Update dependencies

Gopkg.toml

@@ -20,7 +20,7 @@
 #  name = "github.com/x/y"
 #  version = "2.4.0"
 
-ignored = ["github.com/kubernetes/ingress-nginx/images/grpc-fortune-teller*"]
+ignored = ["k8s.io/ingress-nginx/images/*"]
 
 [prune]
   non-go = true
@@ -33,18 +33,10 @@ ignored = ["github.com/kubernetes/ingress-nginx/images/grpc-fortune-teller*"]
   unused-packages = false
   non-go = false
 
-[[override]]
-  name = "github.com/docker/distribution"
-  revision = "edc3ab29cdff8694dd6feb85cfeb4b5f1b38ed9c"
-
 [[override]]
   name = "gopkg.in/fsnotify.v1"
   source = "https://github.com/fsnotify/fsnotify.git"
 
-[[override]]
-    name = "github.com/golang/glog"
-    source = "k8s.io/klog/glog"
-
 [[constraint]]
   name = "github.com/eapache/channels"
   branch = "master"
@@ -99,28 +91,28 @@ ignored = ["github.com/kubernetes/ingress-nginx/images/grpc-fortune-teller*"]
 
 [[constraint]]
   name = "k8s.io/kubernetes"
-  revision = "v1.13.3"
+  revision = "v1.14.0"
 
 [[constraint]]
   name = "k8s.io/api"
-  revision = "kubernetes-1.13.3"
+  revision = "kubernetes-1.14.0"
 
 [[constraint]]
   name = "k8s.io/apimachinery"
-  revision = "kubernetes-1.13.3"
+  revision = "kubernetes-1.14.0"
 
 [[constraint]]
   name = "k8s.io/client-go"
-  revision = "kubernetes-1.13.3"
+  revision = "release-11.0"
 
 [[constraint]]
   name = "k8s.io/apiextensions-apiserver"
-  revision = "kubernetes-1.13.3"
+  revision = "kubernetes-1.14.0"
 
 [[constraint]]
-  name = "k8s.io/apiserver"
-  revision = "kubernetes-1.13.3"
+  name = "k8s.io/cli-runtime"
+  revision = "kubernetes-1.14.0"
 
 [[constraint]]
-  name = "k8s.io/cli-runtime"
-  revision = "kubernetes-1.13.3"
+  name = "k8s.io/apiserver"
+  revision = "kubernetes-1.14.0"

cmd/plugin/main.go

@@ -47,7 +47,7 @@ func main() {
 	}
 
 	// Respect some basic kubectl flags like --namespace
-	flags := genericclioptions.NewConfigFlags()
+	flags := genericclioptions.NewConfigFlags(true)
 	flags.AddFlags(rootCmd.PersistentFlags())
 
 	rootCmd.AddCommand(ingresses.CreateCommand(flags))

internal/ingress/controller/store/store_test.go

@@ -245,7 +245,7 @@ func TestStore(t *testing.T) {
 		// Secret takes a bit to update
 		time.Sleep(3 * time.Second)
 
-		err = clientSet.Extensions().Ingresses(ni.Namespace).Delete(ni.Name, &metav1.DeleteOptions{})
+		err = clientSet.ExtensionsV1beta1().Ingresses(ni.Namespace).Delete(ni.Name, &metav1.DeleteOptions{})
 		if err != nil {
 			t.Errorf("error creating ingress: %v", err)
 		}
@@ -803,13 +803,13 @@ func deleteConfigMap(cm, ns string, clientSet kubernetes.Interface, t *testing.T
 
 func ensureIngress(ingress *extensions.Ingress, clientSet kubernetes.Interface, t *testing.T) *extensions.Ingress {
 	t.Helper()
-	ing, err := clientSet.Extensions().Ingresses(ingress.Namespace).Update(ingress)
+	ing, err := clientSet.ExtensionsV1beta1().Ingresses(ingress.Namespace).Update(ingress)
 
 	if err != nil {
 		if k8sErrors.IsNotFound(err) {
 			t.Logf("Ingress %v not found, creating", ingress)
 
-			ing, err = clientSet.Extensions().Ingresses(ingress.Namespace).Create(ingress)
+			ing, err = clientSet.ExtensionsV1beta1().Ingresses(ingress.Namespace).Create(ingress)
 			if err != nil {
 				t.Fatalf("error creating ingress %+v: %v", ingress, err)
 			}
@@ -828,7 +828,7 @@ func ensureIngress(ingress *extensions.Ingress, clientSet kubernetes.Interface,
 
 func deleteIngress(ingress *extensions.Ingress, clientSet kubernetes.Interface, t *testing.T) {
 	t.Helper()
-	err := clientSet.Extensions().Ingresses(ingress.Namespace).Delete(ingress.Name, &metav1.DeleteOptions{})
+	err := clientSet.ExtensionsV1beta1().Ingresses(ingress.Namespace).Delete(ingress.Name, &metav1.DeleteOptions{})
 
 	if err != nil {
 		t.Errorf("failed to delete ingress %+v: %v", ingress, err)

internal/net/ssl/ssl_test.go

@@ -18,9 +18,17 @@ package ssl
 
 import (
 	"bytes"
+	"crypto"
+	"crypto/rand"
+	cryptorand "crypto/rand"
 	"crypto/rsa"
 	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"errors"
 	"fmt"
+	"math"
+	"math/big"
 	"testing"
 	"time"
 
@@ -36,7 +44,7 @@ func generateRSACerts(host string) (*keyPair, *keyPair, error) {
 		return nil, nil, err
 	}
 
-	key, err := certutil.NewPrivateKey()
+	key, err := newPrivateKey()
 	if err != nil {
 		return nil, nil, fmt.Errorf("unable to create a server private key: %v", err)
 	}
@@ -45,7 +53,7 @@ func generateRSACerts(host string) (*keyPair, *keyPair, error) {
 		CommonName: host,
 		Usages:     []x509.ExtKeyUsage{x509.ExtKeyUsageAny},
 	}
-	cert, err := certutil.NewSignedCert(config, key, ca.Cert, ca.Key)
+	cert, err := newSignedCert(config, key, ca.Cert, ca.Key)
 	if err != nil {
 		return nil, nil, fmt.Errorf("unable to sign the server certificate: %v", err)
 	}
@@ -66,8 +74,8 @@ func TestStoreSSLCertOnDisk(t *testing.T) {
 
 	name := fmt.Sprintf("test-%v", time.Now().UnixNano())
 
-	c := certutil.EncodeCertPEM(cert.Cert)
-	k := certutil.EncodePrivateKeyPEM(cert.Key)
+	c := encodeCertPEM(cert.Cert)
+	k := encodePrivateKeyPEM(cert.Key)
 
 	sslCert, err := CreateSSLCert(c, k)
 	if err != nil {
@@ -102,9 +110,9 @@ func TestCACert(t *testing.T) {
 
 	name := fmt.Sprintf("test-%v", time.Now().UnixNano())
 
-	c := certutil.EncodeCertPEM(cert.Cert)
-	k := certutil.EncodePrivateKeyPEM(cert.Key)
-	ca := certutil.EncodeCertPEM(CA.Cert)
+	c := encodeCertPEM(cert.Cert)
+	k := encodePrivateKeyPEM(cert.Key)
+	ca := encodeCertPEM(CA.Cert)
 
 	sslCert, err := CreateSSLCert(c, k)
 	if err != nil {
@@ -151,7 +159,7 @@ func TestConfigureCACert(t *testing.T) {
 	if err != nil {
 		t.Fatalf("unexpected error creating SSL certificate: %v", err)
 	}
-	c := certutil.EncodeCertPEM(ca.Cert)
+	c := encodeCertPEM(ca.Cert)
 
 	sslCert, err := CreateCACert(c)
 	if err != nil {
@@ -187,8 +195,8 @@ func TestCreateSSLCert(t *testing.T) {
 		t.Fatalf("unexpected error creating SSL certificate: %v", err)
 	}
 
-	c := certutil.EncodeCertPEM(cert.Cert)
-	k := certutil.EncodePrivateKeyPEM(cert.Key)
+	c := encodeCertPEM(cert.Cert)
+	k := encodePrivateKeyPEM(cert.Key)
 
 	sslCert, err := CreateSSLCert(c, k)
 	if err != nil {
@@ -219,7 +227,7 @@ type keyPair struct {
 }
 
 func newCA(name string) (*keyPair, error) {
-	key, err := certutil.NewPrivateKey()
+	key, err := newPrivateKey()
 	if err != nil {
 		return nil, fmt.Errorf("unable to create a private key for a new CA: %v", err)
 	}
@@ -271,3 +279,77 @@ func TestIsValidHostname(t *testing.T) {
 		}
 	}
 }
+
+const (
+	duration365d = time.Hour * 24 * 365
+	rsaKeySize   = 2048
+)
+
+// newPrivateKey creates an RSA private key
+func newPrivateKey() (*rsa.PrivateKey, error) {
+	return rsa.GenerateKey(cryptorand.Reader, rsaKeySize)
+}
+
+// newSignedCert creates a signed certificate using the given CA certificate and key
+func newSignedCert(cfg certutil.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error) {
+	serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64))
+	if err != nil {
+		return nil, err
+	}
+	if len(cfg.CommonName) == 0 {
+		return nil, errors.New("must specify a CommonName")
+	}
+	if len(cfg.Usages) == 0 {
+		return nil, errors.New("must specify at least one ExtKeyUsage")
+	}
+
+	certTmpl := x509.Certificate{
+		Subject: pkix.Name{
+			CommonName:   cfg.CommonName,
+			Organization: cfg.Organization,
+		},
+		DNSNames:     cfg.AltNames.DNSNames,
+		IPAddresses:  cfg.AltNames.IPs,
+		SerialNumber: serial,
+		NotBefore:    caCert.NotBefore,
+		NotAfter:     time.Now().Add(duration365d).UTC(),
+		KeyUsage:     x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+		ExtKeyUsage:  cfg.Usages,
+	}
+	certDERBytes, err := x509.CreateCertificate(cryptorand.Reader, &certTmpl, caCert, key.Public(), caKey)
+	if err != nil {
+		return nil, err
+	}
+	return x509.ParseCertificate(certDERBytes)
+}
+
+// encodePublicKeyPEM returns PEM-encoded public data
+func encodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error) {
+	der, err := x509.MarshalPKIXPublicKey(key)
+	if err != nil {
+		return []byte{}, err
+	}
+	block := pem.Block{
+		Type:  "PUBLIC KEY",
+		Bytes: der,
+	}
+	return pem.EncodeToMemory(&block), nil
+}
+
+// encodePrivateKeyPEM returns PEM-encoded private key data
+func encodePrivateKeyPEM(key *rsa.PrivateKey) []byte {
+	block := pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: x509.MarshalPKCS1PrivateKey(key),
+	}
+	return pem.EncodeToMemory(&block)
+}
+
+// encodeCertPEM returns PEM-endcoded certificate data
+func encodeCertPEM(cert *x509.Certificate) []byte {
+	block := pem.Block{
+		Type:  certutil.CertificateBlockType,
+		Bytes: cert.Raw,
+	}
+	return pem.EncodeToMemory(&block)
+}

test/e2e/e2e.go

@@ -23,7 +23,7 @@ import (
 	"github.com/onsi/ginkgo"
 	"github.com/onsi/ginkgo/config"
 	"github.com/onsi/gomega"
-	"k8s.io/apiserver/pkg/util/logs"
+	"k8s.io/component-base/logs"
 
 	// required
 	_ "k8s.io/client-go/plugin/pkg/client/auth"

test/e2e/framework/deployment.go

@@ -19,8 +19,8 @@ package framework
 import (
 	. "github.com/onsi/gomega"
 
+	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
-	extensions "k8s.io/api/extensions/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
 )
@@ -68,12 +68,12 @@ func (f *Framework) NewDeployment(name, image string, port int32, replicas int32
 		},
 	}
 
-	deployment := &extensions.Deployment{
+	deployment := &appsv1.Deployment{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      name,
 			Namespace: f.Namespace,
 		},
-		Spec: extensions.DeploymentSpec{
+		Spec: appsv1.DeploymentSpec{
 			Replicas: NewInt32(replicas),
 			Selector: &metav1.LabelSelector{
 				MatchLabels: map[string]string{

test/e2e/framework/grpc_fortune_teller.go

@@ -19,8 +19,8 @@ package framework
 import (
 	. "github.com/onsi/gomega"
 
+	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
-	extensions "k8s.io/api/extensions/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/util/intstr"
@@ -35,12 +35,12 @@ func (f *Framework) NewGRPCFortuneTellerDeployment() {
 // NewNewGRPCFortuneTellerDeploymentWithReplicas creates a new deployment of the
 // fortune teller image in a particular namespace. Number of replicas is configurable
 func (f *Framework) NewNewGRPCFortuneTellerDeploymentWithReplicas(replicas int32) {
-	deployment := &extensions.Deployment{
+	deployment := &appsv1.Deployment{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "fortune-teller",
 			Namespace: f.Namespace,
 		},
-		Spec: extensions.DeploymentSpec{
+		Spec: appsv1.DeploymentSpec{
 			Replicas: NewInt32(replicas),
 			Selector: &metav1.LabelSelector{
 				MatchLabels: map[string]string{

test/e2e/framework/influxdb.go

@@ -19,8 +19,8 @@ package framework
 import (
 	. "github.com/onsi/gomega"
 
+	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
-	extensions "k8s.io/api/extensions/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
 )
@@ -73,12 +73,12 @@ func (f *Framework) NewInfluxDBDeployment() {
 
 	Expect(cm).NotTo(BeNil(), "expected a configmap but none returned")
 
-	deployment := &extensions.Deployment{
+	deployment := &appsv1.Deployment{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "influxdb-svc",
 			Namespace: f.Namespace,
 		},
-		Spec: extensions.DeploymentSpec{
+		Spec: appsv1.DeploymentSpec{
 			Replicas: NewInt32(1),
 			Selector: &metav1.LabelSelector{
 				MatchLabels: map[string]string{

test/e2e/framework/k8s.go

@@ -23,6 +23,7 @@ import (
 
 	. "github.com/onsi/gomega"
 
+	appsv1 "k8s.io/api/apps/v1"
 	api "k8s.io/api/core/v1"
 	core "k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
@@ -108,11 +109,11 @@ func (f *Framework) EnsureService(service *core.Service) *core.Service {
 }
 
 // EnsureDeployment creates a Deployment object or returns it if it already exists.
-func (f *Framework) EnsureDeployment(deployment *extensions.Deployment) (*extensions.Deployment, error) {
-	d, err := f.KubeClientSet.Extensions().Deployments(deployment.Namespace).Update(deployment)
+func (f *Framework) EnsureDeployment(deployment *appsv1.Deployment) (*appsv1.Deployment, error) {
+	d, err := f.KubeClientSet.AppsV1().Deployments(deployment.Namespace).Update(deployment)
 	if err != nil {
 		if k8sErrors.IsNotFound(err) {
-			return f.KubeClientSet.Extensions().Deployments(deployment.Namespace).Create(deployment)
+			return f.KubeClientSet.AppsV1().Deployments(deployment.Namespace).Create(deployment)
 		}
 		return nil, err
 	}

test/e2e/settings/pod_security_policy.go

@@ -43,7 +43,7 @@ var _ = framework.IngressNginxDescribe("[Serial] Pod Security Policies", func()
 
 	BeforeEach(func() {
 		psp := createPodSecurityPolicy()
-		_, err := f.KubeClientSet.Extensions().PodSecurityPolicies().Create(psp)
+		_, err := f.KubeClientSet.ExtensionsV1beta1().PodSecurityPolicies().Create(psp)
 		if !k8sErrors.IsAlreadyExists(err) {
 			Expect(err).NotTo(HaveOccurred(), "creating Pod Security Policy")
 		}