github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Move podsecuritypolicy registry to policy package.

pull/8/head
Slava Semushin 2018-04-13 16:06:52 +02:00
parent 8535ef60ed
commit ff636f25c0
15 changed files with 18 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/kube-apiserver/app/server.go
View File

@ -643,8 +643,7 @@ func BuildStorageFactory(s *options.ServerRunOptions, apiResourceConfig *servers
storageFactory.AddCohabitatingResources(apps.Resource("daemonsets"), extensions.Resource("daemonsets"))
storageFactory.AddCohabitatingResources(apps.Resource("replicasets"), extensions.Resource("replicasets"))
storageFactory.AddCohabitatingResources(api.Resource("events"), events.Resource("events"))
// TODO(#54933): 1.11: switch to using policy storage and flip the order here
storageFactory.AddCohabitatingResources(extensions.Resource("podsecuritypolicies"), policy.Resource("podsecuritypolicies"))
storageFactory.AddCohabitatingResources(policy.Resource("podsecuritypolicies"), extensions.Resource("podsecuritypolicies"))
for _, override := range s.Etcd.EtcdServersOverrides {
tokens := strings.Split(override, "#")
apiresource := strings.Split(tokens[0], "/")

2
hack/test-update-storage-objects.sh
View File

@ -110,7 +110,7 @@ examples/persistent-volume-provisioning/rbd/rbd-storage-class.yaml,storageclasse
)
KUBE_OLD_API_VERSION="networking.k8s.io/v1,storage.k8s.io/v1beta1,extensions/v1beta1"
KUBE_NEW_API_VERSION="networking.k8s.io/v1,storage.k8s.io/v1,extensions/v1beta1"
KUBE_NEW_API_VERSION="networking.k8s.io/v1,storage.k8s.io/v1,extensions/v1beta1,policy/v1beta1"
KUBE_OLD_STORAGE_VERSIONS="storage.k8s.io/v1beta1"
KUBE_NEW_STORAGE_VERSIONS="storage.k8s.io/v1"

2
pkg/registry/BUILD
View File

@ -70,11 +70,11 @@ filegroup(
"//pkg/registry/events/rest:all-srcs",
"//pkg/registry/extensions/controller/storage:all-srcs",
"//pkg/registry/extensions/ingress:all-srcs",
"//pkg/registry/extensions/podsecuritypolicy:all-srcs",
"//pkg/registry/extensions/rest:all-srcs",
"//pkg/registry/networking/networkpolicy:all-srcs",
"//pkg/registry/networking/rest:all-srcs",
"//pkg/registry/policy/poddisruptionbudget:all-srcs",
"//pkg/registry/policy/podsecuritypolicy:all-srcs",
"//pkg/registry/policy/rest:all-srcs",
"//pkg/registry/rbac:all-srcs",
"//pkg/registry/registrytest:all-srcs",

2
pkg/registry/extensions/rest/BUILD
View File

@ -17,8 +17,8 @@ go_library(
"//pkg/registry/apps/replicaset/storage:go_default_library",
"//pkg/registry/extensions/controller/storage:go_default_library",
"//pkg/registry/extensions/ingress/storage:go_default_library",
"//pkg/registry/extensions/podsecuritypolicy/storage:go_default_library",
"//pkg/registry/networking/networkpolicy/storage:go_default_library",
"//pkg/registry/policy/podsecuritypolicy/storage:go_default_library",
"//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
"//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
"//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",

6
pkg/registry/extensions/rest/storage_extensions.go
View File

@ -29,8 +29,8 @@ import (
replicasetstore "k8s.io/kubernetes/pkg/registry/apps/replicaset/storage"
expcontrollerstore "k8s.io/kubernetes/pkg/registry/extensions/controller/storage"
ingressstore "k8s.io/kubernetes/pkg/registry/extensions/ingress/storage"
pspstore "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage"
networkpolicystore "k8s.io/kubernetes/pkg/registry/networking/networkpolicy/storage"
pspstore "k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy/storage"
)
type RESTStorageProvider struct{}
@ -74,8 +74,8 @@ func (p RESTStorageProvider) v1beta1Storage(apiResourceConfigSource serverstorag
storage["ingresses/status"] = ingressStatusStorage
// podsecuritypolicy
podSecurityExtensionsStorage := pspstore.NewREST(restOptionsGetter)
storage["podSecurityPolicies"] = podSecurityExtensionsStorage
podSecurityPolicyStorage := pspstore.NewREST(restOptionsGetter)
storage["podSecurityPolicies"] = podSecurityPolicyStorage
// replicasets
replicaSetStorage := replicasetstore.NewStorage(restOptionsGetter)

4
pkg/registry/extensions/podsecuritypolicy/BUILD → pkg/registry/policy/podsecuritypolicy/BUILD
View File

@ -11,7 +11,7 @@ go_library(
"doc.go",
"strategy.go",
],
importpath = "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy",
importpath = "k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy",
deps = [
"//pkg/api/legacyscheme:go_default_library",
"//pkg/apis/policy:go_default_library",
@ -35,7 +35,7 @@ filegroup(
name = "all-srcs",
srcs = [
":package-srcs",
"//pkg/registry/extensions/podsecuritypolicy/storage:all-srcs",
"//pkg/registry/policy/podsecuritypolicy/storage:all-srcs",
],
tags = ["automanaged"],
)

2
pkg/registry/extensions/podsecuritypolicy/doc.go → pkg/registry/policy/podsecuritypolicy/doc.go
View File

@ -16,4 +16,4 @@ limitations under the License.
// Package podsecuritypolicy provides Registry interface and its REST
// implementation for storing PodSecurityPolicy api objects.
package podsecuritypolicy // import "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy"
package podsecuritypolicy // import "k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy"

5
pkg/registry/extensions/podsecuritypolicy/storage/BUILD → pkg/registry/policy/podsecuritypolicy/storage/BUILD
View File

@ -27,14 +27,13 @@ go_test(
go_library(
name = "go_default_library",
srcs = ["storage.go"],
importpath = "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage",
importpath = "k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy/storage",
deps = [
"//pkg/apis/policy:go_default_library",
"//pkg/printers:go_default_library",
"//pkg/printers/internalversion:go_default_library",
"//pkg/printers/storage:go_default_library",
"//pkg/registry/extensions/podsecuritypolicy:go_default_library",
"//vendor/k8s.io/api/extensions/v1beta1:go_default_library",
"//pkg/registry/policy/podsecuritypolicy:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
"//vendor/k8s.io/apiserver/pkg/registry/generic/registry:go_default_library",

5
pkg/registry/extensions/podsecuritypolicy/storage/storage.go → pkg/registry/policy/podsecuritypolicy/storage/storage.go
View File

@ -17,7 +17,6 @@ limitations under the License.
package storage
import (
extensions "k8s.io/api/extensions/v1beta1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apiserver/pkg/registry/generic"
genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
@ -25,7 +24,7 @@ import (
"k8s.io/kubernetes/pkg/printers"
printersinternal "k8s.io/kubernetes/pkg/printers/internalversion"
printerstorage "k8s.io/kubernetes/pkg/printers/storage"
"k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy"
"k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy"
)
// REST implements a RESTStorage for PodSecurityPolicies.
@ -38,7 +37,7 @@ func NewREST(optsGetter generic.RESTOptionsGetter) *REST {
store := &genericregistry.Store{
NewFunc: func() runtime.Object { return &policy.PodSecurityPolicy{} },
NewListFunc: func() runtime.Object { return &policy.PodSecurityPolicyList{} },
DefaultQualifiedResource: extensions.Resource("podsecuritypolicies"),
DefaultQualifiedResource: policy.Resource("podsecuritypolicies"),
CreateStrategy: podsecuritypolicy.Strategy,
UpdateStrategy: podsecuritypolicy.Strategy,

0
pkg/registry/extensions/podsecuritypolicy/storage/storage_test.go → pkg/registry/policy/podsecuritypolicy/storage/storage_test.go
View File

0
pkg/registry/extensions/podsecuritypolicy/strategy.go → pkg/registry/policy/podsecuritypolicy/strategy.go
View File

2
pkg/registry/policy/rest/BUILD
View File

@ -12,8 +12,8 @@ go_library(
deps = [
"//pkg/api/legacyscheme:go_default_library",
"//pkg/apis/policy:go_default_library",
"//pkg/registry/extensions/podsecuritypolicy/storage:go_default_library",
"//pkg/registry/policy/poddisruptionbudget/storage:go_default_library",
"//pkg/registry/policy/podsecuritypolicy/storage:go_default_library",
"//vendor/k8s.io/api/policy/v1beta1:go_default_library",
"//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
"//vendor/k8s.io/apiserver/pkg/registry/rest:go_default_library",

2
pkg/registry/policy/rest/storage_policy.go
View File

@ -24,8 +24,8 @@ import (
serverstorage "k8s.io/apiserver/pkg/server/storage"
"k8s.io/kubernetes/pkg/api/legacyscheme"
"k8s.io/kubernetes/pkg/apis/policy"
pspstore "k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage"
poddisruptionbudgetstore "k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage"
pspstore "k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy/storage"
)
type RESTStorageProvider struct{}

2
test/integration/etcd/etcd_storage_path_test.go
View File

@ -262,6 +262,7 @@ var etcdStorageData = map[schema.GroupVersionResource]struct {
gvr("extensions", "v1beta1", "podsecuritypolicies"): {
stub: `{"metadata": {"name": "psp1"}, "spec": {"fsGroup": {"rule": "RunAsAny"}, "privileged": true, "runAsUser": {"rule": "RunAsAny"}, "seLinux": {"rule": "MustRunAs"}, "supplementalGroups": {"rule": "RunAsAny"}}}`,
expectedEtcdPath: "/registry/podsecuritypolicy/psp1",
expectedGVK: gvkP("policy", "v1beta1", "PodSecurityPolicy"),
},
gvr("extensions", "v1beta1", "ingresses"): {
stub: `{"metadata": {"name": "ingress1"}, "spec": {"backend": {"serviceName": "service", "servicePort": 5000}}}`,
@ -299,7 +300,6 @@ var etcdStorageData = map[schema.GroupVersionResource]struct {
gvr("policy", "v1beta1", "podsecuritypolicies"): {
stub: `{"metadata": {"name": "psp2"}, "spec": {"fsGroup": {"rule": "RunAsAny"}, "privileged": true, "runAsUser": {"rule": "RunAsAny"}, "seLinux": {"rule": "MustRunAs"}, "supplementalGroups": {"rule": "RunAsAny"}}}`,
expectedEtcdPath: "/registry/podsecuritypolicy/psp2",
expectedGVK: gvkP("extensions", "v1beta1", "PodSecurityPolicy"),
},
// --

2
test/test_owners.csv
View File

@ -749,12 +749,12 @@ k8s.io/kubernetes/pkg/registry/extensions/deployment,dchen1107,1,
k8s.io/kubernetes/pkg/registry/extensions/deployment/storage,timothysc,1,
k8s.io/kubernetes/pkg/registry/extensions/ingress,apelisse,1,
k8s.io/kubernetes/pkg/registry/extensions/ingress/storage,luxas,1,
k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage,dchen1107,1,
k8s.io/kubernetes/pkg/registry/extensions/replicaset,rrati,0,
k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage,wojtek-t,1,
k8s.io/kubernetes/pkg/registry/extensions/rest,rrati,0,
k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget,Q-Lee,1,
k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage,dchen1107,1,
k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy/storage,dchen1107,1,
k8s.io/kubernetes/pkg/registry/rbac/reconciliation,roberthbailey,1,
k8s.io/kubernetes/pkg/registry/rbac/validation,rkouj,0,
k8s.io/kubernetes/pkg/registry/storage/storageclass,brendandburns,1,

1 name owner auto-assigned sig
749 k8s.io/kubernetes/pkg/registry/extensions/deployment/storage timothysc 1
750 k8s.io/kubernetes/pkg/registry/extensions/ingress apelisse 1
751 k8s.io/kubernetes/pkg/registry/extensions/ingress/storage luxas 1
k8s.io/kubernetes/pkg/registry/extensions/podsecuritypolicy/storage dchen1107 1
752 k8s.io/kubernetes/pkg/registry/extensions/replicaset rrati 0
753 k8s.io/kubernetes/pkg/registry/extensions/replicaset/storage wojtek-t 1
754 k8s.io/kubernetes/pkg/registry/extensions/rest rrati 0
755 k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget Q-Lee 1
756 k8s.io/kubernetes/pkg/registry/policy/poddisruptionbudget/storage dchen1107 1
757 k8s.io/kubernetes/pkg/registry/policy/podsecuritypolicy/storage dchen1107 1
758 k8s.io/kubernetes/pkg/registry/rbac/reconciliation roberthbailey 1
759 k8s.io/kubernetes/pkg/registry/rbac/validation rkouj 0
760 k8s.io/kubernetes/pkg/registry/storage/storageclass brendandburns 1