From 9cf272a2257c7c3826e06c20458b15ceb3352807 Mon Sep 17 00:00:00 2001 From: Matthias Wessendorf Date: Tue, 25 Jun 2024 17:03:06 +0200 Subject: [PATCH 1/8] Event Type API: updated test name to avoid confusion (#8030) :broom: Updated test name and adding explicit expectation of nil reference for changed defaulting Signed-off-by: Matthias Wessendorf --- pkg/apis/eventing/v1beta2/eventtype_defaults_test.go | 9 +++++---- pkg/apis/eventing/v1beta3/eventtype_defaults_test.go | 3 ++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/pkg/apis/eventing/v1beta2/eventtype_defaults_test.go b/pkg/apis/eventing/v1beta2/eventtype_defaults_test.go index 5909350f688..1337884b095 100644 --- a/pkg/apis/eventing/v1beta2/eventtype_defaults_test.go +++ b/pkg/apis/eventing/v1beta2/eventtype_defaults_test.go @@ -40,7 +40,7 @@ func TestEventTypeDefaults(t *testing.T) { Spec: EventTypeSpec{}, }, }, - "broker empty": { + "default broker reference": { initial: EventType{ Spec: EventTypeSpec{ Type: "test-type", @@ -76,9 +76,10 @@ func TestEventTypeDefaults(t *testing.T) { }, expected: EventType{ Spec: EventTypeSpec{ - Type: "test-type", - Source: testSource, - Schema: testSchema, + Reference: nil, + Type: "test-type", + Source: testSource, + Schema: testSchema, }, }, }, diff --git a/pkg/apis/eventing/v1beta3/eventtype_defaults_test.go b/pkg/apis/eventing/v1beta3/eventtype_defaults_test.go index 29f6c8adb34..4f4d41aaa79 100644 --- a/pkg/apis/eventing/v1beta3/eventtype_defaults_test.go +++ b/pkg/apis/eventing/v1beta3/eventtype_defaults_test.go @@ -40,7 +40,7 @@ func TestEventTypeDefaults(t *testing.T) { Spec: EventTypeSpec{}, }, }, - "broker empty": { + "default broker reference": { initial: EventType{ Spec: EventTypeSpec{ Reference: &duckv1.KReference{ @@ -115,6 +115,7 @@ func TestEventTypeDefaults(t *testing.T) { }, expected: EventType{ Spec: EventTypeSpec{ + Reference: nil, Attributes: []EventAttributeDefinition{ { Value: "test-type", From 0f71292d9887001caef68ce9fdd886596d4df276 Mon Sep 17 00:00:00 2001 From: Knative Automation Date: Tue, 25 Jun 2024 12:38:58 -0400 Subject: [PATCH 2/8] [main] Upgrade to latest dependencies (#8029) upgrade to latest dependencies bumping knative.dev/pkg fc0720b...8535fcc: > 8535fcc gofumpt the repo (# 3067) Signed-off-by: Knative Automation --- go.mod | 2 +- go.sum | 4 +-- vendor/knative.dev/pkg/apis/condition_set.go | 3 +-- vendor/knative.dev/pkg/apis/convert.go | 2 -- .../pkg/apis/duck/v1/addressable_types.go | 6 ++--- .../pkg/apis/duck/v1/kresource_type.go | 2 +- .../pkg/apis/duck/v1/source_types.go | 2 +- .../pkg/apis/duck/v1beta1/destination.go | 1 + .../pkg/apis/duck/v1beta1/source_types.go | 2 +- .../pkg/apis/duck/v1beta1/status_types.go | 2 +- vendor/knative.dev/pkg/apis/duck/verify.go | 6 +++-- .../pkg/apis/testing/roundtrip/roundtrip.go | 2 -- vendor/knative.dev/pkg/configmap/example.go | 6 ++--- .../pkg/configmap/hash-gen/main.go | 2 +- vendor/knative.dev/pkg/configmap/store.go | 4 +-- .../knative.dev/pkg/controller/controller.go | 14 +++++------ .../pkg/controller/stats_reporter.go | 1 - .../pkg/environment/client_config.go | 1 - .../pkg/injection/sharedmain/main.go | 5 ++-- .../knative.dev/pkg/leaderelection/context.go | 3 ++- vendor/knative.dev/pkg/logging/config.go | 3 ++- vendor/knative.dev/pkg/metrics/config.go | 8 +++--- vendor/knative.dev/pkg/metrics/exporter.go | 3 +-- vendor/knative.dev/pkg/metrics/metrics.go | 4 +-- .../pkg/metrics/metricstest/metricstest.go | 1 - .../metrics/metricstest/resource_metrics.go | 3 ++- .../pkg/metrics/prometheus_exporter.go | 2 +- .../knative.dev/pkg/metrics/resource_view.go | 25 ++++++++++++------- vendor/knative.dev/pkg/network/h2c.go | 2 +- vendor/knative.dev/pkg/profiling/server.go | 2 +- .../pkg/reconciler/testing/table.go | 3 ++- vendor/knative.dev/pkg/test/clients.go | 3 ++- vendor/knative.dev/pkg/test/e2e_flags.go | 10 +++----- vendor/knative.dev/pkg/test/helpers/dir.go | 2 +- vendor/knative.dev/pkg/test/request.go | 11 ++++---- vendor/knative.dev/pkg/test/spoof/spoof.go | 13 ++++++---- .../knative.dev/pkg/test/upgrade/functions.go | 3 ++- .../pkg/test/upgrade/shell/executor.go | 2 +- vendor/knative.dev/pkg/tracker/interface.go | 1 - vendor/knative.dev/pkg/webhook/admission.go | 2 +- .../pkg/webhook/certificates/certificates.go | 6 +++-- .../pkg/webhook/certificates/controller.go | 1 - .../webhook/certificates/resources/certs.go | 4 +-- .../pkg/webhook/configmaps/configmaps.go | 10 +++++--- .../pkg/webhook/configmaps/controller.go | 1 - vendor/knative.dev/pkg/webhook/conversion.go | 2 +- vendor/knative.dev/pkg/webhook/helper.go | 8 +++--- vendor/knative.dev/pkg/webhook/json/decode.go | 2 +- .../pkg/webhook/psbinding/controller.go | 1 - .../pkg/webhook/psbinding/psbinding.go | 17 ++++++++----- .../pkg/webhook/psbinding/reconciler.go | 7 +++--- .../conversion/controller.go | 1 - .../conversion/conversion.go | 1 - .../conversion/reconciler.go | 8 +++--- .../defaulting/controller.go | 1 - .../defaulting/defaulting.go | 10 +++++--- .../validation/controller.go | 2 -- .../validation/reconcile_config.go | 10 +++++--- .../validation/validation_admit.go | 4 +-- .../knative.dev/pkg/webhook/stats_reporter.go | 6 +++-- vendor/knative.dev/pkg/webhook/webhook.go | 5 ++-- vendor/modules.txt | 2 +- 62 files changed, 144 insertions(+), 138 deletions(-) diff --git a/go.mod b/go.mod index cb120e2b7d9..bacba25645b 100644 --- a/go.mod +++ b/go.mod @@ -45,7 +45,7 @@ require ( k8s.io/utils v0.0.0-20240102154912-e7106e64919e knative.dev/hack v0.0.0-20240607132042-09143140a254 knative.dev/hack/schema v0.0.0-20240607132042-09143140a254 - knative.dev/pkg v0.0.0-20240621201938-fc0720b7a660 + knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae knative.dev/reconciler-test v0.0.0-20240618170853-5bf0b86114f8 sigs.k8s.io/yaml v1.4.0 ) diff --git a/go.sum b/go.sum index 1ecc68ca0a6..84bda4c9d2b 100644 --- a/go.sum +++ b/go.sum @@ -842,8 +842,8 @@ knative.dev/hack v0.0.0-20240607132042-09143140a254 h1:1YFnu3U6dWZg0oxm6GU8kEdA9 knative.dev/hack v0.0.0-20240607132042-09143140a254/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= knative.dev/hack/schema v0.0.0-20240607132042-09143140a254 h1:b9hFHGtxx0Kpm4EEjSD72lL0jms91To3OEVBTbqfOYI= knative.dev/hack/schema v0.0.0-20240607132042-09143140a254/go.mod h1:3pWwBLnTZSM9psSgCAvhKOHIPTzqfEMlWRpDu6IYhK0= -knative.dev/pkg v0.0.0-20240621201938-fc0720b7a660 h1:SYPUGNPA/egS+u6oa6q1kN3Ec+z+we/hPrWie7qhLUg= -knative.dev/pkg v0.0.0-20240621201938-fc0720b7a660/go.mod h1:Wikg4u73T6vk9TctrxZt60VXzqmGEQIx0iKfk1+9o4c= +knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae h1:unXplcQLqwO+QtSepyRI2zy4ZD/tciPro9Y4uVG6n6g= +knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae/go.mod h1:Wikg4u73T6vk9TctrxZt60VXzqmGEQIx0iKfk1+9o4c= knative.dev/reconciler-test v0.0.0-20240618170853-5bf0b86114f8 h1:A+rsitEiTX3GudM51g7zUMza+Ripj+boncmlJ2jZp50= knative.dev/reconciler-test v0.0.0-20240618170853-5bf0b86114f8/go.mod h1:2uUx3U6kdIzgJgMGgrGmdDdcFrFiex/DjuI2gM7Tte8= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= diff --git a/vendor/knative.dev/pkg/apis/condition_set.go b/vendor/knative.dev/pkg/apis/condition_set.go index 1b110475ffd..9ad14902e78 100644 --- a/vendor/knative.dev/pkg/apis/condition_set.go +++ b/vendor/knative.dev/pkg/apis/condition_set.go @@ -17,12 +17,11 @@ limitations under the License. package apis import ( + "fmt" "reflect" "sort" "time" - "fmt" - corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/vendor/knative.dev/pkg/apis/convert.go b/vendor/knative.dev/pkg/apis/convert.go index d6a28a0727f..72e9b676184 100644 --- a/vendor/knative.dev/pkg/apis/convert.go +++ b/vendor/knative.dev/pkg/apis/convert.go @@ -24,7 +24,6 @@ func ConvertToViaProxy( ctx context.Context, source, proxy, sink Convertible, ) error { - if err := source.ConvertTo(ctx, proxy); err != nil { return err } @@ -38,7 +37,6 @@ func ConvertFromViaProxy( ctx context.Context, source, proxy, sink Convertible, ) error { - if err := proxy.ConvertFrom(ctx, source); err != nil { return err } diff --git a/vendor/knative.dev/pkg/apis/duck/v1/addressable_types.go b/vendor/knative.dev/pkg/apis/duck/v1/addressable_types.go index a855c38571c..3877683c301 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/addressable_types.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/addressable_types.go @@ -54,10 +54,8 @@ type Addressable struct { Audience *string `json:"audience,omitempty"` } -var ( - // Addressable is a Convertible type. - _ apis.Convertible = (*Addressable)(nil) -) +// Addressable is a Convertible type. +var _ apis.Convertible = (*Addressable)(nil) // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/vendor/knative.dev/pkg/apis/duck/v1/kresource_type.go b/vendor/knative.dev/pkg/apis/duck/v1/kresource_type.go index 1f6ee8264e0..9229ba93069 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/kresource_type.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/kresource_type.go @@ -68,7 +68,7 @@ func (t *KResource) Populate() { // Populate ALL fields Type: "Birthday", Status: corev1.ConditionTrue, - LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 02, 28, 18, 52, 00, 00, time.UTC))}, + LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 2, 28, 18, 52, 0, 0, time.UTC))}, Reason: "Celebrate", Message: "n3wScott, find your party hat :tada:", }} diff --git a/vendor/knative.dev/pkg/apis/duck/v1/source_types.go b/vendor/knative.dev/pkg/apis/duck/v1/source_types.go index 95b7d1417d1..284ab318dd5 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/source_types.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/source_types.go @@ -158,7 +158,7 @@ func (s *Source) Populate() { // Populate ALL fields Type: SourceConditionSinkProvided, Status: corev1.ConditionTrue, - LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 02, 28, 18, 52, 00, 00, time.UTC))}, + LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 2, 28, 18, 52, 0, 0, time.UTC))}, }} s.Status.SinkURI = &apis.URL{ Scheme: "https", diff --git a/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go b/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go index ba83f1d4eef..41c7702df16 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go +++ b/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go @@ -167,6 +167,7 @@ func validateDestinationRef(ref corev1.ObjectReference) *apis.FieldError { return errs } + func validateCACerts(CACert *string) *apis.FieldError { // Check the object. var errs *apis.FieldError diff --git a/vendor/knative.dev/pkg/apis/duck/v1beta1/source_types.go b/vendor/knative.dev/pkg/apis/duck/v1beta1/source_types.go index 60a502041aa..e1056cf8281 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1beta1/source_types.go +++ b/vendor/knative.dev/pkg/apis/duck/v1beta1/source_types.go @@ -129,7 +129,7 @@ func (s *Source) Populate() { // Populate ALL fields Type: SourceConditionSinkProvided, Status: corev1.ConditionTrue, - LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 02, 28, 18, 52, 00, 00, time.UTC))}, + LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 2, 28, 18, 52, 0, 0, time.UTC))}, }} s.Status.SinkURI = &apis.URL{ Scheme: "https", diff --git a/vendor/knative.dev/pkg/apis/duck/v1beta1/status_types.go b/vendor/knative.dev/pkg/apis/duck/v1beta1/status_types.go index e1ae875eb45..30f4354ac42 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1beta1/status_types.go +++ b/vendor/knative.dev/pkg/apis/duck/v1beta1/status_types.go @@ -129,7 +129,7 @@ func (t *KResource) Populate() { // Populate ALL fields Type: "Birthday", Status: corev1.ConditionTrue, - LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 02, 28, 18, 52, 00, 00, time.UTC))}, + LastTransitionTime: apis.VolatileTime{Inner: metav1.NewTime(time.Date(1984, 2, 28, 18, 52, 0, 0, time.UTC))}, Reason: "Celebrate", Message: "n3wScott, find your party hat :tada:", }} diff --git a/vendor/knative.dev/pkg/apis/duck/verify.go b/vendor/knative.dev/pkg/apis/duck/verify.go index 48675f93a47..4e33e65972b 100644 --- a/vendor/knative.dev/pkg/apis/duck/verify.go +++ b/vendor/knative.dev/pkg/apis/duck/verify.go @@ -24,8 +24,10 @@ import ( "knative.dev/pkg/kmp" ) -type Implementable = ducktypes.Implementable -type Populatable = ducktypes.Populatable +type ( + Implementable = ducktypes.Implementable + Populatable = ducktypes.Populatable +) // VerifyType verifies that a particular concrete resource properly implements // the provided Implementable duck type. It is expected that under the resource diff --git a/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go b/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go index afb4bee4939..bdf33349f10 100644 --- a/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go +++ b/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go @@ -203,7 +203,6 @@ func objForGVK(t *testing.T, gvk schema.GroupVersionKind, scheme *runtime.Scheme, ) convertibleObject { - t.Helper() obj, err := scheme.New(gvk) @@ -235,7 +234,6 @@ func hubInstanceForGK(t *testing.T, hubs *runtime.Scheme, gk schema.GroupKind, ) (apis.Convertible, schema.GroupVersionKind) { - t.Helper() for hubGVK := range hubs.AllKnownTypes() { diff --git a/vendor/knative.dev/pkg/configmap/example.go b/vendor/knative.dev/pkg/configmap/example.go index f14a6e6ff59..82aaf939801 100644 --- a/vendor/knative.dev/pkg/configmap/example.go +++ b/vendor/knative.dev/pkg/configmap/example.go @@ -31,10 +31,8 @@ const ( ExampleChecksumAnnotation = "knative.dev/example-checksum" ) -var ( - // Allows for normalizing by collapsing newlines. - sequentialNewlines = regexp.MustCompile("(?:\r?\n)+") -) +// Allows for normalizing by collapsing newlines. +var sequentialNewlines = regexp.MustCompile("(?:\r?\n)+") // Checksum generates a checksum for the example value to be compared against // a respective annotation. diff --git a/vendor/knative.dev/pkg/configmap/hash-gen/main.go b/vendor/knative.dev/pkg/configmap/hash-gen/main.go index a2b154d92dd..6703677aefc 100644 --- a/vendor/knative.dev/pkg/configmap/hash-gen/main.go +++ b/vendor/knative.dev/pkg/configmap/hash-gen/main.go @@ -49,7 +49,7 @@ func processFile(fileName string) error { } //nolint:gosec // This is not security critical so open permissions are fine. - if err := os.WriteFile(fileName, out, 0644); err != nil { + if err := os.WriteFile(fileName, out, 0o644); err != nil { return fmt.Errorf("failed to write file: %w", err) } return nil diff --git a/vendor/knative.dev/pkg/configmap/store.go b/vendor/knative.dev/pkg/configmap/store.go index 375a474c26f..e2658021900 100644 --- a/vendor/knative.dev/pkg/configmap/store.go +++ b/vendor/knative.dev/pkg/configmap/store.go @@ -81,8 +81,8 @@ func NewUntypedStore( name string, logger Logger, constructors Constructors, - onAfterStore ...func(name string, value interface{})) *UntypedStore { - + onAfterStore ...func(name string, value interface{}), +) *UntypedStore { store := &UntypedStore{ name: name, logger: logger, diff --git a/vendor/knative.dev/pkg/controller/controller.go b/vendor/knative.dev/pkg/controller/controller.go index 9fdb0a9d586..bc7c4be495a 100644 --- a/vendor/knative.dev/pkg/controller/controller.go +++ b/vendor/knative.dev/pkg/controller/controller.go @@ -54,14 +54,12 @@ const ( DefaultResyncPeriod = 10 * time.Hour ) -var ( - // DefaultThreadsPerController is the number of threads to use - // when processing the controller's workqueue. Controller binaries - // may adjust this process-wide default. For finer control, invoke - // Run on the controller directly. - // TODO rename the const to Concurrency and deprecated this - DefaultThreadsPerController = 2 -) +// DefaultThreadsPerController is the number of threads to use +// when processing the controller's workqueue. Controller binaries +// may adjust this process-wide default. For finer control, invoke +// Run on the controller directly. +// TODO rename the const to Concurrency and deprecated this +var DefaultThreadsPerController = 2 // Reconciler is the interface that controller implementations are expected // to implement, so that the shared controller.Impl can drive work through it. diff --git a/vendor/knative.dev/pkg/controller/stats_reporter.go b/vendor/knative.dev/pkg/controller/stats_reporter.go index 6735285db47..99386f91b29 100644 --- a/vendor/knative.dev/pkg/controller/stats_reporter.go +++ b/vendor/knative.dev/pkg/controller/stats_reporter.go @@ -194,7 +194,6 @@ func (r *reporter) ReportReconcile(duration time.Duration, success string, key t tag.Insert(successTagKey, success), tag.Insert(NamespaceTagKey, key.Namespace), ) - if err != nil { return err } diff --git a/vendor/knative.dev/pkg/environment/client_config.go b/vendor/knative.dev/pkg/environment/client_config.go index aef33927ef7..9f1883d2362 100644 --- a/vendor/knative.dev/pkg/environment/client_config.go +++ b/vendor/knative.dev/pkg/environment/client_config.go @@ -86,7 +86,6 @@ func (c *ClientConfig) GetRESTConfig() (*rest.Config, error) { loadingRules, overrides, ).ClientConfig() - if err != nil { return nil, fmt.Errorf("failed to create client config: %w", err) } diff --git a/vendor/knative.dev/pkg/injection/sharedmain/main.go b/vendor/knative.dev/pkg/injection/sharedmain/main.go index 348599f0966..86bb1e3409a 100644 --- a/vendor/knative.dev/pkg/injection/sharedmain/main.go +++ b/vendor/knative.dev/pkg/injection/sharedmain/main.go @@ -151,7 +151,6 @@ var ( // In addition to the MainWithConfig flow, it defines a `disabled-controllers` flag that allows disabling controllers // by name. func MainNamed(ctx context.Context, component string, ctors ...injection.NamedControllerConstructor) { - disabledControllers := flag.String("disable-controllers", "", "Comma-separated list of disabled controllers.") // HACK: This parses flags, so the above should be set once this runs. @@ -456,8 +455,8 @@ func SecretFetcher(ctx context.Context) metrics.SecretFetcher { // of the webhooks created from the given constructors. func ControllersAndWebhooksFromCtors(ctx context.Context, cmw *cminformer.InformedWatcher, - ctors ...injection.ControllerConstructor) ([]*controller.Impl, []interface{}) { - + ctors ...injection.ControllerConstructor, +) ([]*controller.Impl, []interface{}) { // Check whether the context has been infused with a leader elector builder. // If it has, then every reconciler we plan to start MUST implement LeaderAware. leEnabled := leaderelection.HasLeaderElection(ctx) diff --git a/vendor/knative.dev/pkg/leaderelection/context.go b/vendor/knative.dev/pkg/leaderelection/context.go index b0122b84a0b..4cd6830639c 100644 --- a/vendor/knative.dev/pkg/leaderelection/context.go +++ b/vendor/knative.dev/pkg/leaderelection/context.go @@ -117,7 +117,8 @@ type standardBuilder struct { } func (b *standardBuilder) buildElector(ctx context.Context, la reconciler.LeaderAware, - queueName string, enq func(reconciler.Bucket, types.NamespacedName)) (Elector, error) { + queueName string, enq func(reconciler.Bucket, types.NamespacedName), +) (Elector, error) { logger := logging.FromContext(ctx) id := b.lec.Identity diff --git a/vendor/knative.dev/pkg/logging/config.go b/vendor/knative.dev/pkg/logging/config.go index a95dfe8fa55..1898ac34f92 100644 --- a/vendor/knative.dev/pkg/logging/config.go +++ b/vendor/knative.dev/pkg/logging/config.go @@ -197,7 +197,8 @@ func levelFromString(level string) (*zapcore.Level, error) { // UpdateLevelFromConfigMap returns a helper func that can be used to update the logging level // when a config map is updated func UpdateLevelFromConfigMap(logger *zap.SugaredLogger, atomicLevel zap.AtomicLevel, - levelKey string) func(configMap *corev1.ConfigMap) { + levelKey string, +) func(configMap *corev1.ConfigMap) { return func(configMap *corev1.ConfigMap) { config, err := NewConfigFromConfigMap(configMap) if err != nil { diff --git a/vendor/knative.dev/pkg/metrics/config.go b/vendor/knative.dev/pkg/metrics/config.go index ce5e7f875f1..9ed17ef6786 100644 --- a/vendor/knative.dev/pkg/metrics/config.go +++ b/vendor/knative.dev/pkg/metrics/config.go @@ -58,11 +58,9 @@ const ( prometheusHostEnvName = "METRICS_PROMETHEUS_HOST" ) -var ( - // TestOverrideBundleCount is a variable for testing to reduce the size (number of metrics) buffered before - // OpenCensus will send a bundled metric report. Only applies if non-zero. - TestOverrideBundleCount = 0 -) +// TestOverrideBundleCount is a variable for testing to reduce the size (number of metrics) buffered before +// OpenCensus will send a bundled metric report. Only applies if non-zero. +var TestOverrideBundleCount = 0 // Metrics backend "enum". const ( diff --git a/vendor/knative.dev/pkg/metrics/exporter.go b/vendor/knative.dev/pkg/metrics/exporter.go index a4c83734885..95e0f5b2f3c 100644 --- a/vendor/knative.dev/pkg/metrics/exporter.go +++ b/vendor/knative.dev/pkg/metrics/exporter.go @@ -271,8 +271,7 @@ func flushGivenExporter(e view.Exporter) bool { return false } -type noneExporter struct { -} +type noneExporter struct{} // NoneExporter implements view.Exporter in the nil case. func (*noneExporter) ExportView(*view.Data) { diff --git a/vendor/knative.dev/pkg/metrics/metrics.go b/vendor/knative.dev/pkg/metrics/metrics.go index b65f470cce8..a0c64343b64 100644 --- a/vendor/knative.dev/pkg/metrics/metrics.go +++ b/vendor/knative.dev/pkg/metrics/metrics.go @@ -125,9 +125,7 @@ type resultMetric struct { measure *stats.Int64Measure } -var ( - _ metrics.ResultMetric = (*resultMetric)(nil) -) +var _ metrics.ResultMetric = (*resultMetric)(nil) // Increment implements ResultMetric func (m resultMetric) Increment(ctx context.Context, code, method, host string) { diff --git a/vendor/knative.dev/pkg/metrics/metricstest/metricstest.go b/vendor/knative.dev/pkg/metrics/metricstest/metricstest.go index 3d054a1830f..106c864522c 100644 --- a/vendor/knative.dev/pkg/metrics/metricstest/metricstest.go +++ b/vendor/knative.dev/pkg/metrics/metricstest/metricstest.go @@ -119,7 +119,6 @@ func CheckDistributionCount(t ti, name string, wantTags map[string]string, expec } else if s.Count != expectedCount { t.Error("reporter count wrong", "metric", name, "got", s.Count, "want", expectedCount) } - } // GetLastValueData returns the last value for the given metric, verifying tags. diff --git a/vendor/knative.dev/pkg/metrics/metricstest/resource_metrics.go b/vendor/knative.dev/pkg/metrics/metricstest/resource_metrics.go index 10e2e4c94ae..619d536846c 100644 --- a/vendor/knative.dev/pkg/metrics/metricstest/resource_metrics.go +++ b/vendor/knative.dev/pkg/metrics/metricstest/resource_metrics.go @@ -168,7 +168,8 @@ func DistributionCountOnlyMetric(name string, count int64, tags map[string]strin Values: []Value{{ Distribution: &metricdata.Distribution{Count: count}, Tags: tags, - VerifyDistributionCountOnly: true}}, + VerifyDistributionCountOnly: true, + }}, } } diff --git a/vendor/knative.dev/pkg/metrics/prometheus_exporter.go b/vendor/knative.dev/pkg/metrics/prometheus_exporter.go index 5f11c12e8de..cb5238476f3 100644 --- a/vendor/knative.dev/pkg/metrics/prometheus_exporter.go +++ b/vendor/knative.dev/pkg/metrics/prometheus_exporter.go @@ -86,7 +86,7 @@ func startNewPromSrv(e *prom.Exporter, host string, port int) *http.Server { curPromSrv = &http.Server{ Addr: host + ":" + strconv.Itoa(port), Handler: sm, - ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 + ReadHeaderTimeout: time.Minute, // https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 } return curPromSrv } diff --git a/vendor/knative.dev/pkg/metrics/resource_view.go b/vendor/knative.dev/pkg/metrics/resource_view.go index 69e4ab435de..930b389319c 100644 --- a/vendor/knative.dev/pkg/metrics/resource_view.go +++ b/vendor/knative.dev/pkg/metrics/resource_view.go @@ -48,15 +48,17 @@ type meterExporter struct { // for each observed Resource. This is needed because OpenCensus support for // Resources is a bit tacked-on rather than being a first-class component like // Tags are. -type ResourceExporterFactory func(*resource.Resource) (view.Exporter, error) -type meters struct { - meters map[string]*meterExporter - factory ResourceExporterFactory - lock sync.Mutex - clock clock.WithTicker - ticker clock.Ticker - tickerStopChan chan struct{} -} +type ( + ResourceExporterFactory func(*resource.Resource) (view.Exporter, error) + meters struct { + meters map[string]*meterExporter + factory ResourceExporterFactory + lock sync.Mutex + clock clock.WithTicker + ticker clock.Ticker + tickerStopChan chan struct{} + } +) // Lock regime: lock allMeters before resourceViews. The critical path is in // optionForResource, which must lock allMeters, but only needs to lock @@ -421,15 +423,19 @@ func (*defaultMeterImpl) Find(name string) *view.View { func (*defaultMeterImpl) Register(views ...*view.View) error { return view.Register(views...) } + func (*defaultMeterImpl) Unregister(views ...*view.View) { view.Unregister(views...) } + func (*defaultMeterImpl) SetReportingPeriod(t time.Duration) { view.SetReportingPeriod(t) } + func (*defaultMeterImpl) RegisterExporter(e view.Exporter) { view.RegisterExporter(e) } + func (*defaultMeterImpl) UnregisterExporter(e view.Exporter) { view.UnregisterExporter(e) } @@ -438,6 +444,7 @@ func (*defaultMeterImpl) Stop() {} func (*defaultMeterImpl) RetrieveData(viewName string) ([]*view.Row, error) { return view.RetrieveData(viewName) } + func (*defaultMeterImpl) SetResource(*resource.Resource) { } diff --git a/vendor/knative.dev/pkg/network/h2c.go b/vendor/knative.dev/pkg/network/h2c.go index e1671233dcb..d0608be7221 100644 --- a/vendor/knative.dev/pkg/network/h2c.go +++ b/vendor/knative.dev/pkg/network/h2c.go @@ -32,7 +32,7 @@ func NewServer(addr string, h http.Handler) *http.Server { h1s := &http.Server{ Addr: addr, Handler: h2c.NewHandler(h, &http2.Server{}), - ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 + ReadHeaderTimeout: time.Minute, // https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 } return h1s diff --git a/vendor/knative.dev/pkg/profiling/server.go b/vendor/knative.dev/pkg/profiling/server.go index f362f36fa4d..9eceef51cbd 100644 --- a/vendor/knative.dev/pkg/profiling/server.go +++ b/vendor/knative.dev/pkg/profiling/server.go @@ -117,6 +117,6 @@ func NewServer(handler http.Handler) *http.Server { return &http.Server{ Addr: ":" + port, Handler: handler, - ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 + ReadHeaderTimeout: time.Minute, // https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 } } diff --git a/vendor/knative.dev/pkg/reconciler/testing/table.go b/vendor/knative.dev/pkg/reconciler/testing/table.go index d36c49b89ab..18a83a2bb52 100644 --- a/vendor/knative.dev/pkg/reconciler/testing/table.go +++ b/vendor/knative.dev/pkg/reconciler/testing/table.go @@ -363,7 +363,8 @@ func (r *TableRow) Test(t *testing.T, factory Factory) { func filterUpdatesWithSubresource( subresource string, - actions []clientgotesting.UpdateAction) (result []clientgotesting.UpdateAction) { + actions []clientgotesting.UpdateAction, +) (result []clientgotesting.UpdateAction) { for _, action := range actions { if action.GetSubresource() == subresource { result = append(result, action) diff --git a/vendor/knative.dev/pkg/test/clients.go b/vendor/knative.dev/pkg/test/clients.go index 88530c36b70..44234100bcb 100644 --- a/vendor/knative.dev/pkg/test/clients.go +++ b/vendor/knative.dev/pkg/test/clients.go @@ -34,7 +34,8 @@ import ( // NewSpoofingClient returns a spoofing client to make requests func NewSpoofingClient(ctx context.Context, client kubernetes.Interface, logf logging.FormatLogger, - domain string, resolvable bool, opts ...spoof.TransportOption) (*spoof.SpoofingClient, error) { + domain string, resolvable bool, opts ...spoof.TransportOption, +) (*spoof.SpoofingClient, error) { return spoof.New(ctx, client, logf, domain, resolvable, Flags.IngressEndpoint, Flags.SpoofRequestInterval, Flags.SpoofRequestTimeout, opts...) } diff --git a/vendor/knative.dev/pkg/test/e2e_flags.go b/vendor/knative.dev/pkg/test/e2e_flags.go index ef9b5519e70..3860dff9426 100644 --- a/vendor/knative.dev/pkg/test/e2e_flags.go +++ b/vendor/knative.dev/pkg/test/e2e_flags.go @@ -29,12 +29,10 @@ import ( "knative.dev/pkg/test/logging" ) -var ( - // Flags holds the command line flags or defaults for settings in the user's environment. - // See EnvironmentFlags for a list of supported fields. - // Deprecated: use test/flags.Flags() - Flags = initializeFlags() -) +// Flags holds the command line flags or defaults for settings in the user's environment. +// See EnvironmentFlags for a list of supported fields. +// Deprecated: use test/flags.Flags() +var Flags = initializeFlags() // EnvironmentFlags define the flags that are needed to run the e2e tests. // Deprecated: use test/flags.Flags() or injection.Flags() diff --git a/vendor/knative.dev/pkg/test/helpers/dir.go b/vendor/knative.dev/pkg/test/helpers/dir.go index e6df61121d8..e5085f009ba 100644 --- a/vendor/knative.dev/pkg/test/helpers/dir.go +++ b/vendor/knative.dev/pkg/test/helpers/dir.go @@ -23,7 +23,7 @@ import ( "strings" ) -const allUsersFullPermission = 0777 +const allUsersFullPermission = 0o777 // CreateDir creates dir if does not exist. // The created dir will have the permission bits as 0777, which means everyone can read/write/execute it. diff --git a/vendor/knative.dev/pkg/test/request.go b/vendor/knative.dev/pkg/test/request.go index a22542e29bd..46c7d6857f5 100644 --- a/vendor/knative.dev/pkg/test/request.go +++ b/vendor/knative.dev/pkg/test/request.go @@ -83,7 +83,8 @@ func WaitForEndpointState( inState spoof.ResponseChecker, desc string, resolvable bool, - opts ...interface{}) (*spoof.Response, error) { + opts ...interface{}, +) (*spoof.Response, error) { return WaitForEndpointStateWithTimeout(ctx, kubeClient, logf, url, inState, desc, resolvable, Flags.SpoofRequestTimeout, opts...) } @@ -103,8 +104,8 @@ func WaitForEndpointStateWithTimeout( desc string, resolvable bool, timeout time.Duration, - opts ...interface{}) (*spoof.Response, error) { - + opts ...interface{}, +) (*spoof.Response, error) { client, rOpts, err := makeSpoofClient(ctx, kubeClient, logf, url, resolvable, timeout, opts...) if err != nil { return nil, err @@ -119,8 +120,8 @@ func makeSpoofClient( url *url.URL, resolvable bool, timeout time.Duration, - opts ...interface{}) (*spoof.SpoofingClient, []spoof.RequestOption, error) { - + opts ...interface{}, +) (*spoof.SpoofingClient, []spoof.RequestOption, error) { var tOpts []spoof.TransportOption var rOpts []spoof.RequestOption diff --git a/vendor/knative.dev/pkg/test/spoof/spoof.go b/vendor/knative.dev/pkg/test/spoof/spoof.go index 716e5d83dbd..ac1c23e7dc2 100644 --- a/vendor/knative.dev/pkg/test/spoof/spoof.go +++ b/vendor/knative.dev/pkg/test/spoof/spoof.go @@ -100,7 +100,8 @@ func New( resolvable bool, endpointOverride string, requestInterval, requestTimeout time.Duration, - opts ...TransportOption) (*SpoofingClient, error) { + opts ...TransportOption, +) (*SpoofingClient, error) { endpoint, mapper, err := ResolveEndpoint(ctx, kubeClientset, domain, resolvable, endpointOverride) if err != nil { return nil, fmt.Errorf("failed to get the cluster endpoint: %w", err) @@ -288,8 +289,8 @@ func (sc *SpoofingClient) WaitForEndpointState( url *url.URL, inState ResponseChecker, desc string, - opts ...RequestOption) (*Response, error) { - + opts ...RequestOption, +) (*Response, error) { return sc.endpointState( ctx, url, @@ -307,7 +308,8 @@ func (sc *SpoofingClient) endpointState( desc string, f func(*http.Request, ResponseChecker) (*Response, error), logName string, - opts ...RequestOption) (*Response, error) { + opts ...RequestOption, +) (*Response, error) { defer logging.GetEmitableSpan(ctx, logName+"/"+desc).End() if url.Scheme == "" || url.Host == "" { @@ -348,7 +350,8 @@ func (sc *SpoofingClient) CheckEndpointState( url *url.URL, inState ResponseChecker, desc string, - opts ...RequestOption) (*Response, error) { + opts ...RequestOption, +) (*Response, error) { return sc.endpointState( ctx, url, diff --git a/vendor/knative.dev/pkg/test/upgrade/functions.go b/vendor/knative.dev/pkg/test/upgrade/functions.go index fe4965d8099..e988c5bf817 100644 --- a/vendor/knative.dev/pkg/test/upgrade/functions.go +++ b/vendor/knative.dev/pkg/test/upgrade/functions.go @@ -77,7 +77,8 @@ func NewBackgroundVerification(name string, setup func(c Context), verify func(c // NewBackgroundOperation creates a new background operation or test that can be // notified to stop its operation. func NewBackgroundOperation(name string, setup func(c Context), - handler func(bc BackgroundContext)) BackgroundOperation { + handler func(bc BackgroundContext), +) BackgroundOperation { return &simpleBackgroundOperation{ name: name, setup: setup, diff --git a/vendor/knative.dev/pkg/test/upgrade/shell/executor.go b/vendor/knative.dev/pkg/test/upgrade/shell/executor.go index 020f0d3eddf..866b8141499 100644 --- a/vendor/knative.dev/pkg/test/upgrade/shell/executor.go +++ b/vendor/knative.dev/pkg/test/upgrade/shell/executor.go @@ -28,7 +28,7 @@ import ( const ( defaultLabelOut = "[OUT]" defaultLabelErr = "[ERR]" - executeMode = 0700 + executeMode = 0o700 ) // NewExecutor creates a new executor. diff --git a/vendor/knative.dev/pkg/tracker/interface.go b/vendor/knative.dev/pkg/tracker/interface.go index 5e580b34cf9..58bc941d8e4 100644 --- a/vendor/knative.dev/pkg/tracker/interface.go +++ b/vendor/knative.dev/pkg/tracker/interface.go @@ -177,5 +177,4 @@ func (ref *Reference) Validate(ctx context.Context) *apis.FieldError { } return errs - } diff --git a/vendor/knative.dev/pkg/webhook/admission.go b/vendor/knative.dev/pkg/webhook/admission.go index db131b902bf..9e14eae89b2 100644 --- a/vendor/knative.dev/pkg/webhook/admission.go +++ b/vendor/knative.dev/pkg/webhook/admission.go @@ -88,7 +88,7 @@ func admissionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c Admi <-synced } - var ttStart = time.Now() + ttStart := time.Now() logger := rootLogger logger.Infof("Webhook ServeHTTP request=%#v", r) diff --git a/vendor/knative.dev/pkg/webhook/certificates/certificates.go b/vendor/knative.dev/pkg/webhook/certificates/certificates.go index 5239279e526..21c6bdec6a9 100644 --- a/vendor/knative.dev/pkg/webhook/certificates/certificates.go +++ b/vendor/knative.dev/pkg/webhook/certificates/certificates.go @@ -48,8 +48,10 @@ type reconciler struct { serviceName string } -var _ controller.Reconciler = (*reconciler)(nil) -var _ pkgreconciler.LeaderAware = (*reconciler)(nil) +var ( + _ controller.Reconciler = (*reconciler)(nil) + _ pkgreconciler.LeaderAware = (*reconciler)(nil) +) // Reconcile implements controller.Reconciler func (r *reconciler) Reconcile(ctx context.Context, key string) error { diff --git a/vendor/knative.dev/pkg/webhook/certificates/controller.go b/vendor/knative.dev/pkg/webhook/certificates/controller.go index 1932e28c25a..b076bd6612c 100644 --- a/vendor/knative.dev/pkg/webhook/certificates/controller.go +++ b/vendor/knative.dev/pkg/webhook/certificates/controller.go @@ -41,7 +41,6 @@ func NewController( ctx context.Context, cmw configmap.Watcher, ) *controller.Impl { - client := kubeclient.Get(ctx) secretInformer := secretinformer.Get(ctx) options := webhook.GetOptions(ctx) diff --git a/vendor/knative.dev/pkg/webhook/certificates/resources/certs.go b/vendor/knative.dev/pkg/webhook/certificates/resources/certs.go index 811eb569c27..cb56c8cef9c 100644 --- a/vendor/knative.dev/pkg/webhook/certificates/resources/certs.go +++ b/vendor/knative.dev/pkg/webhook/certificates/resources/certs.go @@ -98,8 +98,8 @@ func createServerCertTemplate(name, namespace string, notAfter time.Time) (*x509 // Actually sign the cert and return things in a form that we can use later on func createCert(template, parent *x509.Certificate, pub, parentPriv interface{}) ( - cert *x509.Certificate, certPEM []byte, err error) { - + cert *x509.Certificate, certPEM []byte, err error, +) { certDER, err := x509.CreateCertificate(rand.Reader, template, parent, pub, parentPriv) if err != nil { return diff --git a/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go b/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go index 5a4c4d88887..d7d37b8ec4d 100644 --- a/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go +++ b/vendor/knative.dev/pkg/webhook/configmaps/configmaps.go @@ -61,10 +61,12 @@ type reconciler struct { secretName string } -var _ controller.Reconciler = (*reconciler)(nil) -var _ pkgreconciler.LeaderAware = (*reconciler)(nil) -var _ webhook.AdmissionController = (*reconciler)(nil) -var _ webhook.StatelessAdmissionController = (*reconciler)(nil) +var ( + _ controller.Reconciler = (*reconciler)(nil) + _ pkgreconciler.LeaderAware = (*reconciler)(nil) + _ webhook.AdmissionController = (*reconciler)(nil) + _ webhook.StatelessAdmissionController = (*reconciler)(nil) +) // Reconcile implements controller.Reconciler func (ac *reconciler) Reconcile(ctx context.Context, key string) error { diff --git a/vendor/knative.dev/pkg/webhook/configmaps/controller.go b/vendor/knative.dev/pkg/webhook/configmaps/controller.go index c2d71eb0397..9c2aae49524 100644 --- a/vendor/knative.dev/pkg/webhook/configmaps/controller.go +++ b/vendor/knative.dev/pkg/webhook/configmaps/controller.go @@ -41,7 +41,6 @@ func NewAdmissionController( name, path string, constructors configmap.Constructors, ) *controller.Impl { - client := kubeclient.Get(ctx) vwhInformer := vwhinformer.Get(ctx) secretInformer := secretinformer.Get(ctx) diff --git a/vendor/knative.dev/pkg/webhook/conversion.go b/vendor/knative.dev/pkg/webhook/conversion.go index 2e876c14f5d..fa3c76a7026 100644 --- a/vendor/knative.dev/pkg/webhook/conversion.go +++ b/vendor/knative.dev/pkg/webhook/conversion.go @@ -40,7 +40,7 @@ type ConversionController interface { func conversionHandler(rootLogger *zap.SugaredLogger, stats StatsReporter, c ConversionController) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - var ttStart = time.Now() + ttStart := time.Now() logger := rootLogger logger.Infof("Webhook ServeHTTP request=%#v", r) diff --git a/vendor/knative.dev/pkg/webhook/helper.go b/vendor/knative.dev/pkg/webhook/helper.go index a3647ac742a..a9ff91fe257 100644 --- a/vendor/knative.dev/pkg/webhook/helper.go +++ b/vendor/knative.dev/pkg/webhook/helper.go @@ -29,8 +29,8 @@ import ( // adds all knative-keys not yet there. func EnsureLabelSelectorExpressions( current *metav1.LabelSelector, - want *metav1.LabelSelector) *metav1.LabelSelector { - + want *metav1.LabelSelector, +) *metav1.LabelSelector { if current == nil { return want } @@ -56,8 +56,8 @@ func EnsureLabelSelectorExpressions( func ensureLabelSelectorRequirements( current []metav1.LabelSelectorRequirement, - want []metav1.LabelSelectorRequirement) []metav1.LabelSelectorRequirement { - + want []metav1.LabelSelectorRequirement, +) []metav1.LabelSelectorRequirement { nonKnative := make([]metav1.LabelSelectorRequirement, 0, len(current)) for _, r := range current { if !strings.Contains(r.Key, "knative.dev") { diff --git a/vendor/knative.dev/pkg/webhook/json/decode.go b/vendor/knative.dev/pkg/webhook/json/decode.go index b62caec612c..c8e57079074 100644 --- a/vendor/knative.dev/pkg/webhook/json/decode.go +++ b/vendor/knative.dev/pkg/webhook/json/decode.go @@ -32,7 +32,7 @@ var ( // Unmarshal is an alias for json.Unmarshal Unmarshal = json.Unmarshal - //Marshal is an alias for json.Marshal + // Marshal is an alias for json.Marshal Marshal = json.Marshal ) diff --git a/vendor/knative.dev/pkg/webhook/psbinding/controller.go b/vendor/knative.dev/pkg/webhook/psbinding/controller.go index bceffcb4f7b..f799847214d 100644 --- a/vendor/knative.dev/pkg/webhook/psbinding/controller.go +++ b/vendor/knative.dev/pkg/webhook/psbinding/controller.go @@ -78,7 +78,6 @@ func NewAdmissionController( withContext BindableContext, reconcilerOptions ...ReconcilerOption, ) *controller.Impl { - // Extract the assorted things from our context. client := kubeclient.Get(ctx) mwhInformer := mwhinformer.Get(ctx) diff --git a/vendor/knative.dev/pkg/webhook/psbinding/psbinding.go b/vendor/knative.dev/pkg/webhook/psbinding/psbinding.go index ee1d66a822b..2236cadc64f 100644 --- a/vendor/knative.dev/pkg/webhook/psbinding/psbinding.go +++ b/vendor/knative.dev/pkg/webhook/psbinding/psbinding.go @@ -118,9 +118,11 @@ type Reconciler struct { index index } -var _ controller.Reconciler = (*Reconciler)(nil) -var _ pkgreconciler.LeaderAware = (*Reconciler)(nil) -var _ webhook.AdmissionController = (*Reconciler)(nil) +var ( + _ controller.Reconciler = (*Reconciler)(nil) + _ pkgreconciler.LeaderAware = (*Reconciler)(nil) + _ webhook.AdmissionController = (*Reconciler)(nil) +) // We need to specifically exclude our deployment(s) from consideration, but this provides a way // of excluding other things as well. @@ -186,7 +188,8 @@ func (ac *Reconciler) Admit(ctx context.Context, request *admissionv1.AdmissionR Group: request.Kind.Group, Kind: request.Kind.Kind, Namespace: request.Namespace, - Name: orig.Name}, + Name: orig.Name, + }, labels.Set(orig.Labels)) if len(fbs) == 0 { // This doesn't apply! @@ -269,7 +272,8 @@ func (ac *Reconciler) reconcileMutatingWebhook(ctx context.Context, caCert []byt Group: gk.Group, Kind: gk.Kind, Namespace: ref.Namespace, - Name: ref.Name}, + Name: ref.Name, + }, fb) } else { selector, err := metav1.LabelSelectorAsSelector(ref.Selector) @@ -279,7 +283,8 @@ func (ac *Reconciler) reconcileMutatingWebhook(ctx context.Context, caCert []byt ib.associateSelection(inexactKey{ Group: gk.Group, Kind: gk.Kind, - Namespace: ref.Namespace}, + Namespace: ref.Namespace, + }, selector, fb) } } diff --git a/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go b/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go index 3d156fdca2c..233af0d389d 100644 --- a/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go +++ b/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go @@ -102,8 +102,10 @@ type BaseReconciler struct { } // Check that our Reconciler implements controller.Reconciler -var _ controller.Reconciler = (*BaseReconciler)(nil) -var _ pkgreconciler.LeaderAware = (*BaseReconciler)(nil) +var ( + _ controller.Reconciler = (*BaseReconciler)(nil) + _ pkgreconciler.LeaderAware = (*BaseReconciler)(nil) +) // Reconcile implements controller.Reconciler func (r *BaseReconciler) Reconcile(ctx context.Context, key string) error { @@ -275,7 +277,6 @@ func (r *BaseReconciler) RemoveFinalizer(ctx context.Context, fb kmeta.Accessor) } func (r *BaseReconciler) labelNamespace(ctx context.Context, subject tracker.Reference) error { - namespaceObject, err := r.NamespaceLister.Get(subject.Namespace) if apierrs.IsNotFound(err) { logging.FromContext(ctx).Info("Error getting namespace (not found): ", err) diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go index 45e2eef4e66..8f200d3c23f 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/controller.go @@ -89,7 +89,6 @@ func NewConversionController( kinds map[schema.GroupKind]GroupKindConversion, withContext func(context.Context) context.Context, ) *controller.Impl { - opts := []OptionFunc{ WithPath(path), WithWrapContext(withContext), diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go index d8dcde744c3..29830a87510 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/conversion.go @@ -39,7 +39,6 @@ func (r *reconciler) Convert( ctx context.Context, req *apixv1.ConversionRequest, ) *apixv1.ConversionResponse { - if r.withContext != nil { ctx = r.withContext(ctx) } diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go index 103e6a5ebad..f23b055872c 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/conversion/reconciler.go @@ -51,9 +51,11 @@ type reconciler struct { client apixclient.Interface } -var _ webhook.ConversionController = (*reconciler)(nil) -var _ controller.Reconciler = (*reconciler)(nil) -var _ pkgreconciler.LeaderAware = (*reconciler)(nil) +var ( + _ webhook.ConversionController = (*reconciler)(nil) + _ controller.Reconciler = (*reconciler)(nil) + _ pkgreconciler.LeaderAware = (*reconciler)(nil) +) // Path implements webhook.ConversionController func (r *reconciler) Path() string { diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go index ba50005d79a..c7f9bb139e8 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/controller.go @@ -45,7 +45,6 @@ func NewAdmissionController( disallowUnknownFields bool, callbacks ...map[schema.GroupVersionKind]Callback, ) *controller.Impl { - // This not ideal, we are using a variadic argument to effectively make callbacks optional // This allows this addition to be non-breaking to consumers of /pkg // TODO: once all sub-repos have adopted this, we might move this back to a traditional param. diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go index 90f9ec8c96c..4140ec71922 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/defaulting/defaulting.go @@ -104,10 +104,12 @@ func NewCallback(function func(context.Context, *unstructured.Unstructured) erro return Callback{function: function, supportedVerbs: m} } -var _ controller.Reconciler = (*reconciler)(nil) -var _ pkgreconciler.LeaderAware = (*reconciler)(nil) -var _ webhook.AdmissionController = (*reconciler)(nil) -var _ webhook.StatelessAdmissionController = (*reconciler)(nil) +var ( + _ controller.Reconciler = (*reconciler)(nil) + _ pkgreconciler.LeaderAware = (*reconciler)(nil) + _ webhook.AdmissionController = (*reconciler)(nil) + _ webhook.StatelessAdmissionController = (*reconciler)(nil) +) // Reconcile implements controller.Reconciler func (ac *reconciler) Reconcile(ctx context.Context, key string) error { diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go index eee6105b45b..f24b36792a8 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/controller.go @@ -45,7 +45,6 @@ func NewAdmissionControllerWithConfig( disallowUnknownFields bool, callbacks map[schema.GroupVersionKind]Callback, ) *controller.Impl { - opts := []OptionFunc{ WithPath(path), WithTypes(handlers), @@ -122,7 +121,6 @@ func newController(ctx context.Context, name string, optsFunc ...OptionFunc) *co }) return c - } // NewAdmissionController constructs a reconciler diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go index dfc36199103..afbc45c051b 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/reconcile_config.go @@ -64,10 +64,12 @@ type reconciler struct { secretName string } -var _ controller.Reconciler = (*reconciler)(nil) -var _ pkgreconciler.LeaderAware = (*reconciler)(nil) -var _ webhook.AdmissionController = (*reconciler)(nil) -var _ webhook.StatelessAdmissionController = (*reconciler)(nil) +var ( + _ controller.Reconciler = (*reconciler)(nil) + _ pkgreconciler.LeaderAware = (*reconciler)(nil) + _ webhook.AdmissionController = (*reconciler)(nil) + _ webhook.StatelessAdmissionController = (*reconciler)(nil) +) // Path implements AdmissionController func (ac *reconciler) Path() string { diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go index e601890afcc..ed5b8349207 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go @@ -106,8 +106,8 @@ func (ac *reconciler) Admit(ctx context.Context, request *admissionv1.AdmissionR func (ac *reconciler) decodeRequestAndPrepareContext( ctx context.Context, req *admissionv1.AdmissionRequest, - gvk schema.GroupVersionKind) (context.Context, resourcesemantics.GenericCRD, error) { - + gvk schema.GroupVersionKind, +) (context.Context, resourcesemantics.GenericCRD, error) { logger := logging.FromContext(ctx) handler, ok := ac.handlers[gvk] if !ok { diff --git a/vendor/knative.dev/pkg/webhook/stats_reporter.go b/vendor/knative.dev/pkg/webhook/stats_reporter.go index 3f05d4a91c7..bc62820b987 100644 --- a/vendor/knative.dev/pkg/webhook/stats_reporter.go +++ b/vendor/knative.dev/pkg/webhook/stats_reporter.go @@ -66,8 +66,10 @@ var ( resultCodeKey = tag.MustNewKey("result_code") ) -type admissionToValue func(*admissionv1.AdmissionRequest, *admissionv1.AdmissionResponse) string -type conversionToValue func(*apixv1.ConversionRequest, *apixv1.ConversionResponse) string +type ( + admissionToValue func(*admissionv1.AdmissionRequest, *admissionv1.AdmissionResponse) string + conversionToValue func(*apixv1.ConversionRequest, *apixv1.ConversionResponse) string +) var ( allAdmissionTags = map[tag.Key]admissionToValue{ diff --git a/vendor/knative.dev/pkg/webhook/webhook.go b/vendor/knative.dev/pkg/webhook/webhook.go index d8842df35ae..e91262db2c1 100644 --- a/vendor/knative.dev/pkg/webhook/webhook.go +++ b/vendor/knative.dev/pkg/webhook/webhook.go @@ -132,7 +132,6 @@ func New( ctx context.Context, controllers []interface{}, ) (webhook *Webhook, err error) { - // ServeMux.Handle panics on duplicate paths defer func() { if r := recover(); r != nil { @@ -270,11 +269,11 @@ func (wh *Webhook) Run(stop <-chan struct{}) error { Handler: drainer, Addr: fmt.Sprint(":", wh.Options.Port), TLSConfig: wh.tlsConfig, - ReadHeaderTimeout: time.Minute, //https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 + ReadHeaderTimeout: time.Minute, // https://medium.com/a-journey-with-go/go-understand-and-mitigate-slowloris-attack-711c1b1403f6 TLSNextProto: nextProto, } - var serve = server.ListenAndServe + serve := server.ListenAndServe if server.TLSConfig != nil && wh.testListener != nil { serve = func() error { diff --git a/vendor/modules.txt b/vendor/modules.txt index 99935bbd977..e558e1326c5 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1058,7 +1058,7 @@ knative.dev/hack/schema/commands knative.dev/hack/schema/docs knative.dev/hack/schema/registry knative.dev/hack/schema/schema -# knative.dev/pkg v0.0.0-20240621201938-fc0720b7a660 +# knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae ## explicit; go 1.22 knative.dev/pkg/apiextensions/storageversion knative.dev/pkg/apiextensions/storageversion/cmd/migrate From 922edf285258ddb63769b88bc31c08f20b2235d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20St=C3=A4bler?= Date: Wed, 26 Jun 2024 13:34:28 +0200 Subject: [PATCH 3/8] Remove unneeded replaces in go.mod (#8033) --- go.mod | 5 ----- vendor/modules.txt | 2 -- 2 files changed, 7 deletions(-) diff --git a/go.mod b/go.mod index bacba25645b..42bc77eab08 100644 --- a/go.mod +++ b/go.mod @@ -121,8 +121,3 @@ require ( sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) - -replace ( - github.com/dgrijalva/jwt-go => github.com/form3tech-oss/jwt-go v0.0.0-20210511163231-5b2d2b5f6c34 - github.com/miekg/dns v1.0.14 => github.com/miekg/dns v1.1.25 -) diff --git a/vendor/modules.txt b/vendor/modules.txt index e558e1326c5..d9867624908 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1252,5 +1252,3 @@ sigs.k8s.io/structured-merge-diff/v4/value ## explicit; go 1.12 sigs.k8s.io/yaml sigs.k8s.io/yaml/goyaml.v2 -# github.com/dgrijalva/jwt-go => github.com/form3tech-oss/jwt-go v0.0.0-20210511163231-5b2d2b5f6c34 -# github.com/miekg/dns v1.0.14 => github.com/miekg/dns v1.1.25 From e36a2cf3e19426b702b01cb203a4458595264c51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20St=C3=A4bler?= Date: Wed, 26 Jun 2024 16:42:47 +0200 Subject: [PATCH 4/8] Use `knative/actions/setup-go` to be in sync with other projects (#8044) Use knative/actions/setup-go to be in sync with other projects --- .github/workflows/kind-e2e.yaml | 4 +--- .github/workflows/knative-downstream.yaml | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/kind-e2e.yaml b/.github/workflows/kind-e2e.yaml index ceca537041b..26129223850 100644 --- a/.github/workflows/kind-e2e.yaml +++ b/.github/workflows/kind-e2e.yaml @@ -59,9 +59,7 @@ jobs: steps: - name: Set up Go - uses: actions/setup-go@v2 - with: - go-version: 1.21.x + uses: knative/actions/setup-go@main # Install the latest release of ko - name: Install ko diff --git a/.github/workflows/knative-downstream.yaml b/.github/workflows/knative-downstream.yaml index 7895b357037..de9897c5f17 100644 --- a/.github/workflows/knative-downstream.yaml +++ b/.github/workflows/knative-downstream.yaml @@ -44,9 +44,7 @@ jobs: GOPATH: ${{ github.workspace }} steps: - name: Set up Go - uses: actions/setup-go@v2 - with: - go-version: 1.21.x + uses: knative/actions/setup-go@main - name: Install Dependencies run: | go install github.com/google/go-licenses@latest From c5ac18af7eb67cdadc6abe90fe6901b8dd386794 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20St=C3=A4bler?= Date: Wed, 26 Jun 2024 17:52:28 +0200 Subject: [PATCH 5/8] Update Github actions automatically (#7942) --- .github/.dependabot.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/.dependabot.yaml diff --git a/.github/.dependabot.yaml b/.github/.dependabot.yaml new file mode 100644 index 00000000000..453228e1c2e --- /dev/null +++ b/.github/.dependabot.yaml @@ -0,0 +1,8 @@ +# Set update schedule for GitHub Actions +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every week + interval: "weekly" From a6ac8111e82f1f8b6a5c9e52acb8ec59782394e3 Mon Sep 17 00:00:00 2001 From: Knative Automation Date: Thu, 27 Jun 2024 02:01:50 -0400 Subject: [PATCH 6/8] [main] Upgrade to latest dependencies (#8032) upgrade to latest dependencies bumping knative.dev/pkg 8535fcc...3f6a546: > 3f6a546 Fix rand source in name (# 3070) > ee1db86 Update linter config and address lint warnings/failures (# 3068) > 26bc7b4 Register AuthenticatableType in schema (# 3069) Signed-off-by: Knative Automation --- go.mod | 2 +- go.sum | 4 ++-- vendor/knative.dev/pkg/apis/condition_set.go | 3 ++- vendor/knative.dev/pkg/apis/deprecated.go | 2 +- .../pkg/apis/duck/v1/destination.go | 4 ++-- .../pkg/apis/duck/v1/knative_reference.go | 1 - .../knative.dev/pkg/apis/duck/v1/register.go | 2 ++ .../pkg/apis/duck/v1/status_types.go | 1 - .../pkg/apis/duck/v1beta1/destination.go | 4 ++-- vendor/knative.dev/pkg/apis/kind2resource.go | 5 ++-- .../pkg/apis/testing/roundtrip/roundtrip.go | 2 +- .../codegen/cmd/injection-gen/args/args.go | 8 +++---- .../cmd/injection-gen/generators/packages.go | 8 +------ vendor/knative.dev/pkg/configmap/filter.go | 8 +++---- .../pkg/configmap/informer/synced_callback.go | 4 ++-- .../knative.dev/pkg/controller/controller.go | 15 ++++-------- vendor/knative.dev/pkg/hack/format-code.sh | 23 +++++++++++++++++++ vendor/knative.dev/pkg/injection/informers.go | 2 +- vendor/knative.dev/pkg/kmeta/names.go | 3 ++- .../pkg/leaderelection/chaosduck/main.go | 1 - .../knative.dev/pkg/leaderelection/context.go | 7 ++---- .../pkg/metrics/opencensus_exporter.go | 4 +++- .../pkg/metrics/prometheus_exporter.go | 1 - .../knative.dev/pkg/metrics/resource_view.go | 2 +- .../knative.dev/pkg/reconciler/configstore.go | 2 +- vendor/knative.dev/pkg/reconciler/events.go | 2 +- .../pkg/reconciler/testing/context.go | 2 +- .../pkg/reconciler/testing/table.go | 4 +++- vendor/knative.dev/pkg/test/helpers/name.go | 12 ++++++++-- .../knative.dev/pkg/test/ingress/ingress.go | 5 ++-- .../knative.dev/pkg/test/logging/logging.go | 2 ++ .../pkg/test/logstream/v2/stream.go | 1 - .../knative.dev/pkg/tracing/config/tracing.go | 6 ++--- vendor/knative.dev/pkg/webhook/json/decode.go | 3 ++- .../pkg/webhook/psbinding/reconciler.go | 3 +-- .../validation/validation_admit.go | 3 ++- vendor/knative.dev/pkg/webhook/webhook.go | 1 + vendor/modules.txt | 2 +- 38 files changed, 94 insertions(+), 70 deletions(-) create mode 100644 vendor/knative.dev/pkg/hack/format-code.sh diff --git a/go.mod b/go.mod index 42bc77eab08..55a5c979746 100644 --- a/go.mod +++ b/go.mod @@ -45,7 +45,7 @@ require ( k8s.io/utils v0.0.0-20240102154912-e7106e64919e knative.dev/hack v0.0.0-20240607132042-09143140a254 knative.dev/hack/schema v0.0.0-20240607132042-09143140a254 - knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae + knative.dev/pkg v0.0.0-20240626134149-3f6a546ac3a4 knative.dev/reconciler-test v0.0.0-20240618170853-5bf0b86114f8 sigs.k8s.io/yaml v1.4.0 ) diff --git a/go.sum b/go.sum index 84bda4c9d2b..5046b4dbd16 100644 --- a/go.sum +++ b/go.sum @@ -842,8 +842,8 @@ knative.dev/hack v0.0.0-20240607132042-09143140a254 h1:1YFnu3U6dWZg0oxm6GU8kEdA9 knative.dev/hack v0.0.0-20240607132042-09143140a254/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= knative.dev/hack/schema v0.0.0-20240607132042-09143140a254 h1:b9hFHGtxx0Kpm4EEjSD72lL0jms91To3OEVBTbqfOYI= knative.dev/hack/schema v0.0.0-20240607132042-09143140a254/go.mod h1:3pWwBLnTZSM9psSgCAvhKOHIPTzqfEMlWRpDu6IYhK0= -knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae h1:unXplcQLqwO+QtSepyRI2zy4ZD/tciPro9Y4uVG6n6g= -knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae/go.mod h1:Wikg4u73T6vk9TctrxZt60VXzqmGEQIx0iKfk1+9o4c= +knative.dev/pkg v0.0.0-20240626134149-3f6a546ac3a4 h1:slPKf3UKdBFZlz+hFy+KXzTgY9yOePLzRuEhKzgc5a4= +knative.dev/pkg v0.0.0-20240626134149-3f6a546ac3a4/go.mod h1:Wikg4u73T6vk9TctrxZt60VXzqmGEQIx0iKfk1+9o4c= knative.dev/reconciler-test v0.0.0-20240618170853-5bf0b86114f8 h1:A+rsitEiTX3GudM51g7zUMza+Ripj+boncmlJ2jZp50= knative.dev/reconciler-test v0.0.0-20240618170853-5bf0b86114f8/go.mod h1:2uUx3U6kdIzgJgMGgrGmdDdcFrFiex/DjuI2gM7Tte8= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= diff --git a/vendor/knative.dev/pkg/apis/condition_set.go b/vendor/knative.dev/pkg/apis/condition_set.go index 9ad14902e78..940d1b3ab32 100644 --- a/vendor/knative.dev/pkg/apis/condition_set.go +++ b/vendor/knative.dev/pkg/apis/condition_set.go @@ -17,6 +17,7 @@ limitations under the License. package apis import ( + "errors" "fmt" "reflect" "sort" @@ -233,7 +234,7 @@ func (r conditionsImpl) ClearCondition(t ConditionType) error { } // Terminal conditions are not handled as they can't be nil if r.isTerminal(t) { - return fmt.Errorf("clearing terminal conditions not implemented") + return errors.New("clearing terminal conditions not implemented") } cond := r.GetCondition(t) if cond == nil { diff --git a/vendor/knative.dev/pkg/apis/deprecated.go b/vendor/knative.dev/pkg/apis/deprecated.go index 8f07e71b31b..b5dfde2fbb4 100644 --- a/vendor/knative.dev/pkg/apis/deprecated.go +++ b/vendor/knative.dev/pkg/apis/deprecated.go @@ -94,7 +94,7 @@ func getPrefixedNamedFieldValues(prefix string, obj interface{}) (map[string]ref return fields, inlined } - for i := 0; i < objValue.NumField(); i++ { + for i := range objValue.NumField() { tf := objValue.Type().Field(i) if v := objValue.Field(i); v.IsValid() { jTag := tf.Tag.Get("json") diff --git a/vendor/knative.dev/pkg/apis/duck/v1/destination.go b/vendor/knative.dev/pkg/apis/duck/v1/destination.go index 720d4067766..34c1af94f99 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/destination.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/destination.go @@ -103,11 +103,11 @@ func (d *Destination) SetDefaults(ctx context.Context) { } } -func validateCACerts(CACert *string) *apis.FieldError { +func validateCACerts(caCert *string) *apis.FieldError { // Check the object. var errs *apis.FieldError - block, err := pem.Decode([]byte(*CACert)) + block, err := pem.Decode([]byte(*caCert)) if err != nil && block == nil { errs = errs.Also(apis.ErrInvalidValue("CA Cert provided is invalid", "caCert")) return errs diff --git a/vendor/knative.dev/pkg/apis/duck/v1/knative_reference.go b/vendor/knative.dev/pkg/apis/duck/v1/knative_reference.go index 4d03b6b97ce..2609fb1c99c 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/knative_reference.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/knative_reference.go @@ -102,7 +102,6 @@ func (kr *KReference) Validate(ctx context.Context) *apis.FieldError { Details: fmt.Sprintf("parent namespace: %q does not match ref: %q", parentNS, kr.Namespace), }) } - } } return errs diff --git a/vendor/knative.dev/pkg/apis/duck/v1/register.go b/vendor/knative.dev/pkg/apis/duck/v1/register.go index fb4348a0585..b7366b66044 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/register.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/register.go @@ -52,6 +52,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { (&KResource{}).GetListType(), &AddressableType{}, (&AddressableType{}).GetListType(), + &AuthenticatableType{}, + (&AuthenticatableType{}).GetListType(), &Source{}, (&Source{}).GetListType(), &WithPod{}, diff --git a/vendor/knative.dev/pkg/apis/duck/v1/status_types.go b/vendor/knative.dev/pkg/apis/duck/v1/status_types.go index 15e26453466..2e8d66f93b4 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1/status_types.go +++ b/vendor/knative.dev/pkg/apis/duck/v1/status_types.go @@ -97,7 +97,6 @@ func (s *Status) ConvertTo(ctx context.Context, sink *Status, predicates ...func conditions := make(apis.Conditions, 0, len(s.Conditions)) for _, c := range s.Conditions { - // Copy over the "happy" condition, which is the only condition that // we can reliably transfer. if c.Type == apis.ConditionReady || c.Type == apis.ConditionSucceeded { diff --git a/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go b/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go index 41c7702df16..bc6e56ae41c 100644 --- a/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go +++ b/vendor/knative.dev/pkg/apis/duck/v1beta1/destination.go @@ -168,11 +168,11 @@ func validateDestinationRef(ref corev1.ObjectReference) *apis.FieldError { return errs } -func validateCACerts(CACert *string) *apis.FieldError { +func validateCACerts(caCert *string) *apis.FieldError { // Check the object. var errs *apis.FieldError - block, err := pem.Decode([]byte(*CACert)) + block, err := pem.Decode([]byte(*caCert)) if err != nil && block == nil { errs = errs.Also(apis.ErrInvalidValue("CA Cert provided is invalid", "caCert")) return errs diff --git a/vendor/knative.dev/pkg/apis/kind2resource.go b/vendor/knative.dev/pkg/apis/kind2resource.go index 37ffe080345..b1937086e6f 100644 --- a/vendor/knative.dev/pkg/apis/kind2resource.go +++ b/vendor/knative.dev/pkg/apis/kind2resource.go @@ -17,7 +17,6 @@ limitations under the License. package apis import ( - "fmt" "strings" "k8s.io/apimachinery/pkg/runtime/schema" @@ -41,7 +40,7 @@ func KindToResource(gvk schema.GroupVersionKind) schema.GroupVersionResource { func pluralizeKind(kind string) string { ret := strings.ToLower(kind) if strings.HasSuffix(ret, "s") { - return fmt.Sprintf("%ses", ret) + return ret + "es" } - return fmt.Sprintf("%ss", ret) + return ret + "s" } diff --git a/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go b/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go index bdf33349f10..54493b02e24 100644 --- a/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go +++ b/vendor/knative.dev/pkg/apis/testing/roundtrip/roundtrip.go @@ -144,7 +144,7 @@ func ExternalTypesViaHub(t *testing.T, scheme, hubs *runtime.Scheme, fuzzerFuncs } t.Run(gvk.Group+"."+gvk.Version+"."+gvk.Kind, func(t *testing.T) { - for i := 0; i < *roundtrip.FuzzIters; i++ { + for range *roundtrip.FuzzIters { roundTripViaHub(t, gvk, scheme, hubs, f) if t.Failed() { diff --git a/vendor/knative.dev/pkg/codegen/cmd/injection-gen/args/args.go b/vendor/knative.dev/pkg/codegen/cmd/injection-gen/args/args.go index 265b4e40ae0..92595e2ffec 100644 --- a/vendor/knative.dev/pkg/codegen/cmd/injection-gen/args/args.go +++ b/vendor/knative.dev/pkg/codegen/cmd/injection-gen/args/args.go @@ -17,7 +17,7 @@ limitations under the License. package args import ( - "fmt" + "errors" "github.com/spf13/pflag" "k8s.io/gengo/args" @@ -59,13 +59,13 @@ func Validate(genericArgs *args.GeneratorArgs) error { customArgs := genericArgs.CustomArgs.(*CustomArgs) if len(genericArgs.OutputPackagePath) == 0 { - return fmt.Errorf("output package cannot be empty") + return errors.New("output package cannot be empty") } if len(customArgs.VersionedClientSetPackage) == 0 { - return fmt.Errorf("versioned clientset package cannot be empty") + return errors.New("versioned clientset package cannot be empty") } if len(customArgs.ExternalVersionsInformersPackage) == 0 { - return fmt.Errorf("external versions informers package cannot be empty") + return errors.New("external versions informers package cannot be empty") } return nil diff --git a/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/packages.go b/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/packages.go index f0ca43f2bf2..02f61519f08 100644 --- a/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/packages.go +++ b/vendor/knative.dev/pkg/codegen/cmd/injection-gen/generators/packages.go @@ -43,7 +43,7 @@ func Packages(context *generator.Context, arguments *args.GeneratorArgs) generat klog.Fatalf("Wrong CustomArgs type: %T", arguments.CustomArgs) } - versionPackagePath := filepath.Join(arguments.OutputPackagePath) + versionPackagePath := filepath.Clean(arguments.OutputPackagePath) var packageList generator.Packages @@ -389,8 +389,6 @@ func versionInformerPackages(basePackage string, groupPkgName string, gv clientg vers := make([]generator.Package, 0, 2*len(typesToGenerate)) for _, t := range typesToGenerate { - // Fix for golang iterator bug. - t := t packagePath := packagePath + "/" + strings.ToLower(t.Name.Name) typedInformerPackage := typedInformerPackage(groupPkgName, gv, customArgs.ExternalVersionsInformersPackage) @@ -501,7 +499,6 @@ func versionInformerPackages(basePackage string, groupPkgName string, gv clientg return tags.NeedsInformerInjection() }, }) - } return vers } @@ -513,8 +510,6 @@ func reconcilerPackages(basePackage string, groupPkgName string, gv clientgentyp vers := make([]generator.Package, 0, 4*len(typesToGenerate)) for _, t := range typesToGenerate { - // Fix for golang iterator bug. - t := t extracted := extractCommentTags(t) reconcilerClasses, hasReconcilerClass := extractReconcilerClassesTag(extracted) nonNamespaced := isNonNamespaced(extracted) @@ -677,7 +672,6 @@ func versionDuckPackages(basePackage string, groupPkgName string, gv clientgenty for _, t := range typesToGenerate { // Fix for golang iterator bug. - t := t packagePath := filepath.Join(packagePath, strings.ToLower(t.Name.Name)) // Impl diff --git a/vendor/knative.dev/pkg/configmap/filter.go b/vendor/knative.dev/pkg/configmap/filter.go index ed1040e27b3..6fb332a8cff 100644 --- a/vendor/knative.dev/pkg/configmap/filter.go +++ b/vendor/knative.dev/pkg/configmap/filter.go @@ -17,7 +17,7 @@ limitations under the License. package configmap import ( - "fmt" + "errors" "reflect" corev1 "k8s.io/api/core/v1" @@ -58,17 +58,17 @@ func ValidateConstructor(constructor interface{}) error { cType := reflect.TypeOf(constructor) if cType.Kind() != reflect.Func { - return fmt.Errorf("config constructor must be a function") + return errors.New("config constructor must be a function") } if cType.NumIn() != 1 || cType.In(0) != reflect.TypeOf(&corev1.ConfigMap{}) { - return fmt.Errorf("config constructor must be of the type func(*k8s.io/api/core/v1/ConfigMap) (..., error)") + return errors.New("config constructor must be of the type func(*k8s.io/api/core/v1/ConfigMap) (..., error)") } errorType := reflect.TypeOf((*error)(nil)).Elem() if cType.NumOut() != 2 || !cType.Out(1).Implements(errorType) { - return fmt.Errorf("config constructor must be of the type func(*k8s.io/api/core/v1/ConfigMap) (..., error)") + return errors.New("config constructor must be of the type func(*k8s.io/api/core/v1/ConfigMap) (..., error)") } return nil } diff --git a/vendor/knative.dev/pkg/configmap/informer/synced_callback.go b/vendor/knative.dev/pkg/configmap/informer/synced_callback.go index 0b3e2d3a9aa..80e776aa906 100644 --- a/vendor/knative.dev/pkg/configmap/informer/synced_callback.go +++ b/vendor/knative.dev/pkg/configmap/informer/synced_callback.go @@ -17,10 +17,10 @@ limitations under the License. package informer import ( + "context" "sync" "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/wait" ) // namedWaitGroup is used to increment and decrement a WaitGroup by name @@ -107,6 +107,6 @@ func (s *syncedCallback) WaitForAllKeys(stopCh <-chan struct{}) error { case <-c: return nil case <-stopCh: - return wait.ErrWaitTimeout + return context.DeadlineExceeded } } diff --git a/vendor/knative.dev/pkg/controller/controller.go b/vendor/knative.dev/pkg/controller/controller.go index bc7c4be495a..152d837d6d6 100644 --- a/vendor/knative.dev/pkg/controller/controller.go +++ b/vendor/knative.dev/pkg/controller/controller.go @@ -224,7 +224,7 @@ type Impl struct { // ControllerOptions encapsulates options for creating a new controller, // including throttling and stats behavior. -type ControllerOptions struct { //nolint // for backcompat. +type ControllerOptions struct { WorkQueueName string Logger *zap.SugaredLogger Reporter StatsReporter @@ -482,7 +482,7 @@ func (c *Impl) RunContext(ctx context.Context, threadiness int) error { // Launch workers to process resources that get enqueued to our workqueue. c.logger.Info("Starting controller and workers") - for i := 0; i < threadiness; i++ { + for range threadiness { sg.Add(1) go func() { defer sg.Done() @@ -623,7 +623,6 @@ func IsSkipKey(err error) bool { // Is implements the Is() interface of error. It returns whether the target // error can be treated as equivalent to a permanentError. func (skipKeyError) Is(target error) bool { - //nolint: errorlint // This check is actually fine. _, ok := target.(skipKeyError) return ok } @@ -650,7 +649,6 @@ func IsPermanentError(err error) bool { // Is implements the Is() interface of error. It returns whether the target // error can be treated as equivalent to a permanentError. func (permanentError) Is(target error) bool { - //nolint: errorlint // This check is actually fine. _, ok := target.(permanentError) return ok } @@ -710,7 +708,6 @@ func IsRequeueKey(err error) (bool, time.Duration) { // Is implements the Is() interface of error. It returns whether the target // error can be treated as equivalent to a requeueKeyError. func (requeueKeyError) Is(target error) bool { - //nolint: errorlint // This check is actually fine. _, ok := target.(requeueKeyError) return ok } @@ -726,7 +723,6 @@ type Informer interface { // of them to synchronize. func StartInformers(stopCh <-chan struct{}, informers ...Informer) error { for _, informer := range informers { - informer := informer go informer.Run(stopCh) } @@ -744,7 +740,6 @@ func RunInformers(stopCh <-chan struct{}, informers ...Informer) (func(), error) var wg sync.WaitGroup wg.Add(len(informers)) for _, informer := range informers { - informer := informer go func() { defer wg.Done() informer.Run(stopCh) @@ -762,8 +757,8 @@ func RunInformers(stopCh <-chan struct{}, informers ...Informer) (func(), error) // WaitForCacheSyncQuick is the same as cache.WaitForCacheSync but with a much reduced // check-rate for the sync period. func WaitForCacheSyncQuick(stopCh <-chan struct{}, cacheSyncs ...cache.InformerSynced) bool { - err := wait.PollImmediateUntil(time.Millisecond, - func() (bool, error) { + err := wait.PollUntilContextCancel(wait.ContextForChannel(stopCh), time.Millisecond, true, + func(context.Context) (bool, error) { for _, syncFunc := range cacheSyncs { if !syncFunc() { return false, nil @@ -771,7 +766,7 @@ func WaitForCacheSyncQuick(stopCh <-chan struct{}, cacheSyncs ...cache.InformerS } return true, nil }, - stopCh) + ) return err == nil } diff --git a/vendor/knative.dev/pkg/hack/format-code.sh b/vendor/knative.dev/pkg/hack/format-code.sh new file mode 100644 index 00000000000..b9ccea8fc93 --- /dev/null +++ b/vendor/knative.dev/pkg/hack/format-code.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +# Copyright 2024 The Knative Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + + +go run mvdan.cc/gofumpt@latest -l -w . + diff --git a/vendor/knative.dev/pkg/injection/informers.go b/vendor/knative.dev/pkg/injection/informers.go index 9356f8d7f9b..2c7a283c289 100644 --- a/vendor/knative.dev/pkg/injection/informers.go +++ b/vendor/knative.dev/pkg/injection/informers.go @@ -14,6 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ +//nolint:fatcontext package injection import ( @@ -93,7 +94,6 @@ func (i *impl) SetupInformers(ctx context.Context, cfg *rest.Config) (context.Co for _, fii := range i.GetFilteredInformers() { ctx, filteredinfs = fii(ctx) informers = append(informers, filteredinfs...) - } return ctx, informers } diff --git a/vendor/knative.dev/pkg/kmeta/names.go b/vendor/knative.dev/pkg/kmeta/names.go index 963b121d29f..0977544c8ca 100644 --- a/vendor/knative.dev/pkg/kmeta/names.go +++ b/vendor/knative.dev/pkg/kmeta/names.go @@ -18,6 +18,7 @@ package kmeta import ( "crypto/md5" //nolint:gosec // No strong cryptography needed. + "encoding/hex" "fmt" "regexp" ) @@ -53,7 +54,7 @@ func ChildName(parent, suffix string) string { // Format the return string, if it's shorter than longest: pad with // beginning of the suffix. This happens, for example, when parent is // short, but the suffix is very long. - ret := parent + fmt.Sprintf("%x", h) + ret := parent + hex.EncodeToString(h[:]) if d := longest - len(ret); d > 0 { ret += suffix[:d] } diff --git a/vendor/knative.dev/pkg/leaderelection/chaosduck/main.go b/vendor/knative.dev/pkg/leaderelection/chaosduck/main.go index 3125d8e3b9d..1e9420f53be 100644 --- a/vendor/knative.dev/pkg/leaderelection/chaosduck/main.go +++ b/vendor/knative.dev/pkg/leaderelection/chaosduck/main.go @@ -153,7 +153,6 @@ func main() { continue } - name, leaders := name, leaders eg.Go(func() error { return quack(ctx, kc, name, leaders) }) diff --git a/vendor/knative.dev/pkg/leaderelection/context.go b/vendor/knative.dev/pkg/leaderelection/context.go index 4cd6830639c..15f9376ed9f 100644 --- a/vendor/knative.dev/pkg/leaderelection/context.go +++ b/vendor/knative.dev/pkg/leaderelection/context.go @@ -133,9 +133,6 @@ func (b *standardBuilder) buildElector(ctx context.Context, la reconciler.Leader bkts := newStandardBuckets(queueName, b.lec) electors := make([]Elector, 0, b.lec.Buckets) for _, bkt := range bkts { - // Use a local var which won't change across the for loop since it is - // used in a callback asynchronously. - bkt := bkt rl, err := resourcelock.New(knativeResourceLock, system.Namespace(), // use namespace we are running in bkt.Name(), @@ -192,7 +189,7 @@ func newStandardBuckets(queueName string, cc ComponentConfig) []reconciler.Bucke } } names := make(sets.Set[string], cc.Buckets) - for i := uint32(0); i < cc.Buckets; i++ { + for i := range cc.Buckets { names.Insert(ln(i)) } @@ -239,7 +236,7 @@ func NewStatefulSetBucketAndSet(buckets int) (reconciler.Bucket, *hash.BucketSet } names := make(sets.Set[string], buckets) - for i := 0; i < buckets; i++ { + for i := range buckets { names.Insert(statefulSetPodDNS(i, ssc)) } diff --git a/vendor/knative.dev/pkg/metrics/opencensus_exporter.go b/vendor/knative.dev/pkg/metrics/opencensus_exporter.go index 59e33ab0995..8ea0f6e4197 100644 --- a/vendor/knative.dev/pkg/metrics/opencensus_exporter.go +++ b/vendor/knative.dev/pkg/metrics/opencensus_exporter.go @@ -64,7 +64,9 @@ func getFactory(defaultExporter view.Exporter, stored []ocagent.ExporterOption) // Don't create duplicate exporters for the default exporter. return defaultExporter, nil } - opts := append(stored, ocagent.WithResourceDetector( + opts := make([]ocagent.ExporterOption, 0, len(stored)+1) + opts = append(opts, stored...) + opts = append(opts, ocagent.WithResourceDetector( func(context.Context) (*resource.Resource, error) { return r, nil })) diff --git a/vendor/knative.dev/pkg/metrics/prometheus_exporter.go b/vendor/knative.dev/pkg/metrics/prometheus_exporter.go index cb5238476f3..7dfcc094d8f 100644 --- a/vendor/knative.dev/pkg/metrics/prometheus_exporter.go +++ b/vendor/knative.dev/pkg/metrics/prometheus_exporter.go @@ -42,7 +42,6 @@ func (emptyPromExporter) ExportView(viewData *view.Data) { // a signal to enrich the internal Meters with Resource information. } -// nolint: unparam // False positive of flagging the second result of this function unused. func newPrometheusExporter(config *metricsConfig, logger *zap.SugaredLogger) (view.Exporter, ResourceExporterFactory, error) { e, err := prom.NewExporter(prom.Options{Namespace: config.component}) if err != nil { diff --git a/vendor/knative.dev/pkg/metrics/resource_view.go b/vendor/knative.dev/pkg/metrics/resource_view.go index 930b389319c..d4e2c599daa 100644 --- a/vendor/knative.dev/pkg/metrics/resource_view.go +++ b/vendor/knative.dev/pkg/metrics/resource_view.go @@ -307,7 +307,7 @@ func optionForResource(r *resource.Resource) (stats.Options, error) { // If we can't create exporters but we have a Meter, return that. return mE.o, nil } - return nil, fmt.Errorf("whoops, allMeters.factory is nil") + return nil, errors.New("whoops, allMeters.factory is nil") } exporter, err := allMeters.factory(r) if err != nil { diff --git a/vendor/knative.dev/pkg/reconciler/configstore.go b/vendor/knative.dev/pkg/reconciler/configstore.go index 6b61856d566..3cbfbbffbab 100644 --- a/vendor/knative.dev/pkg/reconciler/configstore.go +++ b/vendor/knative.dev/pkg/reconciler/configstore.go @@ -33,7 +33,7 @@ var _ ConfigStore = ConfigStores{} func (stores ConfigStores) ToContext(ctx context.Context) context.Context { for _, s := range stores { - ctx = s.ToContext(ctx) + ctx = s.ToContext(ctx) //nolint:fatcontext } return ctx } diff --git a/vendor/knative.dev/pkg/reconciler/events.go b/vendor/knative.dev/pkg/reconciler/events.go index df4c366cca5..9d249bc9db5 100644 --- a/vendor/knative.dev/pkg/reconciler/events.go +++ b/vendor/knative.dev/pkg/reconciler/events.go @@ -62,7 +62,7 @@ func NewEvent(eventtype, reason, messageFmt string, args ...interface{}) Event { // ReconcilerEvent wraps the fields required for recorders to create a // kubernetes recorder Event. -type ReconcilerEvent struct { //nolint:revive // for backcompat. +type ReconcilerEvent struct { //nolint:errname EventType string Reason string Format string diff --git a/vendor/knative.dev/pkg/reconciler/testing/context.go b/vendor/knative.dev/pkg/reconciler/testing/context.go index 58b3b8d29ab..eb4d45b73c8 100644 --- a/vendor/knative.dev/pkg/reconciler/testing/context.go +++ b/vendor/knative.dev/pkg/reconciler/testing/context.go @@ -51,7 +51,7 @@ func SetupFakeContextWithCancel(t testing.TB, fs ...func(context.Context) contex ctx, c := context.WithCancel(logtesting.TestContextWithLogger(t)) ctx = controller.WithEventRecorder(ctx, record.NewFakeRecorder(1000)) for _, f := range fs { - ctx = f(ctx) + ctx = f(ctx) //nolint:fatcontext } ctx = injection.WithConfig(ctx, &rest.Config{}) diff --git a/vendor/knative.dev/pkg/reconciler/testing/table.go b/vendor/knative.dev/pkg/reconciler/testing/table.go index 18a83a2bb52..97cc921572f 100644 --- a/vendor/knative.dev/pkg/reconciler/testing/table.go +++ b/vendor/knative.dev/pkg/reconciler/testing/table.go @@ -20,6 +20,7 @@ import ( "context" "path" "reflect" + "slices" "strings" "testing" @@ -168,7 +169,8 @@ func (r *TableRow) Test(t *testing.T, factory Factory) { t.Errorf("Error capturing actions by verb: %q", err) } - effectiveOpts := append(r.CmpOpts, defaultCmpOpts...) + effectiveOpts := slices.Concat(r.CmpOpts, defaultCmpOpts) + // Previous state is used to diff resource expected state for update requests that were missed. objPrevState := make(map[string]runtime.Object, len(r.Objects)) for _, o := range r.Objects { diff --git a/vendor/knative.dev/pkg/test/helpers/name.go b/vendor/knative.dev/pkg/test/helpers/name.go index 0ceaed59430..18a93f2518b 100644 --- a/vendor/knative.dev/pkg/test/helpers/name.go +++ b/vendor/knative.dev/pkg/test/helpers/name.go @@ -19,6 +19,7 @@ package helpers import ( "math/rand" "strings" + "sync" "time" "unicode" ) @@ -32,12 +33,17 @@ const ( testNamePrefix = "Test" ) +var ( + nameRand *rand.Rand + nameMu sync.Mutex +) + func init() { // Properly seed the random number generator so RandomString() is actually random. // Otherwise, rerunning tests will generate the same names for the test resources, causing conflicts with // already existing resources. seed := time.Now().UTC().UnixNano() - rand.Seed(seed) + nameRand = rand.New(rand.NewSource(seed)) } type named interface { @@ -73,9 +79,11 @@ func AppendRandomString(prefix string) string { // RandomString will generate a random string. func RandomString() string { suffix := make([]byte, randSuffixLen) + nameMu.Lock() for i := range suffix { - suffix[i] = letterBytes[rand.Intn(len(letterBytes))] + suffix[i] = letterBytes[nameRand.Intn(len(letterBytes))] } + nameMu.Unlock() return string(suffix) } diff --git a/vendor/knative.dev/pkg/test/ingress/ingress.go b/vendor/knative.dev/pkg/test/ingress/ingress.go index 8de4052c75f..1bf38b8cc5c 100644 --- a/vendor/knative.dev/pkg/test/ingress/ingress.go +++ b/vendor/knative.dev/pkg/test/ingress/ingress.go @@ -20,6 +20,7 @@ import ( "context" "fmt" "os" + "strconv" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -59,8 +60,8 @@ func GetIngressEndpoint(ctx context.Context, kubeClientset kubernetes.Interface, if endpointOverride != "" { return endpointOverride, func(port string) string { for _, sp := range ingress.Spec.Ports { - if fmt.Sprint(sp.Port) == port { - return fmt.Sprint(sp.NodePort) + if strconv.Itoa(int(sp.Port)) == port { + return strconv.Itoa(int(sp.NodePort)) } } return port diff --git a/vendor/knative.dev/pkg/test/logging/logging.go b/vendor/knative.dev/pkg/test/logging/logging.go index 74df6dfdeaa..0946077aa65 100644 --- a/vendor/knative.dev/pkg/test/logging/logging.go +++ b/vendor/knative.dev/pkg/test/logging/logging.go @@ -67,6 +67,8 @@ func (e *zapMetricExporter) ExportView(vd *view.Data) { // GetEmitableSpan starts and returns a trace.Span with a name that // is used by the ExportSpan method to emit the span. +// +//nolint:spancheck func GetEmitableSpan(ctx context.Context, metricName string) *trace.Span { _, span := trace.StartSpan(ctx, emitableSpanNamePrefix+metricName) return span diff --git a/vendor/knative.dev/pkg/test/logstream/v2/stream.go b/vendor/knative.dev/pkg/test/logstream/v2/stream.go index 1a37a54d2fa..9b5c42454db 100644 --- a/vendor/knative.dev/pkg/test/logstream/v2/stream.go +++ b/vendor/knative.dev/pkg/test/logstream/v2/stream.go @@ -156,7 +156,6 @@ func (s *logSource) watchPods() error { s.startForPod(p) } } - } } }() diff --git a/vendor/knative.dev/pkg/tracing/config/tracing.go b/vendor/knative.dev/pkg/tracing/config/tracing.go index 4d1831fc1bc..633ce3d4b20 100644 --- a/vendor/knative.dev/pkg/tracing/config/tracing.go +++ b/vendor/knative.dev/pkg/tracing/config/tracing.go @@ -135,12 +135,12 @@ func JSONToTracingConfig(jsonCfg string) (*Config, error) { cfg, err := NewTracingConfigFromMap(configMap) if err != nil { - return NoopConfig(), nil + return NoopConfig(), nil //nolint:nilerr } return cfg, nil } -func TracingConfigToJSON(cfg *Config) (string, error) { //nolint // for backcompat. +func TracingConfigToJSON(cfg *Config) (string, error) { if cfg == nil { return "", nil } @@ -150,7 +150,7 @@ func TracingConfigToJSON(cfg *Config) (string, error) { //nolint // for backcomp if cfg.ZipkinEndpoint != "" { out[zipkinEndpointKey] = cfg.ZipkinEndpoint } - out[debugKey] = fmt.Sprint(cfg.Debug) + out[debugKey] = strconv.FormatBool(cfg.Debug) out[sampleRateKey] = fmt.Sprint(cfg.SampleRate) jsonCfg, err := json.Marshal(out) diff --git a/vendor/knative.dev/pkg/webhook/json/decode.go b/vendor/knative.dev/pkg/webhook/json/decode.go index c8e57079074..57720e81d23 100644 --- a/vendor/knative.dev/pkg/webhook/json/decode.go +++ b/vendor/knative.dev/pkg/webhook/json/decode.go @@ -19,6 +19,7 @@ package json import ( "bytes" "encoding/json" + "errors" "io" ) @@ -95,7 +96,7 @@ func findMetadataOffsets(bites []byte) (start, end int64, err error) { for { t, err = dec.Token() - if err == io.EOF { //nolint + if errors.Is(err, io.EOF) { break } if err != nil { diff --git a/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go b/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go index 233af0d389d..b7f1ba0c7e7 100644 --- a/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go +++ b/vendor/knative.dev/pkg/webhook/psbinding/reconciler.go @@ -113,7 +113,7 @@ func (r *BaseReconciler) Reconcile(ctx context.Context, key string) error { namespace, name, err := cache.SplitMetaNamespaceKey(key) if err != nil { logging.FromContext(ctx).Error("invalid resource key: ", key) - return nil + return nil //nolint:nilerr } // Only the leader should reconcile binding resources. @@ -391,7 +391,6 @@ func (r *BaseReconciler) ReconcileSubject(ctx context.Context, fb Bindable, muta // For each of the referents, apply the mutation. eg := errgroup.Group{} for _, ps := range referents { - ps := ps eg.Go(func() error { // Do the binding to the pod specable. orig := ps.DeepCopy() diff --git a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go index ed5b8349207..94093e64825 100644 --- a/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go +++ b/vendor/knative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go @@ -160,7 +160,8 @@ func (ac *reconciler) decodeRequestAndPrepareContext( return ctx, newObj, nil } -func validate(ctx context.Context, resource resourcesemantics.GenericCRD, req *admissionv1.AdmissionRequest) (err error, warn []error) { //nolint +//nolint:stylecheck +func validate(ctx context.Context, resource resourcesemantics.GenericCRD, req *admissionv1.AdmissionRequest) (err error, warn []error) { logger := logging.FromContext(ctx) // Only run validation for supported create and update validation. diff --git a/vendor/knative.dev/pkg/webhook/webhook.go b/vendor/knative.dev/pkg/webhook/webhook.go index e91262db2c1..e05c6f041ef 100644 --- a/vendor/knative.dev/pkg/webhook/webhook.go +++ b/vendor/knative.dev/pkg/webhook/webhook.go @@ -176,6 +176,7 @@ func New( // a new secret informer from it. secretInformer := kubeinformerfactory.Get(ctx).Core().V1().Secrets() + //nolint:gosec // operator configures TLS min version (default is 1.3) webhook.tlsConfig = &tls.Config{ MinVersion: opts.TLSMinVersion, diff --git a/vendor/modules.txt b/vendor/modules.txt index d9867624908..a0c170ce403 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1058,7 +1058,7 @@ knative.dev/hack/schema/commands knative.dev/hack/schema/docs knative.dev/hack/schema/registry knative.dev/hack/schema/schema -# knative.dev/pkg v0.0.0-20240625072707-8535fcc248ae +# knative.dev/pkg v0.0.0-20240626134149-3f6a546ac3a4 ## explicit; go 1.22 knative.dev/pkg/apiextensions/storageversion knative.dev/pkg/apiextensions/storageversion/cmd/migrate From 6992e6fb52bcae3ba9b2e6adc54824ab4eda2fdb Mon Sep 17 00:00:00 2001 From: Pierangelo Di Pilato Date: Thu, 27 Jun 2024 17:08:31 +0200 Subject: [PATCH 7/8] Avoid fatal errors for unknown features flags that can be added in a future release (#8051) Signed-off-by: Pierangelo Di Pilato --- pkg/apis/feature/features.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkg/apis/feature/features.go b/pkg/apis/feature/features.go index 982ca8c67e0..4d6c235df15 100644 --- a/pkg/apis/feature/features.go +++ b/pkg/apis/feature/features.go @@ -18,6 +18,7 @@ package feature import ( "fmt" + "log" "strings" corev1 "k8s.io/api/core/v1" @@ -186,7 +187,8 @@ func NewFlagsConfigFromMap(data map[string]string) (Flags, error) { } else if strings.Contains(k, NodeSelectorLabel) { flags[sanitizedKey] = Flag(v) } else { - return flags, fmt.Errorf("cannot parse the feature flag '%s' = '%s'", k, v) + flags[k] = Flag(v) + log.Printf("Warning: unknown feature flag value %q=%q\n", k, v) } } From beb71bea9bf8175fa73e2b68e35f722aa218b6c5 Mon Sep 17 00:00:00 2001 From: Dharmjit Singh Date: Fri, 28 Jun 2024 17:02:49 +0530 Subject: [PATCH 8/8] Add EventPolicy Reconciler (#8024) * add eventpolicy reconciler Signed-off-by: Dharmjit Singh * Fixed Review Comments * fixed eventpolicy api unit test Signed-off-by: Dharmjit Singh * Fixed more review comments Signed-off-by: Dharmjit Singh * Fixed more review comments-2 Signed-off-by: Dharmjit Singh * Fixed eventpolicy unittests organization/naming Signed-off-by: Dharmjit Singh --------- Signed-off-by: Dharmjit Singh --- cmd/controller/main.go | 2 + .../v1alpha1/eventpolicy_lifecycle.go | 44 +++- .../v1alpha1/eventpolicy_lifecycle_test.go | 121 ++++++++- pkg/reconciler/channel/channel_test.go | 4 +- pkg/reconciler/eventpolicy/controller.go | 47 ++++ pkg/reconciler/eventpolicy/controller_test.go | 39 +++ pkg/reconciler/eventpolicy/eventpolicy.go | 55 ++++ .../eventpolicy/eventpolicy_test.go | 239 ++++++++++++++++++ .../controller/inmemorychannel_test.go | 4 +- pkg/reconciler/testing/v1/eventpolicy.go | 77 +++++- .../ducks/duck/v1/authstatus/fake/fake.go | 30 +++ vendor/modules.txt | 1 + 12 files changed, 625 insertions(+), 38 deletions(-) create mode 100644 pkg/reconciler/eventpolicy/controller.go create mode 100644 pkg/reconciler/eventpolicy/controller_test.go create mode 100644 pkg/reconciler/eventpolicy/eventpolicy.go create mode 100644 pkg/reconciler/eventpolicy/eventpolicy_test.go create mode 100644 vendor/knative.dev/pkg/client/injection/ducks/duck/v1/authstatus/fake/fake.go diff --git a/cmd/controller/main.go b/cmd/controller/main.go index 79fd5588fed..5b01605a5da 100644 --- a/cmd/controller/main.go +++ b/cmd/controller/main.go @@ -34,6 +34,7 @@ import ( "knative.dev/eventing/pkg/apis/sinks" "knative.dev/eventing/pkg/auth" "knative.dev/eventing/pkg/eventingtls" + "knative.dev/eventing/pkg/reconciler/eventpolicy" "knative.dev/eventing/pkg/reconciler/jobsink" "knative.dev/eventing/pkg/reconciler/apiserversource" @@ -93,6 +94,7 @@ func main() { // Eventing eventtype.NewController, + eventpolicy.NewController, // Flows parallel.NewController, diff --git a/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle.go b/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle.go index 30c8575eac9..a74431f0d78 100644 --- a/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle.go +++ b/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle.go @@ -1,5 +1,5 @@ /* -Copyright 2020 The Knative Authors +Copyright 2024 The Knative Authors Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -20,10 +20,12 @@ import ( "knative.dev/pkg/apis" ) -var eventPolicyCondSet = apis.NewLivingConditionSet() +var eventPolicyCondSet = apis.NewLivingConditionSet(EventPolicyConditionAuthenticationEnabled, EventPolicyConditionSubjectsResolved) const ( - EventPolicyConditionReady = apis.ConditionReady + EventPolicyConditionReady = apis.ConditionReady + EventPolicyConditionAuthenticationEnabled apis.ConditionType = "AuthenticationEnabled" + EventPolicyConditionSubjectsResolved apis.ConditionType = "SubjectsResolved" ) // GetConditionSet retrieves the condition set for this resource. Implements the KRShaped interface. @@ -32,21 +34,41 @@ func (*EventPolicy) GetConditionSet() apis.ConditionSet { } // GetCondition returns the condition currently associated with the given type, or nil. -func (et *EventPolicyStatus) GetCondition(t apis.ConditionType) *apis.Condition { - return eventPolicyCondSet.Manage(et).GetCondition(t) +func (ep *EventPolicyStatus) GetCondition(t apis.ConditionType) *apis.Condition { + return eventPolicyCondSet.Manage(ep).GetCondition(t) } // IsReady returns true if the resource is ready overall. -func (et *EventPolicyStatus) IsReady() bool { - return et.GetTopLevelCondition().IsTrue() +func (ep *EventPolicyStatus) IsReady() bool { + return ep.GetTopLevelCondition().IsTrue() } // GetTopLevelCondition returns the top level Condition. -func (et *EventPolicyStatus) GetTopLevelCondition() *apis.Condition { - return eventPolicyCondSet.Manage(et).GetTopLevelCondition() +func (ep *EventPolicyStatus) GetTopLevelCondition() *apis.Condition { + return eventPolicyCondSet.Manage(ep).GetTopLevelCondition() } // InitializeConditions sets relevant unset conditions to Unknown state. -func (et *EventPolicyStatus) InitializeConditions() { - eventPolicyCondSet.Manage(et).InitializeConditions() +func (ep *EventPolicyStatus) InitializeConditions() { + eventPolicyCondSet.Manage(ep).InitializeConditions() +} + +// MarkOIDCAuthenticationEnabled sets EventPolicyConditionAuthenticationEnabled condition to true. +func (ep *EventPolicyStatus) MarkOIDCAuthenticationEnabled() { + eventPolicyCondSet.Manage(ep).MarkTrue(EventPolicyConditionAuthenticationEnabled) +} + +// MarkOIDCAuthenticationDisabled sets EventPolicyConditionAuthenticationEnabled condition to false. +func (ep *EventPolicyStatus) MarkOIDCAuthenticationDisabled(reason, messageFormat string, messageA ...interface{}) { + eventPolicyCondSet.Manage(ep).MarkFalse(EventPolicyConditionAuthenticationEnabled, reason, messageFormat, messageA...) +} + +// MarkSubjectsResolved sets EventPolicyConditionSubjectsResolved condition to true. +func (ep *EventPolicyStatus) MarkSubjectsResolvedSucceeded() { + eventPolicyCondSet.Manage(ep).MarkTrue(EventPolicyConditionSubjectsResolved) +} + +// MarkSubjectsNotResolved sets EventPolicyConditionSubjectsResolved condition to false. +func (ep *EventPolicyStatus) MarkSubjectsResolvedFailed(reason, messageFormat string, messageA ...interface{}) { + eventPolicyCondSet.Manage(ep).MarkFalse(EventPolicyConditionSubjectsResolved, reason, messageFormat, messageA...) } diff --git a/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle_test.go b/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle_test.go index 1f18f054a1f..620c2b595df 100644 --- a/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle_test.go +++ b/pkg/apis/eventing/v1alpha1/eventpolicy_lifecycle_test.go @@ -49,12 +49,12 @@ func TestEventPolicyGetConditionSet(t *testing.T) { func TestEventPolicyGetCondition(t *testing.T) { tests := []struct { name string - ets *EventPolicyStatus + eps *EventPolicyStatus condQuery apis.ConditionType want *apis.Condition }{{ name: "single condition", - ets: &EventPolicyStatus{ + eps: &EventPolicyStatus{ Status: duckv1.Status{ Conditions: []apis.Condition{ eventPolicyConditionReady, @@ -67,7 +67,7 @@ func TestEventPolicyGetCondition(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - got := test.ets.GetCondition(test.condQuery) + got := test.eps.GetCondition(test.condQuery) if diff := cmp.Diff(test.want, got); diff != "" { t.Error("unexpected condition (-want, +got) =", diff) } @@ -78,18 +78,27 @@ func TestEventPolicyGetCondition(t *testing.T) { func TestEventPolicyInitializeConditions(t *testing.T) { tests := []struct { name string - ets *EventPolicyStatus + eps *EventPolicyStatus want *EventPolicyStatus }{ { name: "empty", - ets: &EventPolicyStatus{}, + eps: &EventPolicyStatus{}, want: &EventPolicyStatus{ Status: duckv1.Status{ - Conditions: []apis.Condition{{ - Type: EventPolicyConditionReady, - Status: corev1.ConditionUnknown, - }, + Conditions: []apis.Condition{ + { + Type: EventPolicyConditionAuthenticationEnabled, + Status: corev1.ConditionUnknown, + }, + { + Type: EventPolicyConditionReady, + Status: corev1.ConditionUnknown, + }, + { + Type: EventPolicyConditionSubjectsResolved, + Status: corev1.ConditionUnknown, + }, }, }, }, @@ -98,10 +107,100 @@ func TestEventPolicyInitializeConditions(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - test.ets.InitializeConditions() - if diff := cmp.Diff(test.want, test.ets, ignoreAllButTypeAndStatus); diff != "" { + test.eps.InitializeConditions() + if diff := cmp.Diff(test.want, test.eps, ignoreAllButTypeAndStatus); diff != "" { t.Error("unexpected conditions (-want, +got) =", diff) } }) } } + +func TestEventPolicyReadyCondition(t *testing.T) { + tests := []struct { + name string + eps *EventPolicyStatus + markOIDCAuthenticationEnabled bool + markSubjectsResolvedSucceeded bool + wantReady bool + }{ + { + name: "Initially everything is Unknown, Auth&SubjectsResolved marked as true, EP should become Ready", + eps: &EventPolicyStatus{ + Status: duckv1.Status{ + Conditions: []apis.Condition{ + {Type: EventPolicyConditionReady, Status: corev1.ConditionUnknown}, + {Type: EventPolicyConditionAuthenticationEnabled, Status: corev1.ConditionUnknown}, + {Type: EventPolicyConditionSubjectsResolved, Status: corev1.ConditionUnknown}, + }, + }, + }, + markOIDCAuthenticationEnabled: true, + markSubjectsResolvedSucceeded: true, + wantReady: true, + }, + { + name: "Initially everything is True, Auth&SubjectsResolved stay true, EP should stay Ready", + eps: &EventPolicyStatus{ + Status: duckv1.Status{ + Conditions: []apis.Condition{ + {Type: EventPolicyConditionReady, Status: corev1.ConditionTrue}, + {Type: EventPolicyConditionAuthenticationEnabled, Status: corev1.ConditionTrue}, + {Type: EventPolicyConditionSubjectsResolved, Status: corev1.ConditionTrue}, + }, + }, + }, + markOIDCAuthenticationEnabled: true, + markSubjectsResolvedSucceeded: true, + wantReady: true, + }, + { + name: "Initially everything is True, then AuthenticationEnabled marked as False, EP should become NotReady", + eps: &EventPolicyStatus{ + Status: duckv1.Status{ + Conditions: []apis.Condition{ + {Type: EventPolicyConditionReady, Status: corev1.ConditionTrue}, + {Type: EventPolicyConditionAuthenticationEnabled, Status: corev1.ConditionTrue}, + {Type: EventPolicyConditionSubjectsResolved, Status: corev1.ConditionTrue}, + }, + }, + }, + markOIDCAuthenticationEnabled: false, + markSubjectsResolvedSucceeded: true, + wantReady: false, + }, + { + name: "Initially everything is True, then SubjectsResolved marked as False, EP should become NotReady", + eps: &EventPolicyStatus{ + Status: duckv1.Status{ + Conditions: []apis.Condition{ + {Type: EventPolicyConditionReady, Status: corev1.ConditionTrue}, + {Type: EventPolicyConditionAuthenticationEnabled, Status: corev1.ConditionTrue}, + {Type: EventPolicyConditionSubjectsResolved, Status: corev1.ConditionTrue}, + }, + }, + }, + markOIDCAuthenticationEnabled: true, + markSubjectsResolvedSucceeded: false, + wantReady: false, + }, + } + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + if test.markOIDCAuthenticationEnabled { + test.eps.MarkOIDCAuthenticationEnabled() + } else { + test.eps.MarkOIDCAuthenticationDisabled("OIDCAuthenticationDisabled", "") + } + if test.markSubjectsResolvedSucceeded { + test.eps.MarkSubjectsResolvedSucceeded() + } else { + test.eps.MarkSubjectsResolvedFailed("SubjectsNotResolved", "") + } + ep := EventPolicy{Status: *test.eps} + got := ep.GetConditionSet().Manage(test.eps).IsHappy() + if test.wantReady != got { + t.Errorf("unexpected readiness: want %v, got %v", test.wantReady, got) + } + }) + } +} diff --git a/pkg/reconciler/channel/channel_test.go b/pkg/reconciler/channel/channel_test.go index 783abe359a2..c1796379bc1 100644 --- a/pkg/reconciler/channel/channel_test.go +++ b/pkg/reconciler/channel/channel_test.go @@ -400,7 +400,7 @@ func TestReconcile(t *testing.T) { WithInMemoryChannelDLSUnknown(), WithInMemoryChannelEventPoliciesReady()), NewEventPolicy(unreadyEventPolicyName, testNS, - WithUnreadyEventPolicyCondition, + WithUnreadyEventPolicyCondition("", ""), WithEventPolicyToRef(channelV1GVK, channelName), ), NewEventPolicy(fmt.Sprintf("%s-%s", unreadyEventPolicyName, channelName), testNS, @@ -453,7 +453,7 @@ func TestReconcile(t *testing.T) { WithEventPolicyToRef(channelV1GVK, channelName), ), NewEventPolicy(unreadyEventPolicyName, testNS, - WithUnreadyEventPolicyCondition, + WithUnreadyEventPolicyCondition("", ""), WithEventPolicyToRef(channelV1GVK, channelName), ), NewEventPolicy(fmt.Sprintf("%s-%s", readyEventPolicyName, channelName), testNS, diff --git a/pkg/reconciler/eventpolicy/controller.go b/pkg/reconciler/eventpolicy/controller.go new file mode 100644 index 00000000000..58b66b06022 --- /dev/null +++ b/pkg/reconciler/eventpolicy/controller.go @@ -0,0 +1,47 @@ +/* +Copyright 2024 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package eventpolicy + +import ( + "context" + + eventpolicyinformer "knative.dev/eventing/pkg/client/injection/informers/eventing/v1alpha1/eventpolicy" + eventpolicyreconciler "knative.dev/eventing/pkg/client/injection/reconciler/eventing/v1alpha1/eventpolicy" + "knative.dev/pkg/configmap" + "knative.dev/pkg/controller" + "knative.dev/pkg/resolver" +) + +// NewController initializes the controller and is called by the generated code +// Registers event handlers to enqueue events +func NewController( + ctx context.Context, + cmw configmap.Watcher, +) *controller.Impl { + // Access informers + eventPolicyInformer := eventpolicyinformer.Get(ctx) + + r := &Reconciler{} + impl := eventpolicyreconciler.NewImpl(ctx, r) + + r.authResolver = resolver.NewAuthenticatableResolverFromTracker(ctx, impl.Tracker) + + // Set up event handlers + eventPolicyInformer.Informer().AddEventHandler(controller.HandleAll(impl.Enqueue)) + + return impl +} diff --git a/pkg/reconciler/eventpolicy/controller_test.go b/pkg/reconciler/eventpolicy/controller_test.go new file mode 100644 index 00000000000..2ddea353dc3 --- /dev/null +++ b/pkg/reconciler/eventpolicy/controller_test.go @@ -0,0 +1,39 @@ +/* +Copyright 2024 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package eventpolicy + +import ( + "testing" + + "knative.dev/pkg/configmap" + + . "knative.dev/pkg/reconciler/testing" + + // Fake injection informers + _ "knative.dev/eventing/pkg/client/injection/informers/eventing/v1alpha1/eventpolicy/fake" + _ "knative.dev/pkg/client/injection/ducks/duck/v1/authstatus/fake" +) + +func TestNew(t *testing.T) { + ctx, _ := SetupFakeContext(t) + + c := NewController(ctx, configmap.NewStaticWatcher()) + + if c == nil { + t.Fatal("Expected NewController to return a non-nil value") + } +} diff --git a/pkg/reconciler/eventpolicy/eventpolicy.go b/pkg/reconciler/eventpolicy/eventpolicy.go new file mode 100644 index 00000000000..959181e1943 --- /dev/null +++ b/pkg/reconciler/eventpolicy/eventpolicy.go @@ -0,0 +1,55 @@ +/* +Copyright 2024 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package eventpolicy + +import ( + "context" + "fmt" + + "knative.dev/eventing/pkg/apis/eventing/v1alpha1" + "knative.dev/eventing/pkg/apis/feature" + "knative.dev/eventing/pkg/auth" + pkgreconciler "knative.dev/pkg/reconciler" + "knative.dev/pkg/resolver" +) + +type Reconciler struct { + authResolver *resolver.AuthenticatableResolver +} + +// ReconcileKind implements Interface.ReconcileKind. +// 1. Verify the Reference exists. +func (r *Reconciler) ReconcileKind(ctx context.Context, ep *v1alpha1.EventPolicy) pkgreconciler.Event { + featureFlags := feature.FromContext(ctx) + if featureFlags.IsOIDCAuthentication() { + ep.Status.MarkOIDCAuthenticationEnabled() + } else { + ep.Status.MarkOIDCAuthenticationDisabled("OIDCAuthenticationDisabled", "") + return nil + } + // We reconcile the status of the EventPolicy + // by looking at all .spec.from[].refs have subjects + // and accordingly set the eventpolicy status + subjects, err := auth.ResolveSubjects(r.authResolver, ep) + if err != nil { + ep.Status.MarkSubjectsResolvedFailed("SubjectsNotResolved", err.Error()) + return fmt.Errorf("failed to resolve .spec.from[].ref: %w", err) + } + ep.Status.MarkSubjectsResolvedSucceeded() + ep.Status.From = subjects + return nil +} diff --git a/pkg/reconciler/eventpolicy/eventpolicy_test.go b/pkg/reconciler/eventpolicy/eventpolicy_test.go new file mode 100644 index 00000000000..dcc7ab0ec44 --- /dev/null +++ b/pkg/reconciler/eventpolicy/eventpolicy_test.go @@ -0,0 +1,239 @@ +/* +Copyright 2024 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package eventpolicy + +import ( + "context" + "fmt" + "testing" + + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" + clientgotesting "k8s.io/client-go/testing" + "knative.dev/eventing/pkg/apis/feature" + sourcesv1 "knative.dev/eventing/pkg/apis/sources/v1" + fakeeventingclient "knative.dev/eventing/pkg/client/injection/client/fake" + "knative.dev/eventing/pkg/client/injection/reconciler/eventing/v1alpha1/eventpolicy" + . "knative.dev/eventing/pkg/reconciler/testing/v1" + duckv1authstatus "knative.dev/pkg/client/injection/ducks/duck/v1/authstatus" + "knative.dev/pkg/configmap" + "knative.dev/pkg/controller" + logtesting "knative.dev/pkg/logging/testing" + . "knative.dev/pkg/reconciler/testing" + "knative.dev/pkg/resolver" + "knative.dev/pkg/tracker" +) + +const ( + testNS = "test-namespace" + eventPolicyName = "test-eventpolicy" + pingSourceName = "test-pingsource" + apiServerSourceName = "test-apiserversource" + serviceAccountname = "test-sa" +) + +var ( + pingSourceWithServiceAccount = NewPingSource(pingSourceName, testNS, WithPingSourceOIDCServiceAccountName(serviceAccountname)) + apiServerSourceWithServiceAccount = NewApiServerSource(apiServerSourceName, testNS, WithApiServerSourceOIDCServiceAccountName((serviceAccountname))) + pingSourceGVK = v1.GroupVersionKind(sourcesv1.SchemeGroupVersion.WithKind("PingSource")) + apiServerSourceGVK = v1.GroupVersionKind(sourcesv1.SchemeGroupVersion.WithKind("APIServerSource")) + SubjectsNotResolvedErrorMessage = fmt.Sprintf("could not resolve subjects from reference: could not resolve auth status: failed to get authenticatable %s/%s: failed to get object %s/%s: pingsources.sources.knative.dev \"%s\" not found", testNS, pingSourceName, testNS, pingSourceName, pingSourceName) + SubjectsNotResolvedEventMessage = fmt.Sprintf("Warning InternalError failed to resolve .spec.from[].ref: could not resolve subjects from reference: could not resolve auth status: failed to get authenticatable %s/%s: failed to get object %s/%s: pingsources.sources.knative.dev \"%s\" not found", testNS, pingSourceName, testNS, pingSourceName, pingSourceName) +) + +func TestReconcile(t *testing.T) { + table := TableTest{ + { + Name: "bad workqueue key", + // Make sure Reconcile handles bad keys. + Key: "too/many/parts", + }, + // test cases for authentication-oidc feature disabled + { + Name: "with oidc disabled, status set to NotReady", + Ctx: feature.ToContext(context.TODO(), feature.Flags{ + feature.OIDCAuthentication: feature.Disabled, + }), + Key: testNS + "/" + eventPolicyName, + Objects: []runtime.Object{ + NewEventPolicy(eventPolicyName, testNS, + WithInitEventPolicyConditions, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + ), + }, + WantStatusUpdates: []clientgotesting.UpdateActionImpl{ + { + Object: NewEventPolicy(eventPolicyName, testNS, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + WithEventPolicyAuthenticationDisabledCondition, + WithUnreadyEventPolicyCondition("OIDCAuthenticationDisabled", ""), + WithEventPolicySubjectsResolvedUnknown, + ), + }, + }, + WantErr: false, + }, + + // test cases for authentication-oidc feature enabled + { + Name: "subject not found, status set to NotReady", + Ctx: feature.ToContext(context.TODO(), feature.Flags{ + feature.OIDCAuthentication: feature.Enabled, + }), + Key: testNS + "/" + eventPolicyName, + Objects: []runtime.Object{ + NewEventPolicy(eventPolicyName, testNS, + WithInitEventPolicyConditions, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + ), + }, + WantStatusUpdates: []clientgotesting.UpdateActionImpl{ + { + Object: NewEventPolicy(eventPolicyName, testNS, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + WithEventPolicyAuthenticationEnabledCondition, + WithUnreadyEventPolicyCondition("SubjectsNotResolved", SubjectsNotResolvedErrorMessage), + WithEventPolicySubjectsResolvedFailed("SubjectsNotResolved", SubjectsNotResolvedErrorMessage), + ), + }, + }, + WantEvents: []string{SubjectsNotResolvedEventMessage}, + WantErr: true, + }, + { + Name: "subject found for pingsource, status set to Ready", + Ctx: feature.ToContext(context.TODO(), feature.Flags{ + feature.OIDCAuthentication: feature.Enabled, + }), + Key: testNS + "/" + eventPolicyName, + Objects: []runtime.Object{ + pingSourceWithServiceAccount, + NewEventPolicy(eventPolicyName, testNS, + WithInitEventPolicyConditions, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS)), + }, + WantStatusUpdates: []clientgotesting.UpdateActionImpl{ + { + Object: NewEventPolicy(eventPolicyName, testNS, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + WithEventPolicyStatusFromSub([]string{fmt.Sprintf("system:serviceaccount:%s:%s", testNS, serviceAccountname)}), + WithEventPolicyAuthenticationEnabledCondition, + WithReadyEventPolicyCondition, + WithEventPolicySubjectsResolvedSucceeded, + ), + }, + }, + WantErr: false, + }, + { + Name: "subject found for apiserversource, status set to Ready", + Ctx: feature.ToContext(context.TODO(), feature.Flags{ + feature.OIDCAuthentication: feature.Enabled, + }), + Key: testNS + "/" + eventPolicyName, + Objects: []runtime.Object{ + apiServerSourceWithServiceAccount, + NewEventPolicy(eventPolicyName, testNS, + WithInitEventPolicyConditions, WithEventPolicyFrom(apiServerSourceGVK, apiServerSourceName, testNS)), + }, + WantStatusUpdates: []clientgotesting.UpdateActionImpl{ + { + Object: NewEventPolicy(eventPolicyName, testNS, + WithEventPolicyFrom(apiServerSourceGVK, apiServerSourceName, testNS), + WithEventPolicyStatusFromSub([]string{fmt.Sprintf("system:serviceaccount:%s:%s", testNS, serviceAccountname)}), + WithEventPolicyAuthenticationEnabledCondition, + WithReadyEventPolicyCondition, + WithEventPolicySubjectsResolvedSucceeded, + ), + }, + }, + WantErr: false, + }, + { + Name: "Multiple subjects found, status set to Ready", + Ctx: feature.ToContext(context.TODO(), feature.Flags{ + feature.OIDCAuthentication: feature.Enabled, + }), + Key: testNS + "/" + eventPolicyName, + Objects: []runtime.Object{ + apiServerSourceWithServiceAccount, + pingSourceWithServiceAccount, + NewEventPolicy(eventPolicyName, testNS, + WithInitEventPolicyConditions, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + WithEventPolicyFrom(apiServerSourceGVK, apiServerSourceName, testNS)), + }, + WantStatusUpdates: []clientgotesting.UpdateActionImpl{ + { + Object: NewEventPolicy(eventPolicyName, testNS, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + WithEventPolicyFrom(apiServerSourceGVK, apiServerSourceName, testNS), + WithEventPolicyStatusFromSub([]string{ + fmt.Sprintf("system:serviceaccount:%s:%s", testNS, serviceAccountname), + fmt.Sprintf("system:serviceaccount:%s:%s", testNS, serviceAccountname), + }), + WithEventPolicyAuthenticationEnabledCondition, + WithReadyEventPolicyCondition, + WithEventPolicySubjectsResolvedSucceeded, + ), + }, + }, + WantErr: false, + }, + + // test cases for authentication-oidc feature disabled afterwards + { + Name: "Ready status EventPolicy updated to NotReady", + Ctx: feature.ToContext(context.TODO(), feature.Flags{ + feature.OIDCAuthentication: feature.Disabled, + }), + Key: testNS + "/" + eventPolicyName, + Objects: []runtime.Object{ + pingSourceWithServiceAccount, + NewEventPolicy(eventPolicyName, testNS, + WithReadyEventPolicyCondition, + WithEventPolicyAuthenticationEnabledCondition, + WithEventPolicySubjectsResolvedSucceeded, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS)), + }, + WantStatusUpdates: []clientgotesting.UpdateActionImpl{ + { + Object: NewEventPolicy(eventPolicyName, testNS, + WithEventPolicyFrom(pingSourceGVK, pingSourceName, testNS), + WithEventPolicyAuthenticationDisabledCondition, + WithUnreadyEventPolicyCondition("OIDCAuthenticationDisabled", ""), + WithEventPolicySubjectsResolvedSucceeded, + ), + }, + }, + WantErr: false, + }, + } + logger := logtesting.TestLogger(t) + table.Test(t, MakeFactory(func(ctx context.Context, listers *Listers, cmw configmap.Watcher) controller.Reconciler { + ctx = duckv1authstatus.WithDuck(ctx) + r := &Reconciler{ + authResolver: resolver.NewAuthenticatableResolverFromTracker(ctx, tracker.New(func(types.NamespacedName) {}, 0))} + return eventpolicy.NewReconciler(ctx, logger, + fakeeventingclient.Get(ctx), listers.GetEventPolicyLister(), + controller.GetEventRecorder(ctx), r) + }, + false, + logger, + )) +} diff --git a/pkg/reconciler/inmemorychannel/controller/inmemorychannel_test.go b/pkg/reconciler/inmemorychannel/controller/inmemorychannel_test.go index f9f859444ba..79e5fa0e012 100644 --- a/pkg/reconciler/inmemorychannel/controller/inmemorychannel_test.go +++ b/pkg/reconciler/inmemorychannel/controller/inmemorychannel_test.go @@ -697,7 +697,7 @@ func TestAllCases(t *testing.T) { ), makeChannelService(NewInMemoryChannel(imcName, testNS)), NewEventPolicy(unreadyEventPolicyName, testNS, - WithUnreadyEventPolicyCondition, + WithUnreadyEventPolicyCondition("", ""), WithEventPolicyToRef(imcV1GVK, imcName), ), }, @@ -735,7 +735,7 @@ func TestAllCases(t *testing.T) { WithEventPolicyToRef(imcV1GVK, imcName), ), NewEventPolicy(unreadyEventPolicyName, testNS, - WithUnreadyEventPolicyCondition, + WithUnreadyEventPolicyCondition("", ""), WithEventPolicyToRef(imcV1GVK, imcName), ), }, diff --git a/pkg/reconciler/testing/v1/eventpolicy.go b/pkg/reconciler/testing/v1/eventpolicy.go index 0d2934ac6ce..442fd397483 100644 --- a/pkg/reconciler/testing/v1/eventpolicy.go +++ b/pkg/reconciler/testing/v1/eventpolicy.go @@ -44,25 +44,72 @@ func NewEventPolicy(name, namespace string, o ...EventPolicyOption) *v1alpha1.Ev return ep } -func WithInitEventPolicyConditions(et *v1alpha1.EventPolicy) { - et.Status.InitializeConditions() +func WithInitEventPolicyConditions(ep *v1alpha1.EventPolicy) { + ep.Status.InitializeConditions() } -func WithReadyEventPolicyCondition(ep *v1alpha1.EventPolicy) { - ep.Status.Conditions = []apis.Condition{ - { - Type: v1alpha1.EventPolicyConditionReady, +func WithEventPolicyAuthenticationEnabledCondition(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ + Type: v1alpha1.EventPolicyConditionAuthenticationEnabled, Status: corev1.ConditionTrue, - }, + }) +} + +func WithEventPolicyAuthenticationDisabledCondition(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ + Type: v1alpha1.EventPolicyConditionAuthenticationEnabled, + Status: corev1.ConditionFalse, + Reason: "OIDCAuthenticationDisabled", + }) +} + +func WithEventPolicySubjectsResolvedSucceeded(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ + Type: v1alpha1.EventPolicyConditionSubjectsResolved, + Status: corev1.ConditionTrue, + }) +} + +func WithEventPolicySubjectsResolvedFailed(reason, message string) EventPolicyOption { + return func(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ + Type: v1alpha1.EventPolicyConditionSubjectsResolved, + Status: corev1.ConditionFalse, + Reason: reason, + Message: message, + }) } } -func WithUnreadyEventPolicyCondition(ep *v1alpha1.EventPolicy) { - ep.Status.Conditions = []apis.Condition{ - { +func WithEventPolicySubjectsResolvedUnknown(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ + Type: v1alpha1.EventPolicyConditionSubjectsResolved, + Status: corev1.ConditionUnknown, + }) +} + +func WithReadyEventPolicyCondition(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ Type: v1alpha1.EventPolicyConditionReady, - Status: corev1.ConditionFalse, - }, + Status: corev1.ConditionTrue, + }) +} + +func WithUnreadyEventPolicyCondition(reason, message string) EventPolicyOption { + return func(ep *v1alpha1.EventPolicy) { + ep.Status.Conditions = append(ep.Status.Conditions, + apis.Condition{ + Type: v1alpha1.EventPolicyConditionReady, + Status: corev1.ConditionFalse, + Reason: reason, + Message: message, + }) } } @@ -102,3 +149,9 @@ func WithEventPolicyOwnerReferences(ownerRefs ...metav1.OwnerReference) EventPol ep.ObjectMeta.OwnerReferences = append(ep.ObjectMeta.OwnerReferences, ownerRefs...) } } + +func WithEventPolicyStatusFromSub(subs []string) EventPolicyOption { + return func(ep *v1alpha1.EventPolicy) { + ep.Status.From = append(ep.Status.From, subs...) + } +} diff --git a/vendor/knative.dev/pkg/client/injection/ducks/duck/v1/authstatus/fake/fake.go b/vendor/knative.dev/pkg/client/injection/ducks/duck/v1/authstatus/fake/fake.go new file mode 100644 index 00000000000..47111b089b7 --- /dev/null +++ b/vendor/knative.dev/pkg/client/injection/ducks/duck/v1/authstatus/fake/fake.go @@ -0,0 +1,30 @@ +/* +Copyright 2022 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by injection-gen. DO NOT EDIT. + +package fake + +import ( + authstatus "knative.dev/pkg/client/injection/ducks/duck/v1/authstatus" + injection "knative.dev/pkg/injection" +) + +var Get = authstatus.Get + +func init() { + injection.Fake.RegisterDuck(authstatus.WithDuck) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index a0c170ce403..07b2b0163a6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1081,6 +1081,7 @@ knative.dev/pkg/client/injection/apiextensions/reconciler/apiextensions/v1/custo knative.dev/pkg/client/injection/ducks/duck/v1/addressable knative.dev/pkg/client/injection/ducks/duck/v1/addressable/fake knative.dev/pkg/client/injection/ducks/duck/v1/authstatus +knative.dev/pkg/client/injection/ducks/duck/v1/authstatus/fake knative.dev/pkg/client/injection/ducks/duck/v1/conditions knative.dev/pkg/client/injection/ducks/duck/v1/conditions/fake knative.dev/pkg/client/injection/ducks/duck/v1/kresource