94, 0x93, 0x30, 0x70, - 0xac, 0xae, 0xb5, 0x6b, 0xfb, 0x9f, 0x5e, 0x2e, 0x3a, 0xa5, 0xe5, 0xa2, 0x53, 0xee, 0x9d, 0x1e, - 0x5f, 0x2f, 0x3a, 0x1f, 0xdd, 0x56, 0x48, 0xce, 0x23, 0x2a, 0x50, 0xef, 0xf4, 0x18, 0x2b, 0x30, - 0x7c, 0x06, 0x2a, 0xe3, 0x90, 0x05, 0xce, 0x9d, 0xae, 0xb5, 0xdb, 0x38, 0x78, 0x88, 0xf2, 0x09, - 0xac, 0x60, 0x28, 0x1a, 0x0f, 0x95, 0x43, 0x20, 0x25, 0x03, 0x9a, 0xed, 0xa3, 0xaf, 0x62, 0x9e, - 0x44, 0xdf, 0xd2, 0x58, 0x35, 0xf3, 0x4d, 0xc8, 0x02, 0x7f, 0xdb, 0x14, 0xaf, 0x28, 0x0b, 0x6b, - 0x46, 0x38, 0x02, 0xf5, 0x98, 0x0a, 0x9e, 0xc4, 0x03, 0xea, 0x94, 0x35, 0xfb, 0xa3, 0x37, 0x67, - 0xc7, 0x86, 0xc1, 0x6f, 0x99, 0x0a, 0xf5, 0xcc, 0x83, 0x57, 0xec, 0xf0, 0x73, 0xd0, 0x10, 0x49, - 0x3f, 0x0b, 0x38, 0x15, 0xad, 0xc7, 0x7d, 0x03, 0x68, 0x3c, 0xc9, 0x43, 0xb8, 0x98, 0x07, 0x43, - 0xd0, 0x88, 0x53, 0x25, 0x55, 0xd7, 0xce, 0x7b, 0xef, 0xa4, 0x40, 0x53, 0x95, 0xc2, 0x39, 0x1d, - 0x2e, 0x72, 0xc3, 0x39, 0x68, 0x1a, 0x73, 0xd5, 0xe5, 0xdd, 0x77, 0x96, 0xe4, 0xfe, 0x72, 0xd1, - 0x69, 0xe2, 0x57, 0x69, 0xf1, 0x7a, 0x1d, 0xf8, 0x35, 0x80, 0xc6, 0x55, 0x10, 0xc2, 0x69, 0x6a, - 0x8d, 0xda, 0x46, 0x23, 0x88, 0x37, 0x32, 0xf0, 0x0d, 0x28, 0xd8, 0x05, 0x15, 0x46, 0xa6, 0xd4, - 0xd9, 0xd2, 0xe8, 0xd5, 0xd0, 0x1f, 0x93, 0x29, 0xc5, 0x3a, 0x02, 0x3d, 0x60, 0xab, 0x5f, 0x11, - 0x91, 0x01, 0x75, 0xaa, 0x3a, 0xed, 0x9e, 0x49, 0xb3, 0x1f, 0x67, 0x01, 0x9c, 0xe7, 0xc0, 0x2f, - 0x80, 0xcd, 0x23, 0xf5, 0xa9, 0x87, 0x9c, 0x39, 0x35, 0x0d, 0x70, 0x33, 0xc0, 0x59, 0x16, 0xb8, - 0x2e, 0x1a, 0x38, 0x07, 0xc0, 0xa7, 0xa0, 0x9e, 0x08, 0x1a, 0x9f, 0xb2, 0xe7, 0xdc, 0xa9, 0x6b, - 0x41, 0x3f, 0x46, 0xc5, 0x1d, 0xf2, 0xca, 0xb5, 0x57, 0x42, 0xf6, 0x4c, 0x76, 0xfe, 0x3d, 0x65, - 0x1e, 0xbc, 0x62, 0x82, 0x3d, 0x50, 0xe5, 0xfd, 0x1f, 0xe9, 0x40, 0x3a, 0xb6, 0xe6, 0xdc, 0xbb, - 0x75, 0x48, 0xe6, 0xd6, 0x22, 0x4c, 0x2e, 0x4e, 0x7e, 0x96, 0x94, 0xa9, 0xf9, 0xf8, 0x77, 0x0d, - 0x75, 0xf5, 0x4c, 0x93, 0x60, 0x43, 0x06, 0x7f, 0x00, 0x36, 0x9f, 0x04, 0xa9, 0xd3, 0x01, 0x6f, - 0xc3, 0xbc, 0x92, 0xf2, 0x2c, 0xe3, 0xc1, 0x39, 0x25, 0xdc, 0x01, 0xd5, 0x20, 0x9e, 0xe3, 0x84, - 0x39, 0x8d, 0xae, 0xb5, 0x5b, 0xf7, 0x81, 0xea, 0xe1, 0x58, 0x7b, 0xb0, 0x89, 0xc0, 0x67, 0xa0, - 0xc6, 0x23, 0x25, 0x86, 0x70, 0xb6, 0xdf, 0xa6, 0x83, 0xa6, 0xe9, 0xa0, 0x76, 0x96, 0xb2, 0xe0, - 0x8c, 0x6e, 0xe7, 0xd7, 0x0a, 0xb8, 0x57, 0xd8, 0x50, 0x22, 0xe2, 0x4c, 0xd0, 0xff, 0x65, 0x45, - 0x7d, 0x02, 0x6a, 0x64, 0x32, 0xe1, 0x17, 0x34, 0xdd, 0x52, 0xf5, 0xbc, 0x89, 0xa3, 0xd4, 0x8d, - 0xb3, 0x38, 0x3c, 0x07, 0x55, 0x21, 0x89, 0x4c, 0x84, 0xd9, 0x38, 0x0f, 0x5e, 0xef, 0x7a, 0x3d, - 0xd1, 0x98, 0x54, 0x30, 0x4c, 0x45, 0x32, 0x91, 0xd8, 0xf0, 0xc0, 0x0e, 0xd8, 0x8a, 0x88, 0x1c, - 0x8c, 0xf4, 0x56, 0xd9, 0xf6, 0xed, 0xe5, 0xa2, 0xb3, 0x75, 0xae, 0x1c, 0x38, 0xf5, 0xc3, 0x43, - 0x60, 0xeb, 0xc3, 0xd3, 0x79, 0x94, 0x5d, 0x8c, 0xb6, 0x1a, 0xd1, 0x79, 0xe6, 0xbc, 0x2e, 0x1a, - 0x38, 0x4f, 0x86, 0xbf, 0x59, 0xa0, 0x45, 0x92, 0x20, 0x94, 0x47, 0x8c, 0x71, 0x49, 0xd2, 0xa9, - 0x54, 0xbb, 0xe5, 0xdd, 0xc6, 0xc1, 0x09, 0xfa, 0xb7, 0x97, 0x10, 0x6d, 0xe8, 0x8c, 0x8e, 0xd6, - 0x78, 0x4e, 0x98, 0x8c, 0xe7, 0xbe, 0x63, 0x84, 0x6a, 0xad, 0x87, 0xf1, 0x46, 0xe1, 0xf6, 0x97, - 0xe0, 0x83, 0x1b, 0x49, 0x60, 0x0b, 0x94, 0xc7, 0x74, 0x9e, 0x8e, 0x10, 0xab, 0x23, 0x7c, 0x1f, - 0x6c, 0xcd, 0xc8, 0x24, 0xa1, 0x7a, 0x1c, 0x36, 0x4e, 0x8d, 0x47, 0x77, 0x0e, 0xad, 0x9d, 0x3f, - 0x2d, 0xd0, 0x2c, 0x34, 0x37, 0x0b, 0xe9, 0x05, 0xec, 0x81, 0x9a, 0x59, 0x25, 0x9a, 0xa3, 0x71, - 0x80, 0x5e, 0xfb, 0xcf, 0x69, 0x94, 0xdf, 0x50, 0xa3, 0xce, 0xf6, 0x5c, 0xc6, 0x05, 0xbf, 0xd3, - 0xcf, 0x8b, 0xfe, 0xf7, 0xe6, 0xf1, 0xf2, 0xde, 0x50, 0x34, 0x7f, 0xdb, 0xbc, 0x27, 0xda, 0xc2, - 0x2b, 0x3a, 0x7f, 0xef, 0xf2, 0xca, 0x2d, 0xbd, 0xb8, 0x72, 0x4b, 0x2f, 0xaf, 0xdc, 0xd2, 0x2f, - 0x4b, 0xd7, 0xba, 0x5c, 0xba, 0xd6, 0x8b, 0xa5, 0x6b, 0xbd, 0x5c, 0xba, 0xd6, 0x5f, 0x4b, 0xd7, - 0xfa, 0xfd, 0x6f, 0xb7, 0xf4, 0x7d, 0xcd, 0x10, 0xff, 0x13, 0x00, 0x00, 0xff, 0xff, 0x8b, 0xd1, - 0x27, 0x74, 0xfd, 0x08, 0x00, 0x00, +var fileDescriptor_4b73421fd5edef9f = []byte{ + // 898 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x55, 0x4d, 0x6f, 0x1b, 0x45, + 0x18, 0xf6, 0xc6, 0x89, 0xed, 0x1d, 0x87, 0xda, 0x9d, 0x82, 0x58, 0xf9, 0xb0, 0x36, 0x39, 0x20, + 0x17, 0xb5, 0xb3, 0x24, 0x82, 0x2a, 0xaa, 0x38, 0x34, 0x4b, 0x2a, 0x14, 0x90, 0x9a, 0x68, 0xda, + 0xa0, 0x8a, 0x03, 0xd2, 0xd8, 0x3b, 0xb5, 0x17, 0xdb, 0x33, 0xcb, 0xce, 0xac, 0x83, 0x6f, 0x9c, + 0x38, 0xf3, 0x0f, 0xf8, 0x1d, 0xfc, 0x83, 0x1c, 0x7b, 0xec, 0xc9, 0x22, 0xe6, 0x5f, 0x44, 0x42, + 0x42, 0x33, 0x3b, 0xfb, 0xd1, 0x7c, 0x88, 0xd0, 0xf4, 0xe4, 0x79, 0x3f, 0x9e, 0xe7, 0x7d, 0xfd, + 0xbc, 0x3b, 0xef, 0x80, 0x27, 0x93, 0x5d, 0x81, 0x42, 0xee, 0x4d, 0x92, 0x01, 0x8d, 0x19, 0x95, + 0x54, 0x78, 0x73, 0xca, 0x02, 0x1e, 0x7b, 0x26, 0x40, 0xa2, 0xd0, 0x23, 0xc1, 0x2c, 0x14, 0x22, + 0xe4, 0xcc, 0x9b, 0x6f, 0x7b, 0x23, 0xca, 0x68, 0x4c, 0x24, 0x0d, 0x50, 0x14, 0x73, 0xc9, 0xe1, + 0xc7, 0x69, 0x22, 0x22, 0x51, 0x88, 0xf2, 0x44, 0x34, 0xdf, 0xee, 0x3c, 0x1c, 0x85, 0x72, 0x9c, + 0x0c, 0xd0, 0x90, 0xcf, 0xbc, 0x11, 0x1f, 0x71, 0x4f, 0xe7, 0x0f, 0x92, 0x57, 0xda, 0xd2, 0x86, + 0x3e, 0xa5, 0x3c, 0x9d, 0x07, 0xe5, 0x82, 0x89, 0x1c, 0x53, 0x26, 0xc3, 0x21, 0x91, 0x57, 0x57, + 0xed, 0x7c, 0x51, 0x64, 0xcf, 0xc8, 0x70, 0x1c, 0x32, 0x1a, 0x2f, 0xbc, 0x68, 0x32, 0x52, 0x0e, + 0xe1, 0xcd, 0xa8, 0x24, 0x57, 0xa1, 0xbc, 0xeb, 0x50, 0x71, 0xc2, 0x64, 0x38, 0xa3, 0x97, 0x00, + 0x8f, 0xfe, 0x0b, 0x20, 0x86, 0x63, 0x3a, 0x23, 0x17, 0x71, 0x5b, 0x7f, 0xd8, 0xa0, 0xbd, 0x97, + 0x89, 0x81, 0xe9, 0xcf, 0x09, 0x15, 0x12, 0xfa, 0xa0, 0x9a, 0x84, 0x81, 0x63, 0xf5, 0xac, 0xbe, + 0xed, 0x7f, 0x7e, 0xba, 0xec, 0x56, 0x56, 0xcb, 0x6e, 0xf5, 0xf8, 0x60, 0xff, 0x7c, 0xd9, 0xfd, + 0xe4, 0xba, 0x42, 0x72, 0x11, 0x51, 0x81, 0x8e, 0x0f, 0xf6, 0xb1, 0x02, 0xc3, 0x97, 0x60, 0x7d, + 0x12, 0xb2, 0xc0, 0x59, 0xeb, 0x59, 0xfd, 0xe6, 0xce, 0x23, 0x54, 0x88, 0x9f, 0xc3, 0x50, 0x34, + 0x19, 0x29, 0x87, 0x40, 0x4a, 0x06, 0x34, 0xdf, 0x46, 0xdf, 0xc4, 0x3c, 0x89, 0xbe, 0xa7, 0xb1, + 0x6a, 0xe6, 0xbb, 0x90, 0x05, 0xfe, 0xa6, 0x29, 0xbe, 0xae, 0x2c, 0xac, 0x19, 0xe1, 0x18, 0x34, + 0x62, 0x2a, 0x78, 0x12, 0x0f, 0xa9, 0x53, 0xd5, 0xec, 0x8f, 0xff, 0x3f, 0x3b, 0x36, 0x0c, 0x7e, + 0xdb, 0x54, 0x68, 0x64, 0x1e, 0x9c, 0xb3, 0xc3, 0x2f, 0x41, 0x53, 0x24, 0x83, 0x2c, 0xe0, 0xac, + 0x6b, 0x3d, 0xee, 0x19, 0x40, 0xf3, 0x79, 0x11, 0xc2, 0xe5, 0x3c, 0x18, 0x82, 0x66, 0x9c, 0x2a, + 0xa9, 0xba, 0x76, 0x3e, 0xb8, 0x95, 0x02, 0x2d, 0x55, 0x0a, 0x17, 0x74, 0xb8, 0xcc, 0x0d, 0x17, + 0xa0, 0x65, 0xcc, 0xbc, 0xcb, 0x3b, 0xb7, 0x96, 0xe4, 0xde, 0x6a, 0xd9, 0x6d, 0xe1, 0xb7, 0x69, + 0xf1, 0xc5, 0x3a, 0xf0, 0x5b, 0x00, 0x8d, 0xab, 0x24, 0x84, 0xd3, 0xd2, 0x1a, 0x75, 0x8c, 0x46, + 0x10, 0x5f, 0xca, 0xc0, 0x57, 0xa0, 0x60, 0x0f, 0xac, 0x33, 0x32, 0xa3, 0xce, 0x86, 0x46, 0xe7, + 0x43, 0x7f, 0x46, 0x66, 0x14, 0xeb, 0x08, 0xf4, 0x80, 0xad, 0x7e, 0x45, 0x44, 0x86, 0xd4, 0xa9, + 0xe9, 0xb4, 0xbb, 0x26, 0xcd, 0x7e, 0x96, 0x05, 0x70, 0x91, 0x03, 0xbf, 0x02, 0x36, 0x8f, 0xd4, + 0xa7, 0x1e, 0x72, 0xe6, 0xd4, 0x35, 0xc0, 0xcd, 0x00, 0x87, 0x59, 0xe0, 0xbc, 0x6c, 0xe0, 0x02, + 0x00, 0x5f, 0x80, 0x46, 0x22, 0x68, 0x7c, 0xc0, 0x5e, 0x71, 0xa7, 0xa1, 0x05, 0xfd, 0x14, 0x95, + 0xd7, 0xc7, 0x5b, 0xd7, 0x5e, 0x09, 0x79, 0x6c, 0xb2, 0x8b, 0xef, 0x29, 0xf3, 0xe0, 0x9c, 0x09, + 0x1e, 0x83, 0x1a, 0x1f, 0xfc, 0x44, 0x87, 0xd2, 0xb1, 0x35, 0xe7, 0xc3, 0x6b, 0x87, 0x64, 0x6e, + 0x2d, 0xc2, 0xe4, 0xe4, 0xe9, 0x2f, 0x92, 0x32, 0x35, 0x1f, 0xff, 0x8e, 0xa1, 0xae, 0x1d, 0x6a, + 0x12, 0x6c, 0xc8, 0xe0, 0x8f, 0xc0, 0xe6, 0xd3, 0x20, 0x75, 0x3a, 0xe0, 0x5d, 0x98, 0x73, 0x29, + 0x0f, 0x33, 0x1e, 0x5c, 0x50, 0xc2, 0x2d, 0x50, 0x0b, 0xe2, 0x05, 0x4e, 0x98, 0xd3, 0xec, 0x59, + 0xfd, 0x86, 0x0f, 0x54, 0x0f, 0xfb, 0xda, 0x83, 0x4d, 0x04, 0xbe, 0x04, 0x75, 0x1e, 0x29, 0x31, + 0x84, 0xb3, 0xf9, 0x2e, 0x1d, 0xb4, 0x4c, 0x07, 0xf5, 0xc3, 0x94, 0x05, 0x67, 0x74, 0x5b, 0xff, + 0x54, 0xc1, 0xdd, 0xd2, 0x86, 0x12, 0x11, 0x67, 0x82, 0xbe, 0x97, 0x15, 0x75, 0x1f, 0xd4, 0xc9, + 0x74, 0xca, 0x4f, 0x68, 0xba, 0xa5, 0x1a, 0x45, 0x13, 0x7b, 0xa9, 0x1b, 0x67, 0x71, 0x78, 0x04, + 0x6a, 0x42, 0x12, 0x99, 0x08, 0xb3, 0x71, 0x1e, 0xdc, 0xec, 0x7a, 0x3d, 0xd7, 0x98, 0x54, 0x30, + 0x4c, 0x45, 0x32, 0x95, 0xd8, 0xf0, 0xc0, 0x2e, 0xd8, 0x88, 0x88, 0x1c, 0x8e, 0xf5, 0x56, 0xd9, + 0xf4, 0xed, 0xd5, 0xb2, 0xbb, 0x71, 0xa4, 0x1c, 0x38, 0xf5, 0xc3, 0x5d, 0x60, 0xeb, 0xc3, 0x8b, + 0x45, 0x94, 0x5d, 0x8c, 0x8e, 0x1a, 0xd1, 0x51, 0xe6, 0x3c, 0x2f, 0x1b, 0xb8, 0x48, 0x86, 0xbf, + 0x59, 0xa0, 0x4d, 0x92, 0x20, 0x94, 0x7b, 0x8c, 0x71, 0x49, 0xd2, 0xa9, 0xd4, 0x7a, 0xd5, 0x7e, + 0x73, 0xe7, 0x09, 0xba, 0xe6, 0x11, 0x44, 0x97, 0x24, 0x46, 0x7b, 0x17, 0x28, 0x9e, 0x32, 0x19, + 0x2f, 0x7c, 0xc7, 0x68, 0xd4, 0xbe, 0x18, 0xc6, 0x97, 0x6a, 0x76, 0xbe, 0x06, 0x1f, 0x5d, 0x49, + 0x02, 0xdb, 0xa0, 0x3a, 0xa1, 0x8b, 0x74, 0x7a, 0x58, 0x1d, 0xe1, 0x87, 0x60, 0x63, 0x4e, 0xa6, + 0x09, 0xd5, 0x93, 0xb0, 0x71, 0x6a, 0x3c, 0x5e, 0xdb, 0xb5, 0xb6, 0xfe, 0xb4, 0x40, 0xab, 0xd4, + 0xdc, 0x3c, 0xa4, 0x27, 0xf0, 0x08, 0xd4, 0xcd, 0x16, 0xd1, 0x1c, 0xcd, 0x9d, 0xfb, 0x37, 0xf9, + 0x5f, 0x1a, 0xe0, 0x37, 0xd5, 0x80, 0xb3, 0xed, 0x96, 0xd1, 0xa8, 0x0b, 0x1f, 0x9b, 0x3f, 0x6e, + 0x9e, 0xac, 0xcf, 0x6e, 0x2e, 0x95, 0xbf, 0x69, 0x1e, 0x10, 0x6d, 0xe1, 0x9c, 0xc9, 0xef, 0x9f, + 0x9e, 0xb9, 0x95, 0xd7, 0x67, 0x6e, 0xe5, 0xcd, 0x99, 0x5b, 0xf9, 0x75, 0xe5, 0x5a, 0xa7, 0x2b, + 0xd7, 0x7a, 0xbd, 0x72, 0xad, 0x37, 0x2b, 0xd7, 0xfa, 0x6b, 0xe5, 0x5a, 0xbf, 0xff, 0xed, 0x56, + 0x7e, 0x58, 0x9b, 0x6f, 0xff, 0x1b, 0x00, 0x00, 0xff, 0xff, 0x37, 0xc7, 0x3f, 0x71, 0xdf, 0x08, + 0x00, 0x00, } func (m *AdmissionRequest) Marshal() (dAtA []byte, err error) { diff --git a/vendor/k8s.io/api/admission/v1beta1/generated.proto b/vendor/k8s.io/api/admission/v1/generated.proto similarity index 98% rename from vendor/k8s.io/api/admission/v1beta1/generated.proto rename to vendor/k8s.io/api/admission/v1/generated.proto index 6999b80c27a0..8d960a17d326 100644 --- a/vendor/k8s.io/api/admission/v1beta1/generated.proto +++ b/vendor/k8s.io/api/admission/v1/generated.proto @@ -19,7 +19,7 @@ limitations under the License. syntax = 'proto2'; -package k8s.io.api.admission.v1beta1; +package k8s.io.api.admission.v1; import "k8s.io/api/authentication/v1/generated.proto"; import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; @@ -27,7 +27,7 @@ import "k8s.io/apimachinery/pkg/runtime/generated.proto"; import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto"; // Package-wide variables from generator "generated". -option go_package = "v1beta1"; +option go_package = "v1"; // AdmissionRequest describes the admission.Attributes for the admission request. message AdmissionRequest { @@ -120,7 +120,7 @@ message AdmissionRequest { // AdmissionResponse describes an admission response. message AdmissionResponse { // UID is an identifier for the individual request/response. - // This should be copied over from the corresponding AdmissionRequest. + // This must be copied over from the corresponding AdmissionRequest. optional string uid = 1; // Allowed indicates whether or not the admission request was permitted. diff --git a/vendor/k8s.io/api/admission/v1beta1/register.go b/vendor/k8s.io/api/admission/v1/register.go similarity index 95% rename from vendor/k8s.io/api/admission/v1beta1/register.go rename to vendor/k8s.io/api/admission/v1/register.go index 78d21a0c8a7e..b548509ab325 100644 --- a/vendor/k8s.io/api/admission/v1beta1/register.go +++ b/vendor/k8s.io/api/admission/v1/register.go @@ -1,5 +1,5 @@ /* -Copyright 2017 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v1beta1 +package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -26,7 +26,7 @@ import ( const GroupName = "admission.k8s.io" // SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"} +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} // Resource takes an unqualified resource and returns a Group qualified GroupResource func Resource(resource string) schema.GroupResource { diff --git a/vendor/k8s.io/api/admission/v1beta1/types.go b/vendor/k8s.io/api/admission/v1/types.go similarity index 98% rename from vendor/k8s.io/api/admission/v1beta1/types.go rename to vendor/k8s.io/api/admission/v1/types.go index 2cb9ea55a389..a40cb0d52e27 100644 --- a/vendor/k8s.io/api/admission/v1beta1/types.go +++ b/vendor/k8s.io/api/admission/v1/types.go @@ -1,5 +1,5 @@ /* -Copyright 2017 The Kubernetes Authors. +Copyright 2019 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v1beta1 +package v1 import ( authenticationv1 "k8s.io/api/authentication/v1" @@ -115,7 +115,7 @@ type AdmissionRequest struct { // AdmissionResponse describes an admission response. type AdmissionResponse struct { // UID is an identifier for the individual request/response. - // This should be copied over from the corresponding AdmissionRequest. + // This must be copied over from the corresponding AdmissionRequest. UID types.UID `json:"uid" protobuf:"bytes,1,opt,name=uid"` // Allowed indicates whether or not the admission request was permitted. diff --git a/vendor/k8s.io/api/admission/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/api/admission/v1/types_swagger_doc_generated.go similarity index 98% rename from vendor/k8s.io/api/admission/v1beta1/types_swagger_doc_generated.go rename to vendor/k8s.io/api/admission/v1/types_swagger_doc_generated.go index 2ef98db8729f..62351b161774 100644 --- a/vendor/k8s.io/api/admission/v1beta1/types_swagger_doc_generated.go +++ b/vendor/k8s.io/api/admission/v1/types_swagger_doc_generated.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v1beta1 +package v1 // This file contains a collection of methods that can be used from go-restful to // generate Swagger API documentation for its models. Please read this PR for more @@ -52,7 +52,7 @@ func (AdmissionRequest) SwaggerDoc() map[string]string { var map_AdmissionResponse = map[string]string{ "": "AdmissionResponse describes an admission response.", - "uid": "UID is an identifier for the individual request/response. This should be copied over from the corresponding AdmissionRequest.", + "uid": "UID is an identifier for the individual request/response. This must be copied over from the corresponding AdmissionRequest.", "allowed": "Allowed indicates whether or not the admission request was permitted.", "status": "Result contains extra details into why an admission request was denied. This field IS NOT consulted in any way if \"Allowed\" is \"true\".", "patch": "The patch body. Currently we only support \"JSONPatch\" which implements RFC 6902.", diff --git a/vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/api/admission/v1/zz_generated.deepcopy.go similarity index 95% rename from vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go rename to vendor/k8s.io/api/admission/v1/zz_generated.deepcopy.go index e4704c86dd31..42954ca42727 100644 --- a/vendor/k8s.io/api/admission/v1beta1/zz_generated.deepcopy.go +++ b/vendor/k8s.io/api/admission/v1/zz_generated.deepcopy.go @@ -18,10 +18,10 @@ limitations under the License. // Code generated by deepcopy-gen. DO NOT EDIT. -package v1beta1 +package v1 import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -32,12 +32,12 @@ func (in *AdmissionRequest) DeepCopyInto(out *AdmissionRequest) { out.Resource = in.Resource if in.RequestKind != nil { in, out := &in.RequestKind, &out.RequestKind - *out = new(v1.GroupVersionKind) + *out = new(metav1.GroupVersionKind) **out = **in } if in.RequestResource != nil { in, out := &in.RequestResource, &out.RequestResource - *out = new(v1.GroupVersionResource) + *out = new(metav1.GroupVersionResource) **out = **in } in.UserInfo.DeepCopyInto(&out.UserInfo) @@ -67,7 +67,7 @@ func (in *AdmissionResponse) DeepCopyInto(out *AdmissionResponse) { *out = *in if in.Result != nil { in, out := &in.Result, &out.Result - *out = new(v1.Status) + *out = new(metav1.Status) (*in).DeepCopyInto(*out) } if in.Patch != nil { diff --git a/vendor/modules.txt b/vendor/modules.txt index c007794f08ed..f9e99e0bc5f3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -595,7 +595,7 @@ istio.io/client-go/pkg/apis/networking/v1alpha3 istio.io/gogo-genproto/googleapis/google/api # k8s.io/api v0.18.1 => k8s.io/api v0.17.6 ## explicit -k8s.io/api/admission/v1beta1 +k8s.io/api/admission/v1 k8s.io/api/admissionregistration/v1 k8s.io/api/admissionregistration/v1beta1 k8s.io/api/apps/v1