From 9d21958c970c625ec00a15eae55527b49ef95d4c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 18 Oct 2023 22:59:44 +0000 Subject: [PATCH 1/3] fix(deps): update module sigs.k8s.io/controller-runtime to v0.16.3 --- go.mod | 14 ++--- go.sum | 14 +++++ .../apimachinery/pkg/util/runtime/runtime.go | 15 +++-- vendor/modules.txt | 14 ++--- .../controller-runtime/pkg/cache/cache.go | 48 +++++++++++++++- .../pkg/cache/multi_namespace_cache.go | 4 ++ .../pkg/client/apiutil/errors.go | 54 ++++++++++++++++++ .../pkg/client/apiutil/restmapper.go | 3 +- .../pkg/client/fake/client.go | 57 ++++++++----------- .../pkg/client/interfaces.go | 1 + .../controller-runtime/pkg/manager/manager.go | 18 +++++- 11 files changed, 184 insertions(+), 58 deletions(-) create mode 100644 vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go diff --git a/go.mod b/go.mod index 4c3ae3a23..c3e93d4f2 100644 --- a/go.mod +++ b/go.mod @@ -6,9 +6,9 @@ require ( github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.28.0 github.com/wI2L/jsondiff v0.4.0 - k8s.io/apimachinery v0.28.2 - k8s.io/client-go v0.28.2 - sigs.k8s.io/controller-runtime v0.16.1 + k8s.io/apimachinery v0.28.3 + k8s.io/client-go v0.28.3 + sigs.k8s.io/controller-runtime v0.16.3 ) require ( @@ -75,10 +75,10 @@ require ( gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 - k8s.io/api v0.28.2 - k8s.io/apiextensions-apiserver v0.28.2 - k8s.io/apiserver v0.28.2 - k8s.io/component-base v0.28.2 // indirect + k8s.io/api v0.28.3 + k8s.io/apiextensions-apiserver v0.28.3 + k8s.io/apiserver v0.28.3 + k8s.io/component-base v0.28.3 // indirect k8s.io/klog/v2 v2.100.1 // indirect k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f // indirect k8s.io/pod-security-admission v0.28.2 diff --git a/go.sum b/go.sum index 9116c06b6..057a4ccc0 100644 --- a/go.sum +++ b/go.sum @@ -440,16 +440,28 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.28.2 h1:9mpl5mOb6vXZvqbQmankOfPIGiudghwCoLl1EYfUZbw= k8s.io/api v0.28.2/go.mod h1:RVnJBsjU8tcMq7C3iaRSGMeaKt2TWEUXcpIt/90fjEg= +k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= +k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc= k8s.io/apiextensions-apiserver v0.28.2 h1:J6/QRWIKV2/HwBhHRVITMLYoypCoPY1ftigDM0Kn+QU= k8s.io/apiextensions-apiserver v0.28.2/go.mod h1:5tnkxLGa9nefefYzWuAlWZ7RZYuN/765Au8cWLA6SRg= +k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= +k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= k8s.io/apimachinery v0.28.2 h1:KCOJLrc6gu+wV1BYgwik4AF4vXOlVJPdiqn0yAWWwXQ= k8s.io/apimachinery v0.28.2/go.mod h1:RdzF87y/ngqk9H4z3EL2Rppv5jj95vGS/HaFXrLDApU= +k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= +k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= k8s.io/apiserver v0.28.2 h1:rBeYkLvF94Nku9XfXyUIirsVzCzJBs6jMn3NWeHieyI= k8s.io/apiserver v0.28.2/go.mod h1:f7D5e8wH8MWcKD7azq6Csw9UN+CjdtXIVQUyUhrtb+E= +k8s.io/apiserver v0.28.3 h1:8Ov47O1cMyeDzTXz0rwcfIIGAP/dP7L8rWbEljRcg5w= +k8s.io/apiserver v0.28.3/go.mod h1:YIpM+9wngNAv8Ctt0rHG4vQuX/I5rvkEMtZtsxW2rNM= k8s.io/client-go v0.28.2 h1:DNoYI1vGq0slMBN/SWKMZMw0Rq+0EQW6/AK4v9+3VeY= k8s.io/client-go v0.28.2/go.mod h1:sMkApowspLuc7omj1FOSUxSoqjr+d5Q0Yc0LOFnYFJY= +k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= +k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= k8s.io/component-base v0.28.2 h1:Yc1yU+6AQSlpJZyvehm/NkJBII72rzlEsd6MkBQ+G0E= k8s.io/component-base v0.28.2/go.mod h1:4IuQPQviQCg3du4si8GpMrhAIegxpsgPngPRR/zWpzc= +k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= +k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-aggregator v0.28.2 h1:tCjAfB1p/v18yD2NpegNQRuahzyA/szFfcRARnpjDeo= @@ -462,6 +474,8 @@ k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSn k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.16.1 h1:+15lzrmHsE0s2kNl0Dl8cTchI5Cs8qofo5PGcPrV9z0= sigs.k8s.io/controller-runtime v0.16.1/go.mod h1:vpMu3LpI5sYWtujJOa2uPK61nB5rbwlN7BAB8aSLvGU= +sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= +sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= sigs.k8s.io/controller-tools v0.13.0 h1:NfrvuZ4bxyolhDBt/rCZhDnx3M2hzlhgo5n3Iv2RykI= sigs.k8s.io/controller-tools v0.13.0/go.mod h1:5vw3En2NazbejQGCeWKRrE7q4P+CW8/klfVqP8QZkgA= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= diff --git a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go index d738725ca..3674914f7 100644 --- a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go +++ b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go @@ -126,14 +126,17 @@ type rudimentaryErrorBackoff struct { // OnError will block if it is called more often than the embedded period time. // This will prevent overly tight hot error loops. func (r *rudimentaryErrorBackoff) OnError(error) { + now := time.Now() // start the timer before acquiring the lock r.lastErrorTimeLock.Lock() - defer r.lastErrorTimeLock.Unlock() - d := time.Since(r.lastErrorTime) - if d < r.minPeriod { - // If the time moves backwards for any reason, do nothing - time.Sleep(r.minPeriod - d) - } + d := now.Sub(r.lastErrorTime) r.lastErrorTime = time.Now() + r.lastErrorTimeLock.Unlock() + + // Do not sleep with the lock held because that causes all callers of HandleError to block. + // We only want the current goroutine to block. + // A negative or zero duration causes time.Sleep to return immediately. + // If the time moves backwards for any reason, do nothing. + time.Sleep(r.minPeriod - d) } // GetCaller returns the caller of the function that calls it. diff --git a/vendor/modules.txt b/vendor/modules.txt index 3e5c7e41c..184548ab0 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -690,7 +690,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v0.28.2 +# k8s.io/api v0.28.3 ## explicit; go 1.20 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -747,7 +747,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.28.2 +# k8s.io/apiextensions-apiserver v0.28.3 ## explicit; go 1.20 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 @@ -765,7 +765,7 @@ k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensio k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/internalinterfaces k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1 k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1 -# k8s.io/apimachinery v0.28.2 +# k8s.io/apimachinery v0.28.3 ## explicit; go 1.20 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -818,11 +818,11 @@ k8s.io/apimachinery/pkg/version k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.28.2 +# k8s.io/apiserver v0.28.3 ## explicit; go 1.20 k8s.io/apiserver/pkg/authentication/user k8s.io/apiserver/pkg/storage/names -# k8s.io/client-go v0.28.2 +# k8s.io/client-go v0.28.3 ## explicit; go 1.20 k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1 @@ -1082,7 +1082,7 @@ k8s.io/client-go/util/homedir k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/component-base v0.28.2 +# k8s.io/component-base v0.28.3 ## explicit; go 1.20 k8s.io/component-base/config k8s.io/component-base/config/v1alpha1 @@ -1134,7 +1134,7 @@ k8s.io/utils/pointer k8s.io/utils/ptr k8s.io/utils/strings/slices k8s.io/utils/trace -# sigs.k8s.io/controller-runtime v0.16.1 +# sigs.k8s.io/controller-runtime v0.16.3 ## explicit; go 1.20 sigs.k8s.io/controller-runtime sigs.k8s.io/controller-runtime/pkg/builder diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/cache/cache.go b/vendor/sigs.k8s.io/controller-runtime/pkg/cache/cache.go index 1ea44d9b8..5410e1cdd 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/cache/cache.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/cache/cache.go @@ -22,8 +22,10 @@ import ( "net/http" "time" + "golang.org/x/exp/maps" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/runtime" @@ -121,6 +123,10 @@ type Informer interface { HasSynced() bool } +// AllNamespaces should be used as the map key to deliminate namespace settings +// that apply to all namespaces that themselves do not have explicit settings. +const AllNamespaces = metav1.NamespaceAll + // Options are the optional arguments for creating a new Cache object. type Options struct { // HTTPClient is the http client to use for the REST client @@ -172,6 +178,11 @@ type Options struct { // the namespaces in here will be watched and it will by used to default // ByObject.Namespaces for all objects if that is nil. // + // It is possible to have specific Config for just some namespaces + // but cache all namespaces by using the AllNamespaces const as the map key. + // This will then include all namespaces that do not have a more specific + // setting. + // // The options in the Config that are nil will be defaulted from // the respective Default* settings. DefaultNamespaces map[string]Config @@ -214,6 +225,11 @@ type ByObject struct { // Settings in the map value that are unset will be defaulted. // Use an empty value for the specific setting to prevent that. // + // It is possible to have specific Config for just some namespaces + // but cache all namespaces by using the AllNamespaces const as the map key. + // This will then include all namespaces that do not have a more specific + // setting. + // // A nil map allows to default this to the cache's DefaultNamespaces setting. // An empty map prevents this and means that all namespaces will be cached. // @@ -392,6 +408,9 @@ func defaultOpts(config *rest.Config, opts Options) (Options, error) { for namespace, cfg := range opts.DefaultNamespaces { cfg = defaultConfig(cfg, optionDefaultsToConfig(&opts)) + if namespace == metav1.NamespaceAll { + cfg.FieldSelector = fields.AndSelectors(appendIfNotNil(namespaceAllSelector(maps.Keys(opts.DefaultNamespaces)), cfg.FieldSelector)...) + } opts.DefaultNamespaces[namespace] = cfg } @@ -418,6 +437,15 @@ func defaultOpts(config *rest.Config, opts Options) (Options, error) { // 3. Default from the global defaults config = defaultConfig(config, optionDefaultsToConfig(&opts)) + if namespace == metav1.NamespaceAll { + config.FieldSelector = fields.AndSelectors( + appendIfNotNil( + namespaceAllSelector(maps.Keys(byObject.Namespaces)), + config.FieldSelector, + )..., + ) + } + byObject.Namespaces[namespace] = config } @@ -427,7 +455,7 @@ func defaultOpts(config *rest.Config, opts Options) (Options, error) { byObject.Transform = defaultedConfig.Transform byObject.UnsafeDisableDeepCopy = defaultedConfig.UnsafeDisableDeepCopy - if byObject.Namespaces == nil { + if isNamespaced && byObject.Namespaces == nil { byObject.Namespaces = opts.DefaultNamespaces } @@ -457,3 +485,21 @@ func defaultConfig(toDefault, defaultFrom Config) Config { return toDefault } + +func namespaceAllSelector(namespaces []string) fields.Selector { + selectors := make([]fields.Selector, 0, len(namespaces)-1) + for _, namespace := range namespaces { + if namespace != metav1.NamespaceAll { + selectors = append(selectors, fields.OneTermNotEqualSelector("metadata.namespace", namespace)) + } + } + + return fields.AndSelectors(selectors...) +} + +func appendIfNotNil[T comparable](a, b T) []T { + if b != *new(T) { + return []T{a, b} + } + return []T{a} +} diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/cache/multi_namespace_cache.go b/vendor/sigs.k8s.io/controller-runtime/pkg/cache/multi_namespace_cache.go index 5b20195d7..87c31a7c0 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/cache/multi_namespace_cache.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/cache/multi_namespace_cache.go @@ -23,6 +23,7 @@ import ( corev1 "k8s.io/api/core/v1" apimeta "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" toolscache "k8s.io/client-go/tools/cache" @@ -210,6 +211,9 @@ func (c *multiNamespaceCache) Get(ctx context.Context, key client.ObjectKey, obj cache, ok := c.namespaceToCache[key.Namespace] if !ok { + if global, hasGlobal := c.namespaceToCache[metav1.NamespaceAll]; hasGlobal { + return global.Get(ctx, key, obj, opts...) + } return fmt.Errorf("unable to get: %v because of unknown namespace for the cache", key) } return cache.Get(ctx, key, obj, opts...) diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go new file mode 100644 index 000000000..c216c49d2 --- /dev/null +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go @@ -0,0 +1,54 @@ +/* +Copyright 2023 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package apiutil + +import ( + "fmt" + "sort" + "strings" + + apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/meta" + + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// ErrResourceDiscoveryFailed is returned if the RESTMapper cannot discover supported resources for some GroupVersions. +// It wraps the errors encountered, except "NotFound" errors are replaced with meta.NoResourceMatchError, for +// backwards compatibility with code that uses meta.IsNoMatchError() to check for unsupported APIs. +type ErrResourceDiscoveryFailed map[schema.GroupVersion]error + +// Error implements the error interface. +func (e *ErrResourceDiscoveryFailed) Error() string { + subErrors := []string{} + for k, v := range *e { + subErrors = append(subErrors, fmt.Sprintf("%s: %v", k, v)) + } + sort.Strings(subErrors) + return fmt.Sprintf("unable to retrieve the complete list of server APIs: %s", strings.Join(subErrors, ", ")) +} + +func (e *ErrResourceDiscoveryFailed) Unwrap() []error { + subErrors := []error{} + for gv, err := range *e { + if apierrors.IsNotFound(err) { + err = &meta.NoResourceMatchError{PartialResource: gv.WithResource("")} + } + subErrors = append(subErrors, err) + } + return subErrors +} diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go index e0ff72dc1..d5e03b2b1 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go @@ -286,7 +286,8 @@ func (m *mapper) fetchGroupVersionResources(groupName string, versions ...string } if len(failedGroups) > 0 { - return nil, &discovery.ErrGroupDiscoveryFailed{Groups: failedGroups} + err := ErrResourceDiscoveryFailed(failedGroups) + return nil, &err } return groupVersionResources, nil diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/fake/client.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/fake/client.go index 48d80bd4f..9deb6756c 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/client/fake/client.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/fake/client.go @@ -361,7 +361,7 @@ func (t versionedTracker) Update(gvr schema.GroupVersionResource, obj runtime.Ob isStatus := false // We apply patches using a client-go reaction that ends up calling the trackers Update. As we can't change // that reaction, we use the callstack to figure out if this originated from the status client. - if bytes.Contains(debug.Stack(), []byte("sigs.k8s.io/controller-runtime/pkg/client/fake.(*fakeSubResourceClient).Patch")) { + if bytes.Contains(debug.Stack(), []byte("sigs.k8s.io/controller-runtime/pkg/client/fake.(*fakeSubResourceClient).statusPatch")) { isStatus = true } return t.update(gvr, obj, ns, isStatus, false) @@ -400,9 +400,14 @@ func (t versionedTracker) update(gvr schema.GroupVersionResource, obj runtime.Ob if t.withStatusSubresource.Has(gvk) { if isStatus { // copy everything but status and metadata.ResourceVersion from original object - if err := copyNonStatusFrom(oldObject, obj); err != nil { + if err := copyStatusFrom(obj, oldObject); err != nil { return fmt.Errorf("failed to copy non-status field for object with status subresouce: %w", err) } + passedRV := accessor.GetResourceVersion() + if err := copyFrom(oldObject, obj); err != nil { + return fmt.Errorf("failed to restore non-status fields: %w", err) + } + accessor.SetResourceVersion(passedRV) } else { // copy status from original object if err := copyStatusFrom(oldObject, obj); err != nil { return fmt.Errorf("failed to copy the status for object with status subresource: %w", err) @@ -949,14 +954,8 @@ func dryPatch(action testing.PatchActionImpl, tracker testing.ObjectTracker) (ru return obj, nil } -func copyNonStatusFrom(old, new runtime.Object) error { - newClientObject, ok := new.(client.Object) - if !ok { - return fmt.Errorf("%T is not a client.Object", new) - } - // The only thing other than status we have to retain - rv := newClientObject.GetResourceVersion() - +// copyStatusFrom copies the status from old into new +func copyStatusFrom(old, new runtime.Object) error { oldMapStringAny, err := toMapStringAny(old) if err != nil { return fmt.Errorf("failed to convert old to *unstructured.Unstructured: %w", err) @@ -966,42 +965,22 @@ func copyNonStatusFrom(old, new runtime.Object) error { return fmt.Errorf("failed to convert new to *unststructured.Unstructured: %w", err) } - // delete everything other than status in case it has fields that were not present in - // the old object - for k := range newMapStringAny { - if k != "status" { - delete(newMapStringAny, k) - } - } - // copy everything other than status from the old object - for k := range oldMapStringAny { - if k != "status" { - newMapStringAny[k] = oldMapStringAny[k] - } - } + newMapStringAny["status"] = oldMapStringAny["status"] if err := fromMapStringAny(newMapStringAny, new); err != nil { return fmt.Errorf("failed to convert back from map[string]any: %w", err) } - newClientObject.SetResourceVersion(rv) return nil } -// copyStatusFrom copies the status from old into new -func copyStatusFrom(old, new runtime.Object) error { +// copyFrom copies from old into new +func copyFrom(old, new runtime.Object) error { oldMapStringAny, err := toMapStringAny(old) if err != nil { return fmt.Errorf("failed to convert old to *unstructured.Unstructured: %w", err) } - newMapStringAny, err := toMapStringAny(new) - if err != nil { - return fmt.Errorf("failed to convert new to *unststructured.Unstructured: %w", err) - } - - newMapStringAny["status"] = oldMapStringAny["status"] - - if err := fromMapStringAny(newMapStringAny, new); err != nil { + if err := fromMapStringAny(oldMapStringAny, new); err != nil { return fmt.Errorf("failed to convert back from map[string]any: %w", err) } @@ -1033,6 +1012,7 @@ func fromMapStringAny(u map[string]any, target runtime.Object) error { return fmt.Errorf("failed to serialize: %w", err) } + zero(target) if err := json.Unmarshal(serialized, &target); err != nil { return fmt.Errorf("failed to deserialize: %w", err) } @@ -1125,6 +1105,15 @@ func (sw *fakeSubResourceClient) Patch(ctx context.Context, obj client.Object, p body = patchOptions.SubResourceBody } + // this is necessary to identify that last call was made for status patch, through stack trace. + if sw.subResource == "status" { + return sw.statusPatch(body, patch, patchOptions) + } + + return sw.client.patch(body, patch, &patchOptions.PatchOptions) +} + +func (sw *fakeSubResourceClient) statusPatch(body client.Object, patch client.Patch, patchOptions client.SubResourcePatchOptions) error { return sw.client.patch(body, patch, &patchOptions.PatchOptions) } diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go index 0ddda3163..3cd745e4c 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go @@ -142,6 +142,7 @@ type SubResourceWriter interface { // Create saves the subResource object in the Kubernetes cluster. obj must be a // struct pointer so that obj can be updated with the content returned by the Server. Create(ctx context.Context, obj Object, subResource Object, opts ...SubResourceCreateOption) error + // Update updates the fields corresponding to the status subresource for the // given obj. obj must be a struct pointer so that obj can be updated // with the content returned by the Server. diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/manager/manager.go b/vendor/sigs.k8s.io/controller-runtime/pkg/manager/manager.go index 8553d0378..708a9cc16 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/manager/manager.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/manager/manager.go @@ -26,6 +26,8 @@ import ( "time" "github.com/go-logr/logr" + coordinationv1 "k8s.io/api/coordination/v1" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -353,7 +355,20 @@ func New(config *rest.Config, options Options) (Manager, error) { leaderRecorderProvider = recorderProvider } else { leaderConfig = rest.CopyConfig(options.LeaderElectionConfig) - leaderRecorderProvider, err = options.newRecorderProvider(leaderConfig, cluster.GetHTTPClient(), cluster.GetScheme(), options.Logger.WithName("events"), options.makeBroadcaster) + scheme := cluster.GetScheme() + err := corev1.AddToScheme(scheme) + if err != nil { + return nil, err + } + err = coordinationv1.AddToScheme(scheme) + if err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(options.LeaderElectionConfig) + if err != nil { + return nil, err + } + leaderRecorderProvider, err = options.newRecorderProvider(leaderConfig, httpClient, scheme, options.Logger.WithName("events"), options.makeBroadcaster) if err != nil { return nil, err } @@ -396,7 +411,6 @@ func New(config *rest.Config, options Options) (Manager, error) { errChan := make(chan error) runnables := newRunnables(options.BaseContext, errChan) - return &controllerManager{ stopProcedureEngaged: pointer.Int64(0), cluster: cluster, From 976bc3685d04d7aa116bf83b86269076154cfd9e Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Wed, 25 Oct 2023 14:04:12 -0500 Subject: [PATCH 2/3] Fix broken tests as a result of updating controller-runtime 0.16.2 The fake client we use in our unit tests was recently updated to be more inline with what the actual kubernetes API does: https://github.com/kubernetes-sigs/controller-runtime/pull/2259 As a result, some of our tests broken because we were lumping Status and other updates into the same Update() request. This commit refactors those tests so that Status updates are implemented separately from the rest of the runtime objects. We need to do this before we can upgrade controller-runtime to 0.16.3. --- .../compliancescan_controller_test.go | 4 +++- .../compliancesuite_controller_test.go | 17 +++++++++-------- .../scansettingbinding_controller_test.go | 19 ++++++++++++++++++- 3 files changed, 30 insertions(+), 10 deletions(-) diff --git a/pkg/controller/compliancescan/compliancescan_controller_test.go b/pkg/controller/compliancescan/compliancescan_controller_test.go index f7d7382b9..6625fe839 100644 --- a/pkg/controller/compliancescan/compliancescan_controller_test.go +++ b/pkg/controller/compliancescan/compliancescan_controller_test.go @@ -501,9 +501,11 @@ var _ = Describe("Testing compliancescan controller phases", func() { // Set state to DONE compliancescaninstance.Status.Phase = compv1alpha1.PhaseDone - compliancescaninstance.Spec.Debug = true err := reconciler.Client.Status().Update(context.TODO(), compliancescaninstance) Expect(err).To(BeNil()) + compliancescaninstance.Spec.Debug = true + err = reconciler.Client.Update(context.TODO(), compliancescaninstance) + Expect(err).To(BeNil()) }) It("Should return success & not delete the scan pods or secrets (doDelete=false)", func() { result, err := reconciler.phaseDoneHandler(handler, compliancescaninstance, logger, dontDelete) diff --git a/pkg/controller/compliancesuite/compliancesuite_controller_test.go b/pkg/controller/compliancesuite/compliancesuite_controller_test.go index 601e8f66a..435cb151f 100644 --- a/pkg/controller/compliancesuite/compliancesuite_controller_test.go +++ b/pkg/controller/compliancesuite/compliancesuite_controller_test.go @@ -3,6 +3,7 @@ package compliancesuite import ( "context" "encoding/json" + "github.com/ComplianceAsCode/compliance-operator/pkg/controller/metrics" "github.com/ComplianceAsCode/compliance-operator/pkg/controller/metrics/metricsfakes" @@ -207,7 +208,7 @@ var _ = Describe("ComplianceSuiteController", func() { By("The remediation controller setting the applied status") rem.Status.ApplicationState = compv1alpha1.RemediationApplied - err := reconciler.Client.Update(ctx, rem) + err := reconciler.Client.Status().Update(ctx, rem) Expect(err).To(BeNil()) By("Running a second reconcile loop") @@ -222,7 +223,7 @@ var _ = Describe("ComplianceSuiteController", func() { Context("With spec.AutoApplyRemediations = true", func() { BeforeEach(func() { suite.Spec.AutoApplyRemediations = true - err := reconciler.Client.Status().Update(ctx, suite) + err := reconciler.Client.Update(ctx, suite) Expect(err).To(BeNil()) }) Context("With ComplianceSuite and Scans not done", func() { @@ -351,7 +352,7 @@ var _ = Describe("ComplianceSuiteController", func() { By("The remediation controller setting the applied status") rem.Status.ApplicationState = compv1alpha1.RemediationApplied - err := reconciler.Client.Update(ctx, rem) + err := reconciler.Client.Status().Update(ctx, rem) Expect(err).To(BeNil()) By("the pool should be paused") @@ -374,7 +375,7 @@ var _ = Describe("ComplianceSuiteController", func() { Context("With spec.AutoApplyRemediations = true", func() { BeforeEach(func() { suite.Spec.AutoApplyRemediations = true - err := reconciler.Client.Status().Update(ctx, suite) + err := reconciler.Client.Update(ctx, suite) Expect(err).To(BeNil()) }) Context("With ComplianceSuite and Scans not done", func() { @@ -596,7 +597,7 @@ var _ = Describe("ComplianceSuiteController", func() { By("The remediation controller setting the applied status") rem.Status.ApplicationState = compv1alpha1.RemediationApplied - err := reconciler.Client.Update(ctx, rem) + err := reconciler.Client.Status().Update(ctx, rem) Expect(err).To(BeNil()) By("the pool should be paused") @@ -651,7 +652,7 @@ var _ = Describe("ComplianceSuiteController", func() { Context("With spec.AutoApplyRemediations = true", func() { BeforeEach(func() { suite.Spec.AutoApplyRemediations = true - err := reconciler.Client.Status().Update(ctx, suite) + err := reconciler.Client.Update(ctx, suite) Expect(err).To(BeNil()) }) Context("With ComplianceSuite and Scans not done", func() { @@ -875,7 +876,7 @@ var _ = Describe("ComplianceSuiteController", func() { By("The remediation controller setting the applied status") rem.Status.ApplicationState = compv1alpha1.RemediationApplied - err := reconciler.Client.Update(ctx, rem) + err := reconciler.Client.Status().Update(ctx, rem) Expect(err).To(BeNil()) By("the pool should be paused") @@ -930,7 +931,7 @@ var _ = Describe("ComplianceSuiteController", func() { Context("With spec.AutoApplyRemediations = true", func() { BeforeEach(func() { suite.Spec.AutoApplyRemediations = true - err := reconciler.Client.Status().Update(ctx, suite) + err := reconciler.Client.Update(ctx, suite) Expect(err).To(BeNil()) }) Context("With ComplianceSuite and Scans not done", func() { diff --git a/pkg/controller/scansettingbinding/scansettingbinding_controller_test.go b/pkg/controller/scansettingbinding/scansettingbinding_controller_test.go index d7635be26..2535eaf23 100644 --- a/pkg/controller/scansettingbinding/scansettingbinding_controller_test.go +++ b/pkg/controller/scansettingbinding/scansettingbinding_controller_test.go @@ -33,7 +33,6 @@ var _ = Describe("Testing scansettingbinding controller", func() { pBundleRhcos *compv1alpha1.ProfileBundle profRhcosE8 *compv1alpha1.Profile tpRhcosE8 *compv1alpha1.TailoredProfile - scratchTP *compv1alpha1.TailoredProfile setting *compv1alpha1.ScanSetting ssb *compv1alpha1.ScanSettingBinding @@ -43,6 +42,12 @@ var _ = Describe("Testing scansettingbinding controller", func() { suite *compv1alpha1.ComplianceSuite ) + scratchTP := &compv1alpha1.TailoredProfile{ + TypeMeta: v1.TypeMeta{ + Kind: "TailoredProfile", + APIVersion: compv1alpha1.SchemeGroupVersion.String(), + }, + } BeforeEach(func() { // Uncomment these lines if you need to debug the controller's output. @@ -115,6 +120,10 @@ var _ = Describe("Testing scansettingbinding controller", func() { } scratchTP = &compv1alpha1.TailoredProfile{ + TypeMeta: v1.TypeMeta{ + Kind: "TailoredProfile", + APIVersion: compv1alpha1.SchemeGroupVersion.String(), + }, ObjectMeta: v1.ObjectMeta{ Name: "scratch-tp", Namespace: common.GetComplianceOperatorNamespace(), @@ -591,6 +600,10 @@ var _ = Describe("Testing scansettingbinding controller", func() { Expect(updateErr).To(BeNil()) ssb = &compv1alpha1.ScanSettingBinding{ + TypeMeta: v1.TypeMeta{ + Kind: "ScanSettingBinding", + APIVersion: compv1alpha1.SchemeGroupVersion.String(), + }, ObjectMeta: v1.ObjectMeta{ Name: "tp-not-ready", Namespace: common.GetComplianceOperatorNamespace(), @@ -642,6 +655,10 @@ var _ = Describe("Testing scansettingbinding controller", func() { Expect(updateErr).To(BeNil()) ssb = &compv1alpha1.ScanSettingBinding{ + TypeMeta: v1.TypeMeta{ + Kind: "ScanSettingBinding", + APIVersion: compv1alpha1.SchemeGroupVersion.String(), + }, ObjectMeta: v1.ObjectMeta{ Name: "tp-errored", Namespace: common.GetComplianceOperatorNamespace(), From e769b23df3222d11c866983acf533901ede67c5b Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Wed, 25 Oct 2023 14:18:00 -0500 Subject: [PATCH 3/3] Use go 1.20 A recent dependency bump (controller-runtime 0.16.1 to 0.16.3) requires golang 1.20. --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index c3e93d4f2..f1db47086 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/ComplianceAsCode/compliance-operator -go 1.19 +go 1.20 require ( github.com/onsi/ginkgo v1.16.5