diff --git a/pkg/oc/cli/admin/project/new_project.go b/pkg/oc/cli/admin/project/new_project.go index 1efa7a484dc2..579b0509493a 100644 --- a/pkg/oc/cli/admin/project/new_project.go +++ b/pkg/oc/cli/admin/project/new_project.go @@ -16,15 +16,14 @@ import ( kcmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/genericclioptions" + authorizationv1 "github.com/openshift/api/authorization/v1" + projectv1 "github.com/openshift/api/project/v1" + authorizationv1typedclient "github.com/openshift/client-go/authorization/clientset/versioned/typed/authorization/v1" + projectv1typedclient "github.com/openshift/client-go/project/clientset/versioned/typed/project/v1" oapi "github.com/openshift/origin/pkg/api" - authorizationapi "github.com/openshift/origin/pkg/authorization/apis/authorization" - authorizationclientinternal "github.com/openshift/origin/pkg/authorization/generated/internalclientset" - authorizationtypedclient "github.com/openshift/origin/pkg/authorization/generated/internalclientset/typed/authorization/internalversion" "github.com/openshift/origin/pkg/cmd/server/bootstrappolicy" "github.com/openshift/origin/pkg/oc/cli/admin/policy" projectapi "github.com/openshift/origin/pkg/project/apis/project" - projectclientinternal "github.com/openshift/origin/pkg/project/generated/internalclientset" - projectclient "github.com/openshift/origin/pkg/project/generated/internalclientset/typed/project/internalversion" ) const NewProjectRecommendedName = "new-project" @@ -36,9 +35,9 @@ type NewProjectOptions struct { NodeSelector string UseNodeSelector bool - ProjectClient projectclient.ProjectInterface + ProjectClient projectv1typedclient.ProjectV1Interface RbacClient rbacv1client.RbacV1Interface - SARClient authorizationtypedclient.SubjectAccessReviewInterface + SARClient authorizationv1typedclient.SubjectAccessReviewInterface AdminRole string AdminUser string @@ -97,21 +96,19 @@ func (o *NewProjectOptions) complete(f kcmdutil.Factory, cmd *cobra.Command, arg if err != nil { return err } - projectClient, err := projectclientinternal.NewForConfig(clientConfig) + o.ProjectClient, err = projectv1typedclient.NewForConfig(clientConfig) if err != nil { return err } - o.ProjectClient = projectClient.Project() o.RbacClient, err = rbacv1client.NewForConfig(clientConfig) if err != nil { return err } - authorizationClient, err := authorizationclientinternal.NewForConfig(clientConfig) + authorizationClient, err := authorizationv1typedclient.NewForConfig(clientConfig) if err != nil { return err } - authorizationInterface := authorizationClient.Authorization() - o.SARClient = authorizationInterface.SubjectAccessReviews() + o.SARClient = authorizationClient.SubjectAccessReviews() return nil } @@ -125,7 +122,7 @@ func (o *NewProjectOptions) Run() error { return fmt.Errorf("project %v already exists", o.ProjectName) } - project := &projectapi.Project{} + project := &projectv1.Project{} project.Name = o.ProjectName project.Annotations = make(map[string]string) project.Annotations[oapi.OpenShiftDescription] = o.Description @@ -155,8 +152,8 @@ func (o *NewProjectOptions) Run() error { errs = append(errs, err) } else { if err := wait.PollImmediate(time.Second, time.Minute, func() (bool, error) { - resp, err := o.SARClient.Create(&authorizationapi.SubjectAccessReview{ - Action: authorizationapi.Action{ + resp, err := o.SARClient.Create(&authorizationv1.SubjectAccessReview{ + Action: authorizationv1.Action{ Namespace: o.ProjectName, Verb: "get", Resource: "projects", diff --git a/pkg/oc/cli/admin/verifyimagesignature/verify-signature.go b/pkg/oc/cli/admin/verifyimagesignature/verify-signature.go index f5fa34761e9e..a8266d97d480 100644 --- a/pkg/oc/cli/admin/verifyimagesignature/verify-signature.go +++ b/pkg/oc/cli/admin/verifyimagesignature/verify-signature.go @@ -16,16 +16,16 @@ import ( sigtypes "github.com/containers/image/types" "github.com/spf13/cobra" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - kapi "k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/kubectl/cmd/templates" kcmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" "k8s.io/kubernetes/pkg/kubectl/genericclioptions" + imagev1 "github.com/openshift/api/image/v1" + imagev1typedclient "github.com/openshift/client-go/image/clientset/versioned/typed/image/v1" + userv1typedclient "github.com/openshift/client-go/user/clientset/versioned/typed/user/v1" imageapi "github.com/openshift/origin/pkg/image/apis/image" - imageclientinternal "github.com/openshift/origin/pkg/image/generated/internalclientset" - imageclient "github.com/openshift/origin/pkg/image/generated/internalclientset/typed/image/internalversion" - userclientinternal "github.com/openshift/origin/pkg/user/generated/internalclientset" ) var ( @@ -86,7 +86,7 @@ type VerifyImageSignatureOptions struct { RegistryURL string Insecure bool - ImageClient imageclient.ImageInterface + ImageClient imagev1typedclient.ImageV1Interface genericclioptions.IOStreams } @@ -154,13 +154,12 @@ func (o *VerifyImageSignatureOptions) Complete(f kcmdutil.Factory, cmd *cobra.Co if err != nil { return err } - imageClient, err := imageclientinternal.NewForConfig(clientConfig) + o.ImageClient, err = imagev1typedclient.NewForConfig(clientConfig) if err != nil { return err } - o.ImageClient = imageClient.Image() - userClient, err := userclientinternal.NewForConfig(clientConfig) + userClient, err := userv1typedclient.NewForConfig(clientConfig) if err != nil { return err } @@ -168,7 +167,7 @@ func (o *VerifyImageSignatureOptions) Complete(f kcmdutil.Factory, cmd *cobra.Co // We need the current user name so we can record it into an verification condition and // we need a bearer token so we can fetch the manifest from the registry. // TODO: Add support for external registries (currently only integrated registry will - if me, err := userClient.User().Users().Get("~", metav1.GetOptions{}); err != nil { + if me, err := userClient.Users().Get("~", metav1.GetOptions{}); err != nil { return err } else { o.CurrentUser = me.Name @@ -206,7 +205,7 @@ func (o VerifyImageSignatureOptions) Run() error { defer pc.Destroy() if o.RemoveAll { - img.Signatures = []imageapi.ImageSignature{} + img.Signatures = []imagev1.ImageSignature{} } for i, s := range img.Signatures { @@ -214,16 +213,16 @@ func (o VerifyImageSignatureOptions) Run() error { signedBy, err := o.verifySignature(pc, img, s.Content) if err != nil { fmt.Fprintf(o.ErrOut, "error verifying signature %s for image %s (verification status will be removed): %v\n", img.Signatures[i].Name, o.InputImage, err) - img.Signatures[i] = imageapi.ImageSignature{} + img.Signatures[i] = imagev1.ImageSignature{} continue } fmt.Fprintf(o.Out, "image %q identity is now confirmed (signed by GPG key %q)\n", o.InputImage, signedBy) now := metav1.Now() - newConditions := []imageapi.SignatureCondition{ + newConditions := []imagev1.SignatureCondition{ { Type: imageapi.SignatureTrusted, - Status: kapi.ConditionTrue, + Status: corev1.ConditionTrue, LastProbeTime: now, LastTransitionTime: now, Reason: "manually verified", @@ -232,13 +231,13 @@ func (o VerifyImageSignatureOptions) Run() error { // TODO: This should be not needed (need to relax validation). { Type: imageapi.SignatureForImage, - Status: kapi.ConditionTrue, + Status: corev1.ConditionTrue, LastProbeTime: now, LastTransitionTime: now, }, } img.Signatures[i].Conditions = newConditions - img.Signatures[i].IssuedBy = &imageapi.SignatureIssuer{} + img.Signatures[i].IssuedBy = &imagev1.SignatureIssuer{} // TODO: This should not be just a key id but a human-readable identity. img.Signatures[i].IssuedBy.CommonName = signedBy } @@ -253,7 +252,7 @@ func (o VerifyImageSignatureOptions) Run() error { } // getImageManifest fetches the manifest for provided image from the integrated registry. -func (o *VerifyImageSignatureOptions) getImageManifest(img *imageapi.Image) ([]byte, error) { +func (o *VerifyImageSignatureOptions) getImageManifest(img *imagev1.Image) ([]byte, error) { parsed, err := imageapi.ParseDockerImageReference(img.DockerImageReference) if err != nil { return nil, err @@ -273,7 +272,7 @@ func (o *VerifyImageSignatureOptions) getImageManifest(img *imageapi.Image) ([]b // signature message and the manifest matches as well. // In case the image identity is confirmed, this function returns the matching GPG key in // short form, otherwise it returns rejection reason. -func (o *VerifyImageSignatureOptions) verifySignature(pc *signature.PolicyContext, img *imageapi.Image, sigBlob []byte) (string, error) { +func (o *VerifyImageSignatureOptions) verifySignature(pc *signature.PolicyContext, img *imagev1.Image, sigBlob []byte) (string, error) { manifest, err := o.getImageManifest(img) if err != nil { return "", fmt.Errorf("failed to get image %q manifest: %v", img.Name, err) diff --git a/pkg/oc/cli/login/loginoptions.go b/pkg/oc/cli/login/loginoptions.go index 1b744e04642a..28648388dfbf 100644 --- a/pkg/oc/cli/login/loginoptions.go +++ b/pkg/oc/cli/login/loginoptions.go @@ -19,6 +19,8 @@ import ( "k8s.io/kubernetes/pkg/kubectl/genericclioptions" kterm "k8s.io/kubernetes/pkg/kubectl/util/term" + userv1 "github.com/openshift/api/user/v1" + projectv1typedclient "github.com/openshift/client-go/project/clientset/versioned/typed/project/v1" "github.com/openshift/origin/pkg/client/config" cmdutil "github.com/openshift/origin/pkg/cmd/util" "github.com/openshift/origin/pkg/cmd/util/term" @@ -27,8 +29,6 @@ import ( "github.com/openshift/origin/pkg/oc/lib/tokencmd" "github.com/openshift/origin/pkg/oc/util/project" loginutil "github.com/openshift/origin/pkg/oc/util/project" - projectclient "github.com/openshift/origin/pkg/project/generated/internalclientset" - userapi "github.com/openshift/origin/pkg/user/apis/user" ) const defaultClusterURL = "https://localhost:8443" @@ -261,12 +261,12 @@ func (o *LoginOptions) gatherProjectInfo() error { return fmt.Errorf("current user, %v, does not match expected user %v", me.Name, o.Username) } - projectClient, err := projectclient.NewForConfig(o.Config) + projectClient, err := projectv1typedclient.NewForConfig(o.Config) if err != nil { return err } - projectsList, err := projectClient.Project().Projects().List(metav1.ListOptions{}) + projectsList, err := projectClient.Projects().List(metav1.ListOptions{}) // if we're running on kube (or likely kube), just set it to "default" if kerrors.IsNotFound(err) || kerrors.IsForbidden(err) { fmt.Fprintf(o.Out, "Using \"default\". You can switch projects with:\n\n '%s project '\n", o.CommandName) @@ -285,7 +285,7 @@ func (o *LoginOptions) gatherProjectInfo() error { if len(o.DefaultNamespace) > 0 && !projects.Has(o.DefaultNamespace) { // Attempt a direct get of our current project in case it hasn't appeared in the list yet - if currentProject, err := projectClient.Project().Projects().Get(o.DefaultNamespace, metav1.GetOptions{}); err == nil { + if currentProject, err := projectClient.Projects().Get(o.DefaultNamespace, metav1.GetOptions{}); err == nil { // If we get it successfully, add it to the list projectsItems = append(projectsItems, *currentProject) projects.Insert(currentProject.Name) @@ -317,7 +317,7 @@ func (o *LoginOptions) gatherProjectInfo() error { } } - current, err := projectClient.Project().Projects().Get(namespace, metav1.GetOptions{}) + current, err := projectClient.Projects().Get(namespace, metav1.GetOptions{}) if err != nil && !kerrors.IsNotFound(err) && !kerrors.IsForbidden(err) { return err } @@ -397,7 +397,7 @@ func (o *LoginOptions) SaveConfig() (bool, error) { return created, nil } -func (o LoginOptions) whoAmI() (*userapi.User, error) { +func (o LoginOptions) whoAmI() (*userv1.User, error) { return project.WhoAmI(o.Config) } diff --git a/pkg/oc/util/project/whoami.go b/pkg/oc/util/project/whoami.go index e0de1daa1408..980e4abb39b0 100644 --- a/pkg/oc/util/project/whoami.go +++ b/pkg/oc/util/project/whoami.go @@ -1,17 +1,18 @@ package project import ( - userapi "github.com/openshift/origin/pkg/user/apis/user" - userclient "github.com/openshift/origin/pkg/user/generated/internalclientset" kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" restclient "k8s.io/client-go/rest" + + userv1 "github.com/openshift/api/user/v1" + userv1typedclient "github.com/openshift/client-go/user/clientset/versioned/typed/user/v1" ) -func WhoAmI(clientConfig *restclient.Config) (*userapi.User, error) { - client, err := userclient.NewForConfig(clientConfig) +func WhoAmI(clientConfig *restclient.Config) (*userv1.User, error) { + client, err := userv1typedclient.NewForConfig(clientConfig) - me, err := client.User().Users().Get("~", metav1.GetOptions{}) + me, err := client.Users().Get("~", metav1.GetOptions{}) // if we're talking to kube (or likely talking to kube), if kerrors.IsNotFound(err) || kerrors.IsForbidden(err) { @@ -19,10 +20,10 @@ func WhoAmI(clientConfig *restclient.Config) (*userapi.User, error) { case len(clientConfig.BearerToken) > 0: // the user has already been willing to provide the token on the CLI, so they probably // don't mind using it again if they switch to and from this user - return &userapi.User{ObjectMeta: metav1.ObjectMeta{Name: clientConfig.BearerToken}}, nil + return &userv1.User{ObjectMeta: metav1.ObjectMeta{Name: clientConfig.BearerToken}}, nil case len(clientConfig.Username) > 0: - return &userapi.User{ObjectMeta: metav1.ObjectMeta{Name: clientConfig.Username}}, nil + return &userv1.User{ObjectMeta: metav1.ObjectMeta{Name: clientConfig.Username}}, nil } } diff --git a/test/integration/login_test.go b/test/integration/login_test.go index 2949cd746e90..aceef7aae694 100644 --- a/test/integration/login_test.go +++ b/test/integration/login_test.go @@ -10,12 +10,12 @@ import ( "k8s.io/client-go/tools/clientcmd" "k8s.io/kubernetes/pkg/kubectl/genericclioptions" - authorizationclient "github.com/openshift/origin/pkg/authorization/generated/internalclientset" + authorizationv1typedclient "github.com/openshift/client-go/authorization/clientset/versioned/typed/authorization/v1" + projectv1typedclient "github.com/openshift/client-go/project/clientset/versioned/typed/project/v1" "github.com/openshift/origin/pkg/cmd/server/bootstrappolicy" newproject "github.com/openshift/origin/pkg/oc/cli/admin/project" "github.com/openshift/origin/pkg/oc/cli/login" "github.com/openshift/origin/pkg/oc/cli/whoami" - projectclient "github.com/openshift/origin/pkg/project/generated/internalclientset" userclient "github.com/openshift/origin/pkg/user/generated/internalclientset/typed/user/internalversion" testutil "github.com/openshift/origin/test/util" testserver "github.com/openshift/origin/test/util/server" @@ -48,10 +48,10 @@ func TestLogin(t *testing.T) { t.Fatalf("Unexpected user after authentication: %#v", loginOptions) } rbacClient := rbacv1client.NewForConfigOrDie(clusterAdminClientConfig) - authorizationInterface := authorizationclient.NewForConfigOrDie(clusterAdminClientConfig).Authorization() + authorizationInterface := authorizationv1typedclient.NewForConfigOrDie(clusterAdminClientConfig) newProjectOptions := &newproject.NewProjectOptions{ - ProjectClient: projectclient.NewForConfigOrDie(clusterAdminClientConfig).Project(), + ProjectClient: projectv1typedclient.NewForConfigOrDie(clusterAdminClientConfig), RbacClient: rbacClient, SARClient: authorizationInterface.SubjectAccessReviews(), ProjectName: project, @@ -64,11 +64,11 @@ func TestLogin(t *testing.T) { t.Fatalf("unexpected error, a project is required to continue: %v", err) } - projectClient, err := projectclient.NewForConfig(loginOptions.Config) + projectClient, err := projectv1typedclient.NewForConfig(loginOptions.Config) if err != nil { t.Fatalf("unexpected error: %v", err) } - p, err := projectClient.Project().Projects().Get(project, metav1.GetOptions{}) + p, err := projectClient.Projects().Get(project, metav1.GetOptions{}) if err != nil { t.Errorf("unexpected error: %v", err) } diff --git a/test/util/server/server.go b/test/util/server/server.go index b20c55ce1f15..5dffa7946b14 100644 --- a/test/util/server/server.go +++ b/test/util/server/server.go @@ -29,8 +29,9 @@ import ( kclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" "k8s.io/kubernetes/pkg/kubectl/genericclioptions" + authorizationv1typedclient "github.com/openshift/client-go/authorization/clientset/versioned/typed/authorization/v1" + projectv1typedclient "github.com/openshift/client-go/project/clientset/versioned/typed/project/v1" "github.com/openshift/library-go/pkg/crypto" - authorizationclient "github.com/openshift/origin/pkg/authorization/generated/internalclientset" "github.com/openshift/origin/pkg/cmd/server/admin" configapi "github.com/openshift/origin/pkg/cmd/server/apis/config" "github.com/openshift/origin/pkg/cmd/server/bootstrappolicy" @@ -38,7 +39,6 @@ import ( "github.com/openshift/origin/pkg/cmd/server/start" cmdutil "github.com/openshift/origin/pkg/cmd/util" newproject "github.com/openshift/origin/pkg/oc/cli/admin/project" - projectclient "github.com/openshift/origin/pkg/project/generated/internalclientset/typed/project/internalversion" "github.com/openshift/origin/test/util" // install all APIs @@ -543,7 +543,7 @@ func WaitForServiceAccounts(clientset kclientset.Interface, namespace string, ac // CreateNewProject creates a new project using the clusterAdminClient, then gets a token for the adminUser and returns // back a client for the admin user func CreateNewProject(clientConfig *restclient.Config, projectName, adminUser string) (kclientset.Interface, *restclient.Config, error) { - projectClient, err := projectclient.NewForConfig(clientConfig) + projectClient, err := projectv1typedclient.NewForConfig(clientConfig) if err != nil { return nil, nil, err } @@ -551,16 +551,15 @@ func CreateNewProject(clientConfig *restclient.Config, projectName, adminUser st if err != nil { return nil, nil, err } - authorizationClient, err := authorizationclient.NewForConfig(clientConfig) + authorizationClient, err := authorizationv1typedclient.NewForConfig(clientConfig) if err != nil { return nil, nil, err } - authorizationInterface := authorizationClient.Authorization() newProjectOptions := &newproject.NewProjectOptions{ ProjectClient: projectClient, RbacClient: kubeExternalClient.RbacV1(), - SARClient: authorizationInterface.SubjectAccessReviews(), + SARClient: authorizationClient.SubjectAccessReviews(), ProjectName: projectName, AdminRole: bootstrappolicy.AdminRoleName, AdminUser: adminUser,