diff --git a/go.mod b/go.mod index 40d490a1bb..4ad889621d 100644 --- a/go.mod +++ b/go.mod @@ -33,34 +33,34 @@ replace ( google.golang.org/genproto => google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884 google.golang.org/grpc => google.golang.org/grpc v1.27.1 gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 - k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.0-k3s1 - k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.0-k3s1 - k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.0-k3s1 - k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.0-k3s1 - k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.0-k3s1 - k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.0-k3s1 - k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.0-k3s1 - k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.0-k3s1 - k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.0-k3s1 - k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.0-k3s1 - k8s.io/component-helpers => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.0-k3s1 - k8s.io/controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.0-k3s1 - k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.0-k3s1 - k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.0-k3s1 - k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.0-k3s1 - k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.0-k3s1 - k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.0-k3s1 - k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.0-k3s1 - k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.0-k3s1 - k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.0-k3s1 - k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.21.0-k3s1 - k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.0-k3s1 - k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.0-k3s1 - k8s.io/mount-utils => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.0-k3s1 - k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.21.0-k3s1 - k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.21.0-k3s1 - k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.21.0-k3s1 - k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.21.0-k3s1 + k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.1-k3s1 + k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.1-k3s1 + k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.1-k3s1 + k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.1-k3s1 + k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.1-k3s1 + k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.1-k3s1 + k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.1-k3s1 + k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.1-k3s1 + k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.1-k3s1 + k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.1-k3s1 + k8s.io/component-helpers => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.1-k3s1 + k8s.io/controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.1-k3s1 + k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.1-k3s1 + k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.1-k3s1 + k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.1-k3s1 + k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.1-k3s1 + k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.1-k3s1 + k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.1-k3s1 + k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.1-k3s1 + k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.1-k3s1 + k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.21.1-k3s1 + k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.1-k3s1 + k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.1-k3s1 + k8s.io/mount-utils => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.1-k3s1 + k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.21.1-k3s1 + k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.21.1-k3s1 + k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.21.1-k3s1 + k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.21.1-k3s1 mvdan.cc/unparam => mvdan.cc/unparam v0.0.0-20210104141923-aac4ce9116a7 ) @@ -114,17 +114,17 @@ require ( golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073 google.golang.org/grpc v1.37.0 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.21.0 - k8s.io/apimachinery v0.21.0 - k8s.io/apiserver v0.21.0 + k8s.io/api v0.21.1 + k8s.io/apimachinery v0.21.1 + k8s.io/apiserver v0.21.1 k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible - k8s.io/cloud-provider v0.21.0 - k8s.io/component-base v0.21.0 - k8s.io/controller-manager v0.21.0 - k8s.io/cri-api v0.21.0 + k8s.io/cloud-provider v0.21.1 + k8s.io/component-base v0.21.1 + k8s.io/controller-manager v0.21.1 + k8s.io/cri-api v0.21.1 k8s.io/klog v1.0.0 - k8s.io/kubectl v0.21.0 - k8s.io/kubernetes v1.21.0 + k8s.io/kubectl v0.21.1 + k8s.io/kubernetes v1.21.1 k8s.io/utils v0.0.0-20201110183641-67b214c5f920 sigs.k8s.io/yaml v1.2.0 ) diff --git a/go.sum b/go.sum index 47cce2bf2e..3294fe6066 100644 --- a/go.sum +++ b/go.sum @@ -544,55 +544,55 @@ github.com/k3s-io/helm-controller v0.9.1 h1:qtHWTNHiuCPRbA2YZ7z7jTgSHo7Yc5He52oM github.com/k3s-io/helm-controller v0.9.1/go.mod h1:nZP8FH3KZrNNUf5r+SwwiMR63HS6lxdHdpHijgPfF74= github.com/k3s-io/kine v0.6.0 h1:4l7wjgCxb2oD+7Hyf3xIhkGd/6s1sXpRFdQiyy+7Ki8= github.com/k3s-io/kine v0.6.0/go.mod h1:rzCs93+rQHZGOiewMd84PDrER92QeZ6eeHbWkfEy4+w= -github.com/k3s-io/kubernetes v1.21.0-k3s1 h1:pIE2vo7wrwC7nuuislJ9PRWNL/48/Xka2z9MHcdzR7M= -github.com/k3s-io/kubernetes v1.21.0-k3s1/go.mod h1:Yx6XZ8zalyqEk7but+j4+5SvLzdyH1eeqZ4cwO+5dD4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.0-k3s1 h1:gr4+YinsNPHpl+lNSeJ+56bwsba40oTqUtlnhi/uPyc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.0-k3s1/go.mod h1:DKjoC7WTLvupppdmb5jEvRDPQENLZqz/stEUs19TOOc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.0-k3s1 h1:recjrG98d6Zeeol0MVwWXOOiUwM5x+gWLlB19utkOy8= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.0-k3s1/go.mod h1:z4ndT0jW6BSHky3MjKfpX8hfxFiOobduUEPsG67DW+o= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.0-k3s1 h1:zZnKRsGPl/roeHzi8w5HuGoCHtMS0Nc5mFayz585ddQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.0-k3s1/go.mod h1:nNWKgJz7U8Te/QwaBeDSCEsvmYwqE+lIJtSthnQTluo= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.0-k3s1 h1:27UN6IaqFHTkJNMI6fl1joDg1oA0i/EsfLtmGWlzVuk= -github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.0-k3s1/go.mod h1:55vGov1alDiAFatappea/yL2CFIuYfSpQmw8xdZNCxw= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.0-k3s1 h1:gdS7EpWsxrR//ZjB5NbesXB637Mn7jXbtsDRXnEMPbw= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.0-k3s1/go.mod h1:6CFN1avCVGMDewUGwb1yatAhmu/3XgfOI9wHSPCbOe0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.0-k3s1 h1:iH45PtffFv8oiIqwv9gl5MMxfCtIbJ4tc/91kGTd9F4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.0-k3s1/go.mod h1:dQ/jkraN2wXzFTYGG3wlzs/YappHsx2F/PxtQ9KyDZY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.0-k3s1 h1:rZ699kcSU8aIlHVxaeAVAXIKFXGbNwRrcAR0D2/Cv/8= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.0-k3s1/go.mod h1:7Q3crE6C30z+md2412q3PcSR2P2NIv1WxHH5ug8LVmY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.0-k3s1 h1:qOXwlh00n2NHTLNOgbd914dIU8csO9br051KpVi/Aw0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.0-k3s1/go.mod h1:yvPZprzrt0uOuPx/Tkg3zCSdulxPWxWU2nznGYKmMVk= -github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.0-k3s1 h1:HCsle/uaJCc6J+e19y275AJbZDfMUP4l2QFpTg+EWVA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.0-k3s1/go.mod h1:zeT/sAA82/kLPoYfV1Xc1x0PjZlRvqCsrgRZj0Q/OTc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.0-k3s1 h1:/EecAJfCzMKpL0Cc046cKStx2lVVh1Zp3LhguH9BD0g= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.0-k3s1/go.mod h1:+aA0FBzPTZJn0I03PDY6xs4stHFP1CGYPNmcAkgDvX4= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.0-k3s1 h1:E3BoGGwpZ5sfsaW4G7m3rdJ9r/iSb68TVk/RBwTcgzY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.0-k3s1/go.mod h1:W/TBpRMx7t6+ZimgebLr7be4Pfb7JvWpeer+kPlA6eI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.0-k3s1 h1:ZRYPnhI/jjz2c+KlnbgB4YxEdTTpE/yYsCAwfPncpGA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.0-k3s1/go.mod h1:SnaQa8bOBayBORIZwicYBm9QrlwUPi2PKlMQOhI6HAU= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.0-k3s1 h1:71qmZjf0zI6uCNUi4F3ng16TX3KaUB0uxUing4+ZCUI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.0-k3s1/go.mod h1:9zdUgM3lMAO5+g35Vyq3OQdMrylvtV97G7t5emDYCOs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.0-k3s1 h1:vATek1lQCKeeroQ4Xj23GQ5GRo2cEhzS53Y/5sNGXIA= -github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.0-k3s1/go.mod h1:NmtKDopOnphD2IlcH9OjoxoI4mEkkgGhVw7dTbdBTY0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.0-k3s1 h1:aEZElY9vBuOUs4taV1G7D6DhVXNOWXWkoNziNNaYj5M= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.0-k3s1/go.mod h1:KhCAvsyM1iGJLSql7cTjBXwRzigyfTwRcu1unidRJmo= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.0-k3s1 h1:V7tCsfGezSEV8Xi3Mmr35jbJpHyav4MlMeMdld6+2Cs= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.0-k3s1/go.mod h1:46iKO45TZat/zvPyqe8TjLLrTS/U/nGB92Ft63PEPF0= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.0-k3s1 h1:yhPSspXH46Xd4BW1Fv6tKZzFU0/YjcXqguyDB53z4bQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.0-k3s1/go.mod h1:6mEp02ABsuOeeBuUrrol78v9LYysX7Z8CZOMFlkPOOI= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.0-k3s1 h1:ID0QGKO7RcoE34SGa90QlhBgpy+yWGWRdYeHlN9QVNo= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.0-k3s1/go.mod h1:8YcoZs+nmcq5YEBZXOkUtuLpYpPoZWC7I3CAUOvZGNc= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.0-k3s1 h1:x7Ow0G/StGDmiyLkAA0BSs97L4BykeBgH4oKyIkRlig= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.0-k3s1/go.mod h1:vNK7RS+0XvfP7/64ypg05JWArnA0ZAxVmkz0QhoHjYQ= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.0-k3s1 h1:tizT7lugmoQWSXTOCgU2yXa4EvndhMixce3tEDv9BV8= -github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.0-k3s1/go.mod h1:o8/6oYd5NojfXqZcgzwRY6/N9H0txmvDbs4Sk6Laz0A= -github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.0-k3s1 h1:XkGtREnW8hGVt81eSI1HuA5mBjP7G4C9kWrO+Vj+z2w= -github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.0-k3s1/go.mod h1:Fqw7RNHll7guUATPVDLSfOKr2ayRlFGMI3SMrxo5ECU= -github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.0-k3s1 h1:vE5mDyQhtFYNtYOP1jr8QqPBvsbPYRun6gUC9DKoJyg= -github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.0-k3s1/go.mod h1:/SknInvlq+Fm+vrO/Z7JYHjxwIsxAl32mAI9tUH/lGY= -github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.0-k3s1 h1:sAqdI/DP8+Vhi3dHiuQV+7gzt0dF9umR5AnZd+K3dpo= -github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.0-k3s1/go.mod h1:99KFJSKqMgMvpCWJr4w6ooLZgR+2usWp5GPaILFNq9k= -github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.21.0-k3s1/go.mod h1:WkDfrpYVRWS0Muw8Vg5XicfVdTxnLvgiT8tX8DSD0Zo= +github.com/k3s-io/kubernetes v1.21.1-k3s1 h1:X8nEv12/bI3iR2+ARLuzvosPW8iMOisMlklOAeovISw= +github.com/k3s-io/kubernetes v1.21.1-k3s1/go.mod h1:ef++isEL1PW0taH6z7DXrSztPglrZ7jQhyvcMEtm0gQ= +github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.1-k3s1 h1:7iwn62FGlOqG9oRHwTY/+AbFlSZffWMqx6WUXjRpQPk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.1-k3s1/go.mod h1:DKjoC7WTLvupppdmb5jEvRDPQENLZqz/stEUs19TOOc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.1-k3s1 h1:xx/SYlAfrliD+w2REUCBMFtQvATof0YitCHpswviL8s= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.1-k3s1/go.mod h1:z4ndT0jW6BSHky3MjKfpX8hfxFiOobduUEPsG67DW+o= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.1-k3s1 h1:Ehl7DzKcuQqcT1lqNgx8+E2WFfvcnxyFTR408v6/zcE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.1-k3s1/go.mod h1:nNWKgJz7U8Te/QwaBeDSCEsvmYwqE+lIJtSthnQTluo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.1-k3s1 h1:fHAKfXieH13JHdEIstbWmDsy32d7Lr8jmxZgbMy4D4M= +github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.1-k3s1/go.mod h1:55vGov1alDiAFatappea/yL2CFIuYfSpQmw8xdZNCxw= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.1-k3s1 h1:iFah9rWBxlUgEE1nrmpOhrMI+vDArwTR6yfL3lS75PU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.1-k3s1/go.mod h1:4vy7xXlS9QNceWCoFBkdxsp50ToEpoM5TjtRKTRxyF0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.1-k3s1 h1:LiLc5dwo9eWPCyro6s31zKB/m2mWX8QSU7u+UpIu3O0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.1-k3s1/go.mod h1:dQ/jkraN2wXzFTYGG3wlzs/YappHsx2F/PxtQ9KyDZY= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.1-k3s1 h1:AnNUwMVdRRjOqOmNbN05yxoTNH6Gp4YZsDLDqSSXrpo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.1-k3s1/go.mod h1:7Q3crE6C30z+md2412q3PcSR2P2NIv1WxHH5ug8LVmY= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.1-k3s1 h1:S961JPII6QbT1j0wAFnRv2EKeRiDZYsCSMkAPReZ4MY= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.1-k3s1/go.mod h1:yvPZprzrt0uOuPx/Tkg3zCSdulxPWxWU2nznGYKmMVk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.1-k3s1 h1:6zVRXrGwZu2G5IN3jjftM9R5tJ++2ou4rWBlkcK+ivo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.1-k3s1/go.mod h1:zeT/sAA82/kLPoYfV1Xc1x0PjZlRvqCsrgRZj0Q/OTc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.1-k3s1 h1:97KjbtEom5IvBTbGktGOEFogPx+RruR2LJ61Oq7HpMI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.1-k3s1/go.mod h1:+aA0FBzPTZJn0I03PDY6xs4stHFP1CGYPNmcAkgDvX4= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.1-k3s1 h1:EZV6LHZ1Xy96bGhpdonZWMDqJ3vsJO+G4og3Y2bhwFw= +github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.1-k3s1/go.mod h1:W/TBpRMx7t6+ZimgebLr7be4Pfb7JvWpeer+kPlA6eI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.1-k3s1 h1:uG7fW+0DgGvKvS+QHlsUUCiplS7TpkKApxqa8kMgQZc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.1-k3s1/go.mod h1:SnaQa8bOBayBORIZwicYBm9QrlwUPi2PKlMQOhI6HAU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.1-k3s1 h1:A9dgWvKNTG99Dv+wk+9kMYiRR3n8r/O8YbRowznaqvE= +github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.1-k3s1/go.mod h1:9zdUgM3lMAO5+g35Vyq3OQdMrylvtV97G7t5emDYCOs= +github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.1-k3s1 h1:ZA9oCLCAQ+QsT4CBsfmoAZC8OpvX3aREqgrmcHdsYDU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.1-k3s1/go.mod h1:NmtKDopOnphD2IlcH9OjoxoI4mEkkgGhVw7dTbdBTY0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.1-k3s1 h1:Jq6Ix8pq5N6YXhFk9dRsogpr824gsow/31vIia1FLLU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.1-k3s1/go.mod h1:KhCAvsyM1iGJLSql7cTjBXwRzigyfTwRcu1unidRJmo= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.1-k3s1 h1:7Dls9SYhW2caBAgvO/d+bDsnbnWn5oryOCldyTi/48g= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.1-k3s1/go.mod h1:46iKO45TZat/zvPyqe8TjLLrTS/U/nGB92Ft63PEPF0= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.1-k3s1 h1:1AzewTobcKns6rupjf6ZcNduUbA2saJbRdlj0Xk6A8M= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.1-k3s1/go.mod h1:6mEp02ABsuOeeBuUrrol78v9LYysX7Z8CZOMFlkPOOI= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.1-k3s1 h1:orhYkSYqltNEiiwzBZHbi5eiis5NGfAWUHKg/0XBVdk= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.1-k3s1/go.mod h1:8YcoZs+nmcq5YEBZXOkUtuLpYpPoZWC7I3CAUOvZGNc= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.1-k3s1 h1:8vP+SyaEgSZjGKLYhwp8//9XwpYYhtLjL2+eLBKs+No= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.1-k3s1/go.mod h1:ZRzv7towE/rnhoSlglnClSdwvG956r8BtWsV8GriLCw= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.1-k3s1 h1:xxDhyVqo40oFL+QRnE7Aq3f4YOmp39hsWs3CG3h/BJA= +github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.1-k3s1/go.mod h1:o8/6oYd5NojfXqZcgzwRY6/N9H0txmvDbs4Sk6Laz0A= +github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.1-k3s1 h1:VNow0MZPpjsdJ4VTVAMvguvUtEM9VRBzcZCepwpqLEQ= +github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.1-k3s1/go.mod h1:Fqw7RNHll7guUATPVDLSfOKr2ayRlFGMI3SMrxo5ECU= +github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.1-k3s1 h1:XkxQNzMRtm5HG8N3m6P6NVcEiTOae6zyQ1T7aZ1m3aM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.1-k3s1/go.mod h1:/SknInvlq+Fm+vrO/Z7JYHjxwIsxAl32mAI9tUH/lGY= +github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.1-k3s1 h1:KxvblpY/4qohv46MZBJtWxwY8u9YSqQnNXinl1d7DGM= +github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.1-k3s1/go.mod h1:99KFJSKqMgMvpCWJr4w6ooLZgR+2usWp5GPaILFNq9k= +github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.21.1-k3s1/go.mod h1:WkDfrpYVRWS0Muw8Vg5XicfVdTxnLvgiT8tX8DSD0Zo= github.com/k3s-io/protobuf v1.4.3-k3s1 h1:gduXrSm/6KkbTuctP6bASYqKQ/tyC/PNYqxBmJnk4Tc= github.com/k3s-io/protobuf v1.4.3-k3s1/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw= @@ -1258,13 +1258,13 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15 h1:4uqm9Mv+w2MmBYD+F4qf/v6tDFUdPOk29C095RbU5mY= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/kustomize/api v0.8.5 h1:bfCXGXDAbFbb/Jv5AhMj2BB8a5VAJuuQ5/KU69WtDjQ= -sigs.k8s.io/kustomize/api v0.8.5/go.mod h1:M377apnKT5ZHJS++6H4rQoCHmWtt6qTpp3mbe7p6OLY= -sigs.k8s.io/kustomize/cmd/config v0.9.7/go.mod h1:MvXCpHs77cfyxRmCNUQjIqCmZyYsbn5PyQpWiq44nW0= -sigs.k8s.io/kustomize/kustomize/v4 v4.0.5 h1:0xQWp03aKWilF6UJrupcA2rCoCn3jejkJ+m/CCI/Fis= -sigs.k8s.io/kustomize/kustomize/v4 v4.0.5/go.mod h1:C7rYla7sI8EnxHE/xEhRBSHMNfcL91fx0uKmUlUhrBk= -sigs.k8s.io/kustomize/kyaml v0.10.15 h1:dSLgG78KyaxN4HylPXdK+7zB3k7sW6q3IcCmcfKA+aI= -sigs.k8s.io/kustomize/kyaml v0.10.15/go.mod h1:mlQFagmkm1P+W4lZJbJ/yaxMd8PqMRSC4cPcfUVt5Hg= +sigs.k8s.io/kustomize/api v0.8.8 h1:G2z6JPSSjtWWgMeWSoHdXqyftJNmMmyxXpwENGoOtGE= +sigs.k8s.io/kustomize/api v0.8.8/go.mod h1:He1zoK0nk43Pc6NlV085xDXDXTNprtcyKZVm3swsdNY= +sigs.k8s.io/kustomize/cmd/config v0.9.10/go.mod h1:Mrby0WnRH7hA6OwOYnYpfpiY0WJIMgYrEDfwOeFdMK0= +sigs.k8s.io/kustomize/kustomize/v4 v4.1.2 h1:iP3ckqMIftwsIKnMqtztReSkkPJvhqNc5QiOpMoFpbY= +sigs.k8s.io/kustomize/kustomize/v4 v4.1.2/go.mod h1:PxBvo4WGYlCLeRPL+ziT64wBXqbgfcalOS/SXa/tcyo= +sigs.k8s.io/kustomize/kyaml v0.10.17 h1:4zrV0ym5AYa0e512q7K3Wp1u7mzoWW0xR3UHJcGWGIg= +sigs.k8s.io/kustomize/kyaml v0.10.17/go.mod h1:mlQFagmkm1P+W4lZJbJ/yaxMd8PqMRSC4cPcfUVt5Hg= sigs.k8s.io/structured-merge-diff v0.0.0-20190426204423-ea680f03cc65 h1:xJNnO2qzHtgVCSPoGkkltSpyEX7D7IJw1TmbE3G/7lY= sigs.k8s.io/structured-merge-diff v0.0.0-20190426204423-ea680f03cc65/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= diff --git a/vendor/k8s.io/api/core/v1/annotation_key_constants.go b/vendor/k8s.io/api/core/v1/annotation_key_constants.go index 612f6aa747..22476b2bd9 100644 --- a/vendor/k8s.io/api/core/v1/annotation_key_constants.go +++ b/vendor/k8s.io/api/core/v1/annotation_key_constants.go @@ -148,7 +148,7 @@ const ( PodDeletionCost = "controller.kubernetes.io/pod-deletion-cost" // AnnotationTopologyAwareHints can be used to enable or disable Topology - // Aware Hints for a Service. This may be set to "auto" or "disabled". Any - // other value is treated as "disabled". + // Aware Hints for a Service. This may be set to "Auto" or "Disabled". Any + // other value is treated as "Disabled". AnnotationTopologyAwareHints = "service.kubernetes.io/topology-aware-hints" ) diff --git a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go index f89ca163cd..3e0cdb10d4 100644 --- a/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go +++ b/vendor/k8s.io/apimachinery/pkg/api/resource/quantity_proto.go @@ -166,7 +166,7 @@ func (m *Quantity) Unmarshal(data []byte) error { if err != nil { return err } - if skippy < 0 { + if (skippy < 0) || (iNdEx+skippy) < 0 { return ErrInvalidLengthGenerated } if (iNdEx + skippy) > l { diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go index 00ce5f785c..32f075782a 100644 --- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go +++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go @@ -78,6 +78,8 @@ type Connection interface { // SetIdleTimeout sets the amount of time the connection may remain idle before // it is automatically closed. SetIdleTimeout(timeout time.Duration) + // RemoveStreams can be used to remove a set of streams from the Connection. + RemoveStreams(streams ...Stream) } // Stream represents a bidirectional communications channel that is part of an diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go index 21b2568d90..3da7457f48 100644 --- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go +++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go @@ -31,7 +31,7 @@ import ( // streams. type connection struct { conn *spdystream.Connection - streams []httpstream.Stream + streams map[uint32]httpstream.Stream streamLock sync.Mutex newStreamHandler httpstream.NewStreamHandler ping func() (time.Duration, error) @@ -85,7 +85,12 @@ func NewServerConnectionWithPings(conn net.Conn, newStreamHandler httpstream.New // will be invoked when the server receives a newly created stream from the // client. func newConnection(conn *spdystream.Connection, newStreamHandler httpstream.NewStreamHandler, pingPeriod time.Duration, pingFn func() (time.Duration, error)) httpstream.Connection { - c := &connection{conn: conn, newStreamHandler: newStreamHandler, ping: pingFn} + c := &connection{ + conn: conn, + newStreamHandler: newStreamHandler, + ping: pingFn, + streams: make(map[uint32]httpstream.Stream), + } go conn.Serve(c.newSpdyStream) if pingPeriod > 0 && pingFn != nil { go c.sendPings(pingPeriod) @@ -105,7 +110,7 @@ func (c *connection) Close() error { // calling Reset instead of Close ensures that all streams are fully torn down s.Reset() } - c.streams = make([]httpstream.Stream, 0) + c.streams = make(map[uint32]httpstream.Stream, 0) c.streamLock.Unlock() // now that all streams are fully torn down, it's safe to call close on the underlying connection, @@ -114,6 +119,15 @@ func (c *connection) Close() error { return c.conn.Close() } +// RemoveStreams can be used to removes a set of streams from the Connection. +func (c *connection) RemoveStreams(streams ...httpstream.Stream) { + c.streamLock.Lock() + for _, stream := range streams { + delete(c.streams, stream.Identifier()) + } + c.streamLock.Unlock() +} + // CreateStream creates a new stream with the specified headers and registers // it with the connection. func (c *connection) CreateStream(headers http.Header) (httpstream.Stream, error) { @@ -133,7 +147,7 @@ func (c *connection) CreateStream(headers http.Header) (httpstream.Stream, error // it owns. func (c *connection) registerStream(s httpstream.Stream) { c.streamLock.Lock() - c.streams = append(c.streams, s) + c.streams[s.Identifier()] = s c.streamLock.Unlock() } diff --git a/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go b/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go index b4fbb28c38..a3a1dddc6f 100644 --- a/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go +++ b/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap/default.go @@ -64,6 +64,7 @@ var ( } SuggestedFlowSchemas = []*flowcontrol.FlowSchema{ SuggestedFlowSchemaSystemNodes, // references "system" priority-level + SuggestedFlowSchemaProbes, // references "exempt" priority-level SuggestedFlowSchemaSystemLeaderElection, // references "leader-election" priority-level SuggestedFlowSchemaWorkloadLeaderElection, // references "leader-election" priority-level SuggestedFlowSchemaKubeControllerManager, // references "workload-high" priority-level @@ -394,6 +395,19 @@ var ( }, }, ) + // the following flow schema exempts probes + SuggestedFlowSchemaProbes = newFlowSchema( + "probes", "exempt", 2, + "", // distinguisherMethodType + flowcontrol.PolicyRulesWithSubjects{ + Subjects: groups(user.AllUnauthenticated, user.AllAuthenticated), + NonResourceRules: []flowcontrol.NonResourcePolicyRule{ + nonResourceRule( + []string{"get"}, + []string{"/healthz", "/readyz", "/livez"}), + }, + }, + ) ) func newPriorityLevelConfiguration(name string, spec flowcontrol.PriorityLevelConfigurationSpec) *flowcontrol.PriorityLevelConfiguration { diff --git a/vendor/k8s.io/apiserver/pkg/authentication/authenticatorfactory/delegating.go b/vendor/k8s.io/apiserver/pkg/authentication/authenticatorfactory/delegating.go index 83697bb547..4b7105697d 100644 --- a/vendor/k8s.io/apiserver/pkg/authentication/authenticatorfactory/delegating.go +++ b/vendor/k8s.io/apiserver/pkg/authentication/authenticatorfactory/delegating.go @@ -44,6 +44,9 @@ type DelegatingAuthenticatorConfig struct { // TokenAccessReviewClient is a client to do token review. It can be nil. Then every token is ignored. TokenAccessReviewClient authenticationclient.TokenReviewInterface + // TokenAccessReviewTimeout specifies a time limit for requests made by the authorization webhook client. + TokenAccessReviewTimeout time.Duration + // WebhookRetryBackoff specifies the backoff parameters for the authentication webhook retry logic. // This allows us to configure the sleep time at each iteration and the maximum number of retries allowed // before we fail the webhook call in order to limit the fan out that ensues when the system is degraded. @@ -88,7 +91,7 @@ func (c DelegatingAuthenticatorConfig) New() (authenticator.Request, *spec.Secur if c.WebhookRetryBackoff == nil { return nil, nil, errors.New("retry backoff parameters for delegating authentication webhook has not been specified") } - tokenAuth, err := webhooktoken.NewFromInterface(c.TokenAccessReviewClient, c.APIAudiences, *c.WebhookRetryBackoff) + tokenAuth, err := webhooktoken.NewFromInterface(c.TokenAccessReviewClient, c.APIAudiences, *c.WebhookRetryBackoff, c.TokenAccessReviewTimeout) if err != nil { return nil, nil, err } diff --git a/vendor/k8s.io/apiserver/pkg/server/options/authentication.go b/vendor/k8s.io/apiserver/pkg/server/options/authentication.go index 47476422b2..08c8828b69 100644 --- a/vendor/k8s.io/apiserver/pkg/server/options/authentication.go +++ b/vendor/k8s.io/apiserver/pkg/server/options/authentication.go @@ -195,9 +195,9 @@ type DelegatingAuthenticationOptions struct { // before we fail the webhook call in order to limit the fan out that ensues when the system is degraded. WebhookRetryBackoff *wait.Backoff - // ClientTimeout specifies a time limit for requests made by the authorization webhook client. + // TokenRequestTimeout specifies a time limit for requests made by the authorization webhook client. // The default value is set to 10 seconds. - ClientTimeout time.Duration + TokenRequestTimeout time.Duration } func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions { @@ -211,7 +211,7 @@ func NewDelegatingAuthenticationOptions() *DelegatingAuthenticationOptions { ExtraHeaderPrefixes: []string{"x-remote-extra-"}, }, WebhookRetryBackoff: DefaultAuthWebhookRetryBackoff(), - ClientTimeout: 10 * time.Second, + TokenRequestTimeout: 10 * time.Second, } } @@ -220,9 +220,9 @@ func (s *DelegatingAuthenticationOptions) WithCustomRetryBackoff(backoff wait.Ba s.WebhookRetryBackoff = &backoff } -// WithClientTimeout sets the given timeout for the authentication webhook client. -func (s *DelegatingAuthenticationOptions) WithClientTimeout(timeout time.Duration) { - s.ClientTimeout = timeout +// WithRequestTimeout sets the given timeout for requests made by the authentication webhook client. +func (s *DelegatingAuthenticationOptions) WithRequestTimeout(timeout time.Duration) { + s.TokenRequestTimeout = timeout } func (s *DelegatingAuthenticationOptions) Validate() []error { @@ -274,9 +274,10 @@ func (s *DelegatingAuthenticationOptions) ApplyTo(authenticationInfo *server.Aut } cfg := authenticatorfactory.DelegatingAuthenticatorConfig{ - Anonymous: true, - CacheTTL: s.CacheTTL, - WebhookRetryBackoff: s.WebhookRetryBackoff, + Anonymous: true, + CacheTTL: s.CacheTTL, + WebhookRetryBackoff: s.WebhookRetryBackoff, + TokenAccessReviewTimeout: s.TokenRequestTimeout, } client, err := s.getClient() @@ -419,7 +420,10 @@ func (s *DelegatingAuthenticationOptions) getClient() (kubernetes.Interface, err // set high qps/burst limits since this will effectively limit API server responsiveness clientConfig.QPS = 200 clientConfig.Burst = 400 - clientConfig.Timeout = s.ClientTimeout + // do not set a timeout on the http client, instead use context for cancellation + // if multiple timeouts were set, the request will pick the smaller timeout to be applied, leaving other useless. + // + // see https://github.com/golang/go/blob/a937729c2c2f6950a32bc5cd0f5b88700882f078/src/net/http/client.go#L364 return kubernetes.NewForConfig(clientConfig) } diff --git a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/webhook.go b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/webhook.go index 5bedf4e598..41dd7a69e9 100644 --- a/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/webhook.go +++ b/vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/webhook/webhook.go @@ -52,17 +52,18 @@ type tokenReviewer interface { } type WebhookTokenAuthenticator struct { - tokenReview tokenReviewer - retryBackoff wait.Backoff - implicitAuds authenticator.Audiences + tokenReview tokenReviewer + retryBackoff wait.Backoff + implicitAuds authenticator.Audiences + requestTimeout time.Duration } // NewFromInterface creates a webhook authenticator using the given tokenReview // client. It is recommend to wrap this authenticator with the token cache // authenticator implemented in // k8s.io/apiserver/pkg/authentication/token/cache. -func NewFromInterface(tokenReview authenticationv1client.TokenReviewInterface, implicitAuds authenticator.Audiences, retryBackoff wait.Backoff) (*WebhookTokenAuthenticator, error) { - return newWithBackoff(tokenReview, retryBackoff, implicitAuds) +func NewFromInterface(tokenReview authenticationv1client.TokenReviewInterface, implicitAuds authenticator.Audiences, retryBackoff wait.Backoff, requestTimeout time.Duration) (*WebhookTokenAuthenticator, error) { + return newWithBackoff(tokenReview, retryBackoff, implicitAuds, requestTimeout) } // New creates a new WebhookTokenAuthenticator from the provided kubeconfig @@ -74,12 +75,12 @@ func New(kubeConfigFile string, version string, implicitAuds authenticator.Audie if err != nil { return nil, err } - return newWithBackoff(tokenReview, retryBackoff, implicitAuds) + return newWithBackoff(tokenReview, retryBackoff, implicitAuds, time.Duration(0)) } // newWithBackoff allows tests to skip the sleep. -func newWithBackoff(tokenReview tokenReviewer, retryBackoff wait.Backoff, implicitAuds authenticator.Audiences) (*WebhookTokenAuthenticator, error) { - return &WebhookTokenAuthenticator{tokenReview, retryBackoff, implicitAuds}, nil +func newWithBackoff(tokenReview tokenReviewer, retryBackoff wait.Backoff, implicitAuds authenticator.Audiences, requestTimeout time.Duration) (*WebhookTokenAuthenticator, error) { + return &WebhookTokenAuthenticator{tokenReview, retryBackoff, implicitAuds, requestTimeout}, nil } // AuthenticateToken implements the authenticator.Token interface. @@ -105,7 +106,17 @@ func (w *WebhookTokenAuthenticator) AuthenticateToken(ctx context.Context, token var ( result *authenticationv1.TokenReview auds authenticator.Audiences + cancel context.CancelFunc ) + + // set a hard timeout if it was defined + // if the child has a shorter deadline then it will expire first, + // otherwise if the parent has a shorter deadline then the parent will expire and it will be propagate to the child + if w.requestTimeout > 0 { + ctx, cancel = context.WithTimeout(ctx, w.requestTimeout) + defer cancel() + } + // WithExponentialBackoff will return tokenreview create error (tokenReviewErr) if any. if err := webhook.WithExponentialBackoff(ctx, w.retryBackoff, func() error { var tokenReviewErr error diff --git a/vendor/k8s.io/client-go/pkg/version/base.go b/vendor/k8s.io/client-go/pkg/version/base.go index 32a12e5a36..658eeecafd 100644 --- a/vendor/k8s.io/client-go/pkg/version/base.go +++ b/vendor/k8s.io/client-go/pkg/version/base.go @@ -3,8 +3,8 @@ package version var ( gitMajor = "1" gitMinor = "21" - gitVersion = "v1.21.0-k3s1" - gitCommit = "bcdd3feac64be5b58c8f3207f0eb6f6a02ea9f4d" + gitVersion = "v1.21.1-k3s1" + gitCommit = "2748979665974057d48bc75c1bfe05ae5257300c" gitTreeState = "clean" - buildDate = "2021-04-12T18:20:57Z" + buildDate = "2021-05-14T01:38:27Z" ) diff --git a/vendor/k8s.io/component-base/version/base.go b/vendor/k8s.io/component-base/version/base.go index 32a12e5a36..658eeecafd 100644 --- a/vendor/k8s.io/component-base/version/base.go +++ b/vendor/k8s.io/component-base/version/base.go @@ -3,8 +3,8 @@ package version var ( gitMajor = "1" gitMinor = "21" - gitVersion = "v1.21.0-k3s1" - gitCommit = "bcdd3feac64be5b58c8f3207f0eb6f6a02ea9f4d" + gitVersion = "v1.21.1-k3s1" + gitCommit = "2748979665974057d48bc75c1bfe05ae5257300c" gitTreeState = "clean" - buildDate = "2021-04-12T18:20:57Z" + buildDate = "2021-05-14T01:38:27Z" ) diff --git a/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go b/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go index db00283a68..a5c32013f9 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/aws_ebs.go @@ -86,7 +86,7 @@ func (t *awsElasticBlockStoreCSITranslator) TranslateInTreeStorageClassToCSI(sc // TranslateInTreeInlineVolumeToCSI takes a Volume with AWSElasticBlockStore set from in-tree // and converts the AWSElasticBlockStore source to a CSIPersistentVolumeSource -func (t *awsElasticBlockStoreCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *awsElasticBlockStoreCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.AWSElasticBlockStore == nil { return nil, fmt.Errorf("volume is nil or AWS EBS not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go b/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go index 8184881de9..d47df35e5c 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/azure_disk.go @@ -93,7 +93,7 @@ func (t *azureDiskCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.St // TranslateInTreeInlineVolumeToCSI takes a Volume with AzureDisk set from in-tree // and converts the AzureDisk source to a CSIPersistentVolumeSource -func (t *azureDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *azureDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.AzureDisk == nil { return nil, fmt.Errorf("volume is nil or Azure Disk not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go b/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go index 6ce3be461f..df8251325f 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/azure_file.go @@ -65,7 +65,7 @@ func (t *azureFileCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.St // TranslateInTreeInlineVolumeToCSI takes a Volume with AzureFile set from in-tree // and converts the AzureFile source to a CSIPersistentVolumeSource -func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.AzureFile == nil { return nil, fmt.Errorf("volume is nil or Azure File not defined on volume") } @@ -77,6 +77,11 @@ func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Vol accountName = azureSource.SecretName } + secretNamespace := defaultSecretNamespace + if podNamespace != "" { + secretNamespace = podNamespace + } + var ( pv = &v1.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ @@ -93,7 +98,7 @@ func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Vol VolumeAttributes: map[string]string{shareNameField: azureSource.ShareName}, NodeStageSecretRef: &v1.SecretReference{ Name: azureSource.SecretName, - Namespace: defaultSecretNamespace, + Namespace: secretNamespace, }, }, }, diff --git a/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go b/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go index d163fe8853..5183e092bd 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/gce_pd.go @@ -162,7 +162,7 @@ func backwardCompatibleAccessModes(ams []v1.PersistentVolumeAccessMode) []v1.Per // TranslateInTreeInlineVolumeToCSI takes a Volume with GCEPersistentDisk set from in-tree // and converts the GCEPersistentDisk source to a CSIPersistentVolumeSource -func (g *gcePersistentDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (g *gcePersistentDiskCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.GCEPersistentDisk == nil { return nil, fmt.Errorf("volume is nil or GCE PD not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go b/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go index f1c760df78..7a0040e266 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/in_tree_volume.go @@ -37,7 +37,8 @@ type InTreePlugin interface { // TranslateInTreeInlineVolumeToCSI takes a inline volume and will translate // the in-tree inline volume source to a CSIPersistentVolumeSource // A PV object containing the CSIPersistentVolumeSource in it's spec is returned - TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) + // podNamespace is only needed for azurefile to fetch secret namespace, no need to be set for other plugins. + TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) // TranslateInTreePVToCSI takes a persistent volume and will translate // the in-tree pv source to a CSI Source. The input persistent volume can be modified diff --git a/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go b/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go index 44f744cb21..66ce81185e 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/openstack_cinder.go @@ -75,7 +75,7 @@ func (t *osCinderCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.Sto // TranslateInTreeInlineVolumeToCSI takes a Volume with Cinder set from in-tree // and converts the Cinder source to a CSIPersistentVolumeSource -func (t *osCinderCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *osCinderCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.Cinder == nil { return nil, fmt.Errorf("volume is nil or Cinder not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go b/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go index 531aff0d98..83058b374a 100644 --- a/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go +++ b/vendor/k8s.io/csi-translation-lib/plugins/vsphere_volume.go @@ -111,7 +111,7 @@ func (t *vSphereCSITranslator) TranslateInTreeStorageClassToCSI(sc *storage.Stor // TranslateInTreeInlineVolumeToCSI takes a Volume with VsphereVolume set from in-tree // and converts the VsphereVolume source to a CSIPersistentVolumeSource -func (t *vSphereCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (t *vSphereCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil || volume.VsphereVolume == nil { return nil, fmt.Errorf("volume is nil or VsphereVolume not defined on volume") } diff --git a/vendor/k8s.io/csi-translation-lib/translate.go b/vendor/k8s.io/csi-translation-lib/translate.go index 21f5c49d59..c1ffbe9741 100644 --- a/vendor/k8s.io/csi-translation-lib/translate.go +++ b/vendor/k8s.io/csi-translation-lib/translate.go @@ -62,13 +62,13 @@ func (CSITranslator) TranslateInTreeStorageClassToCSI(inTreePluginName string, s // TranslateInTreeInlineVolumeToCSI takes a inline volume and will translate // the in-tree volume source to a CSIPersistentVolumeSource (wrapped in a PV) // if the translation logic has been implemented. -func (CSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) { +func (CSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) { if volume == nil { return nil, fmt.Errorf("persistent volume was nil") } for _, curPlugin := range inTreePlugins { if curPlugin.CanSupportInline(volume) { - pv, err := curPlugin.TranslateInTreeInlineVolumeToCSI(volume) + pv, err := curPlugin.TranslateInTreeInlineVolumeToCSI(volume, podNamespace) if err != nil { return nil, err } diff --git a/vendor/k8s.io/kubectl/pkg/cmd/create/create_ingress.go b/vendor/k8s.io/kubectl/pkg/cmd/create/create_ingress.go index 64a0d696ac..fc4bd83581 100644 --- a/vendor/k8s.io/kubectl/pkg/cmd/create/create_ingress.go +++ b/vendor/k8s.io/kubectl/pkg/cmd/create/create_ingress.go @@ -228,6 +228,12 @@ func (o *CreateIngressOptions) Validate() error { } } + for _, annotation := range o.Annotations { + if an := strings.SplitN(annotation, "=", 2); len(an) != 2 { + return fmt.Errorf("annotation %s is invalid and should be in format key=[value]", annotation) + } + } + if len(o.DefaultBackend) > 0 && len(strings.Split(o.DefaultBackend, ":")) != 2 { return fmt.Errorf("default-backend should be in format servicename:serviceport") } @@ -285,8 +291,8 @@ func (o *CreateIngressOptions) createIngress() *networkingv1.Ingress { } func (o *CreateIngressOptions) buildAnnotations() map[string]string { - var annotations map[string]string - annotations = make(map[string]string) + + var annotations = make(map[string]string) for _, annotation := range o.Annotations { an := strings.SplitN(annotation, "=", 2) diff --git a/vendor/k8s.io/kubectl/pkg/cmd/create/create_service.go b/vendor/k8s.io/kubectl/pkg/cmd/create/create_service.go index 09b776aaf4..afb1716926 100644 --- a/vendor/k8s.io/kubectl/pkg/cmd/create/create_service.go +++ b/vendor/k8s.io/kubectl/pkg/cmd/create/create_service.go @@ -72,6 +72,7 @@ type ServiceOptions struct { FieldManager string CreateAnnotation bool Namespace string + EnforceNamespace bool Client corev1client.CoreV1Interface DryRunStrategy cmdutil.DryRunStrategy @@ -105,7 +106,7 @@ func (o *ServiceOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args [] return err } - o.Namespace, _, err = f.ToRawKubeConfigLoader().Namespace() + o.Namespace, o.EnforceNamespace, err = f.ToRawKubeConfigLoader().Namespace() if err != nil { return err } @@ -173,13 +174,19 @@ func (o *ServiceOptions) createService() (*corev1.Service, error) { selector := map[string]string{} selector["app"] = o.Name + namespace := "" + if o.EnforceNamespace { + namespace = o.Namespace + } + service := corev1.Service{ ObjectMeta: metav1.ObjectMeta{ - Name: o.Name, - Labels: labels, + Name: o.Name, + Labels: labels, + Namespace: namespace, }, Spec: corev1.ServiceSpec{ - Type: corev1.ServiceType(o.Type), + Type: o.Type, Selector: selector, Ports: ports, ExternalName: o.ExternalName, diff --git a/vendor/k8s.io/kubectl/pkg/describe/describe.go b/vendor/k8s.io/kubectl/pkg/describe/describe.go index b40a9b6b1c..70850f15c3 100644 --- a/vendor/k8s.io/kubectl/pkg/describe/describe.go +++ b/vendor/k8s.io/kubectl/pkg/describe/describe.go @@ -2166,7 +2166,7 @@ func describeJob(job *batchv1.Job, events *corev1.EventList) (string, error) { w.Write(LEVEL_0, "Completions:\t\n") } if job.Spec.CompletionMode != nil { - w.Write(LEVEL_0, "Completion Mode:\t%s\n", job.Spec.CompletionMode) + w.Write(LEVEL_0, "Completion Mode:\t%s\n", *job.Spec.CompletionMode) } if job.Status.StartTime != nil { w.Write(LEVEL_0, "Start Time:\t%s\n", job.Status.StartTime.Time.Format(time.RFC1123Z)) @@ -3055,7 +3055,7 @@ func describeEndpointSliceV1(eps *discoveryv1.EndpointSlice, events *corev1.Even w.Write(LEVEL_2, "NodeName:\t%s\n", nodeNameText) zoneText := "" - if endpoint.NodeName != nil { + if endpoint.Zone != nil { zoneText = *endpoint.Zone } w.Write(LEVEL_2, "Zone:\t%s\n", zoneText) diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go index df7e78fede..fb8510e9b0 100644 --- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go +++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_others.go @@ -365,6 +365,12 @@ func newProxyServer( } } + useEndpointSlices := utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying) + if proxyMode == proxyModeUserspace { + // userspace mode doesn't support endpointslice. + useEndpointSlices = false + } + var connTracker Conntracker if !libcontainersystem.RunningInUserNS() { // if we are in userns, sysctl does not work and connTracker should be kept nil @@ -391,7 +397,7 @@ func newProxyServer( OOMScoreAdj: config.OOMScoreAdj, ConfigSyncPeriod: config.ConfigSyncPeriod.Duration, HealthzServer: healthzServer, - UseEndpointSlices: utilfeature.DefaultFeatureGate.Enabled(features.EndpointSliceProxying), + UseEndpointSlices: useEndpointSlices, }, nil } diff --git a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go index 12c714a393..2a625c5321 100644 --- a/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go +++ b/vendor/k8s.io/kubernetes/cmd/kube-proxy/app/server_windows.go @@ -160,7 +160,11 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi return nil, fmt.Errorf("unable to create proxier: %v", err) } } - + useEndpointSlices := utilfeature.DefaultFeatureGate.Enabled(features.WindowsEndpointSliceProxying) + if proxyMode == proxyModeUserspace { + // userspace mode doesn't support endpointslice. + useEndpointSlices = false + } return &ProxyServer{ Client: client, EventClient: eventClient, @@ -175,7 +179,7 @@ func newProxyServer(config *proxyconfigapi.KubeProxyConfiguration, cleanupAndExi OOMScoreAdj: config.OOMScoreAdj, ConfigSyncPeriod: config.ConfigSyncPeriod.Duration, HealthzServer: healthzServer, - UseEndpointSlices: utilfeature.DefaultFeatureGate.Enabled(features.WindowsEndpointSliceProxying), + UseEndpointSlices: useEndpointSlices, }, nil } diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go b/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go index baacf3f10c..db68d290dc 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/core/annotation_key_constants.go @@ -126,7 +126,7 @@ const ( PodDeletionCost = "controller.kubernetes.io/pod-deletion-cost" // AnnotationTopologyAwareHints can be used to enable or disable Topology - // Aware Hints for a Service. This may be set to "auto" or "disabled". Any - // other value is treated as "disabled". + // Aware Hints for a Service. This may be set to "Auto" or "Disabled". Any + // other value is treated as "Disabled". AnnotationTopologyAwareHints = "service.kubernetes.io/topology-aware-hints" ) diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go index 57292c5f36..96a4ea6fdd 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go @@ -4267,7 +4267,7 @@ func ValidateService(service *core.Service) field.ErrorList { allErrs = append(allErrs, field.Invalid(idxPath, ip, msgs[i])) } } else { - allErrs = append(allErrs, validateNonSpecialIP(ip, idxPath)...) + allErrs = append(allErrs, ValidateNonSpecialIP(ip, idxPath)...) } } @@ -5755,15 +5755,19 @@ func validateEndpointAddress(address *core.EndpointAddress, fldPath *field.Path) allErrs = append(allErrs, field.Invalid(fldPath.Child("nodeName"), *address.NodeName, msg)) } } - allErrs = append(allErrs, validateNonSpecialIP(address.IP, fldPath.Child("ip"))...) + allErrs = append(allErrs, ValidateNonSpecialIP(address.IP, fldPath.Child("ip"))...) return allErrs } -func validateNonSpecialIP(ipAddress string, fldPath *field.Path) field.ErrorList { - // We disallow some IPs as endpoints or external-ips. Specifically, - // unspecified and loopback addresses are nonsensical and link-local - // addresses tend to be used for node-centric purposes (e.g. metadata - // service). +// ValidateNonSpecialIP is used to validate Endpoints, EndpointSlices, and +// external IPs. Specifically, this disallows unspecified and loopback addresses +// are nonsensical and link-local addresses tend to be used for node-centric +// purposes (e.g. metadata service). +// +// IPv6 references +// - https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml +// - https://www.iana.org/assignments/ipv6-multicast-addresses/ipv6-multicast-addresses.xhtml +func ValidateNonSpecialIP(ipAddress string, fldPath *field.Path) field.ErrorList { allErrs := field.ErrorList{} ip := net.ParseIP(ipAddress) if ip == nil { diff --git a/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go index c0a13ee48e..4754c1449e 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/discovery/validation/validation.go @@ -100,8 +100,10 @@ func validateEndpoints(endpoints []discovery.Endpoint, addrType discovery.Addres switch addrType { case discovery.AddressTypeIPv4: allErrs = append(allErrs, validation.IsValidIPv4Address(addressPath.Index(i), address)...) + allErrs = append(allErrs, apivalidation.ValidateNonSpecialIP(address, addressPath.Index(i))...) case discovery.AddressTypeIPv6: allErrs = append(allErrs, validation.IsValidIPv6Address(addressPath.Index(i), address)...) + allErrs = append(allErrs, apivalidation.ValidateNonSpecialIP(address, addressPath.Index(i))...) case discovery.AddressTypeFQDN: allErrs = append(allErrs, validation.IsFullyQualifiedDomainName(addressPath.Index(i), address)...) } diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/metrics/metrics.go b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/metrics/metrics.go index 90d0fbb8f4..6a166703be 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/metrics/metrics.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/metrics/metrics.go @@ -102,7 +102,7 @@ var ( Name: "endpointslices_changed_per_sync", Help: "Number of EndpointSlices changed on each Service sync", }, - []string{"topology"}, // either "auto" or "disabled" + []string{"topology"}, // either "Auto" or "Disabled" ) // EndpointSliceSyncs tracks the number of sync operations the controller diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/reconciler.go b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/reconciler.go index 2767af5497..d8540f9d3e 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/reconciler.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/reconciler.go @@ -330,9 +330,9 @@ func (r *reconciler) finalize( metrics.EndpointSliceChanges.WithLabelValues("delete").Inc() } - topologyLabel := "disabled" + topologyLabel := "Disabled" if r.topologyCache != nil && hintsEnabled(service.Annotations) { - topologyLabel = "auto" + topologyLabel = "Auto" } numSlicesChanged := len(slicesToCreate) + len(slicesToUpdate) + len(slicesToDelete) diff --git a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/utils.go b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/utils.go index 2a698405e6..77fa3a1e94 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/utils.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/endpointslice/utils.go @@ -386,11 +386,11 @@ func unchangedSlices(existingSlices, slicesToUpdate, slicesToDelete []*discovery } // hintsEnabled returns true if the provided annotations include a -// corev1.AnnotationTopologyAwareHints key with a value set to "auto". +// corev1.AnnotationTopologyAwareHints key with a value set to "Auto" or "auto". func hintsEnabled(annotations map[string]string) bool { val, ok := annotations[corev1.AnnotationTopologyAwareHints] if !ok { return false } - return val == "auto" + return val == "Auto" || val == "auto" } diff --git a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go index 66312d0870..034bce8fc3 100644 --- a/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go +++ b/vendor/k8s.io/kubernetes/pkg/controller/volume/attachdetach/util/util.go @@ -21,7 +21,7 @@ import ( "fmt" "strings" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/sets" utilfeature "k8s.io/apiserver/pkg/util/feature" @@ -84,7 +84,7 @@ func CreateVolumeSpec(podVolume v1.Volume, pod *v1.Pod, nodeName types.NodeName, err) } - volumeSpec, err = translateInTreeSpecToCSIIfNeeded(volumeSpec, nodeName, vpm, csiMigratedPluginManager, csiTranslator) + volumeSpec, err = translateInTreeSpecToCSIIfNeeded(volumeSpec, nodeName, vpm, csiMigratedPluginManager, csiTranslator, pod.Namespace) if err != nil { return nil, fmt.Errorf( "error performing CSI migration checks and translation for PVC %q/%q: %v", @@ -109,7 +109,7 @@ func CreateVolumeSpec(podVolume v1.Volume, pod *v1.Pod, nodeName types.NodeName, clonedPodVolume := podVolume.DeepCopy() origspec := volume.NewSpecFromVolume(clonedPodVolume) - spec, err := translateInTreeSpecToCSIIfNeeded(origspec, nodeName, vpm, csiMigratedPluginManager, csiTranslator) + spec, err := translateInTreeSpecToCSIIfNeeded(origspec, nodeName, vpm, csiMigratedPluginManager, csiTranslator, pod.Namespace) if err != nil { return nil, fmt.Errorf( "error performing CSI migration checks and translation for inline volume %q: %v", @@ -285,7 +285,7 @@ func ProcessPodVolumes(pod *v1.Pod, addVolumes bool, desiredStateOfWorld cache.D return } -func translateInTreeSpecToCSIIfNeeded(spec *volume.Spec, nodeName types.NodeName, vpm *volume.VolumePluginMgr, csiMigratedPluginManager csimigration.PluginManager, csiTranslator csimigration.InTreeToCSITranslator) (*volume.Spec, error) { +func translateInTreeSpecToCSIIfNeeded(spec *volume.Spec, nodeName types.NodeName, vpm *volume.VolumePluginMgr, csiMigratedPluginManager csimigration.PluginManager, csiTranslator csimigration.InTreeToCSITranslator, podNamespace string) (*volume.Spec, error) { translatedSpec := spec migratable, err := csiMigratedPluginManager.IsMigratable(spec) if err != nil { @@ -300,7 +300,7 @@ func translateInTreeSpecToCSIIfNeeded(spec *volume.Spec, nodeName types.NodeName return nil, err } if migratable && migrationSupportedOnNode { - translatedSpec, err = csimigration.TranslateInTreeSpecToCSI(spec, csiTranslator) + translatedSpec, err = csimigration.TranslateInTreeSpecToCSI(spec, podNamespace, csiTranslator) if err != nil { return nil, err } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go b/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go index 5369cb285d..b67f6c34fe 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/config/apiserver.go @@ -17,6 +17,8 @@ limitations under the License. package config import ( + "time" + v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" @@ -24,13 +26,32 @@ import ( "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" "k8s.io/client-go/tools/cache" + "k8s.io/klog/v2" kubetypes "k8s.io/kubernetes/pkg/kubelet/types" ) +// WaitForAPIServerSyncPeriod is the period between checks for the node list/watch initial sync +const WaitForAPIServerSyncPeriod = 1 * time.Second + // NewSourceApiserver creates a config source that watches and pulls from the apiserver. -func NewSourceApiserver(c clientset.Interface, nodeName types.NodeName, updates chan<- interface{}) { +func NewSourceApiserver(c clientset.Interface, nodeName types.NodeName, nodeHasSynced func() bool, updates chan<- interface{}) { lw := cache.NewListWatchFromClient(c.CoreV1().RESTClient(), "pods", metav1.NamespaceAll, fields.OneTermEqualSelector("spec.nodeName", string(nodeName))) - newSourceApiserverFromLW(lw, updates) + + // The Reflector responsible for watching pods at the apiserver should be run only after + // the node sync with the apiserver has completed. + klog.InfoS("Waiting for node sync before watching apiserver pods") + go func() { + for { + if nodeHasSynced() { + klog.V(4).InfoS("node sync completed") + break + } + time.Sleep(WaitForAPIServerSyncPeriod) + klog.V(4).InfoS("node sync has not completed yet") + } + klog.InfoS("Watching apiserver") + newSourceApiserverFromLW(lw, updates) + }() } // newSourceApiserverFromLW holds creates a config source that watches and pulls from the apiserver. diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go b/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go index bd707decb1..5b0016c3c2 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/cri/streaming/portforward/httpstream.go @@ -163,6 +163,10 @@ func (h *httpStreamHandler) removeStreamPair(requestID string) { h.streamPairsLock.Lock() defer h.streamPairsLock.Unlock() + if h.conn != nil { + pair := h.streamPairs[requestID] + h.conn.RemoveStreams(pair.dataStream, pair.errorStream) + } delete(h.streamPairs, requestID) } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/exec.go b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/exec.go index b59867156f..8a59a22b0b 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/exec.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/dockershim/exec.go @@ -26,8 +26,10 @@ import ( dockertypes "github.com/docker/docker/api/types" + utilfeature "k8s.io/apiserver/pkg/util/feature" "k8s.io/client-go/tools/remotecommand" "k8s.io/klog/v2" + "k8s.io/kubernetes/pkg/features" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" "k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker" ) @@ -106,7 +108,7 @@ func (*NativeExecHandler) ExecInContainer(ctx context.Context, client libdocker. ExecStarted: execStarted, } - if timeout > 0 { + if timeout > 0 && utilfeature.DefaultFeatureGate.Enabled(features.ExecProbeTimeout) { var cancel context.CancelFunc ctx, cancel = context.WithTimeout(ctx, timeout) defer cancel() diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go index 00646b120b..5eedf7c66e 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet.go @@ -124,9 +124,6 @@ const ( // Max amount of time to wait for the container runtime to come up. maxWaitForContainerRuntime = 30 * time.Second - // Max amount of time to wait for node list/watch to initially sync - maxWaitForAPIServerSync = 10 * time.Second - // nodeStatusUpdateRetry specifies how many times kubelet retries when posting node status failed. nodeStatusUpdateRetry = 5 @@ -257,7 +254,7 @@ type DockerOptions struct { // makePodSourceConfig creates a config.PodConfig from the given // KubeletConfiguration or returns an error. -func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, nodeName types.NodeName) (*config.PodConfig, error) { +func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, nodeName types.NodeName, nodeHasSynced func() bool) (*config.PodConfig, error) { manifestURLHeader := make(http.Header) if len(kubeCfg.StaticPodURLHeader) > 0 { for k, v := range kubeCfg.StaticPodURLHeader { @@ -283,8 +280,8 @@ func makePodSourceConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, ku } if kubeDeps.KubeClient != nil { - klog.InfoS("Watching apiserver") - config.NewSourceApiserver(kubeDeps.KubeClient, nodeName, cfg.Channel(kubetypes.ApiserverSource)) + klog.InfoS("Adding apiserver pod source") + config.NewSourceApiserver(kubeDeps.KubeClient, nodeName, nodeHasSynced, cfg.Channel(kubetypes.ApiserverSource)) } return cfg, nil } @@ -390,9 +387,32 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, } } + var nodeHasSynced cache.InformerSynced + var nodeLister corelisters.NodeLister + + // If kubeClient == nil, we are running in standalone mode (i.e. no API servers) + // If not nil, we are running as part of a cluster and should sync w/API + if kubeDeps.KubeClient != nil { + kubeInformers := informers.NewSharedInformerFactoryWithOptions(kubeDeps.KubeClient, 0, informers.WithTweakListOptions(func(options *metav1.ListOptions) { + options.FieldSelector = fields.Set{metav1.ObjectNameField: string(nodeName)}.String() + })) + nodeLister = kubeInformers.Core().V1().Nodes().Lister() + nodeHasSynced = func() bool { + return kubeInformers.Core().V1().Nodes().Informer().HasSynced() + } + kubeInformers.Start(wait.NeverStop) + klog.InfoS("Attempting to sync node with API server") + } else { + // we don't have a client to sync! + nodeIndexer := cache.NewIndexer(cache.MetaNamespaceKeyFunc, cache.Indexers{}) + nodeLister = corelisters.NewNodeLister(nodeIndexer) + nodeHasSynced = func() bool { return true } + klog.InfoS("Kubelet is running in standalone mode, will skip API server sync") + } + if kubeDeps.PodConfig == nil { var err error - kubeDeps.PodConfig, err = makePodSourceConfig(kubeCfg, kubeDeps, nodeName) + kubeDeps.PodConfig, err = makePodSourceConfig(kubeCfg, kubeDeps, nodeName, nodeHasSynced) if err != nil { return nil, err } @@ -433,8 +453,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, var serviceLister corelisters.ServiceLister var serviceHasSynced cache.InformerSynced - // If kubeClient == nil, we are running in standalone mode (i.e. no API servers) - // If not nil, we are running as part of a cluster and should sync w/API if kubeDeps.KubeClient != nil { kubeInformers := informers.NewSharedInformerFactory(kubeDeps.KubeClient, 0) serviceLister = kubeInformers.Core().V1().Services().Lister() @@ -446,31 +464,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, serviceHasSynced = func() bool { return true } } - var nodeHasSynced cache.InformerSynced - var nodeLister corelisters.NodeLister - - if kubeDeps.KubeClient != nil { - kubeInformers := informers.NewSharedInformerFactoryWithOptions(kubeDeps.KubeClient, 0, informers.WithTweakListOptions(func(options *metav1.ListOptions) { - options.FieldSelector = fields.Set{metav1.ObjectNameField: string(nodeName)}.String() - })) - nodeLister = kubeInformers.Core().V1().Nodes().Lister() - nodeHasSynced = func() bool { - if kubeInformers.Core().V1().Nodes().Informer().HasSynced() { - return true - } - klog.InfoS("Kubelet nodes not sync") - return false - } - kubeInformers.Start(wait.NeverStop) - klog.InfoS("Kubelet client is not nil") - } else { - // we dont have a client to sync! - nodeIndexer := cache.NewIndexer(cache.MetaNamespaceKeyFunc, cache.Indexers{}) - nodeLister = corelisters.NewNodeLister(nodeIndexer) - nodeHasSynced = func() bool { return true } - klog.InfoS("Kubelet client is nil") - } - // construct a node reference used for events nodeRef := &v1.ObjectReference{ Kind: "Node", diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go index 453895f200..a963409a18 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kubelet_getters.go @@ -22,7 +22,6 @@ import ( "io/ioutil" "net" "path/filepath" - "time" cadvisorapiv1 "github.com/google/cadvisor/info/v1" cadvisorv2 "github.com/google/cadvisor/info/v2" @@ -33,7 +32,6 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/wait" "k8s.io/kubernetes/pkg/kubelet/cm" "k8s.io/kubernetes/pkg/kubelet/config" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" @@ -237,15 +235,6 @@ func (kl *Kubelet) GetNode() (*v1.Node, error) { if kl.kubeClient == nil { return kl.initialNode(context.TODO()) } - // if we have a valid kube client, we wait for initial lister to sync - if !kl.nodeHasSynced() { - err := wait.PollImmediate(time.Second, maxWaitForAPIServerSync, func() (bool, error) { - return kl.nodeHasSynced(), nil - }) - if err != nil { - return nil, fmt.Errorf("nodes have not yet been read at least once, cannot construct node object") - } - } return kl.nodeLister.Get(string(kl.nodeName)) } @@ -256,7 +245,7 @@ func (kl *Kubelet) GetNode() (*v1.Node, error) { // zero capacity, and the default labels. func (kl *Kubelet) getNodeAnyWay() (*v1.Node, error) { if kl.kubeClient != nil { - if n, err := kl.GetNode(); err == nil { + if n, err := kl.nodeLister.Get(string(kl.nodeName)); err == nil { return n, nil } } diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go index 5720576e07..3804e9b04a 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/kuberuntime_container.go @@ -687,7 +687,8 @@ func (m *kubeGenericRuntimeManager) killContainersWithSyncResult(pod *v1.Pod, ru killContainerResult := kubecontainer.NewSyncResult(kubecontainer.KillContainer, container.Name) if err := m.killContainer(pod, container.ID, container.Name, "", reasonUnknown, gracePeriodOverride); err != nil { killContainerResult.Fail(kubecontainer.ErrKillContainer, err.Error()) - klog.ErrorS(err, "Kill container failed", "pod", klog.KObj(pod), "podUID", pod.UID, + // Use runningPod for logging as the pod passed in could be *nil*. + klog.ErrorS(err, "Kill container failed", "pod", klog.KRef(runningPod.Namespace, runningPod.Name), "podUID", runningPod.ID, "containerName", container.Name, "containerID", container.ID) } containerResults <- killContainerResult diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go index 7c6e907679..f627a79d03 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/prober/worker.go @@ -250,8 +250,9 @@ func (w *worker) doProbe() (keepGoing bool) { if c.Started != nil && *c.Started { // Stop probing for startup once container has started. + // we keep it running to make sure it will work for restarted container. if w.probeType == startup { - return false + return true } } else { // Disable other probes until container has started. diff --git a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go index 56f6a0a906..8300d9e08e 100644 --- a/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go +++ b/vendor/k8s.io/kubernetes/pkg/kubelet/volumemanager/populator/desired_state_of_world_populator.go @@ -553,7 +553,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec( return nil, nil, "", err } if migratable { - volumeSpec, err = csimigration.TranslateInTreeSpecToCSI(volumeSpec, dswp.intreeToCSITranslator) + volumeSpec, err = csimigration.TranslateInTreeSpecToCSI(volumeSpec, pod.Namespace, dswp.intreeToCSITranslator) if err != nil { return nil, nil, "", err } @@ -595,7 +595,7 @@ func (dswp *desiredStateOfWorldPopulator) createVolumeSpec( return nil, nil, "", err } if migratable { - spec, err = csimigration.TranslateInTreeSpecToCSI(spec, dswp.intreeToCSITranslator) + spec, err = csimigration.TranslateInTreeSpecToCSI(spec, pod.Namespace, dswp.intreeToCSITranslator) if err != nil { return nil, nil, "", err } diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/metaproxier/meta_proxier.go b/vendor/k8s.io/kubernetes/pkg/proxy/metaproxier/meta_proxier.go index 20b0413ea0..40a570d2b3 100644 --- a/vendor/k8s.io/kubernetes/pkg/proxy/metaproxier/meta_proxier.go +++ b/vendor/k8s.io/kubernetes/pkg/proxy/metaproxier/meta_proxier.go @@ -216,3 +216,31 @@ func endpointsIPFamily(endpoints *v1.Endpoints) (*v1.IPFamily, error) { return &ipv4, nil } + +// OnNodeAdd is called whenever creation of new node object is observed. +func (proxier *metaProxier) OnNodeAdd(node *v1.Node) { + proxier.ipv4Proxier.OnNodeAdd(node) + proxier.ipv6Proxier.OnNodeAdd(node) +} + +// OnNodeUpdate is called whenever modification of an existing +// node object is observed. +func (proxier *metaProxier) OnNodeUpdate(oldNode, node *v1.Node) { + proxier.ipv4Proxier.OnNodeUpdate(oldNode, node) + proxier.ipv6Proxier.OnNodeUpdate(oldNode, node) +} + +// OnNodeDelete is called whenever deletion of an existing node +// object is observed. +func (proxier *metaProxier) OnNodeDelete(node *v1.Node) { + proxier.ipv4Proxier.OnNodeDelete(node) + proxier.ipv6Proxier.OnNodeDelete(node) + +} + +// OnNodeSynced is called once all the initial event handlers were +// called and the state is fully propagated to local cache. +func (proxier *metaProxier) OnNodeSynced() { + proxier.ipv4Proxier.OnNodeSynced() + proxier.ipv6Proxier.OnNodeSynced() +} diff --git a/vendor/k8s.io/kubernetes/pkg/proxy/topology.go b/vendor/k8s.io/kubernetes/pkg/proxy/topology.go index 0365718582..377cc65184 100644 --- a/vendor/k8s.io/kubernetes/pkg/proxy/topology.go +++ b/vendor/k8s.io/kubernetes/pkg/proxy/topology.go @@ -49,15 +49,15 @@ func FilterEndpoints(endpoints []Endpoint, svcInfo ServicePort, nodeLabels map[s // filterEndpointsWithHints provides filtering based on the hints included in // EndpointSlices. If any of the following are true, the full list of endpoints // will be returned without any filtering: -// * The AnnotationTopologyAwareHints annotation is not set to "auto" for this +// * The AnnotationTopologyAwareHints annotation is not set to "Auto" for this // Service. // * No zone is specified in node labels. // * No endpoints for this Service have a hint pointing to the zone this // instance of kube-proxy is running in. // * One or more endpoints for this Service do not have hints specified. func filterEndpointsWithHints(endpoints []Endpoint, hintsAnnotation string, nodeLabels map[string]string) []Endpoint { - if hintsAnnotation != "auto" { - if hintsAnnotation != "" && hintsAnnotation != "disabled" { + if hintsAnnotation != "Auto" && hintsAnnotation != "auto" { + if hintsAnnotation != "" && hintsAnnotation != "Disabled" && hintsAnnotation != "disabled" { klog.Warningf("Skipping topology aware endpoint filtering since Service has unexpected value for %s annotation: %s", v1.AnnotationTopologyAwareHints, hintsAnnotation) } return endpoints diff --git a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go index 57e8cd1711..4fa7f5b288 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/azure_file/azure_provision.go @@ -198,9 +198,10 @@ func (a *azureFileProvisioner) Provision(selectedNode *v1.Node, allowedTopologie } if shareName == "" { - // File share name has a length limit of 63, and it cannot contain two consecutive '-'s. + // File share name has a length limit of 63, it cannot contain two consecutive '-'s, and all letters must be lower case. name := util.GenerateVolumeName(a.options.ClusterName, a.options.PVName, 63) shareName = strings.Replace(name, "--", "-", -1) + shareName = strings.ToLower(shareName) } if resourceGroup == "" { diff --git a/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go b/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go index 1f32962583..8870d12c3b 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/csimigration/plugin_manager.go @@ -122,19 +122,19 @@ func (pm PluginManager) IsMigratable(spec *volume.Spec) (bool, error) { // from references to in-tree plugins to migrated CSI plugins type InTreeToCSITranslator interface { TranslateInTreePVToCSI(pv *v1.PersistentVolume) (*v1.PersistentVolume, error) - TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) + TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) } // TranslateInTreeSpecToCSI translates a volume spec (either PV or inline volume) // supported by an in-tree plugin to CSI -func TranslateInTreeSpecToCSI(spec *volume.Spec, translator InTreeToCSITranslator) (*volume.Spec, error) { +func TranslateInTreeSpecToCSI(spec *volume.Spec, podNamespace string, translator InTreeToCSITranslator) (*volume.Spec, error) { var csiPV *v1.PersistentVolume var err error inlineVolume := false if spec.PersistentVolume != nil { csiPV, err = translator.TranslateInTreePVToCSI(spec.PersistentVolume) } else if spec.Volume != nil { - csiPV, err = translator.TranslateInTreeInlineVolumeToCSI(spec.Volume) + csiPV, err = translator.TranslateInTreeInlineVolumeToCSI(spec.Volume, podNamespace) inlineVolume = true } else { err = errors.New("not a valid volume spec") diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go index 1fc15038f4..48ba1076e0 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/util/operationexecutor/operation_generator.go @@ -58,7 +58,7 @@ type InTreeToCSITranslator interface { GetInTreePluginNameFromSpec(pv *v1.PersistentVolume, vol *v1.Volume) (string, error) GetCSINameFromInTreeName(pluginName string) (string, error) TranslateInTreePVToCSI(pv *v1.PersistentVolume) (*v1.PersistentVolume, error) - TranslateInTreeInlineVolumeToCSI(volume *v1.Volume) (*v1.PersistentVolume, error) + TranslateInTreeInlineVolumeToCSI(volume *v1.Volume, podNamespace string) (*v1.PersistentVolume, error) } var _ OperationGenerator = &operationGenerator{} diff --git a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go index 63f4d3055c..3cd6390a02 100644 --- a/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go +++ b/vendor/k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go @@ -198,6 +198,7 @@ func buildControllerRoles() ([]rbacv1.ClusterRole, []rbacv1.ClusterRoleBinding) ObjectMeta: metav1.ObjectMeta{Name: saRolePrefix + "ephemeral-volume-controller"}, Rules: []rbacv1.PolicyRule{ rbacv1helpers.NewRule("get", "list", "watch").Groups(legacyGroup).Resources("pods").RuleOrDie(), + rbacv1helpers.NewRule("update").Groups(legacyGroup).Resources("pods/finalizers").RuleOrDie(), rbacv1helpers.NewRule("get", "list", "watch", "create").Groups(legacyGroup).Resources("persistentvolumeclaims").RuleOrDie(), eventsRule(), }, diff --git a/vendor/k8s.io/legacy-cloud-providers/azure/azure.go b/vendor/k8s.io/legacy-cloud-providers/azure/azure.go index 30ad09c534..2d36a5c2bc 100644 --- a/vendor/k8s.io/legacy-cloud-providers/azure/azure.go +++ b/vendor/k8s.io/legacy-cloud-providers/azure/azure.go @@ -479,7 +479,7 @@ func (az *Cloud) InitializeCloudFromConfig(config *Config, fromSecret bool) erro az.Config = *config az.Environment = *env az.ResourceRequestBackoff = resourceRequestBackoff - az.metadata, err = NewInstanceMetadataService(metadataURL) + az.metadata, err = NewInstanceMetadataService(imdsServer) if err != nil { return err } diff --git a/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go b/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go index 584d66ac02..fbb3783cf7 100644 --- a/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go +++ b/vendor/k8s.io/legacy-cloud-providers/azure/azure_backoff.go @@ -275,6 +275,9 @@ func (az *Cloud) ListLB(service *v1.Service) ([]network.LoadBalancer, error) { rgName := az.getLoadBalancerResourceGroup() allLBs, rerr := az.LoadBalancerClient.List(ctx, rgName) if rerr != nil { + if rerr.IsNotFound() { + return nil, nil + } az.Event(service, v1.EventTypeWarning, "ListLoadBalancers", rerr.Error().Error()) klog.Errorf("LoadBalancerClient.List(%v) failure with err=%v", rgName, rerr) return nil, rerr.Error() @@ -290,6 +293,9 @@ func (az *Cloud) ListPIP(service *v1.Service, pipResourceGroup string) ([]networ allPIPs, rerr := az.PublicIPAddressesClient.List(ctx, pipResourceGroup) if rerr != nil { + if rerr.IsNotFound() { + return nil, nil + } az.Event(service, v1.EventTypeWarning, "ListPublicIPs", rerr.Error().Error()) klog.Errorf("PublicIPAddressesClient.List(%v) failure with err=%v", pipResourceGroup, rerr) return nil, rerr.Error() diff --git a/vendor/k8s.io/legacy-cloud-providers/azure/azure_instance_metadata.go b/vendor/k8s.io/legacy-cloud-providers/azure/azure_instance_metadata.go index 85036461d9..02b5c95063 100644 --- a/vendor/k8s.io/legacy-cloud-providers/azure/azure_instance_metadata.go +++ b/vendor/k8s.io/legacy-cloud-providers/azure/azure_instance_metadata.go @@ -25,13 +25,18 @@ import ( "net/http" "time" + "k8s.io/klog/v2" azcache "k8s.io/legacy-cloud-providers/azure/cache" ) const ( - metadataCacheTTL = time.Minute - metadataCacheKey = "InstanceMetadata" - metadataURL = "http://169.254.169.254/metadata/instance" + metadataCacheTTL = time.Minute + metadataCacheKey = "InstanceMetadata" + imdsInstanceAPIVersion = "2019-03-11" + imdsLoadBalancerAPIVersion = "2020-10-01" + imdsServer = "http://169.254.169.254" + imdsInstanceURI = "/metadata/instance" + imdsLoadBalancerURI = "/metadata/loadbalancer" ) // NetworkMetadata contains metadata about an instance's network @@ -86,19 +91,35 @@ type InstanceMetadata struct { Network *NetworkMetadata `json:"network,omitempty"` } +// PublicIPMetadata represents the public IP metadata. +type PublicIPMetadata struct { + FrontendIPAddress string `json:"frontendIpAddress,omitempty"` + PrivateIPAddress string `json:"privateIpAddress,omitempty"` +} + +// LoadbalancerProfile represents load balancer profile in IMDS. +type LoadbalancerProfile struct { + PublicIPAddresses []PublicIPMetadata `json:"publicIpAddresses,omitempty"` +} + +// LoadBalancerMetadata represents load balancer metadata. +type LoadBalancerMetadata struct { + LoadBalancer *LoadbalancerProfile `json:"loadbalancer,omitempty"` +} + // InstanceMetadataService knows how to query the Azure instance metadata server. type InstanceMetadataService struct { - metadataURL string - imsCache *azcache.TimedCache + imdsServer string + imsCache *azcache.TimedCache } // NewInstanceMetadataService creates an instance of the InstanceMetadataService accessor object. -func NewInstanceMetadataService(metadataURL string) (*InstanceMetadataService, error) { +func NewInstanceMetadataService(idmsServer string) (*InstanceMetadataService, error) { ims := &InstanceMetadataService{ - metadataURL: metadataURL, + imdsServer: idmsServer, } - imsCache, err := azcache.NewTimedcache(metadataCacheTTL, ims.getInstanceMetadata) + imsCache, err := azcache.NewTimedcache(metadataCacheTTL, ims.getMetadata) if err != nil { return nil, err } @@ -107,8 +128,52 @@ func NewInstanceMetadataService(metadataURL string) (*InstanceMetadataService, e return ims, nil } -func (ims *InstanceMetadataService) getInstanceMetadata(key string) (interface{}, error) { - req, err := http.NewRequest("GET", ims.metadataURL, nil) +func (ims *InstanceMetadataService) getMetadata(key string) (interface{}, error) { + instanceMetadata, err := ims.getInstanceMetadata(key) + if err != nil { + return nil, err + } + + if instanceMetadata.Network != nil && len(instanceMetadata.Network.Interface) > 0 { + netInterface := instanceMetadata.Network.Interface[0] + if (len(netInterface.IPV4.IPAddress) > 0 && len(netInterface.IPV4.IPAddress[0].PublicIP) > 0) || + (len(netInterface.IPV6.IPAddress) > 0 && len(netInterface.IPV6.IPAddress[0].PublicIP) > 0) { + // Return if public IP address has already part of instance metadata. + return instanceMetadata, nil + } + + loadBalancerMetadata, err := ims.getLoadBalancerMetadata() + if err != nil || loadBalancerMetadata == nil || loadBalancerMetadata.LoadBalancer == nil { + // Log a warning since loadbalancer metadata may not be available when the VM + // is not in standard LoadBalancer backend address pool. + klog.V(4).Infof("Warning: failed to get loadbalancer metadata: %v", err) + return instanceMetadata, nil + } + + publicIPs := loadBalancerMetadata.LoadBalancer.PublicIPAddresses + if len(netInterface.IPV4.IPAddress) > 0 && len(netInterface.IPV4.IPAddress[0].PrivateIP) > 0 { + for _, pip := range publicIPs { + if pip.PrivateIPAddress == netInterface.IPV4.IPAddress[0].PrivateIP { + netInterface.IPV4.IPAddress[0].PublicIP = pip.FrontendIPAddress + break + } + } + } + if len(netInterface.IPV6.IPAddress) > 0 && len(netInterface.IPV6.IPAddress[0].PrivateIP) > 0 { + for _, pip := range publicIPs { + if pip.PrivateIPAddress == netInterface.IPV6.IPAddress[0].PrivateIP { + netInterface.IPV6.IPAddress[0].PublicIP = pip.FrontendIPAddress + break + } + } + } + } + + return instanceMetadata, nil +} + +func (ims *InstanceMetadataService) getInstanceMetadata(key string) (*InstanceMetadata, error) { + req, err := http.NewRequest("GET", ims.imdsServer+imdsInstanceURI, nil) if err != nil { return nil, err } @@ -117,7 +182,7 @@ func (ims *InstanceMetadataService) getInstanceMetadata(key string) (interface{} q := req.URL.Query() q.Add("format", "json") - q.Add("api-version", "2019-03-11") + q.Add("api-version", imdsInstanceAPIVersion) req.URL.RawQuery = q.Encode() client := &http.Client{} @@ -145,6 +210,44 @@ func (ims *InstanceMetadataService) getInstanceMetadata(key string) (interface{} return &obj, nil } +func (ims *InstanceMetadataService) getLoadBalancerMetadata() (*LoadBalancerMetadata, error) { + req, err := http.NewRequest("GET", ims.imdsServer+imdsLoadBalancerURI, nil) + if err != nil { + return nil, err + } + req.Header.Add("Metadata", "True") + req.Header.Add("User-Agent", "golang/kubernetes-cloud-provider") + + q := req.URL.Query() + q.Add("format", "json") + q.Add("api-version", imdsLoadBalancerAPIVersion) + req.URL.RawQuery = q.Encode() + + client := &http.Client{} + resp, err := client.Do(req) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + if resp.StatusCode != http.StatusOK { + return nil, fmt.Errorf("failure of getting loadbalancer metadata with response %q", resp.Status) + } + + data, err := ioutil.ReadAll(resp.Body) + if err != nil { + return nil, err + } + + obj := LoadBalancerMetadata{} + err = json.Unmarshal(data, &obj) + if err != nil { + return nil, err + } + + return &obj, nil +} + // GetMetadata gets instance metadata from cache. // crt determines if we can get data from stalled cache/need fresh if cache expired. func (ims *InstanceMetadataService) GetMetadata(crt azcache.AzureCacheReadType) (*InstanceMetadata, error) { diff --git a/vendor/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go b/vendor/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go index 57e7706f88..2c1c4dfaa3 100644 --- a/vendor/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go +++ b/vendor/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go @@ -650,11 +650,19 @@ func (az *Cloud) ensurePublicIPExists(service *v1.Service, pipName string, domai serviceName := getServiceName(service) + var changed bool if existsPip { - // ensure that the service tag is good - changed, err := bindServicesToPIP(&pip, []string{serviceName}, false) - if err != nil { - return nil, err + // ensure that the service tag is good for managed pips + owns, isUserAssignedPIP := serviceOwnsPublicIP(service, &pip, clusterName) + if owns && !isUserAssignedPIP { + changed, err = bindServicesToPIP(&pip, []string{serviceName}, false) + if err != nil { + return nil, err + } + } + + if pip.Tags == nil { + pip.Tags = make(map[string]*string) } // return if pip exist and dns label is the same @@ -2091,7 +2099,12 @@ func deduplicate(collection *[]string) *[]string { } // Determine if we should release existing owned public IPs -func shouldReleaseExistingOwnedPublicIP(existingPip *network.PublicIPAddress, lbShouldExist, lbIsInternal bool, desiredPipName, svcName string, ipTagRequest serviceIPTagRequest) bool { +func shouldReleaseExistingOwnedPublicIP(existingPip *network.PublicIPAddress, lbShouldExist, lbIsInternal, isUserAssignedPIP bool, desiredPipName string, ipTagRequest serviceIPTagRequest) bool { + // skip deleting user created pip + if isUserAssignedPIP { + return false + } + // Latch some variables for readability purposes. pipName := *(*existingPip).Name @@ -2214,9 +2227,10 @@ func (az *Cloud) reconcilePublicIP(clusterName string, service *v1.Service, lbNa // Now, let's perform additional analysis to determine if we should release the public ips we have found. // We can only let them go if (a) they are owned by this service and (b) they meet the criteria for deletion. - if serviceOwnsPublicIP(&pip, clusterName, serviceName) { + owns, isUserAssignedPIP := serviceOwnsPublicIP(service, &pip, clusterName) + if owns { var dirtyPIP, toBeDeleted bool - if !wantLb { + if !wantLb && !isUserAssignedPIP { klog.V(2).Infof("reconcilePublicIP for service(%s): unbinding the service from pip %s", serviceName, *pip.Name) err = unbindServiceFromPIP(&pip, serviceName) if err != nil { @@ -2228,7 +2242,7 @@ func (az *Cloud) reconcilePublicIP(clusterName string, service *v1.Service, lbNa if changed { dirtyPIP = true } - if shouldReleaseExistingOwnedPublicIP(&pip, wantLb, isInternal, desiredPipName, serviceName, serviceIPTagRequest) { + if shouldReleaseExistingOwnedPublicIP(&pip, wantLb, isInternal, isUserAssignedPIP, desiredPipName, serviceIPTagRequest) { // Then, release the public ip pipsToBeDeleted = append(pipsToBeDeleted, &pip) @@ -2549,26 +2563,55 @@ func getServiceTags(service *v1.Service) []string { return nil } -func serviceOwnsPublicIP(pip *network.PublicIPAddress, clusterName, serviceName string) bool { - if pip != nil && pip.Tags != nil { +// serviceOwnsPublicIP checks if the service owns the pip and if the pip is user-created. +// The pip is user-created if and only if there is no service tags. +// The service owns the pip if: +// 1. The serviceName is included in the service tags of a system-created pip. +// 2. The service.Spec.LoadBalancerIP matches the IP address of a user-created pip. +func serviceOwnsPublicIP(service *v1.Service, pip *network.PublicIPAddress, clusterName string) (bool, bool) { + if service == nil || pip == nil { + klog.Warningf("serviceOwnsPublicIP: nil service or public IP") + return false, false + } + + if pip.PublicIPAddressPropertiesFormat == nil || to.String(pip.IPAddress) == "" { + klog.Warningf("serviceOwnsPublicIP: empty pip.IPAddress") + return false, false + } + + serviceName := getServiceName(service) + + if pip.Tags != nil { serviceTag := pip.Tags[serviceTagKey] clusterTag := pip.Tags[clusterNameKey] - if serviceTag != nil && isSVCNameInPIPTag(*serviceTag, serviceName) { - // Backward compatible for clusters upgraded from old releases. - // In such case, only "service" tag is set. - if clusterTag == nil { - return true - } + // if there is no service tag on the pip, it is user-created pip + if to.String(serviceTag) == "" { + return strings.EqualFold(to.String(pip.IPAddress), service.Spec.LoadBalancerIP), true + } - // If cluster name tag is set, then return true if it matches. - if *clusterTag == clusterName { - return true + if serviceTag != nil { + // if there is service tag on the pip, it is system-created pip + if isSVCNameInPIPTag(*serviceTag, serviceName) { + // Backward compatible for clusters upgraded from old releases. + // In such case, only "service" tag is set. + if clusterTag == nil { + return true, false + } + + // If cluster name tag is set, then return true if it matches. + if *clusterTag == clusterName { + return true, false + } + } else { + // if the service is not included in te tags of the system-created pip, check the ip address + // this could happen for secondary services + return strings.EqualFold(to.String(pip.IPAddress), service.Spec.LoadBalancerIP), false } } } - return false + return false, false } func isSVCNameInPIPTag(tag, svcName string) bool { diff --git a/vendor/k8s.io/mount-utils/mount_helper_common.go b/vendor/k8s.io/mount-utils/mount_helper_common.go index a798748556..dd4dc2c8e5 100644 --- a/vendor/k8s.io/mount-utils/mount_helper_common.go +++ b/vendor/k8s.io/mount-utils/mount_helper_common.go @@ -122,6 +122,10 @@ func removePathIfNotMountPoint(mountPath string, mounter Interface, extensiveMou } if err != nil { + if os.IsNotExist(err) { + klog.V(4).Infof("%q does not exist", mountPath) + return true, nil + } return notMnt, err } diff --git a/vendor/k8s.io/mount-utils/mount_helper_unix.go b/vendor/k8s.io/mount-utils/mount_helper_unix.go index 11b70ebc29..2c14a27c71 100644 --- a/vendor/k8s.io/mount-utils/mount_helper_unix.go +++ b/vendor/k8s.io/mount-utils/mount_helper_unix.go @@ -52,7 +52,7 @@ func IsCorruptedMnt(err error) bool { underlyingError = pe.Err } - return underlyingError == syscall.ENOTCONN || underlyingError == syscall.ESTALE || underlyingError == syscall.EIO || underlyingError == syscall.EACCES + return underlyingError == syscall.ENOTCONN || underlyingError == syscall.ESTALE || underlyingError == syscall.EIO || underlyingError == syscall.EACCES || underlyingError == syscall.EHOSTDOWN } // MountInfo represents a single line in /proc//mountinfo. diff --git a/vendor/k8s.io/mount-utils/mount_helper_windows.go b/vendor/k8s.io/mount-utils/mount_helper_windows.go index b308ce76d2..865ab5c324 100644 --- a/vendor/k8s.io/mount-utils/mount_helper_windows.go +++ b/vendor/k8s.io/mount-utils/mount_helper_windows.go @@ -38,7 +38,8 @@ import ( // ERROR_BAD_NET_NAME = 67 // ERROR_SESSION_CREDENTIAL_CONFLICT = 1219 // ERROR_LOGON_FAILURE = 1326 -var errorNoList = [...]int{53, 54, 59, 64, 65, 66, 67, 1219, 1326} +// WSAEHOSTDOWN = 10064 +var errorNoList = [...]int{53, 54, 59, 64, 65, 66, 67, 1219, 1326, 10064} // IsCorruptedMnt return true if err is about corrupted mount point func IsCorruptedMnt(err error) bool { diff --git a/vendor/k8s.io/mount-utils/resizefs_linux.go b/vendor/k8s.io/mount-utils/resizefs_linux.go index 3b2ffa3136..54a529d7c6 100644 --- a/vendor/k8s.io/mount-utils/resizefs_linux.go +++ b/vendor/k8s.io/mount-utils/resizefs_linux.go @@ -20,6 +20,8 @@ package mount import ( "fmt" + "strconv" + "strings" "k8s.io/klog/v2" utilexec "k8s.io/utils/exec" @@ -99,3 +101,117 @@ func (resizefs *ResizeFs) btrfsResize(deviceMountPath string) (bool, error) { resizeError := fmt.Errorf("resize of device %s failed: %v. btrfs output: %s", deviceMountPath, err, string(output)) return false, resizeError } + +func (resizefs *ResizeFs) NeedResize(devicePath string, deviceMountPath string) (bool, error) { + deviceSize, err := resizefs.getDeviceSize(devicePath) + if err != nil { + return false, err + } + var fsSize, blockSize uint64 + format, err := getDiskFormat(resizefs.exec, devicePath) + if err != nil { + formatErr := fmt.Errorf("ResizeFS.Resize - error checking format for device %s: %v", devicePath, err) + return false, formatErr + } + + // If disk has no format, there is no need to resize the disk because mkfs.* + // by default will use whole disk anyways. + if format == "" { + return false, nil + } + + klog.V(3).Infof("ResizeFs.needResize - checking mounted volume %s", devicePath) + switch format { + case "ext3", "ext4": + blockSize, fsSize, err = resizefs.getExtSize(devicePath) + klog.V(5).Infof("Ext size: filesystem size=%d, block size=%d", fsSize, blockSize) + case "xfs": + blockSize, fsSize, err = resizefs.getXFSSize(deviceMountPath) + klog.V(5).Infof("Xfs size: filesystem size=%d, block size=%d, err=%v", fsSize, blockSize, err) + default: + klog.Errorf("Not able to parse given filesystem info. fsType: %s, will not resize", format) + return false, fmt.Errorf("Could not parse fs info on given filesystem format: %s. Supported fs types are: xfs, ext3, ext4", format) + } + if err != nil { + return false, err + } + // Tolerate one block difference, just in case of rounding errors somewhere. + klog.V(5).Infof("Volume %s: device size=%d, filesystem size=%d, block size=%d", devicePath, deviceSize, fsSize, blockSize) + if deviceSize <= fsSize+blockSize { + return false, nil + } + return true, nil +} +func (resizefs *ResizeFs) getDeviceSize(devicePath string) (uint64, error) { + output, err := resizefs.exec.Command("blockdev", "--getsize64", devicePath).CombinedOutput() + outStr := strings.TrimSpace(string(output)) + if err != nil { + return 0, fmt.Errorf("failed to read size of device %s: %s: %s", devicePath, err, outStr) + } + size, err := strconv.ParseUint(outStr, 10, 64) + if err != nil { + return 0, fmt.Errorf("failed to parse size of device %s %s: %s", devicePath, outStr, err) + } + return size, nil +} + +func (resizefs *ResizeFs) getExtSize(devicePath string) (uint64, uint64, error) { + output, err := resizefs.exec.Command("dumpe2fs", "-h", devicePath).CombinedOutput() + if err != nil { + return 0, 0, fmt.Errorf("failed to read size of filesystem on %s: %s: %s", devicePath, err, string(output)) + } + + blockSize, blockCount, _ := resizefs.parseFsInfoOutput(string(output), ":", "block size", "block count") + + if blockSize == 0 { + return 0, 0, fmt.Errorf("could not find block size of device %s", devicePath) + } + if blockCount == 0 { + return 0, 0, fmt.Errorf("could not find block count of device %s", devicePath) + } + return blockSize, blockSize * blockCount, nil +} + +func (resizefs *ResizeFs) getXFSSize(devicePath string) (uint64, uint64, error) { + output, err := resizefs.exec.Command("xfs_io", "-c", "statfs", devicePath).CombinedOutput() + if err != nil { + return 0, 0, fmt.Errorf("failed to read size of filesystem on %s: %s: %s", devicePath, err, string(output)) + } + + blockSize, blockCount, _ := resizefs.parseFsInfoOutput(string(output), "=", "geom.bsize", "geom.datablocks") + + if blockSize == 0 { + return 0, 0, fmt.Errorf("could not find block size of device %s", devicePath) + } + if blockCount == 0 { + return 0, 0, fmt.Errorf("could not find block count of device %s", devicePath) + } + return blockSize, blockSize * blockCount, nil +} + +func (resizefs *ResizeFs) parseFsInfoOutput(cmdOutput string, spliter string, blockSizeKey string, blockCountKey string) (uint64, uint64, error) { + lines := strings.Split(cmdOutput, "\n") + var blockSize, blockCount uint64 + var err error + + for _, line := range lines { + tokens := strings.Split(line, spliter) + if len(tokens) != 2 { + continue + } + key, value := strings.ToLower(strings.TrimSpace(tokens[0])), strings.ToLower(strings.TrimSpace(tokens[1])) + if key == blockSizeKey { + blockSize, err = strconv.ParseUint(value, 10, 64) + if err != nil { + return 0, 0, fmt.Errorf("failed to parse block size %s: %s", value, err) + } + } + if key == blockCountKey { + blockCount, err = strconv.ParseUint(value, 10, 64) + if err != nil { + return 0, 0, fmt.Errorf("failed to parse block count %s: %s", value, err) + } + } + } + return blockSize, blockCount, err +} diff --git a/vendor/modules.txt b/vendor/modules.txt index d937bf1993..eb8f6c4ad3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1441,7 +1441,7 @@ gopkg.in/warnings.v0 gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b gopkg.in/yaml.v3 -# k8s.io/api v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.0-k3s1 +# k8s.io/api v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.1-k3s1 ## explicit k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -1489,7 +1489,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.0-k3s1 +# k8s.io/apiextensions-apiserver v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.1-k3s1 k8s.io/apiextensions-apiserver/pkg/apihelpers k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/install @@ -1529,7 +1529,7 @@ k8s.io/apiextensions-apiserver/pkg/generated/openapi k8s.io/apiextensions-apiserver/pkg/registry/customresource k8s.io/apiextensions-apiserver/pkg/registry/customresource/tableconvertor k8s.io/apiextensions-apiserver/pkg/registry/customresourcedefinition -# k8s.io/apimachinery v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.0-k3s1 +# k8s.io/apimachinery v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.1-k3s1 ## explicit k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -1594,7 +1594,7 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.0-k3s1 +# k8s.io/apiserver v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.1-k3s1 ## explicit k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/configuration @@ -1733,11 +1733,11 @@ k8s.io/apiserver/plugin/pkg/audit/webhook k8s.io/apiserver/plugin/pkg/authenticator/token/oidc k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook -# k8s.io/cli-runtime v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.0-k3s1 +# k8s.io/cli-runtime v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.1-k3s1 k8s.io/cli-runtime/pkg/genericclioptions k8s.io/cli-runtime/pkg/printers k8s.io/cli-runtime/pkg/resource -# k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.0-k3s1 +# k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.1-k3s1 ## explicit k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1beta1 @@ -2025,7 +2025,7 @@ k8s.io/client-go/util/jsonpath k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/cloud-provider v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.0-k3s1 +# k8s.io/cloud-provider v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.1-k3s1 ## explicit k8s.io/cloud-provider k8s.io/cloud-provider/api @@ -2047,13 +2047,13 @@ k8s.io/cloud-provider/service/helpers k8s.io/cloud-provider/volume k8s.io/cloud-provider/volume/errors k8s.io/cloud-provider/volume/helpers -# k8s.io/cluster-bootstrap v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.0-k3s1 +# k8s.io/cluster-bootstrap v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.1-k3s1 k8s.io/cluster-bootstrap/token/api k8s.io/cluster-bootstrap/token/jws k8s.io/cluster-bootstrap/token/util k8s.io/cluster-bootstrap/util/secrets k8s.io/cluster-bootstrap/util/tokens -# k8s.io/code-generator v0.19.7 => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.0-k3s1 +# k8s.io/code-generator v0.19.7 => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.1-k3s1 k8s.io/code-generator/cmd/client-gen/args k8s.io/code-generator/cmd/client-gen/generators k8s.io/code-generator/cmd/client-gen/generators/fake @@ -2068,7 +2068,7 @@ k8s.io/code-generator/cmd/lister-gen/args k8s.io/code-generator/cmd/lister-gen/generators k8s.io/code-generator/pkg/namer k8s.io/code-generator/pkg/util -# k8s.io/component-base v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.0-k3s1 +# k8s.io/component-base v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.1-k3s1 ## explicit k8s.io/component-base/cli/flag k8s.io/component-base/cli/globalflag @@ -2094,7 +2094,7 @@ k8s.io/component-base/metrics/testutil k8s.io/component-base/term k8s.io/component-base/version k8s.io/component-base/version/verflag -# k8s.io/component-helpers v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.0-k3s1 +# k8s.io/component-helpers v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.1-k3s1 k8s.io/component-helpers/apimachinery/lease k8s.io/component-helpers/apps/poddisruptionbudget k8s.io/component-helpers/auth/rbac/reconciliation @@ -2103,7 +2103,7 @@ k8s.io/component-helpers/node/topology k8s.io/component-helpers/scheduling/corev1 k8s.io/component-helpers/scheduling/corev1/nodeaffinity k8s.io/component-helpers/storage/volume -# k8s.io/controller-manager v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.0-k3s1 +# k8s.io/controller-manager v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.1-k3s1 ## explicit k8s.io/controller-manager/app k8s.io/controller-manager/config @@ -2116,11 +2116,11 @@ k8s.io/controller-manager/pkg/informerfactory k8s.io/controller-manager/pkg/leadermigration k8s.io/controller-manager/pkg/leadermigration/config k8s.io/controller-manager/pkg/leadermigration/options -# k8s.io/cri-api v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.0-k3s1 +# k8s.io/cri-api v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.1-k3s1 ## explicit k8s.io/cri-api/pkg/apis k8s.io/cri-api/pkg/apis/runtime/v1alpha2 -# k8s.io/csi-translation-lib v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.0-k3s1 +# k8s.io/csi-translation-lib v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.1-k3s1 k8s.io/csi-translation-lib k8s.io/csi-translation-lib/plugins # k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027 @@ -2138,7 +2138,7 @@ k8s.io/heapster/metrics/api/v1/types k8s.io/klog # k8s.io/klog/v2 v2.8.0 k8s.io/klog/v2 -# k8s.io/kube-aggregator v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.0-k3s1 +# k8s.io/kube-aggregator v0.18.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.1-k3s1 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/install k8s.io/kube-aggregator/pkg/apis/apiregistration/v1 @@ -2166,7 +2166,7 @@ k8s.io/kube-aggregator/pkg/controllers/status k8s.io/kube-aggregator/pkg/registry/apiservice k8s.io/kube-aggregator/pkg/registry/apiservice/etcd k8s.io/kube-aggregator/pkg/registry/apiservice/rest -# k8s.io/kube-controller-manager v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.0-k3s1 +# k8s.io/kube-controller-manager v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.1-k3s1 k8s.io/kube-controller-manager/config/v1alpha1 # k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7 k8s.io/kube-openapi/pkg/aggregator @@ -2182,13 +2182,13 @@ k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson k8s.io/kube-openapi/pkg/validation/validate -# k8s.io/kube-proxy v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.0-k3s1 +# k8s.io/kube-proxy v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.1-k3s1 k8s.io/kube-proxy/config/v1alpha1 -# k8s.io/kube-scheduler v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.0-k3s1 +# k8s.io/kube-scheduler v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.1-k3s1 k8s.io/kube-scheduler/config/v1 k8s.io/kube-scheduler/config/v1beta1 k8s.io/kube-scheduler/extender/v1 -# k8s.io/kubectl v0.21.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.0-k3s1 +# k8s.io/kubectl v0.21.1 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.1-k3s1 ## explicit k8s.io/kubectl/pkg/apps k8s.io/kubectl/pkg/cmd @@ -2267,7 +2267,7 @@ k8s.io/kubectl/pkg/util/storage k8s.io/kubectl/pkg/util/templates k8s.io/kubectl/pkg/util/term k8s.io/kubectl/pkg/validation -# k8s.io/kubelet v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.0-k3s1 +# k8s.io/kubelet v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.1-k3s1 k8s.io/kubelet/config/v1alpha1 k8s.io/kubelet/config/v1beta1 k8s.io/kubelet/pkg/apis @@ -2279,7 +2279,7 @@ k8s.io/kubelet/pkg/apis/pluginregistration/v1 k8s.io/kubelet/pkg/apis/podresources/v1 k8s.io/kubelet/pkg/apis/podresources/v1alpha1 k8s.io/kubelet/pkg/apis/stats/v1alpha1 -# k8s.io/kubernetes v1.21.0 => github.com/k3s-io/kubernetes v1.21.0-k3s1 +# k8s.io/kubernetes v1.21.1 => github.com/k3s-io/kubernetes v1.21.1-k3s1 ## explicit k8s.io/kubernetes/cmd/kube-apiserver/app k8s.io/kubernetes/cmd/kube-apiserver/app/options @@ -3007,7 +3007,7 @@ k8s.io/kubernetes/third_party/forked/gonum/graph k8s.io/kubernetes/third_party/forked/gonum/graph/internal/linear k8s.io/kubernetes/third_party/forked/gonum/graph/simple k8s.io/kubernetes/third_party/forked/gonum/graph/traverse -# k8s.io/legacy-cloud-providers v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.0-k3s1 +# k8s.io/legacy-cloud-providers v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.1-k3s1 k8s.io/legacy-cloud-providers/aws k8s.io/legacy-cloud-providers/azure k8s.io/legacy-cloud-providers/azure/auth @@ -3050,7 +3050,7 @@ k8s.io/legacy-cloud-providers/openstack k8s.io/legacy-cloud-providers/vsphere k8s.io/legacy-cloud-providers/vsphere/vclib k8s.io/legacy-cloud-providers/vsphere/vclib/diskmanagers -# k8s.io/metrics v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.0-k3s1 +# k8s.io/metrics v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.1-k3s1 k8s.io/metrics/pkg/apis/custom_metrics k8s.io/metrics/pkg/apis/custom_metrics/v1beta1 k8s.io/metrics/pkg/apis/custom_metrics/v1beta2 @@ -3066,7 +3066,7 @@ k8s.io/metrics/pkg/client/clientset/versioned/typed/metrics/v1beta1 k8s.io/metrics/pkg/client/custom_metrics k8s.io/metrics/pkg/client/custom_metrics/scheme k8s.io/metrics/pkg/client/external_metrics -# k8s.io/mount-utils v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.0-k3s1 +# k8s.io/mount-utils v0.0.0 => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.1-k3s1 k8s.io/mount-utils # k8s.io/utils v0.0.0-20201110183641-67b214c5f920 ## explicit @@ -3088,7 +3088,7 @@ k8s.io/utils/trace # sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15 sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client -# sigs.k8s.io/kustomize/api v0.8.5 +# sigs.k8s.io/kustomize/api v0.8.8 sigs.k8s.io/kustomize/api/builtins sigs.k8s.io/kustomize/api/filesys sigs.k8s.io/kustomize/api/filters/annotations @@ -3109,7 +3109,6 @@ sigs.k8s.io/kustomize/api/hasher sigs.k8s.io/kustomize/api/ifc sigs.k8s.io/kustomize/api/image sigs.k8s.io/kustomize/api/internal/accumulator -sigs.k8s.io/kustomize/api/internal/conflict sigs.k8s.io/kustomize/api/internal/generators sigs.k8s.io/kustomize/api/internal/git sigs.k8s.io/kustomize/api/internal/kusterr @@ -3122,7 +3121,6 @@ sigs.k8s.io/kustomize/api/internal/plugins/utils sigs.k8s.io/kustomize/api/internal/target sigs.k8s.io/kustomize/api/internal/utils sigs.k8s.io/kustomize/api/internal/validate -sigs.k8s.io/kustomize/api/internal/wrappy sigs.k8s.io/kustomize/api/konfig sigs.k8s.io/kustomize/api/konfig/builtinpluginconsts sigs.k8s.io/kustomize/api/krusty @@ -3134,14 +3132,13 @@ sigs.k8s.io/kustomize/api/resid sigs.k8s.io/kustomize/api/resmap sigs.k8s.io/kustomize/api/resource sigs.k8s.io/kustomize/api/types -# sigs.k8s.io/kustomize/kustomize/v4 v4.0.5 +# sigs.k8s.io/kustomize/kustomize/v4 v4.1.2 sigs.k8s.io/kustomize/kustomize/v4/commands/build -# sigs.k8s.io/kustomize/kyaml v0.10.15 +# sigs.k8s.io/kustomize/kyaml v0.10.17 sigs.k8s.io/kustomize/kyaml/comments sigs.k8s.io/kustomize/kyaml/errors sigs.k8s.io/kustomize/kyaml/ext sigs.k8s.io/kustomize/kyaml/fieldmeta -sigs.k8s.io/kustomize/kyaml/filtersutil sigs.k8s.io/kustomize/kyaml/fn/runtime/container sigs.k8s.io/kustomize/kyaml/fn/runtime/exec sigs.k8s.io/kustomize/kyaml/fn/runtime/runtimeutil @@ -3205,32 +3202,32 @@ sigs.k8s.io/yaml # google.golang.org/genproto => google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884 # google.golang.org/grpc => google.golang.org/grpc v1.27.1 # gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 -# k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.0-k3s1 -# k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.0-k3s1 -# k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.0-k3s1 -# k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.0-k3s1 -# k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.0-k3s1 -# k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.0-k3s1 -# k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.0-k3s1 -# k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.0-k3s1 -# k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.0-k3s1 -# k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.0-k3s1 -# k8s.io/component-helpers => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.0-k3s1 -# k8s.io/controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.0-k3s1 -# k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.0-k3s1 -# k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.0-k3s1 -# k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.0-k3s1 -# k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.0-k3s1 -# k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.0-k3s1 -# k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.0-k3s1 -# k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.0-k3s1 -# k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.0-k3s1 -# k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.21.0-k3s1 -# k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.0-k3s1 -# k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.0-k3s1 -# k8s.io/mount-utils => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.0-k3s1 -# k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.21.0-k3s1 -# k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.21.0-k3s1 -# k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.21.0-k3s1 -# k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.21.0-k3s1 +# k8s.io/api => github.com/k3s-io/kubernetes/staging/src/k8s.io/api v1.21.1-k3s1 +# k8s.io/apiextensions-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiextensions-apiserver v1.21.1-k3s1 +# k8s.io/apimachinery => github.com/k3s-io/kubernetes/staging/src/k8s.io/apimachinery v1.21.1-k3s1 +# k8s.io/apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/apiserver v1.21.1-k3s1 +# k8s.io/cli-runtime => github.com/k3s-io/kubernetes/staging/src/k8s.io/cli-runtime v1.21.1-k3s1 +# k8s.io/client-go => github.com/k3s-io/kubernetes/staging/src/k8s.io/client-go v1.21.1-k3s1 +# k8s.io/cloud-provider => github.com/k3s-io/kubernetes/staging/src/k8s.io/cloud-provider v1.21.1-k3s1 +# k8s.io/cluster-bootstrap => github.com/k3s-io/kubernetes/staging/src/k8s.io/cluster-bootstrap v1.21.1-k3s1 +# k8s.io/code-generator => github.com/k3s-io/kubernetes/staging/src/k8s.io/code-generator v1.21.1-k3s1 +# k8s.io/component-base => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-base v1.21.1-k3s1 +# k8s.io/component-helpers => github.com/k3s-io/kubernetes/staging/src/k8s.io/component-helpers v1.21.1-k3s1 +# k8s.io/controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/controller-manager v1.21.1-k3s1 +# k8s.io/cri-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/cri-api v1.21.1-k3s1 +# k8s.io/csi-translation-lib => github.com/k3s-io/kubernetes/staging/src/k8s.io/csi-translation-lib v1.21.1-k3s1 +# k8s.io/kube-aggregator => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-aggregator v1.21.1-k3s1 +# k8s.io/kube-controller-manager => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-controller-manager v1.21.1-k3s1 +# k8s.io/kube-proxy => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-proxy v1.21.1-k3s1 +# k8s.io/kube-scheduler => github.com/k3s-io/kubernetes/staging/src/k8s.io/kube-scheduler v1.21.1-k3s1 +# k8s.io/kubectl => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubectl v1.21.1-k3s1 +# k8s.io/kubelet => github.com/k3s-io/kubernetes/staging/src/k8s.io/kubelet v1.21.1-k3s1 +# k8s.io/kubernetes => github.com/k3s-io/kubernetes v1.21.1-k3s1 +# k8s.io/legacy-cloud-providers => github.com/k3s-io/kubernetes/staging/src/k8s.io/legacy-cloud-providers v1.21.1-k3s1 +# k8s.io/metrics => github.com/k3s-io/kubernetes/staging/src/k8s.io/metrics v1.21.1-k3s1 +# k8s.io/mount-utils => github.com/k3s-io/kubernetes/staging/src/k8s.io/mount-utils v1.21.1-k3s1 +# k8s.io/node-api => github.com/k3s-io/kubernetes/staging/src/k8s.io/node-api v1.21.1-k3s1 +# k8s.io/sample-apiserver => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-apiserver v1.21.1-k3s1 +# k8s.io/sample-cli-plugin => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-cli-plugin v1.21.1-k3s1 +# k8s.io/sample-controller => github.com/k3s-io/kubernetes/staging/src/k8s.io/sample-controller v1.21.1-k3s1 # mvdan.cc/unparam => mvdan.cc/unparam v0.0.0-20210104141923-aac4ce9116a7 diff --git a/vendor/sigs.k8s.io/kustomize/api/builtins/HashTransformer.go b/vendor/sigs.k8s.io/kustomize/api/builtins/HashTransformer.go index c7ce6f7e86..54586beeb3 100644 --- a/vendor/sigs.k8s.io/kustomize/api/builtins/HashTransformer.go +++ b/vendor/sigs.k8s.io/kustomize/api/builtins/HashTransformer.go @@ -11,7 +11,7 @@ import ( ) type HashTransformerPlugin struct { - hasher ifc.KunstructuredHasher + hasher ifc.KustHasher } func (p *HashTransformerPlugin) Config( @@ -24,7 +24,7 @@ func (p *HashTransformerPlugin) Config( func (p *HashTransformerPlugin) Transform(m resmap.ResMap) error { for _, res := range m.Resources() { if res.NeedHashSuffix() { - h, err := p.hasher.Hash(res) + h, err := res.Hash(p.hasher) if err != nil { return err } diff --git a/vendor/sigs.k8s.io/kustomize/api/builtins/HelmChartInflationGenerator.go b/vendor/sigs.k8s.io/kustomize/api/builtins/HelmChartInflationGenerator.go index e03d5abadf..7037a01b5f 100644 --- a/vendor/sigs.k8s.io/kustomize/api/builtins/HelmChartInflationGenerator.go +++ b/vendor/sigs.k8s.io/kustomize/api/builtins/HelmChartInflationGenerator.go @@ -6,7 +6,6 @@ package builtins import ( "bytes" "fmt" - "io" "io/ioutil" "os" "os/exec" @@ -16,7 +15,6 @@ import ( "github.com/imdario/mergo" "github.com/pkg/errors" - "sigs.k8s.io/kustomize/api/filesys" "sigs.k8s.io/kustomize/api/resmap" "sigs.k8s.io/kustomize/api/types" "sigs.k8s.io/yaml" @@ -25,243 +23,285 @@ import ( // HelmChartInflationGeneratorPlugin is a plugin to generate resources // from a remote or local helm chart. type HelmChartInflationGeneratorPlugin struct { - h *resmap.PluginHelpers - types.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` - runHelmCommand func([]string) ([]byte, error) - types.HelmChartArgs + h *resmap.PluginHelpers + types.HelmGlobals + types.HelmChart tmpDir string } var KustomizePlugin HelmChartInflationGeneratorPlugin +const ( + valuesMergeOptionMerge = "merge" + valuesMergeOptionOverride = "override" + valuesMergeOptionReplace = "replace" +) + +var legalMergeOptions = []string{ + valuesMergeOptionMerge, + valuesMergeOptionOverride, + valuesMergeOptionReplace, +} + // Config uses the input plugin configurations `config` to setup the generator // options -func (p *HelmChartInflationGeneratorPlugin) Config(h *resmap.PluginHelpers, config []byte) error { +func (p *HelmChartInflationGeneratorPlugin) Config( + h *resmap.PluginHelpers, config []byte) (err error) { + if h.GeneralConfig() == nil { + return fmt.Errorf("unable to access general config") + } + if !h.GeneralConfig().HelmConfig.Enabled { + return fmt.Errorf("must specify --enable-helm") + } + if h.GeneralConfig().HelmConfig.Command == "" { + return fmt.Errorf("must specify --helm-command") + } p.h = h - err := yaml.Unmarshal(config, p) - if err != nil { - return err + if err = yaml.Unmarshal(config, p); err != nil { + return } - tmpDir, err := filesys.NewTmpConfirmedDir() - if err != nil { - return err - } - p.tmpDir = string(tmpDir) - if p.ChartName == "" { - return fmt.Errorf("chartName cannot be empty") - } - if p.ChartHome == "" { - p.ChartHome = filepath.Join(p.tmpDir, "chart") - } - if p.ChartRepoName == "" { - p.ChartRepoName = "stable" - } - if p.HelmBin == "" { - p.HelmBin = "helm" - } - if p.HelmHome == "" { - p.HelmHome = filepath.Join(p.tmpDir, ".helm") - } - if p.Values == "" { - p.Values = filepath.Join(p.ChartHome, p.ChartName, "values.yaml") - } - if p.ValuesMerge == "" { - p.ValuesMerge = "override" - } - // runHelmCommand will run `helm` command with args provided. Return stdout - // and error if there is any. - p.runHelmCommand = func(args []string) ([]byte, error) { - stdout := new(bytes.Buffer) - stderr := new(bytes.Buffer) - cmd := exec.Command(p.HelmBin, args...) - cmd.Stdout = stdout - cmd.Stderr = stderr - cmd.Env = append(cmd.Env, - fmt.Sprintf("HELM_CONFIG_HOME=%s", p.HelmHome), - fmt.Sprintf("HELM_CACHE_HOME=%s/.cache", p.HelmHome), - fmt.Sprintf("HELM_DATA_HOME=%s/.data", p.HelmHome), - ) - err := cmd.Run() - if err != nil { - return stdout.Bytes(), - errors.Wrap( - fmt.Errorf("failed to run command %s %s", p.HelmBin, strings.Join(args, " ")), - stderr.String(), - ) - } - return stdout.Bytes(), nil - } - return nil + return p.validateArgs() } -// EncodeValues for writing -func (p *HelmChartInflationGeneratorPlugin) EncodeValues(w io.Writer) error { - d, err := yaml.Marshal(p.ValuesLocal) - if err != nil { - return err - } - _, err = w.Write(d) - if err != nil { - return err - } - return nil -} - -// useValuesLocal process (merge) inflator config provided values with chart default values.yaml -func (p *HelmChartInflationGeneratorPlugin) useValuesLocal() error { - // not override, merge, none - if !(p.ValuesMerge == "none" || p.ValuesMerge == "no" || p.ValuesMerge == "false") { - var pValues []byte - var err error - - if filepath.IsAbs(p.Values) { - pValues, err = ioutil.ReadFile(p.Values) - } else { - pValues, err = p.h.Loader().Load(p.Values) - } - if err != nil { - return err - } - chValues := make(map[string]interface{}) - err = yaml.Unmarshal(pValues, &chValues) - if err != nil { - return err - } - if p.ValuesMerge == "override" { - err = mergo.Merge(&chValues, p.ValuesLocal, mergo.WithOverride) - if err != nil { - return err - } - } - if p.ValuesMerge == "merge" { - err = mergo.Merge(&chValues, p.ValuesLocal) - if err != nil { - return err - } - } - p.ValuesLocal = chValues - } - b, err := yaml.Marshal(p.ValuesLocal) - if err != nil { - return err - } - path, err := p.writeValuesBytes(b) - if err != nil { - return err - } - p.Values = path - return nil -} - -// copyValues will copy the relative values file into the temp directory -// to avoid messing up with CWD. -func (p *HelmChartInflationGeneratorPlugin) copyValues() error { - // only copy when the values path is not absolute - if filepath.IsAbs(p.Values) { +// This uses the real file system since tmpDir may be used +// by the helm subprocess. Cannot use a chroot jail or fake +// filesystem since we allow the user to use previously +// downloaded charts. This is safe since this plugin is +// owned by kustomize. +func (p *HelmChartInflationGeneratorPlugin) establishTmpDir() (err error) { + if p.tmpDir != "" { + // already done. return nil } - // we must use use loader to read values file - b, err := p.h.Loader().Load(p.Values) - if err != nil { + p.tmpDir, err = ioutil.TempDir("", "kustomize-helm-") + return err +} + +func (p *HelmChartInflationGeneratorPlugin) validateArgs() (err error) { + if p.Name == "" { + return fmt.Errorf("chart name cannot be empty") + } + + // ChartHome might be consulted by the plugin (to read + // values files below it), so it must be located under + // the loader root (unless root restrictions are + // disabled, in which case this can be an absolute path). + if p.ChartHome == "" { + p.ChartHome = "charts" + } + + // The ValuesFile may be consulted by the plugin, so it must + // be under the loader root (unless root restrictions are + // disabled). + if p.ValuesFile == "" { + p.ValuesFile = filepath.Join(p.ChartHome, p.Name, "values.yaml") + } + + if err = p.errIfIllegalValuesMerge(); err != nil { return err } - path, err := p.writeValuesBytes(b) - if err != nil { - return err + + // ConfigHome is not loaded by the plugin, and can be located anywhere. + if p.ConfigHome == "" { + if err = p.establishTmpDir(); err != nil { + return errors.Wrap( + err, "unable to create tmp dir for HELM_CONFIG_HOME") + } + p.ConfigHome = filepath.Join(p.tmpDir, "helm") } - p.Values = path return nil } -func (p *HelmChartInflationGeneratorPlugin) writeValuesBytes(b []byte) (string, error) { - path := filepath.Join(p.ChartHome, p.ChartName, "kustomize-values.yaml") - err := ioutil.WriteFile(path, b, 0644) +func (p *HelmChartInflationGeneratorPlugin) errIfIllegalValuesMerge() error { + if p.ValuesMerge == "" { + // Use the default. + p.ValuesMerge = valuesMergeOptionOverride + return nil + } + for _, opt := range legalMergeOptions { + if p.ValuesMerge == opt { + return nil + } + } + return fmt.Errorf("valuesMerge must be one of %v", legalMergeOptions) +} + +func (p *HelmChartInflationGeneratorPlugin) absChartHome() string { + if filepath.IsAbs(p.ChartHome) { + return p.ChartHome + } + return filepath.Join(p.h.Loader().Root(), p.ChartHome) +} + +func (p *HelmChartInflationGeneratorPlugin) runHelmCommand( + args []string) ([]byte, error) { + stdout := new(bytes.Buffer) + stderr := new(bytes.Buffer) + cmd := exec.Command(p.h.GeneralConfig().HelmConfig.Command, args...) + cmd.Stdout = stdout + cmd.Stderr = stderr + env := []string{ + fmt.Sprintf("HELM_CONFIG_HOME=%s", p.ConfigHome), + fmt.Sprintf("HELM_CACHE_HOME=%s/.cache", p.ConfigHome), + fmt.Sprintf("HELM_DATA_HOME=%s/.data", p.ConfigHome)} + cmd.Env = append(os.Environ(), env...) + err := cmd.Run() + if err != nil { + helm := p.h.GeneralConfig().HelmConfig.Command + err = errors.Wrap( + fmt.Errorf( + "unable to run: '%s %s' with env=%s (is '%s' installed?)", + helm, strings.Join(args, " "), env, helm), + stderr.String(), + ) + } + return stdout.Bytes(), err +} + +// createNewMergedValuesFile replaces/merges original values file with ValuesInline. +func (p *HelmChartInflationGeneratorPlugin) createNewMergedValuesFile() ( + path string, err error) { + if p.ValuesMerge == valuesMergeOptionMerge || + p.ValuesMerge == valuesMergeOptionOverride { + if err = p.replaceValuesInline(); err != nil { + return "", err + } + } + var b []byte + b, err = yaml.Marshal(p.ValuesInline) if err != nil { return "", err } - return path, nil + return p.writeValuesBytes(b) +} + +func (p *HelmChartInflationGeneratorPlugin) replaceValuesInline() error { + pValues, err := p.h.Loader().Load(p.ValuesFile) + if err != nil { + return err + } + chValues := make(map[string]interface{}) + if err = yaml.Unmarshal(pValues, &chValues); err != nil { + return err + } + switch p.ValuesMerge { + case valuesMergeOptionOverride: + err = mergo.Merge( + &chValues, p.ValuesInline, mergo.WithOverride) + case valuesMergeOptionMerge: + err = mergo.Merge(&chValues, p.ValuesInline) + } + p.ValuesInline = chValues + return err +} + +// copyValuesFile to avoid branching. TODO: get rid of this. +func (p *HelmChartInflationGeneratorPlugin) copyValuesFile() (string, error) { + b, err := p.h.Loader().Load(p.ValuesFile) + if err != nil { + return "", err + } + return p.writeValuesBytes(b) +} + +// Write a absolute path file in the tmp file system. +func (p *HelmChartInflationGeneratorPlugin) writeValuesBytes( + b []byte) (string, error) { + if err := p.establishTmpDir(); err != nil { + return "", fmt.Errorf("cannot create tmp dir to write helm values") + } + path := filepath.Join(p.tmpDir, p.Name+"-kustomize-values.yaml") + return path, ioutil.WriteFile(path, b, 0644) +} + +func (p *HelmChartInflationGeneratorPlugin) cleanup() { + if p.tmpDir != "" { + os.RemoveAll(p.tmpDir) + } } // Generate implements generator -func (p *HelmChartInflationGeneratorPlugin) Generate() (resmap.ResMap, error) { - // cleanup - defer os.RemoveAll(p.tmpDir) - // check helm version. we only support V3 - err := p.checkHelmVersion() - if err != nil { +func (p *HelmChartInflationGeneratorPlugin) Generate() (rm resmap.ResMap, err error) { + defer p.cleanup() + if err = p.checkHelmVersion(); err != nil { return nil, err } - // pull the chart - if !p.checkLocalChart() { - _, err := p.runHelmCommand(p.getPullCommandArgs()) - if err != nil { + if path, exists := p.chartExistsLocally(); !exists { + if p.Repo == "" { + return nil, fmt.Errorf( + "no repo specified for pull, no chart found at '%s'", path) + } + if _, err := p.runHelmCommand(p.pullCommand()); err != nil { return nil, err } } - - // inflator config valuesLocal - if len(p.ValuesLocal) > 0 { - err := p.useValuesLocal() - if err != nil { - return nil, err - } + if len(p.ValuesInline) > 0 { + p.ValuesFile, err = p.createNewMergedValuesFile() } else { - err := p.copyValues() - if err != nil { - return nil, err - } + p.ValuesFile, err = p.copyValuesFile() } - - // render the charts - stdout, err := p.runHelmCommand(p.getTemplateCommandArgs()) + if err != nil { + return nil, err + } + var stdout []byte + stdout, err = p.runHelmCommand(p.templateCommand()) if err != nil { return nil, err } - return p.h.ResmapFactory().NewResMapFromBytes(stdout) + rm, err = p.h.ResmapFactory().NewResMapFromBytes(stdout) + if err == nil { + return rm, nil + } + // try to remove the contents before first "---" because + // helm may produce messages to stdout before it + stdoutStr := string(stdout) + if idx := strings.Index(stdoutStr, "---"); idx != -1 { + return p.h.ResmapFactory().NewResMapFromBytes([]byte(stdoutStr[idx:])) + } + return nil, err } -func (p *HelmChartInflationGeneratorPlugin) getTemplateCommandArgs() []string { +func (p *HelmChartInflationGeneratorPlugin) templateCommand() []string { args := []string{"template"} if p.ReleaseName != "" { args = append(args, p.ReleaseName) } - args = append(args, filepath.Join(p.ChartHome, p.ChartName)) - if p.ReleaseNamespace != "" { - args = append(args, "--namespace", p.ReleaseNamespace) + args = append(args, filepath.Join(p.absChartHome(), p.Name)) + if p.ValuesFile != "" { + args = append(args, "--values", p.ValuesFile) } - if p.Values != "" { - args = append(args, "--values", p.Values) + if p.ReleaseName == "" { + // AFAICT, this doesn't work as intended due to a bug in helm. + // See https://github.com/helm/helm/issues/6019 + // I've tried placing the flag before and after the name argument. + args = append(args, "--generate-name") } - args = append(args, p.ExtraArgs...) return args } -func (p *HelmChartInflationGeneratorPlugin) getPullCommandArgs() []string { - args := []string{"pull", "--untar", "--untardir", p.ChartHome} - chartName := fmt.Sprintf("%s/%s", p.ChartRepoName, p.ChartName) - if p.ChartVersion != "" { - args = append(args, "--version", p.ChartVersion) +func (p *HelmChartInflationGeneratorPlugin) pullCommand() []string { + args := []string{ + "pull", + "--untar", + "--untardir", p.absChartHome(), + "--repo", p.Repo, + p.Name} + if p.Version != "" { + args = append(args, "--version", p.Version) } - if p.ChartRepoURL != "" { - args = append(args, "--repo", p.ChartRepoURL) - chartName = p.ChartName - } - - args = append(args, chartName) - return args } -// checkLocalChart will return true if the chart does exist in +// chartExistsLocally will return true if the chart does exist in // local chart home. -func (p *HelmChartInflationGeneratorPlugin) checkLocalChart() bool { - path := filepath.Join(p.ChartHome, p.ChartName) +func (p *HelmChartInflationGeneratorPlugin) chartExistsLocally() (string, bool) { + path := filepath.Join(p.absChartHome(), p.Name) s, err := os.Stat(path) if err != nil { - return false + return "", false } - return s.IsDir() + return path, s.IsDir() } // checkHelmVersion will return an error if the helm version is not V3 @@ -270,11 +310,17 @@ func (p *HelmChartInflationGeneratorPlugin) checkHelmVersion() error { if err != nil { return err } - r, err := regexp.Compile(`v\d+(\.\d+)+`) + r, err := regexp.Compile(`v?\d+(\.\d+)+`) if err != nil { return err } - v := string(r.Find(stdout))[1:] + v := r.FindString(string(stdout)) + if v == "" { + return fmt.Errorf("cannot find version string in %s", string(stdout)) + } + if v[0] == 'v' { + v = v[1:] + } majorVersion := strings.Split(v, ".")[0] if majorVersion != "3" { return fmt.Errorf("this plugin requires helm V3 but got v%s", v) diff --git a/vendor/sigs.k8s.io/kustomize/api/builtins/NamespaceTransformer.go b/vendor/sigs.k8s.io/kustomize/api/builtins/NamespaceTransformer.go index 0ed2796a4e..6794f26e81 100644 --- a/vendor/sigs.k8s.io/kustomize/api/builtins/NamespaceTransformer.go +++ b/vendor/sigs.k8s.io/kustomize/api/builtins/NamespaceTransformer.go @@ -30,20 +30,15 @@ func (p *NamespaceTransformerPlugin) Transform(m resmap.ResMap) error { return nil } for _, r := range m.Resources() { - empty, err := r.IsEmpty() - if err != nil { - return err - } - if empty { + if r.IsEmpty() { // Don't mutate empty objects? continue } r.StorePreviousId() - err = r.ApplyFilter(namespace.Filter{ + if err := r.ApplyFilter(namespace.Filter{ Namespace: p.Namespace, FsSlice: p.FieldSpecs, - }) - if err != nil { + }); err != nil { return err } matches := m.GetMatchingResourcesByCurrentId(r.CurId().Equals) diff --git a/vendor/sigs.k8s.io/kustomize/api/builtins/PatchStrategicMergeTransformer.go b/vendor/sigs.k8s.io/kustomize/api/builtins/PatchStrategicMergeTransformer.go index 77ebbc8aeb..f93d1266d7 100644 --- a/vendor/sigs.k8s.io/kustomize/api/builtins/PatchStrategicMergeTransformer.go +++ b/vendor/sigs.k8s.io/kustomize/api/builtins/PatchStrategicMergeTransformer.go @@ -28,45 +28,48 @@ func (p *PatchStrategicMergeTransformerPlugin) Config( return fmt.Errorf("empty file path and empty patch content") } if len(p.Paths) != 0 { - for _, onePath := range p.Paths { - // The following oddly attempts to interpret a path string as an - // actual patch (instead of as a path to a file containing a patch). - // All tests pass if this code is commented out. This code should - // be deleted; the user should use the Patches field which - // exists for this purpose (inline patch declaration). - res, err := h.ResmapFactory().RF().SliceFromBytes([]byte(onePath)) - if err == nil { - p.loadedPatches = append(p.loadedPatches, res...) - continue - } - res, err = h.ResmapFactory().RF().SliceFromPatches( - h.Loader(), []types.PatchStrategicMerge{onePath}) - if err != nil { - return err - } - p.loadedPatches = append(p.loadedPatches, res...) - } - } - if p.Patches != "" { - res, err := h.ResmapFactory().RF().SliceFromBytes([]byte(p.Patches)) + patches, err := loadFromPaths(h, p.Paths) if err != nil { return err } - p.loadedPatches = append(p.loadedPatches, res...) + p.loadedPatches = append(p.loadedPatches, patches...) + } + if p.Patches != "" { + patches, err := h.ResmapFactory().RF().SliceFromBytes([]byte(p.Patches)) + if err != nil { + return err + } + p.loadedPatches = append(p.loadedPatches, patches...) } - if len(p.loadedPatches) == 0 { return fmt.Errorf( "patch appears to be empty; files=%v, Patch=%s", p.Paths, p.Patches) } - // Merge the patches, looking for conflicts. - _, err = h.ResmapFactory().ConflatePatches(p.loadedPatches) - if err != nil { - return err - } return nil } +func loadFromPaths( + h *resmap.PluginHelpers, + paths []types.PatchStrategicMerge) ( + result []*resource.Resource, err error) { + var patches []*resource.Resource + for _, path := range paths { + // For legacy reasons, attempt to treat the path string as + // actual patch content. + patches, err = h.ResmapFactory().RF().SliceFromBytes([]byte(path)) + if err != nil { + // Failing that, treat it as a file path. + patches, err = h.ResmapFactory().RF().SliceFromPatches( + h.Loader(), []types.PatchStrategicMerge{path}) + if err != nil { + return + } + } + result = append(result, patches...) + } + return +} + func (p *PatchStrategicMergeTransformerPlugin) Transform(m resmap.ResMap) error { for _, patch := range p.loadedPatches { target, err := m.GetById(patch.OrgId()) diff --git a/vendor/sigs.k8s.io/kustomize/api/builtins/PatchTransformer.go b/vendor/sigs.k8s.io/kustomize/api/builtins/PatchTransformer.go index 0696f3e1a6..99f48e7489 100644 --- a/vendor/sigs.k8s.io/kustomize/api/builtins/PatchTransformer.go +++ b/vendor/sigs.k8s.io/kustomize/api/builtins/PatchTransformer.go @@ -21,6 +21,7 @@ type PatchTransformerPlugin struct { Path string `json:"path,omitempty" yaml:"path,omitempty"` Patch string `json:"patch,omitempty" yaml:"patch,omitempty"` Target *types.Selector `json:"target,omitempty" yaml:"target,omitempty"` + Options map[string]bool `json:"options,omitempty" yaml:"options,omitempty"` } func (p *PatchTransformerPlugin) Config( @@ -60,6 +61,12 @@ func (p *PatchTransformerPlugin) Config( } if errSM == nil { p.loadedPatch = patchSM + if p.Options["allowNameChange"] { + p.loadedPatch.SetAllowNameChange("true") + } + if p.Options["allowKindChange"] { + p.loadedPatch.SetAllowKindChange("true") + } } else { p.decodedPatch = patchJson } diff --git a/vendor/sigs.k8s.io/kustomize/api/filters/nameref/nameref.go b/vendor/sigs.k8s.io/kustomize/api/filters/nameref/nameref.go index e5a3d2635a..a048d97f12 100644 --- a/vendor/sigs.k8s.io/kustomize/api/filters/nameref/nameref.go +++ b/vendor/sigs.k8s.io/kustomize/api/filters/nameref/nameref.go @@ -1,7 +1,6 @@ package nameref import ( - "encoding/json" "fmt" "strings" @@ -11,7 +10,6 @@ import ( "sigs.k8s.io/kustomize/api/resmap" "sigs.k8s.io/kustomize/api/resource" "sigs.k8s.io/kustomize/api/types" - "sigs.k8s.io/kustomize/kyaml/filtersutil" "sigs.k8s.io/kustomize/kyaml/kio" "sigs.k8s.io/kustomize/kyaml/yaml" ) @@ -186,11 +184,7 @@ func (f Filter) recordTheReferral(referral *resource.Resource) { // getRoleRefGvk returns a Gvk in the roleRef field. Return error // if the roleRef, roleRef/apiGroup or roleRef/kind is missing. -func getRoleRefGvk(res json.Marshaler) (*resid.Gvk, error) { - n, err := filtersutil.GetRNode(res) - if err != nil { - return nil, err - } +func getRoleRefGvk(n *yaml.RNode) (*resid.Gvk, error) { roleRef, err := n.Pipe(yaml.Lookup("roleRef")) if err != nil { return nil, err @@ -276,7 +270,7 @@ func (f Filter) roleRefFilter() sieveFunc { if !strings.HasSuffix(f.NameFieldToUpdate.Path, "roleRef/name") { return acceptAll } - roleRefGvk, err := getRoleRefGvk(f.Referrer) + roleRefGvk, err := getRoleRefGvk(f.Referrer.AsRNode()) if err != nil { return acceptAll } diff --git a/vendor/sigs.k8s.io/kustomize/api/filters/namespace/namespace.go b/vendor/sigs.k8s.io/kustomize/api/filters/namespace/namespace.go index 85e56c5724..69458e198b 100644 --- a/vendor/sigs.k8s.io/kustomize/api/filters/namespace/namespace.go +++ b/vendor/sigs.k8s.io/kustomize/api/filters/namespace/namespace.go @@ -118,7 +118,6 @@ func (ns Filter) roleBindingHack(obj *yaml.RNode, meta yaml.ResourceMeta) error // add the namespace to each "subject" with name: default err = obj.VisitElements(func(o *yaml.RNode) error { - // copied from kunstruct based kustomize NamespaceTransformer plugin // The only case we need to force the namespace // if for the "service account". "default" is // kind of hardcoded here for right now. diff --git a/vendor/sigs.k8s.io/kustomize/api/filters/patchstrategicmerge/patchstrategicmerge.go b/vendor/sigs.k8s.io/kustomize/api/filters/patchstrategicmerge/patchstrategicmerge.go index 3fa532df05..1a70d19aac 100644 --- a/vendor/sigs.k8s.io/kustomize/api/filters/patchstrategicmerge/patchstrategicmerge.go +++ b/vendor/sigs.k8s.io/kustomize/api/filters/patchstrategicmerge/patchstrategicmerge.go @@ -4,7 +4,6 @@ package patchstrategicmerge import ( - "sigs.k8s.io/kustomize/api/konfig" "sigs.k8s.io/kustomize/kyaml/kio" "sigs.k8s.io/kustomize/kyaml/yaml" "sigs.k8s.io/kustomize/kyaml/yaml/merge2" @@ -29,7 +28,7 @@ func (pf Filter) Filter(nodes []*yaml.RNode) ([]*yaml.RNode, error) { if err != nil { return nil, err } - if !konfig.FlagEnableKyamlDefaultValue || r != nil { + if r != nil { result = append(result, r) } } diff --git a/vendor/sigs.k8s.io/kustomize/api/hasher/hasher.go b/vendor/sigs.k8s.io/kustomize/api/hasher/hasher.go index 36d930af69..aef436d919 100644 --- a/vendor/sigs.k8s.io/kustomize/api/hasher/hasher.go +++ b/vendor/sigs.k8s.io/kustomize/api/hasher/hasher.go @@ -20,12 +20,12 @@ func SortArrayAndComputeHash(s []string) (string, error) { if err != nil { return "", err } - return Encode(Hash(string(data))) + return encode(hex256(string(data))) } // Copied from https://github.com/kubernetes/kubernetes // /blob/master/pkg/kubectl/util/hash/hash.go -func Encode(hex string) (string, error) { +func encode(hex string) (string, error) { if len(hex) < 10 { return "", fmt.Errorf( "input length must be at least 10") @@ -48,23 +48,18 @@ func Encode(hex string) (string, error) { return string(enc), nil } -// Hash returns the hex form of the sha256 of the argument. -func Hash(data string) string { +// hex256 returns the hex form of the sha256 of the argument. +func hex256(data string) string { return fmt.Sprintf("%x", sha256.Sum256([]byte(data))) } -// HashRNode returns the hash value of input RNode -func HashRNode(node *yaml.RNode) (string, error) { - // get node kind - kindNode, err := node.Pipe(yaml.FieldMatcher{Name: "kind"}) - if err != nil { - return "", err - } - kind := kindNode.YNode().Value +// Hasher computes the hash of an RNode. +type Hasher struct{} - // calculate hash for different kinds - encoded := "" - switch kind { +// Hash returns a hash of the argument. +func (h *Hasher) Hash(node *yaml.RNode) (r string, err error) { + var encoded string + switch node.GetKind() { case "ConfigMap": encoded, err = encodeConfigMap(node) case "Secret": @@ -77,10 +72,11 @@ func HashRNode(node *yaml.RNode) (string, error) { if err != nil { return "", err } - return Encode(Hash(encoded)) + return encode(hex256(encoded)) } -func getNodeValues(node *yaml.RNode, paths []string) (map[string]interface{}, error) { +func getNodeValues( + node *yaml.RNode, paths []string) (map[string]interface{}, error) { values := make(map[string]interface{}) for _, p := range paths { vn, err := node.Pipe(yaml.Lookup(p)) @@ -117,8 +113,11 @@ func encodeConfigMap(node *yaml.RNode) (string, error) { if err != nil { return "", err } - m := map[string]interface{}{"kind": "ConfigMap", "name": values["metadata/name"], - "data": values["data"]} + m := map[string]interface{}{ + "kind": "ConfigMap", + "name": values["metadata/name"], + "data": values["data"], + } if _, ok := values["binaryData"].(map[string]interface{}); ok { m["binaryData"] = values["binaryData"] } diff --git a/vendor/sigs.k8s.io/kustomize/api/ifc/ifc.go b/vendor/sigs.k8s.io/kustomize/api/ifc/ifc.go index ee1ce0338b..9fd297478a 100644 --- a/vendor/sigs.k8s.io/kustomize/api/ifc/ifc.go +++ b/vendor/sigs.k8s.io/kustomize/api/ifc/ifc.go @@ -5,8 +5,8 @@ package ifc import ( - "sigs.k8s.io/kustomize/api/resid" "sigs.k8s.io/kustomize/api/types" + "sigs.k8s.io/kustomize/kyaml/yaml" ) // Validator provides functions to validate annotations and labels @@ -38,92 +38,10 @@ type Loader interface { Cleanup() error } -// Kunstructured represents a Kubernetes Resource Model object. -type Kunstructured interface { - // Several uses. - Copy() Kunstructured - - // GetAnnotations returns the k8s annotations. - GetAnnotations() map[string]string - - // GetData returns a top-level "data" field, as in a ConfigMap. - GetDataMap() map[string]string - - // GetData returns a top-level "binaryData" field, as in a ConfigMap. - GetBinaryDataMap() map[string]string - - // Used by ResAccumulator and ReplacementTransformer. - GetFieldValue(string) (interface{}, error) - - // Used by Resource.OrgId - GetGvk() resid.Gvk - - // Used by resource.Factory.SliceFromBytes - GetKind() string - - // GetLabels returns the k8s labels. - GetLabels() map[string]string - - // Used by Resource.CurId and resource factory. - GetName() string - - // Used by special case code in - // ResMap.SubsetThatCouldBeReferencedByResource - GetSlice(path string) ([]interface{}, error) - - // GetString returns the value of a string field. - // Used by Resource.GetNamespace - GetString(string) (string, error) - - // Several uses. - Map() (map[string]interface{}, error) - - // Used by Resource.AsYAML and Resource.String - MarshalJSON() ([]byte, error) - - // Used by resWrangler.Select - MatchesAnnotationSelector(selector string) (bool, error) - - // Used by resWrangler.Select - MatchesLabelSelector(selector string) (bool, error) - - // SetAnnotations replaces the k8s annotations. - SetAnnotations(map[string]string) - - // SetDataMap sets a top-level "data" field, as in a ConfigMap. - SetDataMap(map[string]string) - - // SetDataMap sets a top-level "binaryData" field, as in a ConfigMap. - SetBinaryDataMap(map[string]string) - // Used by PatchStrategicMergeTransformer. - SetGvk(resid.Gvk) - - // SetLabels replaces the k8s labels. - SetLabels(map[string]string) - - // SetName changes the name. - SetName(string) - - // SetNamespace changes the namespace. - SetNamespace(string) - - // Needed, for now, by kyaml/filtersutil.ApplyToJSON. - UnmarshalJSON([]byte) error -} - -// KunstructuredFactory makes instances of Kunstructured. -type KunstructuredFactory interface { - SliceFromBytes([]byte) ([]Kunstructured, error) - FromMap(m map[string]interface{}) Kunstructured - Hasher() KunstructuredHasher - MakeConfigMap(kvLdr KvLoader, args *types.ConfigMapArgs) (Kunstructured, error) - MakeSecret(kvLdr KvLoader, args *types.SecretArgs) (Kunstructured, error) -} - -// KunstructuredHasher returns a hash of the argument +// KustHasher returns a hash of the argument // or an error. -type KunstructuredHasher interface { - Hash(Kunstructured) (string, error) +type KustHasher interface { + Hash(*yaml.RNode) (string, error) } // See core.v1.SecretTypeOpaque diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/accumulator/loadconfigfromcrds.go b/vendor/sigs.k8s.io/kustomize/api/internal/accumulator/loadconfigfromcrds.go index a43f66d8fa..d48c7a9dc0 100644 --- a/vendor/sigs.k8s.io/kustomize/api/internal/accumulator/loadconfigfromcrds.go +++ b/vendor/sigs.k8s.io/kustomize/api/internal/accumulator/loadconfigfromcrds.go @@ -25,7 +25,7 @@ type OpenAPIDefinition struct { Dependencies []string } -type myProperties map[string]spec.Schema +type myProperties = map[string]spec.Schema type nameToApiMap map[string]OpenAPIDefinition // LoadConfigFromCRDs parse CRD schemas from paths into a TransformerConfig diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/conflict/factory.go b/vendor/sigs.k8s.io/kustomize/api/internal/conflict/factory.go deleted file mode 100644 index 3cfed193a1..0000000000 --- a/vendor/sigs.k8s.io/kustomize/api/internal/conflict/factory.go +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2020 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package conflict - -import ( - "sigs.k8s.io/kustomize/api/resid" - "sigs.k8s.io/kustomize/api/resource" -) - -type cdFactory struct{} - -var _ resource.ConflictDetectorFactory = &cdFactory{} - -// NewFactory returns a new conflict detector factory. -func NewFactory() resource.ConflictDetectorFactory { - return &cdFactory{} -} - -// New returns an instance of smPatchMergeOnlyDetector. -func (c cdFactory) New(_ resid.Gvk) (resource.ConflictDetector, error) { - return &smPatchMergeOnlyDetector{}, nil -} diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/conflict/smpatchmergeonlydetector.go b/vendor/sigs.k8s.io/kustomize/api/internal/conflict/smpatchmergeonlydetector.go deleted file mode 100644 index a33fdc3c38..0000000000 --- a/vendor/sigs.k8s.io/kustomize/api/internal/conflict/smpatchmergeonlydetector.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package conflict - -import ( - "sigs.k8s.io/kustomize/api/resource" -) - -// smPatchMergeOnlyDetector ignores conflicts, -// but does real strategic merge patching. -// This is part of an effort to eliminate dependence on -// apimachinery package to allow kustomize integration -// into kubectl (#2506 and #1500) -type smPatchMergeOnlyDetector struct{} - -var _ resource.ConflictDetector = &smPatchMergeOnlyDetector{} - -func (c *smPatchMergeOnlyDetector) HasConflict( - _, _ *resource.Resource) (bool, error) { - return false, nil -} - -// There's at least one case that doesn't work. Suppose one has a -// Deployment with a volume with the bizarre "emptyDir: {}" entry. -// If you want to get rid of this entry via a patch containing -// the entry "emptyDir: null", then the following won't work, -// because null entries are eliminated. -func (c *smPatchMergeOnlyDetector) MergePatches( - r, patch *resource.Resource) (*resource.Resource, error) { - err := r.ApplySmPatch(patch) - return r, err -} diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/plugins/loader/loader.go b/vendor/sigs.k8s.io/kustomize/api/internal/plugins/loader/loader.go index aaa7c36004..0cbdfbe210 100644 --- a/vendor/sigs.k8s.io/kustomize/api/internal/plugins/loader/loader.go +++ b/vendor/sigs.k8s.io/kustomize/api/internal/plugins/loader/loader.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/pkg/errors" + "sigs.k8s.io/kustomize/api/filesys" "sigs.k8s.io/kustomize/api/ifc" "sigs.k8s.io/kustomize/api/internal/plugins/builtinhelpers" "sigs.k8s.io/kustomize/api/internal/plugins/execplugin" @@ -29,11 +30,21 @@ import ( type Loader struct { pc *types.PluginConfig rf *resmap.Factory + fs filesys.FileSystem + + // absolutePluginHome caches the location of a valid plugin root directory. + // It should only be set once the directory's existence has been confirmed. + absolutePluginHome string } func NewLoader( - pc *types.PluginConfig, rf *resmap.Factory) *Loader { - return &Loader{pc: pc, rf: rf} + pc *types.PluginConfig, rf *resmap.Factory, fs filesys.FileSystem) *Loader { + return &Loader{pc: pc, rf: rf, fs: fs} +} + +// Config provides the global (not plugin specific) PluginConfig data. +func (l *Loader) Config() *types.PluginConfig { + return l.pc } func (l *Loader) LoadGenerators( @@ -95,13 +106,47 @@ func relativePluginPath(id resid.ResId) string { strings.ToLower(id.Kind)) } -func AbsolutePluginPath(pc *types.PluginConfig, id resid.ResId) string { - return filepath.Join( - pc.AbsPluginHome, relativePluginPath(id), id.Kind) +func (l *Loader) AbsolutePluginPath(id resid.ResId) (string, error) { + pluginHome, err := l.absPluginHome() + if err != nil { + return "", err + } + return filepath.Join(pluginHome, relativePluginPath(id), id.Kind), nil } -func (l *Loader) absolutePluginPath(id resid.ResId) string { - return AbsolutePluginPath(l.pc, id) +// absPluginHome is the home of kustomize Exec and Go plugins. +// Kustomize plugin configuration files are k8s-style objects +// containing the fields 'apiVersion' and 'kind', e.g. +// apiVersion: apps/v1 +// kind: Deployment +// kustomize reads plugin configuration data from a file path +// specified in the 'generators:' or 'transformers:' field of a +// kustomization file. For Exec and Go plugins, kustomize +// uses this data to both locate the plugin and configure it. +// Each Exec or Go plugin (its code, its tests, its supporting data +// files, etc.) must be housed in its own directory at +// ${absPluginHome}/${pluginApiVersion}/LOWERCASE(${pluginKind}) +// where +// - ${absPluginHome} is an absolute path, defined below. +// - ${pluginApiVersion} is taken from the plugin config file. +// - ${pluginKind} is taken from the plugin config file. +func (l *Loader) absPluginHome() (string, error) { + // External plugins are disabled--return the dummy plugin root. + if l.pc.PluginRestrictions != types.PluginRestrictionsNone { + return konfig.NoPluginHomeSentinal, nil + } + // We've already determined plugin home--use the cached value. + if l.absolutePluginHome != "" { + return l.absolutePluginHome, nil + } + + // Check default locations for a valid plugin root, and cache it if found. + dir, err := konfig.DefaultAbsPluginHome(l.fs) + if err != nil { + return "", err + } + l.absolutePluginHome = dir + return l.absolutePluginHome, nil } func isBuiltinPlugin(res *resource.Resource) bool { @@ -148,7 +193,7 @@ func (l *Loader) loadAndConfigurePlugin( if err != nil { return nil, errors.Wrapf(err, "marshalling yaml from res %s", res.OrgId()) } - err = c.Config(resmap.NewPluginHelpers(ldr, v, l.rf), yaml) + err = c.Config(resmap.NewPluginHelpers(ldr, v, l.rf, l.pc), yaml) if err != nil { return nil, errors.Wrapf( err, "plugin %s fails configuration", res.OrgId()) @@ -176,10 +221,13 @@ func (l *Loader) loadPlugin(res *resource.Resource) (resmap.Configurable, error) } func (l *Loader) loadExecOrGoPlugin(resId resid.ResId) (resmap.Configurable, error) { + absPluginPath, err := l.AbsolutePluginPath(resId) + if err != nil { + return nil, err + } // First try to load the plugin as an executable. - p := execplugin.NewExecPlugin(l.absolutePluginPath(resId)) - err := p.ErrIfNotExecutable() - if err == nil { + p := execplugin.NewExecPlugin(absPluginPath) + if err = p.ErrIfNotExecutable(); err == nil { return p, nil } if !os.IsNotExist(err) { @@ -193,7 +241,7 @@ func (l *Loader) loadExecOrGoPlugin(resId resid.ResId) (resmap.Configurable, err return nil, err } // Failing the above, try loading it as a Go plugin. - c, err := l.loadGoPlugin(resId) + c, err := l.loadGoPlugin(resId, absPluginPath+".so") if err != nil { return nil, err } @@ -208,12 +256,11 @@ func (l *Loader) loadExecOrGoPlugin(resId resid.ResId) (resmap.Configurable, err // as a Loader instance variable. So make it a package variable. var registry = make(map[string]resmap.Configurable) -func (l *Loader) loadGoPlugin(id resid.ResId) (resmap.Configurable, error) { +func (l *Loader) loadGoPlugin(id resid.ResId, absPath string) (resmap.Configurable, error) { regId := relativePluginPath(id) if c, ok := registry[regId]; ok { return copyPlugin(c), nil } - absPath := l.absolutePluginPath(id) + ".so" if !utils.FileExists(absPath) { return nil, fmt.Errorf( "expected file with Go object code at: %s", absPath) diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/plugins/utils/utils.go b/vendor/sigs.k8s.io/kustomize/api/internal/plugins/utils/utils.go index 12dd6e89f0..7fa4611914 100644 --- a/vendor/sigs.k8s.io/kustomize/api/internal/plugins/utils/utils.go +++ b/vendor/sigs.k8s.io/kustomize/api/internal/plugins/utils/utils.go @@ -34,7 +34,7 @@ func GoBin() string { // has her ${g}/${v}/$lower(${k})/${k}.go files. func DeterminePluginSrcRoot(fSys filesys.FileSystem) (string, error) { return konfig.FirstDirThatExistsElseError( - "source directory", fSys, []konfig.NotedFunc{ + "plugin src root", fSys, []konfig.NotedFunc{ { Note: "relative to unit test", F: func() string { diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget.go b/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget.go index acc3d13163..efbb71ea61 100644 --- a/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget.go +++ b/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget.go @@ -443,7 +443,10 @@ func (kt *KustTarget) configureBuiltinPlugin( err, "builtin %s marshal", bpt) } } - err = p.Config(resmap.NewPluginHelpers(kt.ldr, kt.validator, kt.rFactory), y) + err = p.Config( + resmap.NewPluginHelpers( + kt.ldr, kt.validator, kt.rFactory, kt.pLdr.Config()), + y) if err != nil { return errors.Wrapf( err, "trouble configuring builtin %s with config: `\n%s`", bpt, string(y)) diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget_configplugin.go b/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget_configplugin.go index 640cc742ad..2715af471f 100644 --- a/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget_configplugin.go +++ b/vendor/sigs.k8s.io/kustomize/api/internal/target/kusttarget_configplugin.go @@ -112,16 +112,22 @@ var generatorConfigurators = map[builtinhelpers.BuiltinPluginType]func( return }, - builtinhelpers.HelmChartInflationGenerator: func(kt *KustTarget, bpt builtinhelpers.BuiltinPluginType, f gFactory) ( + builtinhelpers.HelmChartInflationGenerator: func( + kt *KustTarget, bpt builtinhelpers.BuiltinPluginType, f gFactory) ( result []resmap.Generator, err error) { var c struct { - types.HelmChartArgs + types.HelmGlobals + types.HelmChart } - for _, args := range kt.kustomization.HelmChartInflationGenerator { - c.HelmChartArgs = args + var globals types.HelmGlobals + if kt.kustomization.HelmGlobals != nil { + globals = *kt.kustomization.HelmGlobals + } + for _, chart := range kt.kustomization.HelmCharts { + c.HelmGlobals = globals + c.HelmChart = chart p := f() - err := kt.configureBuiltinPlugin(p, c, bpt) - if err != nil { + if err = kt.configureBuiltinPlugin(p, c, bpt); err != nil { return nil, err } result = append(result, p) @@ -201,14 +207,16 @@ var transformerConfigurators = map[builtinhelpers.BuiltinPluginType]func( return } var c struct { - Path string `json:"path,omitempty" yaml:"path,omitempty"` - Patch string `json:"patch,omitempty" yaml:"patch,omitempty"` - Target *types.Selector `json:"target,omitempty" yaml:"target,omitempty"` + Path string `json:"path,omitempty" yaml:"path,omitempty"` + Patch string `json:"patch,omitempty" yaml:"patch,omitempty"` + Target *types.Selector `json:"target,omitempty" yaml:"target,omitempty"` + Options map[string]bool `json:"options,omitempty" yaml:"options,omitempty"` } for _, pc := range kt.kustomization.Patches { c.Target = pc.Target c.Patch = pc.Patch c.Path = pc.Path + c.Options = pc.Options p := f() err = kt.configureBuiltinPlugin(p, c, bpt) if err != nil { @@ -221,6 +229,31 @@ var transformerConfigurators = map[builtinhelpers.BuiltinPluginType]func( builtinhelpers.LabelTransformer: func( kt *KustTarget, bpt builtinhelpers.BuiltinPluginType, f tFactory, tc *builtinconfig.TransformerConfig) ( result []resmap.Transformer, err error) { + for _, label := range kt.kustomization.Labels { + var c struct { + Labels map[string]string + FieldSpecs []types.FieldSpec + } + c.Labels = label.Pairs + fss := types.FsSlice(label.FieldSpecs) + // merge the custom fieldSpecs with the default + if label.IncludeSelectors { + fss, err = fss.MergeAll(tc.CommonLabels) + } else { + // only add to metadata by default + fss, err = fss.MergeOne(types.FieldSpec{Path: "metadata/labels", CreateIfNotPresent: true}) + } + if err != nil { + return nil, err + } + c.FieldSpecs = fss + p := f() + err = kt.configureBuiltinPlugin(p, c, bpt) + if err != nil { + return nil, err + } + result = append(result, p) + } var c struct { Labels map[string]string FieldSpecs []types.FieldSpec diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/target/multitransformer.go b/vendor/sigs.k8s.io/kustomize/api/internal/target/multitransformer.go index 1896bdf047..caf1bd2de4 100644 --- a/vendor/sigs.k8s.io/kustomize/api/internal/target/multitransformer.go +++ b/vendor/sigs.k8s.io/kustomize/api/internal/target/multitransformer.go @@ -4,15 +4,12 @@ package target import ( - "fmt" - "sigs.k8s.io/kustomize/api/resmap" ) // multiTransformer contains a list of transformers. type multiTransformer struct { - transformers []resmap.Transformer - checkConflictEnabled bool + transformers []resmap.Transformer } var _ resmap.Transformer = &multiTransformer{} @@ -20,8 +17,8 @@ var _ resmap.Transformer = &multiTransformer{} // newMultiTransformer constructs a multiTransformer. func newMultiTransformer(t []resmap.Transformer) resmap.Transformer { r := &multiTransformer{ - transformers: make([]resmap.Transformer, len(t)), - checkConflictEnabled: false} + transformers: make([]resmap.Transformer, len(t)), + } copy(r.transformers, t) return r } @@ -29,57 +26,11 @@ func newMultiTransformer(t []resmap.Transformer) resmap.Transformer { // Transform applies the member transformers in order to the resources, // optionally detecting and erroring on commutation conflict. func (o *multiTransformer) Transform(m resmap.ResMap) error { - if o.checkConflictEnabled { - return o.transformWithCheckConflict(m) - } - return o.transform(m) -} - -func (o *multiTransformer) transform(m resmap.ResMap) error { for _, t := range o.transformers { - err := t.Transform(m) - if err != nil { + if err := t.Transform(m); err != nil { return err } - } - for _, r := range m.Resources() { - empty, err := r.IsEmpty() - if err != nil { - return err - } - if empty { - err := m.Remove(r.CurId()) - if err != nil { - return err - } - } + m.DropEmpties() } return nil } - -// Of the len(o.transformers)! possible transformer orderings, compare to a reversed order. -// A spot check to perform when the transformations are supposed to be commutative. -// Fail if there's a difference in the result. -func (o *multiTransformer) transformWithCheckConflict(m resmap.ResMap) error { - mcopy := m.DeepCopy() - err := o.transform(m) - if err != nil { - return err - } - o.reverseTransformers() - err = o.transform(mcopy) - if err != nil { - return err - } - err = m.ErrorIfNotEqualSets(mcopy) - if err != nil { - return fmt.Errorf("found conflict between different patches\n%v", err) - } - return nil -} - -func (o *multiTransformer) reverseTransformers() { - for i, j := 0, len(o.transformers)-1; i < j; i, j = i+1, j-1 { - o.transformers[i], o.transformers[j] = o.transformers[j], o.transformers[i] - } -} diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/wrappy/factory.go b/vendor/sigs.k8s.io/kustomize/api/internal/wrappy/factory.go deleted file mode 100644 index b155ed3c66..0000000000 --- a/vendor/sigs.k8s.io/kustomize/api/internal/wrappy/factory.go +++ /dev/null @@ -1,108 +0,0 @@ -// Copyright 2020 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package wrappy - -import ( - "fmt" - - "sigs.k8s.io/kustomize/api/hasher" - "sigs.k8s.io/kustomize/api/ifc" - "sigs.k8s.io/kustomize/api/internal/generators" - "sigs.k8s.io/kustomize/api/konfig" - "sigs.k8s.io/kustomize/api/types" - "sigs.k8s.io/kustomize/kyaml/filtersutil" - "sigs.k8s.io/kustomize/kyaml/kio" - "sigs.k8s.io/kustomize/kyaml/yaml" -) - -// WNodeFactory makes instances of WNode. -// -// These instances in turn adapt -// sigs.k8s.io/kustomize/kyaml/yaml.RNode -// to implement ifc.Unstructured. -// This factory is meant to implement ifc.KunstructuredFactory. -// -// This implementation should be thin, as both WNode and WNodeFactory must be -// factored away (deleted) along with ifc.Kunstructured in favor of direct use -// of RNode methods upon completion of -// https://github.com/kubernetes-sigs/kustomize/issues/2506. -// -// See also api/krusty/internal/provider/depprovider.go -type WNodeFactory struct { -} - -var _ ifc.KunstructuredFactory = (*WNodeFactory)(nil) - -func (k *WNodeFactory) SliceFromBytes(bs []byte) ([]ifc.Kunstructured, error) { - yamlRNodes, err := kio.FromBytes(bs) - if err != nil { - return nil, err - } - var result []ifc.Kunstructured - for i := range yamlRNodes { - rn := yamlRNodes[i] - meta, err := rn.GetValidatedMetadata() - if err != nil { - return nil, err - } - if !shouldDropObject(meta) { - if foundNil, path := rn.HasNilEntryInList(); foundNil { - return nil, fmt.Errorf("empty item at %v in object %v", path, rn) - } - result = append(result, FromRNode(rn)) - } - } - return result, nil -} - -// shouldDropObject returns true if the resource should not be accumulated. -func shouldDropObject(m yaml.ResourceMeta) bool { - _, y := m.ObjectMeta.Annotations[konfig.IgnoredByKustomizeAnnotation] - return y -} - -func (k *WNodeFactory) FromMap(m map[string]interface{}) ifc.Kunstructured { - rn, err := FromMap(m) - if err != nil { - // TODO(#WNodeFactory): handle or bubble error" - panic(err) - } - return rn -} - -// kustHash computes a hash of an unstructured object. -type kustHash struct{} - -// Hash returns a hash of the given object -func (h *kustHash) Hash(m ifc.Kunstructured) (string, error) { - node, err := filtersutil.GetRNode(m) - if err != nil { - return "", err - } - return hasher.HashRNode(node) -} - -func (k *WNodeFactory) Hasher() ifc.KunstructuredHasher { - return &kustHash{} -} - -// MakeConfigMap makes a wrapped configmap. -func (k *WNodeFactory) MakeConfigMap( - ldr ifc.KvLoader, args *types.ConfigMapArgs) (ifc.Kunstructured, error) { - rn, err := generators.MakeConfigMap(ldr, args) - if err != nil { - return nil, err - } - return FromRNode(rn), nil -} - -// MakeSecret makes a wrapped secret. -func (k *WNodeFactory) MakeSecret( - ldr ifc.KvLoader, args *types.SecretArgs) (ifc.Kunstructured, error) { - rn, err := generators.MakeSecret(ldr, args) - if err != nil { - return nil, err - } - return FromRNode(rn), nil -} diff --git a/vendor/sigs.k8s.io/kustomize/api/internal/wrappy/wnode.go b/vendor/sigs.k8s.io/kustomize/api/internal/wrappy/wnode.go deleted file mode 100644 index 81a35d1745..0000000000 --- a/vendor/sigs.k8s.io/kustomize/api/internal/wrappy/wnode.go +++ /dev/null @@ -1,292 +0,0 @@ -// Copyright 2020 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package wrappy - -import ( - "fmt" - "log" - "regexp" - "strconv" - "strings" - - "sigs.k8s.io/kustomize/api/ifc" - "sigs.k8s.io/kustomize/api/resid" - "sigs.k8s.io/kustomize/kyaml/yaml" -) - -// WNode implements ifc.Kunstructured using yaml.RNode. -// -// It exists only to help manage a switch from -// kunstruct.UnstructAdapter to yaml.RNode as the core -// representation of KRM objects in kustomize. -// -// It's got a silly name because we don't want it around for long, -// and want its use to be obvious. -type WNode struct { - node *yaml.RNode -} - -var _ ifc.Kunstructured = (*WNode)(nil) - -func NewWNode() *WNode { - return FromRNode(yaml.NewRNode(nil)) -} - -func FromMap(m map[string]interface{}) (*WNode, error) { - n, err := yaml.FromMap(m) - if err != nil { - return nil, err - } - return FromRNode(n), nil -} - -func FromRNode(node *yaml.RNode) *WNode { - return &WNode{node: node} -} - -func (wn *WNode) AsRNode() *yaml.RNode { - return wn.node -} - -func (wn *WNode) demandMetaData(label string) yaml.ResourceMeta { - meta, err := wn.node.GetMeta() - if err != nil { - // Log and die since interface doesn't allow error. - log.Fatalf("for %s', expected valid resource: %v", label, err) - } - return meta -} - -// Copy implements ifc.Kunstructured. -func (wn *WNode) Copy() ifc.Kunstructured { - return &WNode{node: wn.node.Copy()} -} - -// GetAnnotations implements ifc.Kunstructured. -func (wn *WNode) GetAnnotations() map[string]string { - return wn.demandMetaData("GetAnnotations").Annotations -} - -// convertSliceIndex traverses the items in `fields` and find -// if there is a slice index in the item and change it to a -// valid Lookup field path. For example, 'ports[0]' will be -// converted to 'ports' and '0'. -func convertSliceIndex(fields []string) []string { - var res []string - for _, s := range fields { - if !strings.HasSuffix(s, "]") { - res = append(res, s) - continue - } - re := regexp.MustCompile(`^(.*)\[(\d+)\]$`) - groups := re.FindStringSubmatch(s) - if len(groups) == 0 { - // no match, add to result - res = append(res, s) - continue - } - if groups[1] != "" { - res = append(res, groups[1]) - } - res = append(res, groups[2]) - } - return res -} - -// GetFieldValue implements ifc.Kunstructured. -func (wn *WNode) GetFieldValue(path string) (interface{}, error) { - fields := convertSliceIndex(strings.Split(path, ".")) - rn, err := wn.node.Pipe(yaml.Lookup(fields...)) - if err != nil { - return nil, err - } - if rn == nil { - return nil, NoFieldError{path} - } - yn := rn.YNode() - - // If this is an alias node, resolve it - if yn.Kind == yaml.AliasNode { - yn = yn.Alias - } - - // Return value as map for DocumentNode and MappingNode kinds - if yn.Kind == yaml.DocumentNode || yn.Kind == yaml.MappingNode { - var result map[string]interface{} - if err := yn.Decode(&result); err != nil { - return nil, err - } - return result, err - } - - // Return value as slice for SequenceNode kind - if yn.Kind == yaml.SequenceNode { - var result []interface{} - if err := yn.Decode(&result); err != nil { - return nil, err - } - return result, nil - } - if yn.Kind != yaml.ScalarNode { - return nil, fmt.Errorf("expected ScalarNode, got Kind=%d", yn.Kind) - } - - // TODO: When doing kustomize var replacement, which is likely a - // a primary use of this function and the reason it returns interface{} - // rather than string, we do conversion from Nodes to Go types and back - // to nodes. We should figure out how to do replacement using raw nodes, - // assuming we keep the var feature in kustomize. - // The other end of this is: refvar.go:updateNodeValue. - switch yn.Tag { - case yaml.NodeTagString: - return yn.Value, nil - case yaml.NodeTagInt: - return strconv.Atoi(yn.Value) - case yaml.NodeTagFloat: - return strconv.ParseFloat(yn.Value, 64) - case yaml.NodeTagBool: - return strconv.ParseBool(yn.Value) - default: - // Possibly this should be an error or log. - return yn.Value, nil - } -} - -// GetGvk implements ifc.Kunstructured. -func (wn *WNode) GetGvk() resid.Gvk { - meta := wn.demandMetaData("GetGvk") - g, v := resid.ParseGroupVersion(meta.APIVersion) - return resid.Gvk{Group: g, Version: v, Kind: meta.Kind} -} - -// GetDataMap implements ifc.Kunstructured. -func (wn *WNode) GetDataMap() map[string]string { - return wn.node.GetDataMap() -} - -// SetDataMap implements ifc.Kunstructured. -func (wn *WNode) SetDataMap(m map[string]string) { - wn.node.SetDataMap(m) -} - -// GetBinaryDataMap implements ifc.Kunstructured. -func (wn *WNode) GetBinaryDataMap() map[string]string { - return wn.node.GetBinaryDataMap() -} - -// SetBinaryDataMap implements ifc.Kunstructured. -func (wn *WNode) SetBinaryDataMap(m map[string]string) { - wn.node.SetBinaryDataMap(m) -} - -// GetKind implements ifc.Kunstructured. -func (wn *WNode) GetKind() string { - return wn.demandMetaData("GetKind").Kind -} - -// GetLabels implements ifc.Kunstructured. -func (wn *WNode) GetLabels() map[string]string { - return wn.demandMetaData("GetLabels").Labels -} - -// GetName implements ifc.Kunstructured. -func (wn *WNode) GetName() string { - return wn.demandMetaData("GetName").Name -} - -// GetSlice implements ifc.Kunstructured. -func (wn *WNode) GetSlice(path string) ([]interface{}, error) { - value, err := wn.GetFieldValue(path) - if err != nil { - return nil, err - } - if sliceValue, ok := value.([]interface{}); ok { - return sliceValue, nil - } - return nil, fmt.Errorf("node %s is not a slice", path) -} - -// GetSlice implements ifc.Kunstructured. -func (wn *WNode) GetString(path string) (string, error) { - value, err := wn.GetFieldValue(path) - if err != nil { - return "", err - } - if v, ok := value.(string); ok { - return v, nil - } - return "", fmt.Errorf("node %s is not a string: %v", path, value) -} - -// Map implements ifc.Kunstructured. -func (wn *WNode) Map() (map[string]interface{}, error) { - return wn.node.Map() -} - -// MarshalJSON implements ifc.Kunstructured. -func (wn *WNode) MarshalJSON() ([]byte, error) { - return wn.node.MarshalJSON() -} - -// MatchesAnnotationSelector implements ifc.Kunstructured. -func (wn *WNode) MatchesAnnotationSelector(selector string) (bool, error) { - return wn.node.MatchesAnnotationSelector(selector) -} - -// MatchesLabelSelector implements ifc.Kunstructured. -func (wn *WNode) MatchesLabelSelector(selector string) (bool, error) { - return wn.node.MatchesLabelSelector(selector) -} - -// SetAnnotations implements ifc.Kunstructured. -func (wn *WNode) SetAnnotations(annotations map[string]string) { - if err := wn.node.SetAnnotations(annotations); err != nil { - log.Fatal(err) // interface doesn't allow error. - } -} - -// SetGvk implements ifc.Kunstructured. -func (wn *WNode) SetGvk(gvk resid.Gvk) { - wn.setMapField(yaml.NewScalarRNode(gvk.Kind), yaml.KindField) - wn.setMapField(yaml.NewScalarRNode(gvk.ApiVersion()), yaml.APIVersionField) -} - -// SetLabels implements ifc.Kunstructured. -func (wn *WNode) SetLabels(labels map[string]string) { - if err := wn.node.SetLabels(labels); err != nil { - log.Fatal(err) // interface doesn't allow error. - } -} - -// SetName implements ifc.Kunstructured. -func (wn *WNode) SetName(name string) { - wn.setMapField(yaml.NewScalarRNode(name), yaml.MetadataField, yaml.NameField) -} - -// SetNamespace implements ifc.Kunstructured. -func (wn *WNode) SetNamespace(ns string) { - if err := wn.node.SetNamespace(ns); err != nil { - log.Fatal(err) // interface doesn't allow error. - } -} - -func (wn *WNode) setMapField(value *yaml.RNode, path ...string) { - if err := wn.node.SetMapField(value, path...); err != nil { - // Log and die since interface doesn't allow error. - log.Fatalf("failed to set field %v: %v", path, err) - } -} - -// UnmarshalJSON implements ifc.Kunstructured. -func (wn *WNode) UnmarshalJSON(data []byte) error { - return wn.node.UnmarshalJSON(data) -} - -type NoFieldError struct { - Field string -} - -func (e NoFieldError) Error() string { - return fmt.Sprintf("no field named '%s'", e.Field) -} diff --git a/vendor/sigs.k8s.io/kustomize/api/konfig/builtinpluginconsts/namespace.go b/vendor/sigs.k8s.io/kustomize/api/konfig/builtinpluginconsts/namespace.go index 2a922b25a8..a35ef9c6f7 100644 --- a/vendor/sigs.k8s.io/kustomize/api/konfig/builtinpluginconsts/namespace.go +++ b/vendor/sigs.k8s.io/kustomize/api/konfig/builtinpluginconsts/namespace.go @@ -19,5 +19,8 @@ namespace: group: apiregistration.k8s.io kind: APIService create: true +- path: spec/conversion/webhook/clientConfig/service/namespace + group: apiextensions.k8s.io + kind: CustomResourceDefinition ` ) diff --git a/vendor/sigs.k8s.io/kustomize/api/konfig/general.go b/vendor/sigs.k8s.io/kustomize/api/konfig/general.go index 40167bae09..6c86391df9 100644 --- a/vendor/sigs.k8s.io/kustomize/api/konfig/general.go +++ b/vendor/sigs.k8s.io/kustomize/api/konfig/general.go @@ -19,31 +19,7 @@ func DefaultKustomizationFileName() string { return RecognizedKustomizationFileNames()[0] } -// IfApiMachineryElseKyaml returns true if executing the apimachinery code -// path, else we're executing the kyaml code paths. -func IfApiMachineryElseKyaml(s1, s2 string) string { - if !FlagEnableKyamlDefaultValue { - return s1 - } - return s2 -} - const ( - // FlagEnableKyamlDefaultValue is the default value for the --enable_kyaml - // flag. This value is also used in unit tests. See provider.DepProvider. - // - // TODO(#3588): Delete this constant. - // - // All tests should pass for either true or false values - // of this constant, without having to check its value. - // In the cases where there's a different outcome, either decide - // that the difference is acceptable, or make the difference go away. - // - // Historically, tests passed for enable_kyaml == false, i.e. using - // apimachinery libs. This doesn't mean the code was better, it just - // means regression tests preserved those outcomes. - FlagEnableKyamlDefaultValue = true - // An environment variable to consult for kustomization // configuration data. See: // https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html diff --git a/vendor/sigs.k8s.io/kustomize/api/konfig/plugins.go b/vendor/sigs.k8s.io/kustomize/api/konfig/plugins.go index a42e5e296a..0615f1768f 100644 --- a/vendor/sigs.k8s.io/kustomize/api/konfig/plugins.go +++ b/vendor/sigs.k8s.io/kustomize/api/konfig/plugins.go @@ -41,32 +41,6 @@ const ( NoPluginHomeSentinal = "/No/non-builtin/plugins!" ) -func EnabledPluginConfig(b types.BuiltinPluginLoadingOptions) (*types.PluginConfig, error) { - dir, err := DefaultAbsPluginHome(filesys.MakeFsOnDisk()) - if err != nil { - return nil, err - } - return MakePluginConfig(types.PluginRestrictionsNone, b, dir), nil -} - -func DisabledPluginConfig() *types.PluginConfig { - return MakePluginConfig( - types.PluginRestrictionsBuiltinsOnly, - types.BploUseStaticallyLinked, - NoPluginHomeSentinal) -} - -func MakePluginConfig( - pr types.PluginRestrictions, - b types.BuiltinPluginLoadingOptions, - home string) *types.PluginConfig { - return &types.PluginConfig{ - PluginRestrictions: pr, - AbsPluginHome: home, - BpLoadingOptions: b, - } -} - type NotedFunc struct { Note string F func() string @@ -77,7 +51,7 @@ type NotedFunc struct { // the home of kustomize plugins. func DefaultAbsPluginHome(fSys filesys.FileSystem) (string, error) { return FirstDirThatExistsElseError( - "plugin home directory", fSys, []NotedFunc{ + "plugin root", fSys, []NotedFunc{ { Note: "homed in $" + KustomizePluginHomeEnv, F: func() string { @@ -87,9 +61,11 @@ func DefaultAbsPluginHome(fSys filesys.FileSystem) (string, error) { { Note: "homed in $" + XdgConfigHomeEnv, F: func() string { - return filepath.Join( - os.Getenv(XdgConfigHomeEnv), - ProgramName, RelPluginHome) + if root := os.Getenv(XdgConfigHomeEnv); root != "" { + return filepath.Join(root, ProgramName, RelPluginHome) + } + // do not look in "kustomize/plugin" if XdgConfigHomeEnv is unset + return "" }, }, { @@ -118,11 +94,14 @@ func FirstDirThatExistsElseError( pathFuncs []NotedFunc) (string, error) { var nope []types.Pair for _, dt := range pathFuncs { - dir := dt.F() - if fSys.Exists(dir) { - return dir, nil + if dir := dt.F(); dir != "" { + if fSys.Exists(dir) { + return dir, nil + } + nope = append(nope, types.Pair{Key: dt.Note, Value: dir}) + } else { + nope = append(nope, types.Pair{Key: dt.Note, Value: ""}) } - nope = append(nope, types.Pair{Key: dt.Note, Value: dir}) } return "", types.NewErrUnableToFind(what, nope) } diff --git a/vendor/sigs.k8s.io/kustomize/api/krusty/kustomizer.go b/vendor/sigs.k8s.io/kustomize/api/krusty/kustomizer.go index 8120f9351f..08af7ee753 100644 --- a/vendor/sigs.k8s.io/kustomize/api/krusty/kustomizer.go +++ b/vendor/sigs.k8s.io/kustomize/api/krusty/kustomizer.go @@ -36,7 +36,7 @@ type Kustomizer struct { func MakeKustomizer(o *Options) *Kustomizer { return &Kustomizer{ options: o, - depProvider: provider.NewDepProvider(o.UseKyaml), + depProvider: provider.NewDepProvider(), } } @@ -52,9 +52,7 @@ func MakeKustomizer(o *Options) *Kustomizer { // and Run can be called on each of them). func (b *Kustomizer) Run( fSys filesys.FileSystem, path string) (resmap.ResMap, error) { - resmapFactory := resmap.NewFactory( - b.depProvider.GetResourceFactory(), - b.depProvider.GetConflictDetectorFactory()) + resmapFactory := resmap.NewFactory(b.depProvider.GetResourceFactory()) lr := fLdr.RestrictionNone if b.options.LoadRestrictions == types.LoadRestrictionsRootOnly { lr = fLdr.RestrictionRootOnly @@ -68,7 +66,8 @@ func (b *Kustomizer) Run( ldr, b.depProvider.GetFieldValidator(), resmapFactory, - pLdr.NewLoader(b.options.PluginConfig, resmapFactory), + // The plugin configs are always located on disk, regardless of the fSys passed in + pLdr.NewLoader(b.options.PluginConfig, resmapFactory, filesys.MakeFsOnDisk()), ) err = kt.Load() if err != nil { diff --git a/vendor/sigs.k8s.io/kustomize/api/krusty/options.go b/vendor/sigs.k8s.io/kustomize/api/krusty/options.go index 91d7fac053..438f6c1029 100644 --- a/vendor/sigs.k8s.io/kustomize/api/krusty/options.go +++ b/vendor/sigs.k8s.io/kustomize/api/krusty/options.go @@ -5,7 +5,6 @@ package krusty import ( "sigs.k8s.io/kustomize/api/internal/plugins/builtinhelpers" - "sigs.k8s.io/kustomize/api/konfig" "sigs.k8s.io/kustomize/api/types" ) @@ -33,37 +32,19 @@ type Options struct { // Options related to kustomize plugins. PluginConfig *types.PluginConfig - - // TODO(#3588): Delete this field (it's always true). - // When true, use kyaml/ packages to manipulate KRM yaml. - // When false, use k8sdeps/ instead (uses k8s.io/api* packages). - UseKyaml bool - - // When true, allow name and kind changing via a patch - // When false, patch name/kind don't overwrite target name/kind - AllowResourceIdChanges bool } // MakeDefaultOptions returns a default instance of Options. func MakeDefaultOptions() *Options { return &Options{ - DoLegacyResourceSort: false, - AddManagedbyLabel: false, - LoadRestrictions: types.LoadRestrictionsRootOnly, - DoPrune: false, - PluginConfig: konfig.DisabledPluginConfig(), - UseKyaml: konfig.FlagEnableKyamlDefaultValue, - AllowResourceIdChanges: false, + DoLegacyResourceSort: false, + AddManagedbyLabel: false, + LoadRestrictions: types.LoadRestrictionsRootOnly, + DoPrune: false, + PluginConfig: types.DisabledPluginConfig(), } } -func (o Options) IfApiMachineryElseKyaml(s1, s2 string) string { - if !o.UseKyaml { - return s1 - } - return s2 -} - // GetBuiltinPluginNames returns a list of builtin plugin names func GetBuiltinPluginNames() []string { var ret []string diff --git a/vendor/sigs.k8s.io/kustomize/api/loader/fileloader.go b/vendor/sigs.k8s.io/kustomize/api/loader/fileloader.go index 9e8412de4c..e0fa2807f5 100644 --- a/vendor/sigs.k8s.io/kustomize/api/loader/fileloader.go +++ b/vendor/sigs.k8s.io/kustomize/api/loader/fileloader.go @@ -319,7 +319,6 @@ func (fl *fileLoader) Load(path string) ([]byte, error) { } return body, nil } - if !filepath.IsAbs(path) { path = fl.root.Join(path) } diff --git a/vendor/sigs.k8s.io/kustomize/api/provider/depprovider.go b/vendor/sigs.k8s.io/kustomize/api/provider/depprovider.go index 4bd567f3ee..0102c89ce0 100644 --- a/vendor/sigs.k8s.io/kustomize/api/provider/depprovider.go +++ b/vendor/sigs.k8s.io/kustomize/api/provider/depprovider.go @@ -4,198 +4,39 @@ package provider import ( - "log" - + "sigs.k8s.io/kustomize/api/hasher" "sigs.k8s.io/kustomize/api/ifc" - "sigs.k8s.io/kustomize/api/internal/conflict" "sigs.k8s.io/kustomize/api/internal/validate" - "sigs.k8s.io/kustomize/api/internal/wrappy" - "sigs.k8s.io/kustomize/api/konfig" "sigs.k8s.io/kustomize/api/resource" ) -// DepProvider is a dependency provider. -// -// The instances it returns are either -// - old implementations backed by k8sdeps code, -// - new implementations backed by kyaml code. -// -// History: -// -// kubectl depends on k8s.io code, and at the time of writing, so -// does kustomize. Code that imports k8s.io/api* cannot be imported -// back into k8s.io/*, yet kustomize appears inside k8s.io/kubectl. -// -// To allow kustomize to appear inside kubectl, yet still be developed -// outside kubectl, the kustomize code was divided into the following -// packages -// -// api/ -// k8sdeps/ (and internal/ks8deps/) -// ifc/ -// krusty/ -// everythingElse/ -// -// with the following rules: -// -// - Only k8sdeps/ may import k8s.io/api*. -// -// - Only krusty/ (and its internals) may import k8sdeps/. -// I.e., ifc/ and everythingElse/ must not -// import k8sdeps/ or k8s.io/api*. -// -// - Code in krusty/ may use code in k8sdeps/ to create -// objects then inject said objects into -// everythingElse/ behind dependency neutral interfaces. -// -// The idea was to periodically copy, not import, the large k8sdeps/ -// tree (plus a snippet from krusty/kustomizer.go) into the kubectl -// codebase via a large PR, and have kubectl depend on the rest via -// normal importing. -// -// Over 2019, however, kubectl underwent large changes including -// a switch to Go modules, and a concerted attempt to extract kubectl -// from the k8s repo. This made large kustomize integration PRs too -// intrusive to review. -// -// In 2020, kubectl is based on Go modules, and almost entirely -// extracted from the k8s.io repositories, and further the kyaml -// library has a appeared as a viable replacement to k8s.io/api* -// KRM manipulation code. -// -// The new plan is to eliminate k8sdeps/ entirely, along with its -// k8s.io/api* dependence, allowing kustomize code to be imported -// into kubectl via normal Go module imports. Then the kustomize API -// code can then move into the github.com/kubernetes-sigs/cli-utils -// repo. The kustomize CLI in github.com/kubernetes-sigs/kustomize -// and the kubectl CLI can then both depend on the kustomize API. -// -// So, all code that depends on k8sdeps must go behind interfaces, -// and kustomize must be factored to choose the implementation. -// -// That problem has been reduced to three interfaces, each having -// two implementations. (1) is k8sdeps-based, (2) is kyaml-based. -// -// - ifc.Kunstructured -// -// 1) api/k8sdeps/kunstruct.UnstructAdapter -// -// This adapts structs in -// k8s.io/apimachinery/pkg/apis/meta/v1/unstructured -// to ifc.Kunstructured. -// -// 2) api/wrappy.WNode -// -// This adapts sigs.k8s.io/kustomize/kyaml/yaml.RNode -// to ifc.Unstructured. -// -// At time of writing, implementation started. -// Further reducing the size of ifc.Kunstructed -// would really reduce the work -// (e.g. drop Vars, drop ReplacementTranformer). -// -// - resource.ConflictDetector -// -// 1) api/internal/k8sdeps/conflict.conflictDetectorJson -// api/internal/k8sdeps/conflict.conflictDetectorSm -// -// Uses k8s.io/apimachinery/pkg/util/strategicpatch, -// apimachinery/pkg/util/mergepatch, etc. to merge -// resource.Resource instances. -// -// 2) api/internal/conflict.smPatchMergeOnlyDetector -// -// At time of writing, this doesn't report conflicts, -// but it does know how to merge patches. Conflict -// reporting isn't vital to kustomize function. It's -// rare that a person would configure one transformer -// with many patches, much less so many that it became -// hard to spot conflicts. In the case of an undetected -// conflict, the last patch applied wins, likely what -// the user wants anyway. Regardless, the effect of this -// is plainly visible and usable in the output, even if -// a conflict happened but wasn't reported as an error. -// -// - ifc.Validator -// -// 1) api/k8sdeps/validator.KustValidator -// -// Uses k8s.io/apimachinery/pkg/api/validation and -// friends to validate strings. -// -// 2) api/internal/validate.FieldValidator -// -// See TODO inside the validator for status. -// At time of writing, this is a do-nothing -// validator as it's not critical to kustomize function. -// -// Proposed plan: -// [x] Ship kustomize with the ability to switch from 1 to 2 via -// an --enable_kyaml flag. -// [x] Make --enable_kyaml true by default. -// [x] When 2 is not noticeably more buggy than 1, delete 1. -// I.e. delete k8sdeps/, transitively deleting all k8s.io/api* deps. -// This DepProvider should be left in place to retain these -// comments, but it will have only one choice. -// [x] The way is now clear to reintegrate into kubectl. -// This should be done ASAP; the last step is cleanup. -// [ ] Cleanup. With only one impl of Kunstructure remaining, -// that interface and WNode can be deleted, along with this -// DepProvider. The other two interfaces could be dropped too. -// -// When the above is done, kustomize will use yaml.RNode and/or -// KRM Config Functions directly and exclusively. -// If you're reading this, plan not done. -// +// DepProvider is a dependency provider, injecting different +// implementations depending on the context. type DepProvider struct { - kFactory ifc.KunstructuredFactory - resourceFactory *resource.Factory - conflictDectectorFactory resource.ConflictDetectorFactory - fieldValidator ifc.Validator + resourceFactory *resource.Factory + // implemented by api/internal/validate.FieldValidator + // See TODO inside the validator for status. + // At time of writing, this is a do-nothing + // validator as it's not critical to kustomize function. + fieldValidator ifc.Validator } -// The dependencies this method needs have been deleted - -// see comments above. This method will be deleted -// along with DepProvider in the final step. -func makeK8sdepBasedInstances() *DepProvider { - log.Fatal("This binary cannot use k8s.io code; it must use kyaml.") - return nil -} - -func makeKyamlBasedInstances() *DepProvider { - kf := &wrappy.WNodeFactory{} - rf := resource.NewFactory(kf) +func NewDepProvider() *DepProvider { + rf := resource.NewFactory(&hasher.Hasher{}) return &DepProvider{ - kFactory: kf, - resourceFactory: rf, - conflictDectectorFactory: conflict.NewFactory(), - fieldValidator: validate.NewFieldValidator(), + resourceFactory: rf, + fieldValidator: validate.NewFieldValidator(), } } -func NewDepProvider(useKyaml bool) *DepProvider { - if useKyaml { - return makeKyamlBasedInstances() - } - return makeK8sdepBasedInstances() -} - func NewDefaultDepProvider() *DepProvider { - return NewDepProvider(konfig.FlagEnableKyamlDefaultValue) -} - -func (dp *DepProvider) GetKunstructuredFactory() ifc.KunstructuredFactory { - return dp.kFactory + return NewDepProvider() } func (dp *DepProvider) GetResourceFactory() *resource.Factory { return dp.resourceFactory } -func (dp *DepProvider) GetConflictDetectorFactory() resource.ConflictDetectorFactory { - return dp.conflictDectectorFactory -} - func (dp *DepProvider) GetFieldValidator() ifc.Validator { return dp.fieldValidator } diff --git a/vendor/sigs.k8s.io/kustomize/api/resid/gvk.go b/vendor/sigs.k8s.io/kustomize/api/resid/gvk.go index 70f7107386..b112151d38 100644 --- a/vendor/sigs.k8s.io/kustomize/api/resid/gvk.go +++ b/vendor/sigs.k8s.io/kustomize/api/resid/gvk.go @@ -36,6 +36,14 @@ func ParseGroupVersion(apiVersion string) (group, version string) { // GvkFromString makes a Gvk from the output of Gvk.String(). func GvkFromString(s string) Gvk { values := strings.Split(s, fieldSep) + if len(values) != 3 { + // ...then the string didn't come from Gvk.String(). + return Gvk{ + Group: noGroup, + Version: noVersion, + Kind: noKind, + } + } g := values[0] if g == noGroup { g = "" @@ -213,7 +221,10 @@ func (x Gvk) toKyamlTypeMeta() yaml.TypeMeta { } } -// IsNamespaceableKind returns true if x is a namespaceable Gvk +// IsNamespaceableKind returns true if x is a namespaceable Gvk, +// e.g. instances of Pod and Deployment are namespaceable, +// but instances of Node and Namespace are not namespaceable. +// Alternative name for this method: IsNotClusterScoped. // Implements https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#not-all-objects-are-in-a-namespace func (x Gvk) IsNamespaceableKind() bool { isNamespaceScoped, found := openapi.IsNamespaceScoped(x.toKyamlTypeMeta()) diff --git a/vendor/sigs.k8s.io/kustomize/api/resmap/factory.go b/vendor/sigs.k8s.io/kustomize/api/resmap/factory.go index a93b0ad6c6..9ec0fe3967 100644 --- a/vendor/sigs.k8s.io/kustomize/api/resmap/factory.go +++ b/vendor/sigs.k8s.io/kustomize/api/resmap/factory.go @@ -16,14 +16,11 @@ import ( type Factory struct { // Makes resources. resF *resource.Factory - // Makes ConflictDetectors. - cdf resource.ConflictDetectorFactory } // NewFactory returns a new resmap.Factory. -func NewFactory( - rf *resource.Factory, cdf resource.ConflictDetectorFactory) *Factory { - return &Factory{resF: rf, cdf: cdf} +func NewFactory(rf *resource.Factory) *Factory { + return &Factory{resF: rf} } // RF returns a resource.Factory. @@ -126,13 +123,6 @@ func (rmF *Factory) FromSecretArgs( return rmF.FromResource(res), nil } -// ConflatePatches creates a new ResMap containing a merger of the -// incoming patches. -// Error if conflict found. -func (rmF *Factory) ConflatePatches(patches []*resource.Resource) (ResMap, error) { - return (&merginator{cdf: rmF.cdf}).ConflatePatches(patches) -} - func newResMapFromResourceSlice( resources []*resource.Resource) (ResMap, error) { result := New() @@ -146,18 +136,10 @@ func newResMapFromResourceSlice( } // NewResMapFromRNodeSlice returns a ResMap from a slice of RNodes -func (rmF *Factory) NewResMapFromRNodeSlice(rnodes []*yaml.RNode) (ResMap, error) { - var resources []*resource.Resource - for _, rnode := range rnodes { - s, err := rnode.String() - if err != nil { - return nil, err - } - r, err := rmF.resF.SliceFromBytes([]byte(s)) - if err != nil { - return nil, err - } - resources = append(resources, r...) +func (rmF *Factory) NewResMapFromRNodeSlice(s []*yaml.RNode) (ResMap, error) { + rs, err := rmF.resF.ResourcesFromRNodes(s) + if err != nil { + return nil, err } - return newResMapFromResourceSlice(resources) + return newResMapFromResourceSlice(rs) } diff --git a/vendor/sigs.k8s.io/kustomize/api/resmap/merginator.go b/vendor/sigs.k8s.io/kustomize/api/resmap/merginator.go deleted file mode 100644 index c09b5aacb2..0000000000 --- a/vendor/sigs.k8s.io/kustomize/api/resmap/merginator.go +++ /dev/null @@ -1,123 +0,0 @@ -// Copyright 2020 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package resmap - -import ( - "fmt" - - "sigs.k8s.io/kustomize/api/resource" -) - -// merginator coordinates merging the resources in incoming to the result. -type merginator struct { - incoming []*resource.Resource - cdf resource.ConflictDetectorFactory - result ResMap -} - -func (m *merginator) ConflatePatches(in []*resource.Resource) (ResMap, error) { - m.result = New() - m.incoming = in - for index := range m.incoming { - alreadyInResult, err := m.appendIfNoMatch(index) - if err != nil { - return nil, err - } - if alreadyInResult != nil { - // The resource at index has the same resId as a previously - // considered resource. - // - // If they conflict with each other (e.g. they both want to change - // the image name in a Deployment, but to different values), - // return an error. - // - // If they don't conflict, then merge them into a single resource, - // since they both target the same item, and we want cumulative - // behavior. E.g. say both patches modify a map. Without a merge, - // the last patch wins, replacing the entire map. - err = m.mergeWithExisting(index, alreadyInResult) - if err != nil { - return nil, err - } - } - } - return m.result, nil -} - -func (m *merginator) appendIfNoMatch(index int) (*resource.Resource, error) { - candidate := m.incoming[index] - matchedResources := m.result.GetMatchingResourcesByAnyId( - candidate.OrgId().Equals) - if len(matchedResources) == 0 { - m.result.Append(candidate) - return nil, nil - } - if len(matchedResources) > 1 { - return nil, fmt.Errorf("multiple resources targeted by patch") - } - return matchedResources[0], nil -} - -func (m *merginator) mergeWithExisting( - index int, alreadyInResult *resource.Resource) error { - candidate := m.incoming[index] - cd, err := m.cdf.New(candidate.OrgId().Gvk) - if err != nil { - return err - } - hasConflict, err := cd.HasConflict(candidate, alreadyInResult) - if err != nil { - return err - } - if hasConflict { - return m.makeError(cd, index) - } - merged, err := cd.MergePatches(alreadyInResult, candidate) - if err != nil { - return err - } - _, err = m.result.Replace(merged) - return err -} - -// Make an error message describing the conflict. -func (m *merginator) makeError(cd resource.ConflictDetector, index int) error { - conflict, err := m.findConflict(cd, index) - if err != nil { - return err - } - if conflict == nil { - return fmt.Errorf("expected conflict for %s", m.incoming[index].OrgId()) - } - conflictMap, _ := conflict.Map() - incomingIndexMap, _ := m.incoming[index].Map() - return fmt.Errorf( - "conflict between %#v at index %d and %#v", - incomingIndexMap, - index, - conflictMap, - ) -} - -// findConflict looks for a conflict in a resource slice. -// It returns the first conflict between the resource at index -// and some other resource. Two resources can only conflict if -// they have the same original ResId. -func (m *merginator) findConflict( - cd resource.ConflictDetector, index int) (*resource.Resource, error) { - targetId := m.incoming[index].OrgId() - for i, p := range m.incoming { - if i == index || !targetId.Equals(p.OrgId()) { - continue - } - conflict, err := cd.HasConflict(p, m.incoming[index]) - if err != nil { - return nil, err - } - if conflict { - return p, nil - } - } - return nil, nil -} diff --git a/vendor/sigs.k8s.io/kustomize/api/resmap/resmap.go b/vendor/sigs.k8s.io/kustomize/api/resmap/resmap.go index b803453e12..2b62482aa5 100644 --- a/vendor/sigs.k8s.io/kustomize/api/resmap/resmap.go +++ b/vendor/sigs.k8s.io/kustomize/api/resmap/resmap.go @@ -33,8 +33,10 @@ type Configurable interface { } // NewPluginHelpers makes an instance of PluginHelpers. -func NewPluginHelpers(ldr ifc.Loader, v ifc.Validator, rf *Factory) *PluginHelpers { - return &PluginHelpers{ldr: ldr, v: v, rf: rf} +func NewPluginHelpers( + ldr ifc.Loader, v ifc.Validator, rf *Factory, + pc *types.PluginConfig) *PluginHelpers { + return &PluginHelpers{ldr: ldr, v: v, rf: rf, pc: pc} } // PluginHelpers holds things that any or all plugins might need. @@ -44,6 +46,11 @@ type PluginHelpers struct { ldr ifc.Loader v ifc.Validator rf *Factory + pc *types.PluginConfig +} + +func (c *PluginHelpers) GeneralConfig() *types.PluginConfig { + return c.pc } func (c *PluginHelpers) Loader() ifc.Loader { @@ -80,6 +87,9 @@ type TransformerPlugin interface { // resource to transform, try the OrgId first, and if this // fails or finds too many, it might make sense to then try // the CurrId. Depends on the situation. +// +// TODO: get rid of this interface (use bare resWrangler). +// There aren't multiple implementations any more. type ResMap interface { // Size reports the number of resources. Size() int @@ -189,6 +199,9 @@ type ResMap interface { // Clear removes all resources and Ids. Clear() + // DropEmpties drops empty resources from the ResMap. + DropEmpties() + // SubsetThatCouldBeReferencedByResource returns a ResMap subset // of self with resources that could be referenced by the // resource argument. @@ -231,9 +244,8 @@ type ResMap interface { // are selected by a Selector Select(types.Selector) ([]*resource.Resource, error) - // ToRNodeSlice converts the resources in the resmp - // to a list of RNodes - ToRNodeSlice() ([]*yaml.RNode, error) + // ToRNodeSlice returns a copy of the resources as RNodes. + ToRNodeSlice() []*yaml.RNode // ApplySmPatch applies a strategic-merge patch to the // selected set of resources. diff --git a/vendor/sigs.k8s.io/kustomize/api/resmap/reswrangler.go b/vendor/sigs.k8s.io/kustomize/api/resmap/reswrangler.go index f76276c481..acdceed231 100644 --- a/vendor/sigs.k8s.io/kustomize/api/resmap/reswrangler.go +++ b/vendor/sigs.k8s.io/kustomize/api/resmap/reswrangler.go @@ -6,14 +6,12 @@ package resmap import ( "bytes" "fmt" - "strings" "github.com/pkg/errors" "sigs.k8s.io/kustomize/api/resid" "sigs.k8s.io/kustomize/api/resource" "sigs.k8s.io/kustomize/api/types" - kyaml_yaml "sigs.k8s.io/kustomize/kyaml/yaml" - "sigs.k8s.io/yaml" + kyaml "sigs.k8s.io/kustomize/kyaml/yaml" ) // resWrangler implements ResMap. @@ -38,6 +36,18 @@ func (m *resWrangler) Clear() { m.rList = nil } +// DropEmpties quickly drops empty resources. +// It doesn't use Append, which checks for Id collisions. +func (m *resWrangler) DropEmpties() { + var rList []*resource.Resource + for _, r := range m.rList { + if !r.IsEmpty() { + rList = append(rList, r) + } + } + m.rList = rList +} + // Size implements ResMap. func (m *resWrangler) Size() int { return len(m.rList) @@ -66,22 +76,27 @@ func (m *resWrangler) Append(res *resource.Resource) error { return fmt.Errorf( "may not add resource with an already registered id: %s", id) } - m.rList = append(m.rList, res) + m.append(res) return nil } +// append appends without performing an Id check +func (m *resWrangler) append(res *resource.Resource) { + m.rList = append(m.rList, res) +} + // Remove implements ResMap. func (m *resWrangler) Remove(adios resid.ResId) error { - tmp := newOne() + var rList []*resource.Resource for _, r := range m.rList { if r.CurId() != adios { - tmp.Append(r) + rList = append(rList, r) } } - if tmp.Size() != m.Size()-1 { + if len(rList) != m.Size()-1 { return fmt.Errorf("id %s not found in removal", adios) } - m.rList = tmp.rList + m.rList = rList return nil } @@ -118,16 +133,7 @@ func (m *resWrangler) Debug(title string) { } else { fmt.Println("---") } - fmt.Printf("# %d %s\n", i, r.OrgId()) - m, err := r.Map() - if err != nil { - panic(err) - } - blob, err := yaml.Marshal(m) - if err != nil { - panic(err) - } - fmt.Println(string(blob)) + fmt.Printf("# %d %s\n%s\n", i, r.OrgId(), r.String()) } } @@ -273,7 +279,7 @@ func (m *resWrangler) AsYaml() ([]byte, error) { firstObj := true var b []byte buf := bytes.NewBuffer(b) - for _, res := range m.Resources() { + for _, res := range m.rList { out, err := res.AsYAML() if err != nil { m, _ := res.Map() @@ -297,7 +303,7 @@ func (m *resWrangler) AsYaml() ([]byte, error) { func (m *resWrangler) ErrorIfNotEqualSets(other ResMap) error { m2, ok := other.(*resWrangler) if !ok { - panic("bad cast") + return fmt.Errorf("bad cast to resWrangler 1") } if m.Size() != m2.Size() { return fmt.Errorf( @@ -317,9 +323,9 @@ func (m *resWrangler) ErrorIfNotEqualSets(other ResMap) error { "id in self matches %d in other; id: %s", len(others), id) } r2 := others[0] - if !r1.KunstructEqual(r2) { + if !r1.NodeEqual(r2) { return fmt.Errorf( - "kunstruct not equal: \n -- %s,\n -- %s\n\n--\n%#v\n------\n%#v\n", + "nodes unequal: \n -- %s,\n -- %s\n\n--\n%#v\n------\n%#v\n", r1, r2, r1, r2) } seen[m2.indexOfResource(r2)] = true @@ -334,7 +340,7 @@ func (m *resWrangler) ErrorIfNotEqualSets(other ResMap) error { func (m *resWrangler) ErrorIfNotEqualLists(other ResMap) error { m2, ok := other.(*resWrangler) if !ok { - panic("bad cast") + return fmt.Errorf("bad cast to resWrangler 2") } if m.Size() != m2.Size() { return fmt.Errorf( @@ -388,7 +394,7 @@ func (m *resWrangler) SubsetThatCouldBeReferencedByResource( } result := newOne() roleBindingNamespaces := getNamespacesForRoleBinding(referrer) - for _, possibleTarget := range m.Resources() { + for _, possibleTarget := range m.rList { id := possibleTarget.CurId() if !id.IsNamespaceableKind() { // A cluster-scoped resource can be referred to by anything. @@ -435,16 +441,21 @@ func getNamespacesForRoleBinding(r *resource.Resource) map[string]bool { return result } -func (m *resWrangler) append(res *resource.Resource) { - m.rList = append(m.rList, res) -} - // AppendAll implements ResMap. func (m *resWrangler) AppendAll(other ResMap) error { if other == nil { return nil } - for _, res := range other.Resources() { + m2, ok := other.(*resWrangler) + if !ok { + return fmt.Errorf("bad cast to resWrangler 3") + } + return m.appendAll(m2.rList) +} + +// appendAll appends all the resources, error on Id collision. +func (m *resWrangler) appendAll(list []*resource.Resource) error { + for _, res := range list { if err := m.Append(res); err != nil { return err } @@ -457,7 +468,11 @@ func (m *resWrangler) AbsorbAll(other ResMap) error { if other == nil { return nil } - for _, r := range other.Resources() { + m2, ok := other.(*resWrangler) + if !ok { + return fmt.Errorf("bad cast to resWrangler 4") + } + for _, r := range m2.rList { err := m.appendReplaceOrMerge(r) if err != nil { return err @@ -522,7 +537,7 @@ func (m *resWrangler) Select(s types.Selector) ([]*resource.Resource, error) { if err != nil { return nil, err } - for _, r := range m.Resources() { + for _, r := range m.rList { curId := r.CurId() orgId := r.OrgId() @@ -567,77 +582,39 @@ func (m *resWrangler) Select(s types.Selector) ([]*resource.Resource, error) { return result, nil } -// ToRNodeSlice converts the resources in the resmp -// to a list of RNodes -func (m *resWrangler) ToRNodeSlice() ([]*kyaml_yaml.RNode, error) { - var rnodes []*kyaml_yaml.RNode - for _, r := range m.Resources() { - s, err := r.AsYAML() - if err != nil { - return nil, err - } - rnode, err := kyaml_yaml.Parse(string(s)) - if err != nil { - return nil, err - } - rnodes = append(rnodes, rnode) +// ToRNodeSlice returns a copy of the resources as RNodes. +func (m *resWrangler) ToRNodeSlice() []*kyaml.RNode { + result := make([]*kyaml.RNode, len(m.rList)) + for i := range m.rList { + result[i] = m.rList[i].AsRNode() } - return rnodes, nil + return result } +// ApplySmPatch applies the patch, and errors on Id collisions. func (m *resWrangler) ApplySmPatch( selectedSet *resource.IdSet, patch *resource.Resource) error { - newRm := New() - for _, res := range m.Resources() { - if !selectedSet.Contains(res.CurId()) { - newRm.Append(res) - continue - } - patchCopy := patch.DeepCopy() - patchCopy.CopyMergeMetaDataFieldsFrom(patch) - patchCopy.SetGvk(res.GetGvk()) - err := res.ApplySmPatch(patchCopy) - if err != nil { - // Check for an error string from UnmarshalJSON that's indicative - // of an object that's missing basic KRM fields, and thus may have been - // entirely deleted (an acceptable outcome). This error handling should - // be deleted along with use of ResMap and apimachinery functions like - // UnmarshalJSON. - if !strings.Contains(err.Error(), "Object 'Kind' is missing") { - // Some unknown error, let it through. + var list []*resource.Resource + for _, res := range m.rList { + if selectedSet.Contains(res.CurId()) { + patchCopy := patch.DeepCopy() + patchCopy.CopyMergeMetaDataFieldsFrom(patch) + patchCopy.SetGvk(res.GetGvk()) + patchCopy.SetKind(patch.GetKind()) + if err := res.ApplySmPatch(patchCopy); err != nil { return err } - empty, err := res.IsEmpty() - if err != nil { - return err - } - if !empty { - m, _ := res.Map() - return errors.Wrapf( - err, "with unexpectedly non-empty object map of size %d", - len(m)) - } - // Fall through to handle deleted object. } - empty, err := res.IsEmpty() - if err != nil { - return err - } - if !empty { - // IsEmpty means all fields have been removed from the object. - // This can happen if a patch required deletion of the - // entire resource (not just a part of it). This means - // the overall resmap must shrink by one. - newRm.Append(res) + if !res.IsEmpty() { + list = append(list, res) } } m.Clear() - m.AppendAll(newRm) - return nil + return m.appendAll(list) } func (m *resWrangler) RemoveBuildAnnotations() { - for _, r := range m.Resources() { + for _, r := range m.rList { r.RemoveBuildAnnotations() } } diff --git a/vendor/sigs.k8s.io/kustomize/api/resource/conflictdetector.go b/vendor/sigs.k8s.io/kustomize/api/resource/conflictdetector.go deleted file mode 100644 index f079cdd5ab..0000000000 --- a/vendor/sigs.k8s.io/kustomize/api/resource/conflictdetector.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2019 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package resource - -import "sigs.k8s.io/kustomize/api/resid" - -// ConflictDetector detects conflicts between resources. -type ConflictDetector interface { - // HasConflict returns true if the given resources have a conflict. - HasConflict(patch1, patch2 *Resource) (bool, error) - // Merge two resources into one. - MergePatches(patch1, patch2 *Resource) (*Resource, error) -} - -// ConflictDetectorFactory makes instances of ConflictDetector that know -// how to handle the given Group, Version, Kind tuple. -type ConflictDetectorFactory interface { - New(gvk resid.Gvk) (ConflictDetector, error) -} diff --git a/vendor/sigs.k8s.io/kustomize/api/resource/factory.go b/vendor/sigs.k8s.io/kustomize/api/resource/factory.go index df08c5dbf5..a9a1006bc0 100644 --- a/vendor/sigs.k8s.io/kustomize/api/resource/factory.go +++ b/vendor/sigs.k8s.io/kustomize/api/resource/factory.go @@ -10,28 +10,33 @@ import ( "strings" "sigs.k8s.io/kustomize/api/ifc" + "sigs.k8s.io/kustomize/api/internal/generators" "sigs.k8s.io/kustomize/api/internal/kusterr" + "sigs.k8s.io/kustomize/api/konfig" "sigs.k8s.io/kustomize/api/resid" "sigs.k8s.io/kustomize/api/types" + "sigs.k8s.io/kustomize/kyaml/kio" + "sigs.k8s.io/kustomize/kyaml/yaml" ) // Factory makes instances of Resource. type Factory struct { - kf ifc.KunstructuredFactory + hasher ifc.KustHasher } // NewFactory makes an instance of Factory. -func NewFactory(kf ifc.KunstructuredFactory) *Factory { - return &Factory{kf: kf} +func NewFactory(h ifc.KustHasher) *Factory { + return &Factory{hasher: h} } -func (rf *Factory) Hasher() ifc.KunstructuredHasher { - return rf.kf.Hasher() +// Hasher returns an ifc.KustHasher +func (rf *Factory) Hasher() ifc.KustHasher { + return rf.hasher } // FromMap returns a new instance of Resource. func (rf *Factory) FromMap(m map[string]interface{}) *Resource { - return rf.makeOne(rf.kf.FromMap(m), nil) + return rf.FromMapAndOption(m, nil) } // FromMapWithName returns a new instance with the given "original" name. @@ -41,34 +46,30 @@ func (rf *Factory) FromMapWithName(n string, m map[string]interface{}) *Resource // FromMapWithNamespaceAndName returns a new instance with the given "original" namespace. func (rf *Factory) FromMapWithNamespaceAndName(ns string, n string, m map[string]interface{}) *Resource { - return rf.makeOne(rf.kf.FromMap(m), nil).setPreviousNamespaceAndName(ns, n) + r := rf.FromMapAndOption(m, nil) + return r.setPreviousId(ns, n, r.GetKind()) } // FromMapAndOption returns a new instance of Resource with given options. func (rf *Factory) FromMapAndOption( m map[string]interface{}, args *types.GeneratorArgs) *Resource { - return rf.makeOne(rf.kf.FromMap(m), types.NewGenArgs(args)) -} - -// FromKunstructured returns a new instance of Resource. -func (rf *Factory) FromKunstructured(u ifc.Kunstructured) *Resource { - return rf.makeOne(u, nil) + n, err := yaml.FromMap(m) + if err != nil { + // TODO: return err instead of log. + log.Fatal(err) + } + return rf.makeOne(n, types.NewGenArgs(args)) } // makeOne returns a new instance of Resource. -func (rf *Factory) makeOne( - u ifc.Kunstructured, o *types.GenArgs) *Resource { - if u == nil { - log.Fatal("unstruct ifc must not be null") +func (rf *Factory) makeOne(rn *yaml.RNode, o *types.GenArgs) *Resource { + if rn == nil { + log.Fatal("RNode must not be null") } if o == nil { o = types.NewGenArgs(nil) } - r := &Resource{ - kunStr: u, - options: o, - } - return r + return &Resource{node: rn, options: o} } // SliceFromPatches returns a slice of resources given a patch path @@ -105,47 +106,135 @@ func (rf *Factory) FromBytes(in []byte) (*Resource, error) { // SliceFromBytes unmarshals bytes into a Resource slice. func (rf *Factory) SliceFromBytes(in []byte) ([]*Resource, error) { - kunStructs, err := rf.kf.SliceFromBytes(in) + nodes, err := rf.RNodesFromBytes(in) if err != nil { return nil, err } - var result []*Resource - for len(kunStructs) > 0 { - u := kunStructs[0] - kunStructs = kunStructs[1:] - if strings.HasSuffix(u.GetKind(), "List") { - m, err := u.Map() - if err != nil { - return nil, err + return rf.resourcesFromRNodes(nodes), nil +} + +// ResourcesFromRNodes converts RNodes to Resources. +func (rf *Factory) ResourcesFromRNodes( + nodes []*yaml.RNode) (result []*Resource, err error) { + nodes, err = rf.dropBadNodes(nodes) + if err != nil { + return nil, err + } + return rf.resourcesFromRNodes(nodes), nil +} + +// resourcesFromRNode assumes all nodes are good. +func (rf *Factory) resourcesFromRNodes( + nodes []*yaml.RNode) (result []*Resource) { + for _, n := range nodes { + result = append(result, rf.makeOne(n, nil)) + } + return +} + +func (rf *Factory) RNodesFromBytes(b []byte) (result []*yaml.RNode, err error) { + nodes, err := kio.FromBytes(b) + if err != nil { + return nil, err + } + nodes, err = rf.dropBadNodes(nodes) + if err != nil { + return nil, err + } + for len(nodes) > 0 { + n0 := nodes[0] + nodes = nodes[1:] + kind := n0.GetKind() + if !strings.HasSuffix(kind, "List") { + result = append(result, n0) + continue + } + // Convert a FooList into a slice of Foo. + var m map[string]interface{} + m, err = n0.Map() + if err != nil { + return nil, err + } + items, ok := m["items"] + if !ok { + // treat as an empty list + continue + } + slice, ok := items.([]interface{}) + if !ok { + if items == nil { + // an empty list + continue } - items := m["items"] - itemsSlice, ok := items.([]interface{}) - if !ok { - if items == nil { - // an empty list - continue - } - return nil, fmt.Errorf("items in List is type %T, expected array", items) - } - for _, item := range itemsSlice { - itemJSON, err := json.Marshal(item) - if err != nil { - return nil, err - } - innerU, err := rf.kf.SliceFromBytes(itemJSON) - if err != nil { - return nil, err - } - // append innerU to kunStructs so nested Lists can be handled - kunStructs = append(kunStructs, innerU...) - } - } else { - result = append(result, rf.FromKunstructured(u)) + return nil, fmt.Errorf( + "expected array in %s/items, but found %T", kind, items) + } + innerNodes, err := rf.convertObjectSliceToNodeSlice(slice) + if err != nil { + return nil, err + } + nodes = append(nodes, innerNodes...) + } + return result, nil +} + +// convertObjectSlice converts a list of objects to a list of RNode. +func (rf *Factory) convertObjectSliceToNodeSlice( + objects []interface{}) (result []*yaml.RNode, err error) { + var bytes []byte + var nodes []*yaml.RNode + for _, obj := range objects { + bytes, err = json.Marshal(obj) + if err != nil { + return + } + nodes, err = kio.FromBytes(bytes) + if err != nil { + return + } + nodes, err = rf.dropBadNodes(nodes) + if err != nil { + return + } + result = append(result, nodes...) + } + return +} + +// dropBadNodes may drop some nodes from its input argument. +func (rf *Factory) dropBadNodes(nodes []*yaml.RNode) ([]*yaml.RNode, error) { + var result []*yaml.RNode + for _, n := range nodes { + ignore, err := rf.shouldIgnore(n) + if err != nil { + return nil, err + } + if !ignore { + result = append(result, n) } } return result, nil } +// shouldIgnore returns true if there's some reason to ignore the node. +func (rf *Factory) shouldIgnore(n *yaml.RNode) (bool, error) { + if n.IsNilOrEmpty() { + return true, nil + } + md, err := n.GetValidatedMetadata() + if err != nil { + return true, err + } + _, ignore := md.ObjectMeta.Annotations[konfig.IgnoredByKustomizeAnnotation] + if ignore { + return true, nil + } + if foundNil, path := n.HasNilEntryInList(); foundNil { + return true, fmt.Errorf("empty item at %v in object %v", path, n) + } + return false, nil +} + // SliceFromBytesWithNames unmarshals bytes into a Resource slice with specified original // name. func (rf *Factory) SliceFromBytesWithNames(names []string, in []byte) ([]*Resource, error) { @@ -157,25 +246,25 @@ func (rf *Factory) SliceFromBytesWithNames(names []string, in []byte) ([]*Resour return nil, fmt.Errorf("number of names doesn't match number of resources") } for i, res := range result { - res.setPreviousNamespaceAndName(resid.DefaultNamespace, names[i]) + res.setPreviousId(resid.DefaultNamespace, names[i], res.GetKind()) } return result, nil } // MakeConfigMap makes an instance of Resource for ConfigMap func (rf *Factory) MakeConfigMap(kvLdr ifc.KvLoader, args *types.ConfigMapArgs) (*Resource, error) { - u, err := rf.kf.MakeConfigMap(kvLdr, args) + rn, err := generators.MakeConfigMap(kvLdr, args) if err != nil { return nil, err } - return rf.makeOne(u, types.NewGenArgs(&args.GeneratorArgs)), nil + return rf.makeOne(rn, types.NewGenArgs(&args.GeneratorArgs)), nil } // MakeSecret makes an instance of Resource for Secret func (rf *Factory) MakeSecret(kvLdr ifc.KvLoader, args *types.SecretArgs) (*Resource, error) { - u, err := rf.kf.MakeSecret(kvLdr, args) + rn, err := generators.MakeSecret(kvLdr, args) if err != nil { return nil, err } - return rf.makeOne(u, types.NewGenArgs(&args.GeneratorArgs)), nil + return rf.makeOne(rn, types.NewGenArgs(&args.GeneratorArgs)), nil } diff --git a/vendor/sigs.k8s.io/kustomize/api/resource/resource.go b/vendor/sigs.k8s.io/kustomize/api/resource/resource.go index d9f2b107b0..f017798999 100644 --- a/vendor/sigs.k8s.io/kustomize/api/resource/resource.go +++ b/vendor/sigs.k8s.io/kustomize/api/resource/resource.go @@ -12,153 +12,184 @@ import ( "sigs.k8s.io/kustomize/api/filters/patchstrategicmerge" "sigs.k8s.io/kustomize/api/ifc" - "sigs.k8s.io/kustomize/api/internal/wrappy" "sigs.k8s.io/kustomize/api/konfig" "sigs.k8s.io/kustomize/api/resid" "sigs.k8s.io/kustomize/api/types" - "sigs.k8s.io/kustomize/kyaml/filtersutil" "sigs.k8s.io/kustomize/kyaml/kio" kyaml "sigs.k8s.io/kustomize/kyaml/yaml" "sigs.k8s.io/yaml" ) -// Resource is a representation of a Kubernetes Resource Model (KRM) object +// Resource is an RNode, representing a Kubernetes Resource Model object, // paired with metadata used by kustomize. -// For more history, see sigs.k8s.io/kustomize/api/ifc.Unstructured type Resource struct { - kunStr ifc.Kunstructured + // TODO: Inline RNode, dropping complexity. Resource is just a decorator. + node *kyaml.RNode options *types.GenArgs refBy []resid.ResId refVarNames []string } const ( + buildAnnotationPreviousKinds = konfig.ConfigAnnoDomain + "/previousKinds" buildAnnotationPreviousNames = konfig.ConfigAnnoDomain + "/previousNames" buildAnnotationPrefixes = konfig.ConfigAnnoDomain + "/prefixes" buildAnnotationSuffixes = konfig.ConfigAnnoDomain + "/suffixes" buildAnnotationPreviousNamespaces = konfig.ConfigAnnoDomain + "/previousNamespaces" + + // the following are only for patches, to specify whether they can change names + // and kinds of their targets + buildAnnotationAllowNameChange = konfig.ConfigAnnoDomain + "/allowNameChange" + buildAnnotationAllowKindChange = konfig.ConfigAnnoDomain + "/allowKindChange" ) var buildAnnotations = []string{ + buildAnnotationPreviousKinds, buildAnnotationPreviousNames, buildAnnotationPrefixes, buildAnnotationSuffixes, buildAnnotationPreviousNamespaces, + buildAnnotationAllowNameChange, + buildAnnotationAllowKindChange, +} + +func (r *Resource) AsRNode() *kyaml.RNode { + return r.node.Copy() } func (r *Resource) ResetPrimaryData(incoming *Resource) { - r.kunStr = incoming.Copy() + r.node = incoming.node.Copy() } func (r *Resource) GetAnnotations() map[string]string { - annotations := r.kunStr.GetAnnotations() - if annotations == nil { + annotations, err := r.node.GetAnnotations() + if err != nil || annotations == nil { return make(map[string]string) } return annotations } -func (r *Resource) Copy() ifc.Kunstructured { - return r.kunStr.Copy() -} - func (r *Resource) GetFieldValue(f string) (interface{}, error) { - return r.kunStr.GetFieldValue(f) + //nolint:staticcheck + return r.node.GetFieldValue(f) } func (r *Resource) GetDataMap() map[string]string { - return r.kunStr.GetDataMap() + return r.node.GetDataMap() } func (r *Resource) GetBinaryDataMap() map[string]string { - return r.kunStr.GetBinaryDataMap() + return r.node.GetBinaryDataMap() } func (r *Resource) GetGvk() resid.Gvk { - return r.kunStr.GetGvk() + meta, err := r.node.GetMeta() + if err != nil { + return resid.GvkFromString("") + } + g, v := resid.ParseGroupVersion(meta.APIVersion) + return resid.Gvk{Group: g, Version: v, Kind: meta.Kind} +} + +func (r *Resource) Hash(h ifc.KustHasher) (string, error) { + return h.Hash(r.node) } func (r *Resource) GetKind() string { - return r.kunStr.GetKind() + return r.node.GetKind() } func (r *Resource) GetLabels() map[string]string { - return r.kunStr.GetLabels() + l, err := r.node.GetLabels() + if err != nil { + return map[string]string{} + } + return l } func (r *Resource) GetName() string { - return r.kunStr.GetName() + return r.node.GetName() } func (r *Resource) GetSlice(p string) ([]interface{}, error) { - return r.kunStr.GetSlice(p) + //nolint:staticcheck + return r.node.GetSlice(p) } func (r *Resource) GetString(p string) (string, error) { - return r.kunStr.GetString(p) + //nolint:staticcheck + return r.node.GetString(p) } -func (r *Resource) IsEmpty() (bool, error) { - m, err := r.kunStr.Map() - return len(m) == 0, err +func (r *Resource) IsEmpty() bool { + return r.node.IsNilOrEmpty() } func (r *Resource) Map() (map[string]interface{}, error) { - return r.kunStr.Map() + return r.node.Map() } func (r *Resource) MarshalJSON() ([]byte, error) { - return r.kunStr.MarshalJSON() + return r.node.MarshalJSON() } func (r *Resource) MatchesLabelSelector(selector string) (bool, error) { - return r.kunStr.MatchesLabelSelector(selector) + return r.node.MatchesLabelSelector(selector) } func (r *Resource) MatchesAnnotationSelector(selector string) (bool, error) { - return r.kunStr.MatchesAnnotationSelector(selector) + return r.node.MatchesAnnotationSelector(selector) } func (r *Resource) SetAnnotations(m map[string]string) { if len(m) == 0 { // Force field erasure. - r.kunStr.SetAnnotations(nil) + r.node.SetAnnotations(nil) return } - r.kunStr.SetAnnotations(m) + r.node.SetAnnotations(m) } func (r *Resource) SetDataMap(m map[string]string) { - r.kunStr.SetDataMap(m) + r.node.SetDataMap(m) } func (r *Resource) SetBinaryDataMap(m map[string]string) { - r.kunStr.SetBinaryDataMap(m) + r.node.SetBinaryDataMap(m) } func (r *Resource) SetGvk(gvk resid.Gvk) { - r.kunStr.SetGvk(gvk) + r.node.SetMapField( + kyaml.NewScalarRNode(gvk.Kind), kyaml.KindField) + r.node.SetMapField( + kyaml.NewScalarRNode(gvk.ApiVersion()), kyaml.APIVersionField) } func (r *Resource) SetLabels(m map[string]string) { if len(m) == 0 { // Force field erasure. - r.kunStr.SetLabels(nil) + r.node.SetLabels(nil) return } - r.kunStr.SetLabels(m) + r.node.SetLabels(m) } func (r *Resource) SetName(n string) { - r.kunStr.SetName(n) + r.node.SetName(n) } func (r *Resource) SetNamespace(n string) { - r.kunStr.SetNamespace(n) + r.node.SetNamespace(n) +} + +func (r *Resource) SetKind(k string) { + gvk := r.GetGvk() + gvk.Kind = k + r.SetGvk(gvk) } func (r *Resource) UnmarshalJSON(s []byte) error { - return r.kunStr.UnmarshalJSON(s) + return r.node.UnmarshalJSON(s) } // ResCtx is an interface describing the contextual added @@ -178,14 +209,14 @@ type ResCtxMatcher func(ResCtx) bool // DeepCopy returns a new copy of resource func (r *Resource) DeepCopy() *Resource { rc := &Resource{ - kunStr: r.Copy(), + node: r.node.Copy(), } rc.copyOtherFields(r) return rc } // CopyMergeMetaDataFields copies everything but the non-metadata in -// the ifc.Kunstructured map, merging labels and annotations. +// the resource. func (r *Resource) CopyMergeMetaDataFieldsFrom(other *Resource) { r.SetLabels(mergeStringMaps(other.GetLabels(), r.GetLabels())) r.SetAnnotations( @@ -251,8 +282,10 @@ func (r *Resource) ReferencesEqual(other *Resource) bool { return len(setSelf) == len(setOther) } -func (r *Resource) KunstructEqual(o *Resource) bool { - return reflect.DeepEqual(r.kunStr, o.kunStr) +// NodeEqual returns true if the resource's nodes are +// equal, ignoring ancillary information like genargs, refby, etc. +func (r *Resource) NodeEqual(o *Resource) bool { + return reflect.DeepEqual(r.node, o.node) } func (r *Resource) copyRefBy() []resid.ResId { @@ -351,12 +384,41 @@ func (r *Resource) RemoveBuildAnnotations() { r.SetAnnotations(annotations) } -func (r *Resource) setPreviousNamespaceAndName(ns string, n string) *Resource { +func (r *Resource) setPreviousId(ns string, n string, k string) *Resource { r.appendCsvAnnotation(buildAnnotationPreviousNames, n) r.appendCsvAnnotation(buildAnnotationPreviousNamespaces, ns) + r.appendCsvAnnotation(buildAnnotationPreviousKinds, k) return r } +func (r *Resource) SetAllowNameChange(value string) { + annotations := r.GetAnnotations() + annotations[buildAnnotationAllowNameChange] = value + r.SetAnnotations(annotations) +} + +func (r *Resource) NameChangeAllowed() bool { + annotations := r.GetAnnotations() + if allowed, set := annotations[buildAnnotationAllowNameChange]; set && allowed == "true" { + return true + } + return false +} + +func (r *Resource) SetAllowKindChange(value string) { + annotations := r.GetAnnotations() + annotations[buildAnnotationAllowKindChange] = value + r.SetAnnotations(annotations) +} + +func (r *Resource) KindChangeAllowed() bool { + annotations := r.GetAnnotations() + if allowed, set := annotations[buildAnnotationAllowKindChange]; set && allowed == "true" { + return true + } + return false +} + // String returns resource as JSON. func (r *Resource) String() string { bs, err := r.MarshalJSON() @@ -430,14 +492,19 @@ func (r *Resource) PrevIds() []resid.ResId { // pairs on one annotation so there is no chance of error names := r.getCsvAnnotation(buildAnnotationPreviousNames) ns := r.getCsvAnnotation(buildAnnotationPreviousNamespaces) - if len(names) != len(ns) { + kinds := r.getCsvAnnotation(buildAnnotationPreviousKinds) + if len(names) != len(ns) || len(names) != len(kinds) { panic(errors.New( - "number of previous names not equal to " + - "number of previous namespaces")) + "number of previous names, " + + "number of previous namespaces, " + + "number of previous kinds not equal")) } for i := range names { + k := kinds[i] + gvk := r.GetGvk() + gvk.Kind = k ids = append(ids, resid.NewResIdWithNamespace( - r.GetGvk(), names[i], ns[i])) + gvk, names[i], ns[i])) } return ids } @@ -445,7 +512,7 @@ func (r *Resource) PrevIds() []resid.ResId { // StorePreviousId stores the resource's current ID via build annotations. func (r *Resource) StorePreviousId() { id := r.CurId() - r.setPreviousNamespaceAndName(id.EffectiveNamespace(), id.Name) + r.setPreviousId(id.EffectiveNamespace(), id.Name, id.Kind) } // CurId returns a ResId for the resource using the @@ -478,38 +545,35 @@ func (r *Resource) AppendRefVarName(variable types.Var) { // ApplySmPatch applies the provided strategic merge patch. func (r *Resource) ApplySmPatch(patch *Resource) error { - node, err := filtersutil.GetRNode(patch) - if err != nil { + n, ns, k := r.GetName(), r.GetNamespace(), r.GetKind() + if patch.NameChangeAllowed() || patch.KindChangeAllowed() { + r.StorePreviousId() + } + if err := r.ApplyFilter(patchstrategicmerge.Filter{ + Patch: patch.node, + }); err != nil { return err } - n, ns := r.GetName(), r.GetNamespace() - err = r.ApplyFilter(patchstrategicmerge.Filter{ - Patch: node, - }) - if err != nil { - return err + if r.IsEmpty() { + return nil } - empty, err := r.IsEmpty() - if err != nil { - return err + if !patch.KindChangeAllowed() { + r.SetKind(k) } - if !empty { + if !patch.NameChangeAllowed() { r.SetName(n) - r.SetNamespace(ns) } - return err + r.SetNamespace(ns) + return nil } func (r *Resource) ApplyFilter(f kio.Filter) error { - if wn, ok := r.kunStr.(*wrappy.WNode); ok { - l, err := f.Filter([]*kyaml.RNode{wn.AsRNode()}) - if len(l) == 0 { - // Hack to deal with deletion. - r.kunStr = wrappy.NewWNode() - } - return err + l, err := f.Filter([]*kyaml.RNode{r.node}) + if len(l) == 0 { + // The node was deleted. The following makes r.IsEmpty() true. + r.node = nil } - return filtersutil.ApplyToJSON(f, r) + return err } func mergeStringMaps(maps ...map[string]string) map[string]string { diff --git a/vendor/sigs.k8s.io/kustomize/api/types/errunabletofind.go b/vendor/sigs.k8s.io/kustomize/api/types/errunabletofind.go index a39e9a3854..f95b8edd5a 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/errunabletofind.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/errunabletofind.go @@ -23,7 +23,7 @@ func (e *errUnableToFind) Error() string { m = append(m, "('"+p.Value+"'; "+p.Key+")") } return fmt.Sprintf( - "unable to find plugin root - tried: %s", strings.Join(m, ", ")) + "unable to find %s - tried: %s", e.what, strings.Join(m, ", ")) } func NewErrUnableToFind(w string, a []Pair) *errUnableToFind { diff --git a/vendor/sigs.k8s.io/kustomize/api/types/fieldspec.go b/vendor/sigs.k8s.io/kustomize/api/types/fieldspec.go index f5b711ee57..0bee70256b 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/fieldspec.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/fieldspec.go @@ -9,8 +9,7 @@ import ( "sigs.k8s.io/kustomize/api/resid" ) -// FieldSpec completely specifies a kustomizable field in -// an unstructured representation of a k8s API object. +// FieldSpec completely specifies a kustomizable field in a k8s API object. // It helps define the operands of transformations. // // For example, a directive to add a common label to objects diff --git a/vendor/sigs.k8s.io/kustomize/api/types/helmchartargs.go b/vendor/sigs.k8s.io/kustomize/api/types/helmchartargs.go index 5703720837..7bb22f2e41 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/helmchartargs.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/helmchartargs.go @@ -3,14 +3,77 @@ package types -// HelmChartArgs contains the metadata of how to generate a secret. +type HelmGlobals struct { + // ChartHome is a file path, relative to the kustomization root, + // to a directory containing a subdirectory for each chart to be + // included in the kustomization. + // The default value of this field is "charts". + // So, for example, kustomize looks for the minecraft chart + // at {kustomizationRoot}/{ChartHome}/minecraft. + // If the chart is there at build time, kustomize will use it as found, + // and not check version numbers or dates. + // If the chart is not there, kustomize will attempt to pull it + // using the version number specified in the kustomization file, + // and put it there. To suppress the pull attempt, simply assure + // that the chart is already there. + ChartHome string `json:"chartHome,omitempty" yaml:"chartHome,omitempty"` + + // ConfigHome defines a value that kustomize should pass to helm via + // the HELM_CONFIG_HOME environment variable. kustomize doesn't attempt + // to read or write this directory. + // If omitted, {tmpDir}/helm is used, where {tmpDir} is some temporary + // directory created by kustomize for the benefit of helm. + // Likewise, kustomize sets + // HELM_CACHE_HOME={ConfigHome}/.cache + // HELM_DATA_HOME={ConfigHome}/.data + // for the helm subprocess. + ConfigHome string `json:"configHome,omitempty" yaml:"configHome,omitempty"` +} + +type HelmChart struct { + // Name is the name of the chart, e.g. 'minecraft'. + Name string `json:"name,omitempty" yaml:"name,omitempty"` + + // Version is the version of the chart, e.g. '3.1.3' + Version string `json:"version,omitempty" yaml:"version,omitempty"` + + // Repo is a URL locating the chart on the internet. + // This is the argument to helm's `--repo` flag, e.g. + // `https://itzg.github.io/minecraft-server-charts`. + Repo string `json:"repo,omitempty" yaml:"repo,omitempty"` + + // ReleaseName replaces RELEASE-NAME in chart template output, + // making a particular inflation of a chart unique with respect to + // other inflations of the same chart in a cluster. It's the first + // argument to the helm `install` and `template` commands, i.e. + // helm install {RELEASE-NAME} {chartName} + // helm template {RELEASE-NAME} {chartName} + // If omitted, the flag --generate-name is passed to 'helm template'. + ReleaseName string `json:"releaseName,omitempty" yaml:"releaseName,omitempty"` + + // ValuesFile is local file path to a values file to use _instead of_ + // the default values that accompanied the chart. + // The default values are in '{ChartHome}/{Name}/values.yaml'. + ValuesFile string `json:"valuesFile,omitempty" yaml:"valuesFile,omitempty"` + + // ValuesInline holds value mappings specified directly, + // rather than in a separate file. + ValuesInline map[string]interface{} `json:"valuesInline,omitempty" yaml:"valuesInline,omitempty"` + + // ValuesMerge specifies how to treat ValuesInline with respect to Values. + // Legal values: 'merge', 'override', 'replace'. + // Defaults to 'override'. + ValuesMerge string `json:"valuesMerge,omitempty" yaml:"valuesMerge,omitempty"` +} + +// HelmChartArgs contains arguments to helm. +// Deprecated. Use HelmGlobals and HelmChart instead. type HelmChartArgs struct { - ChartName string `json:"chartName,omitempty" yaml:"chartName,omitempty"` - ChartVersion string `json:"chartVersion,omitempty" yaml:"chartVersion,omitempty"` - ChartRepoURL string `json:"chartRepoUrl,omitempty" yaml:"chartRepoUrl,omitempty"` - ChartHome string `json:"chartHome,omitempty" yaml:"chartHome,omitempty"` - // Use chartRelease to keep compatible with old exec plugin - ChartRepoName string `json:"chartRelease,omitempty" yaml:"chartRelease,omitempty"` + ChartName string `json:"chartName,omitempty" yaml:"chartName,omitempty"` + ChartVersion string `json:"chartVersion,omitempty" yaml:"chartVersion,omitempty"` + ChartRepoURL string `json:"chartRepoUrl,omitempty" yaml:"chartRepoUrl,omitempty"` + ChartHome string `json:"chartHome,omitempty" yaml:"chartHome,omitempty"` + ChartRepoName string `json:"chartRepoName,omitempty" yaml:"chartRepoName,omitempty"` HelmBin string `json:"helmBin,omitempty" yaml:"helmBin,omitempty"` HelmHome string `json:"helmHome,omitempty" yaml:"helmHome,omitempty"` Values string `json:"values,omitempty" yaml:"values,omitempty"` @@ -20,3 +83,32 @@ type HelmChartArgs struct { ReleaseNamespace string `json:"releaseNamespace,omitempty" yaml:"releaseNamespace,omitempty"` ExtraArgs []string `json:"extraArgs,omitempty" yaml:"extraArgs,omitempty"` } + +// SplitHelmParameters splits helm parameters into +// per-chart params and global chart-independent parameters. +func SplitHelmParameters( + oldArgs []HelmChartArgs) (charts []HelmChart, globals HelmGlobals) { + for _, old := range oldArgs { + charts = append(charts, makeHelmChartFromHca(&old)) + if old.HelmHome != "" { + // last non-empty wins + globals.ConfigHome = old.HelmHome + } + if old.ChartHome != "" { + // last non-empty wins + globals.ChartHome = old.ChartHome + } + } + return charts, globals +} + +func makeHelmChartFromHca(old *HelmChartArgs) (c HelmChart) { + c.Name = old.ChartName + c.Version = old.ChartVersion + c.Repo = old.ChartRepoURL + c.ValuesFile = old.Values + c.ValuesInline = old.ValuesLocal + c.ValuesMerge = old.ValuesMerge + c.ReleaseName = old.ReleaseName + return +} diff --git a/vendor/sigs.k8s.io/kustomize/api/types/kustomization.go b/vendor/sigs.k8s.io/kustomize/api/types/kustomization.go index 30f0e4b2e5..9c555a860e 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/kustomization.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/kustomization.go @@ -6,6 +6,7 @@ package types import ( "bytes" "encoding/json" + "fmt" "sigs.k8s.io/yaml" ) @@ -46,6 +47,9 @@ type Kustomization struct { // CommonLabels to add to all objects and selectors. CommonLabels map[string]string `json:"commonLabels,omitempty" yaml:"commonLabels,omitempty"` + // Labels to add to all objects but not selectors. + Labels []Label `json:"labels,omitempty" yaml:"labels,omitempty"` + // CommonAnnotations to add to all objects. CommonAnnotations map[string]string `json:"commonAnnotations,omitempty" yaml:"commonAnnotations,omitempty"` @@ -125,9 +129,14 @@ type Kustomization struct { // the map will have a suffix hash generated from its contents. SecretGenerator []SecretArgs `json:"secretGenerator,omitempty" yaml:"secretGenerator,omitempty"` + // HelmGlobals contains helm configuration that isn't chart specific. + HelmGlobals *HelmGlobals `json:"helmGlobals,omitempty" yaml:"helmGlobals,omitempty"` + + // HelmCharts is a list of helm chart configuration instances. + HelmCharts []HelmChart `json:"helmCharts,omitempty" yaml:"helmCharts,omitempty"` + // HelmChartInflationGenerator is a list of helm chart configurations. - // The resulting resource is a normal operand rendered from - // a remote chart by `helm template` + // Deprecated. Auto-converted to HelmGlobals and HelmCharts. HelmChartInflationGenerator []HelmChartArgs `json:"helmChartInflationGenerator,omitempty" yaml:"helmChartInflationGenerator,omitempty"` // GeneratorOptions modify behavior of all ConfigMap and Secret generators. @@ -181,15 +190,42 @@ func (k *Kustomization) FixKustomizationPostUnmarshalling() { k.SecretGenerator[i].EnvSource = "" } } + charts, globals := SplitHelmParameters(k.HelmChartInflationGenerator) + if k.HelmGlobals == nil { + if globals.ChartHome != "" || globals.ConfigHome != "" { + k.HelmGlobals = &globals + } + } + k.HelmCharts = append(k.HelmCharts, charts...) + // Wipe it for the fix command. + k.HelmChartInflationGenerator = nil } // FixKustomizationPreMarshalling fixes things // that should occur after the kustomization file // has been processed. -func (k *Kustomization) FixKustomizationPreMarshalling() { +func (k *Kustomization) FixKustomizationPreMarshalling() error { // PatchesJson6902 should be under the Patches field. k.Patches = append(k.Patches, k.PatchesJson6902...) k.PatchesJson6902 = nil + + // this fix is not in FixKustomizationPostUnmarshalling because + // it will break some commands like `create` and `add`. those + // commands depend on 'commonLabels' field + if cl := labelFromCommonLabels(k.CommonLabels); cl != nil { + // check conflicts between commonLabels and labels + for _, l := range k.Labels { + for k := range l.Pairs { + if _, exist := cl.Pairs[k]; exist { + return fmt.Errorf("label name '%s' exists in both commonLabels and labels", k) + } + } + } + k.Labels = append(k.Labels, *cl) + k.CommonLabels = nil + } + + return nil } func (k *Kustomization) EnforceFields() []string { diff --git a/vendor/sigs.k8s.io/kustomize/api/types/labels.go b/vendor/sigs.k8s.io/kustomize/api/types/labels.go new file mode 100644 index 0000000000..e2a2aee789 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/api/types/labels.go @@ -0,0 +1,25 @@ +// Copyright 2019 The Kubernetes Authors. +// SPDX-License-Identifier: Apache-2.0 + +package types + +type Label struct { + // Pairs contains the key-value pairs for labels to add + Pairs map[string]string `json:"pairs,omitempty" yaml:"pairs,omitempty"` + // IncludeSelectors inidicates should transformer include the + // fieldSpecs for selectors. Custom fieldSpecs specified by + // FieldSpecs will be merged with builtin fieldSpecs if this + // is true. + IncludeSelectors bool `json:"includeSelectors,omitempty" yaml:"includeSelectors,omitempty"` + FieldSpecs []FieldSpec `json:"fields,omitempty" yaml:"fields,omitempty"` +} + +func labelFromCommonLabels(commonLabels map[string]string) *Label { + if len(commonLabels) == 0 { + return nil + } + return &Label{ + Pairs: commonLabels, + IncludeSelectors: true, + } +} diff --git a/vendor/sigs.k8s.io/kustomize/api/types/patch.go b/vendor/sigs.k8s.io/kustomize/api/types/patch.go index 48b521d7e8..5310a6e66d 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/patch.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/patch.go @@ -3,6 +3,8 @@ package types +import "reflect" + // Patch represent either a Strategic Merge Patch or a JSON patch // and its targets. // The content of the patch can either be from a file @@ -16,6 +18,9 @@ type Patch struct { // Target points to the resources that the patch is applied to Target *Selector `json:"target,omitempty" yaml:"target,omitempty"` + + // Options is a list of options for the patch + Options map[string]bool `json:"options,omitempty" yaml:"options,omitempty"` } // Equals return true if p equals o. @@ -24,5 +29,6 @@ func (p *Patch) Equals(o Patch) bool { (p.Target != nil && o.Target != nil && *p.Target == *o.Target) return p.Path == o.Path && p.Patch == o.Patch && - targetEqual + targetEqual && + reflect.DeepEqual(p.Options, o.Options) } diff --git a/vendor/sigs.k8s.io/kustomize/api/types/pluginconfig.go b/vendor/sigs.k8s.io/kustomize/api/types/pluginconfig.go index 2756f98268..741e5debc4 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/pluginconfig.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/pluginconfig.go @@ -3,27 +3,13 @@ package types +type HelmConfig struct { + Enabled bool + Command string +} + // PluginConfig holds plugin configuration. type PluginConfig struct { - // AbsPluginHome is the home of kustomize plugins. - // Kustomize plugin configuration files are k8s-style objects - // containing the fields 'apiVersion' and 'kind', e.g. - // apiVersion: apps/v1 - // kind: Deployment - // kustomize reads plugin configuration data from a file path - // specified in the 'generators:' or 'transformers:' field of a - // kustomization file. kustomize must then use this data to both - // locate the plugin and configure it. - // Every kustomize plugin (its code, its tests, its supporting data - // files, etc.) must be housed in its own directory at - // ${AbsPluginHome}/${pluginApiVersion}/LOWERCASE(${pluginKind}) - // where - // - ${AbsPluginHome} is an absolute path, defined below. - // - ${pluginApiVersion} is taken from the plugin config file. - // - ${pluginKind} is taken from the plugin config file. - // The value of AbsPluginHome can be any absolute path. - AbsPluginHome string - // PluginRestrictions distinguishes plugin restrictions. PluginRestrictions PluginRestrictions @@ -32,4 +18,30 @@ type PluginConfig struct { // FnpLoadingOptions sets the way function-based plugin behaviors. FnpLoadingOptions FnPluginLoadingOptions + + // HelmConfig contains metadata needed for allowing and running helm. + HelmConfig HelmConfig +} + +func EnabledPluginConfig(b BuiltinPluginLoadingOptions) (pc *PluginConfig) { + pc = MakePluginConfig(PluginRestrictionsNone, b) + pc.FnpLoadingOptions.EnableStar = true + pc.HelmConfig.Enabled = true + // If this command is not on PATH, tests needing it should skip. + pc.HelmConfig.Command = "helmV3" + return +} + +func DisabledPluginConfig() *PluginConfig { + return MakePluginConfig( + PluginRestrictionsBuiltinsOnly, + BploUseStaticallyLinked) +} + +func MakePluginConfig(pr PluginRestrictions, + b BuiltinPluginLoadingOptions) *PluginConfig { + return &PluginConfig{ + PluginRestrictions: pr, + BpLoadingOptions: b, + } } diff --git a/vendor/sigs.k8s.io/kustomize/api/types/replacement.go b/vendor/sigs.k8s.io/kustomize/api/types/replacement.go index 57c2507ada..41bd848a34 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/replacement.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/replacement.go @@ -1,27 +1,59 @@ -// Copyright 2019 The Kubernetes Authors. +// Copyright 2021 The Kubernetes Authors. // SPDX-License-Identifier: Apache-2.0 package types +const DefaultReplacementFieldPath = "metadata.name" + // Replacement defines how to perform a substitution // where it is from and where it is to. type Replacement struct { - Source *ReplSource `json:"source" yaml:"source"` - Target *ReplTarget `json:"target" yaml:"target"` + // The source of the value. + Source *SourceSelector `json:"source" yaml:"source"` + + // The N fields to write the value to. + Targets []*TargetSelector `json:"targets" yaml:"targets"` } -// ReplSource defines where a substitution is from -// It can from two different kinds of sources -// - from a field of one resource -// - from a string -type ReplSource struct { - ObjRef *Target `json:"objref,omitempty" yaml:"objref,omitempty"` - FieldRef string `json:"fieldref,omitempty" yaml:"fiedldref,omitempty"` - Value string `json:"value,omitempty" yaml:"value,omitempty"` +// SourceSelector is the source of the replacement transformer. +type SourceSelector struct { + // A specific object to read it from. + KrmId `json:",inline,omitempty" yaml:",inline,omitempty"` + + // Structured field path expected in the allowed object. + FieldPath string `json:"fieldPath" yaml:"fieldPath"` + + // Used to refine the interpretation of the field. + Options *FieldOptions `json:"options" yaml:"options"` } -// ReplTarget defines where a substitution is to. -type ReplTarget struct { - ObjRef *Selector `json:"objref,omitempty" yaml:"objref,omitempty"` - FieldRefs []string `json:"fieldrefs,omitempty" yaml:"fieldrefs,omitempty"` +// TargetSelector specifies fields in one or more objects. +type TargetSelector struct { + // Include objects that match this. + Select *Selector `json:"select" yaml:"select"` + + // From the allowed set, remove objects that match this. + Reject []*Selector `json:"reject" yaml:"reject"` + + // Structured field paths expected in each allowed object. + FieldPaths []string `json:"fieldPaths" yaml:"fieldPaths"` + + // Used to refine the interpretation of the field. + Options *FieldOptions `json:"options" yaml:"options"` +} + +// FieldOptions refine the interpretation of FieldPaths. +type FieldOptions struct { + // Used to split/join the field. + Delimiter string `json:"delimiter" yaml:"delimiter"` + + // Which position in the split to consider. + Index int `json:"index" yaml:"index"` + + // TODO (#3492): Implement use of this option + // None, Base64, URL, Hex, etc + Encoding string `json:"encoding" yaml:"encoding"` + + // If field missing, add it. + Create bool `json:"create" yaml:"create"` } diff --git a/vendor/sigs.k8s.io/kustomize/api/types/selector.go b/vendor/sigs.k8s.io/kustomize/api/types/selector.go index 007b508f13..4b7295c6a7 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/selector.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/selector.go @@ -13,9 +13,8 @@ import ( // Any resource that matches intersection of all conditions // is included in this set. type Selector struct { - resid.Gvk `json:",inline,omitempty" yaml:",inline,omitempty"` - Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` - Name string `json:"name,omitempty" yaml:"name,omitempty"` + // KrmId refers to a GVKN/Ns of a resource. + KrmId `json:",inline,omitempty" yaml:",inline,omitempty"` // AnnotationSelector is a string that follows the label selection expression // https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api @@ -28,6 +27,23 @@ type Selector struct { LabelSelector string `json:"labelSelector,omitempty" yaml:"labelSelector,omitempty"` } +// KrmId refers to a GVKN/Ns of a resource. +type KrmId struct { + resid.Gvk `json:",inline,omitempty" yaml:",inline,omitempty"` + Name string `json:"name,omitempty" yaml:"name,omitempty"` + Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"` +} + +// Match returns true if id selects other, i.e. id's fields +// either match other's or are empty +func (id *KrmId) Match(other *KrmId) bool { + return (id.Group == "" || id.Group == other.Group) && + (id.Version == "" || id.Version == other.Version) && + (id.Kind == "" || id.Kind == other.Kind) && + (id.Name == "" || id.Name == other.Name) && + (id.Namespace == "" || id.Namespace == other.Namespace) +} + // SelectorRegex is a Selector with regex in GVK // Any resource that matches intersection of all conditions // is included in this set. diff --git a/vendor/sigs.k8s.io/kustomize/api/types/var.go b/vendor/sigs.k8s.io/kustomize/api/types/var.go index f636d0d35b..a953151667 100644 --- a/vendor/sigs.k8s.io/kustomize/api/types/var.go +++ b/vendor/sigs.k8s.io/kustomize/api/types/var.go @@ -12,8 +12,6 @@ import ( "sigs.k8s.io/kustomize/api/resid" ) -const defaultFieldPath = "metadata.name" - // Var represents a variable whose value will be sourced // from a field in a Kubernetes object. type Var struct { @@ -71,7 +69,7 @@ type FieldSelector struct { // defaulting sets reference to field used by default. func (v *Var) Defaulting() { if v.FieldRef.FieldPath == "" { - v.FieldRef.FieldPath = defaultFieldPath + v.FieldRef.FieldPath = DefaultReplacementFieldPath } v.ObjRef.GVK() } diff --git a/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/build.go b/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/build.go index 0fa5177fd1..eea6401557 100644 --- a/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/build.go +++ b/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/build.go @@ -6,7 +6,6 @@ package build import ( "fmt" "io" - "log" "github.com/spf13/cobra" "sigs.k8s.io/kustomize/api/filesys" @@ -22,10 +21,11 @@ var theArgs struct { var theFlags struct { outputPath string enable struct { - resourceIdChanges bool - plugins bool - managedByLabel bool + plugins bool + managedByLabel bool + helm bool } + helmCommand string loadRestrictor string reorderOutput string fnOptions types.FnPluginLoadingOptions @@ -104,7 +104,7 @@ func NewCmdBuild( AddFlagEnablePlugins(cmd.Flags()) AddFlagReorderOutput(cmd.Flags()) AddFlagEnableManagedbyLabel(cmd.Flags()) - AddFlagAllowResourceIdChanges(cmd.Flags()) + AddFlagEnableHelm(cmd.Flags()) return cmd } @@ -132,14 +132,13 @@ func HonorKustomizeFlags(kOpts *krusty.Options) *krusty.Options { kOpts.DoLegacyResourceSort = getFlagReorderOutput() == legacy kOpts.LoadRestrictions = getFlagLoadRestrictorValue() if theFlags.enable.plugins { - c, err := konfig.EnabledPluginConfig(types.BploUseStaticallyLinked) - if err != nil { - log.Fatal(err) - } + c := types.EnabledPluginConfig(types.BploUseStaticallyLinked) c.FnpLoadingOptions = theFlags.fnOptions kOpts.PluginConfig = c + } else { + kOpts.PluginConfig.HelmConfig.Enabled = theFlags.enable.helm } + kOpts.PluginConfig.HelmConfig.Command = theFlags.helmCommand kOpts.AddManagedbyLabel = isManagedByLabelEnabled() - kOpts.AllowResourceIdChanges = theFlags.enable.resourceIdChanges return kOpts } diff --git a/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/flagallowresourceidchanges.go b/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/flagallowresourceidchanges.go deleted file mode 100644 index c05aa5b769..0000000000 --- a/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/flagallowresourceidchanges.go +++ /dev/null @@ -1,16 +0,0 @@ -// Copyright 2019 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package build - -import ( - "github.com/spf13/pflag" -) - -func AddFlagAllowResourceIdChanges(set *pflag.FlagSet) { - set.BoolVar( - &theFlags.enable.resourceIdChanges, - "allow-id-changes", - false, - `enable changes to a resourceId`) -} diff --git a/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/flagenablehelm.go b/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/flagenablehelm.go new file mode 100644 index 0000000000..1a328ce671 --- /dev/null +++ b/vendor/sigs.k8s.io/kustomize/kustomize/v4/commands/build/flagenablehelm.go @@ -0,0 +1,24 @@ +// Copyright 2021 The Kubernetes Authors. +// SPDX-License-Identifier: Apache-2.0 + +package build + +import ( + "github.com/spf13/pflag" +) + +// AddFlagEnableHelm adds the --enable-helm flag. +// The helm plugin is builtin, meaning it's +// enabled independently of --enable-alpha-plugins. +func AddFlagEnableHelm(set *pflag.FlagSet) { + set.BoolVar( + &theFlags.enable.helm, + "enable-helm", + false, + "Enable use of the Helm chart inflator generator.") + set.StringVar( + &theFlags.helmCommand, + "helm-command", + "helm", // default + "helm command (path to executable)") +} diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/filtersutil/doc.go b/vendor/sigs.k8s.io/kustomize/kyaml/filtersutil/doc.go deleted file mode 100644 index b5cb975fa2..0000000000 --- a/vendor/sigs.k8s.io/kustomize/kyaml/filtersutil/doc.go +++ /dev/null @@ -1,6 +0,0 @@ -// Copyright 2019 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -// Package filtersutil provides utilities for working with yaml.Filter and -// kio.Filter interfaces. -package filtersutil diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/filtersutil/filtersutil.go b/vendor/sigs.k8s.io/kustomize/kyaml/filtersutil/filtersutil.go deleted file mode 100644 index 80e4505ada..0000000000 --- a/vendor/sigs.k8s.io/kustomize/kyaml/filtersutil/filtersutil.go +++ /dev/null @@ -1,83 +0,0 @@ -// Copyright 2019 The Kubernetes Authors. -// SPDX-License-Identifier: Apache-2.0 - -package filtersutil - -import ( - "encoding/json" - - "sigs.k8s.io/kustomize/kyaml/errors" - "sigs.k8s.io/kustomize/kyaml/kio" - "sigs.k8s.io/kustomize/kyaml/yaml" -) - -// ApplyToJSON applies the filter to the json objects. -// -// ApplyToJSON marshals the objects into a slice of yaml.RNodes, runs -// the filter on the slice, and then unmarshals the values back. -// -// The filter must not create or delete objects because the objects -// are updated in place. -func ApplyToJSON(filter kio.Filter, objs ...marshalerUnmarshaler) error { - var nodes []*yaml.RNode - - // convert the json objects to rnodes - for i := range objs { - node, err := GetRNode(objs[i]) - if err != nil { - return err - } - nodes = append(nodes, node) - } - - // apply the filter - nodes, err := filter.Filter(nodes) - if err != nil { - return err - } - if len(nodes) != len(objs) { - return errors.Errorf("filter cannot create or delete objects") - } - - // convert the rnodes to json objects - for i := range nodes { - err = setRNode(objs[i], nodes[i]) - if err != nil { - return err - } - } - - return nil -} - -type marshalerUnmarshaler interface { - json.Unmarshaler - json.Marshaler -} - -// GetRNode converts k into an RNode -func GetRNode(k json.Marshaler) (*yaml.RNode, error) { - j, err := k.MarshalJSON() - if err != nil { - return nil, err - } - return yaml.Parse(string(j)) -} - -// setRNode marshals node into k -func setRNode(k json.Unmarshaler, node *yaml.RNode) error { - s, err := node.String() - if err != nil { - return err - } - m := map[string]interface{}{} - if err := yaml.Unmarshal([]byte(s), &m); err != nil { - return err - } - - b, err := json.Marshal(m) - if err != nil { - return err - } - return k.UnmarshalJSON(b) -} diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/kio/pkgio_reader.go b/vendor/sigs.k8s.io/kustomize/kyaml/kio/pkgio_reader.go index 2fb1758e2d..1dfec3c773 100644 --- a/vendor/sigs.k8s.io/kustomize/kyaml/kio/pkgio_reader.go +++ b/vendor/sigs.k8s.io/kustomize/kyaml/kio/pkgio_reader.go @@ -71,6 +71,10 @@ type LocalPackageReadWriter struct { NoDeleteFiles bool `yaml:"noDeleteFiles,omitempty"` files sets.String + + // FileSkipFunc is a function which returns true if reader should ignore + // the file + FileSkipFunc LocalPackageSkipFileFunc } func (r *LocalPackageReadWriter) Read() ([]*yaml.RNode, error) { @@ -81,6 +85,7 @@ func (r *LocalPackageReadWriter) Read() ([]*yaml.RNode, error) { ErrorIfNonResources: r.ErrorIfNonResources, SetAnnotations: r.SetAnnotations, PackageFileName: r.PackageFileName, + FileSkipFunc: r.FileSkipFunc, }.Read() if err != nil { return nil, errors.Wrap(err) @@ -133,6 +138,11 @@ func (r *LocalPackageReadWriter) getFiles(nodes []*yaml.RNode) (sets.String, err return val, nil } +// LocalPackageSkipFileFunc is a function which returns true if the file +// in the package should be ignored by reader. +// relPath is an OS specific relative path +type LocalPackageSkipFileFunc func(relPath string) bool + // LocalPackageReader reads ResourceNodes from a local package. type LocalPackageReader struct { Kind string `yaml:"kind,omitempty"` @@ -163,6 +173,10 @@ type LocalPackageReader struct { // SetAnnotations are annotations to set on the Resources as they are read. SetAnnotations map[string]string `yaml:"setAnnotations,omitempty"` + + // FileSkipFunc is a function which returns true if reader should ignore + // the file + FileSkipFunc LocalPackageSkipFileFunc } var _ Reader = LocalPackageReader{} @@ -215,24 +229,24 @@ func (r LocalPackageReader) Read() ([]*yaml.RNode, error) { if info.IsDir() { return r.shouldSkipDir(path, ignoreFilesMatcher) } - if match, err := r.shouldSkipFile(path, ignoreFilesMatcher); err != nil { + + // get the relative path to file within the package so we can write the files back out + // to another location. + relPath, err := filepath.Rel(pathRelativeTo, path) + if err != nil { + return errors.WrapPrefixf(err, pathRelativeTo) + } + if match, err := r.shouldSkipFile(path, relPath, ignoreFilesMatcher); err != nil { return err - } else if !match { + } else if match { // skip this file return nil } - // get the relative path to file within the package so we can write the files back out - // to another location. - path, err = filepath.Rel(pathRelativeTo, path) + r.initReaderAnnotations(relPath, info) + nodes, err := r.readFile(path, info) if err != nil { - return errors.WrapPrefixf(err, pathRelativeTo) - } - - r.initReaderAnnotations(path, info) - nodes, err := r.readFile(filepath.Join(pathRelativeTo, path), info) - if err != nil { - return errors.WrapPrefixf(err, filepath.Join(pathRelativeTo, path)) + return errors.WrapPrefixf(err, path) } operand = append(operand, nodes...) return nil @@ -258,21 +272,25 @@ func (r *LocalPackageReader) readFile(path string, _ os.FileInfo) ([]*yaml.RNode } // shouldSkipFile returns true if the file should be skipped -func (r *LocalPackageReader) shouldSkipFile(path string, matcher *ignoreFilesMatcher) (bool, error) { +func (r *LocalPackageReader) shouldSkipFile(path, relPath string, matcher *ignoreFilesMatcher) (bool, error) { // check if the file is covered by a .krmignore file. if matcher.matchFile(path) { - return false, nil + return true, nil + } + + if r.FileSkipFunc != nil && r.FileSkipFunc(relPath) { + return true, nil } // check if the files are in scope for _, g := range r.MatchFilesGlob { if match, err := filepath.Match(g, filepath.Base(path)); err != nil { - return false, errors.Wrap(err) + return true, errors.Wrap(err) } else if match { - return true, nil + return false, nil } } - return false, nil + return true, nil } // initReaderAnnotations adds the LocalPackageReader Annotations to r.SetAnnotations diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/openapi/Makefile b/vendor/sigs.k8s.io/kustomize/kyaml/openapi/Makefile index f5cd8dc677..945f1aa526 100644 --- a/vendor/sigs.k8s.io/kustomize/kyaml/openapi/Makefile +++ b/vendor/sigs.k8s.io/kustomize/kyaml/openapi/Makefile @@ -1,7 +1,10 @@ # Copyright 2020 The Kubernetes Authors. # SPDX-License-Identifier: Apache-2.0 -MYGOBIN := $(shell go env GOPATH)/bin +MYGOBIN = $(shell go env GOBIN) +ifeq ($(MYGOBIN),) +MYGOBIN = $(shell go env GOPATH)/bin +endif API_VERSION := "v1.19.1" .PHONY: all diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/openapi/openapi.go b/vendor/sigs.k8s.io/kustomize/kyaml/openapi/openapi.go index cfe18e469c..5b7857606b 100644 --- a/vendor/sigs.k8s.io/kustomize/kyaml/openapi/openapi.go +++ b/vendor/sigs.k8s.io/kustomize/kyaml/openapi/openapi.go @@ -44,10 +44,9 @@ type openapiData struct { // Kubernetes schema as part of the global schema noUseBuiltInSchema bool - // currentOpenAPIVersion stores the version if the kubernetes openapi data - // that is currently stored as the schema, so that we only reparse the - // schema when necessary (to speed up performance) - currentOpenAPIVersion string + // schemaInit stores whether or not we've parsed the schema already, + // so that we only reparse the when necessary (to speed up performance) + schemaInit bool } // ResourceSchema wraps the OpenAPI Schema. @@ -477,27 +476,28 @@ func GetSchemaVersion() string { // initSchema parses the json schema func initSchema() { + if globalSchema.schemaInit { + return + } + globalSchema.schemaInit = true + if customSchema != nil { - ResetOpenAPI() err := parse(customSchema) if err != nil { panic("invalid schema file") } - if err := parse(kustomizationapi.MustAsset(kustomizationAPIAssetName)); err != nil { + if err = parse(kustomizationapi.MustAsset(kustomizationAPIAssetName)); err != nil { // this should never happen panic(err) } return } - currentVersion := kubernetesOpenAPIVersion - if currentVersion == "" { - currentVersion = kubernetesOpenAPIDefaultVersion + if kubernetesOpenAPIVersion == "" { + parseBuiltinSchema(kubernetesOpenAPIDefaultVersion) + } else { + parseBuiltinSchema(kubernetesOpenAPIVersion) } - if globalSchema.currentOpenAPIVersion != currentVersion { - parseBuiltinSchema(currentVersion) - } - globalSchema.currentOpenAPIVersion = currentVersion } // parseBuiltinSchema calls parse to parse the json schemas diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/yaml/rnode.go b/vendor/sigs.k8s.io/kustomize/kyaml/yaml/rnode.go index 22e5d326ef..9b1b5ff1b1 100644 --- a/vendor/sigs.k8s.io/kustomize/kyaml/yaml/rnode.go +++ b/vendor/sigs.k8s.io/kustomize/kyaml/yaml/rnode.go @@ -8,6 +8,7 @@ import ( "fmt" "io/ioutil" "log" + "regexp" "strconv" "strings" @@ -336,6 +337,33 @@ func (rn *RNode) SetYNode(node *yaml.Node) { *rn.value = *node } +// GetKind returns the kind. +func (rn *RNode) GetKind() string { + node, err := rn.Pipe(FieldMatcher{Name: KindField}) + if err != nil { + return "" + } + return GetValue(node) +} + +// GetName returns the name. +func (rn *RNode) GetName() string { + f := rn.Field(MetadataField) + if f.IsNilOrEmpty() { + return "" + } + f = f.Value.Field(NameField) + if f.IsNilOrEmpty() { + return "" + } + return f.Value.YNode().Value +} + +// SetName sets the metadata name field. +func (rn *RNode) SetName(name string) error { + return rn.SetMapField(NewScalarRNode(name), MetadataField, NameField) +} + // GetNamespace gets the metadata namespace field. func (rn *RNode) GetNamespace() (string, error) { meta, err := rn.GetMeta() @@ -752,7 +780,7 @@ func (rn *RNode) GetValidatedMetadata() (ResourceMeta, error) { return m, nil } -// MatchesAnnotationSelector implements ifc.Kunstructured. +// MatchesAnnotationSelector returns true on a selector match to annotations. func (rn *RNode) MatchesAnnotationSelector(selector string) (bool, error) { s, err := labels.Parse(selector) if err != nil { @@ -765,7 +793,7 @@ func (rn *RNode) MatchesAnnotationSelector(selector string) (bool, error) { return s.Matches(labels.Set(slice)), nil } -// MatchesLabelSelector implements ifc.Kunstructured. +// MatchesLabelSelector returns true on a selector match to labels. func (rn *RNode) MatchesLabelSelector(selector string) (bool, error) { s, err := labels.Parse(selector) if err != nil { @@ -780,9 +808,8 @@ func (rn *RNode) MatchesLabelSelector(selector string) (bool, error) { // HasNilEntryInList returns true if the RNode contains a list which has // a nil item, along with the path to the missing item. -// TODO(broken): This was copied from -// api/k8sdeps/kunstruct/factory.go//checkListItemNil -// and doesn't do what it claims to do (see TODO in unit test and pr 1513). +// TODO(broken): This doesn't do what it claims to do. +// (see TODO in unit test and pr 1513). func (rn *RNode) HasNilEntryInList() (bool, string) { return hasNilEntryInList(rn.value) } @@ -859,3 +886,123 @@ func checkKey(key string, elems []*Node) bool { } return count == len(elems) } + +// Deprecated: use pipes instead. +// GetSlice returns the contents of the slice field at the given path. +func (rn *RNode) GetSlice(path string) ([]interface{}, error) { + value, err := rn.GetFieldValue(path) + if err != nil { + return nil, err + } + if sliceValue, ok := value.([]interface{}); ok { + return sliceValue, nil + } + return nil, fmt.Errorf("node %s is not a slice", path) +} + +// Deprecated: use pipes instead. +// GetString returns the contents of the string field at the given path. +func (rn *RNode) GetString(path string) (string, error) { + value, err := rn.GetFieldValue(path) + if err != nil { + return "", err + } + if v, ok := value.(string); ok { + return v, nil + } + return "", fmt.Errorf("node %s is not a string: %v", path, value) +} + +// Deprecated: use slash paths instead. +// GetFieldValue finds period delimited fields. +// TODO: When doing kustomize var replacement, which is likely a +// a primary use of this function and the reason it returns interface{} +// rather than string, we do conversion from Nodes to Go types and back +// to nodes. We should figure out how to do replacement using raw nodes, +// assuming we keep the var feature in kustomize. +// The other end of this is: refvar.go:updateNodeValue. +func (rn *RNode) GetFieldValue(path string) (interface{}, error) { + fields := convertSliceIndex(strings.Split(path, ".")) + rn, err := rn.Pipe(Lookup(fields...)) + if err != nil { + return nil, err + } + if rn == nil { + return nil, NoFieldError{path} + } + yn := rn.YNode() + + // If this is an alias node, resolve it + if yn.Kind == yaml.AliasNode { + yn = yn.Alias + } + + // Return value as map for DocumentNode and MappingNode kinds + if yn.Kind == yaml.DocumentNode || yn.Kind == yaml.MappingNode { + var result map[string]interface{} + if err := yn.Decode(&result); err != nil { + return nil, err + } + return result, err + } + + // Return value as slice for SequenceNode kind + if yn.Kind == yaml.SequenceNode { + var result []interface{} + if err := yn.Decode(&result); err != nil { + return nil, err + } + return result, nil + } + if yn.Kind != yaml.ScalarNode { + return nil, fmt.Errorf("expected ScalarNode, got Kind=%d", yn.Kind) + } + + switch yn.Tag { + case NodeTagString: + return yn.Value, nil + case NodeTagInt: + return strconv.Atoi(yn.Value) + case NodeTagFloat: + return strconv.ParseFloat(yn.Value, 64) + case NodeTagBool: + return strconv.ParseBool(yn.Value) + default: + // Possibly this should be an error or log. + return yn.Value, nil + } +} + +// convertSliceIndex traverses the items in `fields` and find +// if there is a slice index in the item and change it to a +// valid Lookup field path. For example, 'ports[0]' will be +// converted to 'ports' and '0'. +func convertSliceIndex(fields []string) []string { + var res []string + for _, s := range fields { + if !strings.HasSuffix(s, "]") { + res = append(res, s) + continue + } + re := regexp.MustCompile(`^(.*)\[(\d+)\]$`) + groups := re.FindStringSubmatch(s) + if len(groups) == 0 { + // no match, add to result + res = append(res, s) + continue + } + if groups[1] != "" { + res = append(res, groups[1]) + } + res = append(res, groups[2]) + } + return res +} + +type NoFieldError struct { + Field string +} + +func (e NoFieldError) Error() string { + return fmt.Sprintf("no field named '%s'", e.Field) +} diff --git a/vendor/sigs.k8s.io/kustomize/kyaml/yaml/walk/associative_sequence.go b/vendor/sigs.k8s.io/kustomize/kyaml/yaml/walk/associative_sequence.go index 3b6222a9a4..7657ebc0fa 100644 --- a/vendor/sigs.k8s.io/kustomize/kyaml/yaml/walk/associative_sequence.go +++ b/vendor/sigs.k8s.io/kustomize/kyaml/yaml/walk/associative_sequence.go @@ -53,14 +53,27 @@ func appendListNode(dst, src *yaml.RNode, keys []string) (*yaml.RNode, error) { v = append(v, valueNode.YNode().Value) } + // When there are multiple keys, ElementSetter appends the node to dst + // even if the output is already in dst. We remove the node from dst to + // prevent duplicates. + if len(keys) > 1 { + _, err = dst.Pipe(yaml.ElementSetter{ + Keys: keys, + Values: v, + }) + if err != nil { + return nil, err + } + } + // We use the key and value from elem to find the corresponding element in dst. // Then we will use ElementSetter to replace the element with elem. If we cannot + // find the item, the element will be appended. _, err = dst.Pipe(yaml.ElementSetter{ Element: elem, Keys: keys, Values: v, }) - if err != nil { return nil, err } @@ -97,6 +110,47 @@ func validateKeys(valuesList [][]string, values []string, keys []string) ([]stri return validKeys, validValues } +// mergeValues merges values together - e.g. if two containerPorts +// have the same port and targetPort but one has an empty protocol +// and the other doesn't, they are treated as the same containerPort +func mergeValues(valuesList [][]string) [][]string { + for i, values1 := range valuesList { + for j, values2 := range valuesList { + if matched, values := match(values1, values2); matched { + valuesList[i] = values + valuesList[j] = values + } + } + } + return valuesList +} + +// two values match if they have at least one common element and +// corresponding elements only differ if one is an empty string +func match(values1 []string, values2 []string) (bool, []string) { + if len(values1) != len(values2) { + return false, nil + } + var commonElement bool + var res []string + for i := range values1 { + if values1[i] == values2[i] { + commonElement = true + res = append(res, values1[i]) + continue + } + if values1[i] != "" && values2[i] != "" { + return false, nil + } + if values1[i] != "" { + res = append(res, values1[i]) + } else { + res = append(res, values2[i]) + } + } + return commonElement, res +} + // setAssociativeSequenceElements recursively set the elements in the list func (l *Walker) setAssociativeSequenceElements(valuesList [][]string, keys []string, dest *yaml.RNode) (*yaml.RNode, error) { // itemsToBeAdded contains the items that will be added to dest @@ -105,6 +159,9 @@ func (l *Walker) setAssociativeSequenceElements(valuesList [][]string, keys []st if l.Schema != nil { schema = l.Schema.Elements() } + if len(keys) > 1 { + valuesList = mergeValues(valuesList) + } // each element in valuesList is a list of values corresponding to the keys // for example, for the following yaml: @@ -114,12 +171,14 @@ func (l *Walker) setAssociativeSequenceElements(valuesList [][]string, keys []st // protocol: TCP // `keys` would be [containerPort, protocol] // and `valuesList` would be [ [8080, UDP], [8080, TCP] ] + var validKeys []string + var validValues []string for _, values := range valuesList { if len(values) == 0 { continue } - validKeys, validValues := validateKeys(valuesList, values, keys) + validKeys, validValues = validateKeys(valuesList, values, keys) val, err := Walker{ VisitKeysAsScalars: l.VisitKeysAsScalars, InferAssociativeLists: l.InferAssociativeLists, @@ -144,7 +203,7 @@ func (l *Walker) setAssociativeSequenceElements(valuesList [][]string, keys []st return nil, err } exit = true - } else if val.Field(key) == nil { + } else if val.Field(key) == nil && validValues[i] != "" { // make sure the key is set on the field _, err = val.Pipe(yaml.SetField(key, yaml.NewScalarRNode(validValues[i]))) if err != nil { @@ -162,7 +221,7 @@ func (l *Walker) setAssociativeSequenceElements(valuesList [][]string, keys []st _, err = itemsToBeAdded.Pipe(yaml.ElementSetter{ Element: val.YNode(), Keys: validKeys, - Values: values, + Values: validValues, }) if err != nil { return nil, err @@ -171,7 +230,6 @@ func (l *Walker) setAssociativeSequenceElements(valuesList [][]string, keys []st var err error if len(valuesList) > 0 { - validKeys, _ := validateKeys(valuesList, valuesList[0], keys) if l.MergeOptions.ListIncreaseDirection == yaml.MergeOptionsListPrepend { // items from patches are needed to be prepended. so we append the // dest to itemsToBeAdded @@ -314,6 +372,7 @@ func (l Walker) elementPrimitiveValues() [][]string { // fieldValue returns a slice containing each source's value for fieldName func (l Walker) elementValueList(keys []string, values []string) []*yaml.RNode { + keys, values = validateKeys([][]string{values}, values, keys) var fields []*yaml.RNode for i := range l.Sources { if l.Sources[i] == nil {