From ae01550bab72335b5afe6212be8f22740d029fb1 Mon Sep 17 00:00:00 2001 From: Chin-Ya Huang Date: Thu, 21 Sep 2023 09:28:58 +0800 Subject: [PATCH] vendor: fix CVE-2022-43756 ref: longhorn/security(15) Signed-off-by: Chin-Ya Huang (cherry picked from commit ac2c7f3d188b4c4640b08a3ea5a3f2c61938d3c7) --- go.mod | 8 +- go.sum | 45 +------ .../rancher/lasso/pkg/cache/cache.go | 23 +++- .../rancher/lasso/pkg/cache/healthcheck.go | 3 + .../lasso/pkg/cache/sharedinformerfactory.go | 3 +- .../rancher/lasso/pkg/client/client.go | 23 ++++ .../lasso/pkg/client/sharedclientfactory.go | 6 +- .../rancher/lasso/pkg/client/useragent.go | 63 ++++++++++ .../lasso/pkg/controller/controller.go | 22 +++- .../lasso/pkg/controller/sharedcontroller.go | 4 + .../pkg/controller/sharedcontrollerfactory.go | 53 ++++++-- .../lasso/pkg/controller/sharedhandler.go | 13 +- .../rancher/lasso/pkg/controller/useragent.go | 68 +++++++++++ .../rancher/lasso/pkg/dynamic/controller.go | 14 ++- .../github.com/rancher/lasso/pkg/log/log.go | 3 + .../rancher/lasso/pkg/metrics/metrics.go | 86 +++++++++++++ .../rancher/lasso/pkg/metrics/register.go | 31 +++++ .../rancher/lasso/pkg/metrics/workqueue.go | 114 ++++++++++++++++++ .../rancher/wrangler/pkg/apply/apply.go | 2 +- .../rancher/wrangler/pkg/apply/desiredset.go | 1 - .../wrangler/pkg/apply/desiredset_apply.go | 2 +- .../rancher/wrangler/pkg/apply/reconcilers.go | 26 ++-- .../wrangler/pkg/condition/condition.go | 4 +- .../wrangler/pkg/data/convert/convert.go | 5 +- .../admissionregistration.k8s.io/factory.go | 5 + .../apiextensions.k8s.io/factory.go | 5 + .../apiregistration.k8s.io/factory.go | 5 + .../pkg/generated/controllers/apps/factory.go | 5 + .../generated/controllers/batch/factory.go | 5 + .../pkg/generated/controllers/core/factory.go | 5 + .../pkg/generated/controllers/rbac/factory.go | 5 + .../rancher/wrangler/pkg/generic/factory.go | 2 +- .../rancher/wrangler/pkg/webhook/match.go | 92 ++++++++++---- .../rancher/wrangler/pkg/webhook/router.go | 31 ++++- vendor/modules.txt | 13 +- 35 files changed, 686 insertions(+), 109 deletions(-) create mode 100644 vendor/github.com/rancher/lasso/pkg/client/useragent.go create mode 100644 vendor/github.com/rancher/lasso/pkg/controller/useragent.go create mode 100644 vendor/github.com/rancher/lasso/pkg/metrics/metrics.go create mode 100644 vendor/github.com/rancher/lasso/pkg/metrics/register.go create mode 100644 vendor/github.com/rancher/lasso/pkg/metrics/workqueue.go diff --git a/go.mod b/go.mod index 4ca2558377..749ad763eb 100644 --- a/go.mod +++ b/go.mod @@ -55,7 +55,7 @@ require ( github.com/prometheus/client_golang v1.15.0 github.com/rancher/dynamiclistener v0.3.1 github.com/rancher/go-rancher v0.1.1-0.20220412083059-ff12399dd57b - github.com/rancher/wrangler v1.0.0 + github.com/rancher/wrangler v1.1.1 github.com/robfig/cron v1.2.0 github.com/sirupsen/logrus v1.9.0 github.com/stretchr/testify v1.8.2 @@ -68,7 +68,7 @@ require ( gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.27.1 - k8s.io/apiextensions-apiserver v0.24.0 + k8s.io/apiextensions-apiserver v0.25.4 k8s.io/apimachinery v0.27.1 k8s.io/cli-runtime v0.27.1 k8s.io/client-go v0.27.1 @@ -149,7 +149,7 @@ require ( github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect - github.com/rancher/lasso v0.0.0-20211217013041-3c6118a30611 + github.com/rancher/lasso v0.0.0-20221227210133-6ea88ca2fbcc github.com/robfig/cron/v3 v3.0.1 // indirect github.com/rogpeppe/go-internal v1.10.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect @@ -192,7 +192,7 @@ require ( k8s.io/klog v1.0.0 // indirect k8s.io/klog/v2 v2.100.1 // indirect k8s.io/kms v0.27.1 // indirect - k8s.io/kube-aggregator v0.24.0 // indirect + k8s.io/kube-aggregator v0.25.4 // indirect k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a // indirect k8s.io/kubelet v0.0.0 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1 // indirect diff --git a/go.sum b/go.sum index ff0bc687ae..e24d05f7eb 100644 --- a/go.sum +++ b/go.sum @@ -100,7 +100,6 @@ github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edY github.com/bits-and-blooms/bitset v1.7.0 h1:YjAGVd3XmtK9ktAbX8Zg2g2PwLIMjGREZJHlV4j7NEo= github.com/bits-and-blooms/bitset v1.7.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA= github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= -github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/c9s/goprocinfo v0.0.0-20170724085704-0010a05ce49f/go.mod h1:uEyr4WpAH4hio6LFriaPkL938XnrvLpNPmQHBdrmbIE= @@ -172,7 +171,6 @@ github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3 github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustmop/soup v1.1.2-0.20190516214245-38228baa104e/go.mod h1:CgNC6SGbT+Xb8wGGvzilttZL1mc5sQ/5KkcxsZttMIk= -github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= @@ -315,6 +313,7 @@ github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.0.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -400,7 +399,6 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU= -github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8= github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= @@ -479,7 +477,6 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= @@ -516,7 +513,6 @@ github.com/longhorn/longhorn-spdk-engine v0.0.0-20230802040621-1fda4c2a0100/go.m github.com/longhorn/nsfilelock v0.0.0-20200723175406-fa7c83ad0003/go.mod h1:0CLeXlf59Lg6C0kjLSDf47ft73Dh37CwymYRKWwAn04= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -571,7 +567,6 @@ github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+ github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.4.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -589,14 +584,12 @@ github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJ github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxmrTcxyk= github.com/onsi/ginkgo/v2 v2.9.1 h1:zie5Ly042PD3bsCvsSOPvRnFwyo3rKe64TJlD6nu0mk= github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= -github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.3.0/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.8.1/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= -github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo= @@ -618,7 +611,6 @@ github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FI github.com/paulmach/orb v0.1.3/go.mod h1:VFlX/8C+IQ1p6FTRRKzKoOPJnvEtA5G0Veuqwbu//Vk= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pierrec/lz4/v4 v4.1.17 h1:kV4Ip+/hUBC+8T6+2EgburRtkE9ef4nbY3f4dFhGjMc= github.com/pierrec/lz4/v4 v4.1.17/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= @@ -627,7 +619,6 @@ github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= @@ -676,11 +667,11 @@ github.com/rancher/dynamiclistener v0.3.1/go.mod h1:k+C1+rfUr5SlIyEQnDxSpu0NaBlm github.com/rancher/go-rancher v0.1.1-0.20220412083059-ff12399dd57b h1:so40GMVZOZkQeIbAzaZRq6wDrMErvRLuXNsGTRZUpg8= github.com/rancher/go-rancher v0.1.1-0.20220412083059-ff12399dd57b/go.mod h1:7oQvGNiJsGvrUgB+7AH8bmdzuR0uhULfwKb43Ht0hUk= github.com/rancher/lasso v0.0.0-20210616224652-fc3ebd901c08/go.mod h1:9qZd/S8DqWzfKtjKGgSoHqGEByYmUE3qRaBaaAHwfEM= -github.com/rancher/lasso v0.0.0-20211217013041-3c6118a30611 h1:JZIc0g9A1blYZUBIk6nIqja0ZhtddvmeDXbB8i6vkGM= -github.com/rancher/lasso v0.0.0-20211217013041-3c6118a30611/go.mod h1:9qZd/S8DqWzfKtjKGgSoHqGEByYmUE3qRaBaaAHwfEM= +github.com/rancher/lasso v0.0.0-20221227210133-6ea88ca2fbcc h1:29VHrInLV4qSevvcvhBj5UhQWkPShxrxv4AahYg2Scw= +github.com/rancher/lasso v0.0.0-20221227210133-6ea88ca2fbcc/go.mod h1:dEfC9eFQigj95lv/JQ8K5e7+qQCacWs1aIA6nLxKzT8= github.com/rancher/wrangler v0.8.9/go.mod h1:Lte9WjPtGYxYacIWeiS9qawvu2R4NujFU9xuXWJvc/0= -github.com/rancher/wrangler v1.0.0 h1:K+GHMhkpgcGIfYgOX9RKdEEiM8o3WjFpI2U0ljxy+bg= -github.com/rancher/wrangler v1.0.0/go.mod h1:TR0R07P5oU6T2bO+6eOX0jcFvKy+zoDd6u+PZ2mHJKg= +github.com/rancher/wrangler v1.1.1 h1:wmqUwqc2M7ADfXnBCJTFkTB5ZREWpD78rnZMzmxwMvM= +github.com/rancher/wrangler v1.1.1/go.mod h1:ioVbKupzcBOdzsl55MvEDN0R1wdGggj8iNCYGFI5JvM= github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ= github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= @@ -717,26 +708,19 @@ github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/afero v1.6.0 h1:xoax2sJ2DT8S8xA2paPFjDCScCNeWsg75VG0DLRreiY= -github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.5.1 h1:VHu76Lk0LSP1x254maIu2bplkWpfBWI+B+6fdoZprcg= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= -github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI= github.com/spf13/cobra v1.6.0/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= -github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= -github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= -github.com/spyzhov/ajson v0.4.2/go.mod h1:63V+CGM6f1Bu/p4nLIN8885ojBdt88TbLoSFzyqMuVA= github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -783,13 +767,10 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= -go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/api/v3 v3.5.7 h1:sbcmosSVesNrWOJ58ZQFitHMdncusIifYcrBfwrlJSY= go.etcd.io/etcd/api/v3 v3.5.7/go.mod h1:9qew1gCdDDLu+VwmeG+iFpL+QlpHTo7iubavdVDgCAA= -go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/pkg/v3 v3.5.7 h1:y3kf5Gbp4e4q7egZdn5T7W9TSHUvkClN6u+Rq9mEOmg= go.etcd.io/etcd/client/pkg/v3 v3.5.7/go.mod h1:o0Abi1MK86iad3YrWhgUsbGx1pmTS+hrORWc2CamuhY= -go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= go.etcd.io/etcd/client/v2 v2.305.7 h1:AELPkjNR3/igjbO7CjyF1fPuVPjrblliiKj+Y6xSGOU= go.etcd.io/etcd/client/v2 v2.305.7/go.mod h1:GQGT5Z3TBuAQGvgPfhR7VPySu/SudxmEkRq9BgzFU6s= go.etcd.io/etcd/client/v3 v3.5.7 h1:u/OhpiuCgYY8awOHlhIhmGIGpxfBU/GZBUP3m/3/Iz4= @@ -868,12 +849,10 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220408190544-5352b0902921/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= @@ -1000,7 +979,6 @@ golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= @@ -1212,7 +1190,6 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.10-0.20220218145154-897bd77cd717/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.11-0.20220316014157-77aa08bb151a/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= @@ -1249,7 +1226,6 @@ google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34q google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= @@ -1394,7 +1370,6 @@ gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMy gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= @@ -1449,16 +1424,13 @@ k8s.io/component-helpers v0.27.1/go.mod h1:oOpwSYW1AdL+pU7abHADwX1ZcJl+5c8mnIkvo k8s.io/controller-manager v0.27.1 h1:+4OGWAzg4JVLEauPSmyQFIfrYrYQoUsC4MbHmRuPaFU= k8s.io/controller-manager v0.27.1/go.mod h1:oe9vKl0RPiedlCXmeVbhkDV2yX8r7C4K/B8OGaKdYtY= k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.10.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= @@ -1467,7 +1439,6 @@ k8s.io/kms v0.27.1 h1:JTSQbJb+mcobScQwF0bOmZhIwP17k8GvBsiLlA6SQqw= k8s.io/kms v0.27.1/go.mod h1:VuTsw0uHlSycKLCkypCGxfFCjLfzf/5YMeATECd/zJA= k8s.io/kube-aggregator v0.27.1 h1:NYgl5PDV/oX1yqAZIkRnb+KtW+eLykzc6hHg81ECgiI= k8s.io/kube-aggregator v0.27.1/go.mod h1:S1YUIr4mU0MjKm6kg2fUyIKK5fWgwoHFMgNjlI5JFpM= -k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20230109183929-3758b55a6596/go.mod h1:/BYxry62FuDzmI+i9B+X2pqfySRmSOW2ARmj5Zbqhj0= k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a h1:gmovKNur38vgoWfGtP5QOGNOA7ki4n6qNYoFAgMlNvg= k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a/go.mod h1:y5VtZWM9sHHc2ZodIH/6SHzXj+TPU5USoA8lcIeKEKY= @@ -1484,7 +1455,6 @@ k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= @@ -1495,7 +1465,6 @@ rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1 h1:MB1zkK+WMOmfLxEpjr1wEmkpcIhZC7kfTkZ0stg5bog= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1/go.mod h1:/4NLd21PQY0B+H+X0aDZdwUiVXYJQl/2NXA5KVtDiP4= sigs.k8s.io/cli-utils v0.16.0/go.mod h1:9Jqm9K2W6ShhCxsEuaz6HSRKKOXigPUx3ZfypGgxBLY= -sigs.k8s.io/cli-utils v0.27.0/go.mod h1:8ll2fyx+bzjbwmwUnKBQU+2LDbMDsxy44DiDZ+drALg= sigs.k8s.io/controller-runtime v0.4.0/go.mod h1:ApC79lpY3PHW9xj/w9pj+lYkLgwAAUZwfXkME1Lajns= sigs.k8s.io/controller-runtime v0.10.1 h1:+eLHgY/VrJWnfg6iXUqhCUqNXgPH1NZeP9drNAAgWlg= sigs.k8s.io/controller-runtime v0.10.1/go.mod h1:CQp8eyUQZ/Q7PJvnIrB6/hgfTC1kBkGylwsLgOQi1WY= @@ -1505,9 +1474,7 @@ sigs.k8s.io/kustomize/api v0.13.2/go.mod h1:DUp325VVMFVcQSq+ZxyDisA8wtldwHxLZbr1 sigs.k8s.io/kustomize/cmd/config v0.11.1/go.mod h1:z1I4ubecg4py5Jn4+04p4A/vmnqUjxjxDCEyYEjQu/0= sigs.k8s.io/kustomize/kustomize/v5 v5.0.1/go.mod h1:Q8o+soB41Pn1y26eXzG9cniuECDpTJe2eKOA1fENCU8= sigs.k8s.io/kustomize/kyaml v0.4.0/go.mod h1:XJL84E6sOFeNrQ7CADiemc1B0EjIxHo3OhW4o1aJYNw= -sigs.k8s.io/kustomize/kyaml v0.12.0/go.mod h1:FTJxEZ86ScK184NpGSAQcfEqee0nul8oLCK30D47m4E= sigs.k8s.io/kustomize/kyaml v0.14.1/go.mod h1:AN1/IpawKilWD7V+YvQwRGUvuUOOWpjsHu6uHwonSF4= -sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/testing_frameworks v0.1.2/go.mod h1:ToQrwSC3s8Xf/lADdZp3Mktcql9CG0UAmdJG9th5i0w= diff --git a/vendor/github.com/rancher/lasso/pkg/cache/cache.go b/vendor/github.com/rancher/lasso/pkg/cache/cache.go index a69239a65a..de68094aa2 100644 --- a/vendor/github.com/rancher/lasso/pkg/cache/cache.go +++ b/vendor/github.com/rancher/lasso/pkg/cache/cache.go @@ -3,15 +3,23 @@ package cache import ( "context" "fmt" + "os" + "strconv" "time" "github.com/rancher/lasso/pkg/client" + "github.com/rancher/lasso/pkg/log" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/tools/cache" ) +const ( + // in minutes + resyncDefault = 600 +) + type Options struct { Namespace string Resync time.Duration @@ -53,7 +61,7 @@ func applyDefaultCacheOptions(opts *Options) *Options { newOpts = *opts } if newOpts.Resync == 0 { - newOpts.Resync = 10 * time.Hour + newOpts.Resync = getDefaultResyncInterval() } if newOpts.TweakList == nil { newOpts.TweakList = func(*metav1.ListOptions) {} @@ -61,6 +69,19 @@ func applyDefaultCacheOptions(opts *Options) *Options { return &newOpts } +func getDefaultResyncInterval() time.Duration { + cattleResyncDefaultFromEnv := os.Getenv("CATTLE_RESYNC_DEFAULT") + if cattleResyncDefaultFromEnv == "" { + return resyncDefault * time.Minute + } + resyncDefaultFromEnv, err := strconv.Atoi(cattleResyncDefaultFromEnv) + if err != nil { + log.Errorf("Lasso: Unable to use resync interval value [%s] from CATTLE_RESYNC_DEFAULT environment variable. Using default [%d].", cattleResyncDefaultFromEnv, resyncDefault) + return resyncDefault * time.Minute + } + return time.Duration(resyncDefaultFromEnv) * time.Minute +} + type deferredCache struct { cache.SharedIndexInformer deferredListWatcher *deferredListWatcher diff --git a/vendor/github.com/rancher/lasso/pkg/cache/healthcheck.go b/vendor/github.com/rancher/lasso/pkg/cache/healthcheck.go index 8d667ed8bc..ac3c8ce49c 100644 --- a/vendor/github.com/rancher/lasso/pkg/cache/healthcheck.go +++ b/vendor/github.com/rancher/lasso/pkg/cache/healthcheck.go @@ -21,6 +21,9 @@ type healthcheck struct { func (h *healthcheck) ping(ctx context.Context) bool { ctx, cancel := context.WithTimeout(ctx, defaultTimeout) defer cancel() + if h.cf == nil { + return false + } return h.cf.IsHealthy(ctx) } diff --git a/vendor/github.com/rancher/lasso/pkg/cache/sharedinformerfactory.go b/vendor/github.com/rancher/lasso/pkg/cache/sharedinformerfactory.go index 196daace3f..36294840d2 100644 --- a/vendor/github.com/rancher/lasso/pkg/cache/sharedinformerfactory.go +++ b/vendor/github.com/rancher/lasso/pkg/cache/sharedinformerfactory.go @@ -6,7 +6,7 @@ import ( "time" "github.com/rancher/lasso/pkg/client" - + "github.com/rancher/lasso/pkg/metrics" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" @@ -116,6 +116,7 @@ func (f *sharedCacheFactory) WaitForCacheSync(ctx context.Context) map[schema.Gr informers := map[schema.GroupVersionKind]cache.SharedIndexInformer{} for informerType, informer := range f.caches { + metrics.IncTotalCachedObjects(informerType.Group, informerType.Version, informerType.Kind, float64(len(informer.GetStore().List()))) if f.startedCaches[informerType] { informers[informerType] = informer } diff --git a/vendor/github.com/rancher/lasso/pkg/client/client.go b/vendor/github.com/rancher/lasso/pkg/client/client.go index 8d1d7b5e5f..9e9d796648 100644 --- a/vendor/github.com/rancher/lasso/pkg/client/client.go +++ b/vendor/github.com/rancher/lasso/pkg/client/client.go @@ -1,7 +1,13 @@ +/* +Package client provides a client that can be configured to point to a kubernetes cluster's kube-api and creates requests +for a specified kubernetes resource. Package client also contains functions for a sharedclientfactory which manages the +multiple clients needed to interact with multiple kubernetes resource types. +*/ package client import ( "context" + "fmt" "time" "k8s.io/apimachinery/pkg/api/meta" @@ -14,7 +20,10 @@ import ( ) type Client struct { + // Default RESTClient RESTClient rest.Interface + // Config that can be used to build a RESTClient with custom options + Config rest.Config timeout time.Duration Namespaced bool GVR schema.GroupVersionResource @@ -38,6 +47,20 @@ func IsNamespaced(gvr schema.GroupVersionResource, mapper meta.RESTMapper) (bool return mapping.Scope.Name() == meta.RESTScopeNameNamespace, nil } +// WithAgent attempts to return a copy of the Client but +// with a new restClient created with the passed in userAgent. +func (c *Client) WithAgent(userAgent string) (*Client, error) { + client := *c + config := c.Config + config.UserAgent = userAgent + restClient, err := rest.UnversionedRESTClientFor(&config) + if err != nil { + return nil, fmt.Errorf("failed to created restClient with userAgent [%s]: %w", userAgent, err) + } + client.RESTClient = restClient + return &client, nil +} + func NewClient(gvr schema.GroupVersionResource, kind string, namespaced bool, client rest.Interface, defaultTimeout time.Duration) *Client { var ( prefix []string diff --git a/vendor/github.com/rancher/lasso/pkg/client/sharedclientfactory.go b/vendor/github.com/rancher/lasso/pkg/client/sharedclientfactory.go index 9cea4507a1..9477399bb2 100644 --- a/vendor/github.com/rancher/lasso/pkg/client/sharedclientfactory.go +++ b/vendor/github.com/rancher/lasso/pkg/client/sharedclientfactory.go @@ -40,6 +40,7 @@ type sharedClientFactory struct { clients map[schema.GroupVersionResource]*Client timeout time.Duration rest rest.Interface + config *rest.Config Mapper meta.RESTMapper Scheme *runtime.Scheme @@ -72,6 +73,7 @@ func NewSharedClientFactory(config *rest.Config, opts *SharedClientFactoryOption Scheme: opts.Scheme, Mapper: opts.Mapper, rest: rest, + config: config, discovery: discovery, }, nil } @@ -188,7 +190,9 @@ func (s *sharedClientFactory) ForResourceKind(gvr schema.GroupVersionResource, k } client = NewClient(gvr, kind, namespaced, s.rest, s.timeout) - + if s.config != nil { + client.Config = *s.config + } s.clients[gvr] = client return client } diff --git a/vendor/github.com/rancher/lasso/pkg/client/useragent.go b/vendor/github.com/rancher/lasso/pkg/client/useragent.go new file mode 100644 index 0000000000..930427dac2 --- /dev/null +++ b/vendor/github.com/rancher/lasso/pkg/client/useragent.go @@ -0,0 +1,63 @@ +package client + +import ( + "fmt" + + "github.com/rancher/lasso/pkg/log" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +type sharedClientFactoryWithAgent struct { + SharedClientFactory + + userAgent string +} + +// NewSharedClientFactoryWithAgent returns a sharedClientFactory that is equivalent to client factory with the addition +// that it will augment returned clients from ForKind, ForResource, and ForResourceKind with the passed user agent. +func NewSharedClientFactoryWithAgent(userAgent string, clientFactory SharedClientFactory) SharedClientFactory { + return &sharedClientFactoryWithAgent{ + SharedClientFactory: clientFactory, + userAgent: userAgent, + } +} + +func (s *sharedClientFactoryWithAgent) ForKind(gvk schema.GroupVersionKind) (*Client, error) { + client, err := s.SharedClientFactory.ForKind(gvk) + if err != nil { + return client, err + } + + if client == nil { + return client, nil + } + + return client.WithAgent(s.userAgent) +} + +func (s *sharedClientFactoryWithAgent) ForResource(gvr schema.GroupVersionResource, namespaced bool) (*Client, error) { + client, err := s.SharedClientFactory.ForResource(gvr, namespaced) + if err != nil { + return client, err + } + + if client == nil { + return client, nil + } + + return client.WithAgent(s.userAgent) +} + +func (s *sharedClientFactoryWithAgent) ForResourceKind(gvr schema.GroupVersionResource, kind string, namespaced bool) *Client { + client := s.SharedClientFactory.ForResourceKind(gvr, kind, namespaced) + + if client == nil { + return client + } + + clientWithAgent, err := client.WithAgent(s.userAgent) + if err != nil { + log.Debugf(fmt.Sprintf("Failed to return client with agent [%s]: %v", s.userAgent, err)) + } + return clientWithAgent +} diff --git a/vendor/github.com/rancher/lasso/pkg/controller/controller.go b/vendor/github.com/rancher/lasso/pkg/controller/controller.go index 597f1c486a..5d8932b843 100644 --- a/vendor/github.com/rancher/lasso/pkg/controller/controller.go +++ b/vendor/github.com/rancher/lasso/pkg/controller/controller.go @@ -1,3 +1,7 @@ +/* +Package controller contains interfaces, structs, and functions that can be used to create shared controllers for +managing clients, caches, and handlers for multiple types aka GroupVersionKinds. +*/ package controller import ( @@ -8,6 +12,7 @@ import ( "time" "github.com/rancher/lasso/pkg/log" + "github.com/rancher/lasso/pkg/metrics" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" @@ -23,6 +28,10 @@ type Handler interface { OnChange(key string, obj runtime.Object) error } +type ResourceVersionGetter interface { + GetResourceVersion() string +} + type HandlerFunc func(key string, obj runtime.Object) error func (h HandlerFunc) OnChange(key string, obj runtime.Object) error { @@ -57,7 +66,8 @@ type startKey struct { } type Options struct { - RateLimiter workqueue.RateLimiter + RateLimiter workqueue.RateLimiter + SyncOnlyChangedObjects bool } func New(name string, informer cache.SharedIndexInformer, startCache func(context.Context) error, handler Handler, opts *Options) Controller { @@ -74,7 +84,11 @@ func New(name string, informer cache.SharedIndexInformer, startCache func(contex informer.AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: controller.handleObject, UpdateFunc: func(old, new interface{}) { - controller.handleObject(new) + if !opts.SyncOnlyChangedObjects || old.(ResourceVersionGetter).GetResourceVersion() != new.(ResourceVersionGetter).GetResourceVersion() { + // If syncOnlyChangedObjects is disabled, objects will be handled regardless of whether an update actually took place. + // Otherwise, objects will only be handled if they have changed + controller.handleObject(new) + } }, DeleteFunc: controller.handleObject, }) @@ -135,6 +149,9 @@ func (c *controller) run(workers int, stopCh <-chan struct{}) { } <-stopCh + c.startLock.Lock() + defer c.startLock.Unlock() + c.started = false log.Infof("Shutting down %s workers", c.name) } @@ -206,6 +223,7 @@ func (c *controller) processSingleItem(obj interface{}) error { func (c *controller) syncHandler(key string) error { obj, exists, err := c.informer.GetStore().GetByKey(key) if err != nil { + metrics.IncTotalHandlerExecutions(c.name, "", true) return err } if !exists { diff --git a/vendor/github.com/rancher/lasso/pkg/controller/sharedcontroller.go b/vendor/github.com/rancher/lasso/pkg/controller/sharedcontroller.go index 7eb3f3c3b6..ba7bfe8eda 100644 --- a/vendor/github.com/rancher/lasso/pkg/controller/sharedcontroller.go +++ b/vendor/github.com/rancher/lasso/pkg/controller/sharedcontroller.go @@ -89,6 +89,10 @@ func (s *sharedController) Start(ctx context.Context, workers int) error { return s.startError } + if s.started { + return nil + } + if err := s.controller.Start(ctx, workers); err != nil { return err } diff --git a/vendor/github.com/rancher/lasso/pkg/controller/sharedcontrollerfactory.go b/vendor/github.com/rancher/lasso/pkg/controller/sharedcontrollerfactory.go index 158703c374..64bb0380bf 100644 --- a/vendor/github.com/rancher/lasso/pkg/controller/sharedcontrollerfactory.go +++ b/vendor/github.com/rancher/lasso/pkg/controller/sharedcontrollerfactory.go @@ -23,11 +23,24 @@ type SharedControllerFactory interface { } type SharedControllerFactoryOptions struct { + CacheOptions *cache.SharedCacheFactoryOptions + DefaultRateLimiter workqueue.RateLimiter DefaultWorkers int KindRateLimiter map[schema.GroupVersionKind]workqueue.RateLimiter KindWorkers map[schema.GroupVersionKind]int + + // SyncOnlyChangedObjects causes the handle function to only proceed if the object was actually updated. + // This is intended to be used by applications with many objects and/or controllers types that have + // alternative means of rerunning when necessary. When the informer's resync their cache the update + // function is run. If this setting is enabled, when the update handler is triggered the overhead is + // reduced but has the tradeoff of not rerunning handlers. Handlers that rely on external objects or + // services, or experience a bug might need to rerun despite the respective object not changing. If this + // is enabled, it is the responsibility of the app to ensure logic is retried when needed. The result is + // that running the handler func on resync will mostly only serve the purpose of catching missed cache + // events. + SyncOnlyChangedObjects bool } type sharedControllerFactory struct { @@ -40,6 +53,8 @@ type sharedControllerFactory struct { workers int kindRateLimiter map[schema.GroupVersionKind]workqueue.RateLimiter kindWorkers map[schema.GroupVersionKind]int + + syncOnlyChangedObjects bool } func NewSharedControllerFactoryFromConfig(config *rest.Config, scheme *runtime.Scheme) (SharedControllerFactory, error) { @@ -52,15 +67,32 @@ func NewSharedControllerFactoryFromConfig(config *rest.Config, scheme *runtime.S return NewSharedControllerFactory(cache.NewSharedCachedFactory(cf, nil), nil), nil } +// NewSharedControllerFactoryFromConfigWithOptions accepts options for configuring a new SharedControllerFactory and its +// cache. +func NewSharedControllerFactoryFromConfigWithOptions(config *rest.Config, scheme *runtime.Scheme, opts *SharedControllerFactoryOptions) (SharedControllerFactory, error) { + cf, err := client.NewSharedClientFactory(config, &client.SharedClientFactoryOptions{ + Scheme: scheme, + }) + if err != nil { + return nil, err + } + var cacheOpts *cache.SharedCacheFactoryOptions + if opts != nil { + cacheOpts = opts.CacheOptions + } + return NewSharedControllerFactory(cache.NewSharedCachedFactory(cf, cacheOpts), opts), nil +} + func NewSharedControllerFactory(cacheFactory cache.SharedCacheFactory, opts *SharedControllerFactoryOptions) SharedControllerFactory { opts = applyDefaultSharedOptions(opts) return &sharedControllerFactory{ - sharedCacheFactory: cacheFactory, - controllers: map[schema.GroupVersionResource]*sharedController{}, - workers: opts.DefaultWorkers, - kindWorkers: opts.KindWorkers, - rateLimiter: opts.DefaultRateLimiter, - kindRateLimiter: opts.KindRateLimiter, + sharedCacheFactory: cacheFactory, + controllers: map[schema.GroupVersionResource]*sharedController{}, + workers: opts.DefaultWorkers, + kindWorkers: opts.KindWorkers, + rateLimiter: opts.DefaultRateLimiter, + kindRateLimiter: opts.KindRateLimiter, + syncOnlyChangedObjects: opts.SyncOnlyChangedObjects, } } @@ -75,6 +107,10 @@ func applyDefaultSharedOptions(opts *SharedControllerFactoryOptions) *SharedCont return &newOpts } +func (s *sharedControllerFactory) EnableSyncOnlyChangedObjects() { + s.syncOnlyChangedObjects = true +} + func (s *sharedControllerFactory) Start(ctx context.Context, defaultWorkers int) error { s.controllerLock.Lock() defer s.controllerLock.Unlock() @@ -146,7 +182,7 @@ func (s *sharedControllerFactory) ForResourceKind(gvr schema.GroupVersionResourc client := s.sharedCacheFactory.SharedClientFactory().ForResourceKind(gvr, kind, namespaced) - handler := &SharedHandler{} + handler := &SharedHandler{controllerGVR: gvr.String()} controllerResult = &sharedController{ deferredController: func() (Controller, error) { @@ -179,7 +215,8 @@ func (s *sharedControllerFactory) ForResourceKind(gvr schema.GroupVersionResourc } c := New(gvk.String(), cache, starter, handler, &Options{ - RateLimiter: rateLimiter, + RateLimiter: rateLimiter, + SyncOnlyChangedObjects: s.syncOnlyChangedObjects, }) return c, err diff --git a/vendor/github.com/rancher/lasso/pkg/controller/sharedhandler.go b/vendor/github.com/rancher/lasso/pkg/controller/sharedhandler.go index a3f9bada2c..2258758e77 100644 --- a/vendor/github.com/rancher/lasso/pkg/controller/sharedhandler.go +++ b/vendor/github.com/rancher/lasso/pkg/controller/sharedhandler.go @@ -8,7 +8,9 @@ import ( "strings" "sync" "sync/atomic" + "time" + "github.com/rancher/lasso/pkg/metrics" "k8s.io/apimachinery/pkg/api/meta" "k8s.io/apimachinery/pkg/runtime" ) @@ -25,7 +27,8 @@ type handlerEntry struct { type SharedHandler struct { // keep first because arm32 needs atomic.AddInt64 target to be mem aligned - idCounter int64 + idCounter int64 + controllerGVR string lock sync.RWMutex handlers []handlerEntry @@ -66,13 +69,21 @@ func (h *SharedHandler) OnChange(key string, obj runtime.Object) error { h.lock.RUnlock() for _, handler := range handlers { + var hasError bool + reconcileStartTS := time.Now() + newObj, err := handler.handler.OnChange(key, obj) if err != nil && !errors.Is(err, ErrIgnore) { errs = append(errs, &handlerError{ HandlerName: handler.name, Err: err, }) + hasError = true } + metrics.IncTotalHandlerExecutions(h.controllerGVR, handler.name, hasError) + reconcileTime := time.Since(reconcileStartTS) + metrics.ReportReconcileTime(h.controllerGVR, handler.name, hasError, reconcileTime.Seconds()) + if newObj != nil && !reflect.ValueOf(newObj).IsNil() { meta, err := meta.Accessor(newObj) if err == nil && meta.GetUID() != "" { diff --git a/vendor/github.com/rancher/lasso/pkg/controller/useragent.go b/vendor/github.com/rancher/lasso/pkg/controller/useragent.go new file mode 100644 index 0000000000..571729ad03 --- /dev/null +++ b/vendor/github.com/rancher/lasso/pkg/controller/useragent.go @@ -0,0 +1,68 @@ +package controller + +import ( + "github.com/rancher/lasso/pkg/client" + "github.com/rancher/lasso/pkg/log" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +type sharedControllerFactoryWithAgent struct { + SharedControllerFactory + + userAgent string +} + +type sharedControllerWithAgent struct { + SharedController + + userAgent string +} + +// NewSharedControllerFactoryWithAgent returns a controller factory that is equivalent to the passed controller factory +// with the addition that it will wrap the returned controllers from ForKind, ForResource, and ForResourceKind with the +// sharedController struct using the passed user agent. +func NewSharedControllerFactoryWithAgent(userAgent string, clientFactory SharedControllerFactory) SharedControllerFactory { + return &sharedControllerFactoryWithAgent{ + SharedControllerFactory: clientFactory, + userAgent: userAgent, + } +} + +func NewSharedControllerWithAgent(userAgent string, controller SharedController) SharedController { + return &sharedControllerWithAgent{ + SharedController: controller, + userAgent: userAgent, + } +} + +func (s *sharedControllerFactoryWithAgent) ForKind(gvk schema.GroupVersionKind) (SharedController, error) { + resourceController, err := s.SharedControllerFactory.ForKind(gvk) + if err != nil { + return resourceController, err + } + + return NewSharedControllerWithAgent(s.userAgent, resourceController), err +} + +func (s *sharedControllerFactoryWithAgent) ForResource(gvr schema.GroupVersionResource, namespaced bool) SharedController { + resourceController := s.SharedControllerFactory.ForResource(gvr, namespaced) + return NewSharedControllerWithAgent(s.userAgent, resourceController) +} + +func (s *sharedControllerFactoryWithAgent) ForResourceKind(gvr schema.GroupVersionResource, kind string, namespaced bool) SharedController { + resourceController := s.SharedControllerFactory.ForResourceKind(gvr, kind, namespaced) + return NewSharedControllerWithAgent(s.userAgent, resourceController) +} + +func (s *sharedControllerWithAgent) Client() *client.Client { + client := s.SharedController.Client() + if client == nil { + return client + } + clientWithAgent, err := client.WithAgent(s.userAgent) + if err != nil { + log.Debugf("failed to get client with agent [%s]", s.userAgent) + return client + } + return clientWithAgent +} diff --git a/vendor/github.com/rancher/lasso/pkg/dynamic/controller.go b/vendor/github.com/rancher/lasso/pkg/dynamic/controller.go index 8f31bb3795..c3fc05c672 100644 --- a/vendor/github.com/rancher/lasso/pkg/dynamic/controller.go +++ b/vendor/github.com/rancher/lasso/pkg/dynamic/controller.go @@ -111,7 +111,7 @@ func (c *Controller) OnChange(ctx context.Context, name string, matcher GVKMatch }) } -func (c *Controller) GetCache(ctx context.Context, gvk schema.GroupVersionKind) (cache.SharedIndexInformer, bool, error) { +func (c *Controller) getCache(ctx context.Context, gvk schema.GroupVersionKind) (cache.SharedIndexInformer, bool, error) { if c.cacheFactory.WaitForCacheSync(ctx)[gvk] { cache, err := c.cacheFactory.ForKind(gvk) return cache, true, err @@ -157,7 +157,7 @@ outer: continue } - informer, shared, err := c.GetCache(timeoutCtx, gvk) + informer, shared, err := c.getCache(timeoutCtx, gvk) if err != nil { errs = append(errs, err) log.Errorf("Failed to get shared cache for %v: %v", gvk, err) @@ -214,11 +214,9 @@ outer: if !cache.WaitForCacheSync(timeoutCtx.Done(), w.informer.HasSynced) { errs = append(errs, fmt.Errorf("failed to sync cache for %v", w.gvk)) log.Errorf("failed to sync cache for %v", w.gvk) - cancel() w.cancel() delete(c.watchers, w.gvk) } - cancel() } for _, w := range toWait { @@ -237,6 +235,14 @@ outer: return nil } +func (c *Controller) GetCache(_ context.Context, gvk schema.GroupVersionKind) (cache.SharedIndexInformer, bool, error) { + w, err := c.getWatcherForGVK(gvk) + if err != nil { + return nil, false, err + } + return w.informer, w.informer.HasSynced(), nil +} + func (c *Controller) getWatcherForGVK(gvk schema.GroupVersionKind) (*watcher, error) { c.RLock() w, ok := c.watchers[gvk] diff --git a/vendor/github.com/rancher/lasso/pkg/log/log.go b/vendor/github.com/rancher/lasso/pkg/log/log.go index a8725e4532..820a8d66f1 100644 --- a/vendor/github.com/rancher/lasso/pkg/log/log.go +++ b/vendor/github.com/rancher/lasso/pkg/log/log.go @@ -10,4 +10,7 @@ var ( Errorf = func(message string, obj ...interface{}) { log.Printf("ERROR: "+message+"\n", obj...) } + Debugf = func(message string, obj ...interface{}) { + log.Printf("DEBUG: "+message+"\n", obj...) + } ) diff --git a/vendor/github.com/rancher/lasso/pkg/metrics/metrics.go b/vendor/github.com/rancher/lasso/pkg/metrics/metrics.go new file mode 100644 index 0000000000..80440f077e --- /dev/null +++ b/vendor/github.com/rancher/lasso/pkg/metrics/metrics.go @@ -0,0 +1,86 @@ +package metrics + +import ( + "strconv" + + "github.com/prometheus/client_golang/prometheus" +) + +var prometheusMetrics = false + +const ( + lassoSubsystem = "lasso_controller" + controllerNameLabel = "controller_name" + handlerNameLabel = "handler_name" + hasErrorLabel = "has_error" + + groupLabel = "group" + versionLabel = "version" + kindLabel = "kind" +) + +var ( + // https://prometheus.io/docs/practices/instrumentation/#use-labels explains logic of having 1 total_requests + // counter with code label vs a counter for each code + + TotalControllerExecutions = prometheus.NewCounterVec( + prometheus.CounterOpts{ + Subsystem: lassoSubsystem, + Name: "total_handler_execution", + Help: "Total count of handler executions", + }, + []string{controllerNameLabel, handlerNameLabel, hasErrorLabel}, + ) + TotalCachedObjects = prometheus.NewGaugeVec( + prometheus.GaugeOpts{ + Subsystem: lassoSubsystem, + Name: "total_cached_object", + Help: "Total count of cached objects", + }, + []string{groupLabel, versionLabel, kindLabel}, + ) + + // reconcileTime is a prometheus histogram metric exposes the duration of reconciliations per controller. + // controller label refers to the controller name + reconcileTime = prometheus.NewHistogramVec(prometheus.HistogramOpts{ + Subsystem: lassoSubsystem, + Name: "reconcile_time_seconds", + Help: "Histogram of the durations per reconciliation per controller", + }, []string{controllerNameLabel, handlerNameLabel, hasErrorLabel}) +) + +func IncTotalHandlerExecutions(controllerName, handlerName string, hasError bool) { + if prometheusMetrics { + TotalControllerExecutions.With( + prometheus.Labels{ + controllerNameLabel: controllerName, + handlerNameLabel: handlerName, + hasErrorLabel: strconv.FormatBool(hasError), + }, + ).Inc() + } +} + +func IncTotalCachedObjects(group, version, kind string, val float64) { + if prometheusMetrics { + TotalCachedObjects.With( + prometheus.Labels{ + groupLabel: group, + versionLabel: version, + kindLabel: kind, + }, + ).Set(val) + } +} + +func ReportReconcileTime(controllerName, handlerName string, hasError bool, observeTime float64) { + if prometheusMetrics { + reconcileTime.With( + prometheus.Labels{ + controllerNameLabel: controllerName, + handlerNameLabel: handlerName, + hasErrorLabel: strconv.FormatBool(hasError), + }, + ).Observe(observeTime) + } +} diff --git a/vendor/github.com/rancher/lasso/pkg/metrics/register.go b/vendor/github.com/rancher/lasso/pkg/metrics/register.go new file mode 100644 index 0000000000..19c9f2625d --- /dev/null +++ b/vendor/github.com/rancher/lasso/pkg/metrics/register.go @@ -0,0 +1,31 @@ +package metrics + +import ( + "os" + + "k8s.io/client-go/util/workqueue" + + "github.com/prometheus/client_golang/prometheus" +) + +const metricsEnv = "CATTLE_PROMETHEUS_METRICS" + +func init() { + if os.Getenv(metricsEnv) == "true" { + prometheusMetrics = true + prometheus.MustRegister( + TotalControllerExecutions, + TotalCachedObjects, + reconcileTime, + // expose workqueue metrics + depth, + adds, + latency, + workDuration, + unfinished, + longestRunningProcessor, + retries, + ) + workqueue.SetProvider(workqueueMetricsProvider{}) + } +} diff --git a/vendor/github.com/rancher/lasso/pkg/metrics/workqueue.go b/vendor/github.com/rancher/lasso/pkg/metrics/workqueue.go new file mode 100644 index 0000000000..0fdf2e69df --- /dev/null +++ b/vendor/github.com/rancher/lasso/pkg/metrics/workqueue.go @@ -0,0 +1,114 @@ +/* +Copyright 2019 The Kubernetes Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package metrics + +import ( + "github.com/prometheus/client_golang/prometheus" + "k8s.io/client-go/util/workqueue" +) + +// This file is copied and adapted from https://github.com/kubernetes/kubernetes/blame/master/staging/src/k8s.io/component-base/metrics/prometheus/workqueue/metrics.go +// which implement MetricsProvider and register metrics to customized Registry + +// Metrics subsystem and all keys used by the workqueue. +const ( + WorkQueueSubsystem = "workqueue" + DepthKey = "depth" + AddsKey = "adds_total" + QueueLatencyKey = "queue_duration_seconds" + WorkDurationKey = "work_duration_seconds" + UnfinishedWorkKey = "unfinished_work_seconds" + LongestRunningProcessorKey = "longest_running_processor_seconds" + RetriesKey = "retries_total" +) + +var ( + depth = prometheus.NewGaugeVec(prometheus.GaugeOpts{ + Subsystem: WorkQueueSubsystem, + Name: DepthKey, + Help: "Current depth of workqueue", + }, []string{"name"}) + + adds = prometheus.NewCounterVec(prometheus.CounterOpts{ + Subsystem: WorkQueueSubsystem, + Name: AddsKey, + Help: "Total number of adds handled by workqueue", + }, []string{"name"}) + + latency = prometheus.NewHistogramVec(prometheus.HistogramOpts{ + Subsystem: WorkQueueSubsystem, + Name: QueueLatencyKey, + Help: "How long in seconds an item stays in workqueue before being requested", + Buckets: prometheus.ExponentialBuckets(10e-9, 10, 10), + }, []string{"name"}) + + workDuration = prometheus.NewHistogramVec(prometheus.HistogramOpts{ + Subsystem: WorkQueueSubsystem, + Name: WorkDurationKey, + Help: "How long in seconds processing an item from workqueue takes.", + Buckets: prometheus.ExponentialBuckets(10e-9, 10, 10), + }, []string{"name"}) + + unfinished = prometheus.NewGaugeVec(prometheus.GaugeOpts{ + Subsystem: WorkQueueSubsystem, + Name: UnfinishedWorkKey, + Help: "How many seconds of work has been done that " + + "is in progress and hasn't been observed by work_duration. Large " + + "values indicate stuck threads. One can deduce the number of stuck " + + "threads by observing the rate at which this increases.", + }, []string{"name"}) + + longestRunningProcessor = prometheus.NewGaugeVec(prometheus.GaugeOpts{ + Subsystem: WorkQueueSubsystem, + Name: LongestRunningProcessorKey, + Help: "How many seconds has the longest running " + + "processor for workqueue been running.", + }, []string{"name"}) + + retries = prometheus.NewCounterVec(prometheus.CounterOpts{ + Subsystem: WorkQueueSubsystem, + Name: RetriesKey, + Help: "Total number of retries handled by workqueue", + }, []string{"name"}) +) + +type workqueueMetricsProvider struct{} + +func (workqueueMetricsProvider) NewDepthMetric(name string) workqueue.GaugeMetric { + return depth.WithLabelValues(name) +} + +func (workqueueMetricsProvider) NewAddsMetric(name string) workqueue.CounterMetric { + return adds.WithLabelValues(name) +} + +func (workqueueMetricsProvider) NewLatencyMetric(name string) workqueue.HistogramMetric { + return latency.WithLabelValues(name) +} + +func (workqueueMetricsProvider) NewWorkDurationMetric(name string) workqueue.HistogramMetric { + return workDuration.WithLabelValues(name) +} + +func (workqueueMetricsProvider) NewUnfinishedWorkSecondsMetric(name string) workqueue.SettableGaugeMetric { + return unfinished.WithLabelValues(name) +} + +func (workqueueMetricsProvider) NewLongestRunningProcessorSecondsMetric(name string) workqueue.SettableGaugeMetric { + return longestRunningProcessor.WithLabelValues(name) +} + +func (workqueueMetricsProvider) NewRetriesMetric(name string) workqueue.CounterMetric { + return retries.WithLabelValues(name) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/apply/apply.go b/vendor/github.com/rancher/wrangler/pkg/apply/apply.go index 2f295a704d..094ca1bb93 100644 --- a/vendor/github.com/rancher/wrangler/pkg/apply/apply.go +++ b/vendor/github.com/rancher/wrangler/pkg/apply/apply.go @@ -22,7 +22,7 @@ const ( type Patcher func(namespace, name string, pt types.PatchType, data []byte) (runtime.Object, error) -// return false if the Reconciler did not handler this object +// Reconciler return false if it did not handle this object type Reconciler func(oldObj runtime.Object, newObj runtime.Object) (bool, error) type ClientFactory func(gvr schema.GroupVersionResource) (dynamic.NamespaceableResourceInterface, error) diff --git a/vendor/github.com/rancher/wrangler/pkg/apply/desiredset.go b/vendor/github.com/rancher/wrangler/pkg/apply/desiredset.go index ecdaa9185a..054d058c85 100644 --- a/vendor/github.com/rancher/wrangler/pkg/apply/desiredset.go +++ b/vendor/github.com/rancher/wrangler/pkg/apply/desiredset.go @@ -39,7 +39,6 @@ type desiredSet struct { noDeleteGVK map[schema.GroupVersionKind]struct{} setID string objs *objectset.ObjectSet - codeVersion string owner runtime.Object injectors []injectors.ConfigInjector ratelimitingQps float32 diff --git a/vendor/github.com/rancher/wrangler/pkg/apply/desiredset_apply.go b/vendor/github.com/rancher/wrangler/pkg/apply/desiredset_apply.go index b478f12c3c..cf4ee23280 100644 --- a/vendor/github.com/rancher/wrangler/pkg/apply/desiredset_apply.go +++ b/vendor/github.com/rancher/wrangler/pkg/apply/desiredset_apply.go @@ -144,7 +144,7 @@ func (o *desiredSet) debugID() string { func (o *desiredSet) collect(objList []runtime.Object) objectset.ObjectByGVK { result := objectset.ObjectByGVK{} for _, obj := range objList { - result.Add(obj) + _, _ = result.Add(obj) } return result } diff --git a/vendor/github.com/rancher/wrangler/pkg/apply/reconcilers.go b/vendor/github.com/rancher/wrangler/pkg/apply/reconcilers.go index 2fba99a75f..98dad4729e 100644 --- a/vendor/github.com/rancher/wrangler/pkg/apply/reconcilers.go +++ b/vendor/github.com/rancher/wrangler/pkg/apply/reconcilers.go @@ -117,23 +117,35 @@ func reconcileService(oldObj, newObj runtime.Object) (bool, error) { } func reconcileJob(oldObj, newObj runtime.Object) (bool, error) { - oldSvc, ok := oldObj.(*batchv1.Job) + oldJob, ok := oldObj.(*batchv1.Job) if !ok { - oldSvc = &batchv1.Job{} - if err := convertObj(oldObj, oldSvc); err != nil { + oldJob = &batchv1.Job{} + if err := convertObj(oldObj, oldJob); err != nil { return false, err } } - newSvc, ok := newObj.(*batchv1.Job) + newJob, ok := newObj.(*batchv1.Job) if !ok { - newSvc = &batchv1.Job{} - if err := convertObj(newObj, newSvc); err != nil { + newJob = &batchv1.Job{} + if err := convertObj(newObj, newJob); err != nil { return false, err } } - if !equality.Semantic.DeepEqual(oldSvc.Spec.Template, newSvc.Spec.Template) { + // We round trip the object here because when serializing to the applied + // annotation values are truncated to 64 bytes. + prunedJob, err := getOriginalObject(newJob.GroupVersionKind(), newJob) + if err != nil { + return false, err + } + + newPrunedJob := &batchv1.Job{} + if err := convertObj(prunedJob, newPrunedJob); err != nil { + return false, err + } + + if !equality.Semantic.DeepEqual(oldJob.Spec.Template, newPrunedJob.Spec.Template) { return false, ErrReplace } diff --git a/vendor/github.com/rancher/wrangler/pkg/condition/condition.go b/vendor/github.com/rancher/wrangler/pkg/condition/condition.go index a994541714..ace8dea311 100644 --- a/vendor/github.com/rancher/wrangler/pkg/condition/condition.go +++ b/vendor/github.com/rancher/wrangler/pkg/condition/condition.go @@ -89,6 +89,9 @@ func (c Cond) GetLastUpdated(obj interface{}) string { func (c Cond) CreateUnknownIfNotExists(obj interface{}) { condSlice := getValue(obj, "Status", "Conditions") + if !condSlice.IsValid() { + condSlice = getValue(obj, "Conditions") + } cond := findCond(obj, condSlice, string(c)) if cond == nil { c.Unknown(obj) @@ -220,7 +223,6 @@ func getValue(obj interface{}, name ...string) reflect.Value { t := v.Type() if t.Kind() == reflect.Ptr { v = v.Elem() - t = v.Type() } field := v.FieldByName(name[0]) diff --git a/vendor/github.com/rancher/wrangler/pkg/data/convert/convert.go b/vendor/github.com/rancher/wrangler/pkg/data/convert/convert.go index c87f8b211d..ff67f04900 100644 --- a/vendor/github.com/rancher/wrangler/pkg/data/convert/convert.go +++ b/vendor/github.com/rancher/wrangler/pkg/data/convert/convert.go @@ -10,6 +10,8 @@ import ( "time" "unicode" + "golang.org/x/text/cases" + "golang.org/x/text/language" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" ) @@ -235,7 +237,8 @@ func EncodeToMap(obj interface{}) (map[string]interface{}, error) { func ToJSONKey(str string) string { parts := strings.Split(str, "_") for i := 1; i < len(parts); i++ { - parts[i] = strings.Title(parts[i]) + caser := cases.Title(language.English) + parts[i] = caser.String(parts[i]) } return strings.Join(parts, "") diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/admissionregistration.k8s.io/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/admissionregistration.k8s.io/factory.go index a79e0c1fdb..ed2b446d01 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/admissionregistration.k8s.io/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/admissionregistration.k8s.io/factory.go @@ -19,6 +19,7 @@ limitations under the License. package admissionregistration import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Admissionregistration() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiextensions.k8s.io/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiextensions.k8s.io/factory.go index edda23205e..d8f0269638 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiextensions.k8s.io/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiextensions.k8s.io/factory.go @@ -19,6 +19,7 @@ limitations under the License. package apiextensions import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Apiextensions() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiregistration.k8s.io/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiregistration.k8s.io/factory.go index f686e9e6ab..33ec87566e 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiregistration.k8s.io/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apiregistration.k8s.io/factory.go @@ -19,6 +19,7 @@ limitations under the License. package apiregistration import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Apiregistration() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apps/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apps/factory.go index 3679d03175..bcaae25686 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apps/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/apps/factory.go @@ -19,6 +19,7 @@ limitations under the License. package apps import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Apps() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/batch/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/batch/factory.go index 6558b8d0ae..0a282f1780 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/batch/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/batch/factory.go @@ -19,6 +19,7 @@ limitations under the License. package batch import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Batch() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/core/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/core/factory.go index 8a8ad7f6f4..b19523b160 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/core/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/core/factory.go @@ -19,6 +19,7 @@ limitations under the License. package core import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Core() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/rbac/factory.go b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/rbac/factory.go index 52a114505c..266d290820 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generated/controllers/rbac/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generated/controllers/rbac/factory.go @@ -19,6 +19,7 @@ limitations under the License. package rbac import ( + "github.com/rancher/lasso/pkg/controller" "github.com/rancher/wrangler/pkg/generic" "k8s.io/client-go/rest" ) @@ -65,3 +66,7 @@ func NewFactoryFromConfigWithOptionsOrDie(config *rest.Config, opts *FactoryOpti func (c *Factory) Rbac() Interface { return New(c.ControllerFactory()) } + +func (c *Factory) WithAgent(userAgent string) Interface { + return New(controller.NewSharedControllerFactoryWithAgent(userAgent, c.ControllerFactory())) +} diff --git a/vendor/github.com/rancher/wrangler/pkg/generic/factory.go b/vendor/github.com/rancher/wrangler/pkg/generic/factory.go index 946af86582..ce4370d9ce 100644 --- a/vendor/github.com/rancher/wrangler/pkg/generic/factory.go +++ b/vendor/github.com/rancher/wrangler/pkg/generic/factory.go @@ -103,7 +103,7 @@ func (c *Factory) setControllerFactoryWithLock() error { func (c *Factory) Sync(ctx context.Context) error { if c.cacheFactory != nil { - c.cacheFactory.Start(ctx) + _ = c.cacheFactory.Start(ctx) c.cacheFactory.WaitForCacheSync(ctx) } return nil diff --git a/vendor/github.com/rancher/wrangler/pkg/webhook/match.go b/vendor/github.com/rancher/wrangler/pkg/webhook/match.go index ae6ee8e021..5f16d3966e 100644 --- a/vendor/github.com/rancher/wrangler/pkg/webhook/match.go +++ b/vendor/github.com/rancher/wrangler/pkg/webhook/match.go @@ -5,6 +5,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" ) +// RouteMatch type matching of admission Request to Handlers. type RouteMatch struct { handler Handler kind string @@ -27,9 +28,8 @@ func (r *RouteMatch) admit(response *Response, request *Request) error { } func (r *RouteMatch) matches(req *v1.AdmissionRequest) bool { - var ( - group, version, kind, resource string - ) + var group, version, kind, resource string + if req.RequestKind != nil { group, version, kind = req.RequestKind.Group, req.RequestKind.Version, req.RequestKind.Kind } @@ -74,32 +74,78 @@ func checkBool(expected, actual *bool) bool { // Pretty methods -func (r *RouteMatch) DryRun(dryRun bool) *RouteMatch { r.dryRun = &dryRun; return r } -func (r *RouteMatch) Group(group string) *RouteMatch { r.group = group; return r } -func (r *RouteMatch) HandleFunc(handler HandlerFunc) *RouteMatch { r.handler = handler; return r } -func (r *RouteMatch) Handle(handler Handler) *RouteMatch { r.handler = handler; return r } -func (r *RouteMatch) Kind(kind string) *RouteMatch { r.kind = kind; return r } -func (r *RouteMatch) Name(name string) *RouteMatch { r.name = name; return r } -func (r *RouteMatch) Namespace(namespace string) *RouteMatch { r.namespace = namespace; return r } +// DryRun matches admission request with the matching DryRun value. +func (r *RouteMatch) DryRun(dryRun bool) *RouteMatch { r.dryRun = &dryRun; return r } + +// Group matches admission request with the matching Group value. +func (r *RouteMatch) Group(group string) *RouteMatch { r.group = group; return r } + +// HandleFunc sets the handler to be called for matching admission request. +func (r *RouteMatch) HandleFunc(handler HandlerFunc) *RouteMatch { r.handler = handler; return r } + +// Handle sets the Handler to be called for matching admission request. +func (r *RouteMatch) Handle(handler Handler) *RouteMatch { r.handler = handler; return r } + +// Kind matches admission request with the matching Kind value. +func (r *RouteMatch) Kind(kind string) *RouteMatch { r.kind = kind; return r } + +// Name matches admission request with the matching Name value. +func (r *RouteMatch) Name(name string) *RouteMatch { r.name = name; return r } + +// Namespace matches admission request with the matching Namespace value. +func (r *RouteMatch) Namespace(namespace string) *RouteMatch { r.namespace = namespace; return r } + +// Operation matches admission request with the matching Operation value. func (r *RouteMatch) Operation(operation v1.Operation) *RouteMatch { r.operation = operation; return r } -func (r *RouteMatch) Resource(resource string) *RouteMatch { r.resource = resource; return r } -func (r *RouteMatch) SubResource(sr string) *RouteMatch { r.subResource = sr; return r } -func (r *RouteMatch) Type(objType runtime.Object) *RouteMatch { r.objType = objType; return r } -func (r *RouteMatch) Version(version string) *RouteMatch { r.version = version; return r } + +// Resource matches admission request with the matching Resource value. +func (r *RouteMatch) Resource(resource string) *RouteMatch { r.resource = resource; return r } + +// SubResource matches admission request with the matching SubResource value. +func (r *RouteMatch) SubResource(sr string) *RouteMatch { r.subResource = sr; return r } + +// Type specifies the runtime.Object to use for decoding. +func (r *RouteMatch) Type(objType runtime.Object) *RouteMatch { r.objType = objType; return r } + +// Version matches admission request with the matching Version value. +func (r *RouteMatch) Version(version string) *RouteMatch { r.version = version; return r } // Wrappers for pretty methods -func (r *Router) DryRun(dryRun bool) *RouteMatch { return r.next().DryRun(dryRun) } -func (r *Router) Group(group string) *RouteMatch { return r.next().Group(group) } -func (r *Router) HandleFunc(hf HandlerFunc) *RouteMatch { return r.next().HandleFunc(hf) } -func (r *Router) Handle(handler Handler) *RouteMatch { return r.next().Handle(handler) } -func (r *Router) Kind(kind string) *RouteMatch { return r.next().Kind(kind) } -func (r *Router) Name(name string) *RouteMatch { return r.next().Name(name) } -func (r *Router) Namespace(namespace string) *RouteMatch { return r.next().Namespace(namespace) } +// DryRun matches admission request with the matching DryRun value. +func (r *Router) DryRun(dryRun bool) *RouteMatch { return r.next().DryRun(dryRun) } + +// Group matches admission request with the matching Group value. +func (r *Router) Group(group string) *RouteMatch { return r.next().Group(group) } + +// HandleFunc sets the handler to be called for matching admission request. +func (r *Router) HandleFunc(hf HandlerFunc) *RouteMatch { return r.next().HandleFunc(hf) } + +// Handle sets the Handler to be called for matching admission request. +func (r *Router) Handle(handler Handler) *RouteMatch { return r.next().Handle(handler) } + +// Kind matches admission request with the matching Kind value. +func (r *Router) Kind(kind string) *RouteMatch { return r.next().Kind(kind) } + +// Name matches admission request with the matching Name value. +func (r *Router) Name(name string) *RouteMatch { return r.next().Name(name) } + +// Namespace matches admission request with the matching Namespace value. +func (r *Router) Namespace(namespace string) *RouteMatch { return r.next().Namespace(namespace) } + +// Operation matches admission request with the matching Operation value. func (r *Router) Operation(operation v1.Operation) *RouteMatch { return r.next().Operation(operation) } -func (r *Router) Resource(resource string) *RouteMatch { return r.next().Resource(resource) } + +// Resource matches admission request with the matching Resource value. +func (r *Router) Resource(resource string) *RouteMatch { return r.next().Resource(resource) } + +// SubResource matches admission request with the matching SubResource value. func (r *Router) SubResource(subResource string) *RouteMatch { return r.next().SubResource(subResource) } + +// Type specifies the runtime.Object to use for decoding. func (r *Router) Type(objType runtime.Object) *RouteMatch { return r.next().Type(objType) } -func (r *Router) Version(version string) *RouteMatch { return r.next().Version(version) } + +// Version matches admission request with the matching Version value. +func (r *Router) Version(version string) *RouteMatch { return r.next().Version(version) } diff --git a/vendor/github.com/rancher/wrangler/pkg/webhook/router.go b/vendor/github.com/rancher/wrangler/pkg/webhook/router.go index f9934a95c5..7c53d40390 100644 --- a/vendor/github.com/rancher/wrangler/pkg/webhook/router.go +++ b/vendor/github.com/rancher/wrangler/pkg/webhook/router.go @@ -1,3 +1,4 @@ +// Package webhook holds shared code related to routing for webhook admission. package webhook import ( @@ -19,10 +20,12 @@ var ( jsonPatchType = v1.PatchTypeJSONPatch ) +// NewRouter returns a newly allocated Router. func NewRouter() *Router { return &Router{} } +// Router manages request and the calling of matching handlers. type Router struct { matches []*RouteMatch } @@ -39,9 +42,13 @@ func (r *Router) sendError(rw http.ResponseWriter, review *v1.AdmissionReview, e func writeResponse(rw http.ResponseWriter, review *v1.AdmissionReview) { rw.Header().Set("Content-Type", "application/json") - json.NewEncoder(rw).Encode(review) + err := json.NewEncoder(rw).Encode(review) + if err != nil { + logrus.Errorf("Failed to write response: %s", err) + } } +// ServeHTTP inspects the http.Request and calls the Admit function on all matching handlers. func (r *Router) ServeHTTP(rw http.ResponseWriter, req *http.Request) { review := &v1.AdmissionReview{} err := json.NewDecoder(req.Body).Decode(review) @@ -77,7 +84,7 @@ func (r *Router) admit(response *Response, request *v1.AdmissionRequest, req *ht err := m.admit(response, &Request{ AdmissionRequest: *request, Context: req.Context(), - objTemplate: m.getObjType(), + ObjTemplate: m.getObjType(), }) logrus.Debugf("admit result: %s %s %s user=%s allowed=%v err=%v", request.Operation, request.Kind.String(), resourceString(request.Namespace, request.Name), request.UserInfo.Username, response.Allowed, err) return err @@ -92,29 +99,37 @@ func (r *Router) next() *RouteMatch { return match } +// Request wrapper for an AdmissionRequest. type Request struct { v1.AdmissionRequest Context context.Context - objTemplate runtime.Object + ObjTemplate runtime.Object } +// DecodeOldObject decodes the OldObject in the request into a new runtime.Object of type specified by Type(). +// If Type() was not set the runtime.Object will be of type *unstructured.Unstructured. func (r *Request) DecodeOldObject() (runtime.Object, error) { - obj := r.objTemplate.DeepCopyObject() + obj := r.ObjTemplate.DeepCopyObject() err := json.Unmarshal(r.OldObject.Raw, obj) return obj, err } +// DecodeObject decodes the Object in the request into a new runtime.Object of type specified by Type(). +// If Type() was not set the runtime.Object will be of type *unstructured.Unstructured. func (r *Request) DecodeObject() (runtime.Object, error) { - obj := r.objTemplate.DeepCopyObject() + obj := r.ObjTemplate.DeepCopyObject() err := json.Unmarshal(r.Object.Raw, obj) return obj, err } +// Response a wrapper for AdmissionResponses object type Response struct { v1.AdmissionResponse } +// CreatePatch will patch the Object in the request with the given object. +// An error will be returned if on subsequent calls to the same request. func (r *Response) CreatePatch(request *Request, newObj runtime.Object) error { if len(r.Patch) > 0 { return fmt.Errorf("response patch has already been already been assigned") @@ -135,17 +150,21 @@ func (r *Response) CreatePatch(request *Request, newObj runtime.Object) error { return nil } +// The Handler type is an adapter to allow admission checking on a given request. +// Handlers should update the response to control admission. type Handler interface { Admit(resp *Response, req *Request) error } +// HandlerFunc type is used to add regular functions as Handler. type HandlerFunc func(resp *Response, req *Request) error +// Admit calls the handler function so that the function conforms to the Handler interface. func (h HandlerFunc) Admit(resp *Response, req *Request) error { return h(resp, req) } -// resourceString returns the resource formatted as a string +// resourceString returns the resource formatted as a string. func resourceString(ns, name string) string { if ns == "" { return name diff --git a/vendor/modules.txt b/vendor/modules.txt index 8135432d02..55dc9e5560 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -349,17 +349,18 @@ github.com/rancher/dynamiclistener/storage/memory ## explicit github.com/rancher/go-rancher/api github.com/rancher/go-rancher/client -# github.com/rancher/lasso v0.0.0-20211217013041-3c6118a30611 -## explicit; go 1.14 +# github.com/rancher/lasso v0.0.0-20221227210133-6ea88ca2fbcc +## explicit; go 1.19 github.com/rancher/lasso/pkg/cache github.com/rancher/lasso/pkg/client github.com/rancher/lasso/pkg/controller github.com/rancher/lasso/pkg/dynamic github.com/rancher/lasso/pkg/log github.com/rancher/lasso/pkg/mapper +github.com/rancher/lasso/pkg/metrics github.com/rancher/lasso/pkg/scheme -# github.com/rancher/wrangler v1.0.0 -## explicit; go 1.16 +# github.com/rancher/wrangler v1.1.1 +## explicit; go 1.19 github.com/rancher/wrangler/pkg/apply github.com/rancher/wrangler/pkg/apply/injectors github.com/rancher/wrangler/pkg/clients @@ -772,7 +773,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.24.0 => k8s.io/apiextensions-apiserver v0.27.1 +# k8s.io/apiextensions-apiserver v0.25.4 => k8s.io/apiextensions-apiserver v0.27.1 ## explicit; go 1.20 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 @@ -1373,7 +1374,7 @@ k8s.io/kms/apis/v1beta1 k8s.io/kms/apis/v2 k8s.io/kms/pkg/service k8s.io/kms/pkg/util -# k8s.io/kube-aggregator v0.24.0 => k8s.io/kube-aggregator v0.27.1 +# k8s.io/kube-aggregator v0.25.4 => k8s.io/kube-aggregator v0.27.1 ## explicit; go 1.20 k8s.io/kube-aggregator/pkg/apis/apiregistration k8s.io/kube-aggregator/pkg/apis/apiregistration/v1