diff --git a/glide.lock b/glide.lock index d716800ec9..57559f492a 100644 --- a/glide.lock +++ b/glide.lock @@ -1,5 +1,5 @@ hash: 3242396de82077cf03c242cfe43d626bf4a5b69be0be6ad4de530c7004a6edb2 -updated: 2019-07-31T14:54:14.270029363-04:00 +updated: 2019-08-02T14:02:34.100638375+02:00 imports: - name: github.com/apparentlymart/go-cidr version: b1115bf8e14a60131a196f908223e4506b0ddc35 @@ -268,7 +268,7 @@ imports: - operator/clientset/versioned/scheme - operator/clientset/versioned/typed/operator/v1 - name: github.com/openshift/library-go - version: 950af653b51af28697df79f1406fc9d21f722db8 + version: 2532fbc98082c0e00f29fca09d97bcb0d774b9d2 subpackages: - pkg/assets - pkg/certs @@ -287,6 +287,7 @@ imports: - pkg/operator/configobserver/cloudprovider - pkg/operator/configobserver/featuregates - pkg/operator/configobserver/network + - pkg/operator/configobserver/proxy - pkg/operator/events - pkg/operator/genericoperatorclient - pkg/operator/loglevel @@ -419,7 +420,7 @@ imports: - container/intsets - imports - name: google.golang.org/appengine - version: b2f4a3cf3c67576a2ee09e1fe62656a5086ce880 + version: fb139bde60fa77cede04f226b4d5a3cf68dcce27 subpackages: - internal - internal/base diff --git a/pkg/operator/configobservation/configobservercontroller/observe_config_controller.go b/pkg/operator/configobservation/configobservercontroller/observe_config_controller.go index 55733f5f3b..2d67ef8ce6 100644 --- a/pkg/operator/configobservation/configobservercontroller/observe_config_controller.go +++ b/pkg/operator/configobservation/configobservercontroller/observe_config_controller.go @@ -8,6 +8,7 @@ import ( "github.com/openshift/library-go/pkg/operator/configobserver" "github.com/openshift/library-go/pkg/operator/configobserver/cloudprovider" "github.com/openshift/library-go/pkg/operator/configobserver/featuregates" + "github.com/openshift/library-go/pkg/operator/configobserver/proxy" "github.com/openshift/library-go/pkg/operator/events" "github.com/openshift/library-go/pkg/operator/resourcesynccontroller" "github.com/openshift/library-go/pkg/operator/v1helpers" @@ -57,6 +58,7 @@ func NewConfigObserver( ImageConfigLister: configInformer.Config().V1().Images().Lister(), InfrastructureLister_: configInformer.Config().V1().Infrastructures().Lister(), NetworkLister: configInformer.Config().V1().Networks().Lister(), + ProxyLister_: configInformer.Config().V1().Proxies().Lister(), SchedulerLister: configInformer.Config().V1().Schedulers().Lister(), ConfigmapLister: kubeInformersForNamespaces.ConfigMapLister(), @@ -74,6 +76,7 @@ func NewConfigObserver( configInformer.Config().V1().Images().Informer().HasSynced, configInformer.Config().V1().Infrastructures().Informer().HasSynced, configInformer.Config().V1().Networks().Informer().HasSynced, + configInformer.Config().V1().Proxies().Informer().HasSynced, configInformer.Config().V1().Schedulers().Informer().HasSynced, ), }, @@ -93,6 +96,7 @@ func NewConfigObserver( network.ObserveRestrictedCIDRs, network.ObserveServicesSubnet, network.ObserveExternalIPPolicy, + proxy.NewProxyObserveFunc([]string{"targetconfigcontroller", "proxy"}), images.ObserveInternalRegistryHostname, images.ObserveExternalRegistryHostnames, images.ObserveAllowedRegistriesForImport, @@ -112,6 +116,7 @@ func NewConfigObserver( configInformer.Config().V1().Authentications().Informer().AddEventHandler(c.EventHandler()) configInformer.Config().V1().APIServers().Informer().AddEventHandler(c.EventHandler()) configInformer.Config().V1().Networks().Informer().AddEventHandler(c.EventHandler()) + configInformer.Config().V1().Proxies().Informer().AddEventHandler(c.EventHandler()) configInformer.Config().V1().Schedulers().Informer().AddEventHandler(c.EventHandler()) return c diff --git a/pkg/operator/configobservation/interfaces.go b/pkg/operator/configobservation/interfaces.go index c059a886fb..cb742e7178 100644 --- a/pkg/operator/configobservation/interfaces.go +++ b/pkg/operator/configobservation/interfaces.go @@ -18,6 +18,7 @@ type Listers struct { InfrastructureLister_ configlistersv1.InfrastructureLister ImageConfigLister configlistersv1.ImageLister NetworkLister configlistersv1.NetworkLister + ProxyLister_ configlistersv1.ProxyLister SchedulerLister configlistersv1.SchedulerLister OpenshiftEtcdEndpointsLister corelistersv1.EndpointsLister @@ -39,6 +40,10 @@ func (l Listers) ResourceSyncer() resourcesynccontroller.ResourceSyncer { return l.ResourceSync } +func (l Listers) ProxyLister() configlistersv1.ProxyLister { + return l.ProxyLister_ +} + func (l Listers) PreRunHasSynced() []cache.InformerSynced { return l.PreRunCachesSynced } diff --git a/pkg/operator/targetconfigcontroller/targetconfigcontroller.go b/pkg/operator/targetconfigcontroller/targetconfigcontroller.go index 68ae0cfdc1..f398090a87 100644 --- a/pkg/operator/targetconfigcontroller/targetconfigcontroller.go +++ b/pkg/operator/targetconfigcontroller/targetconfigcontroller.go @@ -7,6 +7,8 @@ import ( "strings" "time" + "github.com/ghodss/yaml" + "k8s.io/klog" corev1 "k8s.io/api/core/v1" @@ -20,6 +22,7 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/client-go/util/workqueue" + kubecontrolplanev1 "github.com/openshift/api/kubecontrolplane/v1" operatorv1 "github.com/openshift/api/operator/v1" "github.com/openshift/library-go/pkg/operator/events" "github.com/openshift/library-go/pkg/operator/resource/resourceapply" @@ -222,7 +225,15 @@ func manageKubeAPIServerConfig(client coreclientv1.ConfigMapsGetter, recorder ev ".oauthConfig": RemoveConfig, } - requiredConfigMap, _, err := resourcemerge.MergeConfigMap(configMap, "config.yaml", specialMergeRules, defaultConfig, operatorSpec.ObservedConfig.Raw, operatorSpec.UnsupportedConfigOverrides.Raw) + requiredConfigMap, _, err := resourcemerge.MergePrunedConfigMap( + &kubecontrolplanev1.KubeAPIServerConfig{}, + configMap, + "config.yaml", + specialMergeRules, + defaultConfig, + operatorSpec.ObservedConfig.Raw, + operatorSpec.UnsupportedConfigOverrides.Raw, + ) if err != nil { return nil, false, err } @@ -270,6 +281,20 @@ func managePod(client coreclientv1.ConfigMapsGetter, recorder events.Recorder, o } required.Spec.Containers[0].Args = append(required.Spec.Containers[0].Args, fmt.Sprintf("-v=%d", v)) + var observedConfig map[string]interface{} + if err := yaml.Unmarshal(operatorSpec.ObservedConfig.Raw, &observedConfig); err != nil { + return nil, false, fmt.Errorf("failed to unmarshal the observedConfig: %v", err) + } + proxyConfig, _, err := unstructured.NestedStringMap(observedConfig, "targetconfigcontroller", "proxy") + if err != nil { + return nil, false, fmt.Errorf("couldn't get the proxy config from observedConfig: %v", err) + } + + proxyEnvVars := proxyMapToEnvVars(proxyConfig) + for i, container := range required.Spec.Containers { + required.Spec.Containers[i].Env = append(container.Env, proxyEnvVars...) + } + configMap := resourceread.ReadConfigMapV1OrDie(v410_00_assets.MustAsset("v4.1.0/kube-apiserver/pod-cm.yaml")) configMap.Data["pod.yaml"] = resourceread.WritePodV1OrDie(required) configMap.Data["forceRedeploymentReason"] = operatorSpec.ForceRedeploymentReason @@ -405,3 +430,16 @@ func (c *TargetConfigController) namespaceEventHandler() cache.ResourceEventHand }, } } + +func proxyMapToEnvVars(proxyConfig map[string]string) []corev1.EnvVar { + if proxyConfig == nil { + return nil + } + + envVars := []corev1.EnvVar{} + for k, v := range proxyConfig { + envVars = append(envVars, corev1.EnvVar{Name: k, Value: v}) + } + + return envVars +} diff --git a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk index b8a8112c02..fffc5b3a3c 100644 --- a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk +++ b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk @@ -20,12 +20,12 @@ CODEGEN_GROUPS_VERSION :=openshiftapiserver:v1alpha1 # $ make -n --print-data-base | grep ^CODEGEN # This will call a macro called "build-image" which will generate image specific targets based on the parameters: -# $0 - macro name -# $1 - target suffix -# $2 - Dockerfile path -# $3 - context directory for image build +# $1 - target name +# $2 - image ref +# $3 - Dockerfile path +# $4 - context # It will generate target "image-$(1)" for builing the image an binding it as a prerequisite to target "images". -$(call build-image,origin-cluster-openshift-apiserver-operator,./Dockerfile,.) +$(call build-image,ocp-cli,registry.svc.ci.openshift.org/ocp/4.2:cli,./images/cli/Dockerfile.rhel,.) # This will call a macro called "add-bindata" which will generate bindata specific targets based on the parameters: # $0 - macro name diff --git a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk.help.log b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk.help.log index 3645ce965c..92aa6acdbb 100644 --- a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk.help.log +++ b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/default.example.mk.help.log @@ -4,7 +4,7 @@ build clean clean-binaries help -image-origin-cluster-openshift-apiserver-operator +image-ocp-cli images test test-unit diff --git a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk index 2f0326a9cb..7e6ff98d56 100644 --- a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk +++ b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk @@ -22,12 +22,12 @@ CODEGEN_GROUPS_VERSION :=openshiftapiserver:v1alpha1 # $ make -n --print-data-base | grep ^CODEGEN # This will call a macro called "build-image" which will generate image specific targets based on the parameters: -# $0 - macro name -# $1 - target suffix -# $2 - Dockerfile path -# $3 - context directory for image build +# $1 - target name +# $2 - image ref +# $3 - Dockerfile path +# $4 - context # It will generate target "image-$(1)" for builing the image an binding it as a prerequisite to target "images". -$(call build-image,origin-cluster-openshift-apiserver-operator,./Dockerfile,.) +$(call build-image,ocp-openshift-apiserver-operator,registry.svc.ci.openshift.org/ocp/4.2:openshift-apiserver-operator,./Dockerfile.rhel,.) # This will call a macro called "add-bindata" which will generate bindata specific targets based on the parameters: # $0 - macro name diff --git a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk.help.log b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk.help.log index 3645ce965c..a1489d212b 100644 --- a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk.help.log +++ b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/operator.example.mk.help.log @@ -4,7 +4,7 @@ build clean clean-binaries help -image-origin-cluster-openshift-apiserver-operator +image-ocp-openshift-apiserver-operator images test test-unit diff --git a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/targets/openshift/images.mk b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/targets/openshift/images.mk index b48741a739..00e76ac261 100644 --- a/vendor/github.com/openshift/library-go/alpha-build-machinery/make/targets/openshift/images.mk +++ b/vendor/github.com/openshift/library-go/alpha-build-machinery/make/targets/openshift/images.mk @@ -1,19 +1,23 @@ -IMAGE_REGISTRY ?= -IMAGE_ORG ?=openshift -IMAGE_TAG ?=latest - - # IMAGE_BUILD_EXTRA_FLAGS lets you add extra flags for imagebuilder # e.g. to mount secrets and repo information into base image like: # make images IMAGE_BUILD_EXTRA_FLAGS='-mount ~/projects/origin-repos/4.2/:/etc/yum.repos.d/' +IMAGE_BUILD_DEFAULT_FLAGS ?=--allow-pull IMAGE_BUILD_EXTRA_FLAGS ?= -# $1 - image name -# $2 - Dockerfile path -# $3 - context +# $1 - target name +# $2 - image ref +# $3 - Dockerfile path +# $4 - context define build-image-internal image-$(1): - $(strip imagebuilder --allow-pull $(IMAGE_BUILD_EXTRA_FLAGS) -f $(2) -t $(addsuffix /,$(IMAGE_REGISTRY))$(addsuffix /,$(IMAGE_ORG))$(1)$(addprefix :,$(IMAGE_TAG)) $(3)) + $(strip \ + imagebuilder \ + $(IMAGE_BUILD_DEFAULT_FLAGS) \ + -t $(2) + -f $(3) \ + $(IMAGE_BUILD_EXTRA_FLAGS) \ + $(4) \ + ) .PHONY: image-$(1) images: image-$(1) @@ -21,5 +25,5 @@ images: image-$(1) endef define build-image -$(eval $(call build-image-internal,$(1),$(2),$(3))) +$(eval $(call build-image-internal,$(1),$(2),$(3),$(4))) endef diff --git a/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy.go b/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy.go index 53988d6b8d..f06e784f06 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy.go @@ -56,7 +56,7 @@ func (f *observeProxyFlags) ObserveProxyConfig(genericListers configobserver.Lis } newProxyMap := proxyToMap(proxyConfig) - if len(newProxyMap) > 0 { + if newProxyMap != nil { if err := unstructured.SetNestedStringMap(observedConfig, newProxyMap, f.configPath...); err != nil { errs = append(errs, err) } @@ -84,5 +84,9 @@ func proxyToMap(proxy *configv1.Proxy) map[string]string { proxyMap["HTTPS_PROXY"] = httpsProxy } + if len(proxyMap) == 0 { + return nil + } + return proxyMap } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy_test.go b/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy_test.go index 4909ea8fc2..769fcfd3e6 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy_test.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/configobserver/proxy/observe_proxy_test.go @@ -33,10 +33,12 @@ func TestObserveProxyConfig(t *testing.T) { configPath := []string{"openshift", "proxy"} tests := []struct { - name string - proxySpec configv1.ProxySpec - expected map[string]interface{} - expectedError []error + name string + proxySpec configv1.ProxySpec + previous map[string]string + expected map[string]interface{} + expectedError []error + eventsExpected int }{ { name: "all unset", @@ -60,7 +62,8 @@ func TestObserveProxyConfig(t *testing.T) { }, }, }, - expectedError: []error{}, + expectedError: []error{}, + eventsExpected: 1, }, } for _, tt := range tests { @@ -86,6 +89,9 @@ func TestObserveProxyConfig(t *testing.T) { if !reflect.DeepEqual(errorsGot, tt.expectedError) { t.Errorf("observeProxyFlags.ObserveProxyConfig() errorsGot = %v, want %v", errorsGot, tt.expectedError) } + if events := eventRecorder.Events(); len(events) != tt.eventsExpected { + t.Errorf("expected %d events, but got %d: %v", tt.eventsExpected, len(events), events) + } }) } } diff --git a/vendor/github.com/openshift/library-go/pkg/operator/staticpod/controller/installer/installer_controller.go b/vendor/github.com/openshift/library-go/pkg/operator/staticpod/controller/installer/installer_controller.go index c8821a00ef..fd1314e6da 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/staticpod/controller/installer/installer_controller.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/staticpod/controller/installer/installer_controller.go @@ -600,7 +600,7 @@ func (c *InstallerController) newNodeStateForInstallInProgress(currNodeState *op ret.LastFailedRevision = currNodeState.TargetRevision ret.TargetRevision = 0 if len(errors) == 0 { - errors = append(errors, "no detailed termination message, see `oc get -n %q pods/%q -oyaml`", installerPod.Namespace, installerPod.Name) + errors = append(errors, fmt.Sprintf("no detailed termination message, see `oc get -n %q pods/%q -oyaml`", installerPod.Namespace, installerPod.Name)) } ret.LastFailedRevisionErrors = errors return ret, false, "installer pod failed", nil diff --git a/vendor/google.golang.org/appengine/capability/capability.go b/vendor/google.golang.org/appengine/capability/capability.go index 3a60bd55fe..35604d4a42 100644 --- a/vendor/google.golang.org/appengine/capability/capability.go +++ b/vendor/google.golang.org/appengine/capability/capability.go @@ -29,6 +29,11 @@ import ( // If the underlying RPC fails (if the package is unknown, for example), // false is returned and information is written to the application log. func Enabled(ctx context.Context, api, capability string) bool { + // For non datastore*/write requests always return ENABLED + if !(api == "datastore_v3" && capability == "write") { + return true + } + req := &pb.IsEnabledRequest{ Package: &api, Capability: []string{capability}, @@ -38,15 +43,5 @@ func Enabled(ctx context.Context, api, capability string) bool { log.Warningf(ctx, "capability.Enabled: RPC failed: %v", err) return false } - switch *res.SummaryStatus { - case pb.IsEnabledResponse_ENABLED, - pb.IsEnabledResponse_SCHEDULED_FUTURE, - pb.IsEnabledResponse_SCHEDULED_NOW: - return true - case pb.IsEnabledResponse_UNKNOWN: - log.Errorf(ctx, "capability.Enabled: unknown API capability %s/%s", api, capability) - return false - default: - return false - } + return *res.SummaryStatus == pb.IsEnabledResponse_ENABLED }