diff --git a/.github/workflows/tag-release.yaml b/.github/workflows/tag-release.yaml index 46d591507..18ae468ae 100644 --- a/.github/workflows/tag-release.yaml +++ b/.github/workflows/tag-release.yaml @@ -98,3 +98,29 @@ jobs: platforms: linux/amd64,linux/arm64,linux/arm/v7 push: true tags: quay.io/csiaddons/k8s-sidecar:${{ github.ref_name }} + + publish_release: + name: Publish a release based on the tag + if: github.repository == 'csi-addons/kubernetes-csi-addons' && github.ref_type == 'tag' + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - name: Check out the repo + uses: actions/checkout@v2 + + - name: Install Go 1.17 + uses: actions/setup-go@v2 + with: + go-version: '1.17' + + - name: Generate manifests for installation by kubectl + run: make manifests TAG=${{ github.ref_name }} + + - name: Publish the release and attach YAML files + uses: ncipollo/release-action@v1 + with: + tag: ${{ github.ref_name }} + artifacts: "deploy/*/*.yaml" + generateReleaseNotes: true + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/Makefile b/Makefile index 280d4fcb0..09d358b2d 100644 --- a/Makefile +++ b/Makefile @@ -32,10 +32,7 @@ PACKAGE_NAME ?= csi-addons # the kube-rbac-proxy can easily be tested. Products that include CSI-Addons # may want to provide a different location of the container-image. # The default value is set in config/default/kustomization.yaml -#RBAC_PROXY_IMG ?= gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 -ifneq ($(RBAC_PROXY_IMG),) -KUSTOMIZE_RBAC_PROXY := rbac-proxy=$(RBAC_PROXY_IMG) -endif +RBAC_PROXY_IMG ?= gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 # The default version of the bundle (CSV) can be found in # config/manifests/bases/csi-addons.clusterserviceversion.yaml . When tagging a @@ -83,16 +80,19 @@ help: ## Display this help. ##@ Development .PHONY: manifests -manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. +manifests: controller-gen kustomize ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="{./api/...,./cmd/...,./controllers/...,./sidecar/...}" output:crd:artifacts:config=config/crd/bases + cd config/manager && $(KUSTOMIZE) edit set image controller=${CONTROLLER_IMG} rbac-proxy=${RBAC_PROXY_IMG} + $(KUSTOMIZE) build config/crd > deploy/controller/crds.yaml + $(KUSTOMIZE) build config/rbac > deploy/controller/rbac.yaml + $(KUSTOMIZE) build config/manager > deploy/controller/setup-controller.yaml # generate the .clusterserviceversion.yaml config/manifests/bases/$(PACKAGE_NAME).clusterserviceversion.yaml: config/manifests/bases/clusterserviceversion.yaml.in sed 's/@PACKAGE_NAME@/$(PACKAGE_NAME)/g' < $^ > $@ .PHONY: bundle -bundle: config/manifests/bases/$(PACKAGE_NAME).clusterserviceversion.yaml kustomize operator-sdk - cd config/manager && $(KUSTOMIZE) edit set image controller=$(CONTROLLER_IMG) $(KUSTOMIZE_RBAC_PROXY) +bundle: config/manifests/bases/$(PACKAGE_NAME).clusterserviceversion.yaml manifests operator-sdk $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle --manifests --metadata --package=$(PACKAGE_NAME) $(BUNDLE_VERSION) .PHONY: generate @@ -162,21 +162,20 @@ ifndef ignore-not-found endif .PHONY: install -install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl apply -f - +install: manifests ## Install CRDs into the K8s cluster specified in ~/.kube/config. + kubectl apply -f deploy/controller/crds.yaml .PHONY: uninstall -uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. - $(KUSTOMIZE) build config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f - +uninstall: manifests ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. + kubectl delete --ignore-not-found=$(ignore-not-found) -f deploy/controller/crds.yaml .PHONY: deploy -deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. - cd config/manager && $(KUSTOMIZE) edit set image controller=${CONTROLLER_IMG} $(KUSTOMIZE_RBAC_PROXY) - $(KUSTOMIZE) build config/default | kubectl apply -f - +deploy: manifests ## Deploy controller to the K8s cluster specified in ~/.kube/config. + cd deploy/controller && kubectl apply -f crds.yaml -f rbac.yaml -f setup-controller.yaml .PHONY: undeploy undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. - $(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f - + cd deploy/controller && kubectl delete -f setup-controller.yaml -f rbac.yaml -f crds.yaml --ignore-not-found=$(ignore-not-found) # controller-gen gets installed from the vendor/ directory. CONTROLLER_GEN = $(shell pwd)/bin/controller-gen diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 580b2ad7f..14ff6fb61 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,21 +1,8 @@ -# Adds namespace to all resources. -namespace: csi-addons-system - -# Value of this field is prepended to the -# names of all resources, e.g. a deployment named -# "wordpress" becomes "alices-wordpress". -# Note that it should also match with the prefix (text before '-') of the namespace -# field above. -namePrefix: csi-addons- - # Labels to add to all resources and selectors. #commonLabels: # someName: someValue -bases: -- ../crd -- ../rbac -- ../manager +# bases: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml #- ../webhook @@ -24,12 +11,7 @@ bases: # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus -patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml - +# patchesStrategicMerge: # Mount the controller config file for loading manager configurations # through a ComponentConfig type #- manager_config_patch.yaml @@ -44,7 +26,7 @@ patchesStrategicMerge: #- webhookcainjection_patch.yaml # the following config is for teaching kustomize how to do var substitution -vars: +# vars: # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. #- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR # objref: @@ -73,7 +55,9 @@ vars: # version: v1 # name: webhook-service -images: -- name: rbac-proxy - newName: gcr.io/kubebuilder/kube-rbac-proxy - newTag: v0.8.0 +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../crd +- ../rbac +- ../manager diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 98ef21b5b..05fdf6996 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,6 +1,22 @@ +# Adds namespace to all resources. +namespace: csi-addons-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: csi-addons- + resources: - manager.yaml +# Protect the /metrics endpoint by putting it behind auth. +# If you want your controller-manager to expose the /metrics +# endpoint w/o any authn/z, please comment the following line. +patchesStrategicMerge: +- manager_auth_proxy_patch.yaml + generatorOptions: disableNameSuffixHash: true @@ -14,3 +30,6 @@ images: - name: controller newName: quay.io/csiaddons/k8s-controller newTag: latest +- name: rbac-proxy + newName: gcr.io/kubebuilder/kube-rbac-proxy + newTag: v0.8.0 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index cf11cecc2..a2bfae75e 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -1,10 +1,3 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - control-plane: controller-manager - name: system ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -56,5 +49,5 @@ spec: requests: cpu: 10m memory: 64Mi - serviceAccountName: controller-manager + serviceAccountName: csi-addons-controller-manager terminationGracePeriodSeconds: 10 diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/manager/manager_auth_proxy_patch.yaml similarity index 69% rename from config/default/manager_auth_proxy_patch.yaml rename to config/manager/manager_auth_proxy_patch.yaml index 1858c6c34..dbb8f2d84 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/manager/manager_auth_proxy_patch.yaml @@ -20,6 +20,15 @@ spec: - containerPort: 8443 protocol: TCP name: https + # TODO(user): Configure the resources accordingly based on the project requirements. + # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi - name: manager args: - "--health-probe-bind-address=:8081" diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 731832a6a..d60ac367d 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,9 +1,20 @@ +# Adds namespace to all resources. +namespace: csi-addons-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: csi-addons- + resources: # All RBAC will be applied under this service account in # the deployment namespace. You may comment out this resource # if your manager will use a service account that exists at # runtime. Be sure to update RoleBinding and ClusterRoleBinding # subjects if changing service account names. +- namespace.yaml - service_account.yaml - role.yaml - role_binding.yaml diff --git a/config/rbac/namespace.yaml b/config/rbac/namespace.yaml new file mode 100644 index 000000000..8b55c3cd8 --- /dev/null +++ b/config/rbac/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: system diff --git a/controllers/reclaimspacejob_controller.go b/controllers/reclaimspacejob_controller.go index 439dcb687..f96737aba 100644 --- a/controllers/reclaimspacejob_controller.go +++ b/controllers/reclaimspacejob_controller.go @@ -30,6 +30,8 @@ import ( "github.com/csi-addons/spec/lib/go/identity" "github.com/go-logr/logr" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" corev1 "k8s.io/api/core/v1" scv1 "k8s.io/api/storage/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -374,6 +376,11 @@ func (r *ReclaimSpaceJobReconciler) controllerReclaimSpace( defer cancel() resp, err := controllerClient.ControllerReclaimSpace(newCtx, req) if err != nil { + // Unimplemented suggests that the function is not supported + if status.Code(err) == codes.Unimplemented { + logger.Info(fmt.Sprintf("ControllerReclaimSpace is not implemented by driver: %v", err)) + return true, nil, nil + } return true, nil, err } @@ -406,6 +413,11 @@ func (r *ReclaimSpaceJobReconciler) nodeReclaimSpace( defer cancel() resp, err := nodeClient.NodeReclaimSpace(newCtx, req) if err != nil { + // Unimplemented suggests that the function is not supported + if status.Code(err) == codes.Unimplemented { + logger.Info(fmt.Sprintf("NodeReclaimSpace is not implemented by driver: %v", err)) + return nil, nil + } return nil, err } diff --git a/deploy/controller/crds.yaml b/deploy/controller/crds.yaml new file mode 100644 index 000000000..3fa1900a8 --- /dev/null +++ b/deploy/controller/crds.yaml @@ -0,0 +1,681 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: csiaddonsnodes.csiaddons.openshift.io +spec: + group: csiaddons.openshift.io + names: + kind: CSIAddonsNode + listKind: CSIAddonsNodeList + plural: csiaddonsnodes + singular: csiaddonsnode + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.namespace + name: namespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.driver.name + name: DriverName + type: string + - jsonPath: .spec.driver.endpoint + name: Endpoint + type: string + - jsonPath: .spec.driver.nodeID + name: NodeID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: CSIAddonsNode is the Schema for the csiaddonsnode API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CSIAddonsNodeSpec defines the desired state of CSIAddonsNode + properties: + driver: + description: Driver is the information of the CSI Driver existing + on a node. If the driver is uninstalled, this can become empty. + properties: + endpoint: + description: EndPoint is url that contains the ip-address to which + the CSI-Addons side-car listens to. + type: string + name: + description: 'Name is the name of the CSI driver that this object + refers to. This must be the same name returned by the CSI-Addons + GetIdentity() call for that driver. The name of the driver is + in the format: `example.csi.ceph.com`' + type: string + nodeID: + description: NodeID is the ID of the node to identify on which + node the side-car is running. + type: string + required: + - endpoint + - name + - nodeID + type: object + required: + - driver + type: object + status: + description: CSIAddonsNodeStatus defines the observed state of CSIAddonsNode + properties: + message: + description: Messgae is a human-readable message indicating details + about why the CSIAddonsNode is in this state. + type: string + reason: + description: Reason is a brief CamelCase string that describes any + failure and is meant for machine parsing and tidy display in the + CLI. + type: string + state: + description: State represents the state of the CSIAddonsNode object. + It informs whether or not the CSIAddonsNode is Connected to the + CSI Driver. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: networkfences.csiaddons.openshift.io +spec: + group: csiaddons.openshift.io + names: + kind: NetworkFence + listKind: NetworkFenceList + plural: networkfences + singular: networkfence + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .spec.driver + name: Driver + type: string + - jsonPath: .spec.cidrs + name: Cidrs + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.result + name: Result + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NetworkFence is the Schema for the networkfences API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkFenceSpec defines the desired state of NetworkFence + properties: + cidrs: + description: Cidrs contains a list of CIDR blocks, which are required + to be fenced. + items: + type: string + type: array + driver: + description: Driver contains the name of CSI driver. + type: string + parameters: + additionalProperties: + type: string + description: Parameters is used to pass additional parameters to the + CSI driver. + type: object + secret: + description: Secret is a kubernetes secret, which is required to perform + the fence/unfence operation. + properties: + name: + description: Name specifies the name of the secret. + type: string + namespace: + description: Namespace specifies the namespace in which the secret + is located. + type: string + type: object + required: + - cidrs + - driver + type: object + status: + description: NetworkFenceStatus defines the observed state of NetworkFence + properties: + conditions: + description: Conditions are the list of conditions and their status. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + message: + description: Message contains any message from the NetworkFence operation. + type: string + result: + description: Result indicates the result of NetworkFence operation. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: reclaimspacecronjobs.csiaddons.openshift.io +spec: + group: csiaddons.openshift.io + names: + kind: ReclaimSpaceCronJob + listKind: ReclaimSpaceCronJobList + plural: reclaimspacecronjobs + singular: reclaimspacecronjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.schedule + name: Schedule + type: string + - jsonPath: .spec.suspend + name: Suspend + type: boolean + - jsonPath: .status.active.name + name: Active + type: string + - jsonPath: .status.lastScheduleTime + name: Lastschedule + type: date + - jsonPath: .status.lastSuccessfulTime + name: Lastsuccessfultime + priority: 1 + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ReclaimSpaceCronJob is the Schema for the reclaimspacecronjobs + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReclaimSpaceCronJobSpec defines the desired state of ReclaimSpaceJob + properties: + concurrencyPolicy: + default: Forbid + description: 'Specifies how to treat concurrent executions of a Job. + Valid values are: - "Forbid" (default): forbids concurrent runs, + skipping next run if previous run hasn''t finished yet; - "Replace": + cancels currently running job and replaces it with a new one' + enum: + - Forbid + - Replace + type: string + failedJobsHistoryLimit: + default: 1 + description: The number of failed finished jobs to retain. Value must + be non-negative integer. Defaults to 1. + format: int32 + maximum: 60 + minimum: 0 + type: integer + jobTemplate: + description: Specifies the job that will be created when executing + a CronJob. + properties: + metadata: + description: 'Standard object''s metadata of the jobs created + from this template. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: 'Specification of the desired behavior of the job. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + backOffLimit: + default: 6 + description: BackOffLimit specifies the number of retries + allowed before marking reclaim space operation as failed. + If not specified, defaults to 6. Maximum allowed value is + 60 and minimum allowed value is 0. + format: int32 + maximum: 60 + minimum: 0 + type: integer + retryDeadlineSeconds: + default: 600 + description: RetryDeadlineSeconds specifies the duration in + seconds relative to the start time that the operation may + be retried; value MUST be positive integer. If not specified, + defaults to 600 seconds. Maximum allowed value is 1800. + format: int64 + maximum: 1800 + minimum: 0 + type: integer + target: + description: Target represents volume target on which the + operation will be performed. + properties: + persistentVolumeClaim: + description: PersistentVolumeClaim specifies the target + PersistentVolumeClaim name. + type: string + type: object + required: + - target + type: object + type: object + schedule: + description: The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron. + pattern: .+ + type: string + startingDeadlineSeconds: + description: Optional deadline in seconds for starting the job if + it misses scheduled time for any reason. Missed jobs executions + will be counted as failed ones. + format: int64 + type: integer + successfulJobsHistoryLimit: + default: 3 + description: The number of successful finished jobs to retain. Value + must be non-negative integer. Defaults to 3. + format: int32 + maximum: 60 + minimum: 0 + type: integer + suspend: + description: This flag tells the controller to suspend subsequent + executions, it does not apply to already started executions. Defaults + to false. + type: boolean + required: + - jobTemplate + - schedule + type: object + status: + description: ReclaimSpaceCronJobStatus defines the observed state of ReclaimSpaceJob + properties: + active: + description: A pointer to currently running job. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + lastScheduleTime: + description: Information when was the last time the job was successfully + scheduled. + format: date-time + type: string + lastSuccessfulTime: + description: Information when was the last time the job successfully + completed. + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: reclaimspacejobs.csiaddons.openshift.io +spec: + group: csiaddons.openshift.io + names: + kind: ReclaimSpaceJob + listKind: ReclaimSpaceJobList + plural: reclaimspacejobs + singular: reclaimspacejob + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.namespace + name: Namespace + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.retries + name: Retries + type: integer + - jsonPath: .status.result + name: Result + type: string + - jsonPath: .status.reclaimedSpace + name: ReclaimedSpace + priority: 1 + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ReclaimSpaceJob is the Schema for the reclaimspacejobs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ReclaimSpaceJobSpec defines the desired state of ReclaimSpaceJob + properties: + backOffLimit: + default: 6 + description: BackOffLimit specifies the number of retries allowed + before marking reclaim space operation as failed. If not specified, + defaults to 6. Maximum allowed value is 60 and minimum allowed value + is 0. + format: int32 + maximum: 60 + minimum: 0 + type: integer + retryDeadlineSeconds: + default: 600 + description: RetryDeadlineSeconds specifies the duration in seconds + relative to the start time that the operation may be retried; value + MUST be positive integer. If not specified, defaults to 600 seconds. + Maximum allowed value is 1800. + format: int64 + maximum: 1800 + minimum: 0 + type: integer + target: + description: Target represents volume target on which the operation + will be performed. + properties: + persistentVolumeClaim: + description: PersistentVolumeClaim specifies the target PersistentVolumeClaim + name. + type: string + type: object + required: + - target + type: object + status: + description: ReclaimSpaceJobStatus defines the observed state of ReclaimSpaceJob + properties: + completionTime: + format: date-time + type: string + conditions: + description: Conditions are the list of conditions and their status. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + message: + description: Message contains any message from the ReclaimSpaceJob. + type: string + reclaimedSpace: + anyOf: + - type: integer + - type: string + description: ReclaimedSpace indicates the amount of space reclaimed. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + result: + description: Result indicates the result of ReclaimSpaceJob. + type: string + retries: + description: Retries indicates the number of times the operation is + retried. + format: int32 + type: integer + startTime: + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/controller/rbac.yaml b/deploy/controller/rbac.yaml new file mode 100644 index 000000000..f4103061e --- /dev/null +++ b/deploy/controller/rbac.yaml @@ -0,0 +1,284 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: csi-addons-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: csi-addons-controller-manager + namespace: csi-addons-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: csi-addons-leader-election-role + namespace: csi-addons-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: csi-addons-manager-role +rules: +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims/finalizers + verbs: + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - csiaddonsnodes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - csiaddons.openshift.io + resources: + - csiaddonsnodes/finalizers + verbs: + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - csiaddonsnodes/status + verbs: + - get + - patch + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - networkfences + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - csiaddons.openshift.io + resources: + - networkfences/finalizers + verbs: + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - networkfences/status + verbs: + - get + - patch + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - reclaimspacecronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - csiaddons.openshift.io + resources: + - reclaimspacecronjobs/finalizers + verbs: + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - reclaimspacecronjobs/status + verbs: + - get + - patch + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - reclaimspacejobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - csiaddons.openshift.io + resources: + - reclaimspacejobs/finalizers + verbs: + - update +- apiGroups: + - csiaddons.openshift.io + resources: + - reclaimspacejobs/status + verbs: + - get + - patch + - update +- apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: csi-addons-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: csi-addons-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: csi-addons-leader-election-rolebinding + namespace: csi-addons-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: csi-addons-leader-election-role +subjects: +- kind: ServiceAccount + name: csi-addons-controller-manager + namespace: csi-addons-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-addons-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-addons-manager-role +subjects: +- kind: ServiceAccount + name: csi-addons-controller-manager + namespace: csi-addons-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: csi-addons-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: csi-addons-proxy-role +subjects: +- kind: ServiceAccount + name: csi-addons-controller-manager + namespace: csi-addons-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: csi-addons-controller-manager-metrics-service + namespace: csi-addons-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager diff --git a/deploy/controller/setup-controller.yaml b/deploy/controller/setup-controller.yaml new file mode 100644 index 000000000..410c1b63e --- /dev/null +++ b/deploy/controller/setup-controller.yaml @@ -0,0 +1,90 @@ +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: e8cd140a.openshift.io +kind: ConfigMap +metadata: + name: csi-addons-manager-config + namespace: csi-addons-system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: csi-addons-controller-manager + namespace: csi-addons-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + image: quay.io/csiaddons/k8s-controller:latest + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: csi-addons-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/go.mod b/go.mod index e85a04564..15c3976a4 100644 --- a/go.mod +++ b/go.mod @@ -9,11 +9,11 @@ require ( github.com/golang/protobuf v1.5.2 github.com/kubernetes-csi/csi-lib-utils v0.10.0 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.18.0 + github.com/onsi/gomega v1.18.1 github.com/operator-framework/operator-sdk v1.16.0 github.com/robfig/cron/v3 v3.0.1 github.com/stretchr/testify v1.7.0 - google.golang.org/grpc v1.43.0 + google.golang.org/grpc v1.44.0 google.golang.org/protobuf v1.27.1 k8s.io/api v0.23.1 k8s.io/apimachinery v0.23.1 diff --git a/go.sum b/go.sum index 9d4b289f1..50ed743ec 100644 --- a/go.sum +++ b/go.sum @@ -877,8 +877,8 @@ github.com/onsi/gomega v1.13.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je4 github.com/onsi/gomega v1.14.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.18.0 h1:ngbYoRctxjl8SiF7XgP0NxBFbfHcg3wfHMMaFHWwMTM= -github.com/onsi/gomega v1.18.0/go.mod h1:0q+aL8jAiMXy9hbwj2mr5GziHiwhAIQpFmmtT5hitRs= +github.com/onsi/gomega v1.18.1 h1:M1GfJqGRrBrrGGsbxzV5dqM2U2ApXefZCQpkukxYRLE= +github.com/onsi/gomega v1.18.1/go.mod h1:0q+aL8jAiMXy9hbwj2mr5GziHiwhAIQpFmmtT5hitRs= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -1694,8 +1694,8 @@ google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= -google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg= +google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc/cmd/protoc-gen-go-grpc v0.0.0-20200709232328-d8193ee9cc3e/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= diff --git a/vendor/github.com/onsi/gomega/CHANGELOG.md b/vendor/github.com/onsi/gomega/CHANGELOG.md index 78ca39a90..e3b437985 100644 --- a/vendor/github.com/onsi/gomega/CHANGELOG.md +++ b/vendor/github.com/onsi/gomega/CHANGELOG.md @@ -1,3 +1,8 @@ +## 1.18.1 + +## Fixes +- Add pointer support to HaveField matcher (#495) [79e41a3] + ## 1.18.0 ## Features diff --git a/vendor/github.com/onsi/gomega/gomega_dsl.go b/vendor/github.com/onsi/gomega/gomega_dsl.go index 81181dc94..6936e2411 100644 --- a/vendor/github.com/onsi/gomega/gomega_dsl.go +++ b/vendor/github.com/onsi/gomega/gomega_dsl.go @@ -22,7 +22,7 @@ import ( "github.com/onsi/gomega/types" ) -const GOMEGA_VERSION = "1.18.0" +const GOMEGA_VERSION = "1.18.1" const nilGomegaPanic = `You are trying to make an assertion, but haven't registered Gomega's fail handler. If you're using Ginkgo then you probably forgot to put your assertion in an It(). diff --git a/vendor/github.com/onsi/gomega/matchers/have_field.go b/vendor/github.com/onsi/gomega/matchers/have_field.go index 2f1a91634..e1fe934d5 100644 --- a/vendor/github.com/onsi/gomega/matchers/have_field.go +++ b/vendor/github.com/onsi/gomega/matchers/have_field.go @@ -12,6 +12,13 @@ func extractField(actual interface{}, field string) (interface{}, error) { fields := strings.SplitN(field, ".", 2) actualValue := reflect.ValueOf(actual) + if actualValue.Kind() == reflect.Ptr { + actualValue = actualValue.Elem() + } + if actualValue == (reflect.Value{}) { + return nil, fmt.Errorf("HaveField encountered nil while dereferencing a pointer of type %T.", actual) + } + if actualValue.Kind() != reflect.Struct { return nil, fmt.Errorf("HaveField encountered:\n%s\nWhich is not a struct.", format.Object(actual, 1)) } diff --git a/vendor/google.golang.org/grpc/attributes/attributes.go b/vendor/google.golang.org/grpc/attributes/attributes.go index 6ff2792ee..ae13ddac1 100644 --- a/vendor/google.golang.org/grpc/attributes/attributes.go +++ b/vendor/google.golang.org/grpc/attributes/attributes.go @@ -69,7 +69,9 @@ func (a *Attributes) Value(key interface{}) interface{} { // bool' is implemented for a value in the attributes, it is called to // determine if the value matches the one stored in the other attributes. If // Equal is not implemented, standard equality is used to determine if the two -// values are equal. +// values are equal. Note that some types (e.g. maps) aren't comparable by +// default, so they must be wrapped in a struct, or in an alias type, with Equal +// defined. func (a *Attributes) Equal(o *Attributes) bool { if a == nil && o == nil { return true diff --git a/vendor/google.golang.org/grpc/credentials/insecure/insecure.go b/vendor/google.golang.org/grpc/credentials/insecure/insecure.go index 22a8f996a..4fbed1256 100644 --- a/vendor/google.golang.org/grpc/credentials/insecure/insecure.go +++ b/vendor/google.golang.org/grpc/credentials/insecure/insecure.go @@ -18,11 +18,6 @@ // Package insecure provides an implementation of the // credentials.TransportCredentials interface which disables transport security. -// -// Experimental -// -// Notice: This package is EXPERIMENTAL and may be changed or removed in a -// later release. package insecure import ( diff --git a/vendor/google.golang.org/grpc/dialoptions.go b/vendor/google.golang.org/grpc/dialoptions.go index 063f1e903..c4bf09f9e 100644 --- a/vendor/google.golang.org/grpc/dialoptions.go +++ b/vendor/google.golang.org/grpc/dialoptions.go @@ -272,7 +272,7 @@ func withBackoff(bs internalbackoff.Strategy) DialOption { }) } -// WithBlock returns a DialOption which makes caller of Dial blocks until the +// WithBlock returns a DialOption which makes callers of Dial block until the // underlying connection is up. Without this, Dial returns immediately and // connecting the server happens in background. func WithBlock() DialOption { @@ -304,7 +304,7 @@ func WithReturnConnectionError() DialOption { // WithCredentialsBundle or WithPerRPCCredentials) which require transport // security is incompatible and will cause grpc.Dial() to fail. // -// Deprecated: use insecure.NewCredentials() instead. +// Deprecated: use WithTransportCredentials and insecure.NewCredentials() instead. // Will be supported throughout 1.x. func WithInsecure() DialOption { return newFuncDialOption(func(o *dialOptions) { diff --git a/vendor/google.golang.org/grpc/grpclog/loggerv2.go b/vendor/google.golang.org/grpc/grpclog/loggerv2.go index 34098bb8e..7c1f66409 100644 --- a/vendor/google.golang.org/grpc/grpclog/loggerv2.go +++ b/vendor/google.golang.org/grpc/grpclog/loggerv2.go @@ -248,12 +248,12 @@ func (g *loggerT) V(l int) bool { // later release. type DepthLoggerV2 interface { LoggerV2 - // InfoDepth logs to INFO log at the specified depth. Arguments are handled in the manner of fmt.Print. + // InfoDepth logs to INFO log at the specified depth. Arguments are handled in the manner of fmt.Println. InfoDepth(depth int, args ...interface{}) - // WarningDepth logs to WARNING log at the specified depth. Arguments are handled in the manner of fmt.Print. + // WarningDepth logs to WARNING log at the specified depth. Arguments are handled in the manner of fmt.Println. WarningDepth(depth int, args ...interface{}) - // ErrorDetph logs to ERROR log at the specified depth. Arguments are handled in the manner of fmt.Print. + // ErrorDepth logs to ERROR log at the specified depth. Arguments are handled in the manner of fmt.Println. ErrorDepth(depth int, args ...interface{}) - // FatalDepth logs to FATAL log at the specified depth. Arguments are handled in the manner of fmt.Print. + // FatalDepth logs to FATAL log at the specified depth. Arguments are handled in the manner of fmt.Println. FatalDepth(depth int, args ...interface{}) } diff --git a/vendor/google.golang.org/grpc/internal/envconfig/xds.go b/vendor/google.golang.org/grpc/internal/envconfig/xds.go index 93522d716..9bad03cec 100644 --- a/vendor/google.golang.org/grpc/internal/envconfig/xds.go +++ b/vendor/google.golang.org/grpc/internal/envconfig/xds.go @@ -42,6 +42,7 @@ const ( aggregateAndDNSSupportEnv = "GRPC_XDS_EXPERIMENTAL_ENABLE_AGGREGATE_AND_LOGICAL_DNS_CLUSTER" rbacSupportEnv = "GRPC_XDS_EXPERIMENTAL_RBAC" federationEnv = "GRPC_EXPERIMENTAL_XDS_FEDERATION" + rlsInXDSEnv = "GRPC_EXPERIMENTAL_XDS_RLS_LB" c2pResolverTestOnlyTrafficDirectorURIEnv = "GRPC_TEST_ONLY_GOOGLE_C2P_RESOLVER_TRAFFIC_DIRECTOR_URI" ) @@ -85,6 +86,12 @@ var ( // XDSFederation indicates whether federation support is enabled. XDSFederation = strings.EqualFold(os.Getenv(federationEnv), "true") + // XDSRLS indicates whether processing of Cluster Specifier plugins and + // support for the RLS CLuster Specifier is enabled, which can be enabled by + // setting the environment variable "GRPC_EXPERIMENTAL_XDS_RLS_LB" to + // "true". + XDSRLS = strings.EqualFold(os.Getenv(rlsInXDSEnv), "true") + // C2PResolverTestOnlyTrafficDirectorURI is the TD URI for testing. C2PResolverTestOnlyTrafficDirectorURI = os.Getenv(c2pResolverTestOnlyTrafficDirectorURIEnv) ) diff --git a/vendor/google.golang.org/grpc/internal/grpclog/grpclog.go b/vendor/google.golang.org/grpc/internal/grpclog/grpclog.go index e6f975cbf..30a3b4258 100644 --- a/vendor/google.golang.org/grpc/internal/grpclog/grpclog.go +++ b/vendor/google.golang.org/grpc/internal/grpclog/grpclog.go @@ -115,12 +115,12 @@ type LoggerV2 interface { // Notice: This type is EXPERIMENTAL and may be changed or removed in a // later release. type DepthLoggerV2 interface { - // InfoDepth logs to INFO log at the specified depth. Arguments are handled in the manner of fmt.Print. + // InfoDepth logs to INFO log at the specified depth. Arguments are handled in the manner of fmt.Println. InfoDepth(depth int, args ...interface{}) - // WarningDepth logs to WARNING log at the specified depth. Arguments are handled in the manner of fmt.Print. + // WarningDepth logs to WARNING log at the specified depth. Arguments are handled in the manner of fmt.Println. WarningDepth(depth int, args ...interface{}) - // ErrorDetph logs to ERROR log at the specified depth. Arguments are handled in the manner of fmt.Print. + // ErrorDepth logs to ERROR log at the specified depth. Arguments are handled in the manner of fmt.Println. ErrorDepth(depth int, args ...interface{}) - // FatalDepth logs to FATAL log at the specified depth. Arguments are handled in the manner of fmt.Print. + // FatalDepth logs to FATAL log at the specified depth. Arguments are handled in the manner of fmt.Println. FatalDepth(depth int, args ...interface{}) } diff --git a/vendor/google.golang.org/grpc/internal/grpcutil/regex.go b/vendor/google.golang.org/grpc/internal/grpcutil/regex.go index 2810a8ba2..7a092b2b8 100644 --- a/vendor/google.golang.org/grpc/internal/grpcutil/regex.go +++ b/vendor/google.golang.org/grpc/internal/grpcutil/regex.go @@ -20,9 +20,12 @@ package grpcutil import "regexp" -// FullMatchWithRegex returns whether the full string matches the regex provided. -func FullMatchWithRegex(re *regexp.Regexp, string string) bool { +// FullMatchWithRegex returns whether the full text matches the regex provided. +func FullMatchWithRegex(re *regexp.Regexp, text string) bool { + if len(text) == 0 { + return re.MatchString(text) + } re.Longest() - rem := re.FindString(string) - return len(rem) == len(string) + rem := re.FindString(text) + return len(rem) == len(text) } diff --git a/vendor/google.golang.org/grpc/regenerate.sh b/vendor/google.golang.org/grpc/regenerate.sh index a0a71aae9..58c802f8a 100644 --- a/vendor/google.golang.org/grpc/regenerate.sh +++ b/vendor/google.golang.org/grpc/regenerate.sh @@ -76,7 +76,21 @@ SOURCES=( # These options of the form 'Mfoo.proto=bar' instruct the codegen to use an # import path of 'bar' in the generated code when 'foo.proto' is imported in # one of the sources. -OPTS=Mgrpc/service_config/service_config.proto=/internal/proto/grpc_service_config,Mgrpc/core/stats.proto=google.golang.org/grpc/interop/grpc_testing/core +# +# Note that the protos listed here are all for testing purposes. All protos to +# be used externally should have a go_package option (and they don't need to be +# listed here). +OPTS=Mgrpc/service_config/service_config.proto=/internal/proto/grpc_service_config,\ +Mgrpc/core/stats.proto=google.golang.org/grpc/interop/grpc_testing/core,\ +Mgrpc/testing/benchmark_service.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/stats.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/report_qps_scenario_service.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/messages.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/worker_service.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/control.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/test.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/payloads.proto=google.golang.org/grpc/interop/grpc_testing,\ +Mgrpc/testing/empty.proto=google.golang.org/grpc/interop/grpc_testing for src in ${SOURCES[@]}; do echo "protoc ${src}" @@ -85,7 +99,6 @@ for src in ${SOURCES[@]}; do -I${WORKDIR}/grpc-proto \ -I${WORKDIR}/googleapis \ -I${WORKDIR}/protobuf/src \ - -I${WORKDIR}/istio \ ${src} done @@ -96,7 +109,6 @@ for src in ${LEGACY_SOURCES[@]}; do -I${WORKDIR}/grpc-proto \ -I${WORKDIR}/googleapis \ -I${WORKDIR}/protobuf/src \ - -I${WORKDIR}/istio \ ${src} done diff --git a/vendor/google.golang.org/grpc/version.go b/vendor/google.golang.org/grpc/version.go index 8ef095879..9d3fd73da 100644 --- a/vendor/google.golang.org/grpc/version.go +++ b/vendor/google.golang.org/grpc/version.go @@ -19,4 +19,4 @@ package grpc // Version is the current grpc version. -const Version = "1.43.0" +const Version = "1.44.1-dev" diff --git a/vendor/modules.txt b/vendor/modules.txt index b98ef0227..7a0262283 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -534,7 +534,7 @@ github.com/onsi/ginkgo/reporters/stenographer github.com/onsi/ginkgo/reporters/stenographer/support/go-colorable github.com/onsi/ginkgo/reporters/stenographer/support/go-isatty github.com/onsi/ginkgo/types -# github.com/onsi/gomega v1.18.0 +# github.com/onsi/gomega v1.18.1 ## explicit; go 1.16 github.com/onsi/gomega github.com/onsi/gomega/format @@ -1015,7 +1015,7 @@ google.golang.org/appengine/urlfetch google.golang.org/genproto/googleapis/api/httpbody google.golang.org/genproto/googleapis/rpc/status google.golang.org/genproto/protobuf/field_mask -# google.golang.org/grpc v1.43.0 +# google.golang.org/grpc v1.44.0 ## explicit; go 1.14 google.golang.org/grpc google.golang.org/grpc/attributes