diff --git a/docs/cli/descheduler.md b/docs/cli/descheduler.md
index 5addbada02..28eff42aa5 100644
--- a/docs/cli/descheduler.md
+++ b/docs/cli/descheduler.md
@@ -35,6 +35,8 @@ descheduler [flags]
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--log-json-info-buffer-size quantity [Alpha] In JSON format with split output streams, the info messages can be buffered for a while to increase performance. The default value of zero bytes disables buffering. The size can be specified as number of bytes (512), multiples of 1000 (1K), multiples of 1024 (2Ki), or powers of those (3M, 4G, 5Mi, 6Gi). Enable the LoggingAlphaOptions feature gate to use this.
--log-json-split-stream [Alpha] In JSON format, write error messages to stderr and info messages to stdout. The default is to write a single stream to stdout. Enable the LoggingAlphaOptions feature gate to use this.
+ --log-text-info-buffer-size quantity [Alpha] In text format with split output streams, the info messages can be buffered for a while to increase performance. The default value of zero bytes disables buffering. The size can be specified as number of bytes (512), multiples of 1000 (1K), multiples of 1024 (2Ki), or powers of those (3M, 4G, 5Mi, 6Gi). Enable the LoggingAlphaOptions feature gate to use this.
+ --log-text-split-stream [Alpha] In text format, write error messages to stderr and info messages to stdout. The default is to write a single stream to stdout. Enable the LoggingAlphaOptions feature gate to use this.
--logging-format string Sets the log format. Permitted formats: "json" (gated by LoggingBetaOptions), "text". (default "text")
--otel-collector-endpoint string Set this flag to the OpenTelemetry Collector Service Address
--otel-fallback-no-op-on-error Fallback to NoOp Tracer in case of error
diff --git a/go.mod b/go.mod
index 15444736c3..53bd8b922c 100644
--- a/go.mod
+++ b/go.mod
@@ -7,20 +7,20 @@ require (
github.com/google/go-cmp v0.6.0
github.com/spf13/cobra v1.8.0
github.com/spf13/pflag v1.0.5
- go.opentelemetry.io/otel v1.22.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.22.0
- go.opentelemetry.io/otel/sdk v1.22.0
- go.opentelemetry.io/otel/trace v1.22.0
- google.golang.org/grpc v1.61.0
- k8s.io/api v0.29.1
- k8s.io/apimachinery v0.29.1
- k8s.io/apiserver v0.29.1
- k8s.io/client-go v0.29.1
- k8s.io/code-generator v0.29.1
- k8s.io/component-base v0.29.1
- k8s.io/component-helpers v0.29.1
- k8s.io/klog/v2 v2.110.1
+ go.opentelemetry.io/otel v1.24.0
+ go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0
+ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0
+ go.opentelemetry.io/otel/sdk v1.24.0
+ go.opentelemetry.io/otel/trace v1.24.0
+ google.golang.org/grpc v1.62.0
+ k8s.io/api v0.30.0-alpha.3
+ k8s.io/apimachinery v0.30.0-alpha.3
+ k8s.io/apiserver v0.30.0-alpha.3
+ k8s.io/client-go v0.30.0-alpha.3
+ k8s.io/code-generator v0.30.0-alpha.3
+ k8s.io/component-base v0.30.0-alpha.3
+ k8s.io/component-helpers v0.30.0-alpha.3
+ k8s.io/klog/v2 v2.120.1
k8s.io/utils v0.0.0-20240102154912-e7106e64919e
sigs.k8s.io/mdtoc v1.1.0
)
@@ -44,7 +44,7 @@ require (
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/go-logr/logr v1.4.1 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
- github.com/go-logr/zapr v1.2.3 // indirect
+ github.com/go-logr/zapr v1.3.0 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
@@ -55,9 +55,9 @@ require (
github.com/google/cel-go v0.17.7 // indirect
github.com/google/gnostic-models v0.6.8 // indirect
github.com/google/gofuzz v1.2.0 // indirect
- github.com/google/uuid v1.4.0 // indirect
+ github.com/google/uuid v1.6.0 // indirect
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
- github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
+ github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 // indirect
github.com/imdario/mergo v0.3.6 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
@@ -80,41 +80,37 @@ require (
go.etcd.io/etcd/client/v3 v3.5.10 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect
- go.opentelemetry.io/otel/metric v1.22.0 // indirect
- go.opentelemetry.io/proto/otlp v1.0.0 // indirect
- go.uber.org/atomic v1.10.0 // indirect
+ go.opentelemetry.io/otel/metric v1.24.0 // indirect
+ go.opentelemetry.io/proto/otlp v1.1.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
- go.uber.org/zap v1.19.0 // indirect
- golang.org/x/crypto v0.18.0 // indirect
+ go.uber.org/zap v1.26.0 // indirect
+ golang.org/x/crypto v0.19.0 // indirect
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
golang.org/x/mod v0.14.0 // indirect
golang.org/x/net v0.20.0 // indirect
- golang.org/x/oauth2 v0.14.0 // indirect
- golang.org/x/sync v0.5.0 // indirect
- golang.org/x/sys v0.16.0 // indirect
- golang.org/x/term v0.16.0 // indirect
+ golang.org/x/oauth2 v0.16.0 // indirect
+ golang.org/x/sync v0.6.0 // indirect
+ golang.org/x/sys v0.17.0 // indirect
+ golang.org/x/term v0.17.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.3.0 // indirect
golang.org/x/tools v0.16.1 // indirect
google.golang.org/appengine v1.6.8 // indirect
- google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 // indirect
- google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect
- google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
+ google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 // indirect
+ google.golang.org/genproto/googleapis/api v0.0.0-20240123012728-ef4313101c80 // indirect
+ google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 // indirect
google.golang.org/protobuf v1.32.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 // indirect
- k8s.io/kms v0.29.1 // indirect
- k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect
+ k8s.io/kms v0.30.0-alpha.3 // indirect
+ k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e // indirect
+ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)
-replace (
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0
- golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0
-)
+replace go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0
diff --git a/go.sum b/go.sum
index 916414f9fe..1b84efb0c0 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,4 @@
-cloud.google.com/go v0.110.10 h1:LXy9GEO+timppncPIAZoOj3l58LIU9k+kn48AN7IO3Y=
+cloud.google.com/go v0.112.0 h1:tpFCD7hpHFlQ8yPwT3x+QeXqc2T6+n6T+hmABHfDUSM=
cloud.google.com/go/compute v1.23.3 h1:6sVlXXBmbd7jNX0Ipq0trII3e4n1/MsADLK6a+aiVlk=
cloud.google.com/go/compute v1.23.3/go.mod h1:VCgBUoMnIVIR0CscqQiPJLAG25E3ZRZMzcFZeQ+h8CI=
cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY=
@@ -11,8 +11,6 @@ github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df h
github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df/go.mod h1:pSwJ0fSY5KhvocuWSx4fz3BA8OrA1bQn+K1Eli3BRwM=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
-github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
-github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
@@ -23,8 +21,8 @@ github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/client9/misspell v0.3.4 h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101 h1:7To3pQ+pZo0i3dsWEbinPNFs5gPSBOsJtx3wTT94VBY=
-github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa h1:jQCWAUqqlij9Pgj2i/PB79y4KOPYVyFYdROxgaCwdTQ=
+github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa/go.mod h1:x/1Gn8zydmfq8dk6e9PdstVsDgu9RuyIIJqAaF//0IM=
github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec=
github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs=
@@ -39,8 +37,8 @@ github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkp
github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
-github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA=
-github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE=
+github.com/envoyproxy/protoc-gen-validate v1.0.4 h1:gVPz/FMfvh57HdSJQyvBtF00j8JU4zdyUgIUNhlgg0A=
+github.com/envoyproxy/protoc-gen-validate v1.0.4/go.mod h1:qys6tmnRsYrQqIhm2bvKZH4Blx/1gTIZ2UKVY1M+Yew=
github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84=
github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk=
@@ -49,13 +47,12 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
-github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A=
-github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4=
+github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
+github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg=
github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
@@ -69,8 +66,6 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo=
-github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -97,8 +92,8 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
-github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw=
@@ -107,8 +102,8 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92Bcuy
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo=
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rHAxPBD8KFhJpmcqms=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 h1:Wqo399gCIufwto+VfwCSvsnfGpF/w5E9CNxSwbpD6No=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0/go.mod h1:qmOFXW2epJhM0qSnUUYpldc7gVz2KMQwJ/QYCDIa7XU=
github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28=
github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
@@ -121,7 +116,6 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@@ -143,11 +137,10 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4=
-github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o=
-github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg=
-github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ=
-github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
+github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
+github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE=
+github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -178,7 +171,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -213,47 +205,40 @@ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.4
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0/go.mod h1:r9vWsPS/3AQItv3OSlEJ/E4mbrhUbbw18meOjArPtKQ=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 h1:KfYpVmrjI7JuToy5k8XV3nkapjWx48k4E4JOtVstzQI=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0/go.mod h1:SeQhzAEccGVZVEy7aH87Nh0km+utSpo1pTv6eMMop48=
-go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y=
-go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0 h1:9M3+rhx7kZCIQQhQRYaZCdNu1V73tm4TvXs2ntl98C4=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0/go.mod h1:noq80iT8rrHP1SfybmPiRGc9dc5M8RPmGvtwo7Oo7tc=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.22.0 h1:H2JFgRcGiyHg7H7bwcwaQJYrNFqCqrbTQ8K4p1OvDu8=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.22.0/go.mod h1:WfCWp1bGoYK8MeULtI15MmQVczfR+bFkk0DF3h06QmQ=
-go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg=
-go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY=
-go.opentelemetry.io/otel/sdk v1.22.0 h1:6coWHw9xw7EfClIC/+O31R8IY3/+EiRFHevmHafB2Gw=
-go.opentelemetry.io/otel/sdk v1.22.0/go.mod h1:iu7luyVGYovrRpe2fmj3CVKouQNdTOkxtLzPvPz1DOc=
-go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0=
-go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo=
-go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I=
-go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM=
-go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
-go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
-go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
+go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo=
+go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 h1:t6wl9SPayj+c7lEIFgm4ooDBZVb01IhLB4InpomhRw8=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0/go.mod h1:iSDOcsnSA5INXzZtwaBPrKp/lWu/V14Dd+llD0oI2EA=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0 h1:Mw5xcxMwlqoJd97vwPxA8isEaIoxsta9/Q51+TTJLGE=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0/go.mod h1:CQNu9bj7o7mC6U7+CA/schKEYakYXWr79ucDHTMGhCM=
+go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI=
+go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco=
+go.opentelemetry.io/otel/sdk v1.24.0 h1:YMPPDNymmQN3ZgczicBY3B6sf9n62Dlj9pWD3ucgoDw=
+go.opentelemetry.io/otel/sdk v1.24.0/go.mod h1:KVrIYw6tEubO9E96HQpcmpTKDVn9gdv35HoYiQWGDFg=
+go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI=
+go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
+go.opentelemetry.io/proto/otlp v1.1.0 h1:2Di21piLrCqJ3U3eXGCTPHE9R8Nh+0uglSnOyxikMeI=
+go.opentelemetry.io/proto/otlp v1.1.0/go.mod h1:GpBHCBWiqvVLDqmHZsoMM3C5ySeKTC7ej/RNTae6MdY=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
-go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
-go.uber.org/zap v1.19.0 h1:mZQZefskPPCMIBCSEH0v2/iUqqLrYtaeqwD6FUGUnFE=
-go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
+go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
+go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
golang.org/dl v0.0.0-20190829154251-82a15e2f2ead/go.mod h1:IUMfjQLJQd4UTqG1Z90tenwKoCX93Gn3MAQJMOSBsDQ=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
-golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
+golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
+golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA=
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA=
-golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -262,15 +247,15 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
-golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0=
-golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM=
+golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ=
+golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
-golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
+golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -278,12 +263,12 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
-golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
-golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
+golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -293,8 +278,6 @@ golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
@@ -308,20 +291,19 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
-google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 h1:wpZ8pe2x1Q3f2KyT5f8oP/fa9rHAKgFPr/HZdNuS+PQ=
-google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:J7XzRzVy1+IPwWHZUzoD0IccYZIrXILAQpc+Qy9CMhY=
-google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 h1:JpwMPBpFN3uKhdaekDpiNlImDdkUAyiJ6ez/uxGaUSo=
-google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:0xJLfVdJqpAPl8tDg1ujOCGzx6LFLttXT5NhllGOXY4=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA=
-google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0=
-google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs=
+google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 h1:KAeGQVN3M9nD0/bQXnr/ClcEMJ968gUXJQ9pwfSynuQ=
+google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80/go.mod h1:cc8bqMqtv9gMOr0zHg2Vzff5ULhhL2IXP4sbcn32Dro=
+google.golang.org/genproto/googleapis/api v0.0.0-20240123012728-ef4313101c80 h1:Lj5rbfG876hIAYFjqiJnPHfhXbv+nzTWfm04Fg/XSVU=
+google.golang.org/genproto/googleapis/api v0.0.0-20240123012728-ef4313101c80/go.mod h1:4jWUdICTdgc3Ibxmr8nAJiiLHwQBY0UI0XZcEMaFKaA=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 h1:AjyfHzEPEFp/NpvfN5g+KDla3EMojjhRVZc1i7cj+oM=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s=
+google.golang.org/grpc v1.62.0 h1:HQKZ/fa1bXkX1oFOvSjmZEUL8wLSaZTjCcLAlmZRtdk=
+google.golang.org/grpc v1.62.0/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
@@ -334,36 +316,35 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-k8s.io/api v0.29.1 h1:DAjwWX/9YT7NQD4INu49ROJuZAAAP/Ijki48GUPzxqw=
-k8s.io/api v0.29.1/go.mod h1:7Kl10vBRUXhnQQI8YR/R327zXC8eJ7887/+Ybta+RoQ=
-k8s.io/apimachinery v0.29.1 h1:KY4/E6km/wLBguvCZv8cKTeOwwOBqFNjwJIdMkMbbRc=
-k8s.io/apimachinery v0.29.1/go.mod h1:6HVkd1FwxIagpYrHSwJlQqZI3G9LfYWRPAkUvLnXTKU=
-k8s.io/apiserver v0.29.1 h1:e2wwHUfEmMsa8+cuft8MT56+16EONIEK8A/gpBSco+g=
-k8s.io/apiserver v0.29.1/go.mod h1:V0EpkTRrJymyVT3M49we8uh2RvXf7fWC5XLB0P3SwRw=
-k8s.io/client-go v0.29.1 h1:19B/+2NGEwnFLzt0uB5kNJnfTsbV8w6TgQRz9l7ti7A=
-k8s.io/client-go v0.29.1/go.mod h1:TDG/psL9hdet0TI9mGyHJSgRkW3H9JZk2dNEUS7bRks=
-k8s.io/code-generator v0.29.1 h1:8ba8BdtSmAVHgAMpzThb/fuyQeTRtN7NtN7VjMcDLew=
-k8s.io/code-generator v0.29.1/go.mod h1:FwFi3C9jCrmbPjekhaCYcYG1n07CYiW1+PAPCockaos=
-k8s.io/component-base v0.29.1 h1:MUimqJPCRnnHsskTTjKD+IC1EHBbRCVyi37IoFBrkYw=
-k8s.io/component-base v0.29.1/go.mod h1:fP9GFjxYrLERq1GcWWZAE3bqbNcDKDytn2srWuHTtKc=
-k8s.io/component-helpers v0.29.1 h1:54MMEDu6xeJmMtAKztsPwu0kJKr4+jCUzaEIn2UXRoc=
-k8s.io/component-helpers v0.29.1/go.mod h1:+I7xz4kfUgxWAPJIVKrqe4ml4rb9UGpazlOmhXYo+cY=
+k8s.io/api v0.30.0-alpha.3 h1:EcbaDi8WjoR8QdQS6LKd8oP0qjODWxfKdVj5U8WM1P0=
+k8s.io/api v0.30.0-alpha.3/go.mod h1:gUziZ7QreMQgwigIm0O6q1xN4w2DPIs6PwP9Ha3c9dQ=
+k8s.io/apimachinery v0.30.0-alpha.3 h1:9FoqT1Wc+48DJ+mYkbmZd3n4351u9YbGnQSPnVWUwWM=
+k8s.io/apimachinery v0.30.0-alpha.3/go.mod h1:/862Kkwje5hhHGJWPKiaHuov2c6mw6uCXWikV9kOIP4=
+k8s.io/apiserver v0.30.0-alpha.3 h1:Z73kgqfxr9XQmV11LCwWhHe7HXDArWLFkH8M2aOL+sI=
+k8s.io/apiserver v0.30.0-alpha.3/go.mod h1:BNpQK5agUh2i5pfv6SeBSLMPdpGBc+cba6ct3MofK+s=
+k8s.io/client-go v0.30.0-alpha.3 h1:0dj5DVlvaRI44HhHHI6cJxJ+n3F6GA1TwUV6U+L26No=
+k8s.io/client-go v0.30.0-alpha.3/go.mod h1:waezUYZSoIV2fUNG2+pwia+wTwPb8HTRVHKd5v5rDg0=
+k8s.io/code-generator v0.30.0-alpha.3 h1:fECwF/f8ua0xti5GfgpWP8dqOcwD1IJUEXQhM6fi7Ro=
+k8s.io/code-generator v0.30.0-alpha.3/go.mod h1:MuEqSZ4rgFkc0pmyi//QD/K26uzYwND/mgs/bJC+6HQ=
+k8s.io/component-base v0.30.0-alpha.3 h1:krf6aBCCJHv4ga0wc4v3pNLEZ1gmBtxAUey5L9n2xlI=
+k8s.io/component-base v0.30.0-alpha.3/go.mod h1:cvuAeLTeh91ELy3wPWFtJ+J4d08ws9zk/+mek4aLdHM=
+k8s.io/component-helpers v0.30.0-alpha.3 h1:pY0mKQCKG7O6tSZWb87dI7GnD0IcO7FRyrfRO1sZOKQ=
+k8s.io/component-helpers v0.30.0-alpha.3/go.mod h1:Ga/4AXsetMojfkZRlKT4129GTMCDw2oJustjtuWbuP8=
k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks=
k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0=
-k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo=
-k8s.io/kms v0.29.1 h1:6dMOaxllwiAZ8p3Hys65b78MDG+hONpBBpk1rQsaEtk=
-k8s.io/kms v0.29.1/go.mod h1:Hqkx3zEGWThUTbcSkK508DUv4c1HOJOB5qihSoLBWgU=
-k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780=
-k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/kms v0.30.0-alpha.3 h1:gA/3ayisIFPtjCkq4Mxcd8U1aM1MH/rYrSEwU3JhX9k=
+k8s.io/kms v0.30.0-alpha.3/go.mod h1:a2u2EEVbvhimBrZ4UwbRySIP5Hhm8QgqC45xOT5ebR8=
+k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e h1:snPmy96t93RredGRjKfMFt+gvxuVAncqSAyBveJtr4Q=
+k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ=
k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 h1:TgtAeesdhpm2SGwkQasmbeqDo8th5wOBA5h/AjTKA4I=
-sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0/go.mod h1:VHVDI/KrK4fjnV61bE2g3sA7tiETLn8sooImelsCx3Y=
+sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0 h1:/U5vjBbQn3RChhv7P11uhYvCSm5G2GaIi5AIGBS6r4c=
+sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0/go.mod h1:z7+wmGM2dfIiLRfrC6jb5kV2Mq/sK1ZP303cxzkV5Y4=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/mdtoc v1.1.0 h1:q3YtqYzmC2e0hgLXRIOm7/QLuPux1CX3ZHCwlbABxZo=
diff --git a/vendor/github.com/go-logr/zapr/.golangci.yaml b/vendor/github.com/go-logr/zapr/.golangci.yaml
new file mode 100644
index 0000000000..64246c50cc
--- /dev/null
+++ b/vendor/github.com/go-logr/zapr/.golangci.yaml
@@ -0,0 +1,20 @@
+issues:
+ exclude-use-default: false
+
+linters:
+ disable-all: true
+ enable:
+ - asciicheck
+ - errcheck
+ - forcetypeassert
+ - gocritic
+ - gofmt
+ - goimports
+ - gosimple
+ - govet
+ - ineffassign
+ - misspell
+ - revive
+ - staticcheck
+ - typecheck
+ - unused
diff --git a/vendor/github.com/go-logr/zapr/README.md b/vendor/github.com/go-logr/zapr/README.md
index 78f5f7653f..ff332da3a1 100644
--- a/vendor/github.com/go-logr/zapr/README.md
+++ b/vendor/github.com/go-logr/zapr/README.md
@@ -2,12 +2,17 @@ Zapr :zap:
==========
A [logr](https://github.com/go-logr/logr) implementation using
-[Zap](https://github.com/uber-go/zap).
+[Zap](https://github.com/uber-go/zap). Can also be used as
+[slog](https://pkg.go.dev/log/slog) handler.
Usage
-----
+Via logr:
+
```go
+package main
+
import (
"fmt"
@@ -29,6 +34,33 @@ func main() {
}
```
+Via slog:
+
+```
+package main
+
+import (
+ "fmt"
+ "log/slog"
+
+ "github.com/go-logr/logr/slogr"
+ "github.com/go-logr/zapr"
+ "go.uber.org/zap"
+)
+
+func main() {
+ var log *slog.Logger
+
+ zapLog, err := zap.NewDevelopment()
+ if err != nil {
+ panic(fmt.Sprintf("who watches the watchmen (%v)?", err))
+ }
+ log = slog.New(slogr.NewSlogHandler(zapr.NewLogger(zapLog)))
+
+ log.Info("Logr in action!", "the answer", 42)
+}
+```
+
Increasing Verbosity
--------------------
@@ -68,3 +100,8 @@ For the most part, concepts in Zap correspond directly with those in logr.
Unlike Zap, all fields *must* be in the form of sugared fields --
it's illegal to pass a strongly-typed Zap field in a key position to any
of the logging methods (`Log`, `Error`).
+
+The zapr `logr.LogSink` implementation also implements `logr.SlogHandler`. That
+enables `slogr.NewSlogHandler` to provide a `slog.Handler` which just passes
+parameters through to zapr. zapr handles special slog values (Group,
+LogValuer), regardless of which front-end API is used.
diff --git a/vendor/github.com/go-logr/zapr/slogzapr.go b/vendor/github.com/go-logr/zapr/slogzapr.go
new file mode 100644
index 0000000000..84f56e4351
--- /dev/null
+++ b/vendor/github.com/go-logr/zapr/slogzapr.go
@@ -0,0 +1,183 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package zapr
+
+import (
+ "context"
+ "log/slog"
+ "runtime"
+
+ "github.com/go-logr/logr/slogr"
+ "go.uber.org/zap"
+ "go.uber.org/zap/zapcore"
+)
+
+var _ slogr.SlogSink = &zapLogger{}
+
+func (zl *zapLogger) Handle(_ context.Context, record slog.Record) error {
+ zapLevel := zap.InfoLevel
+ intLevel := 0
+ isError := false
+ switch {
+ case record.Level >= slog.LevelError:
+ zapLevel = zap.ErrorLevel
+ isError = true
+ case record.Level >= slog.LevelWarn:
+ zapLevel = zap.WarnLevel
+ case record.Level >= 0:
+ // Already set above -> info.
+ default:
+ zapLevel = zapcore.Level(record.Level)
+ intLevel = int(-zapLevel)
+ }
+
+ if checkedEntry := zl.l.Check(zapLevel, record.Message); checkedEntry != nil {
+ checkedEntry.Time = record.Time
+ checkedEntry.Caller = pcToCallerEntry(record.PC)
+ var fieldsBuffer [2]zap.Field
+ fields := fieldsBuffer[:0]
+ if !isError && zl.numericLevelKey != "" {
+ // Record verbosity for info entries.
+ fields = append(fields, zap.Int(zl.numericLevelKey, intLevel))
+ }
+ // Inline all attributes.
+ fields = append(fields, zap.Inline(zapcore.ObjectMarshalerFunc(func(enc zapcore.ObjectEncoder) error {
+ record.Attrs(func(attr slog.Attr) bool {
+ encodeSlog(enc, attr)
+ return true
+ })
+ return nil
+ })))
+ checkedEntry.Write(fields...)
+ }
+ return nil
+}
+
+func encodeSlog(enc zapcore.ObjectEncoder, attr slog.Attr) {
+ if attr.Equal(slog.Attr{}) {
+ // Ignore empty attribute.
+ return
+ }
+
+ // Check in order of expected frequency, most common ones first.
+ //
+ // Usage statistics for parameters from Kubernetes 152876a3e,
+ // calculated with k/k/test/integration/logs/benchmark:
+ //
+ // kube-controller-manager -v10:
+ // strings: 10043 (85%)
+ // with API objects: 2 (0% of all arguments)
+ // types and their number of usage: NodeStatus:2
+ // numbers: 792 (6%)
+ // ObjectRef: 292 (2%)
+ // others: 595 (5%)
+ //
+ // kube-scheduler -v10:
+ // strings: 1325 (40%)
+ // with API objects: 109 (3% of all arguments)
+ // types and their number of usage: PersistentVolume:50 PersistentVolumeClaim:59
+ // numbers: 473 (14%)
+ // ObjectRef: 1305 (39%)
+ // others: 176 (5%)
+
+ kind := attr.Value.Kind()
+ switch kind {
+ case slog.KindString:
+ enc.AddString(attr.Key, attr.Value.String())
+ case slog.KindLogValuer:
+ // This includes klog.KObj.
+ encodeSlog(enc, slog.Attr{
+ Key: attr.Key,
+ Value: attr.Value.Resolve(),
+ })
+ case slog.KindInt64:
+ enc.AddInt64(attr.Key, attr.Value.Int64())
+ case slog.KindUint64:
+ enc.AddUint64(attr.Key, attr.Value.Uint64())
+ case slog.KindFloat64:
+ enc.AddFloat64(attr.Key, attr.Value.Float64())
+ case slog.KindBool:
+ enc.AddBool(attr.Key, attr.Value.Bool())
+ case slog.KindDuration:
+ enc.AddDuration(attr.Key, attr.Value.Duration())
+ case slog.KindTime:
+ enc.AddTime(attr.Key, attr.Value.Time())
+ case slog.KindGroup:
+ attrs := attr.Value.Group()
+ if attr.Key == "" {
+ // Inline group.
+ for _, attr := range attrs {
+ encodeSlog(enc, attr)
+ }
+ return
+ }
+ if len(attrs) == 0 {
+ // Ignore empty group.
+ return
+ }
+ _ = enc.AddObject(attr.Key, marshalAttrs(attrs))
+ default:
+ // We have to go through reflection in zap.Any to get support
+ // for e.g. fmt.Stringer.
+ zap.Any(attr.Key, attr.Value.Any()).AddTo(enc)
+ }
+}
+
+type marshalAttrs []slog.Attr
+
+func (attrs marshalAttrs) MarshalLogObject(enc zapcore.ObjectEncoder) error {
+ for _, attr := range attrs {
+ encodeSlog(enc, attr)
+ }
+ return nil
+}
+
+var _ zapcore.ObjectMarshaler = marshalAttrs(nil)
+
+func pcToCallerEntry(pc uintptr) zapcore.EntryCaller {
+ if pc == 0 {
+ return zapcore.EntryCaller{}
+ }
+ // Same as https://cs.opensource.google/go/x/exp/+/642cacee:slog/record.go;drc=642cacee5cc05231f45555a333d07f1005ffc287;l=70
+ fs := runtime.CallersFrames([]uintptr{pc})
+ f, _ := fs.Next()
+ if f.File == "" {
+ return zapcore.EntryCaller{}
+ }
+ return zapcore.EntryCaller{
+ Defined: true,
+ PC: pc,
+ File: f.File,
+ Line: f.Line,
+ Function: f.Function,
+ }
+}
+
+func (zl *zapLogger) WithAttrs(attrs []slog.Attr) slogr.SlogSink {
+ newLogger := *zl
+ newLogger.l = newLogger.l.With(zap.Inline(marshalAttrs(attrs)))
+ return &newLogger
+}
+
+func (zl *zapLogger) WithGroup(name string) slogr.SlogSink {
+ newLogger := *zl
+ newLogger.l = newLogger.l.With(zap.Namespace(name))
+ return &newLogger
+}
diff --git a/vendor/github.com/go-logr/zapr/zapr.go b/vendor/github.com/go-logr/zapr/zapr.go
index 8bb7fceb3f..c8503ab9ea 100644
--- a/vendor/github.com/go-logr/zapr/zapr.go
+++ b/vendor/github.com/go-logr/zapr/zapr.go
@@ -31,14 +31,14 @@ limitations under the License.
// Package zapr defines an implementation of the github.com/go-logr/logr
// interfaces built on top of Zap (go.uber.org/zap).
//
-// Usage
+// # Usage
//
// A new logr.Logger can be constructed from an existing zap.Logger using
// the NewLogger function:
//
-// log := zapr.NewLogger(someZapLogger)
+// log := zapr.NewLogger(someZapLogger)
//
-// Implementation Details
+// # Implementation Details
//
// For the most part, concepts in Zap correspond directly with those in
// logr.
@@ -168,15 +168,6 @@ func (zl *zapLogger) handleFields(lvl int, args []interface{}, additional ...zap
return append(fields, additional...)
}
-func zapIt(field string, val interface{}) zap.Field {
- // Handle types that implement logr.Marshaler: log the replacement
- // object instead of the original one.
- if marshaler, ok := val.(logr.Marshaler); ok {
- field, val = invokeMarshaler(field, marshaler)
- }
- return zap.Any(field, val)
-}
-
func invokeMarshaler(field string, m logr.Marshaler) (f string, ret interface{}) {
defer func() {
if r := recover(); r != nil {
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/doc.go b/vendor/github.com/go-logr/zapr/zapr_noslog.go
similarity index 55%
rename from vendor/k8s.io/apiserver/pkg/apis/config/doc.go
rename to vendor/github.com/go-logr/zapr/zapr_noslog.go
index 338d4cebfa..ec8517b793 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/config/doc.go
+++ b/vendor/github.com/go-logr/zapr/zapr_noslog.go
@@ -1,5 +1,8 @@
+//go:build !go1.21
+// +build !go1.21
+
/*
-Copyright 2018 The Kubernetes Authors.
+Copyright 2023 The logr Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -14,6 +17,18 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-// +k8s:deepcopy-gen=package
+package zapr
+
+import (
+ "github.com/go-logr/logr"
+ "go.uber.org/zap"
+)
-package config // import "k8s.io/apiserver/pkg/apis/config"
+func zapIt(field string, val interface{}) zap.Field {
+ // Handle types that implement logr.Marshaler: log the replacement
+ // object instead of the original one.
+ if marshaler, ok := val.(logr.Marshaler); ok {
+ field, val = invokeMarshaler(field, marshaler)
+ }
+ return zap.Any(field, val)
+}
diff --git a/vendor/github.com/go-logr/zapr/zapr_slog.go b/vendor/github.com/go-logr/zapr/zapr_slog.go
new file mode 100644
index 0000000000..f07203604d
--- /dev/null
+++ b/vendor/github.com/go-logr/zapr/zapr_slog.go
@@ -0,0 +1,48 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package zapr
+
+import (
+ "log/slog"
+
+ "github.com/go-logr/logr"
+ "go.uber.org/zap"
+ "go.uber.org/zap/zapcore"
+)
+
+func zapIt(field string, val interface{}) zap.Field {
+ switch valTyped := val.(type) {
+ case logr.Marshaler:
+ // Handle types that implement logr.Marshaler: log the replacement
+ // object instead of the original one.
+ field, val = invokeMarshaler(field, valTyped)
+ case slog.LogValuer:
+ // The same for slog.LogValuer. We let slog.Value handle
+ // potential panics and recursion.
+ val = slog.AnyValue(val).Resolve()
+ }
+ if slogValue, ok := val.(slog.Value); ok {
+ return zap.Inline(zapcore.ObjectMarshalerFunc(func(enc zapcore.ObjectEncoder) error {
+ encodeSlog(enc, slog.Attr{Key: field, Value: slogValue})
+ return nil
+ }))
+ }
+ return zap.Any(field, val)
+}
diff --git a/vendor/github.com/golang/protobuf/jsonpb/decode.go b/vendor/github.com/golang/protobuf/jsonpb/decode.go
deleted file mode 100644
index 6c16c255ff..0000000000
--- a/vendor/github.com/golang/protobuf/jsonpb/decode.go
+++ /dev/null
@@ -1,530 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package jsonpb
-
-import (
- "encoding/json"
- "errors"
- "fmt"
- "io"
- "math"
- "reflect"
- "strconv"
- "strings"
- "time"
-
- "github.com/golang/protobuf/proto"
- "google.golang.org/protobuf/encoding/protojson"
- protoV2 "google.golang.org/protobuf/proto"
- "google.golang.org/protobuf/reflect/protoreflect"
- "google.golang.org/protobuf/reflect/protoregistry"
-)
-
-const wrapJSONUnmarshalV2 = false
-
-// UnmarshalNext unmarshals the next JSON object from d into m.
-func UnmarshalNext(d *json.Decoder, m proto.Message) error {
- return new(Unmarshaler).UnmarshalNext(d, m)
-}
-
-// Unmarshal unmarshals a JSON object from r into m.
-func Unmarshal(r io.Reader, m proto.Message) error {
- return new(Unmarshaler).Unmarshal(r, m)
-}
-
-// UnmarshalString unmarshals a JSON object from s into m.
-func UnmarshalString(s string, m proto.Message) error {
- return new(Unmarshaler).Unmarshal(strings.NewReader(s), m)
-}
-
-// Unmarshaler is a configurable object for converting from a JSON
-// representation to a protocol buffer object.
-type Unmarshaler struct {
- // AllowUnknownFields specifies whether to allow messages to contain
- // unknown JSON fields, as opposed to failing to unmarshal.
- AllowUnknownFields bool
-
- // AnyResolver is used to resolve the google.protobuf.Any well-known type.
- // If unset, the global registry is used by default.
- AnyResolver AnyResolver
-}
-
-// JSONPBUnmarshaler is implemented by protobuf messages that customize the way
-// they are unmarshaled from JSON. Messages that implement this should also
-// implement JSONPBMarshaler so that the custom format can be produced.
-//
-// The JSON unmarshaling must follow the JSON to proto specification:
-// https://developers.google.com/protocol-buffers/docs/proto3#json
-//
-// Deprecated: Custom types should implement protobuf reflection instead.
-type JSONPBUnmarshaler interface {
- UnmarshalJSONPB(*Unmarshaler, []byte) error
-}
-
-// Unmarshal unmarshals a JSON object from r into m.
-func (u *Unmarshaler) Unmarshal(r io.Reader, m proto.Message) error {
- return u.UnmarshalNext(json.NewDecoder(r), m)
-}
-
-// UnmarshalNext unmarshals the next JSON object from d into m.
-func (u *Unmarshaler) UnmarshalNext(d *json.Decoder, m proto.Message) error {
- if m == nil {
- return errors.New("invalid nil message")
- }
-
- // Parse the next JSON object from the stream.
- raw := json.RawMessage{}
- if err := d.Decode(&raw); err != nil {
- return err
- }
-
- // Check for custom unmarshalers first since they may not properly
- // implement protobuf reflection that the logic below relies on.
- if jsu, ok := m.(JSONPBUnmarshaler); ok {
- return jsu.UnmarshalJSONPB(u, raw)
- }
-
- mr := proto.MessageReflect(m)
-
- // NOTE: For historical reasons, a top-level null is treated as a noop.
- // This is incorrect, but kept for compatibility.
- if string(raw) == "null" && mr.Descriptor().FullName() != "google.protobuf.Value" {
- return nil
- }
-
- if wrapJSONUnmarshalV2 {
- // NOTE: If input message is non-empty, we need to preserve merge semantics
- // of the old jsonpb implementation. These semantics are not supported by
- // the protobuf JSON specification.
- isEmpty := true
- mr.Range(func(protoreflect.FieldDescriptor, protoreflect.Value) bool {
- isEmpty = false // at least one iteration implies non-empty
- return false
- })
- if !isEmpty {
- // Perform unmarshaling into a newly allocated, empty message.
- mr = mr.New()
-
- // Use a defer to copy all unmarshaled fields into the original message.
- dst := proto.MessageReflect(m)
- defer mr.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
- dst.Set(fd, v)
- return true
- })
- }
-
- // Unmarshal using the v2 JSON unmarshaler.
- opts := protojson.UnmarshalOptions{
- DiscardUnknown: u.AllowUnknownFields,
- }
- if u.AnyResolver != nil {
- opts.Resolver = anyResolver{u.AnyResolver}
- }
- return opts.Unmarshal(raw, mr.Interface())
- } else {
- if err := u.unmarshalMessage(mr, raw); err != nil {
- return err
- }
- return protoV2.CheckInitialized(mr.Interface())
- }
-}
-
-func (u *Unmarshaler) unmarshalMessage(m protoreflect.Message, in []byte) error {
- md := m.Descriptor()
- fds := md.Fields()
-
- if jsu, ok := proto.MessageV1(m.Interface()).(JSONPBUnmarshaler); ok {
- return jsu.UnmarshalJSONPB(u, in)
- }
-
- if string(in) == "null" && md.FullName() != "google.protobuf.Value" {
- return nil
- }
-
- switch wellKnownType(md.FullName()) {
- case "Any":
- var jsonObject map[string]json.RawMessage
- if err := json.Unmarshal(in, &jsonObject); err != nil {
- return err
- }
-
- rawTypeURL, ok := jsonObject["@type"]
- if !ok {
- return errors.New("Any JSON doesn't have '@type'")
- }
- typeURL, err := unquoteString(string(rawTypeURL))
- if err != nil {
- return fmt.Errorf("can't unmarshal Any's '@type': %q", rawTypeURL)
- }
- m.Set(fds.ByNumber(1), protoreflect.ValueOfString(typeURL))
-
- var m2 protoreflect.Message
- if u.AnyResolver != nil {
- mi, err := u.AnyResolver.Resolve(typeURL)
- if err != nil {
- return err
- }
- m2 = proto.MessageReflect(mi)
- } else {
- mt, err := protoregistry.GlobalTypes.FindMessageByURL(typeURL)
- if err != nil {
- if err == protoregistry.NotFound {
- return fmt.Errorf("could not resolve Any message type: %v", typeURL)
- }
- return err
- }
- m2 = mt.New()
- }
-
- if wellKnownType(m2.Descriptor().FullName()) != "" {
- rawValue, ok := jsonObject["value"]
- if !ok {
- return errors.New("Any JSON doesn't have 'value'")
- }
- if err := u.unmarshalMessage(m2, rawValue); err != nil {
- return fmt.Errorf("can't unmarshal Any nested proto %v: %v", typeURL, err)
- }
- } else {
- delete(jsonObject, "@type")
- rawJSON, err := json.Marshal(jsonObject)
- if err != nil {
- return fmt.Errorf("can't generate JSON for Any's nested proto to be unmarshaled: %v", err)
- }
- if err = u.unmarshalMessage(m2, rawJSON); err != nil {
- return fmt.Errorf("can't unmarshal Any nested proto %v: %v", typeURL, err)
- }
- }
-
- rawWire, err := protoV2.Marshal(m2.Interface())
- if err != nil {
- return fmt.Errorf("can't marshal proto %v into Any.Value: %v", typeURL, err)
- }
- m.Set(fds.ByNumber(2), protoreflect.ValueOfBytes(rawWire))
- return nil
- case "BoolValue", "BytesValue", "StringValue",
- "Int32Value", "UInt32Value", "FloatValue",
- "Int64Value", "UInt64Value", "DoubleValue":
- fd := fds.ByNumber(1)
- v, err := u.unmarshalValue(m.NewField(fd), in, fd)
- if err != nil {
- return err
- }
- m.Set(fd, v)
- return nil
- case "Duration":
- v, err := unquoteString(string(in))
- if err != nil {
- return err
- }
- d, err := time.ParseDuration(v)
- if err != nil {
- return fmt.Errorf("bad Duration: %v", err)
- }
-
- sec := d.Nanoseconds() / 1e9
- nsec := d.Nanoseconds() % 1e9
- m.Set(fds.ByNumber(1), protoreflect.ValueOfInt64(int64(sec)))
- m.Set(fds.ByNumber(2), protoreflect.ValueOfInt32(int32(nsec)))
- return nil
- case "Timestamp":
- v, err := unquoteString(string(in))
- if err != nil {
- return err
- }
- t, err := time.Parse(time.RFC3339Nano, v)
- if err != nil {
- return fmt.Errorf("bad Timestamp: %v", err)
- }
-
- sec := t.Unix()
- nsec := t.Nanosecond()
- m.Set(fds.ByNumber(1), protoreflect.ValueOfInt64(int64(sec)))
- m.Set(fds.ByNumber(2), protoreflect.ValueOfInt32(int32(nsec)))
- return nil
- case "Value":
- switch {
- case string(in) == "null":
- m.Set(fds.ByNumber(1), protoreflect.ValueOfEnum(0))
- case string(in) == "true":
- m.Set(fds.ByNumber(4), protoreflect.ValueOfBool(true))
- case string(in) == "false":
- m.Set(fds.ByNumber(4), protoreflect.ValueOfBool(false))
- case hasPrefixAndSuffix('"', in, '"'):
- s, err := unquoteString(string(in))
- if err != nil {
- return fmt.Errorf("unrecognized type for Value %q", in)
- }
- m.Set(fds.ByNumber(3), protoreflect.ValueOfString(s))
- case hasPrefixAndSuffix('[', in, ']'):
- v := m.Mutable(fds.ByNumber(6))
- return u.unmarshalMessage(v.Message(), in)
- case hasPrefixAndSuffix('{', in, '}'):
- v := m.Mutable(fds.ByNumber(5))
- return u.unmarshalMessage(v.Message(), in)
- default:
- f, err := strconv.ParseFloat(string(in), 0)
- if err != nil {
- return fmt.Errorf("unrecognized type for Value %q", in)
- }
- m.Set(fds.ByNumber(2), protoreflect.ValueOfFloat64(f))
- }
- return nil
- case "ListValue":
- var jsonArray []json.RawMessage
- if err := json.Unmarshal(in, &jsonArray); err != nil {
- return fmt.Errorf("bad ListValue: %v", err)
- }
-
- lv := m.Mutable(fds.ByNumber(1)).List()
- for _, raw := range jsonArray {
- ve := lv.NewElement()
- if err := u.unmarshalMessage(ve.Message(), raw); err != nil {
- return err
- }
- lv.Append(ve)
- }
- return nil
- case "Struct":
- var jsonObject map[string]json.RawMessage
- if err := json.Unmarshal(in, &jsonObject); err != nil {
- return fmt.Errorf("bad StructValue: %v", err)
- }
-
- mv := m.Mutable(fds.ByNumber(1)).Map()
- for key, raw := range jsonObject {
- kv := protoreflect.ValueOf(key).MapKey()
- vv := mv.NewValue()
- if err := u.unmarshalMessage(vv.Message(), raw); err != nil {
- return fmt.Errorf("bad value in StructValue for key %q: %v", key, err)
- }
- mv.Set(kv, vv)
- }
- return nil
- }
-
- var jsonObject map[string]json.RawMessage
- if err := json.Unmarshal(in, &jsonObject); err != nil {
- return err
- }
-
- // Handle known fields.
- for i := 0; i < fds.Len(); i++ {
- fd := fds.Get(i)
- if fd.IsWeak() && fd.Message().IsPlaceholder() {
- continue // weak reference is not linked in
- }
-
- // Search for any raw JSON value associated with this field.
- var raw json.RawMessage
- name := string(fd.Name())
- if fd.Kind() == protoreflect.GroupKind {
- name = string(fd.Message().Name())
- }
- if v, ok := jsonObject[name]; ok {
- delete(jsonObject, name)
- raw = v
- }
- name = string(fd.JSONName())
- if v, ok := jsonObject[name]; ok {
- delete(jsonObject, name)
- raw = v
- }
-
- field := m.NewField(fd)
- // Unmarshal the field value.
- if raw == nil || (string(raw) == "null" && !isSingularWellKnownValue(fd) && !isSingularJSONPBUnmarshaler(field, fd)) {
- continue
- }
- v, err := u.unmarshalValue(field, raw, fd)
- if err != nil {
- return err
- }
- m.Set(fd, v)
- }
-
- // Handle extension fields.
- for name, raw := range jsonObject {
- if !strings.HasPrefix(name, "[") || !strings.HasSuffix(name, "]") {
- continue
- }
-
- // Resolve the extension field by name.
- xname := protoreflect.FullName(name[len("[") : len(name)-len("]")])
- xt, _ := protoregistry.GlobalTypes.FindExtensionByName(xname)
- if xt == nil && isMessageSet(md) {
- xt, _ = protoregistry.GlobalTypes.FindExtensionByName(xname.Append("message_set_extension"))
- }
- if xt == nil {
- continue
- }
- delete(jsonObject, name)
- fd := xt.TypeDescriptor()
- if fd.ContainingMessage().FullName() != m.Descriptor().FullName() {
- return fmt.Errorf("extension field %q does not extend message %q", xname, m.Descriptor().FullName())
- }
-
- field := m.NewField(fd)
- // Unmarshal the field value.
- if raw == nil || (string(raw) == "null" && !isSingularWellKnownValue(fd) && !isSingularJSONPBUnmarshaler(field, fd)) {
- continue
- }
- v, err := u.unmarshalValue(field, raw, fd)
- if err != nil {
- return err
- }
- m.Set(fd, v)
- }
-
- if !u.AllowUnknownFields && len(jsonObject) > 0 {
- for name := range jsonObject {
- return fmt.Errorf("unknown field %q in %v", name, md.FullName())
- }
- }
- return nil
-}
-
-func isSingularWellKnownValue(fd protoreflect.FieldDescriptor) bool {
- if fd.Cardinality() == protoreflect.Repeated {
- return false
- }
- if md := fd.Message(); md != nil {
- return md.FullName() == "google.protobuf.Value"
- }
- if ed := fd.Enum(); ed != nil {
- return ed.FullName() == "google.protobuf.NullValue"
- }
- return false
-}
-
-func isSingularJSONPBUnmarshaler(v protoreflect.Value, fd protoreflect.FieldDescriptor) bool {
- if fd.Message() != nil && fd.Cardinality() != protoreflect.Repeated {
- _, ok := proto.MessageV1(v.Interface()).(JSONPBUnmarshaler)
- return ok
- }
- return false
-}
-
-func (u *Unmarshaler) unmarshalValue(v protoreflect.Value, in []byte, fd protoreflect.FieldDescriptor) (protoreflect.Value, error) {
- switch {
- case fd.IsList():
- var jsonArray []json.RawMessage
- if err := json.Unmarshal(in, &jsonArray); err != nil {
- return v, err
- }
- lv := v.List()
- for _, raw := range jsonArray {
- ve, err := u.unmarshalSingularValue(lv.NewElement(), raw, fd)
- if err != nil {
- return v, err
- }
- lv.Append(ve)
- }
- return v, nil
- case fd.IsMap():
- var jsonObject map[string]json.RawMessage
- if err := json.Unmarshal(in, &jsonObject); err != nil {
- return v, err
- }
- kfd := fd.MapKey()
- vfd := fd.MapValue()
- mv := v.Map()
- for key, raw := range jsonObject {
- var kv protoreflect.MapKey
- if kfd.Kind() == protoreflect.StringKind {
- kv = protoreflect.ValueOf(key).MapKey()
- } else {
- v, err := u.unmarshalSingularValue(kfd.Default(), []byte(key), kfd)
- if err != nil {
- return v, err
- }
- kv = v.MapKey()
- }
-
- vv, err := u.unmarshalSingularValue(mv.NewValue(), raw, vfd)
- if err != nil {
- return v, err
- }
- mv.Set(kv, vv)
- }
- return v, nil
- default:
- return u.unmarshalSingularValue(v, in, fd)
- }
-}
-
-var nonFinite = map[string]float64{
- `"NaN"`: math.NaN(),
- `"Infinity"`: math.Inf(+1),
- `"-Infinity"`: math.Inf(-1),
-}
-
-func (u *Unmarshaler) unmarshalSingularValue(v protoreflect.Value, in []byte, fd protoreflect.FieldDescriptor) (protoreflect.Value, error) {
- switch fd.Kind() {
- case protoreflect.BoolKind:
- return unmarshalValue(in, new(bool))
- case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind:
- return unmarshalValue(trimQuote(in), new(int32))
- case protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind:
- return unmarshalValue(trimQuote(in), new(int64))
- case protoreflect.Uint32Kind, protoreflect.Fixed32Kind:
- return unmarshalValue(trimQuote(in), new(uint32))
- case protoreflect.Uint64Kind, protoreflect.Fixed64Kind:
- return unmarshalValue(trimQuote(in), new(uint64))
- case protoreflect.FloatKind:
- if f, ok := nonFinite[string(in)]; ok {
- return protoreflect.ValueOfFloat32(float32(f)), nil
- }
- return unmarshalValue(trimQuote(in), new(float32))
- case protoreflect.DoubleKind:
- if f, ok := nonFinite[string(in)]; ok {
- return protoreflect.ValueOfFloat64(float64(f)), nil
- }
- return unmarshalValue(trimQuote(in), new(float64))
- case protoreflect.StringKind:
- return unmarshalValue(in, new(string))
- case protoreflect.BytesKind:
- return unmarshalValue(in, new([]byte))
- case protoreflect.EnumKind:
- if hasPrefixAndSuffix('"', in, '"') {
- vd := fd.Enum().Values().ByName(protoreflect.Name(trimQuote(in)))
- if vd == nil {
- return v, fmt.Errorf("unknown value %q for enum %s", in, fd.Enum().FullName())
- }
- return protoreflect.ValueOfEnum(vd.Number()), nil
- }
- return unmarshalValue(in, new(protoreflect.EnumNumber))
- case protoreflect.MessageKind, protoreflect.GroupKind:
- err := u.unmarshalMessage(v.Message(), in)
- return v, err
- default:
- panic(fmt.Sprintf("invalid kind %v", fd.Kind()))
- }
-}
-
-func unmarshalValue(in []byte, v interface{}) (protoreflect.Value, error) {
- err := json.Unmarshal(in, v)
- return protoreflect.ValueOf(reflect.ValueOf(v).Elem().Interface()), err
-}
-
-func unquoteString(in string) (out string, err error) {
- err = json.Unmarshal([]byte(in), &out)
- return out, err
-}
-
-func hasPrefixAndSuffix(prefix byte, in []byte, suffix byte) bool {
- if len(in) >= 2 && in[0] == prefix && in[len(in)-1] == suffix {
- return true
- }
- return false
-}
-
-// trimQuote is like unquoteString but simply strips surrounding quotes.
-// This is incorrect, but is behavior done by the legacy implementation.
-func trimQuote(in []byte) []byte {
- if len(in) >= 2 && in[0] == '"' && in[len(in)-1] == '"' {
- in = in[1 : len(in)-1]
- }
- return in
-}
diff --git a/vendor/github.com/golang/protobuf/jsonpb/encode.go b/vendor/github.com/golang/protobuf/jsonpb/encode.go
deleted file mode 100644
index 685c80a62b..0000000000
--- a/vendor/github.com/golang/protobuf/jsonpb/encode.go
+++ /dev/null
@@ -1,559 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package jsonpb
-
-import (
- "encoding/json"
- "errors"
- "fmt"
- "io"
- "math"
- "reflect"
- "sort"
- "strconv"
- "strings"
- "time"
-
- "github.com/golang/protobuf/proto"
- "google.golang.org/protobuf/encoding/protojson"
- protoV2 "google.golang.org/protobuf/proto"
- "google.golang.org/protobuf/reflect/protoreflect"
- "google.golang.org/protobuf/reflect/protoregistry"
-)
-
-const wrapJSONMarshalV2 = false
-
-// Marshaler is a configurable object for marshaling protocol buffer messages
-// to the specified JSON representation.
-type Marshaler struct {
- // OrigName specifies whether to use the original protobuf name for fields.
- OrigName bool
-
- // EnumsAsInts specifies whether to render enum values as integers,
- // as opposed to string values.
- EnumsAsInts bool
-
- // EmitDefaults specifies whether to render fields with zero values.
- EmitDefaults bool
-
- // Indent controls whether the output is compact or not.
- // If empty, the output is compact JSON. Otherwise, every JSON object
- // entry and JSON array value will be on its own line.
- // Each line will be preceded by repeated copies of Indent, where the
- // number of copies is the current indentation depth.
- Indent string
-
- // AnyResolver is used to resolve the google.protobuf.Any well-known type.
- // If unset, the global registry is used by default.
- AnyResolver AnyResolver
-}
-
-// JSONPBMarshaler is implemented by protobuf messages that customize the
-// way they are marshaled to JSON. Messages that implement this should also
-// implement JSONPBUnmarshaler so that the custom format can be parsed.
-//
-// The JSON marshaling must follow the proto to JSON specification:
-// https://developers.google.com/protocol-buffers/docs/proto3#json
-//
-// Deprecated: Custom types should implement protobuf reflection instead.
-type JSONPBMarshaler interface {
- MarshalJSONPB(*Marshaler) ([]byte, error)
-}
-
-// Marshal serializes a protobuf message as JSON into w.
-func (jm *Marshaler) Marshal(w io.Writer, m proto.Message) error {
- b, err := jm.marshal(m)
- if len(b) > 0 {
- if _, err := w.Write(b); err != nil {
- return err
- }
- }
- return err
-}
-
-// MarshalToString serializes a protobuf message as JSON in string form.
-func (jm *Marshaler) MarshalToString(m proto.Message) (string, error) {
- b, err := jm.marshal(m)
- if err != nil {
- return "", err
- }
- return string(b), nil
-}
-
-func (jm *Marshaler) marshal(m proto.Message) ([]byte, error) {
- v := reflect.ValueOf(m)
- if m == nil || (v.Kind() == reflect.Ptr && v.IsNil()) {
- return nil, errors.New("Marshal called with nil")
- }
-
- // Check for custom marshalers first since they may not properly
- // implement protobuf reflection that the logic below relies on.
- if jsm, ok := m.(JSONPBMarshaler); ok {
- return jsm.MarshalJSONPB(jm)
- }
-
- if wrapJSONMarshalV2 {
- opts := protojson.MarshalOptions{
- UseProtoNames: jm.OrigName,
- UseEnumNumbers: jm.EnumsAsInts,
- EmitUnpopulated: jm.EmitDefaults,
- Indent: jm.Indent,
- }
- if jm.AnyResolver != nil {
- opts.Resolver = anyResolver{jm.AnyResolver}
- }
- return opts.Marshal(proto.MessageReflect(m).Interface())
- } else {
- // Check for unpopulated required fields first.
- m2 := proto.MessageReflect(m)
- if err := protoV2.CheckInitialized(m2.Interface()); err != nil {
- return nil, err
- }
-
- w := jsonWriter{Marshaler: jm}
- err := w.marshalMessage(m2, "", "")
- return w.buf, err
- }
-}
-
-type jsonWriter struct {
- *Marshaler
- buf []byte
-}
-
-func (w *jsonWriter) write(s string) {
- w.buf = append(w.buf, s...)
-}
-
-func (w *jsonWriter) marshalMessage(m protoreflect.Message, indent, typeURL string) error {
- if jsm, ok := proto.MessageV1(m.Interface()).(JSONPBMarshaler); ok {
- b, err := jsm.MarshalJSONPB(w.Marshaler)
- if err != nil {
- return err
- }
- if typeURL != "" {
- // we are marshaling this object to an Any type
- var js map[string]*json.RawMessage
- if err = json.Unmarshal(b, &js); err != nil {
- return fmt.Errorf("type %T produced invalid JSON: %v", m.Interface(), err)
- }
- turl, err := json.Marshal(typeURL)
- if err != nil {
- return fmt.Errorf("failed to marshal type URL %q to JSON: %v", typeURL, err)
- }
- js["@type"] = (*json.RawMessage)(&turl)
- if b, err = json.Marshal(js); err != nil {
- return err
- }
- }
- w.write(string(b))
- return nil
- }
-
- md := m.Descriptor()
- fds := md.Fields()
-
- // Handle well-known types.
- const secondInNanos = int64(time.Second / time.Nanosecond)
- switch wellKnownType(md.FullName()) {
- case "Any":
- return w.marshalAny(m, indent)
- case "BoolValue", "BytesValue", "StringValue",
- "Int32Value", "UInt32Value", "FloatValue",
- "Int64Value", "UInt64Value", "DoubleValue":
- fd := fds.ByNumber(1)
- return w.marshalValue(fd, m.Get(fd), indent)
- case "Duration":
- const maxSecondsInDuration = 315576000000
- // "Generated output always contains 0, 3, 6, or 9 fractional digits,
- // depending on required precision."
- s := m.Get(fds.ByNumber(1)).Int()
- ns := m.Get(fds.ByNumber(2)).Int()
- if s < -maxSecondsInDuration || s > maxSecondsInDuration {
- return fmt.Errorf("seconds out of range %v", s)
- }
- if ns <= -secondInNanos || ns >= secondInNanos {
- return fmt.Errorf("ns out of range (%v, %v)", -secondInNanos, secondInNanos)
- }
- if (s > 0 && ns < 0) || (s < 0 && ns > 0) {
- return errors.New("signs of seconds and nanos do not match")
- }
- var sign string
- if s < 0 || ns < 0 {
- sign, s, ns = "-", -1*s, -1*ns
- }
- x := fmt.Sprintf("%s%d.%09d", sign, s, ns)
- x = strings.TrimSuffix(x, "000")
- x = strings.TrimSuffix(x, "000")
- x = strings.TrimSuffix(x, ".000")
- w.write(fmt.Sprintf(`"%vs"`, x))
- return nil
- case "Timestamp":
- // "RFC 3339, where generated output will always be Z-normalized
- // and uses 0, 3, 6 or 9 fractional digits."
- s := m.Get(fds.ByNumber(1)).Int()
- ns := m.Get(fds.ByNumber(2)).Int()
- if ns < 0 || ns >= secondInNanos {
- return fmt.Errorf("ns out of range [0, %v)", secondInNanos)
- }
- t := time.Unix(s, ns).UTC()
- // time.RFC3339Nano isn't exactly right (we need to get 3/6/9 fractional digits).
- x := t.Format("2006-01-02T15:04:05.000000000")
- x = strings.TrimSuffix(x, "000")
- x = strings.TrimSuffix(x, "000")
- x = strings.TrimSuffix(x, ".000")
- w.write(fmt.Sprintf(`"%vZ"`, x))
- return nil
- case "Value":
- // JSON value; which is a null, number, string, bool, object, or array.
- od := md.Oneofs().Get(0)
- fd := m.WhichOneof(od)
- if fd == nil {
- return errors.New("nil Value")
- }
- return w.marshalValue(fd, m.Get(fd), indent)
- case "Struct", "ListValue":
- // JSON object or array.
- fd := fds.ByNumber(1)
- return w.marshalValue(fd, m.Get(fd), indent)
- }
-
- w.write("{")
- if w.Indent != "" {
- w.write("\n")
- }
-
- firstField := true
- if typeURL != "" {
- if err := w.marshalTypeURL(indent, typeURL); err != nil {
- return err
- }
- firstField = false
- }
-
- for i := 0; i < fds.Len(); {
- fd := fds.Get(i)
- if od := fd.ContainingOneof(); od != nil {
- fd = m.WhichOneof(od)
- i += od.Fields().Len()
- if fd == nil {
- continue
- }
- } else {
- i++
- }
-
- v := m.Get(fd)
-
- if !m.Has(fd) {
- if !w.EmitDefaults || fd.ContainingOneof() != nil {
- continue
- }
- if fd.Cardinality() != protoreflect.Repeated && (fd.Message() != nil || fd.Syntax() == protoreflect.Proto2) {
- v = protoreflect.Value{} // use "null" for singular messages or proto2 scalars
- }
- }
-
- if !firstField {
- w.writeComma()
- }
- if err := w.marshalField(fd, v, indent); err != nil {
- return err
- }
- firstField = false
- }
-
- // Handle proto2 extensions.
- if md.ExtensionRanges().Len() > 0 {
- // Collect a sorted list of all extension descriptor and values.
- type ext struct {
- desc protoreflect.FieldDescriptor
- val protoreflect.Value
- }
- var exts []ext
- m.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
- if fd.IsExtension() {
- exts = append(exts, ext{fd, v})
- }
- return true
- })
- sort.Slice(exts, func(i, j int) bool {
- return exts[i].desc.Number() < exts[j].desc.Number()
- })
-
- for _, ext := range exts {
- if !firstField {
- w.writeComma()
- }
- if err := w.marshalField(ext.desc, ext.val, indent); err != nil {
- return err
- }
- firstField = false
- }
- }
-
- if w.Indent != "" {
- w.write("\n")
- w.write(indent)
- }
- w.write("}")
- return nil
-}
-
-func (w *jsonWriter) writeComma() {
- if w.Indent != "" {
- w.write(",\n")
- } else {
- w.write(",")
- }
-}
-
-func (w *jsonWriter) marshalAny(m protoreflect.Message, indent string) error {
- // "If the Any contains a value that has a special JSON mapping,
- // it will be converted as follows: {"@type": xxx, "value": yyy}.
- // Otherwise, the value will be converted into a JSON object,
- // and the "@type" field will be inserted to indicate the actual data type."
- md := m.Descriptor()
- typeURL := m.Get(md.Fields().ByNumber(1)).String()
- rawVal := m.Get(md.Fields().ByNumber(2)).Bytes()
-
- var m2 protoreflect.Message
- if w.AnyResolver != nil {
- mi, err := w.AnyResolver.Resolve(typeURL)
- if err != nil {
- return err
- }
- m2 = proto.MessageReflect(mi)
- } else {
- mt, err := protoregistry.GlobalTypes.FindMessageByURL(typeURL)
- if err != nil {
- return err
- }
- m2 = mt.New()
- }
-
- if err := protoV2.Unmarshal(rawVal, m2.Interface()); err != nil {
- return err
- }
-
- if wellKnownType(m2.Descriptor().FullName()) == "" {
- return w.marshalMessage(m2, indent, typeURL)
- }
-
- w.write("{")
- if w.Indent != "" {
- w.write("\n")
- }
- if err := w.marshalTypeURL(indent, typeURL); err != nil {
- return err
- }
- w.writeComma()
- if w.Indent != "" {
- w.write(indent)
- w.write(w.Indent)
- w.write(`"value": `)
- } else {
- w.write(`"value":`)
- }
- if err := w.marshalMessage(m2, indent+w.Indent, ""); err != nil {
- return err
- }
- if w.Indent != "" {
- w.write("\n")
- w.write(indent)
- }
- w.write("}")
- return nil
-}
-
-func (w *jsonWriter) marshalTypeURL(indent, typeURL string) error {
- if w.Indent != "" {
- w.write(indent)
- w.write(w.Indent)
- }
- w.write(`"@type":`)
- if w.Indent != "" {
- w.write(" ")
- }
- b, err := json.Marshal(typeURL)
- if err != nil {
- return err
- }
- w.write(string(b))
- return nil
-}
-
-// marshalField writes field description and value to the Writer.
-func (w *jsonWriter) marshalField(fd protoreflect.FieldDescriptor, v protoreflect.Value, indent string) error {
- if w.Indent != "" {
- w.write(indent)
- w.write(w.Indent)
- }
- w.write(`"`)
- switch {
- case fd.IsExtension():
- // For message set, use the fname of the message as the extension name.
- name := string(fd.FullName())
- if isMessageSet(fd.ContainingMessage()) {
- name = strings.TrimSuffix(name, ".message_set_extension")
- }
-
- w.write("[" + name + "]")
- case w.OrigName:
- name := string(fd.Name())
- if fd.Kind() == protoreflect.GroupKind {
- name = string(fd.Message().Name())
- }
- w.write(name)
- default:
- w.write(string(fd.JSONName()))
- }
- w.write(`":`)
- if w.Indent != "" {
- w.write(" ")
- }
- return w.marshalValue(fd, v, indent)
-}
-
-func (w *jsonWriter) marshalValue(fd protoreflect.FieldDescriptor, v protoreflect.Value, indent string) error {
- switch {
- case fd.IsList():
- w.write("[")
- comma := ""
- lv := v.List()
- for i := 0; i < lv.Len(); i++ {
- w.write(comma)
- if w.Indent != "" {
- w.write("\n")
- w.write(indent)
- w.write(w.Indent)
- w.write(w.Indent)
- }
- if err := w.marshalSingularValue(fd, lv.Get(i), indent+w.Indent); err != nil {
- return err
- }
- comma = ","
- }
- if w.Indent != "" {
- w.write("\n")
- w.write(indent)
- w.write(w.Indent)
- }
- w.write("]")
- return nil
- case fd.IsMap():
- kfd := fd.MapKey()
- vfd := fd.MapValue()
- mv := v.Map()
-
- // Collect a sorted list of all map keys and values.
- type entry struct{ key, val protoreflect.Value }
- var entries []entry
- mv.Range(func(k protoreflect.MapKey, v protoreflect.Value) bool {
- entries = append(entries, entry{k.Value(), v})
- return true
- })
- sort.Slice(entries, func(i, j int) bool {
- switch kfd.Kind() {
- case protoreflect.BoolKind:
- return !entries[i].key.Bool() && entries[j].key.Bool()
- case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind, protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind:
- return entries[i].key.Int() < entries[j].key.Int()
- case protoreflect.Uint32Kind, protoreflect.Fixed32Kind, protoreflect.Uint64Kind, protoreflect.Fixed64Kind:
- return entries[i].key.Uint() < entries[j].key.Uint()
- case protoreflect.StringKind:
- return entries[i].key.String() < entries[j].key.String()
- default:
- panic("invalid kind")
- }
- })
-
- w.write(`{`)
- comma := ""
- for _, entry := range entries {
- w.write(comma)
- if w.Indent != "" {
- w.write("\n")
- w.write(indent)
- w.write(w.Indent)
- w.write(w.Indent)
- }
-
- s := fmt.Sprint(entry.key.Interface())
- b, err := json.Marshal(s)
- if err != nil {
- return err
- }
- w.write(string(b))
-
- w.write(`:`)
- if w.Indent != "" {
- w.write(` `)
- }
-
- if err := w.marshalSingularValue(vfd, entry.val, indent+w.Indent); err != nil {
- return err
- }
- comma = ","
- }
- if w.Indent != "" {
- w.write("\n")
- w.write(indent)
- w.write(w.Indent)
- }
- w.write(`}`)
- return nil
- default:
- return w.marshalSingularValue(fd, v, indent)
- }
-}
-
-func (w *jsonWriter) marshalSingularValue(fd protoreflect.FieldDescriptor, v protoreflect.Value, indent string) error {
- switch {
- case !v.IsValid():
- w.write("null")
- return nil
- case fd.Message() != nil:
- return w.marshalMessage(v.Message(), indent+w.Indent, "")
- case fd.Enum() != nil:
- if fd.Enum().FullName() == "google.protobuf.NullValue" {
- w.write("null")
- return nil
- }
-
- vd := fd.Enum().Values().ByNumber(v.Enum())
- if vd == nil || w.EnumsAsInts {
- w.write(strconv.Itoa(int(v.Enum())))
- } else {
- w.write(`"` + string(vd.Name()) + `"`)
- }
- return nil
- default:
- switch v.Interface().(type) {
- case float32, float64:
- switch {
- case math.IsInf(v.Float(), +1):
- w.write(`"Infinity"`)
- return nil
- case math.IsInf(v.Float(), -1):
- w.write(`"-Infinity"`)
- return nil
- case math.IsNaN(v.Float()):
- w.write(`"NaN"`)
- return nil
- }
- case int64, uint64:
- w.write(fmt.Sprintf(`"%d"`, v.Interface()))
- return nil
- }
-
- b, err := json.Marshal(v.Interface())
- if err != nil {
- return err
- }
- w.write(string(b))
- return nil
- }
-}
diff --git a/vendor/github.com/golang/protobuf/jsonpb/json.go b/vendor/github.com/golang/protobuf/jsonpb/json.go
deleted file mode 100644
index 480e2448de..0000000000
--- a/vendor/github.com/golang/protobuf/jsonpb/json.go
+++ /dev/null
@@ -1,69 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package jsonpb provides functionality to marshal and unmarshal between a
-// protocol buffer message and JSON. It follows the specification at
-// https://developers.google.com/protocol-buffers/docs/proto3#json.
-//
-// Do not rely on the default behavior of the standard encoding/json package
-// when called on generated message types as it does not operate correctly.
-//
-// Deprecated: Use the "google.golang.org/protobuf/encoding/protojson"
-// package instead.
-package jsonpb
-
-import (
- "github.com/golang/protobuf/proto"
- "google.golang.org/protobuf/reflect/protoreflect"
- "google.golang.org/protobuf/reflect/protoregistry"
- "google.golang.org/protobuf/runtime/protoimpl"
-)
-
-// AnyResolver takes a type URL, present in an Any message,
-// and resolves it into an instance of the associated message.
-type AnyResolver interface {
- Resolve(typeURL string) (proto.Message, error)
-}
-
-type anyResolver struct{ AnyResolver }
-
-func (r anyResolver) FindMessageByName(message protoreflect.FullName) (protoreflect.MessageType, error) {
- return r.FindMessageByURL(string(message))
-}
-
-func (r anyResolver) FindMessageByURL(url string) (protoreflect.MessageType, error) {
- m, err := r.Resolve(url)
- if err != nil {
- return nil, err
- }
- return protoimpl.X.MessageTypeOf(m), nil
-}
-
-func (r anyResolver) FindExtensionByName(field protoreflect.FullName) (protoreflect.ExtensionType, error) {
- return protoregistry.GlobalTypes.FindExtensionByName(field)
-}
-
-func (r anyResolver) FindExtensionByNumber(message protoreflect.FullName, field protoreflect.FieldNumber) (protoreflect.ExtensionType, error) {
- return protoregistry.GlobalTypes.FindExtensionByNumber(message, field)
-}
-
-func wellKnownType(s protoreflect.FullName) string {
- if s.Parent() == "google.protobuf" {
- switch s.Name() {
- case "Empty", "Any",
- "BoolValue", "BytesValue", "StringValue",
- "Int32Value", "UInt32Value", "FloatValue",
- "Int64Value", "UInt64Value", "DoubleValue",
- "Duration", "Timestamp",
- "NullValue", "Struct", "Value", "ListValue":
- return string(s.Name())
- }
- }
- return ""
-}
-
-func isMessageSet(md protoreflect.MessageDescriptor) bool {
- ms, ok := md.(interface{ IsMessageSet() bool })
- return ok && ms.IsMessageSet()
-}
diff --git a/vendor/github.com/google/uuid/CHANGELOG.md b/vendor/github.com/google/uuid/CHANGELOG.md
index 7ed347d3ad..7ec5ac7ea9 100644
--- a/vendor/github.com/google/uuid/CHANGELOG.md
+++ b/vendor/github.com/google/uuid/CHANGELOG.md
@@ -1,5 +1,25 @@
# Changelog
+## [1.6.0](https://github.com/google/uuid/compare/v1.5.0...v1.6.0) (2024-01-16)
+
+
+### Features
+
+* add Max UUID constant ([#149](https://github.com/google/uuid/issues/149)) ([c58770e](https://github.com/google/uuid/commit/c58770eb495f55fe2ced6284f93c5158a62e53e3))
+
+
+### Bug Fixes
+
+* fix typo in version 7 uuid documentation ([#153](https://github.com/google/uuid/issues/153)) ([016b199](https://github.com/google/uuid/commit/016b199544692f745ffc8867b914129ecb47ef06))
+* Monotonicity in UUIDv7 ([#150](https://github.com/google/uuid/issues/150)) ([a2b2b32](https://github.com/google/uuid/commit/a2b2b32373ff0b1a312b7fdf6d38a977099698a6))
+
+## [1.5.0](https://github.com/google/uuid/compare/v1.4.0...v1.5.0) (2023-12-12)
+
+
+### Features
+
+* Validate UUID without creating new UUID ([#141](https://github.com/google/uuid/issues/141)) ([9ee7366](https://github.com/google/uuid/commit/9ee7366e66c9ad96bab89139418a713dc584ae29))
+
## [1.4.0](https://github.com/google/uuid/compare/v1.3.1...v1.4.0) (2023-10-26)
diff --git a/vendor/github.com/google/uuid/hash.go b/vendor/github.com/google/uuid/hash.go
index b404f4bec2..dc60082d3b 100644
--- a/vendor/github.com/google/uuid/hash.go
+++ b/vendor/github.com/google/uuid/hash.go
@@ -17,6 +17,12 @@ var (
NameSpaceOID = Must(Parse("6ba7b812-9dad-11d1-80b4-00c04fd430c8"))
NameSpaceX500 = Must(Parse("6ba7b814-9dad-11d1-80b4-00c04fd430c8"))
Nil UUID // empty UUID, all zeros
+
+ // The Max UUID is special form of UUID that is specified to have all 128 bits set to 1.
+ Max = UUID{
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ }
)
// NewHash returns a new UUID derived from the hash of space concatenated with
diff --git a/vendor/github.com/google/uuid/time.go b/vendor/github.com/google/uuid/time.go
index e6ef06cdc8..c351129279 100644
--- a/vendor/github.com/google/uuid/time.go
+++ b/vendor/github.com/google/uuid/time.go
@@ -108,12 +108,23 @@ func setClockSequence(seq int) {
}
// Time returns the time in 100s of nanoseconds since 15 Oct 1582 encoded in
-// uuid. The time is only defined for version 1 and 2 UUIDs.
+// uuid. The time is only defined for version 1, 2, 6 and 7 UUIDs.
func (uuid UUID) Time() Time {
- time := int64(binary.BigEndian.Uint32(uuid[0:4]))
- time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32
- time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48
- return Time(time)
+ var t Time
+ switch uuid.Version() {
+ case 6:
+ time := binary.BigEndian.Uint64(uuid[:8]) // Ignore uuid[6] version b0110
+ t = Time(time)
+ case 7:
+ time := binary.BigEndian.Uint64(uuid[:8])
+ t = Time((time>>16)*10000 + g1582ns100)
+ default: // forward compatible
+ time := int64(binary.BigEndian.Uint32(uuid[0:4]))
+ time |= int64(binary.BigEndian.Uint16(uuid[4:6])) << 32
+ time |= int64(binary.BigEndian.Uint16(uuid[6:8])&0xfff) << 48
+ t = Time(time)
+ }
+ return t
}
// ClockSequence returns the clock sequence encoded in uuid.
diff --git a/vendor/github.com/google/uuid/uuid.go b/vendor/github.com/google/uuid/uuid.go
index dc75f7d990..5232b48678 100644
--- a/vendor/github.com/google/uuid/uuid.go
+++ b/vendor/github.com/google/uuid/uuid.go
@@ -186,6 +186,59 @@ func Must(uuid UUID, err error) UUID {
return uuid
}
+// Validate returns an error if s is not a properly formatted UUID in one of the following formats:
+// xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+// xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+// {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
+// It returns an error if the format is invalid, otherwise nil.
+func Validate(s string) error {
+ switch len(s) {
+ // Standard UUID format
+ case 36:
+
+ // UUID with "urn:uuid:" prefix
+ case 36 + 9:
+ if !strings.EqualFold(s[:9], "urn:uuid:") {
+ return fmt.Errorf("invalid urn prefix: %q", s[:9])
+ }
+ s = s[9:]
+
+ // UUID enclosed in braces
+ case 36 + 2:
+ if s[0] != '{' || s[len(s)-1] != '}' {
+ return fmt.Errorf("invalid bracketed UUID format")
+ }
+ s = s[1 : len(s)-1]
+
+ // UUID without hyphens
+ case 32:
+ for i := 0; i < len(s); i += 2 {
+ _, ok := xtob(s[i], s[i+1])
+ if !ok {
+ return errors.New("invalid UUID format")
+ }
+ }
+
+ default:
+ return invalidLengthError{len(s)}
+ }
+
+ // Check for standard UUID format
+ if len(s) == 36 {
+ if s[8] != '-' || s[13] != '-' || s[18] != '-' || s[23] != '-' {
+ return errors.New("invalid UUID format")
+ }
+ for _, x := range []int{0, 2, 4, 6, 9, 11, 14, 16, 19, 21, 24, 26, 28, 30, 32, 34} {
+ if _, ok := xtob(s[x], s[x+1]); !ok {
+ return errors.New("invalid UUID format")
+ }
+ }
+ }
+
+ return nil
+}
+
// String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
// , or "" if uuid is invalid.
func (uuid UUID) String() string {
diff --git a/vendor/github.com/google/uuid/version6.go b/vendor/github.com/google/uuid/version6.go
new file mode 100644
index 0000000000..339a959a7a
--- /dev/null
+++ b/vendor/github.com/google/uuid/version6.go
@@ -0,0 +1,56 @@
+// Copyright 2023 Google Inc. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import "encoding/binary"
+
+// UUID version 6 is a field-compatible version of UUIDv1, reordered for improved DB locality.
+// It is expected that UUIDv6 will primarily be used in contexts where there are existing v1 UUIDs.
+// Systems that do not involve legacy UUIDv1 SHOULD consider using UUIDv7 instead.
+//
+// see https://datatracker.ietf.org/doc/html/draft-peabody-dispatch-new-uuid-format-03#uuidv6
+//
+// NewV6 returns a Version 6 UUID based on the current NodeID and clock
+// sequence, and the current time. If the NodeID has not been set by SetNodeID
+// or SetNodeInterface then it will be set automatically. If the NodeID cannot
+// be set NewV6 set NodeID is random bits automatically . If clock sequence has not been set by
+// SetClockSequence then it will be set automatically. If GetTime fails to
+// return the current NewV6 returns Nil and an error.
+func NewV6() (UUID, error) {
+ var uuid UUID
+ now, seq, err := GetTime()
+ if err != nil {
+ return uuid, err
+ }
+
+ /*
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | time_high |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | time_mid | time_low_and_version |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |clk_seq_hi_res | clk_seq_low | node (0-1) |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | node (2-5) |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+
+ binary.BigEndian.PutUint64(uuid[0:], uint64(now))
+ binary.BigEndian.PutUint16(uuid[8:], seq)
+
+ uuid[6] = 0x60 | (uuid[6] & 0x0F)
+ uuid[8] = 0x80 | (uuid[8] & 0x3F)
+
+ nodeMu.Lock()
+ if nodeID == zeroID {
+ setNodeInterface("")
+ }
+ copy(uuid[10:], nodeID[:])
+ nodeMu.Unlock()
+
+ return uuid, nil
+}
diff --git a/vendor/github.com/google/uuid/version7.go b/vendor/github.com/google/uuid/version7.go
new file mode 100644
index 0000000000..3167b643d4
--- /dev/null
+++ b/vendor/github.com/google/uuid/version7.go
@@ -0,0 +1,104 @@
+// Copyright 2023 Google Inc. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package uuid
+
+import (
+ "io"
+)
+
+// UUID version 7 features a time-ordered value field derived from the widely
+// implemented and well known Unix Epoch timestamp source,
+// the number of milliseconds seconds since midnight 1 Jan 1970 UTC, leap seconds excluded.
+// As well as improved entropy characteristics over versions 1 or 6.
+//
+// see https://datatracker.ietf.org/doc/html/draft-peabody-dispatch-new-uuid-format-03#name-uuid-version-7
+//
+// Implementations SHOULD utilize UUID version 7 over UUID version 1 and 6 if possible.
+//
+// NewV7 returns a Version 7 UUID based on the current time(Unix Epoch).
+// Uses the randomness pool if it was enabled with EnableRandPool.
+// On error, NewV7 returns Nil and an error
+func NewV7() (UUID, error) {
+ uuid, err := NewRandom()
+ if err != nil {
+ return uuid, err
+ }
+ makeV7(uuid[:])
+ return uuid, nil
+}
+
+// NewV7FromReader returns a Version 7 UUID based on the current time(Unix Epoch).
+// it use NewRandomFromReader fill random bits.
+// On error, NewV7FromReader returns Nil and an error.
+func NewV7FromReader(r io.Reader) (UUID, error) {
+ uuid, err := NewRandomFromReader(r)
+ if err != nil {
+ return uuid, err
+ }
+
+ makeV7(uuid[:])
+ return uuid, nil
+}
+
+// makeV7 fill 48 bits time (uuid[0] - uuid[5]), set version b0111 (uuid[6])
+// uuid[8] already has the right version number (Variant is 10)
+// see function NewV7 and NewV7FromReader
+func makeV7(uuid []byte) {
+ /*
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | unix_ts_ms |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | unix_ts_ms | ver | rand_a (12 bit seq) |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |var| rand_b |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | rand_b |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+ _ = uuid[15] // bounds check
+
+ t, s := getV7Time()
+
+ uuid[0] = byte(t >> 40)
+ uuid[1] = byte(t >> 32)
+ uuid[2] = byte(t >> 24)
+ uuid[3] = byte(t >> 16)
+ uuid[4] = byte(t >> 8)
+ uuid[5] = byte(t)
+
+ uuid[6] = 0x70 | (0x0F & byte(s>>8))
+ uuid[7] = byte(s)
+}
+
+// lastV7time is the last time we returned stored as:
+//
+// 52 bits of time in milliseconds since epoch
+// 12 bits of (fractional nanoseconds) >> 8
+var lastV7time int64
+
+const nanoPerMilli = 1000000
+
+// getV7Time returns the time in milliseconds and nanoseconds / 256.
+// The returned (milli << 12 + seq) is guarenteed to be greater than
+// (milli << 12 + seq) returned by any previous call to getV7Time.
+func getV7Time() (milli, seq int64) {
+ timeMu.Lock()
+ defer timeMu.Unlock()
+
+ nano := timeNow().UnixNano()
+ milli = nano / nanoPerMilli
+ // Sequence number is between 0 and 3906 (nanoPerMilli>>8)
+ seq = (nano - milli*nanoPerMilli) >> 8
+ now := milli<<12 + seq
+ if now <= lastV7time {
+ now = lastV7time + 1
+ milli = now >> 12
+ seq = now & 0xfff
+ }
+ lastV7time = now
+ return milli, seq
+}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/LICENSE.txt b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/LICENSE
similarity index 100%
rename from vendor/github.com/grpc-ecosystem/grpc-gateway/v2/LICENSE.txt
rename to vendor/github.com/grpc-ecosystem/grpc-gateway/v2/LICENSE
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/internal/httprule/BUILD.bazel b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/internal/httprule/BUILD.bazel
index f694f3c0d0..b8fbb2b77c 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/internal/httprule/BUILD.bazel
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/internal/httprule/BUILD.bazel
@@ -24,7 +24,7 @@ go_test(
embed = [":httprule"],
deps = [
"//utilities",
- "@com_github_golang_glog//:glog",
+ "@org_golang_google_grpc//grpclog",
],
)
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/BUILD.bazel b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/BUILD.bazel
index a8789f1702..78d7c9f5c8 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/BUILD.bazel
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/BUILD.bazel
@@ -26,7 +26,7 @@ go_library(
deps = [
"//internal/httprule",
"//utilities",
- "@go_googleapis//google/api:httpbody_go_proto",
+ "@org_golang_google_genproto_googleapis_api//httpbody",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//grpclog",
"@org_golang_google_grpc//health/grpc_health_v1",
@@ -70,9 +70,9 @@ go_test(
"//utilities",
"@com_github_google_go_cmp//cmp",
"@com_github_google_go_cmp//cmp/cmpopts",
- "@go_googleapis//google/api:httpbody_go_proto",
- "@go_googleapis//google/rpc:errdetails_go_proto",
- "@go_googleapis//google/rpc:status_go_proto",
+ "@org_golang_google_genproto_googleapis_api//httpbody",
+ "@org_golang_google_genproto_googleapis_rpc//errdetails",
+ "@org_golang_google_genproto_googleapis_rpc//status",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//health/grpc_health_v1",
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go
index d2bcbb7d2a..230cac7b86 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/errors.go
@@ -137,7 +137,7 @@ func DefaultHTTPErrorHandler(ctx context.Context, mux *ServeMux, marshaler Marsh
doForwardTrailers := requestAcceptsTrailers(r)
if doForwardTrailers {
- handleForwardResponseTrailerHeader(w, md)
+ handleForwardResponseTrailerHeader(w, mux, md)
w.Header().Set("Transfer-Encoding", "chunked")
}
@@ -152,7 +152,7 @@ func DefaultHTTPErrorHandler(ctx context.Context, mux *ServeMux, marshaler Marsh
}
if doForwardTrailers {
- handleForwardResponseTrailer(w, md)
+ handleForwardResponseTrailer(w, mux, md)
}
}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/fieldmask.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/fieldmask.go
index a03dd166bd..19d9d37fff 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/fieldmask.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/fieldmask.go
@@ -27,7 +27,7 @@ func FieldMaskFromRequestBody(r io.Reader, msg proto.Message) (*field_mask.Field
var root interface{}
if err := json.NewDecoder(r).Decode(&root); err != nil {
- if err == io.EOF {
+ if errors.Is(err, io.EOF) {
return fm, nil
}
return nil, err
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go
index 945f3a5ebf..5e14cf8b0e 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/handler.go
@@ -2,7 +2,7 @@ package runtime
import (
"context"
- "fmt"
+ "errors"
"io"
"net/http"
"net/textproto"
@@ -48,7 +48,7 @@ func ForwardResponseStream(ctx context.Context, mux *ServeMux, marshaler Marshal
var wroteHeader bool
for {
resp, err := recv()
- if err == io.EOF {
+ if errors.Is(err, io.EOF) {
return
}
if err != nil {
@@ -108,18 +108,20 @@ func handleForwardResponseServerMetadata(w http.ResponseWriter, mux *ServeMux, m
}
}
-func handleForwardResponseTrailerHeader(w http.ResponseWriter, md ServerMetadata) {
+func handleForwardResponseTrailerHeader(w http.ResponseWriter, mux *ServeMux, md ServerMetadata) {
for k := range md.TrailerMD {
- tKey := textproto.CanonicalMIMEHeaderKey(fmt.Sprintf("%s%s", MetadataTrailerPrefix, k))
- w.Header().Add("Trailer", tKey)
+ if h, ok := mux.outgoingTrailerMatcher(k); ok {
+ w.Header().Add("Trailer", textproto.CanonicalMIMEHeaderKey(h))
+ }
}
}
-func handleForwardResponseTrailer(w http.ResponseWriter, md ServerMetadata) {
+func handleForwardResponseTrailer(w http.ResponseWriter, mux *ServeMux, md ServerMetadata) {
for k, vs := range md.TrailerMD {
- tKey := fmt.Sprintf("%s%s", MetadataTrailerPrefix, k)
- for _, v := range vs {
- w.Header().Add(tKey, v)
+ if h, ok := mux.outgoingTrailerMatcher(k); ok {
+ for _, v := range vs {
+ w.Header().Add(h, v)
+ }
}
}
}
@@ -147,12 +149,10 @@ func ForwardResponseMessage(ctx context.Context, mux *ServeMux, marshaler Marsha
doForwardTrailers := requestAcceptsTrailers(req)
if doForwardTrailers {
- handleForwardResponseTrailerHeader(w, md)
+ handleForwardResponseTrailerHeader(w, mux, md)
w.Header().Set("Transfer-Encoding", "chunked")
}
- handleForwardResponseTrailerHeader(w, md)
-
contentType := marshaler.ContentType(resp)
w.Header().Set("Content-Type", contentType)
@@ -178,7 +178,7 @@ func ForwardResponseMessage(ctx context.Context, mux *ServeMux, marshaler Marsha
}
if doForwardTrailers {
- handleForwardResponseTrailer(w, md)
+ handleForwardResponseTrailer(w, mux, md)
}
}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/marshal_httpbodyproto.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/marshal_httpbodyproto.go
index b86135c889..6de2e220c7 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/marshal_httpbodyproto.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/marshal_httpbodyproto.go
@@ -26,7 +26,7 @@ func (h *HTTPBodyMarshaler) ContentType(v interface{}) string {
// google.api.HttpBody message, otherwise it falls back to the default Marshaler.
func (h *HTTPBodyMarshaler) Marshal(v interface{}) ([]byte, error) {
if httpBody, ok := v.(*httpbody.HttpBody); ok {
- return httpBody.Data, nil
+ return httpBody.GetData(), nil
}
return h.Marshaler.Marshal(v)
}
diff --git a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/mux.go b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/mux.go
index f451cb441f..628e1fde1c 100644
--- a/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/mux.go
+++ b/vendor/github.com/grpc-ecosystem/grpc-gateway/v2/runtime/mux.go
@@ -57,6 +57,7 @@ type ServeMux struct {
marshalers marshalerRegistry
incomingHeaderMatcher HeaderMatcherFunc
outgoingHeaderMatcher HeaderMatcherFunc
+ outgoingTrailerMatcher HeaderMatcherFunc
metadataAnnotators []func(context.Context, *http.Request) metadata.MD
errorHandler ErrorHandlerFunc
streamErrorHandler StreamErrorHandlerFunc
@@ -114,10 +115,18 @@ func DefaultHeaderMatcher(key string) (string, bool) {
return "", false
}
+func defaultOutgoingHeaderMatcher(key string) (string, bool) {
+ return fmt.Sprintf("%s%s", MetadataHeaderPrefix, key), true
+}
+
+func defaultOutgoingTrailerMatcher(key string) (string, bool) {
+ return fmt.Sprintf("%s%s", MetadataTrailerPrefix, key), true
+}
+
// WithIncomingHeaderMatcher returns a ServeMuxOption representing a headerMatcher for incoming request to gateway.
//
// This matcher will be called with each header in http.Request. If matcher returns true, that header will be
-// passed to gRPC context. To transform the header before passing to gRPC context, matcher should return modified header.
+// passed to gRPC context. To transform the header before passing to gRPC context, matcher should return the modified header.
func WithIncomingHeaderMatcher(fn HeaderMatcherFunc) ServeMuxOption {
for _, header := range fn.matchedMalformedHeaders() {
grpclog.Warningf("The configured forwarding filter would allow %q to be sent to the gRPC server, which will likely cause errors. See https://github.com/grpc/grpc-go/pull/4803#issuecomment-986093310 for more information.", header)
@@ -147,13 +156,24 @@ func (fn HeaderMatcherFunc) matchedMalformedHeaders() []string {
//
// This matcher will be called with each header in response header metadata. If matcher returns true, that header will be
// passed to http response returned from gateway. To transform the header before passing to response,
-// matcher should return modified header.
+// matcher should return the modified header.
func WithOutgoingHeaderMatcher(fn HeaderMatcherFunc) ServeMuxOption {
return func(mux *ServeMux) {
mux.outgoingHeaderMatcher = fn
}
}
+// WithOutgoingTrailerMatcher returns a ServeMuxOption representing a headerMatcher for outgoing response from gateway.
+//
+// This matcher will be called with each header in response trailer metadata. If matcher returns true, that header will be
+// passed to http response returned from gateway. To transform the header before passing to response,
+// matcher should return the modified header.
+func WithOutgoingTrailerMatcher(fn HeaderMatcherFunc) ServeMuxOption {
+ return func(mux *ServeMux) {
+ mux.outgoingTrailerMatcher = fn
+ }
+}
+
// WithMetadata returns a ServeMuxOption for passing metadata to a gRPC context.
//
// This can be used by services that need to read from http.Request and modify gRPC context. A common use case
@@ -273,11 +293,11 @@ func NewServeMux(opts ...ServeMuxOption) *ServeMux {
if serveMux.incomingHeaderMatcher == nil {
serveMux.incomingHeaderMatcher = DefaultHeaderMatcher
}
-
if serveMux.outgoingHeaderMatcher == nil {
- serveMux.outgoingHeaderMatcher = func(key string) (string, bool) {
- return fmt.Sprintf("%s%s", MetadataHeaderPrefix, key), true
- }
+ serveMux.outgoingHeaderMatcher = defaultOutgoingHeaderMatcher
+ }
+ if serveMux.outgoingTrailerMatcher == nil {
+ serveMux.outgoingTrailerMatcher = defaultOutgoingTrailerMatcher
}
return serveMux
diff --git a/vendor/go.opentelemetry.io/otel/.codespellignore b/vendor/go.opentelemetry.io/otel/.codespellignore
index ae6a3bcf12..120b63a9c7 100644
--- a/vendor/go.opentelemetry.io/otel/.codespellignore
+++ b/vendor/go.opentelemetry.io/otel/.codespellignore
@@ -3,3 +3,5 @@ fo
te
collison
consequentially
+ans
+nam
diff --git a/vendor/go.opentelemetry.io/otel/CHANGELOG.md b/vendor/go.opentelemetry.io/otel/CHANGELOG.md
index fe670d79cc..98f2d20438 100644
--- a/vendor/go.opentelemetry.io/otel/CHANGELOG.md
+++ b/vendor/go.opentelemetry.io/otel/CHANGELOG.md
@@ -8,6 +8,80 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
## [Unreleased]
+## [1.24.0/0.46.0/0.0.1-alpha] 2024-02-23
+
+This release is the last to support [Go 1.20].
+The next release will require at least [Go 1.21].
+
+### Added
+
+- Support [Go 1.22]. (#4890)
+- Add exemplar support to `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. (#4900)
+- Add exemplar support to `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4900)
+- The `go.opentelemetry.io/otel/log` module is added.
+ This module includes OpenTelemetry Go's implementation of the Logs Bridge API.
+ This module is in an alpha state, it is subject to breaking changes.
+ See our [versioning policy](./VERSIONING.md) for more info. (#4961)
+
+### Fixed
+
+- Fix registration of multiple callbacks when using the global meter provider from `go.opentelemetry.io/otel`. (#4945)
+- Fix negative buckets in output of exponential histograms. (#4956)
+
+## [1.23.1] 2024-02-07
+
+### Fixed
+
+- Register all callbacks passed during observable instrument creation instead of just the last one multiple times in `go.opentelemetry.io/otel/sdk/metric`. (#4888)
+
+## [1.23.0] 2024-02-06
+
+This release contains the first stable, `v1`, release of the following modules:
+
+- `go.opentelemetry.io/otel/bridge/opencensus`
+- `go.opentelemetry.io/otel/bridge/opencensus/test`
+- `go.opentelemetry.io/otel/example/opencensus`
+- `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`
+- `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`
+- `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric`
+
+See our [versioning policy](VERSIONING.md) for more information about these stability guarantees.
+
+### Added
+
+- Add `WithEndpointURL` option to the `exporters/otlp/otlpmetric/otlpmetricgrpc`, `exporters/otlp/otlpmetric/otlpmetrichttp`, `exporters/otlp/otlptrace/otlptracegrpc` and `exporters/otlp/otlptrace/otlptracehttp` packages. (#4808)
+- Experimental exemplar exporting is added to the metric SDK.
+ See [metric documentation](./sdk/metric/internal/x/README.md#exemplars) for more information about this feature and how to enable it. (#4871)
+- `ErrSchemaURLConflict` is added to `go.opentelemetry.io/otel/sdk/resource`.
+ This error is returned when a merge of two `Resource`s with different (non-empty) schema URL is attempted. (#4876)
+
+### Changed
+
+- The `Merge` and `New` functions in `go.opentelemetry.io/otel/sdk/resource` now returns a partial result if there is a schema URL merge conflict.
+ Instead of returning `nil` when two `Resource`s with different (non-empty) schema URLs are merged the merged `Resource`, along with the new `ErrSchemaURLConflict` error, is returned.
+ It is up to the user to decide if they want to use the returned `Resource` or not.
+ It may have desired attributes overwritten or include stale semantic conventions. (#4876)
+
+### Fixed
+
+- Fix `ContainerID` resource detection on systemd when cgroup path has a colon. (#4449)
+- Fix `go.opentelemetry.io/otel/sdk/metric` to cache instruments to avoid leaking memory when the same instrument is created multiple times. (#4820)
+- Fix missing `Mix` and `Max` values for `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric` by introducing `MarshalText` and `MarshalJSON` for the `Extrema` type in `go.opentelemetry.io/sdk/metric/metricdata`. (#4827)
+
+## [1.23.0-rc.1] 2024-01-18
+
+This is a release candidate for the v1.23.0 release.
+That release is expected to include the `v1` release of the following modules:
+
+- `go.opentelemetry.io/otel/bridge/opencensus`
+- `go.opentelemetry.io/otel/bridge/opencensus/test`
+- `go.opentelemetry.io/otel/example/opencensus`
+- `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`
+- `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`
+- `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric`
+
+See our [versioning policy](VERSIONING.md) for more information about these stability guarantees.
+
## [1.22.0/0.45.0] 2024-01-17
### Added
@@ -22,13 +96,13 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
The package contains semantic conventions from the `v1.24.0` version of the OpenTelemetry Semantic Conventions. (#4770)
- Add `WithResourceAsConstantLabels` option to apply resource attributes for every metric emitted by the Prometheus exporter. (#4733)
- Experimental cardinality limiting is added to the metric SDK.
- See [metric documentation](./sdk/metric/EXPERIMENTAL.md#cardinality-limit) for more information about this feature and how to enable it. (#4457)
+ See [metric documentation](./sdk/metric/internal/x/README.md#cardinality-limit) for more information about this feature and how to enable it. (#4457)
- Add `NewMemberRaw` and `NewKeyValuePropertyRaw` in `go.opentelemetry.io/otel/baggage`. (#4804)
### Changed
- Upgrade all use of `go.opentelemetry.io/otel/semconv` to use `v1.24.0`. (#4754)
-- Update transformations in `go.opentelemetry.io/otel/exporters/zipkin` to follow `v1.19.0` version of the OpenTelemetry specification. (#4754)
+- Update transformations in `go.opentelemetry.io/otel/exporters/zipkin` to follow `v1.24.0` version of the OpenTelemetry specification. (#4754)
- Record synchronous measurements when the passed context is canceled instead of dropping in `go.opentelemetry.io/otel/sdk/metric`.
If you do not want to make a measurement when the context is cancelled, you need to handle it yourself (e.g `if ctx.Err() != nil`). (#4671)
- Improve `go.opentelemetry.io/otel/trace.TraceState`'s performance. (#4722)
@@ -2775,7 +2849,11 @@ It contains api and sdk for trace and meter.
- CircleCI build CI manifest files.
- CODEOWNERS file to track owners of this project.
-[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.22.0...HEAD
+[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...HEAD
+[1.24.0/0.46.0/0.0.1-alpha]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.24.0
+[1.23.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.23.1
+[1.23.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.23.0
+[1.23.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.23.0-rc.1
[1.22.0/0.45.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.22.0
[1.21.0/0.44.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.21.0
[1.20.0/0.43.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.20.0
@@ -2850,6 +2928,8 @@ It contains api and sdk for trace and meter.
[0.1.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v0.1.1
[0.1.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v0.1.0
+[Go 1.22]: https://go.dev/doc/go1.22
+[Go 1.21]: https://go.dev/doc/go1.21
[Go 1.20]: https://go.dev/doc/go1.20
[Go 1.19]: https://go.dev/doc/go1.19
[Go 1.18]: https://go.dev/doc/go1.18
diff --git a/vendor/go.opentelemetry.io/otel/CODEOWNERS b/vendor/go.opentelemetry.io/otel/CODEOWNERS
index 623740007d..31d336d922 100644
--- a/vendor/go.opentelemetry.io/otel/CODEOWNERS
+++ b/vendor/go.opentelemetry.io/otel/CODEOWNERS
@@ -14,4 +14,4 @@
* @MrAlias @Aneurysm9 @evantorrie @XSAM @dashpole @MadVikingGod @pellared @hanyuancheung @dmathieu
-CODEOWNERS @MrAlias @MadVikingGod @pellared
\ No newline at end of file
+CODEOWNERS @MrAlias @MadVikingGod @pellared @dashpole
\ No newline at end of file
diff --git a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
index 31857a6173..c9f2bac55b 100644
--- a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
+++ b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
@@ -617,13 +617,13 @@ should be canceled.
- [Evan Torrie](https://github.com/evantorrie), Verizon Media
- [Sam Xie](https://github.com/XSAM), Cisco/AppDynamics
-- [David Ashpole](https://github.com/dashpole), Google
- [Chester Cheung](https://github.com/hanyuancheung), Tencent
- [Damien Mathieu](https://github.com/dmathieu), Elastic
- [Anthony Mirabella](https://github.com/Aneurysm9), AWS
### Maintainers
+- [David Ashpole](https://github.com/dashpole), Google
- [Aaron Clawson](https://github.com/MadVikingGod), LightStep
- [Robert Pająk](https://github.com/pellared), Splunk
- [Tyler Yahn](https://github.com/MrAlias), Splunk
diff --git a/vendor/go.opentelemetry.io/otel/Makefile b/vendor/go.opentelemetry.io/otel/Makefile
index 35fc189961..6de95219be 100644
--- a/vendor/go.opentelemetry.io/otel/Makefile
+++ b/vendor/go.opentelemetry.io/otel/Makefile
@@ -192,7 +192,7 @@ test-coverage: | $(GOCOVMERGE)
done; \
$(GOCOVMERGE) $$(find . -name coverage.out) > coverage.txt
-# Adding a directory will include all benchmarks in that direcotry if a filter is not specified.
+# Adding a directory will include all benchmarks in that directory if a filter is not specified.
BENCHMARK_TARGETS := sdk/trace
.PHONY: benchmark
benchmark: $(BENCHMARK_TARGETS:%=benchmark/%)
@@ -315,4 +315,4 @@ add-tags: | $(MULTIMOD)
.PHONY: lint-markdown
lint-markdown:
- docker run -v "$(CURDIR):$(WORKDIR)" docker://avtodev/markdown-lint:v1 -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md
+ docker run -v "$(CURDIR):$(WORKDIR)" avtodev/markdown-lint:v1 -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md
diff --git a/vendor/go.opentelemetry.io/otel/README.md b/vendor/go.opentelemetry.io/otel/README.md
index 44e1bfc9b5..7766259a5c 100644
--- a/vendor/go.opentelemetry.io/otel/README.md
+++ b/vendor/go.opentelemetry.io/otel/README.md
@@ -11,14 +11,11 @@ It provides a set of APIs to directly measure performance and behavior of your s
## Project Status
-| Signal | Status |
-|---------|------------|
-| Traces | Stable |
-| Metrics | Stable |
-| Logs | Design [1] |
-
-- [1]: Currently the logs signal development is in a design phase ([#4696](https://github.com/open-telemetry/opentelemetry-go/issues/4696)).
- No Logs Pull Requests are currently being accepted.
+| Signal | Status |
+|---------|--------------------|
+| Traces | Stable |
+| Metrics | Stable |
+| Logs | In development[^1] |
Progress and status specific to this repository is tracked in our
[project boards](https://github.com/open-telemetry/opentelemetry-go/projects)
@@ -28,6 +25,8 @@ and
Project versioning information and stability guarantees can be found in the
[versioning documentation](VERSIONING.md).
+[^1]: https://github.com/orgs/open-telemetry/projects/43
+
### Compatibility
OpenTelemetry-Go ensures compatibility with the current supported versions of
@@ -50,14 +49,19 @@ Currently, this project supports the following environments.
| OS | Go Version | Architecture |
|---------|------------|--------------|
+| Ubuntu | 1.22 | amd64 |
| Ubuntu | 1.21 | amd64 |
| Ubuntu | 1.20 | amd64 |
+| Ubuntu | 1.22 | 386 |
| Ubuntu | 1.21 | 386 |
| Ubuntu | 1.20 | 386 |
+| MacOS | 1.22 | amd64 |
| MacOS | 1.21 | amd64 |
| MacOS | 1.20 | amd64 |
+| Windows | 1.22 | amd64 |
| Windows | 1.21 | amd64 |
| Windows | 1.20 | amd64 |
+| Windows | 1.22 | 386 |
| Windows | 1.21 | 386 |
| Windows | 1.20 | 386 |
diff --git a/vendor/go.opentelemetry.io/otel/attribute/set.go b/vendor/go.opentelemetry.io/otel/attribute/set.go
index 7e6765b06b..fb6da51450 100644
--- a/vendor/go.opentelemetry.io/otel/attribute/set.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/set.go
@@ -427,7 +427,7 @@ func (l *Set) MarshalJSON() ([]byte, error) {
return json.Marshal(l.equivalent.iface)
}
-// MarshalLog is the marshaling function used by the logging system to represent this exporter.
+// MarshalLog is the marshaling function used by the logging system to represent this Set.
func (l Set) MarshalLog() interface{} {
kvs := make(map[string]string)
for _, kv := range l.ToSlice() {
diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go
index b46a38d60a..cb41c7d58f 100644
--- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go
+++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/exporter.go
@@ -104,7 +104,7 @@ func NewUnstarted(client Client) *Exporter {
}
}
-// MarshalLog is the marshaling function used by the logging system to represent this exporter.
+// MarshalLog is the marshaling function used by the logging system to represent this Exporter.
func (e *Exporter) MarshalLog() interface{} {
return struct {
Type string
diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/doc.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/doc.go
index 1f514ef9ea..a3c2690c5d 100644
--- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/doc.go
+++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/doc.go
@@ -28,7 +28,7 @@ The value may additionally a port, a scheme, and a path.
The value accepts "http" and "https" scheme.
The value should not contain a query string or fragment.
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT takes precedence over OTEL_EXPORTER_OTLP_ENDPOINT.
-The configuration can be overridden by [WithEndpoint], [WithInsecure], [WithGRPCConn] options.
+The configuration can be overridden by [WithEndpoint], [WithEndpointURL], [WithInsecure], and [WithGRPCConn] options.
OTEL_EXPORTER_OTLP_INSECURE, OTEL_EXPORTER_OTLP_TRACES_INSECURE (default: "false") -
setting "true" disables client transport security for the exporter's gRPC connection.
diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/otlpconfig/options.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/otlpconfig/options.go
index dddb1f334d..f0203cbe72 100644
--- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/otlpconfig/options.go
+++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/otlpconfig/options.go
@@ -20,6 +20,7 @@ package otlpconfig // import "go.opentelemetry.io/otel/exporters/otlp/otlptrace/
import (
"crypto/tls"
"fmt"
+ "net/url"
"path"
"strings"
"time"
@@ -32,6 +33,7 @@ import (
"go.opentelemetry.io/otel/exporters/otlp/otlptrace"
"go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/retry"
+ "go.opentelemetry.io/otel/internal/global"
)
const (
@@ -265,6 +267,24 @@ func WithEndpoint(endpoint string) GenericOption {
})
}
+func WithEndpointURL(v string) GenericOption {
+ return newGenericOption(func(cfg Config) Config {
+ u, err := url.Parse(v)
+ if err != nil {
+ global.Error(err, "otlptrace: parse endpoint url", "url", v)
+ return cfg
+ }
+
+ cfg.Traces.Endpoint = u.Host
+ cfg.Traces.URLPath = u.Path
+ if u.Scheme != "https" {
+ cfg.Traces.Insecure = true
+ }
+
+ return cfg
+ })
+}
+
func WithCompression(compression Compression) GenericOption {
return newGenericOption(func(cfg Config) Config {
cfg.Traces.Compression = compression
diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/options.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/options.go
index 17ffeaf6ef..461610c6b9 100644
--- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/options.go
+++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/options.go
@@ -64,14 +64,44 @@ func WithInsecure() Option {
return wrappedOption{otlpconfig.WithInsecure()}
}
-// WithEndpoint sets the target endpoint the exporter will connect to. If
-// unset, localhost:4317 will be used as a default.
+// WithEndpoint sets the target endpoint the Exporter will connect to.
+//
+// If the OTEL_EXPORTER_OTLP_ENDPOINT or OTEL_EXPORTER_OTLP_METRICS_ENDPOINT
+// environment variable is set, and this option is not passed, that variable
+// value will be used. If both are set, OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
+// will take precedence.
+//
+// If both this option and WithEndpointURL are used, the last used option will
+// take precedence.
+//
+// By default, if an environment variable is not set, and this option is not
+// passed, "localhost:4317" will be used.
//
// This option has no effect if WithGRPCConn is used.
func WithEndpoint(endpoint string) Option {
return wrappedOption{otlpconfig.WithEndpoint(endpoint)}
}
+// WithEndpointURL sets the target endpoint URL the Exporter will connect to.
+//
+// If the OTEL_EXPORTER_OTLP_ENDPOINT or OTEL_EXPORTER_OTLP_METRICS_ENDPOINT
+// environment variable is set, and this option is not passed, that variable
+// value will be used. If both are set, OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
+// will take precedence.
+//
+// If both this option and WithEndpoint are used, the last used option will
+// take precedence.
+//
+// If an invalid URL is provided, the default value will be kept.
+//
+// By default, if an environment variable is not set, and this option is not
+// passed, "localhost:4317" will be used.
+//
+// This option has no effect if WithGRPCConn is used.
+func WithEndpointURL(u string) Option {
+ return wrappedOption{otlpconfig.WithEndpointURL(u)}
+}
+
// WithReconnectionPeriod set the minimum amount of time between connection
// attempts to the target endpoint.
//
diff --git a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go
index 3b3bc35911..afc89644e6 100644
--- a/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go
+++ b/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/version.go
@@ -16,5 +16,5 @@ package otlptrace // import "go.opentelemetry.io/otel/exporters/otlp/otlptrace"
// Version is the current release version of the OpenTelemetry OTLP trace exporter in use.
func Version() string {
- return "1.22.0"
+ return "1.24.0"
}
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/meter.go b/vendor/go.opentelemetry.io/otel/internal/global/meter.go
index 0097db478c..7ed61c0e25 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/meter.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/meter.go
@@ -130,9 +130,11 @@ func (m *meter) setDelegate(provider metric.MeterProvider) {
inst.setDelegate(meter)
}
- for e := m.registry.Front(); e != nil; e = e.Next() {
+ var n *list.Element
+ for e := m.registry.Front(); e != nil; e = n {
r := e.Value.(*registration)
r.setDelegate(meter)
+ n = e.Next()
m.registry.Remove(e)
}
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/state.go b/vendor/go.opentelemetry.io/otel/internal/global/state.go
index 7985005bcb..386c8bfdc0 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/state.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/state.go
@@ -63,7 +63,7 @@ func SetTracerProvider(tp trace.TracerProvider) {
// to itself.
Error(
errors.New("no delegate configured in tracer provider"),
- "Setting tracer provider to it's current value. No delegate will be configured",
+ "Setting tracer provider to its current value. No delegate will be configured",
)
return
}
@@ -92,7 +92,7 @@ func SetTextMapPropagator(p propagation.TextMapPropagator) {
// delegate to itself.
Error(
errors.New("no delegate configured in text map propagator"),
- "Setting text map propagator to it's current value. No delegate will be configured",
+ "Setting text map propagator to its current value. No delegate will be configured",
)
return
}
@@ -123,7 +123,7 @@ func SetMeterProvider(mp metric.MeterProvider) {
// to itself.
Error(
errors.New("no delegate configured in meter provider"),
- "Setting meter provider to it's current value. No delegate will be configured",
+ "Setting meter provider to its current value. No delegate will be configured",
)
return
}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/resource/auto.go b/vendor/go.opentelemetry.io/otel/sdk/resource/auto.go
index 4279013be8..aed756c5e7 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/resource/auto.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/resource/auto.go
@@ -41,8 +41,20 @@ type Detector interface {
// must never be done outside of a new major release.
}
-// Detect calls all input detectors sequentially and merges each result with the previous one.
-// It returns the merged error too.
+// Detect returns a new [Resource] merged from all the Resources each of the
+// detectors produces. Each of the detectors are called sequentially, in the
+// order they are passed, merging the produced resource into the previous.
+//
+// This may return a partial Resource along with an error containing
+// [ErrPartialResource] if that error is returned from a detector. It may also
+// return a merge-conflicting Resource along with an error containing
+// [ErrSchemaURLConflict] if merging Resources from different detectors results
+// in a schema URL conflict. It is up to the caller to determine if this
+// returned Resource should be used or not.
+//
+// If one of the detectors returns an error that is not [ErrPartialResource],
+// the resource produced by the detector will not be merged and the returned
+// error will wrap that detector's error.
func Detect(ctx context.Context, detectors ...Detector) (*Resource, error) {
r := new(Resource)
return r, detect(ctx, r, detectors)
@@ -50,6 +62,10 @@ func Detect(ctx context.Context, detectors ...Detector) (*Resource, error) {
// detect runs all detectors using ctx and merges the result into res. This
// assumes res is allocated and not nil, it will panic otherwise.
+//
+// If the detectors or merging resources produces any errors (i.e.
+// [ErrPartialResource] [ErrSchemaURLConflict]), a single error wrapping all of
+// these errors will be returned. Otherwise, nil is returned.
func detect(ctx context.Context, res *Resource, detectors []Detector) error {
var (
r *Resource
@@ -78,6 +94,11 @@ func detect(ctx context.Context, res *Resource, detectors []Detector) error {
if len(errs) == 0 {
return nil
}
+ if errors.Is(errs, ErrSchemaURLConflict) {
+ // If there has been a merge conflict, ensure the resource has no
+ // schema URL.
+ res.schemaURL = ""
+ }
return errs
}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/resource/container.go b/vendor/go.opentelemetry.io/otel/sdk/resource/container.go
index c881b2895b..c1b47193fe 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/resource/container.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/resource/container.go
@@ -29,7 +29,7 @@ type containerIDProvider func() (string, error)
var (
containerID containerIDProvider = getContainerIDFromCGroup
- cgroupContainerIDRe = regexp.MustCompile(`^.*/(?:.*-)?([0-9a-f]+)(?:\.|\s*$)`)
+ cgroupContainerIDRe = regexp.MustCompile(`^.*/(?:.*[-:])?([0-9a-f]+)(?:\.|\s*$)`)
)
type cgroupContainerIDDetector struct{}
diff --git a/vendor/go.opentelemetry.io/otel/sdk/resource/resource.go b/vendor/go.opentelemetry.io/otel/sdk/resource/resource.go
index 176ff10666..cb1ee0a9ce 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/resource/resource.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/resource/resource.go
@@ -17,6 +17,7 @@ package resource // import "go.opentelemetry.io/otel/sdk/resource"
import (
"context"
"errors"
+ "fmt"
"sync"
"go.opentelemetry.io/otel"
@@ -40,9 +41,20 @@ var (
defaultResourceOnce sync.Once
)
-var errMergeConflictSchemaURL = errors.New("cannot merge resource due to conflicting Schema URL")
+// ErrSchemaURLConflict is an error returned when two Resources are merged
+// together that contain different, non-empty, schema URLs.
+var ErrSchemaURLConflict = errors.New("conflicting Schema URL")
-// New returns a Resource combined from the user-provided detectors.
+// New returns a [Resource] built using opts.
+//
+// This may return a partial Resource along with an error containing
+// [ErrPartialResource] if options that provide a [Detector] are used and that
+// error is returned from one or more of the Detectors. It may also return a
+// merge-conflict Resource along with an error containing
+// [ErrSchemaURLConflict] if merging Resources from the opts results in a
+// schema URL conflict (see [Resource.Merge] for more information). It is up to
+// the caller to determine if this returned Resource should be used or not
+// based on these errors.
func New(ctx context.Context, opts ...Option) (*Resource, error) {
cfg := config{}
for _, opt := range opts {
@@ -98,7 +110,7 @@ func (r *Resource) String() string {
return r.attrs.Encoded(attribute.DefaultEncoder())
}
-// MarshalLog is the marshaling function used by the logging system to represent this exporter.
+// MarshalLog is the marshaling function used by the logging system to represent this Resource.
func (r *Resource) MarshalLog() interface{} {
return struct {
Attributes attribute.Set
@@ -146,16 +158,29 @@ func (r *Resource) Equal(eq *Resource) bool {
return r.Equivalent() == eq.Equivalent()
}
-// Merge creates a new resource by combining resource a and b.
+// Merge creates a new [Resource] by merging a and b.
+//
+// If there are common keys between a and b, then the value from b will
+// overwrite the value from a, even if b's value is empty.
//
-// If there are common keys between resource a and b, then the value
-// from resource b will overwrite the value from resource a, even
-// if resource b's value is empty.
+// The SchemaURL of the resources will be merged according to the
+// [OpenTelemetry specification rules]:
//
-// The SchemaURL of the resources will be merged according to the spec rules:
-// https://github.com/open-telemetry/opentelemetry-specification/blob/v1.20.0/specification/resource/sdk.md#merge
-// If the resources have different non-empty schemaURL an empty resource and an error
-// will be returned.
+// - If a's schema URL is empty then the returned Resource's schema URL will
+// be set to the schema URL of b,
+// - Else if b's schema URL is empty then the returned Resource's schema URL
+// will be set to the schema URL of a,
+// - Else if the schema URLs of a and b are the same then that will be the
+// schema URL of the returned Resource,
+// - Else this is a merging error. If the resources have different,
+// non-empty, schema URLs an error containing [ErrSchemaURLConflict] will
+// be returned with the merged Resource. The merged Resource will have an
+// empty schema URL. It may be the case that some unintended attributes
+// have been overwritten or old semantic conventions persisted in the
+// returned Resource. It is up to the caller to determine if this returned
+// Resource should be used or not.
+//
+// [OpenTelemetry specification rules]: https://github.com/open-telemetry/opentelemetry-specification/blob/v1.20.0/specification/resource/sdk.md#merge
func Merge(a, b *Resource) (*Resource, error) {
if a == nil && b == nil {
return Empty(), nil
@@ -167,19 +192,6 @@ func Merge(a, b *Resource) (*Resource, error) {
return a, nil
}
- // Merge the schema URL.
- var schemaURL string
- switch true {
- case a.schemaURL == "":
- schemaURL = b.schemaURL
- case b.schemaURL == "":
- schemaURL = a.schemaURL
- case a.schemaURL == b.schemaURL:
- schemaURL = a.schemaURL
- default:
- return Empty(), errMergeConflictSchemaURL
- }
-
// Note: 'b' attributes will overwrite 'a' with last-value-wins in attribute.Key()
// Meaning this is equivalent to: append(a.Attributes(), b.Attributes()...)
mi := attribute.NewMergeIterator(b.Set(), a.Set())
@@ -187,8 +199,23 @@ func Merge(a, b *Resource) (*Resource, error) {
for mi.Next() {
combine = append(combine, mi.Attribute())
}
- merged := NewWithAttributes(schemaURL, combine...)
- return merged, nil
+
+ switch {
+ case a.schemaURL == "":
+ return NewWithAttributes(b.schemaURL, combine...), nil
+ case b.schemaURL == "":
+ return NewWithAttributes(a.schemaURL, combine...), nil
+ case a.schemaURL == b.schemaURL:
+ return NewWithAttributes(a.schemaURL, combine...), nil
+ }
+ // Return the merged resource with an appropriate error. It is up to
+ // the user to decide if the returned resource can be used or not.
+ return NewSchemaless(combine...), fmt.Errorf(
+ "%w: %s and %s",
+ ErrSchemaURLConflict,
+ a.schemaURL,
+ b.schemaURL,
+ )
}
// Empty returns an instance of Resource with no attributes. It is
diff --git a/vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go b/vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go
index c9c7effbf3..fca26f2e70 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go
@@ -406,7 +406,7 @@ func (bsp *batchSpanProcessor) enqueueDrop(ctx context.Context, sd ReadOnlySpan)
return false
}
-// MarshalLog is the marshaling function used by the logging system to represent this exporter.
+// MarshalLog is the marshaling function used by the logging system to represent this Span Processor.
func (bsp *batchSpanProcessor) MarshalLog() interface{} {
return struct {
Type string
diff --git a/vendor/go.opentelemetry.io/otel/sdk/trace/provider.go b/vendor/go.opentelemetry.io/otel/sdk/trace/provider.go
index 7d46c4b48e..b1ac608464 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/trace/provider.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/trace/provider.go
@@ -55,7 +55,7 @@ type tracerProviderConfig struct {
resource *resource.Resource
}
-// MarshalLog is the marshaling function used by the logging system to represent this exporter.
+// MarshalLog is the marshaling function used by the logging system to represent this Provider.
func (cfg tracerProviderConfig) MarshalLog() interface{} {
return struct {
SpanProcessors []SpanProcessor
diff --git a/vendor/go.opentelemetry.io/otel/sdk/version.go b/vendor/go.opentelemetry.io/otel/sdk/version.go
index 17b16cc796..42de0b9a7c 100644
--- a/vendor/go.opentelemetry.io/otel/sdk/version.go
+++ b/vendor/go.opentelemetry.io/otel/sdk/version.go
@@ -16,5 +16,5 @@ package sdk // import "go.opentelemetry.io/otel/sdk"
// Version is the current release version of the OpenTelemetry SDK in use.
func Version() string {
- return "1.22.0"
+ return "1.24.0"
}
diff --git a/vendor/go.opentelemetry.io/otel/version.go b/vendor/go.opentelemetry.io/otel/version.go
index c7aba1c3f4..7b2993a1fe 100644
--- a/vendor/go.opentelemetry.io/otel/version.go
+++ b/vendor/go.opentelemetry.io/otel/version.go
@@ -16,5 +16,5 @@ package otel // import "go.opentelemetry.io/otel"
// Version is the current release version of OpenTelemetry in use.
func Version() string {
- return "1.22.0"
+ return "1.24.0"
}
diff --git a/vendor/go.opentelemetry.io/otel/versions.yaml b/vendor/go.opentelemetry.io/otel/versions.yaml
index a9cfb80ae5..1b556e6782 100644
--- a/vendor/go.opentelemetry.io/otel/versions.yaml
+++ b/vendor/go.opentelemetry.io/otel/versions.yaml
@@ -14,19 +14,25 @@
module-sets:
stable-v1:
- version: v1.22.0
+ version: v1.24.0
modules:
- go.opentelemetry.io/otel
+ - go.opentelemetry.io/otel/bridge/opencensus
+ - go.opentelemetry.io/otel/bridge/opencensus/test
- go.opentelemetry.io/otel/bridge/opentracing
- go.opentelemetry.io/otel/bridge/opentracing/test
- go.opentelemetry.io/otel/example/dice
- go.opentelemetry.io/otel/example/namedtracer
+ - go.opentelemetry.io/otel/example/opencensus
- go.opentelemetry.io/otel/example/otel-collector
- go.opentelemetry.io/otel/example/passthrough
- go.opentelemetry.io/otel/example/zipkin
+ - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
+ - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
- go.opentelemetry.io/otel/exporters/otlp/otlptrace
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
+ - go.opentelemetry.io/otel/exporters/stdout/stdoutmetric
- go.opentelemetry.io/otel/exporters/stdout/stdouttrace
- go.opentelemetry.io/otel/exporters/zipkin
- go.opentelemetry.io/otel/metric
@@ -34,16 +40,14 @@ module-sets:
- go.opentelemetry.io/otel/sdk/metric
- go.opentelemetry.io/otel/trace
experimental-metrics:
- version: v0.45.0
+ version: v0.46.0
modules:
- - go.opentelemetry.io/otel/bridge/opencensus
- - go.opentelemetry.io/otel/bridge/opencensus/test
- - go.opentelemetry.io/otel/example/opencensus
- go.opentelemetry.io/otel/example/prometheus
- - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
- - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
- go.opentelemetry.io/otel/exporters/prometheus
- - go.opentelemetry.io/otel/exporters/stdout/stdoutmetric
+ experimental-logs:
+ version: v0.0.1-alpha
+ modules:
+ - go.opentelemetry.io/otel/log
experimental-schema:
version: v0.0.7
modules:
diff --git a/vendor/go.opentelemetry.io/proto/otlp/trace/v1/trace.pb.go b/vendor/go.opentelemetry.io/proto/otlp/trace/v1/trace.pb.go
index 51a499816a..7109088370 100644
--- a/vendor/go.opentelemetry.io/proto/otlp/trace/v1/trace.pb.go
+++ b/vendor/go.opentelemetry.io/proto/otlp/trace/v1/trace.pb.go
@@ -36,6 +36,69 @@ const (
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
)
+// SpanFlags represents constants used to interpret the
+// Span.flags field, which is protobuf 'fixed32' type and is to
+// be used as bit-fields. Each non-zero value defined in this enum is
+// a bit-mask. To extract the bit-field, for example, use an
+// expression like:
+//
+// (span.flags & SPAN_FLAGS_TRACE_FLAGS_MASK)
+//
+// See https://www.w3.org/TR/trace-context-2/#trace-flags for the flag definitions.
+//
+// Note that Span flags were introduced in version 1.1 of the
+// OpenTelemetry protocol. Older Span producers do not set this
+// field, consequently consumers should not rely on the absence of a
+// particular flag bit to indicate the presence of a particular feature.
+type SpanFlags int32
+
+const (
+ // The zero value for the enum. Should not be used for comparisons.
+ // Instead use bitwise "and" with the appropriate mask as shown above.
+ SpanFlags_SPAN_FLAGS_DO_NOT_USE SpanFlags = 0
+ // Bits 0-7 are used for trace flags.
+ SpanFlags_SPAN_FLAGS_TRACE_FLAGS_MASK SpanFlags = 255
+)
+
+// Enum value maps for SpanFlags.
+var (
+ SpanFlags_name = map[int32]string{
+ 0: "SPAN_FLAGS_DO_NOT_USE",
+ 255: "SPAN_FLAGS_TRACE_FLAGS_MASK",
+ }
+ SpanFlags_value = map[string]int32{
+ "SPAN_FLAGS_DO_NOT_USE": 0,
+ "SPAN_FLAGS_TRACE_FLAGS_MASK": 255,
+ }
+)
+
+func (x SpanFlags) Enum() *SpanFlags {
+ p := new(SpanFlags)
+ *p = x
+ return p
+}
+
+func (x SpanFlags) String() string {
+ return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (SpanFlags) Descriptor() protoreflect.EnumDescriptor {
+ return file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[0].Descriptor()
+}
+
+func (SpanFlags) Type() protoreflect.EnumType {
+ return &file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[0]
+}
+
+func (x SpanFlags) Number() protoreflect.EnumNumber {
+ return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use SpanFlags.Descriptor instead.
+func (SpanFlags) EnumDescriptor() ([]byte, []int) {
+ return file_opentelemetry_proto_trace_v1_trace_proto_rawDescGZIP(), []int{0}
+}
+
// SpanKind is the type of span. Can be used to specify additional relationships between spans
// in addition to a parent/child relationship.
type Span_SpanKind int32
@@ -94,11 +157,11 @@ func (x Span_SpanKind) String() string {
}
func (Span_SpanKind) Descriptor() protoreflect.EnumDescriptor {
- return file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[0].Descriptor()
+ return file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[1].Descriptor()
}
func (Span_SpanKind) Type() protoreflect.EnumType {
- return &file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[0]
+ return &file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[1]
}
func (x Span_SpanKind) Number() protoreflect.EnumNumber {
@@ -149,11 +212,11 @@ func (x Status_StatusCode) String() string {
}
func (Status_StatusCode) Descriptor() protoreflect.EnumDescriptor {
- return file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[1].Descriptor()
+ return file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[2].Descriptor()
}
func (Status_StatusCode) Type() protoreflect.EnumType {
- return &file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[1]
+ return &file_opentelemetry_proto_trace_v1_trace_proto_enumTypes[2]
}
func (x Status_StatusCode) Number() protoreflect.EnumNumber {
@@ -238,6 +301,9 @@ type ResourceSpans struct {
Resource *v1.Resource `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"`
// A list of ScopeSpans that originate from a resource.
ScopeSpans []*ScopeSpans `protobuf:"bytes,2,rep,name=scope_spans,json=scopeSpans,proto3" json:"scope_spans,omitempty"`
+ // The Schema URL, if known. This is the identifier of the Schema that the resource data
+ // is recorded in. To learn more about Schema URL see
+ // https://opentelemetry.io/docs/specs/otel/schemas/#schema-url
// This schema_url applies to the data in the "resource" field. It does not apply
// to the data in the "scope_spans" field which have their own schema_url field.
SchemaUrl string `protobuf:"bytes,3,opt,name=schema_url,json=schemaUrl,proto3" json:"schema_url,omitempty"`
@@ -308,6 +374,9 @@ type ScopeSpans struct {
Scope *v11.InstrumentationScope `protobuf:"bytes,1,opt,name=scope,proto3" json:"scope,omitempty"`
// A list of Spans that originate from an instrumentation scope.
Spans []*Span `protobuf:"bytes,2,rep,name=spans,proto3" json:"spans,omitempty"`
+ // The Schema URL, if known. This is the identifier of the Schema that the span data
+ // is recorded in. To learn more about Schema URL see
+ // https://opentelemetry.io/docs/specs/otel/schemas/#schema-url
// This schema_url applies to all spans and span events in the "spans" field.
SchemaUrl string `protobuf:"bytes,3,opt,name=schema_url,json=schemaUrl,proto3" json:"schema_url,omitempty"`
}
@@ -394,6 +463,21 @@ type Span struct {
// The `span_id` of this span's parent span. If this is a root span, then this
// field must be empty. The ID is an 8-byte array.
ParentSpanId []byte `protobuf:"bytes,4,opt,name=parent_span_id,json=parentSpanId,proto3" json:"parent_span_id,omitempty"`
+ // Flags, a bit field. 8 least significant bits are the trace
+ // flags as defined in W3C Trace Context specification. Readers
+ // MUST not assume that 24 most significant bits will be zero.
+ // To read the 8-bit W3C trace flag, use `flags & SPAN_FLAGS_TRACE_FLAGS_MASK`.
+ //
+ // When creating span messages, if the message is logically forwarded from another source
+ // with an equivalent flags fields (i.e., usually another OTLP span message), the field SHOULD
+ // be copied as-is. If creating from a source that does not have an equivalent flags field
+ // (such as a runtime representation of an OpenTelemetry span), the high 24 bits MUST
+ // be set to zero.
+ //
+ // [Optional].
+ //
+ // See https://www.w3.org/TR/trace-context-2/#trace-flags for the flag definitions.
+ Flags uint32 `protobuf:"fixed32,16,opt,name=flags,proto3" json:"flags,omitempty"`
// A description of the span's operation.
//
// For example, the name can be a qualified method name or a file name
@@ -517,6 +601,13 @@ func (x *Span) GetParentSpanId() []byte {
return nil
}
+func (x *Span) GetFlags() uint32 {
+ if x != nil {
+ return x.Flags
+ }
+ return 0
+}
+
func (x *Span) GetName() string {
if x != nil {
return x.Name
@@ -757,6 +848,15 @@ type Span_Link struct {
// dropped_attributes_count is the number of dropped attributes. If the value is 0,
// then no attributes were dropped.
DroppedAttributesCount uint32 `protobuf:"varint,5,opt,name=dropped_attributes_count,json=droppedAttributesCount,proto3" json:"dropped_attributes_count,omitempty"`
+ // Flags, a bit field. 8 least significant bits are the trace
+ // flags as defined in W3C Trace Context specification. Readers
+ // MUST not assume that 24 most significant bits will be zero.
+ // When creating new spans, the most-significant 24-bits MUST be
+ // zero. To read the 8-bit W3C trace flag (use flags &
+ // SPAN_FLAGS_TRACE_FLAGS_MASK). [Optional].
+ //
+ // See https://www.w3.org/TR/trace-context-2/#trace-flags for the flag definitions.
+ Flags uint32 `protobuf:"fixed32,6,opt,name=flags,proto3" json:"flags,omitempty"`
}
func (x *Span_Link) Reset() {
@@ -826,6 +926,13 @@ func (x *Span_Link) GetDroppedAttributesCount() uint32 {
return 0
}
+func (x *Span_Link) GetFlags() uint32 {
+ if x != nil {
+ return x.Flags
+ }
+ return 0
+}
+
var File_opentelemetry_proto_trace_v1_trace_proto protoreflect.FileDescriptor
var file_opentelemetry_proto_trace_v1_trace_proto_rawDesc = []byte{
@@ -869,7 +976,7 @@ var file_opentelemetry_proto_trace_v1_trace_proto_rawDesc = []byte{
0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x52, 0x05,
0x73, 0x70, 0x61, 0x6e, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x5f,
0x75, 0x72, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x63, 0x68, 0x65, 0x6d,
- 0x61, 0x55, 0x72, 0x6c, 0x22, 0x9c, 0x0a, 0x0a, 0x04, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x19, 0x0a,
+ 0x61, 0x55, 0x72, 0x6c, 0x22, 0xc8, 0x0a, 0x0a, 0x04, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x19, 0x0a,
0x08, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52,
0x07, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x64, 0x12, 0x17, 0x0a, 0x07, 0x73, 0x70, 0x61, 0x6e,
0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x73, 0x70, 0x61, 0x6e, 0x49,
@@ -877,101 +984,108 @@ var file_opentelemetry_proto_trace_v1_trace_proto_rawDesc = []byte{
0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x74, 0x72, 0x61, 0x63, 0x65, 0x53, 0x74, 0x61,
0x74, 0x65, 0x12, 0x24, 0x0a, 0x0e, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x70, 0x61,
0x6e, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x70, 0x61, 0x72, 0x65,
- 0x6e, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
- 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x04,
- 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2b, 0x2e, 0x6f, 0x70, 0x65,
- 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
- 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x53,
- 0x70, 0x61, 0x6e, 0x4b, 0x69, 0x6e, 0x64, 0x52, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x12, 0x2f, 0x0a,
- 0x14, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x75, 0x6e, 0x69, 0x78,
- 0x5f, 0x6e, 0x61, 0x6e, 0x6f, 0x18, 0x07, 0x20, 0x01, 0x28, 0x06, 0x52, 0x11, 0x73, 0x74, 0x61,
- 0x72, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x55, 0x6e, 0x69, 0x78, 0x4e, 0x61, 0x6e, 0x6f, 0x12, 0x2b,
- 0x0a, 0x12, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x75, 0x6e, 0x69, 0x78, 0x5f,
- 0x6e, 0x61, 0x6e, 0x6f, 0x18, 0x08, 0x20, 0x01, 0x28, 0x06, 0x52, 0x0f, 0x65, 0x6e, 0x64, 0x54,
- 0x69, 0x6d, 0x65, 0x55, 0x6e, 0x69, 0x78, 0x4e, 0x61, 0x6e, 0x6f, 0x12, 0x47, 0x0a, 0x0a, 0x61,
- 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32,
- 0x27, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e,
- 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e,
- 0x4b, 0x65, 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62,
- 0x75, 0x74, 0x65, 0x73, 0x12, 0x38, 0x0a, 0x18, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f,
- 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74,
- 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x41,
- 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x40,
- 0x0a, 0x06, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28,
- 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70,
- 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x70,
- 0x61, 0x6e, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x52, 0x06, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x73,
- 0x12, 0x30, 0x0a, 0x14, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x65, 0x76, 0x65, 0x6e,
- 0x74, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x12,
- 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x43, 0x6f, 0x75,
- 0x6e, 0x74, 0x12, 0x3d, 0x0a, 0x05, 0x6c, 0x69, 0x6e, 0x6b, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28,
- 0x0b, 0x32, 0x27, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72,
- 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31,
- 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x4c, 0x69, 0x6e, 0x6b, 0x52, 0x05, 0x6c, 0x69, 0x6e, 0x6b,
- 0x73, 0x12, 0x2e, 0x0a, 0x13, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x6c, 0x69, 0x6e,
- 0x6b, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x11,
- 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x4c, 0x69, 0x6e, 0x6b, 0x73, 0x43, 0x6f, 0x75, 0x6e,
- 0x74, 0x12, 0x3c, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x0f, 0x20, 0x01, 0x28,
- 0x0b, 0x32, 0x24, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72,
- 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31,
- 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x1a,
- 0xc4, 0x01, 0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x24, 0x0a, 0x0e, 0x74, 0x69, 0x6d,
- 0x65, 0x5f, 0x75, 0x6e, 0x69, 0x78, 0x5f, 0x6e, 0x61, 0x6e, 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28,
- 0x06, 0x52, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x55, 0x6e, 0x69, 0x78, 0x4e, 0x61, 0x6e, 0x6f, 0x12,
- 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e,
- 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65,
- 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65,
- 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f,
- 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x65, 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65,
- 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x38, 0x0a, 0x18,
- 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74,
- 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16,
- 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65,
- 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x1a, 0xde, 0x01, 0x0a, 0x04, 0x4c, 0x69, 0x6e, 0x6b, 0x12,
- 0x19, 0x0a, 0x08, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
- 0x0c, 0x52, 0x07, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x64, 0x12, 0x17, 0x0a, 0x07, 0x73, 0x70,
- 0x61, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x06, 0x73, 0x70, 0x61,
- 0x6e, 0x49, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x73, 0x74, 0x61,
- 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x74, 0x72, 0x61, 0x63, 0x65, 0x53,
- 0x74, 0x61, 0x74, 0x65, 0x12, 0x47, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74,
- 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74,
- 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63,
- 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x65, 0x79, 0x56, 0x61, 0x6c, 0x75,
- 0x65, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x38, 0x0a,
- 0x18, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75,
- 0x74, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0d, 0x52,
- 0x16, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74,
- 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0x99, 0x01, 0x0a, 0x08, 0x53, 0x70, 0x61, 0x6e,
- 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x19, 0x0a, 0x15, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e,
- 0x44, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12,
- 0x16, 0x0a, 0x12, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x49, 0x4e, 0x54,
- 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x14, 0x0a, 0x10, 0x53, 0x50, 0x41, 0x4e, 0x5f,
- 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x53, 0x45, 0x52, 0x56, 0x45, 0x52, 0x10, 0x02, 0x12, 0x14, 0x0a,
- 0x10, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x43, 0x4c, 0x49, 0x45, 0x4e,
- 0x54, 0x10, 0x03, 0x12, 0x16, 0x0a, 0x12, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44,
- 0x5f, 0x50, 0x52, 0x4f, 0x44, 0x55, 0x43, 0x45, 0x52, 0x10, 0x04, 0x12, 0x16, 0x0a, 0x12, 0x53,
- 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x43, 0x4f, 0x4e, 0x53, 0x55, 0x4d, 0x45,
- 0x52, 0x10, 0x05, 0x22, 0xbd, 0x01, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x18,
- 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
- 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x43, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65,
- 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c,
- 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61,
- 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x53, 0x74, 0x61,
- 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x22, 0x4e, 0x0a,
- 0x0a, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x53,
- 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x43, 0x4f, 0x44, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x45, 0x54,
- 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x43, 0x4f, 0x44,
- 0x45, 0x5f, 0x4f, 0x4b, 0x10, 0x01, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53,
- 0x5f, 0x43, 0x4f, 0x44, 0x45, 0x5f, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x02, 0x4a, 0x04, 0x08,
- 0x01, 0x10, 0x02, 0x42, 0x77, 0x0a, 0x1f, 0x69, 0x6f, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65,
+ 0x6e, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x66, 0x6c, 0x61, 0x67,
+ 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x07, 0x52, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x12, 0x12,
+ 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61,
+ 0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x04, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e,
+ 0x32, 0x2b, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79,
+ 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e,
+ 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x4b, 0x69, 0x6e, 0x64, 0x52, 0x04, 0x6b,
+ 0x69, 0x6e, 0x64, 0x12, 0x2f, 0x0a, 0x14, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x74, 0x69, 0x6d,
+ 0x65, 0x5f, 0x75, 0x6e, 0x69, 0x78, 0x5f, 0x6e, 0x61, 0x6e, 0x6f, 0x18, 0x07, 0x20, 0x01, 0x28,
+ 0x06, 0x52, 0x11, 0x73, 0x74, 0x61, 0x72, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x55, 0x6e, 0x69, 0x78,
+ 0x4e, 0x61, 0x6e, 0x6f, 0x12, 0x2b, 0x0a, 0x12, 0x65, 0x6e, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+ 0x5f, 0x75, 0x6e, 0x69, 0x78, 0x5f, 0x6e, 0x61, 0x6e, 0x6f, 0x18, 0x08, 0x20, 0x01, 0x28, 0x06,
+ 0x52, 0x0f, 0x65, 0x6e, 0x64, 0x54, 0x69, 0x6d, 0x65, 0x55, 0x6e, 0x69, 0x78, 0x4e, 0x61, 0x6e,
+ 0x6f, 0x12, 0x47, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18,
+ 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65,
+ 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d,
+ 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x65, 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a,
+ 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x38, 0x0a, 0x18, 0x64, 0x72,
+ 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73,
+ 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, 0x64, 0x72,
+ 0x6f, 0x70, 0x70, 0x65, 0x64, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x43,
+ 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x40, 0x0a, 0x06, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x0b,
+ 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d,
+ 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65,
+ 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x52, 0x06,
+ 0x65, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x30, 0x0a, 0x14, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65,
+ 0x64, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0c,
+ 0x20, 0x01, 0x28, 0x0d, 0x52, 0x12, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x45, 0x76, 0x65,
+ 0x6e, 0x74, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x3d, 0x0a, 0x05, 0x6c, 0x69, 0x6e, 0x6b,
+ 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65,
+ 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72,
+ 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x4c, 0x69, 0x6e, 0x6b,
+ 0x52, 0x05, 0x6c, 0x69, 0x6e, 0x6b, 0x73, 0x12, 0x2e, 0x0a, 0x13, 0x64, 0x72, 0x6f, 0x70, 0x70,
+ 0x65, 0x64, 0x5f, 0x6c, 0x69, 0x6e, 0x6b, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e,
+ 0x20, 0x01, 0x28, 0x0d, 0x52, 0x11, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x4c, 0x69, 0x6e,
+ 0x6b, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x3c, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75,
+ 0x73, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65,
0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72,
- 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x42, 0x0a, 0x54, 0x72, 0x61, 0x63, 0x65, 0x50, 0x72, 0x6f,
- 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x6f, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c,
- 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x69, 0x6f, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f,
- 0x6f, 0x74, 0x6c, 0x70, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, 0x76, 0x31, 0xaa, 0x02, 0x1c,
- 0x4f, 0x70, 0x65, 0x6e, 0x54, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x50, 0x72,
- 0x6f, 0x74, 0x6f, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72,
- 0x6f, 0x74, 0x6f, 0x33,
+ 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x06, 0x73,
+ 0x74, 0x61, 0x74, 0x75, 0x73, 0x1a, 0xc4, 0x01, 0x0a, 0x05, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12,
+ 0x24, 0x0a, 0x0e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x75, 0x6e, 0x69, 0x78, 0x5f, 0x6e, 0x61, 0x6e,
+ 0x6f, 0x18, 0x01, 0x20, 0x01, 0x28, 0x06, 0x52, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x55, 0x6e, 0x69,
+ 0x78, 0x4e, 0x61, 0x6e, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20,
+ 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x47, 0x0a, 0x0a, 0x61, 0x74, 0x74,
+ 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e,
+ 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72,
+ 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b, 0x65,
+ 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74,
+ 0x65, 0x73, 0x12, 0x38, 0x0a, 0x18, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x61, 0x74,
+ 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x04,
+ 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x41, 0x74, 0x74,
+ 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x1a, 0xf4, 0x01, 0x0a,
+ 0x04, 0x4c, 0x69, 0x6e, 0x6b, 0x12, 0x19, 0x0a, 0x08, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x69,
+ 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x64,
+ 0x12, 0x17, 0x0a, 0x07, 0x73, 0x70, 0x61, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
+ 0x0c, 0x52, 0x06, 0x73, 0x70, 0x61, 0x6e, 0x49, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x74, 0x72, 0x61,
+ 0x63, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a,
+ 0x74, 0x72, 0x61, 0x63, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, 0x47, 0x0a, 0x0a, 0x61, 0x74,
+ 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27,
+ 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70,
+ 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x2e, 0x4b,
+ 0x65, 0x79, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75,
+ 0x74, 0x65, 0x73, 0x12, 0x38, 0x0a, 0x18, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x61,
+ 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18,
+ 0x05, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x16, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x41, 0x74,
+ 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x14, 0x0a,
+ 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x07, 0x52, 0x05, 0x66, 0x6c,
+ 0x61, 0x67, 0x73, 0x22, 0x99, 0x01, 0x0a, 0x08, 0x53, 0x70, 0x61, 0x6e, 0x4b, 0x69, 0x6e, 0x64,
+ 0x12, 0x19, 0x0a, 0x15, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x55, 0x4e,
+ 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x53,
+ 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41,
+ 0x4c, 0x10, 0x01, 0x12, 0x14, 0x0a, 0x10, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44,
+ 0x5f, 0x53, 0x45, 0x52, 0x56, 0x45, 0x52, 0x10, 0x02, 0x12, 0x14, 0x0a, 0x10, 0x53, 0x50, 0x41,
+ 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x10, 0x03, 0x12,
+ 0x16, 0x0a, 0x12, 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x50, 0x52, 0x4f,
+ 0x44, 0x55, 0x43, 0x45, 0x52, 0x10, 0x04, 0x12, 0x16, 0x0a, 0x12, 0x53, 0x50, 0x41, 0x4e, 0x5f,
+ 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x43, 0x4f, 0x4e, 0x53, 0x55, 0x4d, 0x45, 0x52, 0x10, 0x05, 0x22,
+ 0xbd, 0x01, 0x0a, 0x06, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65,
+ 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73,
+ 0x73, 0x61, 0x67, 0x65, 0x12, 0x43, 0x0a, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x03, 0x20, 0x01,
+ 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74,
+ 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76,
+ 0x31, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x2e, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43,
+ 0x6f, 0x64, 0x65, 0x52, 0x04, 0x63, 0x6f, 0x64, 0x65, 0x22, 0x4e, 0x0a, 0x0a, 0x53, 0x74, 0x61,
+ 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54, 0x41, 0x54, 0x55,
+ 0x53, 0x5f, 0x43, 0x4f, 0x44, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x45, 0x54, 0x10, 0x00, 0x12, 0x12,
+ 0x0a, 0x0e, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x43, 0x4f, 0x44, 0x45, 0x5f, 0x4f, 0x4b,
+ 0x10, 0x01, 0x12, 0x15, 0x0a, 0x11, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x43, 0x4f, 0x44,
+ 0x45, 0x5f, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x2a,
+ 0x48, 0x0a, 0x09, 0x53, 0x70, 0x61, 0x6e, 0x46, 0x6c, 0x61, 0x67, 0x73, 0x12, 0x19, 0x0a, 0x15,
+ 0x53, 0x50, 0x41, 0x4e, 0x5f, 0x46, 0x4c, 0x41, 0x47, 0x53, 0x5f, 0x44, 0x4f, 0x5f, 0x4e, 0x4f,
+ 0x54, 0x5f, 0x55, 0x53, 0x45, 0x10, 0x00, 0x12, 0x20, 0x0a, 0x1b, 0x53, 0x50, 0x41, 0x4e, 0x5f,
+ 0x46, 0x4c, 0x41, 0x47, 0x53, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x45, 0x5f, 0x46, 0x4c, 0x41, 0x47,
+ 0x53, 0x5f, 0x4d, 0x41, 0x53, 0x4b, 0x10, 0xff, 0x01, 0x42, 0x77, 0x0a, 0x1f, 0x69, 0x6f, 0x2e,
+ 0x6f, 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x70, 0x72,
+ 0x6f, 0x74, 0x6f, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x76, 0x31, 0x42, 0x0a, 0x54, 0x72,
+ 0x61, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x6f, 0x2e, 0x6f,
+ 0x70, 0x65, 0x6e, 0x74, 0x65, 0x6c, 0x65, 0x6d, 0x65, 0x74, 0x72, 0x79, 0x2e, 0x69, 0x6f, 0x2f,
+ 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x6f, 0x74, 0x6c, 0x70, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65,
+ 0x2f, 0x76, 0x31, 0xaa, 0x02, 0x1c, 0x4f, 0x70, 0x65, 0x6e, 0x54, 0x65, 0x6c, 0x65, 0x6d, 0x65,
+ 0x74, 0x72, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x2e,
+ 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (
@@ -986,36 +1100,37 @@ func file_opentelemetry_proto_trace_v1_trace_proto_rawDescGZIP() []byte {
return file_opentelemetry_proto_trace_v1_trace_proto_rawDescData
}
-var file_opentelemetry_proto_trace_v1_trace_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
+var file_opentelemetry_proto_trace_v1_trace_proto_enumTypes = make([]protoimpl.EnumInfo, 3)
var file_opentelemetry_proto_trace_v1_trace_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
var file_opentelemetry_proto_trace_v1_trace_proto_goTypes = []interface{}{
- (Span_SpanKind)(0), // 0: opentelemetry.proto.trace.v1.Span.SpanKind
- (Status_StatusCode)(0), // 1: opentelemetry.proto.trace.v1.Status.StatusCode
- (*TracesData)(nil), // 2: opentelemetry.proto.trace.v1.TracesData
- (*ResourceSpans)(nil), // 3: opentelemetry.proto.trace.v1.ResourceSpans
- (*ScopeSpans)(nil), // 4: opentelemetry.proto.trace.v1.ScopeSpans
- (*Span)(nil), // 5: opentelemetry.proto.trace.v1.Span
- (*Status)(nil), // 6: opentelemetry.proto.trace.v1.Status
- (*Span_Event)(nil), // 7: opentelemetry.proto.trace.v1.Span.Event
- (*Span_Link)(nil), // 8: opentelemetry.proto.trace.v1.Span.Link
- (*v1.Resource)(nil), // 9: opentelemetry.proto.resource.v1.Resource
- (*v11.InstrumentationScope)(nil), // 10: opentelemetry.proto.common.v1.InstrumentationScope
- (*v11.KeyValue)(nil), // 11: opentelemetry.proto.common.v1.KeyValue
+ (SpanFlags)(0), // 0: opentelemetry.proto.trace.v1.SpanFlags
+ (Span_SpanKind)(0), // 1: opentelemetry.proto.trace.v1.Span.SpanKind
+ (Status_StatusCode)(0), // 2: opentelemetry.proto.trace.v1.Status.StatusCode
+ (*TracesData)(nil), // 3: opentelemetry.proto.trace.v1.TracesData
+ (*ResourceSpans)(nil), // 4: opentelemetry.proto.trace.v1.ResourceSpans
+ (*ScopeSpans)(nil), // 5: opentelemetry.proto.trace.v1.ScopeSpans
+ (*Span)(nil), // 6: opentelemetry.proto.trace.v1.Span
+ (*Status)(nil), // 7: opentelemetry.proto.trace.v1.Status
+ (*Span_Event)(nil), // 8: opentelemetry.proto.trace.v1.Span.Event
+ (*Span_Link)(nil), // 9: opentelemetry.proto.trace.v1.Span.Link
+ (*v1.Resource)(nil), // 10: opentelemetry.proto.resource.v1.Resource
+ (*v11.InstrumentationScope)(nil), // 11: opentelemetry.proto.common.v1.InstrumentationScope
+ (*v11.KeyValue)(nil), // 12: opentelemetry.proto.common.v1.KeyValue
}
var file_opentelemetry_proto_trace_v1_trace_proto_depIdxs = []int32{
- 3, // 0: opentelemetry.proto.trace.v1.TracesData.resource_spans:type_name -> opentelemetry.proto.trace.v1.ResourceSpans
- 9, // 1: opentelemetry.proto.trace.v1.ResourceSpans.resource:type_name -> opentelemetry.proto.resource.v1.Resource
- 4, // 2: opentelemetry.proto.trace.v1.ResourceSpans.scope_spans:type_name -> opentelemetry.proto.trace.v1.ScopeSpans
- 10, // 3: opentelemetry.proto.trace.v1.ScopeSpans.scope:type_name -> opentelemetry.proto.common.v1.InstrumentationScope
- 5, // 4: opentelemetry.proto.trace.v1.ScopeSpans.spans:type_name -> opentelemetry.proto.trace.v1.Span
- 0, // 5: opentelemetry.proto.trace.v1.Span.kind:type_name -> opentelemetry.proto.trace.v1.Span.SpanKind
- 11, // 6: opentelemetry.proto.trace.v1.Span.attributes:type_name -> opentelemetry.proto.common.v1.KeyValue
- 7, // 7: opentelemetry.proto.trace.v1.Span.events:type_name -> opentelemetry.proto.trace.v1.Span.Event
- 8, // 8: opentelemetry.proto.trace.v1.Span.links:type_name -> opentelemetry.proto.trace.v1.Span.Link
- 6, // 9: opentelemetry.proto.trace.v1.Span.status:type_name -> opentelemetry.proto.trace.v1.Status
- 1, // 10: opentelemetry.proto.trace.v1.Status.code:type_name -> opentelemetry.proto.trace.v1.Status.StatusCode
- 11, // 11: opentelemetry.proto.trace.v1.Span.Event.attributes:type_name -> opentelemetry.proto.common.v1.KeyValue
- 11, // 12: opentelemetry.proto.trace.v1.Span.Link.attributes:type_name -> opentelemetry.proto.common.v1.KeyValue
+ 4, // 0: opentelemetry.proto.trace.v1.TracesData.resource_spans:type_name -> opentelemetry.proto.trace.v1.ResourceSpans
+ 10, // 1: opentelemetry.proto.trace.v1.ResourceSpans.resource:type_name -> opentelemetry.proto.resource.v1.Resource
+ 5, // 2: opentelemetry.proto.trace.v1.ResourceSpans.scope_spans:type_name -> opentelemetry.proto.trace.v1.ScopeSpans
+ 11, // 3: opentelemetry.proto.trace.v1.ScopeSpans.scope:type_name -> opentelemetry.proto.common.v1.InstrumentationScope
+ 6, // 4: opentelemetry.proto.trace.v1.ScopeSpans.spans:type_name -> opentelemetry.proto.trace.v1.Span
+ 1, // 5: opentelemetry.proto.trace.v1.Span.kind:type_name -> opentelemetry.proto.trace.v1.Span.SpanKind
+ 12, // 6: opentelemetry.proto.trace.v1.Span.attributes:type_name -> opentelemetry.proto.common.v1.KeyValue
+ 8, // 7: opentelemetry.proto.trace.v1.Span.events:type_name -> opentelemetry.proto.trace.v1.Span.Event
+ 9, // 8: opentelemetry.proto.trace.v1.Span.links:type_name -> opentelemetry.proto.trace.v1.Span.Link
+ 7, // 9: opentelemetry.proto.trace.v1.Span.status:type_name -> opentelemetry.proto.trace.v1.Status
+ 2, // 10: opentelemetry.proto.trace.v1.Status.code:type_name -> opentelemetry.proto.trace.v1.Status.StatusCode
+ 12, // 11: opentelemetry.proto.trace.v1.Span.Event.attributes:type_name -> opentelemetry.proto.common.v1.KeyValue
+ 12, // 12: opentelemetry.proto.trace.v1.Span.Link.attributes:type_name -> opentelemetry.proto.common.v1.KeyValue
13, // [13:13] is the sub-list for method output_type
13, // [13:13] is the sub-list for method input_type
13, // [13:13] is the sub-list for extension type_name
@@ -1119,7 +1234,7 @@ func file_opentelemetry_proto_trace_v1_trace_proto_init() {
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: file_opentelemetry_proto_trace_v1_trace_proto_rawDesc,
- NumEnums: 2,
+ NumEnums: 3,
NumMessages: 7,
NumExtensions: 0,
NumServices: 0,
diff --git a/vendor/go.uber.org/atomic/.codecov.yml b/vendor/go.uber.org/atomic/.codecov.yml
deleted file mode 100644
index 571116cc39..0000000000
--- a/vendor/go.uber.org/atomic/.codecov.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-coverage:
- range: 80..100
- round: down
- precision: 2
-
- status:
- project: # measuring the overall project coverage
- default: # context, you can create multiple ones with custom titles
- enabled: yes # must be yes|true to enable this status
- target: 100 # specify the target coverage for each commit status
- # option: "auto" (must increase from parent commit or pull request base)
- # option: "X%" a static target percentage to hit
- if_not_found: success # if parent is not found report status as success, error, or failure
- if_ci_failed: error # if ci fails report status as success, error, or failure
-
-# Also update COVER_IGNORE_PKGS in the Makefile.
-ignore:
- - /internal/gen-atomicint/
- - /internal/gen-valuewrapper/
diff --git a/vendor/go.uber.org/atomic/.gitignore b/vendor/go.uber.org/atomic/.gitignore
deleted file mode 100644
index 2e337a0ed5..0000000000
--- a/vendor/go.uber.org/atomic/.gitignore
+++ /dev/null
@@ -1,15 +0,0 @@
-/bin
-.DS_Store
-/vendor
-cover.html
-cover.out
-lint.log
-
-# Binaries
-*.test
-
-# Profiling output
-*.prof
-
-# Output of fossa analyzer
-/fossa
diff --git a/vendor/go.uber.org/atomic/CHANGELOG.md b/vendor/go.uber.org/atomic/CHANGELOG.md
deleted file mode 100644
index 5fe03f21bd..0000000000
--- a/vendor/go.uber.org/atomic/CHANGELOG.md
+++ /dev/null
@@ -1,117 +0,0 @@
-# Changelog
-All notable changes to this project will be documented in this file.
-
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
-and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-
-## [1.10.0] - 2022-08-11
-### Added
-- Add `atomic.Float32` type for atomic operations on `float32`.
-- Add `CompareAndSwap` and `Swap` methods to `atomic.String`, `atomic.Error`,
- and `atomic.Value`.
-- Add generic `atomic.Pointer[T]` type for atomic operations on pointers of any
- type. This is present only for Go 1.18 or higher, and is a drop-in for
- replacement for the standard library's `sync/atomic.Pointer` type.
-
-### Changed
-- Deprecate `CAS` methods on all types in favor of corresponding
- `CompareAndSwap` methods.
-
-Thanks to @eNV25 and @icpd for their contributions to this release.
-
-[1.10.0]: https://github.com/uber-go/atomic/compare/v1.9.0...v1.10.0
-
-## [1.9.0] - 2021-07-15
-### Added
-- Add `Float64.Swap` to match int atomic operations.
-- Add `atomic.Time` type for atomic operations on `time.Time` values.
-
-[1.9.0]: https://github.com/uber-go/atomic/compare/v1.8.0...v1.9.0
-
-## [1.8.0] - 2021-06-09
-### Added
-- Add `atomic.Uintptr` type for atomic operations on `uintptr` values.
-- Add `atomic.UnsafePointer` type for atomic operations on `unsafe.Pointer` values.
-
-[1.8.0]: https://github.com/uber-go/atomic/compare/v1.7.0...v1.8.0
-
-## [1.7.0] - 2020-09-14
-### Added
-- Support JSON serialization and deserialization of primitive atomic types.
-- Support Text marshalling and unmarshalling for string atomics.
-
-### Changed
-- Disallow incorrect comparison of atomic values in a non-atomic way.
-
-### Removed
-- Remove dependency on `golang.org/x/{lint, tools}`.
-
-[1.7.0]: https://github.com/uber-go/atomic/compare/v1.6.0...v1.7.0
-
-## [1.6.0] - 2020-02-24
-### Changed
-- Drop library dependency on `golang.org/x/{lint, tools}`.
-
-[1.6.0]: https://github.com/uber-go/atomic/compare/v1.5.1...v1.6.0
-
-## [1.5.1] - 2019-11-19
-- Fix bug where `Bool.CAS` and `Bool.Toggle` do work correctly together
- causing `CAS` to fail even though the old value matches.
-
-[1.5.1]: https://github.com/uber-go/atomic/compare/v1.5.0...v1.5.1
-
-## [1.5.0] - 2019-10-29
-### Changed
-- With Go modules, only the `go.uber.org/atomic` import path is supported now.
- If you need to use the old import path, please add a `replace` directive to
- your `go.mod`.
-
-[1.5.0]: https://github.com/uber-go/atomic/compare/v1.4.0...v1.5.0
-
-## [1.4.0] - 2019-05-01
-### Added
- - Add `atomic.Error` type for atomic operations on `error` values.
-
-[1.4.0]: https://github.com/uber-go/atomic/compare/v1.3.2...v1.4.0
-
-## [1.3.2] - 2018-05-02
-### Added
-- Add `atomic.Duration` type for atomic operations on `time.Duration` values.
-
-[1.3.2]: https://github.com/uber-go/atomic/compare/v1.3.1...v1.3.2
-
-## [1.3.1] - 2017-11-14
-### Fixed
-- Revert optimization for `atomic.String.Store("")` which caused data races.
-
-[1.3.1]: https://github.com/uber-go/atomic/compare/v1.3.0...v1.3.1
-
-## [1.3.0] - 2017-11-13
-### Added
-- Add `atomic.Bool.CAS` for compare-and-swap semantics on bools.
-
-### Changed
-- Optimize `atomic.String.Store("")` by avoiding an allocation.
-
-[1.3.0]: https://github.com/uber-go/atomic/compare/v1.2.0...v1.3.0
-
-## [1.2.0] - 2017-04-12
-### Added
-- Shadow `atomic.Value` from `sync/atomic`.
-
-[1.2.0]: https://github.com/uber-go/atomic/compare/v1.1.0...v1.2.0
-
-## [1.1.0] - 2017-03-10
-### Added
-- Add atomic `Float64` type.
-
-### Changed
-- Support new `go.uber.org/atomic` import path.
-
-[1.1.0]: https://github.com/uber-go/atomic/compare/v1.0.0...v1.1.0
-
-## [1.0.0] - 2016-07-18
-
-- Initial release.
-
-[1.0.0]: https://github.com/uber-go/atomic/releases/tag/v1.0.0
diff --git a/vendor/go.uber.org/atomic/LICENSE.txt b/vendor/go.uber.org/atomic/LICENSE.txt
deleted file mode 100644
index 8765c9fbc6..0000000000
--- a/vendor/go.uber.org/atomic/LICENSE.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-Copyright (c) 2016 Uber Technologies, Inc.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
diff --git a/vendor/go.uber.org/atomic/Makefile b/vendor/go.uber.org/atomic/Makefile
deleted file mode 100644
index 46c945b32b..0000000000
--- a/vendor/go.uber.org/atomic/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-# Directory to place `go install`ed binaries into.
-export GOBIN ?= $(shell pwd)/bin
-
-GOLINT = $(GOBIN)/golint
-GEN_ATOMICINT = $(GOBIN)/gen-atomicint
-GEN_ATOMICWRAPPER = $(GOBIN)/gen-atomicwrapper
-STATICCHECK = $(GOBIN)/staticcheck
-
-GO_FILES ?= $(shell find . '(' -path .git -o -path vendor ')' -prune -o -name '*.go' -print)
-
-# Also update ignore section in .codecov.yml.
-COVER_IGNORE_PKGS = \
- go.uber.org/atomic/internal/gen-atomicint \
- go.uber.org/atomic/internal/gen-atomicwrapper
-
-.PHONY: build
-build:
- go build ./...
-
-.PHONY: test
-test:
- go test -race ./...
-
-.PHONY: gofmt
-gofmt:
- $(eval FMT_LOG := $(shell mktemp -t gofmt.XXXXX))
- gofmt -e -s -l $(GO_FILES) > $(FMT_LOG) || true
- @[ ! -s "$(FMT_LOG)" ] || (echo "gofmt failed:" && cat $(FMT_LOG) && false)
-
-$(GOLINT):
- cd tools && go install golang.org/x/lint/golint
-
-$(STATICCHECK):
- cd tools && go install honnef.co/go/tools/cmd/staticcheck
-
-$(GEN_ATOMICWRAPPER): $(wildcard ./internal/gen-atomicwrapper/*)
- go build -o $@ ./internal/gen-atomicwrapper
-
-$(GEN_ATOMICINT): $(wildcard ./internal/gen-atomicint/*)
- go build -o $@ ./internal/gen-atomicint
-
-.PHONY: golint
-golint: $(GOLINT)
- $(GOLINT) ./...
-
-.PHONY: staticcheck
-staticcheck: $(STATICCHECK)
- $(STATICCHECK) ./...
-
-.PHONY: lint
-lint: gofmt golint staticcheck generatenodirty
-
-# comma separated list of packages to consider for code coverage.
-COVER_PKG = $(shell \
- go list -find ./... | \
- grep -v $(foreach pkg,$(COVER_IGNORE_PKGS),-e "^$(pkg)$$") | \
- paste -sd, -)
-
-.PHONY: cover
-cover:
- go test -coverprofile=cover.out -coverpkg $(COVER_PKG) -v ./...
- go tool cover -html=cover.out -o cover.html
-
-.PHONY: generate
-generate: $(GEN_ATOMICINT) $(GEN_ATOMICWRAPPER)
- go generate ./...
-
-.PHONY: generatenodirty
-generatenodirty:
- @[ -z "$$(git status --porcelain)" ] || ( \
- echo "Working tree is dirty. Commit your changes first."; \
- git status; \
- exit 1 )
- @make generate
- @status=$$(git status --porcelain); \
- [ -z "$$status" ] || ( \
- echo "Working tree is dirty after `make generate`:"; \
- echo "$$status"; \
- echo "Please ensure that the generated code is up-to-date." )
diff --git a/vendor/go.uber.org/atomic/README.md b/vendor/go.uber.org/atomic/README.md
deleted file mode 100644
index 96b47a1f12..0000000000
--- a/vendor/go.uber.org/atomic/README.md
+++ /dev/null
@@ -1,63 +0,0 @@
-# atomic [![GoDoc][doc-img]][doc] [![Build Status][ci-img]][ci] [![Coverage Status][cov-img]][cov] [![Go Report Card][reportcard-img]][reportcard]
-
-Simple wrappers for primitive types to enforce atomic access.
-
-## Installation
-
-```shell
-$ go get -u go.uber.org/atomic@v1
-```
-
-### Legacy Import Path
-
-As of v1.5.0, the import path `go.uber.org/atomic` is the only supported way
-of using this package. If you are using Go modules, this package will fail to
-compile with the legacy import path path `github.com/uber-go/atomic`.
-
-We recommend migrating your code to the new import path but if you're unable
-to do so, or if your dependencies are still using the old import path, you
-will have to add a `replace` directive to your `go.mod` file downgrading the
-legacy import path to an older version.
-
-```
-replace github.com/uber-go/atomic => github.com/uber-go/atomic v1.4.0
-```
-
-You can do so automatically by running the following command.
-
-```shell
-$ go mod edit -replace github.com/uber-go/atomic=github.com/uber-go/atomic@v1.4.0
-```
-
-## Usage
-
-The standard library's `sync/atomic` is powerful, but it's easy to forget which
-variables must be accessed atomically. `go.uber.org/atomic` preserves all the
-functionality of the standard library, but wraps the primitive types to
-provide a safer, more convenient API.
-
-```go
-var atom atomic.Uint32
-atom.Store(42)
-atom.Sub(2)
-atom.CAS(40, 11)
-```
-
-See the [documentation][doc] for a complete API specification.
-
-## Development Status
-
-Stable.
-
----
-
-Released under the [MIT License](LICENSE.txt).
-
-[doc-img]: https://godoc.org/github.com/uber-go/atomic?status.svg
-[doc]: https://godoc.org/go.uber.org/atomic
-[ci-img]: https://github.com/uber-go/atomic/actions/workflows/go.yml/badge.svg
-[ci]: https://github.com/uber-go/atomic/actions/workflows/go.yml
-[cov-img]: https://codecov.io/gh/uber-go/atomic/branch/master/graph/badge.svg
-[cov]: https://codecov.io/gh/uber-go/atomic
-[reportcard-img]: https://goreportcard.com/badge/go.uber.org/atomic
-[reportcard]: https://goreportcard.com/report/go.uber.org/atomic
diff --git a/vendor/go.uber.org/atomic/bool.go b/vendor/go.uber.org/atomic/bool.go
deleted file mode 100644
index dfa2085f49..0000000000
--- a/vendor/go.uber.org/atomic/bool.go
+++ /dev/null
@@ -1,88 +0,0 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
-)
-
-// Bool is an atomic type-safe wrapper for bool values.
-type Bool struct {
- _ nocmp // disallow non-atomic comparison
-
- v Uint32
-}
-
-var _zeroBool bool
-
-// NewBool creates a new Bool.
-func NewBool(val bool) *Bool {
- x := &Bool{}
- if val != _zeroBool {
- x.Store(val)
- }
- return x
-}
-
-// Load atomically loads the wrapped bool.
-func (x *Bool) Load() bool {
- return truthy(x.v.Load())
-}
-
-// Store atomically stores the passed bool.
-func (x *Bool) Store(val bool) {
- x.v.Store(boolToInt(val))
-}
-
-// CAS is an atomic compare-and-swap for bool values.
-//
-// Deprecated: Use CompareAndSwap.
-func (x *Bool) CAS(old, new bool) (swapped bool) {
- return x.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap for bool values.
-func (x *Bool) CompareAndSwap(old, new bool) (swapped bool) {
- return x.v.CompareAndSwap(boolToInt(old), boolToInt(new))
-}
-
-// Swap atomically stores the given bool and returns the old
-// value.
-func (x *Bool) Swap(val bool) (old bool) {
- return truthy(x.v.Swap(boolToInt(val)))
-}
-
-// MarshalJSON encodes the wrapped bool into JSON.
-func (x *Bool) MarshalJSON() ([]byte, error) {
- return json.Marshal(x.Load())
-}
-
-// UnmarshalJSON decodes a bool from JSON.
-func (x *Bool) UnmarshalJSON(b []byte) error {
- var v bool
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- x.Store(v)
- return nil
-}
diff --git a/vendor/go.uber.org/atomic/doc.go b/vendor/go.uber.org/atomic/doc.go
deleted file mode 100644
index ae7390ee68..0000000000
--- a/vendor/go.uber.org/atomic/doc.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright (c) 2020 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-// Package atomic provides simple wrappers around numerics to enforce atomic
-// access.
-package atomic
diff --git a/vendor/go.uber.org/atomic/duration.go b/vendor/go.uber.org/atomic/duration.go
deleted file mode 100644
index 6f4157445c..0000000000
--- a/vendor/go.uber.org/atomic/duration.go
+++ /dev/null
@@ -1,89 +0,0 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "time"
-)
-
-// Duration is an atomic type-safe wrapper for time.Duration values.
-type Duration struct {
- _ nocmp // disallow non-atomic comparison
-
- v Int64
-}
-
-var _zeroDuration time.Duration
-
-// NewDuration creates a new Duration.
-func NewDuration(val time.Duration) *Duration {
- x := &Duration{}
- if val != _zeroDuration {
- x.Store(val)
- }
- return x
-}
-
-// Load atomically loads the wrapped time.Duration.
-func (x *Duration) Load() time.Duration {
- return time.Duration(x.v.Load())
-}
-
-// Store atomically stores the passed time.Duration.
-func (x *Duration) Store(val time.Duration) {
- x.v.Store(int64(val))
-}
-
-// CAS is an atomic compare-and-swap for time.Duration values.
-//
-// Deprecated: Use CompareAndSwap.
-func (x *Duration) CAS(old, new time.Duration) (swapped bool) {
- return x.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap for time.Duration values.
-func (x *Duration) CompareAndSwap(old, new time.Duration) (swapped bool) {
- return x.v.CompareAndSwap(int64(old), int64(new))
-}
-
-// Swap atomically stores the given time.Duration and returns the old
-// value.
-func (x *Duration) Swap(val time.Duration) (old time.Duration) {
- return time.Duration(x.v.Swap(int64(val)))
-}
-
-// MarshalJSON encodes the wrapped time.Duration into JSON.
-func (x *Duration) MarshalJSON() ([]byte, error) {
- return json.Marshal(x.Load())
-}
-
-// UnmarshalJSON decodes a time.Duration from JSON.
-func (x *Duration) UnmarshalJSON(b []byte) error {
- var v time.Duration
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- x.Store(v)
- return nil
-}
diff --git a/vendor/go.uber.org/atomic/duration_ext.go b/vendor/go.uber.org/atomic/duration_ext.go
deleted file mode 100644
index 4c18b0a9ed..0000000000
--- a/vendor/go.uber.org/atomic/duration_ext.go
+++ /dev/null
@@ -1,40 +0,0 @@
-// Copyright (c) 2020 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import "time"
-
-//go:generate bin/gen-atomicwrapper -name=Duration -type=time.Duration -wrapped=Int64 -pack=int64 -unpack=time.Duration -cas -swap -json -imports time -file=duration.go
-
-// Add atomically adds to the wrapped time.Duration and returns the new value.
-func (d *Duration) Add(delta time.Duration) time.Duration {
- return time.Duration(d.v.Add(int64(delta)))
-}
-
-// Sub atomically subtracts from the wrapped time.Duration and returns the new value.
-func (d *Duration) Sub(delta time.Duration) time.Duration {
- return time.Duration(d.v.Sub(int64(delta)))
-}
-
-// String encodes the wrapped value as a string.
-func (d *Duration) String() string {
- return d.Load().String()
-}
diff --git a/vendor/go.uber.org/atomic/error.go b/vendor/go.uber.org/atomic/error.go
deleted file mode 100644
index 27b23ea162..0000000000
--- a/vendor/go.uber.org/atomic/error.go
+++ /dev/null
@@ -1,62 +0,0 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-// Error is an atomic type-safe wrapper for error values.
-type Error struct {
- _ nocmp // disallow non-atomic comparison
-
- v Value
-}
-
-var _zeroError error
-
-// NewError creates a new Error.
-func NewError(val error) *Error {
- x := &Error{}
- if val != _zeroError {
- x.Store(val)
- }
- return x
-}
-
-// Load atomically loads the wrapped error.
-func (x *Error) Load() error {
- return unpackError(x.v.Load())
-}
-
-// Store atomically stores the passed error.
-func (x *Error) Store(val error) {
- x.v.Store(packError(val))
-}
-
-// CompareAndSwap is an atomic compare-and-swap for error values.
-func (x *Error) CompareAndSwap(old, new error) (swapped bool) {
- return x.v.CompareAndSwap(packError(old), packError(new))
-}
-
-// Swap atomically stores the given error and returns the old
-// value.
-func (x *Error) Swap(val error) (old error) {
- return unpackError(x.v.Swap(packError(val)))
-}
diff --git a/vendor/go.uber.org/atomic/float32.go b/vendor/go.uber.org/atomic/float32.go
deleted file mode 100644
index 5d535a6d2a..0000000000
--- a/vendor/go.uber.org/atomic/float32.go
+++ /dev/null
@@ -1,77 +0,0 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "math"
-)
-
-// Float32 is an atomic type-safe wrapper for float32 values.
-type Float32 struct {
- _ nocmp // disallow non-atomic comparison
-
- v Uint32
-}
-
-var _zeroFloat32 float32
-
-// NewFloat32 creates a new Float32.
-func NewFloat32(val float32) *Float32 {
- x := &Float32{}
- if val != _zeroFloat32 {
- x.Store(val)
- }
- return x
-}
-
-// Load atomically loads the wrapped float32.
-func (x *Float32) Load() float32 {
- return math.Float32frombits(x.v.Load())
-}
-
-// Store atomically stores the passed float32.
-func (x *Float32) Store(val float32) {
- x.v.Store(math.Float32bits(val))
-}
-
-// Swap atomically stores the given float32 and returns the old
-// value.
-func (x *Float32) Swap(val float32) (old float32) {
- return math.Float32frombits(x.v.Swap(math.Float32bits(val)))
-}
-
-// MarshalJSON encodes the wrapped float32 into JSON.
-func (x *Float32) MarshalJSON() ([]byte, error) {
- return json.Marshal(x.Load())
-}
-
-// UnmarshalJSON decodes a float32 from JSON.
-func (x *Float32) UnmarshalJSON(b []byte) error {
- var v float32
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- x.Store(v)
- return nil
-}
diff --git a/vendor/go.uber.org/atomic/float32_ext.go b/vendor/go.uber.org/atomic/float32_ext.go
deleted file mode 100644
index b0cd8d9c82..0000000000
--- a/vendor/go.uber.org/atomic/float32_ext.go
+++ /dev/null
@@ -1,76 +0,0 @@
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "math"
- "strconv"
-)
-
-//go:generate bin/gen-atomicwrapper -name=Float32 -type=float32 -wrapped=Uint32 -pack=math.Float32bits -unpack=math.Float32frombits -swap -json -imports math -file=float32.go
-
-// Add atomically adds to the wrapped float32 and returns the new value.
-func (f *Float32) Add(delta float32) float32 {
- for {
- old := f.Load()
- new := old + delta
- if f.CAS(old, new) {
- return new
- }
- }
-}
-
-// Sub atomically subtracts from the wrapped float32 and returns the new value.
-func (f *Float32) Sub(delta float32) float32 {
- return f.Add(-delta)
-}
-
-// CAS is an atomic compare-and-swap for float32 values.
-//
-// Deprecated: Use CompareAndSwap
-func (f *Float32) CAS(old, new float32) (swapped bool) {
- return f.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap for float32 values.
-//
-// Note: CompareAndSwap handles NaN incorrectly. NaN != NaN using Go's inbuilt operators
-// but CompareAndSwap allows a stored NaN to compare equal to a passed in NaN.
-// This avoids typical CompareAndSwap loops from blocking forever, e.g.,
-//
-// for {
-// old := atom.Load()
-// new = f(old)
-// if atom.CompareAndSwap(old, new) {
-// break
-// }
-// }
-//
-// If CompareAndSwap did not match NaN to match, then the above would loop forever.
-func (f *Float32) CompareAndSwap(old, new float32) (swapped bool) {
- return f.v.CompareAndSwap(math.Float32bits(old), math.Float32bits(new))
-}
-
-// String encodes the wrapped value as a string.
-func (f *Float32) String() string {
- // 'g' is the behavior for floats with %v.
- return strconv.FormatFloat(float64(f.Load()), 'g', -1, 32)
-}
diff --git a/vendor/go.uber.org/atomic/float64.go b/vendor/go.uber.org/atomic/float64.go
deleted file mode 100644
index 11d5189a5f..0000000000
--- a/vendor/go.uber.org/atomic/float64.go
+++ /dev/null
@@ -1,77 +0,0 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "math"
-)
-
-// Float64 is an atomic type-safe wrapper for float64 values.
-type Float64 struct {
- _ nocmp // disallow non-atomic comparison
-
- v Uint64
-}
-
-var _zeroFloat64 float64
-
-// NewFloat64 creates a new Float64.
-func NewFloat64(val float64) *Float64 {
- x := &Float64{}
- if val != _zeroFloat64 {
- x.Store(val)
- }
- return x
-}
-
-// Load atomically loads the wrapped float64.
-func (x *Float64) Load() float64 {
- return math.Float64frombits(x.v.Load())
-}
-
-// Store atomically stores the passed float64.
-func (x *Float64) Store(val float64) {
- x.v.Store(math.Float64bits(val))
-}
-
-// Swap atomically stores the given float64 and returns the old
-// value.
-func (x *Float64) Swap(val float64) (old float64) {
- return math.Float64frombits(x.v.Swap(math.Float64bits(val)))
-}
-
-// MarshalJSON encodes the wrapped float64 into JSON.
-func (x *Float64) MarshalJSON() ([]byte, error) {
- return json.Marshal(x.Load())
-}
-
-// UnmarshalJSON decodes a float64 from JSON.
-func (x *Float64) UnmarshalJSON(b []byte) error {
- var v float64
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- x.Store(v)
- return nil
-}
diff --git a/vendor/go.uber.org/atomic/float64_ext.go b/vendor/go.uber.org/atomic/float64_ext.go
deleted file mode 100644
index 48c52b0abf..0000000000
--- a/vendor/go.uber.org/atomic/float64_ext.go
+++ /dev/null
@@ -1,76 +0,0 @@
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "math"
- "strconv"
-)
-
-//go:generate bin/gen-atomicwrapper -name=Float64 -type=float64 -wrapped=Uint64 -pack=math.Float64bits -unpack=math.Float64frombits -swap -json -imports math -file=float64.go
-
-// Add atomically adds to the wrapped float64 and returns the new value.
-func (f *Float64) Add(delta float64) float64 {
- for {
- old := f.Load()
- new := old + delta
- if f.CAS(old, new) {
- return new
- }
- }
-}
-
-// Sub atomically subtracts from the wrapped float64 and returns the new value.
-func (f *Float64) Sub(delta float64) float64 {
- return f.Add(-delta)
-}
-
-// CAS is an atomic compare-and-swap for float64 values.
-//
-// Deprecated: Use CompareAndSwap
-func (f *Float64) CAS(old, new float64) (swapped bool) {
- return f.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap for float64 values.
-//
-// Note: CompareAndSwap handles NaN incorrectly. NaN != NaN using Go's inbuilt operators
-// but CompareAndSwap allows a stored NaN to compare equal to a passed in NaN.
-// This avoids typical CompareAndSwap loops from blocking forever, e.g.,
-//
-// for {
-// old := atom.Load()
-// new = f(old)
-// if atom.CompareAndSwap(old, new) {
-// break
-// }
-// }
-//
-// If CompareAndSwap did not match NaN to match, then the above would loop forever.
-func (f *Float64) CompareAndSwap(old, new float64) (swapped bool) {
- return f.v.CompareAndSwap(math.Float64bits(old), math.Float64bits(new))
-}
-
-// String encodes the wrapped value as a string.
-func (f *Float64) String() string {
- // 'g' is the behavior for floats with %v.
- return strconv.FormatFloat(f.Load(), 'g', -1, 64)
-}
diff --git a/vendor/go.uber.org/atomic/gen.go b/vendor/go.uber.org/atomic/gen.go
deleted file mode 100644
index 1e9ef4f879..0000000000
--- a/vendor/go.uber.org/atomic/gen.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright (c) 2020 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-//go:generate bin/gen-atomicint -name=Int32 -wrapped=int32 -file=int32.go
-//go:generate bin/gen-atomicint -name=Int64 -wrapped=int64 -file=int64.go
-//go:generate bin/gen-atomicint -name=Uint32 -wrapped=uint32 -unsigned -file=uint32.go
-//go:generate bin/gen-atomicint -name=Uint64 -wrapped=uint64 -unsigned -file=uint64.go
-//go:generate bin/gen-atomicint -name=Uintptr -wrapped=uintptr -unsigned -file=uintptr.go
diff --git a/vendor/go.uber.org/atomic/int32.go b/vendor/go.uber.org/atomic/int32.go
deleted file mode 100644
index b9a68f42ca..0000000000
--- a/vendor/go.uber.org/atomic/int32.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// @generated Code generated by gen-atomicint.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "strconv"
- "sync/atomic"
-)
-
-// Int32 is an atomic wrapper around int32.
-type Int32 struct {
- _ nocmp // disallow non-atomic comparison
-
- v int32
-}
-
-// NewInt32 creates a new Int32.
-func NewInt32(val int32) *Int32 {
- return &Int32{v: val}
-}
-
-// Load atomically loads the wrapped value.
-func (i *Int32) Load() int32 {
- return atomic.LoadInt32(&i.v)
-}
-
-// Add atomically adds to the wrapped int32 and returns the new value.
-func (i *Int32) Add(delta int32) int32 {
- return atomic.AddInt32(&i.v, delta)
-}
-
-// Sub atomically subtracts from the wrapped int32 and returns the new value.
-func (i *Int32) Sub(delta int32) int32 {
- return atomic.AddInt32(&i.v, -delta)
-}
-
-// Inc atomically increments the wrapped int32 and returns the new value.
-func (i *Int32) Inc() int32 {
- return i.Add(1)
-}
-
-// Dec atomically decrements the wrapped int32 and returns the new value.
-func (i *Int32) Dec() int32 {
- return i.Sub(1)
-}
-
-// CAS is an atomic compare-and-swap.
-//
-// Deprecated: Use CompareAndSwap.
-func (i *Int32) CAS(old, new int32) (swapped bool) {
- return i.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (i *Int32) CompareAndSwap(old, new int32) (swapped bool) {
- return atomic.CompareAndSwapInt32(&i.v, old, new)
-}
-
-// Store atomically stores the passed value.
-func (i *Int32) Store(val int32) {
- atomic.StoreInt32(&i.v, val)
-}
-
-// Swap atomically swaps the wrapped int32 and returns the old value.
-func (i *Int32) Swap(val int32) (old int32) {
- return atomic.SwapInt32(&i.v, val)
-}
-
-// MarshalJSON encodes the wrapped int32 into JSON.
-func (i *Int32) MarshalJSON() ([]byte, error) {
- return json.Marshal(i.Load())
-}
-
-// UnmarshalJSON decodes JSON into the wrapped int32.
-func (i *Int32) UnmarshalJSON(b []byte) error {
- var v int32
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- i.Store(v)
- return nil
-}
-
-// String encodes the wrapped value as a string.
-func (i *Int32) String() string {
- v := i.Load()
- return strconv.FormatInt(int64(v), 10)
-}
diff --git a/vendor/go.uber.org/atomic/int64.go b/vendor/go.uber.org/atomic/int64.go
deleted file mode 100644
index 78d260976f..0000000000
--- a/vendor/go.uber.org/atomic/int64.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// @generated Code generated by gen-atomicint.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "strconv"
- "sync/atomic"
-)
-
-// Int64 is an atomic wrapper around int64.
-type Int64 struct {
- _ nocmp // disallow non-atomic comparison
-
- v int64
-}
-
-// NewInt64 creates a new Int64.
-func NewInt64(val int64) *Int64 {
- return &Int64{v: val}
-}
-
-// Load atomically loads the wrapped value.
-func (i *Int64) Load() int64 {
- return atomic.LoadInt64(&i.v)
-}
-
-// Add atomically adds to the wrapped int64 and returns the new value.
-func (i *Int64) Add(delta int64) int64 {
- return atomic.AddInt64(&i.v, delta)
-}
-
-// Sub atomically subtracts from the wrapped int64 and returns the new value.
-func (i *Int64) Sub(delta int64) int64 {
- return atomic.AddInt64(&i.v, -delta)
-}
-
-// Inc atomically increments the wrapped int64 and returns the new value.
-func (i *Int64) Inc() int64 {
- return i.Add(1)
-}
-
-// Dec atomically decrements the wrapped int64 and returns the new value.
-func (i *Int64) Dec() int64 {
- return i.Sub(1)
-}
-
-// CAS is an atomic compare-and-swap.
-//
-// Deprecated: Use CompareAndSwap.
-func (i *Int64) CAS(old, new int64) (swapped bool) {
- return i.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (i *Int64) CompareAndSwap(old, new int64) (swapped bool) {
- return atomic.CompareAndSwapInt64(&i.v, old, new)
-}
-
-// Store atomically stores the passed value.
-func (i *Int64) Store(val int64) {
- atomic.StoreInt64(&i.v, val)
-}
-
-// Swap atomically swaps the wrapped int64 and returns the old value.
-func (i *Int64) Swap(val int64) (old int64) {
- return atomic.SwapInt64(&i.v, val)
-}
-
-// MarshalJSON encodes the wrapped int64 into JSON.
-func (i *Int64) MarshalJSON() ([]byte, error) {
- return json.Marshal(i.Load())
-}
-
-// UnmarshalJSON decodes JSON into the wrapped int64.
-func (i *Int64) UnmarshalJSON(b []byte) error {
- var v int64
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- i.Store(v)
- return nil
-}
-
-// String encodes the wrapped value as a string.
-func (i *Int64) String() string {
- v := i.Load()
- return strconv.FormatInt(int64(v), 10)
-}
diff --git a/vendor/go.uber.org/atomic/nocmp.go b/vendor/go.uber.org/atomic/nocmp.go
deleted file mode 100644
index 54b74174ab..0000000000
--- a/vendor/go.uber.org/atomic/nocmp.go
+++ /dev/null
@@ -1,35 +0,0 @@
-// Copyright (c) 2020 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-// nocmp is an uncomparable struct. Embed this inside another struct to make
-// it uncomparable.
-//
-// type Foo struct {
-// nocmp
-// // ...
-// }
-//
-// This DOES NOT:
-//
-// - Disallow shallow copies of structs
-// - Disallow comparison of pointers to uncomparable structs
-type nocmp [0]func()
diff --git a/vendor/go.uber.org/atomic/pointer_go118.go b/vendor/go.uber.org/atomic/pointer_go118.go
deleted file mode 100644
index e0f47dba46..0000000000
--- a/vendor/go.uber.org/atomic/pointer_go118.go
+++ /dev/null
@@ -1,60 +0,0 @@
-// Copyright (c) 2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-//go:build go1.18 && !go1.19
-// +build go1.18,!go1.19
-
-package atomic
-
-import "unsafe"
-
-type Pointer[T any] struct {
- _ nocmp // disallow non-atomic comparison
- p UnsafePointer
-}
-
-// NewPointer creates a new Pointer.
-func NewPointer[T any](v *T) *Pointer[T] {
- var p Pointer[T]
- if v != nil {
- p.p.Store(unsafe.Pointer(v))
- }
- return &p
-}
-
-// Load atomically loads the wrapped value.
-func (p *Pointer[T]) Load() *T {
- return (*T)(p.p.Load())
-}
-
-// Store atomically stores the passed value.
-func (p *Pointer[T]) Store(val *T) {
- p.p.Store(unsafe.Pointer(val))
-}
-
-// Swap atomically swaps the wrapped pointer and returns the old value.
-func (p *Pointer[T]) Swap(val *T) (old *T) {
- return (*T)(p.p.Swap(unsafe.Pointer(val)))
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (p *Pointer[T]) CompareAndSwap(old, new *T) (swapped bool) {
- return p.p.CompareAndSwap(unsafe.Pointer(old), unsafe.Pointer(new))
-}
diff --git a/vendor/go.uber.org/atomic/pointer_go119.go b/vendor/go.uber.org/atomic/pointer_go119.go
deleted file mode 100644
index 6726f17ad6..0000000000
--- a/vendor/go.uber.org/atomic/pointer_go119.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright (c) 2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-//go:build go1.19
-// +build go1.19
-
-package atomic
-
-import "sync/atomic"
-
-// Pointer is an atomic pointer of type *T.
-type Pointer[T any] struct {
- _ nocmp // disallow non-atomic comparison
- p atomic.Pointer[T]
-}
-
-// NewPointer creates a new Pointer.
-func NewPointer[T any](v *T) *Pointer[T] {
- var p Pointer[T]
- if v != nil {
- p.p.Store(v)
- }
- return &p
-}
-
-// Load atomically loads the wrapped value.
-func (p *Pointer[T]) Load() *T {
- return p.p.Load()
-}
-
-// Store atomically stores the passed value.
-func (p *Pointer[T]) Store(val *T) {
- p.p.Store(val)
-}
-
-// Swap atomically swaps the wrapped pointer and returns the old value.
-func (p *Pointer[T]) Swap(val *T) (old *T) {
- return p.p.Swap(val)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (p *Pointer[T]) CompareAndSwap(old, new *T) (swapped bool) {
- return p.p.CompareAndSwap(old, new)
-}
diff --git a/vendor/go.uber.org/atomic/string.go b/vendor/go.uber.org/atomic/string.go
deleted file mode 100644
index c4bea70f4d..0000000000
--- a/vendor/go.uber.org/atomic/string.go
+++ /dev/null
@@ -1,65 +0,0 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-// String is an atomic type-safe wrapper for string values.
-type String struct {
- _ nocmp // disallow non-atomic comparison
-
- v Value
-}
-
-var _zeroString string
-
-// NewString creates a new String.
-func NewString(val string) *String {
- x := &String{}
- if val != _zeroString {
- x.Store(val)
- }
- return x
-}
-
-// Load atomically loads the wrapped string.
-func (x *String) Load() string {
- if v := x.v.Load(); v != nil {
- return v.(string)
- }
- return _zeroString
-}
-
-// Store atomically stores the passed string.
-func (x *String) Store(val string) {
- x.v.Store(val)
-}
-
-// CompareAndSwap is an atomic compare-and-swap for string values.
-func (x *String) CompareAndSwap(old, new string) (swapped bool) {
- return x.v.CompareAndSwap(old, new)
-}
-
-// Swap atomically stores the given string and returns the old
-// value.
-func (x *String) Swap(val string) (old string) {
- return x.v.Swap(val).(string)
-}
diff --git a/vendor/go.uber.org/atomic/string_ext.go b/vendor/go.uber.org/atomic/string_ext.go
deleted file mode 100644
index 1f63dfd5b9..0000000000
--- a/vendor/go.uber.org/atomic/string_ext.go
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-//go:generate bin/gen-atomicwrapper -name=String -type=string -wrapped=Value -compareandswap -swap -file=string.go
-
-// String returns the wrapped value.
-func (s *String) String() string {
- return s.Load()
-}
-
-// MarshalText encodes the wrapped string into a textual form.
-//
-// This makes it encodable as JSON, YAML, XML, and more.
-func (s *String) MarshalText() ([]byte, error) {
- return []byte(s.Load()), nil
-}
-
-// UnmarshalText decodes text and replaces the wrapped string with it.
-//
-// This makes it decodable from JSON, YAML, XML, and more.
-func (s *String) UnmarshalText(b []byte) error {
- s.Store(string(b))
- return nil
-}
diff --git a/vendor/go.uber.org/atomic/uint32.go b/vendor/go.uber.org/atomic/uint32.go
deleted file mode 100644
index d6f04a96dc..0000000000
--- a/vendor/go.uber.org/atomic/uint32.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// @generated Code generated by gen-atomicint.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "strconv"
- "sync/atomic"
-)
-
-// Uint32 is an atomic wrapper around uint32.
-type Uint32 struct {
- _ nocmp // disallow non-atomic comparison
-
- v uint32
-}
-
-// NewUint32 creates a new Uint32.
-func NewUint32(val uint32) *Uint32 {
- return &Uint32{v: val}
-}
-
-// Load atomically loads the wrapped value.
-func (i *Uint32) Load() uint32 {
- return atomic.LoadUint32(&i.v)
-}
-
-// Add atomically adds to the wrapped uint32 and returns the new value.
-func (i *Uint32) Add(delta uint32) uint32 {
- return atomic.AddUint32(&i.v, delta)
-}
-
-// Sub atomically subtracts from the wrapped uint32 and returns the new value.
-func (i *Uint32) Sub(delta uint32) uint32 {
- return atomic.AddUint32(&i.v, ^(delta - 1))
-}
-
-// Inc atomically increments the wrapped uint32 and returns the new value.
-func (i *Uint32) Inc() uint32 {
- return i.Add(1)
-}
-
-// Dec atomically decrements the wrapped uint32 and returns the new value.
-func (i *Uint32) Dec() uint32 {
- return i.Sub(1)
-}
-
-// CAS is an atomic compare-and-swap.
-//
-// Deprecated: Use CompareAndSwap.
-func (i *Uint32) CAS(old, new uint32) (swapped bool) {
- return i.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (i *Uint32) CompareAndSwap(old, new uint32) (swapped bool) {
- return atomic.CompareAndSwapUint32(&i.v, old, new)
-}
-
-// Store atomically stores the passed value.
-func (i *Uint32) Store(val uint32) {
- atomic.StoreUint32(&i.v, val)
-}
-
-// Swap atomically swaps the wrapped uint32 and returns the old value.
-func (i *Uint32) Swap(val uint32) (old uint32) {
- return atomic.SwapUint32(&i.v, val)
-}
-
-// MarshalJSON encodes the wrapped uint32 into JSON.
-func (i *Uint32) MarshalJSON() ([]byte, error) {
- return json.Marshal(i.Load())
-}
-
-// UnmarshalJSON decodes JSON into the wrapped uint32.
-func (i *Uint32) UnmarshalJSON(b []byte) error {
- var v uint32
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- i.Store(v)
- return nil
-}
-
-// String encodes the wrapped value as a string.
-func (i *Uint32) String() string {
- v := i.Load()
- return strconv.FormatUint(uint64(v), 10)
-}
diff --git a/vendor/go.uber.org/atomic/uint64.go b/vendor/go.uber.org/atomic/uint64.go
deleted file mode 100644
index 2574bdd5ec..0000000000
--- a/vendor/go.uber.org/atomic/uint64.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// @generated Code generated by gen-atomicint.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "strconv"
- "sync/atomic"
-)
-
-// Uint64 is an atomic wrapper around uint64.
-type Uint64 struct {
- _ nocmp // disallow non-atomic comparison
-
- v uint64
-}
-
-// NewUint64 creates a new Uint64.
-func NewUint64(val uint64) *Uint64 {
- return &Uint64{v: val}
-}
-
-// Load atomically loads the wrapped value.
-func (i *Uint64) Load() uint64 {
- return atomic.LoadUint64(&i.v)
-}
-
-// Add atomically adds to the wrapped uint64 and returns the new value.
-func (i *Uint64) Add(delta uint64) uint64 {
- return atomic.AddUint64(&i.v, delta)
-}
-
-// Sub atomically subtracts from the wrapped uint64 and returns the new value.
-func (i *Uint64) Sub(delta uint64) uint64 {
- return atomic.AddUint64(&i.v, ^(delta - 1))
-}
-
-// Inc atomically increments the wrapped uint64 and returns the new value.
-func (i *Uint64) Inc() uint64 {
- return i.Add(1)
-}
-
-// Dec atomically decrements the wrapped uint64 and returns the new value.
-func (i *Uint64) Dec() uint64 {
- return i.Sub(1)
-}
-
-// CAS is an atomic compare-and-swap.
-//
-// Deprecated: Use CompareAndSwap.
-func (i *Uint64) CAS(old, new uint64) (swapped bool) {
- return i.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (i *Uint64) CompareAndSwap(old, new uint64) (swapped bool) {
- return atomic.CompareAndSwapUint64(&i.v, old, new)
-}
-
-// Store atomically stores the passed value.
-func (i *Uint64) Store(val uint64) {
- atomic.StoreUint64(&i.v, val)
-}
-
-// Swap atomically swaps the wrapped uint64 and returns the old value.
-func (i *Uint64) Swap(val uint64) (old uint64) {
- return atomic.SwapUint64(&i.v, val)
-}
-
-// MarshalJSON encodes the wrapped uint64 into JSON.
-func (i *Uint64) MarshalJSON() ([]byte, error) {
- return json.Marshal(i.Load())
-}
-
-// UnmarshalJSON decodes JSON into the wrapped uint64.
-func (i *Uint64) UnmarshalJSON(b []byte) error {
- var v uint64
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- i.Store(v)
- return nil
-}
-
-// String encodes the wrapped value as a string.
-func (i *Uint64) String() string {
- v := i.Load()
- return strconv.FormatUint(uint64(v), 10)
-}
diff --git a/vendor/go.uber.org/atomic/uintptr.go b/vendor/go.uber.org/atomic/uintptr.go
deleted file mode 100644
index 81b275a7ad..0000000000
--- a/vendor/go.uber.org/atomic/uintptr.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// @generated Code generated by gen-atomicint.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "encoding/json"
- "strconv"
- "sync/atomic"
-)
-
-// Uintptr is an atomic wrapper around uintptr.
-type Uintptr struct {
- _ nocmp // disallow non-atomic comparison
-
- v uintptr
-}
-
-// NewUintptr creates a new Uintptr.
-func NewUintptr(val uintptr) *Uintptr {
- return &Uintptr{v: val}
-}
-
-// Load atomically loads the wrapped value.
-func (i *Uintptr) Load() uintptr {
- return atomic.LoadUintptr(&i.v)
-}
-
-// Add atomically adds to the wrapped uintptr and returns the new value.
-func (i *Uintptr) Add(delta uintptr) uintptr {
- return atomic.AddUintptr(&i.v, delta)
-}
-
-// Sub atomically subtracts from the wrapped uintptr and returns the new value.
-func (i *Uintptr) Sub(delta uintptr) uintptr {
- return atomic.AddUintptr(&i.v, ^(delta - 1))
-}
-
-// Inc atomically increments the wrapped uintptr and returns the new value.
-func (i *Uintptr) Inc() uintptr {
- return i.Add(1)
-}
-
-// Dec atomically decrements the wrapped uintptr and returns the new value.
-func (i *Uintptr) Dec() uintptr {
- return i.Sub(1)
-}
-
-// CAS is an atomic compare-and-swap.
-//
-// Deprecated: Use CompareAndSwap.
-func (i *Uintptr) CAS(old, new uintptr) (swapped bool) {
- return i.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (i *Uintptr) CompareAndSwap(old, new uintptr) (swapped bool) {
- return atomic.CompareAndSwapUintptr(&i.v, old, new)
-}
-
-// Store atomically stores the passed value.
-func (i *Uintptr) Store(val uintptr) {
- atomic.StoreUintptr(&i.v, val)
-}
-
-// Swap atomically swaps the wrapped uintptr and returns the old value.
-func (i *Uintptr) Swap(val uintptr) (old uintptr) {
- return atomic.SwapUintptr(&i.v, val)
-}
-
-// MarshalJSON encodes the wrapped uintptr into JSON.
-func (i *Uintptr) MarshalJSON() ([]byte, error) {
- return json.Marshal(i.Load())
-}
-
-// UnmarshalJSON decodes JSON into the wrapped uintptr.
-func (i *Uintptr) UnmarshalJSON(b []byte) error {
- var v uintptr
- if err := json.Unmarshal(b, &v); err != nil {
- return err
- }
- i.Store(v)
- return nil
-}
-
-// String encodes the wrapped value as a string.
-func (i *Uintptr) String() string {
- v := i.Load()
- return strconv.FormatUint(uint64(v), 10)
-}
diff --git a/vendor/go.uber.org/atomic/unsafe_pointer.go b/vendor/go.uber.org/atomic/unsafe_pointer.go
deleted file mode 100644
index 34868baf6a..0000000000
--- a/vendor/go.uber.org/atomic/unsafe_pointer.go
+++ /dev/null
@@ -1,65 +0,0 @@
-// Copyright (c) 2021-2022 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import (
- "sync/atomic"
- "unsafe"
-)
-
-// UnsafePointer is an atomic wrapper around unsafe.Pointer.
-type UnsafePointer struct {
- _ nocmp // disallow non-atomic comparison
-
- v unsafe.Pointer
-}
-
-// NewUnsafePointer creates a new UnsafePointer.
-func NewUnsafePointer(val unsafe.Pointer) *UnsafePointer {
- return &UnsafePointer{v: val}
-}
-
-// Load atomically loads the wrapped value.
-func (p *UnsafePointer) Load() unsafe.Pointer {
- return atomic.LoadPointer(&p.v)
-}
-
-// Store atomically stores the passed value.
-func (p *UnsafePointer) Store(val unsafe.Pointer) {
- atomic.StorePointer(&p.v, val)
-}
-
-// Swap atomically swaps the wrapped unsafe.Pointer and returns the old value.
-func (p *UnsafePointer) Swap(val unsafe.Pointer) (old unsafe.Pointer) {
- return atomic.SwapPointer(&p.v, val)
-}
-
-// CAS is an atomic compare-and-swap.
-//
-// Deprecated: Use CompareAndSwap
-func (p *UnsafePointer) CAS(old, new unsafe.Pointer) (swapped bool) {
- return p.CompareAndSwap(old, new)
-}
-
-// CompareAndSwap is an atomic compare-and-swap.
-func (p *UnsafePointer) CompareAndSwap(old, new unsafe.Pointer) (swapped bool) {
- return atomic.CompareAndSwapPointer(&p.v, old, new)
-}
diff --git a/vendor/go.uber.org/atomic/value.go b/vendor/go.uber.org/atomic/value.go
deleted file mode 100644
index 52caedb9a5..0000000000
--- a/vendor/go.uber.org/atomic/value.go
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright (c) 2020 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package atomic
-
-import "sync/atomic"
-
-// Value shadows the type of the same name from sync/atomic
-// https://godoc.org/sync/atomic#Value
-type Value struct {
- _ nocmp // disallow non-atomic comparison
-
- atomic.Value
-}
diff --git a/vendor/go.uber.org/zap/.golangci.yml b/vendor/go.uber.org/zap/.golangci.yml
new file mode 100644
index 0000000000..fbc6df7906
--- /dev/null
+++ b/vendor/go.uber.org/zap/.golangci.yml
@@ -0,0 +1,77 @@
+output:
+ # Make output more digestible with quickfix in vim/emacs/etc.
+ sort-results: true
+ print-issued-lines: false
+
+linters:
+ # We'll track the golangci-lint default linters manually
+ # instead of letting them change without our control.
+ disable-all: true
+ enable:
+ # golangci-lint defaults:
+ - errcheck
+ - gosimple
+ - govet
+ - ineffassign
+ - staticcheck
+ - unused
+
+ # Our own extras:
+ - gofmt
+ - nolintlint # lints nolint directives
+ - revive
+
+linters-settings:
+ govet:
+ # These govet checks are disabled by default, but they're useful.
+ enable:
+ - niliness
+ - reflectvaluecompare
+ - sortslice
+ - unusedwrite
+
+ errcheck:
+ exclude-functions:
+ # These methods can not fail.
+ # They operate on an in-memory buffer.
+ - (*go.uber.org/zap/buffer.Buffer).Write
+ - (*go.uber.org/zap/buffer.Buffer).WriteByte
+ - (*go.uber.org/zap/buffer.Buffer).WriteString
+
+ - (*go.uber.org/zap/zapio.Writer).Close
+ - (*go.uber.org/zap/zapio.Writer).Sync
+ - (*go.uber.org/zap/zapio.Writer).Write
+ # Write to zapio.Writer cannot fail,
+ # so io.WriteString on it cannot fail.
+ - io.WriteString(*go.uber.org/zap/zapio.Writer)
+
+ # Writing a plain string to a fmt.State cannot fail.
+ - io.WriteString(fmt.State)
+
+issues:
+ # Print all issues reported by all linters.
+ max-issues-per-linter: 0
+ max-same-issues: 0
+
+ # Don't ignore some of the issues that golangci-lint considers okay.
+ # This includes documenting all exported entities.
+ exclude-use-default: false
+
+ exclude-rules:
+ # Don't warn on unused parameters.
+ # Parameter names are useful; replacing them with '_' is undesirable.
+ - linters: [revive]
+ text: 'unused-parameter: parameter \S+ seems to be unused, consider removing or renaming it as _'
+
+ # staticcheck already has smarter checks for empty blocks.
+ # revive's empty-block linter has false positives.
+ # For example, as of writing this, the following is not allowed.
+ # for foo() { }
+ - linters: [revive]
+ text: 'empty-block: this block is empty, you can remove it'
+
+ # Ignore logger.Sync() errcheck failures in example_test.go
+ # since those are intended to be uncomplicated examples.
+ - linters: [errcheck]
+ path: example_test.go
+ text: 'Error return value of `logger.Sync` is not checked'
diff --git a/vendor/go.uber.org/zap/.readme.tmpl b/vendor/go.uber.org/zap/.readme.tmpl
index 3154a1e64c..92aa65d660 100644
--- a/vendor/go.uber.org/zap/.readme.tmpl
+++ b/vendor/go.uber.org/zap/.readme.tmpl
@@ -96,14 +96,14 @@ Released under the [MIT License](LICENSE.txt).
In particular, keep in mind that we may be
benchmarking against slightly older versions of other packages. Versions are
-pinned in zap's [glide.lock][] file. [↩](#anchor-versions)
+pinned in the [benchmarks/go.mod][] file. [↩](#anchor-versions)
-[doc-img]: https://godoc.org/go.uber.org/zap?status.svg
-[doc]: https://godoc.org/go.uber.org/zap
-[ci-img]: https://travis-ci.com/uber-go/zap.svg?branch=master
-[ci]: https://travis-ci.com/uber-go/zap
+[doc-img]: https://pkg.go.dev/badge/go.uber.org/zap
+[doc]: https://pkg.go.dev/go.uber.org/zap
+[ci-img]: https://github.com/uber-go/zap/actions/workflows/go.yml/badge.svg
+[ci]: https://github.com/uber-go/zap/actions/workflows/go.yml
[cov-img]: https://codecov.io/gh/uber-go/zap/branch/master/graph/badge.svg
[cov]: https://codecov.io/gh/uber-go/zap
[benchmarking suite]: https://github.com/uber-go/zap/tree/master/benchmarks
-[glide.lock]: https://github.com/uber-go/zap/blob/master/glide.lock
+[benchmarks/go.mod]: https://github.com/uber-go/zap/blob/master/benchmarks/go.mod
diff --git a/vendor/go.uber.org/zap/CHANGELOG.md b/vendor/go.uber.org/zap/CHANGELOG.md
index fdfef8808a..11b4659761 100644
--- a/vendor/go.uber.org/zap/CHANGELOG.md
+++ b/vendor/go.uber.org/zap/CHANGELOG.md
@@ -1,4 +1,148 @@
# Changelog
+All notable changes to this project will be documented in this file.
+
+This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## 1.26.0 (14 Sep 2023)
+Enhancements:
+* [#1319][]: Add `WithLazy` method to `Logger` which lazily evaluates the structured
+context.
+* [#1350][]: String encoding is much (~50%) faster now.
+
+Thanks to @jquirke, @cdvr1993 for their contributions to this release.
+
+[#1319]: https://github.com/uber-go/zap/pull/1319
+[#1350]: https://github.com/uber-go/zap/pull/1350
+
+## 1.25.0 (1 Aug 2023)
+
+This release contains several improvements including performance, API additions,
+and two new experimental packages whose APIs are unstable and may change in the
+future.
+
+Enhancements:
+* [#1246][]: Add `zap/exp/zapslog` package for integration with slog.
+* [#1273][]: Add `Name` to `Logger` which returns the Logger's name if one is set.
+* [#1281][]: Add `zap/exp/expfield` package which contains helper methods
+`Str` and `Strs` for constructing String-like zap.Fields.
+* [#1310][]: Reduce stack size on `Any`.
+
+Thanks to @knight42, @dzakaammar, @bcspragu, and @rexywork for their contributions
+to this release.
+
+[#1246]: https://github.com/uber-go/zap/pull/1246
+[#1273]: https://github.com/uber-go/zap/pull/1273
+[#1281]: https://github.com/uber-go/zap/pull/1281
+[#1310]: https://github.com/uber-go/zap/pull/1310
+
+## 1.24.0 (30 Nov 2022)
+
+Enhancements:
+* [#1148][]: Add `Level` to both `Logger` and `SugaredLogger` that reports the
+ current minimum enabled log level.
+* [#1185][]: `SugaredLogger` turns errors to zap.Error automatically.
+
+Thanks to @Abirdcfly, @craigpastro, @nnnkkk7, and @sashamelentyev for their
+contributions to this release.
+
+[#1148]: https://github.coml/uber-go/zap/pull/1148
+[#1185]: https://github.coml/uber-go/zap/pull/1185
+
+## 1.23.0 (24 Aug 2022)
+
+Enhancements:
+* [#1147][]: Add a `zapcore.LevelOf` function to determine the level of a
+ `LevelEnabler` or `Core`.
+* [#1155][]: Add `zap.Stringers` field constructor to log arrays of objects
+ that implement `String() string`.
+
+[#1147]: https://github.com/uber-go/zap/pull/1147
+[#1155]: https://github.com/uber-go/zap/pull/1155
+
+## 1.22.0 (8 Aug 2022)
+
+Enhancements:
+* [#1071][]: Add `zap.Objects` and `zap.ObjectValues` field constructors to log
+ arrays of objects. With these two constructors, you don't need to implement
+ `zapcore.ArrayMarshaler` for use with `zap.Array` if those objects implement
+ `zapcore.ObjectMarshaler`.
+* [#1079][]: Add `SugaredLogger.WithOptions` to build a copy of an existing
+ `SugaredLogger` with the provided options applied.
+* [#1080][]: Add `*ln` variants to `SugaredLogger` for each log level.
+ These functions provide a string joining behavior similar to `fmt.Println`.
+* [#1088][]: Add `zap.WithFatalHook` option to control the behavior of the
+ logger for `Fatal`-level log entries. This defaults to exiting the program.
+* [#1108][]: Add a `zap.Must` function that you can use with `NewProduction` or
+ `NewDevelopment` to panic if the system was unable to build the logger.
+* [#1118][]: Add a `Logger.Log` method that allows specifying the log level for
+ a statement dynamically.
+
+Thanks to @cardil, @craigpastro, @sashamelentyev, @shota3506, and @zhupeijun
+for their contributions to this release.
+
+[#1071]: https://github.com/uber-go/zap/pull/1071
+[#1079]: https://github.com/uber-go/zap/pull/1079
+[#1080]: https://github.com/uber-go/zap/pull/1080
+[#1088]: https://github.com/uber-go/zap/pull/1088
+[#1108]: https://github.com/uber-go/zap/pull/1108
+[#1118]: https://github.com/uber-go/zap/pull/1118
+
+## 1.21.0 (7 Feb 2022)
+
+Enhancements:
+* [#1047][]: Add `zapcore.ParseLevel` to parse a `Level` from a string.
+* [#1048][]: Add `zap.ParseAtomicLevel` to parse an `AtomicLevel` from a
+ string.
+
+Bugfixes:
+* [#1058][]: Fix panic in JSON encoder when `EncodeLevel` is unset.
+
+Other changes:
+* [#1052][]: Improve encoding performance when the `AddCaller` and
+ `AddStacktrace` options are used together.
+
+[#1047]: https://github.com/uber-go/zap/pull/1047
+[#1048]: https://github.com/uber-go/zap/pull/1048
+[#1052]: https://github.com/uber-go/zap/pull/1052
+[#1058]: https://github.com/uber-go/zap/pull/1058
+
+Thanks to @aerosol and @Techassi for their contributions to this release.
+
+## 1.20.0 (4 Jan 2022)
+
+Enhancements:
+* [#989][]: Add `EncoderConfig.SkipLineEnding` flag to disable adding newline
+ characters between log statements.
+* [#1039][]: Add `EncoderConfig.NewReflectedEncoder` field to customize JSON
+ encoding of reflected log fields.
+
+Bugfixes:
+* [#1011][]: Fix inaccurate precision when encoding complex64 as JSON.
+* [#554][], [#1017][]: Close JSON namespaces opened in `MarshalLogObject`
+ methods when the methods return.
+* [#1033][]: Avoid panicking in Sampler core if `thereafter` is zero.
+
+Other changes:
+* [#1028][]: Drop support for Go < 1.15.
+
+[#554]: https://github.com/uber-go/zap/pull/554
+[#989]: https://github.com/uber-go/zap/pull/989
+[#1011]: https://github.com/uber-go/zap/pull/1011
+[#1017]: https://github.com/uber-go/zap/pull/1017
+[#1028]: https://github.com/uber-go/zap/pull/1028
+[#1033]: https://github.com/uber-go/zap/pull/1033
+[#1039]: https://github.com/uber-go/zap/pull/1039
+
+Thanks to @psrajat, @lruggieri, @sammyrnycreal for their contributions to this release.
+
+## 1.19.1 (8 Sep 2021)
+
+Bugfixes:
+* [#1001][]: JSON: Fix complex number encoding with negative imaginary part. Thanks to @hemantjadon.
+* [#1003][]: JSON: Fix inaccurate precision when encoding float32.
+
+[#1001]: https://github.com/uber-go/zap/pull/1001
+[#1003]: https://github.com/uber-go/zap/pull/1003
## 1.19.0 (9 Aug 2021)
@@ -63,6 +207,16 @@ Enhancements:
Thanks to @ash2k, @FMLS, @jimmystewpot, @Oncilla, @tsoslow, @tylitianrui, @withshubh, and @wziww for their contributions to this release.
+[#865]: https://github.com/uber-go/zap/pull/865
+[#867]: https://github.com/uber-go/zap/pull/867
+[#881]: https://github.com/uber-go/zap/pull/881
+[#903]: https://github.com/uber-go/zap/pull/903
+[#912]: https://github.com/uber-go/zap/pull/912
+[#913]: https://github.com/uber-go/zap/pull/913
+[#928]: https://github.com/uber-go/zap/pull/928
+[#931]: https://github.com/uber-go/zap/pull/931
+[#936]: https://github.com/uber-go/zap/pull/936
+
## 1.16.0 (1 Sep 2020)
Bugfixes:
@@ -84,6 +238,17 @@ Enhancements:
Thanks to @SteelPhase, @tmshn, @lixingwang, @wyxloading, @moul, @segevfiner, @andy-retailnext and @jcorbin for their contributions to this release.
+[#629]: https://github.com/uber-go/zap/pull/629
+[#697]: https://github.com/uber-go/zap/pull/697
+[#828]: https://github.com/uber-go/zap/pull/828
+[#835]: https://github.com/uber-go/zap/pull/835
+[#843]: https://github.com/uber-go/zap/pull/843
+[#844]: https://github.com/uber-go/zap/pull/844
+[#852]: https://github.com/uber-go/zap/pull/852
+[#854]: https://github.com/uber-go/zap/pull/854
+[#861]: https://github.com/uber-go/zap/pull/861
+[#862]: https://github.com/uber-go/zap/pull/862
+
## 1.15.0 (23 Apr 2020)
Bugfixes:
@@ -100,6 +265,11 @@ Enhancements:
Thanks to @danielbprice for their contributions to this release.
+[#804]: https://github.com/uber-go/zap/pull/804
+[#812]: https://github.com/uber-go/zap/pull/812
+[#806]: https://github.com/uber-go/zap/pull/806
+[#813]: https://github.com/uber-go/zap/pull/813
+
## 1.14.1 (14 Mar 2020)
Bugfixes:
@@ -112,6 +282,10 @@ Bugfixes:
Thanks to @YashishDua for their contributions to this release.
+[#791]: https://github.com/uber-go/zap/pull/791
+[#795]: https://github.com/uber-go/zap/pull/795
+[#799]: https://github.com/uber-go/zap/pull/799
+
## 1.14.0 (20 Feb 2020)
Enhancements:
@@ -122,6 +296,11 @@ Enhancements:
Thanks to @caibirdme for their contributions to this release.
+[#771]: https://github.com/uber-go/zap/pull/771
+[#773]: https://github.com/uber-go/zap/pull/773
+[#775]: https://github.com/uber-go/zap/pull/775
+[#786]: https://github.com/uber-go/zap/pull/786
+
## 1.13.0 (13 Nov 2019)
Enhancements:
@@ -130,11 +309,15 @@ Enhancements:
Thanks to @jbizzle for their contributions to this release.
+[#758]: https://github.com/uber-go/zap/pull/758
+
## 1.12.0 (29 Oct 2019)
Enhancements:
* [#751][]: Migrate to Go modules.
+[#751]: https://github.com/uber-go/zap/pull/751
+
## 1.11.0 (21 Oct 2019)
Enhancements:
@@ -143,6 +326,9 @@ Enhancements:
Thanks to @juicemia, @uhthomas for their contributions to this release.
+[#725]: https://github.com/uber-go/zap/pull/725
+[#736]: https://github.com/uber-go/zap/pull/736
+
## 1.10.0 (29 Apr 2019)
Bugfixes:
@@ -160,12 +346,20 @@ Enhancements:
Thanks to @iaroslav-ciupin, @lelenanam, @joa, @NWilson for their contributions
to this release.
+[#657]: https://github.com/uber-go/zap/pull/657
+[#706]: https://github.com/uber-go/zap/pull/706
+[#610]: https://github.com/uber-go/zap/pull/610
+[#675]: https://github.com/uber-go/zap/pull/675
+[#704]: https://github.com/uber-go/zap/pull/704
+
## v1.9.1 (06 Aug 2018)
Bugfixes:
* [#614][]: MapObjectEncoder should not ignore empty slices.
+[#614]: https://github.com/uber-go/zap/pull/614
+
## v1.9.0 (19 Jul 2018)
Enhancements:
@@ -175,6 +369,10 @@ Enhancements:
Thanks to @nfarah86, @AlekSi, @JeanMertz, @philippgille, @etsangsplk, and
@dimroc for their contributions to this release.
+[#602]: https://github.com/uber-go/zap/pull/602
+[#572]: https://github.com/uber-go/zap/pull/572
+[#606]: https://github.com/uber-go/zap/pull/606
+
## v1.8.0 (13 Apr 2018)
Enhancements:
@@ -188,11 +386,18 @@ Bugfixes:
Thanks to @DiSiqueira and @djui for their contributions to this release.
+[#508]: https://github.com/uber-go/zap/pull/508
+[#518]: https://github.com/uber-go/zap/pull/518
+[#577]: https://github.com/uber-go/zap/pull/577
+[#574]: https://github.com/uber-go/zap/pull/574
+
## v1.7.1 (25 Sep 2017)
Bugfixes:
* [#504][]: Store strings when using AddByteString with the map encoder.
+[#504]: https://github.com/uber-go/zap/pull/504
+
## v1.7.0 (21 Sep 2017)
Enhancements:
@@ -200,6 +405,8 @@ Enhancements:
* [#487][]: Add `NewStdLogAt`, which extends `NewStdLog` by allowing the user
to specify the level of the logged messages.
+[#487]: https://github.com/uber-go/zap/pull/487
+
## v1.6.0 (30 Aug 2017)
Enhancements:
@@ -208,6 +415,9 @@ Enhancements:
* [#490][]: Add a `ContextMap` method to observer logs for simpler
field validation in tests.
+[#490]: https://github.com/uber-go/zap/pull/490
+[#491]: https://github.com/uber-go/zap/pull/491
+
## v1.5.0 (22 Jul 2017)
Enhancements:
@@ -221,6 +431,11 @@ Bugfixes:
Thanks to @richard-tunein and @pavius for their contributions to this release.
+[#477]: https://github.com/uber-go/zap/pull/477
+[#465]: https://github.com/uber-go/zap/pull/465
+[#460]: https://github.com/uber-go/zap/pull/460
+[#470]: https://github.com/uber-go/zap/pull/470
+
## v1.4.1 (08 Jun 2017)
This release fixes two bugs.
@@ -230,6 +445,9 @@ Bugfixes:
* [#435][]: Support a variety of case conventions when unmarshaling levels.
* [#444][]: Fix a panic in the observer.
+[#435]: https://github.com/uber-go/zap/pull/435
+[#444]: https://github.com/uber-go/zap/pull/444
+
## v1.4.0 (12 May 2017)
This release adds a few small features and is fully backward-compatible.
@@ -242,6 +460,10 @@ Enhancements:
* [#431][]: Make `zap.AtomicLevel` implement `fmt.Stringer`, which makes a
variety of operations a bit simpler.
+[#424]: https://github.com/uber-go/zap/pull/424
+[#425]: https://github.com/uber-go/zap/pull/425
+[#431]: https://github.com/uber-go/zap/pull/431
+
## v1.3.0 (25 Apr 2017)
This release adds an enhancement to zap's testing helpers as well as the
@@ -253,6 +475,9 @@ Enhancements:
particularly useful when testing the `SugaredLogger`.
* [#416][]: Make `AtomicLevel` implement `encoding.TextMarshaler`.
+[#415]: https://github.com/uber-go/zap/pull/415
+[#416]: https://github.com/uber-go/zap/pull/416
+
## v1.2.0 (13 Apr 2017)
This release adds a gRPC compatibility wrapper. It is fully backward-compatible.
@@ -262,6 +487,8 @@ Enhancements:
* [#402][]: Add a `zapgrpc` package that wraps zap's Logger and implements
`grpclog.Logger`.
+[#402]: https://github.com/uber-go/zap/pull/402
+
## v1.1.0 (31 Mar 2017)
This release fixes two bugs and adds some enhancements to zap's testing helpers.
@@ -279,6 +506,10 @@ Enhancements:
Thanks to @moitias for contributing to this release.
+[#385]: https://github.com/uber-go/zap/pull/385
+[#396]: https://github.com/uber-go/zap/pull/396
+[#386]: https://github.com/uber-go/zap/pull/386
+
## v1.0.0 (14 Mar 2017)
This is zap's first stable release. All exported APIs are now final, and no
@@ -324,6 +555,20 @@ Enhancements:
Thanks to @suyash, @htrendev, @flisky, @Ulexus, and @skipor for their
contributions to this release.
+[#366]: https://github.com/uber-go/zap/pull/366
+[#364]: https://github.com/uber-go/zap/pull/364
+[#371]: https://github.com/uber-go/zap/pull/371
+[#362]: https://github.com/uber-go/zap/pull/362
+[#369]: https://github.com/uber-go/zap/pull/369
+[#347]: https://github.com/uber-go/zap/pull/347
+[#373]: https://github.com/uber-go/zap/pull/373
+[#348]: https://github.com/uber-go/zap/pull/348
+[#327]: https://github.com/uber-go/zap/pull/327
+[#376]: https://github.com/uber-go/zap/pull/376
+[#346]: https://github.com/uber-go/zap/pull/346
+[#365]: https://github.com/uber-go/zap/pull/365
+[#372]: https://github.com/uber-go/zap/pull/372
+
## v1.0.0-rc.3 (7 Mar 2017)
This is the third release candidate for zap's stable release. There are no
@@ -345,6 +590,11 @@ Enhancements:
Thanks to @ansel1 and @suyash for their contributions to this release.
+[#339]: https://github.com/uber-go/zap/pull/339
+[#307]: https://github.com/uber-go/zap/pull/307
+[#353]: https://github.com/uber-go/zap/pull/353
+[#311]: https://github.com/uber-go/zap/pull/311
+
## v1.0.0-rc.2 (21 Feb 2017)
This is the second release candidate for zap's stable release. It includes two
@@ -382,6 +632,15 @@ Enhancements:
Thanks to @skipor and @chapsuk for their contributions to this release.
+[#316]: https://github.com/uber-go/zap/pull/316
+[#309]: https://github.com/uber-go/zap/pull/309
+[#317]: https://github.com/uber-go/zap/pull/317
+[#321]: https://github.com/uber-go/zap/pull/321
+[#325]: https://github.com/uber-go/zap/pull/325
+[#333]: https://github.com/uber-go/zap/pull/333
+[#326]: https://github.com/uber-go/zap/pull/326
+[#300]: https://github.com/uber-go/zap/pull/300
+
## v1.0.0-rc.1 (14 Feb 2017)
This is the first release candidate for zap's stable release. There are multiple
@@ -410,95 +669,3 @@ backward compatibility concerns and all functionality is new.
Early zap adopters should pin to the 0.1.x minor version until they're ready to
upgrade to the upcoming stable release.
-
-[#316]: https://github.com/uber-go/zap/pull/316
-[#309]: https://github.com/uber-go/zap/pull/309
-[#317]: https://github.com/uber-go/zap/pull/317
-[#321]: https://github.com/uber-go/zap/pull/321
-[#325]: https://github.com/uber-go/zap/pull/325
-[#333]: https://github.com/uber-go/zap/pull/333
-[#326]: https://github.com/uber-go/zap/pull/326
-[#300]: https://github.com/uber-go/zap/pull/300
-[#339]: https://github.com/uber-go/zap/pull/339
-[#307]: https://github.com/uber-go/zap/pull/307
-[#353]: https://github.com/uber-go/zap/pull/353
-[#311]: https://github.com/uber-go/zap/pull/311
-[#366]: https://github.com/uber-go/zap/pull/366
-[#364]: https://github.com/uber-go/zap/pull/364
-[#371]: https://github.com/uber-go/zap/pull/371
-[#362]: https://github.com/uber-go/zap/pull/362
-[#369]: https://github.com/uber-go/zap/pull/369
-[#347]: https://github.com/uber-go/zap/pull/347
-[#373]: https://github.com/uber-go/zap/pull/373
-[#348]: https://github.com/uber-go/zap/pull/348
-[#327]: https://github.com/uber-go/zap/pull/327
-[#376]: https://github.com/uber-go/zap/pull/376
-[#346]: https://github.com/uber-go/zap/pull/346
-[#365]: https://github.com/uber-go/zap/pull/365
-[#372]: https://github.com/uber-go/zap/pull/372
-[#385]: https://github.com/uber-go/zap/pull/385
-[#396]: https://github.com/uber-go/zap/pull/396
-[#386]: https://github.com/uber-go/zap/pull/386
-[#402]: https://github.com/uber-go/zap/pull/402
-[#415]: https://github.com/uber-go/zap/pull/415
-[#416]: https://github.com/uber-go/zap/pull/416
-[#424]: https://github.com/uber-go/zap/pull/424
-[#425]: https://github.com/uber-go/zap/pull/425
-[#431]: https://github.com/uber-go/zap/pull/431
-[#435]: https://github.com/uber-go/zap/pull/435
-[#444]: https://github.com/uber-go/zap/pull/444
-[#477]: https://github.com/uber-go/zap/pull/477
-[#465]: https://github.com/uber-go/zap/pull/465
-[#460]: https://github.com/uber-go/zap/pull/460
-[#470]: https://github.com/uber-go/zap/pull/470
-[#487]: https://github.com/uber-go/zap/pull/487
-[#490]: https://github.com/uber-go/zap/pull/490
-[#491]: https://github.com/uber-go/zap/pull/491
-[#504]: https://github.com/uber-go/zap/pull/504
-[#508]: https://github.com/uber-go/zap/pull/508
-[#518]: https://github.com/uber-go/zap/pull/518
-[#577]: https://github.com/uber-go/zap/pull/577
-[#574]: https://github.com/uber-go/zap/pull/574
-[#602]: https://github.com/uber-go/zap/pull/602
-[#572]: https://github.com/uber-go/zap/pull/572
-[#606]: https://github.com/uber-go/zap/pull/606
-[#614]: https://github.com/uber-go/zap/pull/614
-[#657]: https://github.com/uber-go/zap/pull/657
-[#706]: https://github.com/uber-go/zap/pull/706
-[#610]: https://github.com/uber-go/zap/pull/610
-[#675]: https://github.com/uber-go/zap/pull/675
-[#704]: https://github.com/uber-go/zap/pull/704
-[#725]: https://github.com/uber-go/zap/pull/725
-[#736]: https://github.com/uber-go/zap/pull/736
-[#751]: https://github.com/uber-go/zap/pull/751
-[#758]: https://github.com/uber-go/zap/pull/758
-[#771]: https://github.com/uber-go/zap/pull/771
-[#773]: https://github.com/uber-go/zap/pull/773
-[#775]: https://github.com/uber-go/zap/pull/775
-[#786]: https://github.com/uber-go/zap/pull/786
-[#791]: https://github.com/uber-go/zap/pull/791
-[#795]: https://github.com/uber-go/zap/pull/795
-[#799]: https://github.com/uber-go/zap/pull/799
-[#804]: https://github.com/uber-go/zap/pull/804
-[#812]: https://github.com/uber-go/zap/pull/812
-[#806]: https://github.com/uber-go/zap/pull/806
-[#813]: https://github.com/uber-go/zap/pull/813
-[#629]: https://github.com/uber-go/zap/pull/629
-[#697]: https://github.com/uber-go/zap/pull/697
-[#828]: https://github.com/uber-go/zap/pull/828
-[#835]: https://github.com/uber-go/zap/pull/835
-[#843]: https://github.com/uber-go/zap/pull/843
-[#844]: https://github.com/uber-go/zap/pull/844
-[#852]: https://github.com/uber-go/zap/pull/852
-[#854]: https://github.com/uber-go/zap/pull/854
-[#861]: https://github.com/uber-go/zap/pull/861
-[#862]: https://github.com/uber-go/zap/pull/862
-[#865]: https://github.com/uber-go/zap/pull/865
-[#867]: https://github.com/uber-go/zap/pull/867
-[#881]: https://github.com/uber-go/zap/pull/881
-[#903]: https://github.com/uber-go/zap/pull/903
-[#912]: https://github.com/uber-go/zap/pull/912
-[#913]: https://github.com/uber-go/zap/pull/913
-[#928]: https://github.com/uber-go/zap/pull/928
-[#931]: https://github.com/uber-go/zap/pull/931
-[#936]: https://github.com/uber-go/zap/pull/936
diff --git a/vendor/go.uber.org/zap/CONTRIBUTING.md b/vendor/go.uber.org/zap/CONTRIBUTING.md
index 5cd9656871..ea02f3cae2 100644
--- a/vendor/go.uber.org/zap/CONTRIBUTING.md
+++ b/vendor/go.uber.org/zap/CONTRIBUTING.md
@@ -16,7 +16,7 @@ you to accept the CLA when you open your pull request.
[Fork][fork], then clone the repository:
-```
+```bash
mkdir -p $GOPATH/src/go.uber.org
cd $GOPATH/src/go.uber.org
git clone git@github.com:your_github_username/zap.git
@@ -27,21 +27,16 @@ git fetch upstream
Make sure that the tests and the linters pass:
-```
+```bash
make test
make lint
```
-If you're not using the minor version of Go specified in the Makefile's
-`LINTABLE_MINOR_VERSIONS` variable, `make lint` doesn't do anything. This is
-fine, but it means that you'll only discover lint failures after you open your
-pull request.
-
## Making Changes
Start by creating a new branch for your changes:
-```
+```bash
cd $GOPATH/src/go.uber.org/zap
git checkout master
git fetch upstream
@@ -52,22 +47,22 @@ git checkout -b cool_new_feature
Make your changes, then ensure that `make lint` and `make test` still pass. If
you're satisfied with your changes, push them to your fork.
-```
+```bash
git push origin cool_new_feature
```
Then use the GitHub UI to open a pull request.
-At this point, you're waiting on us to review your changes. We *try* to respond
+At this point, you're waiting on us to review your changes. We _try_ to respond
to issues and pull requests within a few business days, and we may suggest some
improvements or alternatives. Once your changes are approved, one of the
project maintainers will merge them.
We're much more likely to approve your changes if you:
-* Add tests for new functionality.
-* Write a [good commit message][commit-message].
-* Maintain backward compatibility.
+- Add tests for new functionality.
+- Write a [good commit message][commit-message].
+- Maintain backward compatibility.
[fork]: https://github.com/uber-go/zap/fork
[open-issue]: https://github.com/uber-go/zap/issues/new
diff --git a/vendor/go.uber.org/zap/Makefile b/vendor/go.uber.org/zap/Makefile
index 9b1bc3b0e1..eb1cee53bd 100644
--- a/vendor/go.uber.org/zap/Makefile
+++ b/vendor/go.uber.org/zap/Makefile
@@ -1,50 +1,51 @@
-export GOBIN ?= $(shell pwd)/bin
+# Directory containing the Makefile.
+PROJECT_ROOT = $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
-GOLINT = $(GOBIN)/golint
-STATICCHECK = $(GOBIN)/staticcheck
+export GOBIN ?= $(PROJECT_ROOT)/bin
+export PATH := $(GOBIN):$(PATH)
+
+GOVULNCHECK = $(GOBIN)/govulncheck
BENCH_FLAGS ?= -cpuprofile=cpu.pprof -memprofile=mem.pprof -benchmem
# Directories containing independent Go modules.
-#
-# We track coverage only for the main module.
-MODULE_DIRS = . ./benchmarks ./zapgrpc/internal/test
+MODULE_DIRS = . ./exp ./benchmarks ./zapgrpc/internal/test
-# Many Go tools take file globs or directories as arguments instead of packages.
-GO_FILES := $(shell \
- find . '(' -path '*/.*' -o -path './vendor' ')' -prune \
- -o -name '*.go' -print | cut -b3-)
+# Directories that we want to track coverage for.
+COVER_DIRS = . ./exp
.PHONY: all
all: lint test
.PHONY: lint
-lint: $(GOLINT) $(STATICCHECK)
- @rm -rf lint.log
- @echo "Checking formatting..."
- @gofmt -d -s $(GO_FILES) 2>&1 | tee lint.log
- @echo "Checking vet..."
- @$(foreach dir,$(MODULE_DIRS),(cd $(dir) && go vet ./... 2>&1) &&) true | tee -a lint.log
- @echo "Checking lint..."
- @$(foreach dir,$(MODULE_DIRS),(cd $(dir) && $(GOLINT) ./... 2>&1) &&) true | tee -a lint.log
- @echo "Checking staticcheck..."
- @$(foreach dir,$(MODULE_DIRS),(cd $(dir) && $(STATICCHECK) ./... 2>&1) &&) true | tee -a lint.log
- @echo "Checking for unresolved FIXMEs..."
- @git grep -i fixme | grep -v -e Makefile | tee -a lint.log
- @echo "Checking for license headers..."
- @./checklicense.sh | tee -a lint.log
- @[ ! -s lint.log ]
- @echo "Checking 'go mod tidy'..."
- @make tidy
- @if ! git diff --quiet; then \
- echo "'go mod tidy' resulted in changes or working tree is dirty:"; \
- git --no-pager diff; \
- fi
-
-$(GOLINT):
- cd tools && go install golang.org/x/lint/golint
-
-$(STATICCHECK):
- cd tools && go install honnef.co/go/tools/cmd/staticcheck
+lint: golangci-lint tidy-lint license-lint
+
+.PHONY: golangci-lint
+golangci-lint:
+ @$(foreach mod,$(MODULE_DIRS), \
+ (cd $(mod) && \
+ echo "[lint] golangci-lint: $(mod)" && \
+ golangci-lint run --path-prefix $(mod)) &&) true
+
+.PHONY: tidy
+tidy:
+ @$(foreach dir,$(MODULE_DIRS), \
+ (cd $(dir) && go mod tidy) &&) true
+
+.PHONY: tidy-lint
+tidy-lint:
+ @$(foreach mod,$(MODULE_DIRS), \
+ (cd $(mod) && \
+ echo "[lint] tidy: $(mod)" && \
+ go mod tidy && \
+ git diff --exit-code -- go.mod go.sum) &&) true
+
+
+.PHONY: license-lint
+license-lint:
+ ./checklicense.sh
+
+$(GOVULNCHECK):
+ cd tools && go install golang.org/x/vuln/cmd/govulncheck
.PHONY: test
test:
@@ -52,8 +53,10 @@ test:
.PHONY: cover
cover:
- go test -race -coverprofile=cover.out -coverpkg=./... ./...
- go tool cover -html=cover.out -o cover.html
+ @$(foreach dir,$(COVER_DIRS), ( \
+ cd $(dir) && \
+ go test -race -coverprofile=cover.out -coverpkg=./... ./... \
+ && go tool cover -html=cover.out -o cover.html) &&) true
.PHONY: bench
BENCH ?= .
@@ -68,6 +71,6 @@ updatereadme:
rm -f README.md
cat .readme.tmpl | go run internal/readme/readme.go > README.md
-.PHONY: tidy
-tidy:
- @$(foreach dir,$(MODULE_DIRS),(cd $(dir) && go mod tidy) &&) true
+.PHONY: vulncheck
+vulncheck: $(GOVULNCHECK)
+ $(GOVULNCHECK) ./...
diff --git a/vendor/go.uber.org/zap/README.md b/vendor/go.uber.org/zap/README.md
index 1e64d6cffc..9de08927be 100644
--- a/vendor/go.uber.org/zap/README.md
+++ b/vendor/go.uber.org/zap/README.md
@@ -66,38 +66,41 @@ Log a message and 10 fields:
| Package | Time | Time % to zap | Objects Allocated |
| :------ | :--: | :-----------: | :---------------: |
-| :zap: zap | 862 ns/op | +0% | 5 allocs/op
-| :zap: zap (sugared) | 1250 ns/op | +45% | 11 allocs/op
-| zerolog | 4021 ns/op | +366% | 76 allocs/op
-| go-kit | 4542 ns/op | +427% | 105 allocs/op
-| apex/log | 26785 ns/op | +3007% | 115 allocs/op
-| logrus | 29501 ns/op | +3322% | 125 allocs/op
-| log15 | 29906 ns/op | +3369% | 122 allocs/op
+| :zap: zap | 1744 ns/op | +0% | 5 allocs/op
+| :zap: zap (sugared) | 2483 ns/op | +42% | 10 allocs/op
+| zerolog | 918 ns/op | -47% | 1 allocs/op
+| go-kit | 5590 ns/op | +221% | 57 allocs/op
+| slog | 5640 ns/op | +223% | 40 allocs/op
+| apex/log | 21184 ns/op | +1115% | 63 allocs/op
+| logrus | 24338 ns/op | +1296% | 79 allocs/op
+| log15 | 26054 ns/op | +1394% | 74 allocs/op
Log a message with a logger that already has 10 fields of context:
| Package | Time | Time % to zap | Objects Allocated |
| :------ | :--: | :-----------: | :---------------: |
-| :zap: zap | 126 ns/op | +0% | 0 allocs/op
-| :zap: zap (sugared) | 187 ns/op | +48% | 2 allocs/op
-| zerolog | 88 ns/op | -30% | 0 allocs/op
-| go-kit | 5087 ns/op | +3937% | 103 allocs/op
-| log15 | 18548 ns/op | +14621% | 73 allocs/op
-| apex/log | 26012 ns/op | +20544% | 104 allocs/op
-| logrus | 27236 ns/op | +21516% | 113 allocs/op
+| :zap: zap | 193 ns/op | +0% | 0 allocs/op
+| :zap: zap (sugared) | 227 ns/op | +18% | 1 allocs/op
+| zerolog | 81 ns/op | -58% | 0 allocs/op
+| slog | 322 ns/op | +67% | 0 allocs/op
+| go-kit | 5377 ns/op | +2686% | 56 allocs/op
+| apex/log | 19518 ns/op | +10013% | 53 allocs/op
+| log15 | 19812 ns/op | +10165% | 70 allocs/op
+| logrus | 21997 ns/op | +11297% | 68 allocs/op
Log a static string, without any context or `printf`-style templating:
| Package | Time | Time % to zap | Objects Allocated |
| :------ | :--: | :-----------: | :---------------: |
-| :zap: zap | 118 ns/op | +0% | 0 allocs/op
-| :zap: zap (sugared) | 191 ns/op | +62% | 2 allocs/op
-| zerolog | 93 ns/op | -21% | 0 allocs/op
-| go-kit | 280 ns/op | +137% | 11 allocs/op
-| standard library | 499 ns/op | +323% | 2 allocs/op
-| apex/log | 1990 ns/op | +1586% | 10 allocs/op
-| logrus | 3129 ns/op | +2552% | 24 allocs/op
-| log15 | 3887 ns/op | +3194% | 23 allocs/op
+| :zap: zap | 165 ns/op | +0% | 0 allocs/op
+| :zap: zap (sugared) | 212 ns/op | +28% | 1 allocs/op
+| zerolog | 95 ns/op | -42% | 0 allocs/op
+| slog | 296 ns/op | +79% | 0 allocs/op
+| go-kit | 415 ns/op | +152% | 9 allocs/op
+| standard library | 422 ns/op | +156% | 2 allocs/op
+| apex/log | 1601 ns/op | +870% | 5 allocs/op
+| logrus | 3017 ns/op | +1728% | 23 allocs/op
+| log15 | 3469 ns/op | +2002% | 20 allocs/op
## Development Status: Stable
diff --git a/vendor/go.uber.org/zap/array.go b/vendor/go.uber.org/zap/array.go
index 5be3704a3e..abfccb566d 100644
--- a/vendor/go.uber.org/zap/array.go
+++ b/vendor/go.uber.org/zap/array.go
@@ -21,6 +21,7 @@
package zap
import (
+ "fmt"
"time"
"go.uber.org/zap/zapcore"
@@ -94,11 +95,137 @@ func Int8s(key string, nums []int8) Field {
return Array(key, int8s(nums))
}
+// Objects constructs a field with the given key, holding a list of the
+// provided objects that can be marshaled by Zap.
+//
+// Note that these objects must implement zapcore.ObjectMarshaler directly.
+// That is, if you're trying to marshal a []Request, the MarshalLogObject
+// method must be declared on the Request type, not its pointer (*Request).
+// If it's on the pointer, use ObjectValues.
+//
+// Given an object that implements MarshalLogObject on the value receiver, you
+// can log a slice of those objects with Objects like so:
+//
+// type Author struct{ ... }
+// func (a Author) MarshalLogObject(enc zapcore.ObjectEncoder) error
+//
+// var authors []Author = ...
+// logger.Info("loading article", zap.Objects("authors", authors))
+//
+// Similarly, given a type that implements MarshalLogObject on its pointer
+// receiver, you can log a slice of pointers to that object with Objects like
+// so:
+//
+// type Request struct{ ... }
+// func (r *Request) MarshalLogObject(enc zapcore.ObjectEncoder) error
+//
+// var requests []*Request = ...
+// logger.Info("sending requests", zap.Objects("requests", requests))
+//
+// If instead, you have a slice of values of such an object, use the
+// ObjectValues constructor.
+//
+// var requests []Request = ...
+// logger.Info("sending requests", zap.ObjectValues("requests", requests))
+func Objects[T zapcore.ObjectMarshaler](key string, values []T) Field {
+ return Array(key, objects[T](values))
+}
+
+type objects[T zapcore.ObjectMarshaler] []T
+
+func (os objects[T]) MarshalLogArray(arr zapcore.ArrayEncoder) error {
+ for _, o := range os {
+ if err := arr.AppendObject(o); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+// ObjectMarshalerPtr is a constraint that specifies that the given type
+// implements zapcore.ObjectMarshaler on a pointer receiver.
+type ObjectMarshalerPtr[T any] interface {
+ *T
+ zapcore.ObjectMarshaler
+}
+
+// ObjectValues constructs a field with the given key, holding a list of the
+// provided objects, where pointers to these objects can be marshaled by Zap.
+//
+// Note that pointers to these objects must implement zapcore.ObjectMarshaler.
+// That is, if you're trying to marshal a []Request, the MarshalLogObject
+// method must be declared on the *Request type, not the value (Request).
+// If it's on the value, use Objects.
+//
+// Given an object that implements MarshalLogObject on the pointer receiver,
+// you can log a slice of those objects with ObjectValues like so:
+//
+// type Request struct{ ... }
+// func (r *Request) MarshalLogObject(enc zapcore.ObjectEncoder) error
+//
+// var requests []Request = ...
+// logger.Info("sending requests", zap.ObjectValues("requests", requests))
+//
+// If instead, you have a slice of pointers of such an object, use the Objects
+// field constructor.
+//
+// var requests []*Request = ...
+// logger.Info("sending requests", zap.Objects("requests", requests))
+func ObjectValues[T any, P ObjectMarshalerPtr[T]](key string, values []T) Field {
+ return Array(key, objectValues[T, P](values))
+}
+
+type objectValues[T any, P ObjectMarshalerPtr[T]] []T
+
+func (os objectValues[T, P]) MarshalLogArray(arr zapcore.ArrayEncoder) error {
+ for i := range os {
+ // It is necessary for us to explicitly reference the "P" type.
+ // We cannot simply pass "&os[i]" to AppendObject because its type
+ // is "*T", which the type system does not consider as
+ // implementing ObjectMarshaler.
+ // Only the type "P" satisfies ObjectMarshaler, which we have
+ // to convert "*T" to explicitly.
+ var p P = &os[i]
+ if err := arr.AppendObject(p); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
// Strings constructs a field that carries a slice of strings.
func Strings(key string, ss []string) Field {
return Array(key, stringArray(ss))
}
+// Stringers constructs a field with the given key, holding a list of the
+// output provided by the value's String method
+//
+// Given an object that implements String on the value receiver, you
+// can log a slice of those objects with Objects like so:
+//
+// type Request struct{ ... }
+// func (a Request) String() string
+//
+// var requests []Request = ...
+// logger.Info("sending requests", zap.Stringers("requests", requests))
+//
+// Note that these objects must implement fmt.Stringer directly.
+// That is, if you're trying to marshal a []Request, the String method
+// must be declared on the Request type, not its pointer (*Request).
+func Stringers[T fmt.Stringer](key string, values []T) Field {
+ return Array(key, stringers[T](values))
+}
+
+type stringers[T fmt.Stringer] []T
+
+func (os stringers[T]) MarshalLogArray(arr zapcore.ArrayEncoder) error {
+ for _, o := range os {
+ arr.AppendString(o.String())
+ }
+ return nil
+}
+
// Times constructs a field that carries a slice of time.Times.
func Times(key string, ts []time.Time) Field {
return Array(key, times(ts))
diff --git a/vendor/go.uber.org/zap/buffer/buffer.go b/vendor/go.uber.org/zap/buffer/buffer.go
index 9e929cd98e..27fb5cd5da 100644
--- a/vendor/go.uber.org/zap/buffer/buffer.go
+++ b/vendor/go.uber.org/zap/buffer/buffer.go
@@ -42,6 +42,11 @@ func (b *Buffer) AppendByte(v byte) {
b.bs = append(b.bs, v)
}
+// AppendBytes writes a single byte to the Buffer.
+func (b *Buffer) AppendBytes(v []byte) {
+ b.bs = append(b.bs, v...)
+}
+
// AppendString writes a string to the Buffer.
func (b *Buffer) AppendString(s string) {
b.bs = append(b.bs, s...)
diff --git a/vendor/go.uber.org/zap/buffer/pool.go b/vendor/go.uber.org/zap/buffer/pool.go
index 8fb3e202cf..846323360e 100644
--- a/vendor/go.uber.org/zap/buffer/pool.go
+++ b/vendor/go.uber.org/zap/buffer/pool.go
@@ -20,25 +20,29 @@
package buffer
-import "sync"
+import (
+ "go.uber.org/zap/internal/pool"
+)
// A Pool is a type-safe wrapper around a sync.Pool.
type Pool struct {
- p *sync.Pool
+ p *pool.Pool[*Buffer]
}
// NewPool constructs a new Pool.
func NewPool() Pool {
- return Pool{p: &sync.Pool{
- New: func() interface{} {
- return &Buffer{bs: make([]byte, 0, _size)}
- },
- }}
+ return Pool{
+ p: pool.New(func() *Buffer {
+ return &Buffer{
+ bs: make([]byte, 0, _size),
+ }
+ }),
+ }
}
// Get retrieves a Buffer from the pool, creating one if necessary.
func (p Pool) Get() *Buffer {
- buf := p.p.Get().(*Buffer)
+ buf := p.p.Get()
buf.Reset()
buf.pool = p
return buf
diff --git a/vendor/go.uber.org/zap/config.go b/vendor/go.uber.org/zap/config.go
index 55637fb0b4..e76e4e64fb 100644
--- a/vendor/go.uber.org/zap/config.go
+++ b/vendor/go.uber.org/zap/config.go
@@ -21,7 +21,7 @@
package zap
import (
- "fmt"
+ "errors"
"sort"
"time"
@@ -95,6 +95,32 @@ type Config struct {
// NewProductionEncoderConfig returns an opinionated EncoderConfig for
// production environments.
+//
+// Messages encoded with this configuration will be JSON-formatted
+// and will have the following keys by default:
+//
+// - "level": The logging level (e.g. "info", "error").
+// - "ts": The current time in number of seconds since the Unix epoch.
+// - "msg": The message passed to the log statement.
+// - "caller": If available, a short path to the file and line number
+// where the log statement was issued.
+// The logger configuration determines whether this field is captured.
+// - "stacktrace": If available, a stack trace from the line
+// where the log statement was issued.
+// The logger configuration determines whether this field is captured.
+//
+// By default, the following formats are used for different types:
+//
+// - Time is formatted as floating-point number of seconds since the Unix
+// epoch.
+// - Duration is formatted as floating-point number of seconds.
+//
+// You may change these by setting the appropriate fields in the returned
+// object.
+// For example, use the following to change the time encoding format:
+//
+// cfg := zap.NewProductionEncoderConfig()
+// cfg.EncodeTime = zapcore.ISO8601TimeEncoder
func NewProductionEncoderConfig() zapcore.EncoderConfig {
return zapcore.EncoderConfig{
TimeKey: "ts",
@@ -112,11 +138,22 @@ func NewProductionEncoderConfig() zapcore.EncoderConfig {
}
}
-// NewProductionConfig is a reasonable production logging configuration.
-// Logging is enabled at InfoLevel and above.
+// NewProductionConfig builds a reasonable default production logging
+// configuration.
+// Logging is enabled at InfoLevel and above, and uses a JSON encoder.
+// Logs are written to standard error.
+// Stacktraces are included on logs of ErrorLevel and above.
+// DPanicLevel logs will not panic, but will write a stacktrace.
+//
+// Sampling is enabled at 100:100 by default,
+// meaning that after the first 100 log entries
+// with the same level and message in the same second,
+// it will log every 100th entry
+// with the same level and message in the same second.
+// You may disable this behavior by setting Sampling to nil.
//
-// It uses a JSON encoder, writes to standard error, and enables sampling.
-// Stacktraces are automatically included on logs of ErrorLevel and above.
+// See [NewProductionEncoderConfig] for information
+// on the default encoder configuration.
func NewProductionConfig() Config {
return Config{
Level: NewAtomicLevelAt(InfoLevel),
@@ -134,6 +171,32 @@ func NewProductionConfig() Config {
// NewDevelopmentEncoderConfig returns an opinionated EncoderConfig for
// development environments.
+//
+// Messages encoded with this configuration will use Zap's console encoder
+// intended to print human-readable output.
+// It will print log messages with the following information:
+//
+// - The log level (e.g. "INFO", "ERROR").
+// - The time in ISO8601 format (e.g. "2017-01-01T12:00:00Z").
+// - The message passed to the log statement.
+// - If available, a short path to the file and line number
+// where the log statement was issued.
+// The logger configuration determines whether this field is captured.
+// - If available, a stacktrace from the line
+// where the log statement was issued.
+// The logger configuration determines whether this field is captured.
+//
+// By default, the following formats are used for different types:
+//
+// - Time is formatted in ISO8601 format (e.g. "2017-01-01T12:00:00Z").
+// - Duration is formatted as a string (e.g. "1.234s").
+//
+// You may change these by setting the appropriate fields in the returned
+// object.
+// For example, use the following to change the time encoding format:
+//
+// cfg := zap.NewDevelopmentEncoderConfig()
+// cfg.EncodeTime = zapcore.ISO8601TimeEncoder
func NewDevelopmentEncoderConfig() zapcore.EncoderConfig {
return zapcore.EncoderConfig{
// Keys can be anything except the empty string.
@@ -152,12 +215,15 @@ func NewDevelopmentEncoderConfig() zapcore.EncoderConfig {
}
}
-// NewDevelopmentConfig is a reasonable development logging configuration.
-// Logging is enabled at DebugLevel and above.
+// NewDevelopmentConfig builds a reasonable default development logging
+// configuration.
+// Logging is enabled at DebugLevel and above, and uses a console encoder.
+// Logs are written to standard error.
+// Stacktraces are included on logs of WarnLevel and above.
+// DPanicLevel logs will panic.
//
-// It enables development mode (which makes DPanicLevel logs panic), uses a
-// console encoder, writes to standard error, and disables sampling.
-// Stacktraces are automatically included on logs of WarnLevel and above.
+// See [NewDevelopmentEncoderConfig] for information
+// on the default encoder configuration.
func NewDevelopmentConfig() Config {
return Config{
Level: NewAtomicLevelAt(DebugLevel),
@@ -182,7 +248,7 @@ func (cfg Config) Build(opts ...Option) (*Logger, error) {
}
if cfg.Level == (AtomicLevel{}) {
- return nil, fmt.Errorf("missing Level")
+ return nil, errors.New("missing Level")
}
log := New(
diff --git a/vendor/go.uber.org/zap/doc.go b/vendor/go.uber.org/zap/doc.go
index 8638dd1b96..3c50d7b4d3 100644
--- a/vendor/go.uber.org/zap/doc.go
+++ b/vendor/go.uber.org/zap/doc.go
@@ -32,7 +32,7 @@
// they need to count every allocation and when they'd prefer a more familiar,
// loosely typed API.
//
-// Choosing a Logger
+// # Choosing a Logger
//
// In contexts where performance is nice, but not critical, use the
// SugaredLogger. It's 4-10x faster than other structured logging packages and
@@ -41,14 +41,15 @@
// variadic number of key-value pairs. (For more advanced use cases, they also
// accept strongly typed fields - see the SugaredLogger.With documentation for
// details.)
-// sugar := zap.NewExample().Sugar()
-// defer sugar.Sync()
-// sugar.Infow("failed to fetch URL",
-// "url", "http://example.com",
-// "attempt", 3,
-// "backoff", time.Second,
-// )
-// sugar.Infof("failed to fetch URL: %s", "http://example.com")
+//
+// sugar := zap.NewExample().Sugar()
+// defer sugar.Sync()
+// sugar.Infow("failed to fetch URL",
+// "url", "http://example.com",
+// "attempt", 3,
+// "backoff", time.Second,
+// )
+// sugar.Infof("failed to fetch URL: %s", "http://example.com")
//
// By default, loggers are unbuffered. However, since zap's low-level APIs
// allow buffering, calling Sync before letting your process exit is a good
@@ -57,32 +58,35 @@
// In the rare contexts where every microsecond and every allocation matter,
// use the Logger. It's even faster than the SugaredLogger and allocates far
// less, but it only supports strongly-typed, structured logging.
-// logger := zap.NewExample()
-// defer logger.Sync()
-// logger.Info("failed to fetch URL",
-// zap.String("url", "http://example.com"),
-// zap.Int("attempt", 3),
-// zap.Duration("backoff", time.Second),
-// )
+//
+// logger := zap.NewExample()
+// defer logger.Sync()
+// logger.Info("failed to fetch URL",
+// zap.String("url", "http://example.com"),
+// zap.Int("attempt", 3),
+// zap.Duration("backoff", time.Second),
+// )
//
// Choosing between the Logger and SugaredLogger doesn't need to be an
// application-wide decision: converting between the two is simple and
// inexpensive.
-// logger := zap.NewExample()
-// defer logger.Sync()
-// sugar := logger.Sugar()
-// plain := sugar.Desugar()
//
-// Configuring Zap
+// logger := zap.NewExample()
+// defer logger.Sync()
+// sugar := logger.Sugar()
+// plain := sugar.Desugar()
+//
+// # Configuring Zap
//
// The simplest way to build a Logger is to use zap's opinionated presets:
// NewExample, NewProduction, and NewDevelopment. These presets build a logger
// with a single function call:
-// logger, err := zap.NewProduction()
-// if err != nil {
-// log.Fatalf("can't initialize zap logger: %v", err)
-// }
-// defer logger.Sync()
+//
+// logger, err := zap.NewProduction()
+// if err != nil {
+// log.Fatalf("can't initialize zap logger: %v", err)
+// }
+// defer logger.Sync()
//
// Presets are fine for small projects, but larger projects and organizations
// naturally require a bit more customization. For most users, zap's Config
@@ -94,7 +98,7 @@
// go.uber.org/zap/zapcore. See the package-level AdvancedConfiguration
// example for sample code.
//
-// Extending Zap
+// # Extending Zap
//
// The zap package itself is a relatively thin wrapper around the interfaces
// in go.uber.org/zap/zapcore. Extending zap to support a new encoding (e.g.,
@@ -106,7 +110,7 @@
// Similarly, package authors can use the high-performance Encoder and Core
// implementations in the zapcore package to build their own loggers.
//
-// Frequently Asked Questions
+// # Frequently Asked Questions
//
// An FAQ covering everything from installation errors to design decisions is
// available at https://github.com/uber-go/zap/blob/master/FAQ.md.
diff --git a/vendor/go.uber.org/zap/encoder.go b/vendor/go.uber.org/zap/encoder.go
index 08ed833543..caa04ceefd 100644
--- a/vendor/go.uber.org/zap/encoder.go
+++ b/vendor/go.uber.org/zap/encoder.go
@@ -63,7 +63,7 @@ func RegisterEncoder(name string, constructor func(zapcore.EncoderConfig) (zapco
func newEncoder(name string, encoderConfig zapcore.EncoderConfig) (zapcore.Encoder, error) {
if encoderConfig.TimeKey != "" && encoderConfig.EncodeTime == nil {
- return nil, fmt.Errorf("missing EncodeTime in EncoderConfig")
+ return nil, errors.New("missing EncodeTime in EncoderConfig")
}
_encoderMutex.RLock()
diff --git a/vendor/go.uber.org/zap/error.go b/vendor/go.uber.org/zap/error.go
index 65982a51e5..45f7b838dc 100644
--- a/vendor/go.uber.org/zap/error.go
+++ b/vendor/go.uber.org/zap/error.go
@@ -21,14 +21,13 @@
package zap
import (
- "sync"
-
+ "go.uber.org/zap/internal/pool"
"go.uber.org/zap/zapcore"
)
-var _errArrayElemPool = sync.Pool{New: func() interface{} {
+var _errArrayElemPool = pool.New(func() *errArrayElem {
return &errArrayElem{}
-}}
+})
// Error is shorthand for the common idiom NamedError("error", err).
func Error(err error) Field {
@@ -60,11 +59,14 @@ func (errs errArray) MarshalLogArray(arr zapcore.ArrayEncoder) error {
// potentially an "errorVerbose" attribute, we need to wrap it in a
// type that implements LogObjectMarshaler. To prevent this from
// allocating, pool the wrapper type.
- elem := _errArrayElemPool.Get().(*errArrayElem)
+ elem := _errArrayElemPool.Get()
elem.error = errs[i]
- arr.AppendObject(elem)
+ err := arr.AppendObject(elem)
elem.error = nil
_errArrayElemPool.Put(elem)
+ if err != nil {
+ return err
+ }
}
return nil
}
diff --git a/vendor/go.uber.org/zap/field.go b/vendor/go.uber.org/zap/field.go
index bbb745db5b..c8dd3358a9 100644
--- a/vendor/go.uber.org/zap/field.go
+++ b/vendor/go.uber.org/zap/field.go
@@ -25,6 +25,7 @@ import (
"math"
"time"
+ "go.uber.org/zap/internal/stacktrace"
"go.uber.org/zap/zapcore"
)
@@ -374,7 +375,7 @@ func StackSkip(key string, skip int) Field {
// from expanding the zapcore.Field union struct to include a byte slice. Since
// taking a stacktrace is already so expensive (~10us), the extra allocation
// is okay.
- return String(key, takeStacktrace(skip+1)) // skip StackSkip
+ return String(key, stacktrace.Take(skip+1)) // skip StackSkip
}
// Duration constructs a field with the given key and value. The encoder
@@ -410,6 +411,63 @@ func Inline(val zapcore.ObjectMarshaler) Field {
}
}
+// Dict constructs a field containing the provided key-value pairs.
+// It acts similar to [Object], but with the fields specified as arguments.
+func Dict(key string, val ...Field) Field {
+ return dictField(key, val)
+}
+
+// We need a function with the signature (string, T) for zap.Any.
+func dictField(key string, val []Field) Field {
+ return Object(key, dictObject(val))
+}
+
+type dictObject []Field
+
+func (d dictObject) MarshalLogObject(enc zapcore.ObjectEncoder) error {
+ for _, f := range d {
+ f.AddTo(enc)
+ }
+ return nil
+}
+
+// We discovered an issue where zap.Any can cause a performance degradation
+// when used in new goroutines.
+//
+// This happens because the compiler assigns 4.8kb (one zap.Field per arm of
+// switch statement) of stack space for zap.Any when it takes the form:
+//
+// switch v := v.(type) {
+// case string:
+// return String(key, v)
+// case int:
+// return Int(key, v)
+// // ...
+// default:
+// return Reflect(key, v)
+// }
+//
+// To avoid this, we use the type switch to assign a value to a single local variable
+// and then call a function on it.
+// The local variable is just a function reference so it doesn't allocate
+// when converted to an interface{}.
+//
+// A fair bit of experimentation went into this.
+// See also:
+//
+// - https://github.com/uber-go/zap/pull/1301
+// - https://github.com/uber-go/zap/pull/1303
+// - https://github.com/uber-go/zap/pull/1304
+// - https://github.com/uber-go/zap/pull/1305
+// - https://github.com/uber-go/zap/pull/1308
+type anyFieldC[T any] func(string, T) Field
+
+func (f anyFieldC[T]) Any(key string, val any) Field {
+ v, _ := val.(T)
+ // val is guaranteed to be a T, except when it's nil.
+ return f(key, v)
+}
+
// Any takes a key and an arbitrary value and chooses the best way to represent
// them as a field, falling back to a reflection-based approach only if
// necessary.
@@ -418,132 +476,138 @@ func Inline(val zapcore.ObjectMarshaler) Field {
// them. To minimize surprises, []byte values are treated as binary blobs, byte
// values are treated as uint8, and runes are always treated as integers.
func Any(key string, value interface{}) Field {
- switch val := value.(type) {
+ var c interface{ Any(string, any) Field }
+
+ switch value.(type) {
case zapcore.ObjectMarshaler:
- return Object(key, val)
+ c = anyFieldC[zapcore.ObjectMarshaler](Object)
case zapcore.ArrayMarshaler:
- return Array(key, val)
+ c = anyFieldC[zapcore.ArrayMarshaler](Array)
+ case []Field:
+ c = anyFieldC[[]Field](dictField)
case bool:
- return Bool(key, val)
+ c = anyFieldC[bool](Bool)
case *bool:
- return Boolp(key, val)
+ c = anyFieldC[*bool](Boolp)
case []bool:
- return Bools(key, val)
+ c = anyFieldC[[]bool](Bools)
case complex128:
- return Complex128(key, val)
+ c = anyFieldC[complex128](Complex128)
case *complex128:
- return Complex128p(key, val)
+ c = anyFieldC[*complex128](Complex128p)
case []complex128:
- return Complex128s(key, val)
+ c = anyFieldC[[]complex128](Complex128s)
case complex64:
- return Complex64(key, val)
+ c = anyFieldC[complex64](Complex64)
case *complex64:
- return Complex64p(key, val)
+ c = anyFieldC[*complex64](Complex64p)
case []complex64:
- return Complex64s(key, val)
+ c = anyFieldC[[]complex64](Complex64s)
case float64:
- return Float64(key, val)
+ c = anyFieldC[float64](Float64)
case *float64:
- return Float64p(key, val)
+ c = anyFieldC[*float64](Float64p)
case []float64:
- return Float64s(key, val)
+ c = anyFieldC[[]float64](Float64s)
case float32:
- return Float32(key, val)
+ c = anyFieldC[float32](Float32)
case *float32:
- return Float32p(key, val)
+ c = anyFieldC[*float32](Float32p)
case []float32:
- return Float32s(key, val)
+ c = anyFieldC[[]float32](Float32s)
case int:
- return Int(key, val)
+ c = anyFieldC[int](Int)
case *int:
- return Intp(key, val)
+ c = anyFieldC[*int](Intp)
case []int:
- return Ints(key, val)
+ c = anyFieldC[[]int](Ints)
case int64:
- return Int64(key, val)
+ c = anyFieldC[int64](Int64)
case *int64:
- return Int64p(key, val)
+ c = anyFieldC[*int64](Int64p)
case []int64:
- return Int64s(key, val)
+ c = anyFieldC[[]int64](Int64s)
case int32:
- return Int32(key, val)
+ c = anyFieldC[int32](Int32)
case *int32:
- return Int32p(key, val)
+ c = anyFieldC[*int32](Int32p)
case []int32:
- return Int32s(key, val)
+ c = anyFieldC[[]int32](Int32s)
case int16:
- return Int16(key, val)
+ c = anyFieldC[int16](Int16)
case *int16:
- return Int16p(key, val)
+ c = anyFieldC[*int16](Int16p)
case []int16:
- return Int16s(key, val)
+ c = anyFieldC[[]int16](Int16s)
case int8:
- return Int8(key, val)
+ c = anyFieldC[int8](Int8)
case *int8:
- return Int8p(key, val)
+ c = anyFieldC[*int8](Int8p)
case []int8:
- return Int8s(key, val)
+ c = anyFieldC[[]int8](Int8s)
case string:
- return String(key, val)
+ c = anyFieldC[string](String)
case *string:
- return Stringp(key, val)
+ c = anyFieldC[*string](Stringp)
case []string:
- return Strings(key, val)
+ c = anyFieldC[[]string](Strings)
case uint:
- return Uint(key, val)
+ c = anyFieldC[uint](Uint)
case *uint:
- return Uintp(key, val)
+ c = anyFieldC[*uint](Uintp)
case []uint:
- return Uints(key, val)
+ c = anyFieldC[[]uint](Uints)
case uint64:
- return Uint64(key, val)
+ c = anyFieldC[uint64](Uint64)
case *uint64:
- return Uint64p(key, val)
+ c = anyFieldC[*uint64](Uint64p)
case []uint64:
- return Uint64s(key, val)
+ c = anyFieldC[[]uint64](Uint64s)
case uint32:
- return Uint32(key, val)
+ c = anyFieldC[uint32](Uint32)
case *uint32:
- return Uint32p(key, val)
+ c = anyFieldC[*uint32](Uint32p)
case []uint32:
- return Uint32s(key, val)
+ c = anyFieldC[[]uint32](Uint32s)
case uint16:
- return Uint16(key, val)
+ c = anyFieldC[uint16](Uint16)
case *uint16:
- return Uint16p(key, val)
+ c = anyFieldC[*uint16](Uint16p)
case []uint16:
- return Uint16s(key, val)
+ c = anyFieldC[[]uint16](Uint16s)
case uint8:
- return Uint8(key, val)
+ c = anyFieldC[uint8](Uint8)
case *uint8:
- return Uint8p(key, val)
+ c = anyFieldC[*uint8](Uint8p)
case []byte:
- return Binary(key, val)
+ c = anyFieldC[[]byte](Binary)
case uintptr:
- return Uintptr(key, val)
+ c = anyFieldC[uintptr](Uintptr)
case *uintptr:
- return Uintptrp(key, val)
+ c = anyFieldC[*uintptr](Uintptrp)
case []uintptr:
- return Uintptrs(key, val)
+ c = anyFieldC[[]uintptr](Uintptrs)
case time.Time:
- return Time(key, val)
+ c = anyFieldC[time.Time](Time)
case *time.Time:
- return Timep(key, val)
+ c = anyFieldC[*time.Time](Timep)
case []time.Time:
- return Times(key, val)
+ c = anyFieldC[[]time.Time](Times)
case time.Duration:
- return Duration(key, val)
+ c = anyFieldC[time.Duration](Duration)
case *time.Duration:
- return Durationp(key, val)
+ c = anyFieldC[*time.Duration](Durationp)
case []time.Duration:
- return Durations(key, val)
+ c = anyFieldC[[]time.Duration](Durations)
case error:
- return NamedError(key, val)
+ c = anyFieldC[error](NamedError)
case []error:
- return Errors(key, val)
+ c = anyFieldC[[]error](Errors)
case fmt.Stringer:
- return Stringer(key, val)
+ c = anyFieldC[fmt.Stringer](Stringer)
default:
- return Reflect(key, val)
+ c = anyFieldC[any](Reflect)
}
+
+ return c.Any(key, value)
}
diff --git a/vendor/go.uber.org/zap/global.go b/vendor/go.uber.org/zap/global.go
index c1ac0507cd..3cb46c9e0a 100644
--- a/vendor/go.uber.org/zap/global.go
+++ b/vendor/go.uber.org/zap/global.go
@@ -31,6 +31,7 @@ import (
)
const (
+ _stdLogDefaultDepth = 1
_loggerWriterDepth = 2
_programmerErrorTemplate = "You've found a bug in zap! Please file a bug at " +
"https://github.com/uber-go/zap/issues/new and reference this error: %v"
diff --git a/vendor/go.uber.org/zap/global_go112.go b/vendor/go.uber.org/zap/global_go112.go
deleted file mode 100644
index 6b5dbda807..0000000000
--- a/vendor/go.uber.org/zap/global_go112.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright (c) 2019 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-// See #682 for more information.
-// +build go1.12
-
-package zap
-
-const _stdLogDefaultDepth = 1
diff --git a/vendor/go.uber.org/zap/global_prego112.go b/vendor/go.uber.org/zap/global_prego112.go
deleted file mode 100644
index d3ab9af933..0000000000
--- a/vendor/go.uber.org/zap/global_prego112.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright (c) 2019 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-// See #682 for more information.
-// +build !go1.12
-
-package zap
-
-const _stdLogDefaultDepth = 2
diff --git a/vendor/go.uber.org/zap/http_handler.go b/vendor/go.uber.org/zap/http_handler.go
index 1297c33b32..2be8f65150 100644
--- a/vendor/go.uber.org/zap/http_handler.go
+++ b/vendor/go.uber.org/zap/http_handler.go
@@ -22,6 +22,7 @@ package zap
import (
"encoding/json"
+ "errors"
"fmt"
"io"
"net/http"
@@ -32,22 +33,23 @@ import (
// ServeHTTP is a simple JSON endpoint that can report on or change the current
// logging level.
//
-// GET
+// # GET
//
// The GET request returns a JSON description of the current logging level like:
-// {"level":"info"}
//
-// PUT
+// {"level":"info"}
+//
+// # PUT
//
// The PUT request changes the logging level. It is perfectly safe to change the
// logging level while a program is running. Two content types are supported:
//
-// Content-Type: application/x-www-form-urlencoded
+// Content-Type: application/x-www-form-urlencoded
//
// With this content type, the level can be provided through the request body or
// a query parameter. The log level is URL encoded like:
//
-// level=debug
+// level=debug
//
// The request body takes precedence over the query parameter, if both are
// specified.
@@ -55,19 +57,25 @@ import (
// This content type is the default for a curl PUT request. Following are two
// example curl requests that both set the logging level to debug.
//
-// curl -X PUT localhost:8080/log/level?level=debug
-// curl -X PUT localhost:8080/log/level -d level=debug
+// curl -X PUT localhost:8080/log/level?level=debug
+// curl -X PUT localhost:8080/log/level -d level=debug
//
// For any other content type, the payload is expected to be JSON encoded and
// look like:
//
-// {"level":"info"}
+// {"level":"info"}
//
// An example curl request could look like this:
//
-// curl -X PUT localhost:8080/log/level -H "Content-Type: application/json" -d '{"level":"debug"}'
-//
+// curl -X PUT localhost:8080/log/level -H "Content-Type: application/json" -d '{"level":"debug"}'
func (lvl AtomicLevel) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+ if err := lvl.serveHTTP(w, r); err != nil {
+ w.WriteHeader(http.StatusInternalServerError)
+ fmt.Fprintf(w, "internal error: %v", err)
+ }
+}
+
+func (lvl AtomicLevel) serveHTTP(w http.ResponseWriter, r *http.Request) error {
type errorResponse struct {
Error string `json:"error"`
}
@@ -79,19 +87,20 @@ func (lvl AtomicLevel) ServeHTTP(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case http.MethodGet:
- enc.Encode(payload{Level: lvl.Level()})
+ return enc.Encode(payload{Level: lvl.Level()})
+
case http.MethodPut:
requestedLvl, err := decodePutRequest(r.Header.Get("Content-Type"), r)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
- enc.Encode(errorResponse{Error: err.Error()})
- return
+ return enc.Encode(errorResponse{Error: err.Error()})
}
lvl.SetLevel(requestedLvl)
- enc.Encode(payload{Level: lvl.Level()})
+ return enc.Encode(payload{Level: lvl.Level()})
+
default:
w.WriteHeader(http.StatusMethodNotAllowed)
- enc.Encode(errorResponse{
+ return enc.Encode(errorResponse{
Error: "Only GET and PUT are supported.",
})
}
@@ -108,7 +117,7 @@ func decodePutRequest(contentType string, r *http.Request) (zapcore.Level, error
func decodePutURL(r *http.Request) (zapcore.Level, error) {
lvl := r.FormValue("level")
if lvl == "" {
- return 0, fmt.Errorf("must specify logging level")
+ return 0, errors.New("must specify logging level")
}
var l zapcore.Level
if err := l.UnmarshalText([]byte(lvl)); err != nil {
@@ -125,8 +134,7 @@ func decodePutJSON(body io.Reader) (zapcore.Level, error) {
return 0, fmt.Errorf("malformed request body: %v", err)
}
if pld.Level == nil {
- return 0, fmt.Errorf("must specify logging level")
+ return 0, errors.New("must specify logging level")
}
return *pld.Level, nil
-
}
diff --git a/vendor/go.uber.org/zap/internal/exit/exit.go b/vendor/go.uber.org/zap/internal/exit/exit.go
index dfc5b05feb..f673f9947b 100644
--- a/vendor/go.uber.org/zap/internal/exit/exit.go
+++ b/vendor/go.uber.org/zap/internal/exit/exit.go
@@ -24,24 +24,25 @@ package exit
import "os"
-var real = func() { os.Exit(1) }
+var _exit = os.Exit
-// Exit normally terminates the process by calling os.Exit(1). If the package
-// is stubbed, it instead records a call in the testing spy.
-func Exit() {
- real()
+// With terminates the process by calling os.Exit(code). If the package is
+// stubbed, it instead records a call in the testing spy.
+func With(code int) {
+ _exit(code)
}
// A StubbedExit is a testing fake for os.Exit.
type StubbedExit struct {
Exited bool
- prev func()
+ Code int
+ prev func(code int)
}
// Stub substitutes a fake for the call to os.Exit(1).
func Stub() *StubbedExit {
- s := &StubbedExit{prev: real}
- real = s.exit
+ s := &StubbedExit{prev: _exit}
+ _exit = s.exit
return s
}
@@ -56,9 +57,10 @@ func WithStub(f func()) *StubbedExit {
// Unstub restores the previous exit function.
func (se *StubbedExit) Unstub() {
- real = se.prev
+ _exit = se.prev
}
-func (se *StubbedExit) exit() {
+func (se *StubbedExit) exit(code int) {
se.Exited = true
+ se.Code = code
}
diff --git a/vendor/go.uber.org/atomic/time_ext.go b/vendor/go.uber.org/zap/internal/level_enabler.go
similarity index 65%
rename from vendor/go.uber.org/atomic/time_ext.go
rename to vendor/go.uber.org/zap/internal/level_enabler.go
index 1e3dc978aa..40bfed81e6 100644
--- a/vendor/go.uber.org/atomic/time_ext.go
+++ b/vendor/go.uber.org/zap/internal/level_enabler.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2021 Uber Technologies, Inc.
+// Copyright (c) 2022 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -18,19 +18,20 @@
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
-package atomic
+// Package internal and its subpackages hold types and functionality
+// that are not part of Zap's public API.
+package internal
-import "time"
+import "go.uber.org/zap/zapcore"
-//go:generate bin/gen-atomicwrapper -name=Time -type=time.Time -wrapped=Value -pack=packTime -unpack=unpackTime -imports time -file=time.go
-
-func packTime(t time.Time) interface{} {
- return t
-}
+// LeveledEnabler is an interface satisfied by LevelEnablers that are able to
+// report their own level.
+//
+// This interface is defined to use more conveniently in tests and non-zapcore
+// packages.
+// This cannot be imported from zapcore because of the cyclic dependency.
+type LeveledEnabler interface {
+ zapcore.LevelEnabler
-func unpackTime(v interface{}) time.Time {
- if t, ok := v.(time.Time); ok {
- return t
- }
- return time.Time{}
+ Level() zapcore.Level
}
diff --git a/vendor/go.uber.org/atomic/time.go b/vendor/go.uber.org/zap/internal/pool/pool.go
similarity index 56%
rename from vendor/go.uber.org/atomic/time.go
rename to vendor/go.uber.org/zap/internal/pool/pool.go
index 1660feb142..60e9d2c432 100644
--- a/vendor/go.uber.org/atomic/time.go
+++ b/vendor/go.uber.org/zap/internal/pool/pool.go
@@ -1,6 +1,4 @@
-// @generated Code generated by gen-atomicwrapper.
-
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
+// Copyright (c) 2023 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -20,36 +18,41 @@
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
-package atomic
+// Package pool provides internal pool utilities.
+package pool
import (
- "time"
+ "sync"
)
-// Time is an atomic type-safe wrapper for time.Time values.
-type Time struct {
- _ nocmp // disallow non-atomic comparison
-
- v Value
+// A Pool is a generic wrapper around [sync.Pool] to provide strongly-typed
+// object pooling.
+//
+// Note that SA6002 (ref: https://staticcheck.io/docs/checks/#SA6002) will
+// not be detected, so all internal pool use must take care to only store
+// pointer types.
+type Pool[T any] struct {
+ pool sync.Pool
}
-var _zeroTime time.Time
-
-// NewTime creates a new Time.
-func NewTime(val time.Time) *Time {
- x := &Time{}
- if val != _zeroTime {
- x.Store(val)
+// New returns a new [Pool] for T, and will use fn to construct new Ts when
+// the pool is empty.
+func New[T any](fn func() T) *Pool[T] {
+ return &Pool[T]{
+ pool: sync.Pool{
+ New: func() any {
+ return fn()
+ },
+ },
}
- return x
}
-// Load atomically loads the wrapped time.Time.
-func (x *Time) Load() time.Time {
- return unpackTime(x.v.Load())
+// Get gets a T from the pool, or creates a new one if the pool is empty.
+func (p *Pool[T]) Get() T {
+ return p.pool.Get().(T)
}
-// Store atomically stores the passed time.Time.
-func (x *Time) Store(val time.Time) {
- x.v.Store(packTime(val))
+// Put returns x into the pool.
+func (p *Pool[T]) Put(x T) {
+ p.pool.Put(x)
}
diff --git a/vendor/go.uber.org/zap/internal/stacktrace/stack.go b/vendor/go.uber.org/zap/internal/stacktrace/stack.go
new file mode 100644
index 0000000000..82af7551f9
--- /dev/null
+++ b/vendor/go.uber.org/zap/internal/stacktrace/stack.go
@@ -0,0 +1,181 @@
+// Copyright (c) 2023 Uber Technologies, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+// Package stacktrace provides support for gathering stack traces
+// efficiently.
+package stacktrace
+
+import (
+ "runtime"
+
+ "go.uber.org/zap/buffer"
+ "go.uber.org/zap/internal/bufferpool"
+ "go.uber.org/zap/internal/pool"
+)
+
+var _stackPool = pool.New(func() *Stack {
+ return &Stack{
+ storage: make([]uintptr, 64),
+ }
+})
+
+// Stack is a captured stack trace.
+type Stack struct {
+ pcs []uintptr // program counters; always a subslice of storage
+ frames *runtime.Frames
+
+ // The size of pcs varies depending on requirements:
+ // it will be one if the only the first frame was requested,
+ // and otherwise it will reflect the depth of the call stack.
+ //
+ // storage decouples the slice we need (pcs) from the slice we pool.
+ // We will always allocate a reasonably large storage, but we'll use
+ // only as much of it as we need.
+ storage []uintptr
+}
+
+// Depth specifies how deep of a stack trace should be captured.
+type Depth int
+
+const (
+ // First captures only the first frame.
+ First Depth = iota
+
+ // Full captures the entire call stack, allocating more
+ // storage for it if needed.
+ Full
+)
+
+// Capture captures a stack trace of the specified depth, skipping
+// the provided number of frames. skip=0 identifies the caller of
+// Capture.
+//
+// The caller must call Free on the returned stacktrace after using it.
+func Capture(skip int, depth Depth) *Stack {
+ stack := _stackPool.Get()
+
+ switch depth {
+ case First:
+ stack.pcs = stack.storage[:1]
+ case Full:
+ stack.pcs = stack.storage
+ }
+
+ // Unlike other "skip"-based APIs, skip=0 identifies runtime.Callers
+ // itself. +2 to skip captureStacktrace and runtime.Callers.
+ numFrames := runtime.Callers(
+ skip+2,
+ stack.pcs,
+ )
+
+ // runtime.Callers truncates the recorded stacktrace if there is no
+ // room in the provided slice. For the full stack trace, keep expanding
+ // storage until there are fewer frames than there is room.
+ if depth == Full {
+ pcs := stack.pcs
+ for numFrames == len(pcs) {
+ pcs = make([]uintptr, len(pcs)*2)
+ numFrames = runtime.Callers(skip+2, pcs)
+ }
+
+ // Discard old storage instead of returning it to the pool.
+ // This will adjust the pool size over time if stack traces are
+ // consistently very deep.
+ stack.storage = pcs
+ stack.pcs = pcs[:numFrames]
+ } else {
+ stack.pcs = stack.pcs[:numFrames]
+ }
+
+ stack.frames = runtime.CallersFrames(stack.pcs)
+ return stack
+}
+
+// Free releases resources associated with this stacktrace
+// and returns it back to the pool.
+func (st *Stack) Free() {
+ st.frames = nil
+ st.pcs = nil
+ _stackPool.Put(st)
+}
+
+// Count reports the total number of frames in this stacktrace.
+// Count DOES NOT change as Next is called.
+func (st *Stack) Count() int {
+ return len(st.pcs)
+}
+
+// Next returns the next frame in the stack trace,
+// and a boolean indicating whether there are more after it.
+func (st *Stack) Next() (_ runtime.Frame, more bool) {
+ return st.frames.Next()
+}
+
+// Take returns a string representation of the current stacktrace.
+//
+// skip is the number of frames to skip before recording the stack trace.
+// skip=0 identifies the caller of Take.
+func Take(skip int) string {
+ stack := Capture(skip+1, Full)
+ defer stack.Free()
+
+ buffer := bufferpool.Get()
+ defer buffer.Free()
+
+ stackfmt := NewFormatter(buffer)
+ stackfmt.FormatStack(stack)
+ return buffer.String()
+}
+
+// Formatter formats a stack trace into a readable string representation.
+type Formatter struct {
+ b *buffer.Buffer
+ nonEmpty bool // whehther we've written at least one frame already
+}
+
+// NewFormatter builds a new Formatter.
+func NewFormatter(b *buffer.Buffer) Formatter {
+ return Formatter{b: b}
+}
+
+// FormatStack formats all remaining frames in the provided stacktrace -- minus
+// the final runtime.main/runtime.goexit frame.
+func (sf *Formatter) FormatStack(stack *Stack) {
+ // Note: On the last iteration, frames.Next() returns false, with a valid
+ // frame, but we ignore this frame. The last frame is a runtime frame which
+ // adds noise, since it's only either runtime.main or runtime.goexit.
+ for frame, more := stack.Next(); more; frame, more = stack.Next() {
+ sf.FormatFrame(frame)
+ }
+}
+
+// FormatFrame formats the given frame.
+func (sf *Formatter) FormatFrame(frame runtime.Frame) {
+ if sf.nonEmpty {
+ sf.b.AppendByte('\n')
+ }
+ sf.nonEmpty = true
+ sf.b.AppendString(frame.Function)
+ sf.b.AppendByte('\n')
+ sf.b.AppendByte('\t')
+ sf.b.AppendString(frame.File)
+ sf.b.AppendByte(':')
+ sf.b.AppendInt(int64(frame.Line))
+}
diff --git a/vendor/go.uber.org/zap/level.go b/vendor/go.uber.org/zap/level.go
index 3567a9a1e6..155b208bd3 100644
--- a/vendor/go.uber.org/zap/level.go
+++ b/vendor/go.uber.org/zap/level.go
@@ -21,7 +21,9 @@
package zap
import (
- "go.uber.org/atomic"
+ "sync/atomic"
+
+ "go.uber.org/zap/internal"
"go.uber.org/zap/zapcore"
)
@@ -70,12 +72,14 @@ type AtomicLevel struct {
l *atomic.Int32
}
+var _ internal.LeveledEnabler = AtomicLevel{}
+
// NewAtomicLevel creates an AtomicLevel with InfoLevel and above logging
// enabled.
func NewAtomicLevel() AtomicLevel {
- return AtomicLevel{
- l: atomic.NewInt32(int32(InfoLevel)),
- }
+ lvl := AtomicLevel{l: new(atomic.Int32)}
+ lvl.l.Store(int32(InfoLevel))
+ return lvl
}
// NewAtomicLevelAt is a convenience function that creates an AtomicLevel
@@ -86,6 +90,23 @@ func NewAtomicLevelAt(l zapcore.Level) AtomicLevel {
return a
}
+// ParseAtomicLevel parses an AtomicLevel based on a lowercase or all-caps ASCII
+// representation of the log level. If the provided ASCII representation is
+// invalid an error is returned.
+//
+// This is particularly useful when dealing with text input to configure log
+// levels.
+func ParseAtomicLevel(text string) (AtomicLevel, error) {
+ a := NewAtomicLevel()
+ l, err := zapcore.ParseLevel(text)
+ if err != nil {
+ return a, err
+ }
+
+ a.SetLevel(l)
+ return a, nil
+}
+
// Enabled implements the zapcore.LevelEnabler interface, which allows the
// AtomicLevel to be used in place of traditional static levels.
func (lvl AtomicLevel) Enabled(l zapcore.Level) bool {
diff --git a/vendor/go.uber.org/zap/logger.go b/vendor/go.uber.org/zap/logger.go
index f116bd936f..6205fe48a6 100644
--- a/vendor/go.uber.org/zap/logger.go
+++ b/vendor/go.uber.org/zap/logger.go
@@ -22,11 +22,12 @@ package zap
import (
"fmt"
- "io/ioutil"
+ "io"
"os"
- "runtime"
"strings"
+ "go.uber.org/zap/internal/bufferpool"
+ "go.uber.org/zap/internal/stacktrace"
"go.uber.org/zap/zapcore"
)
@@ -42,7 +43,7 @@ type Logger struct {
development bool
addCaller bool
- onFatal zapcore.CheckWriteAction // default is WriteThenFatal
+ onFatal zapcore.CheckWriteHook // default is WriteThenFatal
name string
errorOutput zapcore.WriteSyncer
@@ -85,7 +86,7 @@ func New(core zapcore.Core, options ...Option) *Logger {
func NewNop() *Logger {
return &Logger{
core: zapcore.NewNopCore(),
- errorOutput: zapcore.AddSync(ioutil.Discard),
+ errorOutput: zapcore.AddSync(io.Discard),
addStack: zapcore.FatalLevel + 1,
clock: zapcore.DefaultClock,
}
@@ -107,6 +108,19 @@ func NewDevelopment(options ...Option) (*Logger, error) {
return NewDevelopmentConfig().Build(options...)
}
+// Must is a helper that wraps a call to a function returning (*Logger, error)
+// and panics if the error is non-nil. It is intended for use in variable
+// initialization such as:
+//
+// var logger = zap.Must(zap.NewProduction())
+func Must(logger *Logger, err error) *Logger {
+ if err != nil {
+ panic(err)
+ }
+
+ return logger
+}
+
// NewExample builds a Logger that's designed for use in zap's testable
// examples. It writes DebugLevel and above logs to standard out as JSON, but
// omits the timestamp and calling function to keep example output
@@ -160,7 +174,8 @@ func (log *Logger) WithOptions(opts ...Option) *Logger {
}
// With creates a child logger and adds structured context to it. Fields added
-// to the child don't affect the parent, and vice versa.
+// to the child don't affect the parent, and vice versa. Any fields that
+// require evaluation (such as Objects) are evaluated upon invocation of With.
func (log *Logger) With(fields ...Field) *Logger {
if len(fields) == 0 {
return log
@@ -170,6 +185,35 @@ func (log *Logger) With(fields ...Field) *Logger {
return l
}
+// WithLazy creates a child logger and adds structured context to it lazily.
+//
+// The fields are evaluated only if the logger is further chained with [With]
+// or is written to with any of the log level methods.
+// Until that occurs, the logger may retain references to objects inside the fields,
+// and logging will reflect the state of an object at the time of logging,
+// not the time of WithLazy().
+//
+// WithLazy provides a worthwhile performance optimization for contextual loggers
+// when the likelihood of using the child logger is low,
+// such as error paths and rarely taken branches.
+//
+// Similar to [With], fields added to the child don't affect the parent, and vice versa.
+func (log *Logger) WithLazy(fields ...Field) *Logger {
+ if len(fields) == 0 {
+ return log
+ }
+ return log.WithOptions(WrapCore(func(core zapcore.Core) zapcore.Core {
+ return zapcore.NewLazyWith(core, fields)
+ }))
+}
+
+// Level reports the minimum enabled level for this logger.
+//
+// For NopLoggers, this is [zapcore.InvalidLevel].
+func (log *Logger) Level() zapcore.Level {
+ return zapcore.LevelOf(log.core)
+}
+
// Check returns a CheckedEntry if logging a message at the specified level
// is enabled. It's a completely optional optimization; in high-performance
// applications, Check can help avoid allocating a slice to hold fields.
@@ -177,6 +221,16 @@ func (log *Logger) Check(lvl zapcore.Level, msg string) *zapcore.CheckedEntry {
return log.check(lvl, msg)
}
+// Log logs a message at the specified level. The message includes any fields
+// passed at the log site, as well as any fields accumulated on the logger.
+// Any Fields that require evaluation (such as Objects) are evaluated upon
+// invocation of Log.
+func (log *Logger) Log(lvl zapcore.Level, msg string, fields ...Field) {
+ if ce := log.check(lvl, msg); ce != nil {
+ ce.Write(fields...)
+ }
+}
+
// Debug logs a message at DebugLevel. The message includes any fields passed
// at the log site, as well as any fields accumulated on the logger.
func (log *Logger) Debug(msg string, fields ...Field) {
@@ -253,14 +307,22 @@ func (log *Logger) Core() zapcore.Core {
return log.core
}
+// Name returns the Logger's underlying name,
+// or an empty string if the logger is unnamed.
+func (log *Logger) Name() string {
+ return log.name
+}
+
func (log *Logger) clone() *Logger {
- copy := *log
- return ©
+ clone := *log
+ return &clone
}
func (log *Logger) check(lvl zapcore.Level, msg string) *zapcore.CheckedEntry {
- // check must always be called directly by a method in the Logger interface
- // (e.g., Check, Info, Fatal).
+ // Logger.check must always be called directly by a method in the
+ // Logger interface (e.g., Check, Info, Fatal).
+ // This skips Logger.check and the Info/Fatal/Check/etc. method that
+ // called it.
const callerSkipOffset = 2
// Check the level first to reduce the cost of disabled log calls.
@@ -283,18 +345,27 @@ func (log *Logger) check(lvl zapcore.Level, msg string) *zapcore.CheckedEntry {
// Set up any required terminal behavior.
switch ent.Level {
case zapcore.PanicLevel:
- ce = ce.Should(ent, zapcore.WriteThenPanic)
+ ce = ce.After(ent, zapcore.WriteThenPanic)
case zapcore.FatalLevel:
onFatal := log.onFatal
- // Noop is the default value for CheckWriteAction, and it leads to
- // continued execution after a Fatal which is unexpected.
- if onFatal == zapcore.WriteThenNoop {
+ // nil or WriteThenNoop will lead to continued execution after
+ // a Fatal log entry, which is unexpected. For example,
+ //
+ // f, err := os.Open(..)
+ // if err != nil {
+ // log.Fatal("cannot open", zap.Error(err))
+ // }
+ // fmt.Println(f.Name())
+ //
+ // The f.Name() will panic if we continue execution after the
+ // log.Fatal.
+ if onFatal == nil || onFatal == zapcore.WriteThenNoop {
onFatal = zapcore.WriteThenFatal
}
- ce = ce.Should(ent, onFatal)
+ ce = ce.After(ent, onFatal)
case zapcore.DPanicLevel:
if log.development {
- ce = ce.Should(ent, zapcore.WriteThenPanic)
+ ce = ce.After(ent, zapcore.WriteThenPanic)
}
}
@@ -307,42 +378,55 @@ func (log *Logger) check(lvl zapcore.Level, msg string) *zapcore.CheckedEntry {
// Thread the error output through to the CheckedEntry.
ce.ErrorOutput = log.errorOutput
- if log.addCaller {
- frame, defined := getCallerFrame(log.callerSkip + callerSkipOffset)
- if !defined {
+
+ addStack := log.addStack.Enabled(ce.Level)
+ if !log.addCaller && !addStack {
+ return ce
+ }
+
+ // Adding the caller or stack trace requires capturing the callers of
+ // this function. We'll share information between these two.
+ stackDepth := stacktrace.First
+ if addStack {
+ stackDepth = stacktrace.Full
+ }
+ stack := stacktrace.Capture(log.callerSkip+callerSkipOffset, stackDepth)
+ defer stack.Free()
+
+ if stack.Count() == 0 {
+ if log.addCaller {
fmt.Fprintf(log.errorOutput, "%v Logger.check error: failed to get caller\n", ent.Time.UTC())
- log.errorOutput.Sync()
+ _ = log.errorOutput.Sync()
}
+ return ce
+ }
+
+ frame, more := stack.Next()
- ce.Entry.Caller = zapcore.EntryCaller{
- Defined: defined,
+ if log.addCaller {
+ ce.Caller = zapcore.EntryCaller{
+ Defined: frame.PC != 0,
PC: frame.PC,
File: frame.File,
Line: frame.Line,
Function: frame.Function,
}
}
- if log.addStack.Enabled(ce.Entry.Level) {
- ce.Entry.Stack = StackSkip("", log.callerSkip+callerSkipOffset).String
- }
- return ce
-}
+ if addStack {
+ buffer := bufferpool.Get()
+ defer buffer.Free()
-// getCallerFrame gets caller frame. The argument skip is the number of stack
-// frames to ascend, with 0 identifying the caller of getCallerFrame. The
-// boolean ok is false if it was not possible to recover the information.
-//
-// Note: This implementation is similar to runtime.Caller, but it returns the whole frame.
-func getCallerFrame(skip int) (frame runtime.Frame, ok bool) {
- const skipOffset = 2 // skip getCallerFrame and Callers
-
- pc := make([]uintptr, 1)
- numFrames := runtime.Callers(skip+skipOffset, pc)
- if numFrames < 1 {
- return
+ stackfmt := stacktrace.NewFormatter(buffer)
+
+ // We've already extracted the first frame, so format that
+ // separately and defer to stackfmt for the rest.
+ stackfmt.FormatFrame(frame)
+ if more {
+ stackfmt.FormatStack(stack)
+ }
+ ce.Stack = buffer.String()
}
- frame, _ = runtime.CallersFrames(pc).Next()
- return frame, frame.PC != 0
+ return ce
}
diff --git a/vendor/go.uber.org/zap/options.go b/vendor/go.uber.org/zap/options.go
index e9e66161f5..c4f3bca3d2 100644
--- a/vendor/go.uber.org/zap/options.go
+++ b/vendor/go.uber.org/zap/options.go
@@ -133,9 +133,28 @@ func IncreaseLevel(lvl zapcore.LevelEnabler) Option {
}
// OnFatal sets the action to take on fatal logs.
+//
+// Deprecated: Use [WithFatalHook] instead.
func OnFatal(action zapcore.CheckWriteAction) Option {
+ return WithFatalHook(action)
+}
+
+// WithFatalHook sets a CheckWriteHook to run on fatal logs.
+// Zap will call this hook after writing a log statement with a Fatal level.
+//
+// For example, the following builds a logger that will exit the current
+// goroutine after writing a fatal log message, but it will not exit the
+// program.
+//
+// zap.New(core, zap.WithFatalHook(zapcore.WriteThenGoexit))
+//
+// It is important that the provided CheckWriteHook stops the control flow at
+// the current statement to meet expectations of callers of the logger.
+// We recommend calling os.Exit or runtime.Goexit inside custom hooks at
+// minimum.
+func WithFatalHook(hook zapcore.CheckWriteHook) Option {
return optionFunc(func(log *Logger) {
- log.onFatal = action
+ log.onFatal = hook
})
}
diff --git a/vendor/go.uber.org/zap/sink.go b/vendor/go.uber.org/zap/sink.go
index df46fa87a7..499772a00d 100644
--- a/vendor/go.uber.org/zap/sink.go
+++ b/vendor/go.uber.org/zap/sink.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2016 Uber Technologies, Inc.
+// Copyright (c) 2016-2022 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -26,6 +26,7 @@ import (
"io"
"net/url"
"os"
+ "path/filepath"
"strings"
"sync"
@@ -34,23 +35,7 @@ import (
const schemeFile = "file"
-var (
- _sinkMutex sync.RWMutex
- _sinkFactories map[string]func(*url.URL) (Sink, error) // keyed by scheme
-)
-
-func init() {
- resetSinkRegistry()
-}
-
-func resetSinkRegistry() {
- _sinkMutex.Lock()
- defer _sinkMutex.Unlock()
-
- _sinkFactories = map[string]func(*url.URL) (Sink, error){
- schemeFile: newFileSink,
- }
-}
+var _sinkRegistry = newSinkRegistry()
// Sink defines the interface to write to and close logger destinations.
type Sink interface {
@@ -58,10 +43,6 @@ type Sink interface {
io.Closer
}
-type nopCloserSink struct{ zapcore.WriteSyncer }
-
-func (nopCloserSink) Close() error { return nil }
-
type errSinkNotFound struct {
scheme string
}
@@ -70,16 +51,30 @@ func (e *errSinkNotFound) Error() string {
return fmt.Sprintf("no sink found for scheme %q", e.scheme)
}
-// RegisterSink registers a user-supplied factory for all sinks with a
-// particular scheme.
-//
-// All schemes must be ASCII, valid under section 3.1 of RFC 3986
-// (https://tools.ietf.org/html/rfc3986#section-3.1), and must not already
-// have a factory registered. Zap automatically registers a factory for the
-// "file" scheme.
-func RegisterSink(scheme string, factory func(*url.URL) (Sink, error)) error {
- _sinkMutex.Lock()
- defer _sinkMutex.Unlock()
+type nopCloserSink struct{ zapcore.WriteSyncer }
+
+func (nopCloserSink) Close() error { return nil }
+
+type sinkRegistry struct {
+ mu sync.Mutex
+ factories map[string]func(*url.URL) (Sink, error) // keyed by scheme
+ openFile func(string, int, os.FileMode) (*os.File, error) // type matches os.OpenFile
+}
+
+func newSinkRegistry() *sinkRegistry {
+ sr := &sinkRegistry{
+ factories: make(map[string]func(*url.URL) (Sink, error)),
+ openFile: os.OpenFile,
+ }
+ // Infallible operation: the registry is empty, so we can't have a conflict.
+ _ = sr.RegisterSink(schemeFile, sr.newFileSinkFromURL)
+ return sr
+}
+
+// RegisterScheme registers the given factory for the specific scheme.
+func (sr *sinkRegistry) RegisterSink(scheme string, factory func(*url.URL) (Sink, error)) error {
+ sr.mu.Lock()
+ defer sr.mu.Unlock()
if scheme == "" {
return errors.New("can't register a sink factory for empty string")
@@ -88,14 +83,22 @@ func RegisterSink(scheme string, factory func(*url.URL) (Sink, error)) error {
if err != nil {
return fmt.Errorf("%q is not a valid scheme: %v", scheme, err)
}
- if _, ok := _sinkFactories[normalized]; ok {
+ if _, ok := sr.factories[normalized]; ok {
return fmt.Errorf("sink factory already registered for scheme %q", normalized)
}
- _sinkFactories[normalized] = factory
+ sr.factories[normalized] = factory
return nil
}
-func newSink(rawURL string) (Sink, error) {
+func (sr *sinkRegistry) newSink(rawURL string) (Sink, error) {
+ // URL parsing doesn't work well for Windows paths such as `c:\log.txt`, as scheme is set to
+ // the drive, and path is unset unless `c:/log.txt` is used.
+ // To avoid Windows-specific URL handling, we instead check IsAbs to open as a file.
+ // filepath.IsAbs is OS-specific, so IsAbs('c:/log.txt') is false outside of Windows.
+ if filepath.IsAbs(rawURL) {
+ return sr.newFileSinkFromPath(rawURL)
+ }
+
u, err := url.Parse(rawURL)
if err != nil {
return nil, fmt.Errorf("can't parse %q as a URL: %v", rawURL, err)
@@ -104,16 +107,27 @@ func newSink(rawURL string) (Sink, error) {
u.Scheme = schemeFile
}
- _sinkMutex.RLock()
- factory, ok := _sinkFactories[u.Scheme]
- _sinkMutex.RUnlock()
+ sr.mu.Lock()
+ factory, ok := sr.factories[u.Scheme]
+ sr.mu.Unlock()
if !ok {
return nil, &errSinkNotFound{u.Scheme}
}
return factory(u)
}
-func newFileSink(u *url.URL) (Sink, error) {
+// RegisterSink registers a user-supplied factory for all sinks with a
+// particular scheme.
+//
+// All schemes must be ASCII, valid under section 0.1 of RFC 3986
+// (https://tools.ietf.org/html/rfc3983#section-3.1), and must not already
+// have a factory registered. Zap automatically registers a factory for the
+// "file" scheme.
+func RegisterSink(scheme string, factory func(*url.URL) (Sink, error)) error {
+ return _sinkRegistry.RegisterSink(scheme, factory)
+}
+
+func (sr *sinkRegistry) newFileSinkFromURL(u *url.URL) (Sink, error) {
if u.User != nil {
return nil, fmt.Errorf("user and password not allowed with file URLs: got %v", u)
}
@@ -130,13 +144,18 @@ func newFileSink(u *url.URL) (Sink, error) {
if hn := u.Hostname(); hn != "" && hn != "localhost" {
return nil, fmt.Errorf("file URLs must leave host empty or use localhost: got %v", u)
}
- switch u.Path {
+
+ return sr.newFileSinkFromPath(u.Path)
+}
+
+func (sr *sinkRegistry) newFileSinkFromPath(path string) (Sink, error) {
+ switch path {
case "stdout":
return nopCloserSink{os.Stdout}, nil
case "stderr":
return nopCloserSink{os.Stderr}, nil
}
- return os.OpenFile(u.Path, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0666)
+ return sr.openFile(path, os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0o666)
}
func normalizeScheme(s string) (string, error) {
diff --git a/vendor/go.uber.org/zap/stacktrace.go b/vendor/go.uber.org/zap/stacktrace.go
deleted file mode 100644
index 0cf8c1ddff..0000000000
--- a/vendor/go.uber.org/zap/stacktrace.go
+++ /dev/null
@@ -1,85 +0,0 @@
-// Copyright (c) 2016 Uber Technologies, Inc.
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in
-// all copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-// THE SOFTWARE.
-
-package zap
-
-import (
- "runtime"
- "sync"
-
- "go.uber.org/zap/internal/bufferpool"
-)
-
-var (
- _stacktracePool = sync.Pool{
- New: func() interface{} {
- return newProgramCounters(64)
- },
- }
-)
-
-func takeStacktrace(skip int) string {
- buffer := bufferpool.Get()
- defer buffer.Free()
- programCounters := _stacktracePool.Get().(*programCounters)
- defer _stacktracePool.Put(programCounters)
-
- var numFrames int
- for {
- // Skip the call to runtime.Callers and takeStacktrace so that the
- // program counters start at the caller of takeStacktrace.
- numFrames = runtime.Callers(skip+2, programCounters.pcs)
- if numFrames < len(programCounters.pcs) {
- break
- }
- // Don't put the too-short counter slice back into the pool; this lets
- // the pool adjust if we consistently take deep stacktraces.
- programCounters = newProgramCounters(len(programCounters.pcs) * 2)
- }
-
- i := 0
- frames := runtime.CallersFrames(programCounters.pcs[:numFrames])
-
- // Note: On the last iteration, frames.Next() returns false, with a valid
- // frame, but we ignore this frame. The last frame is a a runtime frame which
- // adds noise, since it's only either runtime.main or runtime.goexit.
- for frame, more := frames.Next(); more; frame, more = frames.Next() {
- if i != 0 {
- buffer.AppendByte('\n')
- }
- i++
- buffer.AppendString(frame.Function)
- buffer.AppendByte('\n')
- buffer.AppendByte('\t')
- buffer.AppendString(frame.File)
- buffer.AppendByte(':')
- buffer.AppendInt(int64(frame.Line))
- }
-
- return buffer.String()
-}
-
-type programCounters struct {
- pcs []uintptr
-}
-
-func newProgramCounters(size int) *programCounters {
- return &programCounters{make([]uintptr, size)}
-}
diff --git a/vendor/go.uber.org/zap/sugar.go b/vendor/go.uber.org/zap/sugar.go
index 0b9651981a..00ac5fe3ac 100644
--- a/vendor/go.uber.org/zap/sugar.go
+++ b/vendor/go.uber.org/zap/sugar.go
@@ -31,6 +31,7 @@ import (
const (
_oddNumberErrMsg = "Ignored key without a value."
_nonStringKeyErrMsg = "Ignored key-value pairs with non-string keys."
+ _multipleErrMsg = "Multiple errors without a key."
)
// A SugaredLogger wraps the base Logger functionality in a slower, but less
@@ -38,10 +39,19 @@ const (
// method.
//
// Unlike the Logger, the SugaredLogger doesn't insist on structured logging.
-// For each log level, it exposes three methods: one for loosely-typed
-// structured logging, one for println-style formatting, and one for
-// printf-style formatting. For example, SugaredLoggers can produce InfoLevel
-// output with Infow ("info with" structured context), Info, or Infof.
+// For each log level, it exposes four methods:
+//
+// - methods named after the log level for log.Print-style logging
+// - methods ending in "w" for loosely-typed structured logging
+// - methods ending in "f" for log.Printf-style logging
+// - methods ending in "ln" for log.Println-style logging
+//
+// For example, the methods for InfoLevel are:
+//
+// Info(...any) Print-style logging
+// Infow(...any) Structured logging (read as "info with")
+// Infof(string, ...any) Printf-style logging
+// Infoln(...any) Println-style logging
type SugaredLogger struct {
base *Logger
}
@@ -61,27 +71,40 @@ func (s *SugaredLogger) Named(name string) *SugaredLogger {
return &SugaredLogger{base: s.base.Named(name)}
}
+// WithOptions clones the current SugaredLogger, applies the supplied Options,
+// and returns the result. It's safe to use concurrently.
+func (s *SugaredLogger) WithOptions(opts ...Option) *SugaredLogger {
+ base := s.base.clone()
+ for _, opt := range opts {
+ opt.apply(base)
+ }
+ return &SugaredLogger{base: base}
+}
+
// With adds a variadic number of fields to the logging context. It accepts a
// mix of strongly-typed Field objects and loosely-typed key-value pairs. When
// processing pairs, the first element of the pair is used as the field key
// and the second as the field value.
//
// For example,
-// sugaredLogger.With(
-// "hello", "world",
-// "failure", errors.New("oh no"),
-// Stack(),
-// "count", 42,
-// "user", User{Name: "alice"},
-// )
+//
+// sugaredLogger.With(
+// "hello", "world",
+// "failure", errors.New("oh no"),
+// Stack(),
+// "count", 42,
+// "user", User{Name: "alice"},
+// )
+//
// is the equivalent of
-// unsugared.With(
-// String("hello", "world"),
-// String("failure", "oh no"),
-// Stack(),
-// Int("count", 42),
-// Object("user", User{Name: "alice"}),
-// )
+//
+// unsugared.With(
+// String("hello", "world"),
+// String("failure", "oh no"),
+// Stack(),
+// Int("count", 42),
+// Object("user", User{Name: "alice"}),
+// )
//
// Note that the keys in key-value pairs should be strings. In development,
// passing a non-string key panics. In production, the logger is more
@@ -92,74 +115,95 @@ func (s *SugaredLogger) With(args ...interface{}) *SugaredLogger {
return &SugaredLogger{base: s.base.With(s.sweetenFields(args)...)}
}
-// Debug uses fmt.Sprint to construct and log a message.
+// Level reports the minimum enabled level for this logger.
+//
+// For NopLoggers, this is [zapcore.InvalidLevel].
+func (s *SugaredLogger) Level() zapcore.Level {
+ return zapcore.LevelOf(s.base.core)
+}
+
+// Debug logs the provided arguments at [DebugLevel].
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) Debug(args ...interface{}) {
s.log(DebugLevel, "", args, nil)
}
-// Info uses fmt.Sprint to construct and log a message.
+// Info logs the provided arguments at [InfoLevel].
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) Info(args ...interface{}) {
s.log(InfoLevel, "", args, nil)
}
-// Warn uses fmt.Sprint to construct and log a message.
+// Warn logs the provided arguments at [WarnLevel].
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) Warn(args ...interface{}) {
s.log(WarnLevel, "", args, nil)
}
-// Error uses fmt.Sprint to construct and log a message.
+// Error logs the provided arguments at [ErrorLevel].
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) Error(args ...interface{}) {
s.log(ErrorLevel, "", args, nil)
}
-// DPanic uses fmt.Sprint to construct and log a message. In development, the
-// logger then panics. (See DPanicLevel for details.)
+// DPanic logs the provided arguments at [DPanicLevel].
+// In development, the logger then panics. (See [DPanicLevel] for details.)
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) DPanic(args ...interface{}) {
s.log(DPanicLevel, "", args, nil)
}
-// Panic uses fmt.Sprint to construct and log a message, then panics.
+// Panic constructs a message with the provided arguments and panics.
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) Panic(args ...interface{}) {
s.log(PanicLevel, "", args, nil)
}
-// Fatal uses fmt.Sprint to construct and log a message, then calls os.Exit.
+// Fatal constructs a message with the provided arguments and calls os.Exit.
+// Spaces are added between arguments when neither is a string.
func (s *SugaredLogger) Fatal(args ...interface{}) {
s.log(FatalLevel, "", args, nil)
}
-// Debugf uses fmt.Sprintf to log a templated message.
+// Debugf formats the message according to the format specifier
+// and logs it at [DebugLevel].
func (s *SugaredLogger) Debugf(template string, args ...interface{}) {
s.log(DebugLevel, template, args, nil)
}
-// Infof uses fmt.Sprintf to log a templated message.
+// Infof formats the message according to the format specifier
+// and logs it at [InfoLevel].
func (s *SugaredLogger) Infof(template string, args ...interface{}) {
s.log(InfoLevel, template, args, nil)
}
-// Warnf uses fmt.Sprintf to log a templated message.
+// Warnf formats the message according to the format specifier
+// and logs it at [WarnLevel].
func (s *SugaredLogger) Warnf(template string, args ...interface{}) {
s.log(WarnLevel, template, args, nil)
}
-// Errorf uses fmt.Sprintf to log a templated message.
+// Errorf formats the message according to the format specifier
+// and logs it at [ErrorLevel].
func (s *SugaredLogger) Errorf(template string, args ...interface{}) {
s.log(ErrorLevel, template, args, nil)
}
-// DPanicf uses fmt.Sprintf to log a templated message. In development, the
-// logger then panics. (See DPanicLevel for details.)
+// DPanicf formats the message according to the format specifier
+// and logs it at [DPanicLevel].
+// In development, the logger then panics. (See [DPanicLevel] for details.)
func (s *SugaredLogger) DPanicf(template string, args ...interface{}) {
s.log(DPanicLevel, template, args, nil)
}
-// Panicf uses fmt.Sprintf to log a templated message, then panics.
+// Panicf formats the message according to the format specifier
+// and panics.
func (s *SugaredLogger) Panicf(template string, args ...interface{}) {
s.log(PanicLevel, template, args, nil)
}
-// Fatalf uses fmt.Sprintf to log a templated message, then calls os.Exit.
+// Fatalf formats the message according to the format specifier
+// and calls os.Exit.
func (s *SugaredLogger) Fatalf(template string, args ...interface{}) {
s.log(FatalLevel, template, args, nil)
}
@@ -168,7 +212,8 @@ func (s *SugaredLogger) Fatalf(template string, args ...interface{}) {
// pairs are treated as they are in With.
//
// When debug-level logging is disabled, this is much faster than
-// s.With(keysAndValues).Debug(msg)
+//
+// s.With(keysAndValues).Debug(msg)
func (s *SugaredLogger) Debugw(msg string, keysAndValues ...interface{}) {
s.log(DebugLevel, msg, nil, keysAndValues)
}
@@ -210,11 +255,55 @@ func (s *SugaredLogger) Fatalw(msg string, keysAndValues ...interface{}) {
s.log(FatalLevel, msg, nil, keysAndValues)
}
+// Debugln logs a message at [DebugLevel].
+// Spaces are always added between arguments.
+func (s *SugaredLogger) Debugln(args ...interface{}) {
+ s.logln(DebugLevel, args, nil)
+}
+
+// Infoln logs a message at [InfoLevel].
+// Spaces are always added between arguments.
+func (s *SugaredLogger) Infoln(args ...interface{}) {
+ s.logln(InfoLevel, args, nil)
+}
+
+// Warnln logs a message at [WarnLevel].
+// Spaces are always added between arguments.
+func (s *SugaredLogger) Warnln(args ...interface{}) {
+ s.logln(WarnLevel, args, nil)
+}
+
+// Errorln logs a message at [ErrorLevel].
+// Spaces are always added between arguments.
+func (s *SugaredLogger) Errorln(args ...interface{}) {
+ s.logln(ErrorLevel, args, nil)
+}
+
+// DPanicln logs a message at [DPanicLevel].
+// In development, the logger then panics. (See [DPanicLevel] for details.)
+// Spaces are always added between arguments.
+func (s *SugaredLogger) DPanicln(args ...interface{}) {
+ s.logln(DPanicLevel, args, nil)
+}
+
+// Panicln logs a message at [PanicLevel] and panics.
+// Spaces are always added between arguments.
+func (s *SugaredLogger) Panicln(args ...interface{}) {
+ s.logln(PanicLevel, args, nil)
+}
+
+// Fatalln logs a message at [FatalLevel] and calls os.Exit.
+// Spaces are always added between arguments.
+func (s *SugaredLogger) Fatalln(args ...interface{}) {
+ s.logln(FatalLevel, args, nil)
+}
+
// Sync flushes any buffered log entries.
func (s *SugaredLogger) Sync() error {
return s.base.Sync()
}
+// log message with Sprint, Sprintf, or neither.
func (s *SugaredLogger) log(lvl zapcore.Level, template string, fmtArgs []interface{}, context []interface{}) {
// If logging at this level is completely disabled, skip the overhead of
// string formatting.
@@ -228,6 +317,18 @@ func (s *SugaredLogger) log(lvl zapcore.Level, template string, fmtArgs []interf
}
}
+// logln message with Sprintln
+func (s *SugaredLogger) logln(lvl zapcore.Level, fmtArgs []interface{}, context []interface{}) {
+ if lvl < DPanicLevel && !s.base.Core().Enabled(lvl) {
+ return
+ }
+
+ msg := getMessageln(fmtArgs)
+ if ce := s.base.Check(lvl, msg); ce != nil {
+ ce.Write(s.sweetenFields(context)...)
+ }
+}
+
// getMessage format with Sprint, Sprintf, or neither.
func getMessage(template string, fmtArgs []interface{}) string {
if len(fmtArgs) == 0 {
@@ -246,15 +347,24 @@ func getMessage(template string, fmtArgs []interface{}) string {
return fmt.Sprint(fmtArgs...)
}
+// getMessageln format with Sprintln.
+func getMessageln(fmtArgs []interface{}) string {
+ msg := fmt.Sprintln(fmtArgs...)
+ return msg[:len(msg)-1]
+}
+
func (s *SugaredLogger) sweetenFields(args []interface{}) []Field {
if len(args) == 0 {
return nil
}
- // Allocate enough space for the worst case; if users pass only structured
- // fields, we shouldn't penalize them with extra allocations.
- fields := make([]Field, 0, len(args))
- var invalid invalidPairs
+ var (
+ // Allocate enough space for the worst case; if users pass only structured
+ // fields, we shouldn't penalize them with extra allocations.
+ fields = make([]Field, 0, len(args))
+ invalid invalidPairs
+ seenError bool
+ )
for i := 0; i < len(args); {
// This is a strongly-typed field. Consume it and move on.
@@ -264,6 +374,18 @@ func (s *SugaredLogger) sweetenFields(args []interface{}) []Field {
continue
}
+ // If it is an error, consume it and move on.
+ if err, ok := args[i].(error); ok {
+ if !seenError {
+ seenError = true
+ fields = append(fields, Error(err))
+ } else {
+ s.base.Error(_multipleErrMsg, Error(err))
+ }
+ i++
+ continue
+ }
+
// Make sure this element isn't a dangling key.
if i == len(args)-1 {
s.base.Error(_oddNumberErrMsg, Any("ignored", args[i]))
diff --git a/vendor/go.uber.org/zap/writer.go b/vendor/go.uber.org/zap/writer.go
index 86a709ab0b..06768c6791 100644
--- a/vendor/go.uber.org/zap/writer.go
+++ b/vendor/go.uber.org/zap/writer.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2016 Uber Technologies, Inc.
+// Copyright (c) 2016-2022 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -23,7 +23,6 @@ package zap
import (
"fmt"
"io"
- "io/ioutil"
"go.uber.org/zap/zapcore"
@@ -49,40 +48,40 @@ import (
// os.Stdout and os.Stderr. When specified without a scheme, relative file
// paths also work.
func Open(paths ...string) (zapcore.WriteSyncer, func(), error) {
- writers, close, err := open(paths)
+ writers, closeAll, err := open(paths)
if err != nil {
return nil, nil, err
}
writer := CombineWriteSyncers(writers...)
- return writer, close, nil
+ return writer, closeAll, nil
}
func open(paths []string) ([]zapcore.WriteSyncer, func(), error) {
writers := make([]zapcore.WriteSyncer, 0, len(paths))
closers := make([]io.Closer, 0, len(paths))
- close := func() {
+ closeAll := func() {
for _, c := range closers {
- c.Close()
+ _ = c.Close()
}
}
var openErr error
for _, path := range paths {
- sink, err := newSink(path)
+ sink, err := _sinkRegistry.newSink(path)
if err != nil {
- openErr = multierr.Append(openErr, fmt.Errorf("couldn't open sink %q: %v", path, err))
+ openErr = multierr.Append(openErr, fmt.Errorf("open sink %q: %w", path, err))
continue
}
writers = append(writers, sink)
closers = append(closers, sink)
}
if openErr != nil {
- close()
- return writers, nil, openErr
+ closeAll()
+ return nil, nil, openErr
}
- return writers, close, nil
+ return writers, closeAll, nil
}
// CombineWriteSyncers is a utility that combines multiple WriteSyncers into a
@@ -93,7 +92,7 @@ func open(paths []string) ([]zapcore.WriteSyncer, func(), error) {
// using zapcore.NewMultiWriteSyncer and zapcore.Lock individually.
func CombineWriteSyncers(writers ...zapcore.WriteSyncer) zapcore.WriteSyncer {
if len(writers) == 0 {
- return zapcore.AddSync(ioutil.Discard)
+ return zapcore.AddSync(io.Discard)
}
return zapcore.Lock(zapcore.NewMultiWriteSyncer(writers...))
}
diff --git a/vendor/go.uber.org/zap/zapcore/buffered_write_syncer.go b/vendor/go.uber.org/zap/zapcore/buffered_write_syncer.go
index ef2f7d9637..a40e93b3ec 100644
--- a/vendor/go.uber.org/zap/zapcore/buffered_write_syncer.go
+++ b/vendor/go.uber.org/zap/zapcore/buffered_write_syncer.go
@@ -43,6 +43,37 @@ const (
//
// BufferedWriteSyncer is safe for concurrent use. You don't need to use
// zapcore.Lock for WriteSyncers with BufferedWriteSyncer.
+//
+// To set up a BufferedWriteSyncer, construct a WriteSyncer for your log
+// destination (*os.File is a valid WriteSyncer), wrap it with
+// BufferedWriteSyncer, and defer a Stop() call for when you no longer need the
+// object.
+//
+// func main() {
+// ws := ... // your log destination
+// bws := &zapcore.BufferedWriteSyncer{WS: ws}
+// defer bws.Stop()
+//
+// // ...
+// core := zapcore.NewCore(enc, bws, lvl)
+// logger := zap.New(core)
+//
+// // ...
+// }
+//
+// By default, a BufferedWriteSyncer will buffer up to 256 kilobytes of logs,
+// waiting at most 30 seconds between flushes.
+// You can customize these parameters by setting the Size or FlushInterval
+// fields.
+// For example, the following buffers up to 512 kB of logs before flushing them
+// to Stderr, with a maximum of one minute between each flush.
+//
+// ws := &BufferedWriteSyncer{
+// WS: os.Stderr,
+// Size: 512 * 1024, // 512 kB
+// FlushInterval: time.Minute,
+// }
+// defer ws.Stop()
type BufferedWriteSyncer struct {
// WS is the WriteSyncer around which BufferedWriteSyncer will buffer
// writes.
diff --git a/vendor/go.uber.org/zap/zapcore/clock.go b/vendor/go.uber.org/zap/zapcore/clock.go
index d2ea95b394..422fd82a6b 100644
--- a/vendor/go.uber.org/zap/zapcore/clock.go
+++ b/vendor/go.uber.org/zap/zapcore/clock.go
@@ -20,9 +20,7 @@
package zapcore
-import (
- "time"
-)
+import "time"
// DefaultClock is the default clock used by Zap in operations that require
// time. This clock uses the system clock for all operations.
diff --git a/vendor/go.uber.org/zap/zapcore/console_encoder.go b/vendor/go.uber.org/zap/zapcore/console_encoder.go
index 2307af404c..8ca0bfaf56 100644
--- a/vendor/go.uber.org/zap/zapcore/console_encoder.go
+++ b/vendor/go.uber.org/zap/zapcore/console_encoder.go
@@ -22,20 +22,20 @@ package zapcore
import (
"fmt"
- "sync"
"go.uber.org/zap/buffer"
"go.uber.org/zap/internal/bufferpool"
+ "go.uber.org/zap/internal/pool"
)
-var _sliceEncoderPool = sync.Pool{
- New: func() interface{} {
- return &sliceArrayEncoder{elems: make([]interface{}, 0, 2)}
- },
-}
+var _sliceEncoderPool = pool.New(func() *sliceArrayEncoder {
+ return &sliceArrayEncoder{
+ elems: make([]interface{}, 0, 2),
+ }
+})
func getSliceEncoder() *sliceArrayEncoder {
- return _sliceEncoderPool.Get().(*sliceArrayEncoder)
+ return _sliceEncoderPool.Get()
}
func putSliceEncoder(e *sliceArrayEncoder) {
@@ -125,11 +125,7 @@ func (c consoleEncoder) EncodeEntry(ent Entry, fields []Field) (*buffer.Buffer,
line.AppendString(ent.Stack)
}
- if c.LineEnding != "" {
- line.AppendString(c.LineEnding)
- } else {
- line.AppendString(DefaultLineEnding)
- }
+ line.AppendString(c.LineEnding)
return line, nil
}
diff --git a/vendor/go.uber.org/zap/zapcore/core.go b/vendor/go.uber.org/zap/zapcore/core.go
index a1ef8b034b..776e93f6f3 100644
--- a/vendor/go.uber.org/zap/zapcore/core.go
+++ b/vendor/go.uber.org/zap/zapcore/core.go
@@ -69,6 +69,15 @@ type ioCore struct {
out WriteSyncer
}
+var (
+ _ Core = (*ioCore)(nil)
+ _ leveledEnabler = (*ioCore)(nil)
+)
+
+func (c *ioCore) Level() Level {
+ return LevelOf(c.LevelEnabler)
+}
+
func (c *ioCore) With(fields []Field) Core {
clone := c.clone()
addFields(clone.enc, fields)
@@ -93,9 +102,9 @@ func (c *ioCore) Write(ent Entry, fields []Field) error {
return err
}
if ent.Level > ErrorLevel {
- // Since we may be crashing the program, sync the output. Ignore Sync
- // errors, pending a clean solution to issue #370.
- c.Sync()
+ // Since we may be crashing the program, sync the output.
+ // Ignore Sync errors, pending a clean solution to issue #370.
+ _ = c.Sync()
}
return nil
}
diff --git a/vendor/go.uber.org/zap/zapcore/encoder.go b/vendor/go.uber.org/zap/zapcore/encoder.go
index 6601ca166c..5769ff3e4e 100644
--- a/vendor/go.uber.org/zap/zapcore/encoder.go
+++ b/vendor/go.uber.org/zap/zapcore/encoder.go
@@ -22,6 +22,7 @@ package zapcore
import (
"encoding/json"
+ "io"
"time"
"go.uber.org/zap/buffer"
@@ -187,10 +188,13 @@ func (e *TimeEncoder) UnmarshalText(text []byte) error {
// UnmarshalYAML unmarshals YAML to a TimeEncoder.
// If value is an object with a "layout" field, it will be unmarshaled to TimeEncoder with given layout.
-// timeEncoder:
-// layout: 06/01/02 03:04pm
+//
+// timeEncoder:
+// layout: 06/01/02 03:04pm
+//
// If value is string, it uses UnmarshalText.
-// timeEncoder: iso8601
+//
+// timeEncoder: iso8601
func (e *TimeEncoder) UnmarshalYAML(unmarshal func(interface{}) error) error {
var o struct {
Layout string `json:"layout" yaml:"layout"`
@@ -312,14 +316,15 @@ func (e *NameEncoder) UnmarshalText(text []byte) error {
type EncoderConfig struct {
// Set the keys used for each log entry. If any key is empty, that portion
// of the entry is omitted.
- MessageKey string `json:"messageKey" yaml:"messageKey"`
- LevelKey string `json:"levelKey" yaml:"levelKey"`
- TimeKey string `json:"timeKey" yaml:"timeKey"`
- NameKey string `json:"nameKey" yaml:"nameKey"`
- CallerKey string `json:"callerKey" yaml:"callerKey"`
- FunctionKey string `json:"functionKey" yaml:"functionKey"`
- StacktraceKey string `json:"stacktraceKey" yaml:"stacktraceKey"`
- LineEnding string `json:"lineEnding" yaml:"lineEnding"`
+ MessageKey string `json:"messageKey" yaml:"messageKey"`
+ LevelKey string `json:"levelKey" yaml:"levelKey"`
+ TimeKey string `json:"timeKey" yaml:"timeKey"`
+ NameKey string `json:"nameKey" yaml:"nameKey"`
+ CallerKey string `json:"callerKey" yaml:"callerKey"`
+ FunctionKey string `json:"functionKey" yaml:"functionKey"`
+ StacktraceKey string `json:"stacktraceKey" yaml:"stacktraceKey"`
+ SkipLineEnding bool `json:"skipLineEnding" yaml:"skipLineEnding"`
+ LineEnding string `json:"lineEnding" yaml:"lineEnding"`
// Configure the primitive representations of common complex types. For
// example, some users may want all time.Times serialized as floating-point
// seconds since epoch, while others may prefer ISO8601 strings.
@@ -330,6 +335,9 @@ type EncoderConfig struct {
// Unlike the other primitive type encoders, EncodeName is optional. The
// zero value falls back to FullNameEncoder.
EncodeName NameEncoder `json:"nameEncoder" yaml:"nameEncoder"`
+ // Configure the encoder for interface{} type objects.
+ // If not provided, objects are encoded using json.Encoder
+ NewReflectedEncoder func(io.Writer) ReflectedEncoder `json:"-" yaml:"-"`
// Configures the field separator used by the console encoder. Defaults
// to tab.
ConsoleSeparator string `json:"consoleSeparator" yaml:"consoleSeparator"`
diff --git a/vendor/go.uber.org/zap/zapcore/entry.go b/vendor/go.uber.org/zap/zapcore/entry.go
index 0885505b75..459a5d7ce3 100644
--- a/vendor/go.uber.org/zap/zapcore/entry.go
+++ b/vendor/go.uber.org/zap/zapcore/entry.go
@@ -24,26 +24,23 @@ import (
"fmt"
"runtime"
"strings"
- "sync"
"time"
+ "go.uber.org/multierr"
"go.uber.org/zap/internal/bufferpool"
"go.uber.org/zap/internal/exit"
-
- "go.uber.org/multierr"
+ "go.uber.org/zap/internal/pool"
)
-var (
- _cePool = sync.Pool{New: func() interface{} {
- // Pre-allocate some space for cores.
- return &CheckedEntry{
- cores: make([]Core, 4),
- }
- }}
-)
+var _cePool = pool.New(func() *CheckedEntry {
+ // Pre-allocate some space for cores.
+ return &CheckedEntry{
+ cores: make([]Core, 4),
+ }
+})
func getCheckedEntry() *CheckedEntry {
- ce := _cePool.Get().(*CheckedEntry)
+ ce := _cePool.Get()
ce.reset()
return ce
}
@@ -152,6 +149,27 @@ type Entry struct {
Stack string
}
+// CheckWriteHook is a custom action that may be executed after an entry is
+// written.
+//
+// Register one on a CheckedEntry with the After method.
+//
+// if ce := logger.Check(...); ce != nil {
+// ce = ce.After(hook)
+// ce.Write(...)
+// }
+//
+// You can configure the hook for Fatal log statements at the logger level with
+// the zap.WithFatalHook option.
+type CheckWriteHook interface {
+ // OnWrite is invoked with the CheckedEntry that was written and a list
+ // of fields added with that entry.
+ //
+ // The list of fields DOES NOT include fields that were already added
+ // to the logger with the With method.
+ OnWrite(*CheckedEntry, []Field)
+}
+
// CheckWriteAction indicates what action to take after a log entry is
// processed. Actions are ordered in increasing severity.
type CheckWriteAction uint8
@@ -164,21 +182,36 @@ const (
WriteThenGoexit
// WriteThenPanic causes a panic after Write.
WriteThenPanic
- // WriteThenFatal causes a fatal os.Exit after Write.
+ // WriteThenFatal causes an os.Exit(1) after Write.
WriteThenFatal
)
+// OnWrite implements the OnWrite method to keep CheckWriteAction compatible
+// with the new CheckWriteHook interface which deprecates CheckWriteAction.
+func (a CheckWriteAction) OnWrite(ce *CheckedEntry, _ []Field) {
+ switch a {
+ case WriteThenGoexit:
+ runtime.Goexit()
+ case WriteThenPanic:
+ panic(ce.Message)
+ case WriteThenFatal:
+ exit.With(1)
+ }
+}
+
+var _ CheckWriteHook = CheckWriteAction(0)
+
// CheckedEntry is an Entry together with a collection of Cores that have
// already agreed to log it.
//
-// CheckedEntry references should be created by calling AddCore or Should on a
+// CheckedEntry references should be created by calling AddCore or After on a
// nil *CheckedEntry. References are returned to a pool after Write, and MUST
// NOT be retained after calling their Write method.
type CheckedEntry struct {
Entry
ErrorOutput WriteSyncer
dirty bool // best-effort detection of pool misuse
- should CheckWriteAction
+ after CheckWriteHook
cores []Core
}
@@ -186,7 +219,7 @@ func (ce *CheckedEntry) reset() {
ce.Entry = Entry{}
ce.ErrorOutput = nil
ce.dirty = false
- ce.should = WriteThenNoop
+ ce.after = nil
for i := range ce.cores {
// don't keep references to cores
ce.cores[i] = nil
@@ -209,7 +242,7 @@ func (ce *CheckedEntry) Write(fields ...Field) {
// CheckedEntry is being used after it was returned to the pool,
// the message may be an amalgamation from multiple call sites.
fmt.Fprintf(ce.ErrorOutput, "%v Unsafe CheckedEntry re-use near Entry %+v.\n", ce.Time, ce.Entry)
- ce.ErrorOutput.Sync()
+ _ = ce.ErrorOutput.Sync() // ignore error
}
return
}
@@ -221,20 +254,14 @@ func (ce *CheckedEntry) Write(fields ...Field) {
}
if err != nil && ce.ErrorOutput != nil {
fmt.Fprintf(ce.ErrorOutput, "%v write error: %v\n", ce.Time, err)
- ce.ErrorOutput.Sync()
+ _ = ce.ErrorOutput.Sync() // ignore error
}
- should, msg := ce.should, ce.Message
- putCheckedEntry(ce)
-
- switch should {
- case WriteThenPanic:
- panic(msg)
- case WriteThenFatal:
- exit.Exit()
- case WriteThenGoexit:
- runtime.Goexit()
+ hook := ce.after
+ if hook != nil {
+ hook.OnWrite(ce, fields)
}
+ putCheckedEntry(ce)
}
// AddCore adds a Core that has agreed to log this CheckedEntry. It's intended to be
@@ -252,11 +279,20 @@ func (ce *CheckedEntry) AddCore(ent Entry, core Core) *CheckedEntry {
// Should sets this CheckedEntry's CheckWriteAction, which controls whether a
// Core will panic or fatal after writing this log entry. Like AddCore, it's
// safe to call on nil CheckedEntry references.
+//
+// Deprecated: Use [CheckedEntry.After] instead.
func (ce *CheckedEntry) Should(ent Entry, should CheckWriteAction) *CheckedEntry {
+ return ce.After(ent, should)
+}
+
+// After sets this CheckEntry's CheckWriteHook, which will be called after this
+// log entry has been written. It's safe to call this on nil CheckedEntry
+// references.
+func (ce *CheckedEntry) After(ent Entry, hook CheckWriteHook) *CheckedEntry {
if ce == nil {
ce = getCheckedEntry()
ce.Entry = ent
}
- ce.should = should
+ ce.after = hook
return ce
}
diff --git a/vendor/go.uber.org/zap/zapcore/error.go b/vendor/go.uber.org/zap/zapcore/error.go
index 74919b0ccb..c40df13269 100644
--- a/vendor/go.uber.org/zap/zapcore/error.go
+++ b/vendor/go.uber.org/zap/zapcore/error.go
@@ -23,7 +23,8 @@ package zapcore
import (
"fmt"
"reflect"
- "sync"
+
+ "go.uber.org/zap/internal/pool"
)
// Encodes the given error into fields of an object. A field with the given
@@ -36,13 +37,13 @@ import (
// causer (from github.com/pkg/errors), a ${key}Causes field is added with an
// array of objects containing the errors this error was comprised of.
//
-// {
-// "error": err.Error(),
-// "errorVerbose": fmt.Sprintf("%+v", err),
-// "errorCauses": [
-// ...
-// ],
-// }
+// {
+// "error": err.Error(),
+// "errorVerbose": fmt.Sprintf("%+v", err),
+// "errorCauses": [
+// ...
+// ],
+// }
func encodeError(key string, err error, enc ObjectEncoder) (retErr error) {
// Try to capture panics (from nil references or otherwise) when calling
// the Error() method
@@ -97,15 +98,18 @@ func (errs errArray) MarshalLogArray(arr ArrayEncoder) error {
}
el := newErrArrayElem(errs[i])
- arr.AppendObject(el)
+ err := arr.AppendObject(el)
el.Free()
+ if err != nil {
+ return err
+ }
}
return nil
}
-var _errArrayElemPool = sync.Pool{New: func() interface{} {
+var _errArrayElemPool = pool.New(func() *errArrayElem {
return &errArrayElem{}
-}}
+})
// Encodes any error into a {"error": ...} re-using the same errors logic.
//
@@ -113,7 +117,7 @@ var _errArrayElemPool = sync.Pool{New: func() interface{} {
type errArrayElem struct{ err error }
func newErrArrayElem(err error) *errArrayElem {
- e := _errArrayElemPool.Get().(*errArrayElem)
+ e := _errArrayElemPool.Get()
e.err = err
return e
}
diff --git a/vendor/go.uber.org/zap/zapcore/hook.go b/vendor/go.uber.org/zap/zapcore/hook.go
index 5db4afb302..198def9917 100644
--- a/vendor/go.uber.org/zap/zapcore/hook.go
+++ b/vendor/go.uber.org/zap/zapcore/hook.go
@@ -27,6 +27,11 @@ type hooked struct {
funcs []func(Entry) error
}
+var (
+ _ Core = (*hooked)(nil)
+ _ leveledEnabler = (*hooked)(nil)
+)
+
// RegisterHooks wraps a Core and runs a collection of user-defined callback
// hooks each time a message is logged. Execution of the callbacks is blocking.
//
@@ -40,6 +45,10 @@ func RegisterHooks(core Core, hooks ...func(Entry) error) Core {
}
}
+func (h *hooked) Level() Level {
+ return LevelOf(h.Core)
+}
+
func (h *hooked) Check(ent Entry, ce *CheckedEntry) *CheckedEntry {
// Let the wrapped Core decide whether to log this message or not. This
// also gives the downstream a chance to register itself directly with the
diff --git a/vendor/go.uber.org/zap/zapcore/increase_level.go b/vendor/go.uber.org/zap/zapcore/increase_level.go
index 5a1749261a..7a11237ae9 100644
--- a/vendor/go.uber.org/zap/zapcore/increase_level.go
+++ b/vendor/go.uber.org/zap/zapcore/increase_level.go
@@ -27,6 +27,11 @@ type levelFilterCore struct {
level LevelEnabler
}
+var (
+ _ Core = (*levelFilterCore)(nil)
+ _ leveledEnabler = (*levelFilterCore)(nil)
+)
+
// NewIncreaseLevelCore creates a core that can be used to increase the level of
// an existing Core. It cannot be used to decrease the logging level, as it acts
// as a filter before calling the underlying core. If level decreases the log level,
@@ -45,6 +50,10 @@ func (c *levelFilterCore) Enabled(lvl Level) bool {
return c.level.Enabled(lvl)
}
+func (c *levelFilterCore) Level() Level {
+ return LevelOf(c.level)
+}
+
func (c *levelFilterCore) With(fields []Field) Core {
return &levelFilterCore{c.core.With(fields), c.level}
}
diff --git a/vendor/go.uber.org/zap/zapcore/json_encoder.go b/vendor/go.uber.org/zap/zapcore/json_encoder.go
index 5cf7d917e9..c8ab86979b 100644
--- a/vendor/go.uber.org/zap/zapcore/json_encoder.go
+++ b/vendor/go.uber.org/zap/zapcore/json_encoder.go
@@ -22,26 +22,21 @@ package zapcore
import (
"encoding/base64"
- "encoding/json"
"math"
- "sync"
"time"
"unicode/utf8"
"go.uber.org/zap/buffer"
"go.uber.org/zap/internal/bufferpool"
+ "go.uber.org/zap/internal/pool"
)
// For JSON-escaping; see jsonEncoder.safeAddString below.
const _hex = "0123456789abcdef"
-var _jsonPool = sync.Pool{New: func() interface{} {
+var _jsonPool = pool.New(func() *jsonEncoder {
return &jsonEncoder{}
-}}
-
-func getJSONEncoder() *jsonEncoder {
- return _jsonPool.Get().(*jsonEncoder)
-}
+})
func putJSONEncoder(enc *jsonEncoder) {
if enc.reflectBuf != nil {
@@ -64,7 +59,7 @@ type jsonEncoder struct {
// for encoding generic values by reflection
reflectBuf *buffer.Buffer
- reflectEnc *json.Encoder
+ reflectEnc ReflectedEncoder
}
// NewJSONEncoder creates a fast, low-allocation JSON encoder. The encoder
@@ -72,7 +67,9 @@ type jsonEncoder struct {
//
// Note that the encoder doesn't deduplicate keys, so it's possible to produce
// a message like
-// {"foo":"bar","foo":"baz"}
+//
+// {"foo":"bar","foo":"baz"}
+//
// This is permitted by the JSON specification, but not encouraged. Many
// libraries will ignore duplicate key-value pairs (typically keeping the last
// pair) when unmarshaling, but users should attempt to avoid adding duplicate
@@ -82,6 +79,17 @@ func NewJSONEncoder(cfg EncoderConfig) Encoder {
}
func newJSONEncoder(cfg EncoderConfig, spaced bool) *jsonEncoder {
+ if cfg.SkipLineEnding {
+ cfg.LineEnding = ""
+ } else if cfg.LineEnding == "" {
+ cfg.LineEnding = DefaultLineEnding
+ }
+
+ // If no EncoderConfig.NewReflectedEncoder is provided by the user, then use default
+ if cfg.NewReflectedEncoder == nil {
+ cfg.NewReflectedEncoder = defaultReflectedEncoder
+ }
+
return &jsonEncoder{
EncoderConfig: &cfg,
buf: bufferpool.Get(),
@@ -118,6 +126,11 @@ func (enc *jsonEncoder) AddComplex128(key string, val complex128) {
enc.AppendComplex128(val)
}
+func (enc *jsonEncoder) AddComplex64(key string, val complex64) {
+ enc.addKey(key)
+ enc.AppendComplex64(val)
+}
+
func (enc *jsonEncoder) AddDuration(key string, val time.Duration) {
enc.addKey(key)
enc.AppendDuration(val)
@@ -128,6 +141,11 @@ func (enc *jsonEncoder) AddFloat64(key string, val float64) {
enc.AppendFloat64(val)
}
+func (enc *jsonEncoder) AddFloat32(key string, val float32) {
+ enc.addKey(key)
+ enc.AppendFloat32(val)
+}
+
func (enc *jsonEncoder) AddInt64(key string, val int64) {
enc.addKey(key)
enc.AppendInt64(val)
@@ -136,10 +154,7 @@ func (enc *jsonEncoder) AddInt64(key string, val int64) {
func (enc *jsonEncoder) resetReflectBuf() {
if enc.reflectBuf == nil {
enc.reflectBuf = bufferpool.Get()
- enc.reflectEnc = json.NewEncoder(enc.reflectBuf)
-
- // For consistency with our custom JSON encoder.
- enc.reflectEnc.SetEscapeHTML(false)
+ enc.reflectEnc = enc.NewReflectedEncoder(enc.reflectBuf)
} else {
enc.reflectBuf.Reset()
}
@@ -201,10 +216,16 @@ func (enc *jsonEncoder) AppendArray(arr ArrayMarshaler) error {
}
func (enc *jsonEncoder) AppendObject(obj ObjectMarshaler) error {
+ // Close ONLY new openNamespaces that are created during
+ // AppendObject().
+ old := enc.openNamespaces
+ enc.openNamespaces = 0
enc.addElementSeparator()
enc.buf.AppendByte('{')
err := obj.MarshalLogObject(enc)
enc.buf.AppendByte('}')
+ enc.closeOpenNamespaces()
+ enc.openNamespaces = old
return err
}
@@ -220,16 +241,23 @@ func (enc *jsonEncoder) AppendByteString(val []byte) {
enc.buf.AppendByte('"')
}
-func (enc *jsonEncoder) AppendComplex128(val complex128) {
+// appendComplex appends the encoded form of the provided complex128 value.
+// precision specifies the encoding precision for the real and imaginary
+// components of the complex number.
+func (enc *jsonEncoder) appendComplex(val complex128, precision int) {
enc.addElementSeparator()
// Cast to a platform-independent, fixed-size type.
r, i := float64(real(val)), float64(imag(val))
enc.buf.AppendByte('"')
// Because we're always in a quoted string, we can use strconv without
// special-casing NaN and +/-Inf.
- enc.buf.AppendFloat(r, 64)
- enc.buf.AppendByte('+')
- enc.buf.AppendFloat(i, 64)
+ enc.buf.AppendFloat(r, precision)
+ // If imaginary part is less than 0, minus (-) sign is added by default
+ // by AppendFloat.
+ if i >= 0 {
+ enc.buf.AppendByte('+')
+ }
+ enc.buf.AppendFloat(i, precision)
enc.buf.AppendByte('i')
enc.buf.AppendByte('"')
}
@@ -292,29 +320,28 @@ func (enc *jsonEncoder) AppendUint64(val uint64) {
enc.buf.AppendUint(val)
}
-func (enc *jsonEncoder) AddComplex64(k string, v complex64) { enc.AddComplex128(k, complex128(v)) }
-func (enc *jsonEncoder) AddFloat32(k string, v float32) { enc.AddFloat64(k, float64(v)) }
-func (enc *jsonEncoder) AddInt(k string, v int) { enc.AddInt64(k, int64(v)) }
-func (enc *jsonEncoder) AddInt32(k string, v int32) { enc.AddInt64(k, int64(v)) }
-func (enc *jsonEncoder) AddInt16(k string, v int16) { enc.AddInt64(k, int64(v)) }
-func (enc *jsonEncoder) AddInt8(k string, v int8) { enc.AddInt64(k, int64(v)) }
-func (enc *jsonEncoder) AddUint(k string, v uint) { enc.AddUint64(k, uint64(v)) }
-func (enc *jsonEncoder) AddUint32(k string, v uint32) { enc.AddUint64(k, uint64(v)) }
-func (enc *jsonEncoder) AddUint16(k string, v uint16) { enc.AddUint64(k, uint64(v)) }
-func (enc *jsonEncoder) AddUint8(k string, v uint8) { enc.AddUint64(k, uint64(v)) }
-func (enc *jsonEncoder) AddUintptr(k string, v uintptr) { enc.AddUint64(k, uint64(v)) }
-func (enc *jsonEncoder) AppendComplex64(v complex64) { enc.AppendComplex128(complex128(v)) }
-func (enc *jsonEncoder) AppendFloat64(v float64) { enc.appendFloat(v, 64) }
-func (enc *jsonEncoder) AppendFloat32(v float32) { enc.appendFloat(float64(v), 32) }
-func (enc *jsonEncoder) AppendInt(v int) { enc.AppendInt64(int64(v)) }
-func (enc *jsonEncoder) AppendInt32(v int32) { enc.AppendInt64(int64(v)) }
-func (enc *jsonEncoder) AppendInt16(v int16) { enc.AppendInt64(int64(v)) }
-func (enc *jsonEncoder) AppendInt8(v int8) { enc.AppendInt64(int64(v)) }
-func (enc *jsonEncoder) AppendUint(v uint) { enc.AppendUint64(uint64(v)) }
-func (enc *jsonEncoder) AppendUint32(v uint32) { enc.AppendUint64(uint64(v)) }
-func (enc *jsonEncoder) AppendUint16(v uint16) { enc.AppendUint64(uint64(v)) }
-func (enc *jsonEncoder) AppendUint8(v uint8) { enc.AppendUint64(uint64(v)) }
-func (enc *jsonEncoder) AppendUintptr(v uintptr) { enc.AppendUint64(uint64(v)) }
+func (enc *jsonEncoder) AddInt(k string, v int) { enc.AddInt64(k, int64(v)) }
+func (enc *jsonEncoder) AddInt32(k string, v int32) { enc.AddInt64(k, int64(v)) }
+func (enc *jsonEncoder) AddInt16(k string, v int16) { enc.AddInt64(k, int64(v)) }
+func (enc *jsonEncoder) AddInt8(k string, v int8) { enc.AddInt64(k, int64(v)) }
+func (enc *jsonEncoder) AddUint(k string, v uint) { enc.AddUint64(k, uint64(v)) }
+func (enc *jsonEncoder) AddUint32(k string, v uint32) { enc.AddUint64(k, uint64(v)) }
+func (enc *jsonEncoder) AddUint16(k string, v uint16) { enc.AddUint64(k, uint64(v)) }
+func (enc *jsonEncoder) AddUint8(k string, v uint8) { enc.AddUint64(k, uint64(v)) }
+func (enc *jsonEncoder) AddUintptr(k string, v uintptr) { enc.AddUint64(k, uint64(v)) }
+func (enc *jsonEncoder) AppendComplex64(v complex64) { enc.appendComplex(complex128(v), 32) }
+func (enc *jsonEncoder) AppendComplex128(v complex128) { enc.appendComplex(complex128(v), 64) }
+func (enc *jsonEncoder) AppendFloat64(v float64) { enc.appendFloat(v, 64) }
+func (enc *jsonEncoder) AppendFloat32(v float32) { enc.appendFloat(float64(v), 32) }
+func (enc *jsonEncoder) AppendInt(v int) { enc.AppendInt64(int64(v)) }
+func (enc *jsonEncoder) AppendInt32(v int32) { enc.AppendInt64(int64(v)) }
+func (enc *jsonEncoder) AppendInt16(v int16) { enc.AppendInt64(int64(v)) }
+func (enc *jsonEncoder) AppendInt8(v int8) { enc.AppendInt64(int64(v)) }
+func (enc *jsonEncoder) AppendUint(v uint) { enc.AppendUint64(uint64(v)) }
+func (enc *jsonEncoder) AppendUint32(v uint32) { enc.AppendUint64(uint64(v)) }
+func (enc *jsonEncoder) AppendUint16(v uint16) { enc.AppendUint64(uint64(v)) }
+func (enc *jsonEncoder) AppendUint8(v uint8) { enc.AppendUint64(uint64(v)) }
+func (enc *jsonEncoder) AppendUintptr(v uintptr) { enc.AppendUint64(uint64(v)) }
func (enc *jsonEncoder) Clone() Encoder {
clone := enc.clone()
@@ -323,7 +350,7 @@ func (enc *jsonEncoder) Clone() Encoder {
}
func (enc *jsonEncoder) clone() *jsonEncoder {
- clone := getJSONEncoder()
+ clone := _jsonPool.Get()
clone.EncoderConfig = enc.EncoderConfig
clone.spaced = enc.spaced
clone.openNamespaces = enc.openNamespaces
@@ -335,7 +362,7 @@ func (enc *jsonEncoder) EncodeEntry(ent Entry, fields []Field) (*buffer.Buffer,
final := enc.clone()
final.buf.AppendByte('{')
- if final.LevelKey != "" {
+ if final.LevelKey != "" && final.EncodeLevel != nil {
final.addKey(final.LevelKey)
cur := final.buf.Len()
final.EncodeLevel(ent.Level, final)
@@ -396,11 +423,7 @@ func (enc *jsonEncoder) EncodeEntry(ent Entry, fields []Field) (*buffer.Buffer,
final.AddString(final.StacktraceKey, ent.Stack)
}
final.buf.AppendByte('}')
- if final.LineEnding != "" {
- final.buf.AppendString(final.LineEnding)
- } else {
- final.buf.AppendString(DefaultLineEnding)
- }
+ final.buf.AppendString(final.LineEnding)
ret := final.buf
putJSONEncoder(final)
@@ -415,6 +438,7 @@ func (enc *jsonEncoder) closeOpenNamespaces() {
for i := 0; i < enc.openNamespaces; i++ {
enc.buf.AppendByte('}')
}
+ enc.openNamespaces = 0
}
func (enc *jsonEncoder) addKey(key string) {
@@ -462,73 +486,98 @@ func (enc *jsonEncoder) appendFloat(val float64, bitSize int) {
// Unlike the standard library's encoder, it doesn't attempt to protect the
// user from browser vulnerabilities or JSONP-related problems.
func (enc *jsonEncoder) safeAddString(s string) {
- for i := 0; i < len(s); {
- if enc.tryAddRuneSelf(s[i]) {
- i++
- continue
- }
- r, size := utf8.DecodeRuneInString(s[i:])
- if enc.tryAddRuneError(r, size) {
- i++
- continue
- }
- enc.buf.AppendString(s[i : i+size])
- i += size
- }
+ safeAppendStringLike(
+ (*buffer.Buffer).AppendString,
+ utf8.DecodeRuneInString,
+ enc.buf,
+ s,
+ )
}
// safeAddByteString is no-alloc equivalent of safeAddString(string(s)) for s []byte.
func (enc *jsonEncoder) safeAddByteString(s []byte) {
+ safeAppendStringLike(
+ (*buffer.Buffer).AppendBytes,
+ utf8.DecodeRune,
+ enc.buf,
+ s,
+ )
+}
+
+// safeAppendStringLike is a generic implementation of safeAddString and safeAddByteString.
+// It appends a string or byte slice to the buffer, escaping all special characters.
+func safeAppendStringLike[S []byte | string](
+ // appendTo appends this string-like object to the buffer.
+ appendTo func(*buffer.Buffer, S),
+ // decodeRune decodes the next rune from the string-like object
+ // and returns its value and width in bytes.
+ decodeRune func(S) (rune, int),
+ buf *buffer.Buffer,
+ s S,
+) {
+ // The encoding logic below works by skipping over characters
+ // that can be safely copied as-is,
+ // until a character is found that needs special handling.
+ // At that point, we copy everything we've seen so far,
+ // and then handle that special character.
+ //
+ // last is the index of the last byte that was copied to the buffer.
+ last := 0
for i := 0; i < len(s); {
- if enc.tryAddRuneSelf(s[i]) {
+ if s[i] >= utf8.RuneSelf {
+ // Character >= RuneSelf may be part of a multi-byte rune.
+ // They need to be decoded before we can decide how to handle them.
+ r, size := decodeRune(s[i:])
+ if r != utf8.RuneError || size != 1 {
+ // No special handling required.
+ // Skip over this rune and continue.
+ i += size
+ continue
+ }
+
+ // Invalid UTF-8 sequence.
+ // Replace it with the Unicode replacement character.
+ appendTo(buf, s[last:i])
+ buf.AppendString(`\ufffd`)
+
i++
- continue
- }
- r, size := utf8.DecodeRune(s[i:])
- if enc.tryAddRuneError(r, size) {
+ last = i
+ } else {
+ // Character < RuneSelf is a single-byte UTF-8 rune.
+ if s[i] >= 0x20 && s[i] != '\\' && s[i] != '"' {
+ // No escaping necessary.
+ // Skip over this character and continue.
+ i++
+ continue
+ }
+
+ // This character needs to be escaped.
+ appendTo(buf, s[last:i])
+ switch s[i] {
+ case '\\', '"':
+ buf.AppendByte('\\')
+ buf.AppendByte(s[i])
+ case '\n':
+ buf.AppendByte('\\')
+ buf.AppendByte('n')
+ case '\r':
+ buf.AppendByte('\\')
+ buf.AppendByte('r')
+ case '\t':
+ buf.AppendByte('\\')
+ buf.AppendByte('t')
+ default:
+ // Encode bytes < 0x20, except for the escape sequences above.
+ buf.AppendString(`\u00`)
+ buf.AppendByte(_hex[s[i]>>4])
+ buf.AppendByte(_hex[s[i]&0xF])
+ }
+
i++
- continue
+ last = i
}
- enc.buf.Write(s[i : i+size])
- i += size
- }
-}
-
-// tryAddRuneSelf appends b if it is valid UTF-8 character represented in a single byte.
-func (enc *jsonEncoder) tryAddRuneSelf(b byte) bool {
- if b >= utf8.RuneSelf {
- return false
}
- if 0x20 <= b && b != '\\' && b != '"' {
- enc.buf.AppendByte(b)
- return true
- }
- switch b {
- case '\\', '"':
- enc.buf.AppendByte('\\')
- enc.buf.AppendByte(b)
- case '\n':
- enc.buf.AppendByte('\\')
- enc.buf.AppendByte('n')
- case '\r':
- enc.buf.AppendByte('\\')
- enc.buf.AppendByte('r')
- case '\t':
- enc.buf.AppendByte('\\')
- enc.buf.AppendByte('t')
- default:
- // Encode bytes < 0x20, except for the escape sequences above.
- enc.buf.AppendString(`\u00`)
- enc.buf.AppendByte(_hex[b>>4])
- enc.buf.AppendByte(_hex[b&0xF])
- }
- return true
-}
-func (enc *jsonEncoder) tryAddRuneError(r rune, size int) bool {
- if r == utf8.RuneError && size == 1 {
- enc.buf.AppendString(`\ufffd`)
- return true
- }
- return false
+ // add remaining
+ appendTo(buf, s[last:])
}
diff --git a/vendor/go.uber.org/atomic/bool_ext.go b/vendor/go.uber.org/zap/zapcore/lazy_with.go
similarity index 60%
rename from vendor/go.uber.org/atomic/bool_ext.go
rename to vendor/go.uber.org/zap/zapcore/lazy_with.go
index a2e60e9873..05288d6a88 100644
--- a/vendor/go.uber.org/atomic/bool_ext.go
+++ b/vendor/go.uber.org/zap/zapcore/lazy_with.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2020 Uber Technologies, Inc.
+// Copyright (c) 2023 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -18,36 +18,37 @@
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
-package atomic
+package zapcore
-import (
- "strconv"
-)
+import "sync"
-//go:generate bin/gen-atomicwrapper -name=Bool -type=bool -wrapped=Uint32 -pack=boolToInt -unpack=truthy -cas -swap -json -file=bool.go
-
-func truthy(n uint32) bool {
- return n == 1
+type lazyWithCore struct {
+ Core
+ sync.Once
+ fields []Field
}
-func boolToInt(b bool) uint32 {
- if b {
- return 1
+// NewLazyWith wraps a Core with a "lazy" Core that will only encode fields if
+// the logger is written to (or is further chained in a lon-lazy manner).
+func NewLazyWith(core Core, fields []Field) Core {
+ return &lazyWithCore{
+ Core: core,
+ fields: fields,
}
- return 0
}
-// Toggle atomically negates the Boolean and returns the previous value.
-func (b *Bool) Toggle() (old bool) {
- for {
- old := b.Load()
- if b.CAS(old, !old) {
- return old
- }
- }
+func (d *lazyWithCore) initOnce() {
+ d.Once.Do(func() {
+ d.Core = d.Core.With(d.fields)
+ })
+}
+
+func (d *lazyWithCore) With(fields []Field) Core {
+ d.initOnce()
+ return d.Core.With(fields)
}
-// String encodes the wrapped value as a string.
-func (b *Bool) String() string {
- return strconv.FormatBool(b.Load())
+func (d *lazyWithCore) Check(e Entry, ce *CheckedEntry) *CheckedEntry {
+ d.initOnce()
+ return d.Core.Check(e, ce)
}
diff --git a/vendor/go.uber.org/zap/zapcore/level.go b/vendor/go.uber.org/zap/zapcore/level.go
index e575c9f432..e01a241316 100644
--- a/vendor/go.uber.org/zap/zapcore/level.go
+++ b/vendor/go.uber.org/zap/zapcore/level.go
@@ -53,8 +53,62 @@ const (
_minLevel = DebugLevel
_maxLevel = FatalLevel
+
+ // InvalidLevel is an invalid value for Level.
+ //
+ // Core implementations may panic if they see messages of this level.
+ InvalidLevel = _maxLevel + 1
)
+// ParseLevel parses a level based on the lower-case or all-caps ASCII
+// representation of the log level. If the provided ASCII representation is
+// invalid an error is returned.
+//
+// This is particularly useful when dealing with text input to configure log
+// levels.
+func ParseLevel(text string) (Level, error) {
+ var level Level
+ err := level.UnmarshalText([]byte(text))
+ return level, err
+}
+
+type leveledEnabler interface {
+ LevelEnabler
+
+ Level() Level
+}
+
+// LevelOf reports the minimum enabled log level for the given LevelEnabler
+// from Zap's supported log levels, or [InvalidLevel] if none of them are
+// enabled.
+//
+// A LevelEnabler may implement a 'Level() Level' method to override the
+// behavior of this function.
+//
+// func (c *core) Level() Level {
+// return c.currentLevel
+// }
+//
+// It is recommended that [Core] implementations that wrap other cores use
+// LevelOf to retrieve the level of the wrapped core. For example,
+//
+// func (c *coreWrapper) Level() Level {
+// return zapcore.LevelOf(c.wrappedCore)
+// }
+func LevelOf(enab LevelEnabler) Level {
+ if lvler, ok := enab.(leveledEnabler); ok {
+ return lvler.Level()
+ }
+
+ for lvl := _minLevel; lvl <= _maxLevel; lvl++ {
+ if enab.Enabled(lvl) {
+ return lvl
+ }
+ }
+
+ return InvalidLevel
+}
+
// String returns a lower-case ASCII representation of the log level.
func (l Level) String() string {
switch l {
diff --git a/vendor/go.uber.org/atomic/error_ext.go b/vendor/go.uber.org/zap/zapcore/reflected_encoder.go
similarity index 65%
rename from vendor/go.uber.org/atomic/error_ext.go
rename to vendor/go.uber.org/zap/zapcore/reflected_encoder.go
index d31fb633bb..8746360eca 100644
--- a/vendor/go.uber.org/atomic/error_ext.go
+++ b/vendor/go.uber.org/zap/zapcore/reflected_encoder.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2020-2022 Uber Technologies, Inc.
+// Copyright (c) 2016 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -18,22 +18,24 @@
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
-package atomic
+package zapcore
-// atomic.Value panics on nil inputs, or if the underlying type changes.
-// Stabilize by always storing a custom struct that we control.
+import (
+ "encoding/json"
+ "io"
+)
-//go:generate bin/gen-atomicwrapper -name=Error -type=error -wrapped=Value -pack=packError -unpack=unpackError -compareandswap -swap -file=error.go
-
-type packedError struct{ Value error }
-
-func packError(v error) interface{} {
- return packedError{v}
+// ReflectedEncoder serializes log fields that can't be serialized with Zap's
+// JSON encoder. These have the ReflectType field type.
+// Use EncoderConfig.NewReflectedEncoder to set this.
+type ReflectedEncoder interface {
+ // Encode encodes and writes to the underlying data stream.
+ Encode(interface{}) error
}
-func unpackError(v interface{}) error {
- if err, ok := v.(packedError); ok {
- return err.Value
- }
- return nil
+func defaultReflectedEncoder(w io.Writer) ReflectedEncoder {
+ enc := json.NewEncoder(w)
+ // For consistency with our custom JSON encoder.
+ enc.SetEscapeHTML(false)
+ return enc
}
diff --git a/vendor/go.uber.org/zap/zapcore/sampler.go b/vendor/go.uber.org/zap/zapcore/sampler.go
index 31ed96e129..b7c093a4f2 100644
--- a/vendor/go.uber.org/zap/zapcore/sampler.go
+++ b/vendor/go.uber.org/zap/zapcore/sampler.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2016 Uber Technologies, Inc.
+// Copyright (c) 2016-2022 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -21,9 +21,8 @@
package zapcore
import (
+ "sync/atomic"
"time"
-
- "go.uber.org/atomic"
)
const (
@@ -66,16 +65,16 @@ func (c *counter) IncCheckReset(t time.Time, tick time.Duration) uint64 {
tn := t.UnixNano()
resetAfter := c.resetAt.Load()
if resetAfter > tn {
- return c.counter.Inc()
+ return c.counter.Add(1)
}
c.counter.Store(1)
newResetAfter := tn + tick.Nanoseconds()
- if !c.resetAt.CAS(resetAfter, newResetAfter) {
+ if !c.resetAt.CompareAndSwap(resetAfter, newResetAfter) {
// We raced with another goroutine trying to reset, and it also reset
// the counter to 1, so we need to reincrement the counter.
- return c.counter.Inc()
+ return c.counter.Add(1)
}
return 1
@@ -113,12 +112,12 @@ func nopSamplingHook(Entry, SamplingDecision) {}
// This hook may be used to get visibility into the performance of the sampler.
// For example, use it to track metrics of dropped versus sampled logs.
//
-// var dropped atomic.Int64
-// zapcore.SamplerHook(func(ent zapcore.Entry, dec zapcore.SamplingDecision) {
-// if dec&zapcore.LogDropped > 0 {
-// dropped.Inc()
-// }
-// })
+// var dropped atomic.Int64
+// zapcore.SamplerHook(func(ent zapcore.Entry, dec zapcore.SamplingDecision) {
+// if dec&zapcore.LogDropped > 0 {
+// dropped.Inc()
+// }
+// })
func SamplerHook(hook func(entry Entry, dec SamplingDecision)) SamplerOption {
return optionFunc(func(s *sampler) {
s.hook = hook
@@ -133,10 +132,21 @@ func SamplerHook(hook func(entry Entry, dec SamplingDecision)) SamplerOption {
// each tick. If more Entries with the same level and message are seen during
// the same interval, every Mth message is logged and the rest are dropped.
//
+// For example,
+//
+// core = NewSamplerWithOptions(core, time.Second, 10, 5)
+//
+// This will log the first 10 log entries with the same level and message
+// in a one second interval as-is. Following that, it will allow through
+// every 5th log entry with the same level and message in that interval.
+//
+// If thereafter is zero, the Core will drop all log entries after the first N
+// in that interval.
+//
// Sampler can be configured to report sampling decisions with the SamplerHook
// option.
//
-// Keep in mind that zap's sampling implementation is optimized for speed over
+// Keep in mind that Zap's sampling implementation is optimized for speed over
// absolute precision; under load, each tick may be slightly over- or
// under-sampled.
func NewSamplerWithOptions(core Core, tick time.Duration, first, thereafter int, opts ...SamplerOption) Core {
@@ -164,6 +174,11 @@ type sampler struct {
hook func(Entry, SamplingDecision)
}
+var (
+ _ Core = (*sampler)(nil)
+ _ leveledEnabler = (*sampler)(nil)
+)
+
// NewSampler creates a Core that samples incoming entries, which
// caps the CPU and I/O load of logging while attempting to preserve a
// representative subset of your logs.
@@ -181,6 +196,10 @@ func NewSampler(core Core, tick time.Duration, first, thereafter int) Core {
return NewSamplerWithOptions(core, tick, first, thereafter)
}
+func (s *sampler) Level() Level {
+ return LevelOf(s.Core)
+}
+
func (s *sampler) With(fields []Field) Core {
return &sampler{
Core: s.Core.With(fields),
@@ -200,7 +219,7 @@ func (s *sampler) Check(ent Entry, ce *CheckedEntry) *CheckedEntry {
if ent.Level >= _minLevel && ent.Level <= _maxLevel {
counter := s.counts.get(ent.Level, ent.Message)
n := counter.IncCheckReset(ent.Time, s.tick)
- if n > s.first && (n-s.first)%s.thereafter != 0 {
+ if n > s.first && (s.thereafter == 0 || (n-s.first)%s.thereafter != 0) {
s.hook(ent, LogDropped)
return ce
}
diff --git a/vendor/go.uber.org/zap/zapcore/tee.go b/vendor/go.uber.org/zap/zapcore/tee.go
index 07a32eef9a..9bb32f0557 100644
--- a/vendor/go.uber.org/zap/zapcore/tee.go
+++ b/vendor/go.uber.org/zap/zapcore/tee.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2016 Uber Technologies, Inc.
+// Copyright (c) 2016-2022 Uber Technologies, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
@@ -24,6 +24,11 @@ import "go.uber.org/multierr"
type multiCore []Core
+var (
+ _ leveledEnabler = multiCore(nil)
+ _ Core = multiCore(nil)
+)
+
// NewTee creates a Core that duplicates log entries into two or more
// underlying Cores.
//
@@ -48,6 +53,16 @@ func (mc multiCore) With(fields []Field) Core {
return clone
}
+func (mc multiCore) Level() Level {
+ minLvl := _maxLevel // mc is never empty
+ for i := range mc {
+ if lvl := LevelOf(mc[i]); lvl < minLvl {
+ minLvl = lvl
+ }
+ }
+ return minLvl
+}
+
func (mc multiCore) Enabled(lvl Level) bool {
for i := range mc {
if mc[i].Enabled(lvl) {
diff --git a/vendor/go.uber.org/zap/zapgrpc/zapgrpc.go b/vendor/go.uber.org/zap/zapgrpc/zapgrpc.go
index 356e12741e..6823773b72 100644
--- a/vendor/go.uber.org/zap/zapgrpc/zapgrpc.go
+++ b/vendor/go.uber.org/zap/zapgrpc/zapgrpc.go
@@ -30,10 +30,10 @@ import (
// See https://github.com/grpc/grpc-go/blob/v1.35.0/grpclog/loggerv2.go#L77-L86
const (
- grpcLvlInfo = 0
- grpcLvlWarn = 1
- grpcLvlError = 2
- grpcLvlFatal = 3
+ grpcLvlInfo int = iota
+ grpcLvlWarn
+ grpcLvlError
+ grpcLvlFatal
)
var (
@@ -61,6 +61,7 @@ func (f optionFunc) apply(log *Logger) {
// WithDebug configures a Logger to print at zap's DebugLevel instead of
// InfoLevel.
// It only affects the Printf, Println and Print methods, which are only used in the gRPC v1 grpclog.Logger API.
+//
// Deprecated: use grpclog.SetLoggerV2() for v2 API.
func WithDebug() Option {
return optionFunc(func(logger *Logger) {
@@ -146,19 +147,22 @@ type Logger struct {
}
// Print implements grpclog.Logger.
-// Deprecated: use Info().
+//
+// Deprecated: use [Logger.Info].
func (l *Logger) Print(args ...interface{}) {
l.print.Print(args...)
}
// Printf implements grpclog.Logger.
-// Deprecated: use Infof().
+//
+// Deprecated: use [Logger.Infof].
func (l *Logger) Printf(format string, args ...interface{}) {
l.print.Printf(format, args...)
}
// Println implements grpclog.Logger.
-// Deprecated: use Info().
+//
+// Deprecated: use [Logger.Info].
func (l *Logger) Println(args ...interface{}) {
l.print.Println(args...)
}
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index c6492020ec..fdcaa974d2 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -584,7 +584,7 @@ ccflags="$@"
$2 ~ /^KEY_(SPEC|REQKEY_DEFL)_/ ||
$2 ~ /^KEYCTL_/ ||
$2 ~ /^PERF_/ ||
- $2 ~ /^SECCOMP_MODE_/ ||
+ $2 ~ /^SECCOMP_/ ||
$2 ~ /^SEEK_/ ||
$2 ~ /^SCHED_/ ||
$2 ~ /^SPLICE_/ ||
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index a5d3ff8df9..36bf8399f4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -1785,6 +1785,8 @@ const (
LANDLOCK_ACCESS_FS_REMOVE_FILE = 0x20
LANDLOCK_ACCESS_FS_TRUNCATE = 0x4000
LANDLOCK_ACCESS_FS_WRITE_FILE = 0x2
+ LANDLOCK_ACCESS_NET_BIND_TCP = 0x1
+ LANDLOCK_ACCESS_NET_CONNECT_TCP = 0x2
LANDLOCK_CREATE_RULESET_VERSION = 0x1
LINUX_REBOOT_CMD_CAD_OFF = 0x0
LINUX_REBOOT_CMD_CAD_ON = 0x89abcdef
@@ -2465,6 +2467,7 @@ const (
PR_MCE_KILL_GET = 0x22
PR_MCE_KILL_LATE = 0x0
PR_MCE_KILL_SET = 0x1
+ PR_MDWE_NO_INHERIT = 0x2
PR_MDWE_REFUSE_EXEC_GAIN = 0x1
PR_MPX_DISABLE_MANAGEMENT = 0x2c
PR_MPX_ENABLE_MANAGEMENT = 0x2b
@@ -2669,8 +2672,9 @@ const (
RTAX_FEATURES = 0xc
RTAX_FEATURE_ALLFRAG = 0x8
RTAX_FEATURE_ECN = 0x1
- RTAX_FEATURE_MASK = 0xf
+ RTAX_FEATURE_MASK = 0x1f
RTAX_FEATURE_SACK = 0x2
+ RTAX_FEATURE_TCP_USEC_TS = 0x10
RTAX_FEATURE_TIMESTAMP = 0x4
RTAX_HOPLIMIT = 0xa
RTAX_INITCWND = 0xb
@@ -2913,9 +2917,38 @@ const (
SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x1d
SC_LOG_FLUSH = 0x100000
+ SECCOMP_ADDFD_FLAG_SEND = 0x2
+ SECCOMP_ADDFD_FLAG_SETFD = 0x1
+ SECCOMP_FILTER_FLAG_LOG = 0x2
+ SECCOMP_FILTER_FLAG_NEW_LISTENER = 0x8
+ SECCOMP_FILTER_FLAG_SPEC_ALLOW = 0x4
+ SECCOMP_FILTER_FLAG_TSYNC = 0x1
+ SECCOMP_FILTER_FLAG_TSYNC_ESRCH = 0x10
+ SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV = 0x20
+ SECCOMP_GET_ACTION_AVAIL = 0x2
+ SECCOMP_GET_NOTIF_SIZES = 0x3
+ SECCOMP_IOCTL_NOTIF_RECV = 0xc0502100
+ SECCOMP_IOCTL_NOTIF_SEND = 0xc0182101
+ SECCOMP_IOC_MAGIC = '!'
SECCOMP_MODE_DISABLED = 0x0
SECCOMP_MODE_FILTER = 0x2
SECCOMP_MODE_STRICT = 0x1
+ SECCOMP_RET_ACTION = 0x7fff0000
+ SECCOMP_RET_ACTION_FULL = 0xffff0000
+ SECCOMP_RET_ALLOW = 0x7fff0000
+ SECCOMP_RET_DATA = 0xffff
+ SECCOMP_RET_ERRNO = 0x50000
+ SECCOMP_RET_KILL = 0x0
+ SECCOMP_RET_KILL_PROCESS = 0x80000000
+ SECCOMP_RET_KILL_THREAD = 0x0
+ SECCOMP_RET_LOG = 0x7ffc0000
+ SECCOMP_RET_TRACE = 0x7ff00000
+ SECCOMP_RET_TRAP = 0x30000
+ SECCOMP_RET_USER_NOTIF = 0x7fc00000
+ SECCOMP_SET_MODE_FILTER = 0x1
+ SECCOMP_SET_MODE_STRICT = 0x0
+ SECCOMP_USER_NOTIF_FD_SYNC_WAKE_UP = 0x1
+ SECCOMP_USER_NOTIF_FLAG_CONTINUE = 0x1
SECRETMEM_MAGIC = 0x5345434d
SECURITYFS_MAGIC = 0x73636673
SEEK_CUR = 0x1
@@ -3075,6 +3108,7 @@ const (
SOL_TIPC = 0x10f
SOL_TLS = 0x11a
SOL_UDP = 0x11
+ SOL_VSOCK = 0x11f
SOL_X25 = 0x106
SOL_XDP = 0x11b
SOMAXCONN = 0x1000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 4920821cf3..42ff8c3c1b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -281,6 +281,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index a0c1e41127..dca436004f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -282,6 +282,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index c63985560f..5cca668ac3 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -288,6 +288,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 47cc62e25c..d8cae6d153 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -278,6 +278,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index 27ac4a09e2..28e39afdcb 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -275,6 +275,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 54694642a5..cd66e92cb4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -281,6 +281,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x80
SIOCATMARK = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 3adb81d758..c1595eba78 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -281,6 +281,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x80
SIOCATMARK = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index 2dfe98f0d1..ee9456b0da 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -281,6 +281,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x80
SIOCATMARK = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index f5398f84f0..8cfca81e1b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -281,6 +281,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x80
SIOCATMARK = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index c54f152d68..60b0deb3af 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -336,6 +336,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index 76057dc72f..f90aa7281b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -340,6 +340,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index e0c3725e2b..ba9e015033 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -340,6 +340,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 18f2813ed5..07cdfd6e9f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -272,6 +272,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 11619d4ec8..2f1dd214a7 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -344,6 +344,9 @@ const (
SCM_TIMESTAMPNS = 0x23
SCM_TXTIME = 0x3d
SCM_WIFI_STATUS = 0x29
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x40082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104
SFD_CLOEXEC = 0x80000
SFD_NONBLOCK = 0x800
SIOCATMARK = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 396d994da7..f40519d901 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -335,6 +335,9 @@ const (
SCM_TIMESTAMPNS = 0x21
SCM_TXTIME = 0x3f
SCM_WIFI_STATUS = 0x25
+ SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103
+ SECCOMP_IOCTL_NOTIF_ID_VALID = 0x80082102
+ SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x80082104
SFD_CLOEXEC = 0x400000
SFD_NONBLOCK = 0x4000
SF_FP = 0x38
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index fcf3ecbdde..0cc3ce496e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -448,4 +448,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index f56dc2504a..856d92d69e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -371,4 +371,7 @@ const (
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 974bf24676..8d467094cf 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -412,4 +412,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index 39a2739e23..edc173244d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -315,4 +315,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
index cf9c9d77e1..445eba2061 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
@@ -309,4 +309,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index 10b7362ef4..adba01bca7 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -432,4 +432,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 4450
SYS_CACHESTAT = 4451
SYS_FCHMODAT2 = 4452
+ SYS_MAP_SHADOW_STACK = 4453
+ SYS_FUTEX_WAKE = 4454
+ SYS_FUTEX_WAIT = 4455
+ SYS_FUTEX_REQUEUE = 4456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index cd4d8b4fd3..014c4e9c7a 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -362,4 +362,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 5450
SYS_CACHESTAT = 5451
SYS_FCHMODAT2 = 5452
+ SYS_MAP_SHADOW_STACK = 5453
+ SYS_FUTEX_WAKE = 5454
+ SYS_FUTEX_WAIT = 5455
+ SYS_FUTEX_REQUEUE = 5456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index 2c0efca818..ccc97d74d0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -362,4 +362,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 5450
SYS_CACHESTAT = 5451
SYS_FCHMODAT2 = 5452
+ SYS_MAP_SHADOW_STACK = 5453
+ SYS_FUTEX_WAKE = 5454
+ SYS_FUTEX_WAIT = 5455
+ SYS_FUTEX_REQUEUE = 5456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index a72e31d391..ec2b64a95d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -432,4 +432,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 4450
SYS_CACHESTAT = 4451
SYS_FCHMODAT2 = 4452
+ SYS_MAP_SHADOW_STACK = 4453
+ SYS_FUTEX_WAKE = 4454
+ SYS_FUTEX_WAIT = 4455
+ SYS_FUTEX_REQUEUE = 4456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index c7d1e37471..21a839e338 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -439,4 +439,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index f4d4838c87..c11121ec3b 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -411,4 +411,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index b64f0e5911..909b631fcb 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -411,4 +411,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index 95711195a0..e49bed16ea 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -316,4 +316,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index f94e943bc4..66017d2d32 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -377,4 +377,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index ba0c2bc515..47bab18dce 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -390,4 +390,8 @@ const (
SYS_SET_MEMPOLICY_HOME_NODE = 450
SYS_CACHESTAT = 451
SYS_FCHMODAT2 = 452
+ SYS_MAP_SHADOW_STACK = 453
+ SYS_FUTEX_WAKE = 454
+ SYS_FUTEX_WAIT = 455
+ SYS_FUTEX_REQUEUE = 456
)
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index bbf8399ff5..dc0c955eec 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -174,7 +174,8 @@ type FscryptPolicyV2 struct {
Contents_encryption_mode uint8
Filenames_encryption_mode uint8
Flags uint8
- _ [4]uint8
+ Log2_data_unit_size uint8
+ _ [3]uint8
Master_key_identifier [16]uint8
}
@@ -455,60 +456,63 @@ type Ucred struct {
}
type TCPInfo struct {
- State uint8
- Ca_state uint8
- Retransmits uint8
- Probes uint8
- Backoff uint8
- Options uint8
- Rto uint32
- Ato uint32
- Snd_mss uint32
- Rcv_mss uint32
- Unacked uint32
- Sacked uint32
- Lost uint32
- Retrans uint32
- Fackets uint32
- Last_data_sent uint32
- Last_ack_sent uint32
- Last_data_recv uint32
- Last_ack_recv uint32
- Pmtu uint32
- Rcv_ssthresh uint32
- Rtt uint32
- Rttvar uint32
- Snd_ssthresh uint32
- Snd_cwnd uint32
- Advmss uint32
- Reordering uint32
- Rcv_rtt uint32
- Rcv_space uint32
- Total_retrans uint32
- Pacing_rate uint64
- Max_pacing_rate uint64
- Bytes_acked uint64
- Bytes_received uint64
- Segs_out uint32
- Segs_in uint32
- Notsent_bytes uint32
- Min_rtt uint32
- Data_segs_in uint32
- Data_segs_out uint32
- Delivery_rate uint64
- Busy_time uint64
- Rwnd_limited uint64
- Sndbuf_limited uint64
- Delivered uint32
- Delivered_ce uint32
- Bytes_sent uint64
- Bytes_retrans uint64
- Dsack_dups uint32
- Reord_seen uint32
- Rcv_ooopack uint32
- Snd_wnd uint32
- Rcv_wnd uint32
- Rehash uint32
+ State uint8
+ Ca_state uint8
+ Retransmits uint8
+ Probes uint8
+ Backoff uint8
+ Options uint8
+ Rto uint32
+ Ato uint32
+ Snd_mss uint32
+ Rcv_mss uint32
+ Unacked uint32
+ Sacked uint32
+ Lost uint32
+ Retrans uint32
+ Fackets uint32
+ Last_data_sent uint32
+ Last_ack_sent uint32
+ Last_data_recv uint32
+ Last_ack_recv uint32
+ Pmtu uint32
+ Rcv_ssthresh uint32
+ Rtt uint32
+ Rttvar uint32
+ Snd_ssthresh uint32
+ Snd_cwnd uint32
+ Advmss uint32
+ Reordering uint32
+ Rcv_rtt uint32
+ Rcv_space uint32
+ Total_retrans uint32
+ Pacing_rate uint64
+ Max_pacing_rate uint64
+ Bytes_acked uint64
+ Bytes_received uint64
+ Segs_out uint32
+ Segs_in uint32
+ Notsent_bytes uint32
+ Min_rtt uint32
+ Data_segs_in uint32
+ Data_segs_out uint32
+ Delivery_rate uint64
+ Busy_time uint64
+ Rwnd_limited uint64
+ Sndbuf_limited uint64
+ Delivered uint32
+ Delivered_ce uint32
+ Bytes_sent uint64
+ Bytes_retrans uint64
+ Dsack_dups uint32
+ Reord_seen uint32
+ Rcv_ooopack uint32
+ Snd_wnd uint32
+ Rcv_wnd uint32
+ Rehash uint32
+ Total_rto uint16
+ Total_rto_recoveries uint16
+ Total_rto_time uint32
}
type CanFilter struct {
@@ -551,7 +555,7 @@ const (
SizeofIPv6MTUInfo = 0x20
SizeofICMPv6Filter = 0x20
SizeofUcred = 0xc
- SizeofTCPInfo = 0xf0
+ SizeofTCPInfo = 0xf8
SizeofCanFilter = 0x8
SizeofTCPRepairOpt = 0x8
)
@@ -3399,7 +3403,7 @@ const (
DEVLINK_PORT_FN_ATTR_STATE = 0x2
DEVLINK_PORT_FN_ATTR_OPSTATE = 0x3
DEVLINK_PORT_FN_ATTR_CAPS = 0x4
- DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x4
+ DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x5
)
type FsverityDigest struct {
@@ -4183,7 +4187,8 @@ const (
)
type LandlockRulesetAttr struct {
- Access_fs uint64
+ Access_fs uint64
+ Access_net uint64
}
type LandlockPathBeneathAttr struct {
@@ -5134,7 +5139,7 @@ const (
NL80211_FREQUENCY_ATTR_GO_CONCURRENT = 0xf
NL80211_FREQUENCY_ATTR_INDOOR_ONLY = 0xe
NL80211_FREQUENCY_ATTR_IR_CONCURRENT = 0xf
- NL80211_FREQUENCY_ATTR_MAX = 0x1b
+ NL80211_FREQUENCY_ATTR_MAX = 0x1c
NL80211_FREQUENCY_ATTR_MAX_TX_POWER = 0x6
NL80211_FREQUENCY_ATTR_NO_10MHZ = 0x11
NL80211_FREQUENCY_ATTR_NO_160MHZ = 0xc
@@ -5547,7 +5552,7 @@ const (
NL80211_REGDOM_TYPE_CUSTOM_WORLD = 0x2
NL80211_REGDOM_TYPE_INTERSECTION = 0x3
NL80211_REGDOM_TYPE_WORLD = 0x1
- NL80211_REG_RULE_ATTR_MAX = 0x7
+ NL80211_REG_RULE_ATTR_MAX = 0x8
NL80211_REKEY_DATA_AKM = 0x4
NL80211_REKEY_DATA_KCK = 0x2
NL80211_REKEY_DATA_KEK = 0x1
diff --git a/vendor/golang.org/x/sys/windows/env_windows.go b/vendor/golang.org/x/sys/windows/env_windows.go
index b8ad192506..d4577a4238 100644
--- a/vendor/golang.org/x/sys/windows/env_windows.go
+++ b/vendor/golang.org/x/sys/windows/env_windows.go
@@ -37,14 +37,17 @@ func (token Token) Environ(inheritExisting bool) (env []string, err error) {
return nil, err
}
defer DestroyEnvironmentBlock(block)
- blockp := unsafe.Pointer(block)
- for {
- entry := UTF16PtrToString((*uint16)(blockp))
- if len(entry) == 0 {
- break
+ size := unsafe.Sizeof(*block)
+ for *block != 0 {
+ // find NUL terminator
+ end := unsafe.Pointer(block)
+ for *(*uint16)(end) != 0 {
+ end = unsafe.Add(end, size)
}
- env = append(env, entry)
- blockp = unsafe.Add(blockp, 2*(len(entry)+1))
+
+ entry := unsafe.Slice(block, (uintptr(end)-uintptr(unsafe.Pointer(block)))/size)
+ env = append(env, UTF16ToString(entry))
+ block = (*uint16)(unsafe.Add(end, size))
}
return env, nil
}
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index ffb8708ccf..6395a031d4 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -125,8 +125,7 @@ func UTF16PtrToString(p *uint16) string {
for ptr := unsafe.Pointer(p); *(*uint16)(ptr) != 0; n++ {
ptr = unsafe.Pointer(uintptr(ptr) + unsafe.Sizeof(*p))
}
-
- return string(utf16.Decode(unsafe.Slice(p, n)))
+ return UTF16ToString(unsafe.Slice(p, n))
}
func Getpagesize() int { return 4096 }
diff --git a/vendor/google.golang.org/genproto/googleapis/api/annotations/client.pb.go b/vendor/google.golang.org/genproto/googleapis/api/annotations/client.pb.go
index 83774fbcbe..d5dccb9337 100644
--- a/vendor/google.golang.org/genproto/googleapis/api/annotations/client.pb.go
+++ b/vendor/google.golang.org/genproto/googleapis/api/annotations/client.pb.go
@@ -15,7 +15,7 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.26.0
-// protoc v3.21.12
+// protoc v4.24.4
// source: google/api/client.proto
package annotations
@@ -1033,6 +1033,18 @@ type MethodSettings struct {
// total_poll_timeout:
// seconds: 54000 # 90 minutes
LongRunning *MethodSettings_LongRunning `protobuf:"bytes,2,opt,name=long_running,json=longRunning,proto3" json:"long_running,omitempty"`
+ // List of top-level fields of the request message, that should be
+ // automatically populated by the client libraries based on their
+ // (google.api.field_info).format. Currently supported format: UUID4.
+ //
+ // Example of a YAML configuration:
+ //
+ // publishing:
+ // method_settings:
+ // - selector: google.example.v1.ExampleService.CreateExample
+ // auto_populated_fields:
+ // - request_id
+ AutoPopulatedFields []string `protobuf:"bytes,3,rep,name=auto_populated_fields,json=autoPopulatedFields,proto3" json:"auto_populated_fields,omitempty"`
}
func (x *MethodSettings) Reset() {
@@ -1081,6 +1093,13 @@ func (x *MethodSettings) GetLongRunning() *MethodSettings_LongRunning {
return nil
}
+func (x *MethodSettings) GetAutoPopulatedFields() []string {
+ if x != nil {
+ return x.AutoPopulatedFields
+ }
+ return nil
+}
+
// Describes settings to use when generating API methods that use the
// long-running operation pattern.
// All default values below are from those used in the client library
@@ -1452,69 +1471,73 @@ var file_google_api_client_proto_rawDesc = []byte{
0x6d, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x4c, 0x61, 0x6e,
0x67, 0x75, 0x61, 0x67, 0x65, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x52, 0x06, 0x63,
- 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x22, 0x8e, 0x03, 0x0a, 0x0e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64,
+ 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x22, 0xc2, 0x03, 0x0a, 0x0e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64,
0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x65, 0x6c, 0x65,
0x63, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x65, 0x6c, 0x65,
0x63, 0x74, 0x6f, 0x72, 0x12, 0x49, 0x0a, 0x0c, 0x6c, 0x6f, 0x6e, 0x67, 0x5f, 0x72, 0x75, 0x6e,
0x6e, 0x69, 0x6e, 0x67, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x53, 0x65,
0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x2e, 0x4c, 0x6f, 0x6e, 0x67, 0x52, 0x75, 0x6e, 0x6e, 0x69,
- 0x6e, 0x67, 0x52, 0x0b, 0x6c, 0x6f, 0x6e, 0x67, 0x52, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x1a,
- 0x94, 0x02, 0x0a, 0x0b, 0x4c, 0x6f, 0x6e, 0x67, 0x52, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x12,
- 0x47, 0x0a, 0x12, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x70, 0x6f, 0x6c, 0x6c, 0x5f,
- 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f,
- 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75,
- 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x50,
- 0x6f, 0x6c, 0x6c, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x32, 0x0a, 0x15, 0x70, 0x6f, 0x6c, 0x6c,
- 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x69, 0x65,
- 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x02, 0x52, 0x13, 0x70, 0x6f, 0x6c, 0x6c, 0x44, 0x65, 0x6c,
- 0x61, 0x79, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x69, 0x65, 0x72, 0x12, 0x3f, 0x0a, 0x0e,
- 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x6f, 0x6c, 0x6c, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x03,
- 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
- 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52,
- 0x0c, 0x6d, 0x61, 0x78, 0x50, 0x6f, 0x6c, 0x6c, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x47, 0x0a,
- 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x70, 0x6f, 0x6c, 0x6c, 0x5f, 0x74, 0x69, 0x6d, 0x65,
- 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
- 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
- 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x50, 0x6f, 0x6c, 0x6c, 0x54,
- 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x2a, 0xa3, 0x01, 0x0a, 0x19, 0x43, 0x6c, 0x69, 0x65, 0x6e,
- 0x74, 0x4c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x4f, 0x72, 0x67, 0x61, 0x6e, 0x69, 0x7a, 0x61,
- 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2b, 0x0a, 0x27, 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x4c,
- 0x49, 0x42, 0x52, 0x41, 0x52, 0x59, 0x5f, 0x4f, 0x52, 0x47, 0x41, 0x4e, 0x49, 0x5a, 0x41, 0x54,
- 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10,
- 0x00, 0x12, 0x09, 0x0a, 0x05, 0x43, 0x4c, 0x4f, 0x55, 0x44, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03,
- 0x41, 0x44, 0x53, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x50, 0x48, 0x4f, 0x54, 0x4f, 0x53, 0x10,
- 0x03, 0x12, 0x0f, 0x0a, 0x0b, 0x53, 0x54, 0x52, 0x45, 0x45, 0x54, 0x5f, 0x56, 0x49, 0x45, 0x57,
- 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x4f, 0x50, 0x50, 0x49, 0x4e, 0x47, 0x10, 0x05,
- 0x12, 0x07, 0x0a, 0x03, 0x47, 0x45, 0x4f, 0x10, 0x06, 0x12, 0x11, 0x0a, 0x0d, 0x47, 0x45, 0x4e,
- 0x45, 0x52, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x41, 0x49, 0x10, 0x07, 0x2a, 0x67, 0x0a, 0x18,
- 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x44, 0x65, 0x73,
- 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2a, 0x0a, 0x26, 0x43, 0x4c, 0x49, 0x45,
- 0x4e, 0x54, 0x5f, 0x4c, 0x49, 0x42, 0x52, 0x41, 0x52, 0x59, 0x5f, 0x44, 0x45, 0x53, 0x54, 0x49,
- 0x4e, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49,
- 0x45, 0x44, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x47, 0x49, 0x54, 0x48, 0x55, 0x42, 0x10, 0x0a,
- 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x41, 0x43, 0x4b, 0x41, 0x47, 0x45, 0x5f, 0x4d, 0x41, 0x4e, 0x41,
- 0x47, 0x45, 0x52, 0x10, 0x14, 0x3a, 0x4a, 0x0a, 0x10, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f,
- 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x12, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
- 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68,
- 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x9b, 0x08, 0x20, 0x03, 0x28, 0x09,
- 0x52, 0x0f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72,
- 0x65, 0x3a, 0x43, 0x0a, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x68, 0x6f, 0x73,
- 0x74, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
- 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f,
- 0x6e, 0x73, 0x18, 0x99, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x66, 0x61, 0x75,
- 0x6c, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x3a, 0x43, 0x0a, 0x0c, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x5f,
- 0x73, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
- 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
- 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x9a, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
- 0x6f, 0x61, 0x75, 0x74, 0x68, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x42, 0x69, 0x0a, 0x0e, 0x63,
- 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x0b, 0x43,
- 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x41, 0x67, 0x6f,
- 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f,
- 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
- 0x70, 0x69, 0x73, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
- 0x6f, 0x6e, 0x73, 0x3b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0xa2,
- 0x02, 0x04, 0x47, 0x41, 0x50, 0x49, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+ 0x6e, 0x67, 0x52, 0x0b, 0x6c, 0x6f, 0x6e, 0x67, 0x52, 0x75, 0x6e, 0x6e, 0x69, 0x6e, 0x67, 0x12,
+ 0x32, 0x0a, 0x15, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x70, 0x6f, 0x70, 0x75, 0x6c, 0x61, 0x74, 0x65,
+ 0x64, 0x5f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x13,
+ 0x61, 0x75, 0x74, 0x6f, 0x50, 0x6f, 0x70, 0x75, 0x6c, 0x61, 0x74, 0x65, 0x64, 0x46, 0x69, 0x65,
+ 0x6c, 0x64, 0x73, 0x1a, 0x94, 0x02, 0x0a, 0x0b, 0x4c, 0x6f, 0x6e, 0x67, 0x52, 0x75, 0x6e, 0x6e,
+ 0x69, 0x6e, 0x67, 0x12, 0x47, 0x0a, 0x12, 0x69, 0x6e, 0x69, 0x74, 0x69, 0x61, 0x6c, 0x5f, 0x70,
+ 0x6f, 0x6c, 0x6c, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32,
+ 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
+ 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x69, 0x6e, 0x69, 0x74,
+ 0x69, 0x61, 0x6c, 0x50, 0x6f, 0x6c, 0x6c, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x12, 0x32, 0x0a, 0x15,
+ 0x70, 0x6f, 0x6c, 0x6c, 0x5f, 0x64, 0x65, 0x6c, 0x61, 0x79, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69,
+ 0x70, 0x6c, 0x69, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x02, 0x52, 0x13, 0x70, 0x6f, 0x6c,
+ 0x6c, 0x44, 0x65, 0x6c, 0x61, 0x79, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x69, 0x65, 0x72,
+ 0x12, 0x3f, 0x0a, 0x0e, 0x6d, 0x61, 0x78, 0x5f, 0x70, 0x6f, 0x6c, 0x6c, 0x5f, 0x64, 0x65, 0x6c,
+ 0x61, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+ 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61, 0x74,
+ 0x69, 0x6f, 0x6e, 0x52, 0x0c, 0x6d, 0x61, 0x78, 0x50, 0x6f, 0x6c, 0x6c, 0x44, 0x65, 0x6c, 0x61,
+ 0x79, 0x12, 0x47, 0x0a, 0x12, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x70, 0x6f, 0x6c, 0x6c, 0x5f,
+ 0x74, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e,
+ 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+ 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x10, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x50,
+ 0x6f, 0x6c, 0x6c, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x2a, 0xa3, 0x01, 0x0a, 0x19, 0x43,
+ 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4c, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x4f, 0x72, 0x67, 0x61,
+ 0x6e, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2b, 0x0a, 0x27, 0x43, 0x4c, 0x49, 0x45,
+ 0x4e, 0x54, 0x5f, 0x4c, 0x49, 0x42, 0x52, 0x41, 0x52, 0x59, 0x5f, 0x4f, 0x52, 0x47, 0x41, 0x4e,
+ 0x49, 0x5a, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
+ 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x43, 0x4c, 0x4f, 0x55, 0x44, 0x10, 0x01,
+ 0x12, 0x07, 0x0a, 0x03, 0x41, 0x44, 0x53, 0x10, 0x02, 0x12, 0x0a, 0x0a, 0x06, 0x50, 0x48, 0x4f,
+ 0x54, 0x4f, 0x53, 0x10, 0x03, 0x12, 0x0f, 0x0a, 0x0b, 0x53, 0x54, 0x52, 0x45, 0x45, 0x54, 0x5f,
+ 0x56, 0x49, 0x45, 0x57, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x4f, 0x50, 0x50, 0x49,
+ 0x4e, 0x47, 0x10, 0x05, 0x12, 0x07, 0x0a, 0x03, 0x47, 0x45, 0x4f, 0x10, 0x06, 0x12, 0x11, 0x0a,
+ 0x0d, 0x47, 0x45, 0x4e, 0x45, 0x52, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x41, 0x49, 0x10, 0x07,
+ 0x2a, 0x67, 0x0a, 0x18, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x4c, 0x69, 0x62, 0x72, 0x61, 0x72,
+ 0x79, 0x44, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2a, 0x0a, 0x26,
+ 0x43, 0x4c, 0x49, 0x45, 0x4e, 0x54, 0x5f, 0x4c, 0x49, 0x42, 0x52, 0x41, 0x52, 0x59, 0x5f, 0x44,
+ 0x45, 0x53, 0x54, 0x49, 0x4e, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45,
+ 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x47, 0x49, 0x54, 0x48,
+ 0x55, 0x42, 0x10, 0x0a, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x41, 0x43, 0x4b, 0x41, 0x47, 0x45, 0x5f,
+ 0x4d, 0x41, 0x4e, 0x41, 0x47, 0x45, 0x52, 0x10, 0x14, 0x3a, 0x4a, 0x0a, 0x10, 0x6d, 0x65, 0x74,
+ 0x68, 0x6f, 0x64, 0x5f, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x12, 0x1e, 0x2e,
+ 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+ 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x9b, 0x08,
+ 0x20, 0x03, 0x28, 0x09, 0x52, 0x0f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x53, 0x69, 0x67, 0x6e,
+ 0x61, 0x74, 0x75, 0x72, 0x65, 0x3a, 0x43, 0x0a, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+ 0x5f, 0x68, 0x6f, 0x73, 0x74, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+ 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f,
+ 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x99, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64,
+ 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x3a, 0x43, 0x0a, 0x0c, 0x6f, 0x61,
+ 0x75, 0x74, 0x68, 0x5f, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x12, 0x1f, 0x2e, 0x67, 0x6f, 0x6f,
+ 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72,
+ 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x9a, 0x08, 0x20, 0x01,
+ 0x28, 0x09, 0x52, 0x0b, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x42,
+ 0x69, 0x0a, 0x0e, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70,
+ 0x69, 0x42, 0x0b, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01,
+ 0x5a, 0x41, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e,
+ 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f,
+ 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f,
+ 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x3b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
+ 0x6f, 0x6e, 0x73, 0xa2, 0x02, 0x04, 0x47, 0x41, 0x50, 0x49, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+ 0x6f, 0x33,
}
var (
diff --git a/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go b/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
index e9e97d4511..856c75dd4e 100644
--- a/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
+++ b/vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go
@@ -18,8 +18,8 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
-// protoc-gen-go v1.31.0
-// protoc v4.22.0
+// protoc-gen-go v1.32.0
+// protoc v4.25.2
// source: grpc/binlog/v1/binarylog.proto
package grpc_binarylog_v1
diff --git a/vendor/google.golang.org/grpc/encoding/proto/proto.go b/vendor/google.golang.org/grpc/encoding/proto/proto.go
index 0ee3d3bae9..66d5cdf03e 100644
--- a/vendor/google.golang.org/grpc/encoding/proto/proto.go
+++ b/vendor/google.golang.org/grpc/encoding/proto/proto.go
@@ -23,8 +23,9 @@ package proto
import (
"fmt"
- "github.com/golang/protobuf/proto"
"google.golang.org/grpc/encoding"
+ "google.golang.org/protobuf/proto"
+ "google.golang.org/protobuf/protoadapt"
)
// Name is the name registered for the proto compressor.
@@ -38,21 +39,34 @@ func init() {
type codec struct{}
func (codec) Marshal(v any) ([]byte, error) {
- vv, ok := v.(proto.Message)
- if !ok {
+ vv := messageV2Of(v)
+ if vv == nil {
return nil, fmt.Errorf("failed to marshal, message is %T, want proto.Message", v)
}
+
return proto.Marshal(vv)
}
func (codec) Unmarshal(data []byte, v any) error {
- vv, ok := v.(proto.Message)
- if !ok {
+ vv := messageV2Of(v)
+ if vv == nil {
return fmt.Errorf("failed to unmarshal, message is %T, want proto.Message", v)
}
+
return proto.Unmarshal(data, vv)
}
+func messageV2Of(v any) proto.Message {
+ switch v := v.(type) {
+ case protoadapt.MessageV1:
+ return protoadapt.MessageV2Of(v)
+ case protoadapt.MessageV2:
+ return v
+ }
+
+ return nil
+}
+
func (codec) Name() string {
return Name
}
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
index 24299efd63..5bf880d419 100644
--- a/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go
@@ -17,8 +17,8 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
-// protoc-gen-go v1.31.0
-// protoc v4.22.0
+// protoc-gen-go v1.32.0
+// protoc v4.25.2
// source: grpc/health/v1/health.proto
package grpc_health_v1
diff --git a/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go b/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go
index 4439cda0f3..4c46c098dc 100644
--- a/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go
+++ b/vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go
@@ -18,7 +18,7 @@
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
// versions:
// - protoc-gen-go-grpc v1.3.0
-// - protoc v4.22.0
+// - protoc v4.25.2
// source: grpc/health/v1/health.proto
package grpc_health_v1
diff --git a/vendor/google.golang.org/grpc/internal/binarylog/method_logger.go b/vendor/google.golang.org/grpc/internal/binarylog/method_logger.go
index 0f31274a3c..e8456a77c2 100644
--- a/vendor/google.golang.org/grpc/internal/binarylog/method_logger.go
+++ b/vendor/google.golang.org/grpc/internal/binarylog/method_logger.go
@@ -25,11 +25,12 @@ import (
"sync/atomic"
"time"
- "github.com/golang/protobuf/proto"
- "github.com/golang/protobuf/ptypes"
binlogpb "google.golang.org/grpc/binarylog/grpc_binarylog_v1"
"google.golang.org/grpc/metadata"
"google.golang.org/grpc/status"
+ "google.golang.org/protobuf/proto"
+ "google.golang.org/protobuf/types/known/durationpb"
+ "google.golang.org/protobuf/types/known/timestamppb"
)
type callIDGenerator struct {
@@ -88,7 +89,7 @@ func NewTruncatingMethodLogger(h, m uint64) *TruncatingMethodLogger {
// in TruncatingMethodLogger as possible.
func (ml *TruncatingMethodLogger) Build(c LogEntryConfig) *binlogpb.GrpcLogEntry {
m := c.toProto()
- timestamp, _ := ptypes.TimestampProto(time.Now())
+ timestamp := timestamppb.Now()
m.Timestamp = timestamp
m.CallId = ml.callID
m.SequenceIdWithinCall = ml.idWithinCallGen.next()
@@ -178,7 +179,7 @@ func (c *ClientHeader) toProto() *binlogpb.GrpcLogEntry {
Authority: c.Authority,
}
if c.Timeout > 0 {
- clientHeader.Timeout = ptypes.DurationProto(c.Timeout)
+ clientHeader.Timeout = durationpb.New(c.Timeout)
}
ret := &binlogpb.GrpcLogEntry{
Type: binlogpb.GrpcLogEntry_EVENT_TYPE_CLIENT_HEADER,
diff --git a/vendor/google.golang.org/grpc/internal/binarylog/sink.go b/vendor/google.golang.org/grpc/internal/binarylog/sink.go
index 264de387c2..9ea598b14c 100644
--- a/vendor/google.golang.org/grpc/internal/binarylog/sink.go
+++ b/vendor/google.golang.org/grpc/internal/binarylog/sink.go
@@ -25,8 +25,8 @@ import (
"sync"
"time"
- "github.com/golang/protobuf/proto"
binlogpb "google.golang.org/grpc/binarylog/grpc_binarylog_v1"
+ "google.golang.org/protobuf/proto"
)
var (
diff --git a/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand.go b/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand.go
index aa97273e7d..0126d6b510 100644
--- a/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand.go
+++ b/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand.go
@@ -1,3 +1,8 @@
+//go:build !go1.21
+
+// TODO: when this file is deleted (after Go 1.20 support is dropped), delete
+// all of grpcrand and call the rand package directly.
+
/*
*
* Copyright 2018 gRPC authors.
diff --git a/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand_go1.21.go b/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand_go1.21.go
new file mode 100644
index 0000000000..c37299af1e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/internal/grpcrand/grpcrand_go1.21.go
@@ -0,0 +1,73 @@
+//go:build go1.21
+
+/*
+ *
+ * Copyright 2024 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+// Package grpcrand implements math/rand functions in a concurrent-safe way
+// with a global random source, independent of math/rand's global source.
+package grpcrand
+
+import "math/rand"
+
+// This implementation will be used for Go version 1.21 or newer.
+// For older versions, the original implementation with mutex will be used.
+
+// Int implements rand.Int on the grpcrand global source.
+func Int() int {
+ return rand.Int()
+}
+
+// Int63n implements rand.Int63n on the grpcrand global source.
+func Int63n(n int64) int64 {
+ return rand.Int63n(n)
+}
+
+// Intn implements rand.Intn on the grpcrand global source.
+func Intn(n int) int {
+ return rand.Intn(n)
+}
+
+// Int31n implements rand.Int31n on the grpcrand global source.
+func Int31n(n int32) int32 {
+ return rand.Int31n(n)
+}
+
+// Float64 implements rand.Float64 on the grpcrand global source.
+func Float64() float64 {
+ return rand.Float64()
+}
+
+// Uint64 implements rand.Uint64 on the grpcrand global source.
+func Uint64() uint64 {
+ return rand.Uint64()
+}
+
+// Uint32 implements rand.Uint32 on the grpcrand global source.
+func Uint32() uint32 {
+ return rand.Uint32()
+}
+
+// ExpFloat64 implements rand.ExpFloat64 on the grpcrand global source.
+func ExpFloat64() float64 {
+ return rand.ExpFloat64()
+}
+
+// Shuffle implements rand.Shuffle on the grpcrand global source.
+var Shuffle = func(n int, f func(int, int)) {
+ rand.Shuffle(n, f)
+}
diff --git a/vendor/google.golang.org/grpc/internal/pretty/pretty.go b/vendor/google.golang.org/grpc/internal/pretty/pretty.go
index 7033191375..52cfab1b93 100644
--- a/vendor/google.golang.org/grpc/internal/pretty/pretty.go
+++ b/vendor/google.golang.org/grpc/internal/pretty/pretty.go
@@ -24,7 +24,6 @@ import (
"encoding/json"
"fmt"
- "github.com/golang/protobuf/jsonpb"
protov1 "github.com/golang/protobuf/proto"
"google.golang.org/protobuf/encoding/protojson"
protov2 "google.golang.org/protobuf/proto"
@@ -38,15 +37,15 @@ const jsonIndent = " "
func ToJSON(e any) string {
switch ee := e.(type) {
case protov1.Message:
- mm := jsonpb.Marshaler{Indent: jsonIndent}
- ret, err := mm.MarshalToString(ee)
+ mm := protojson.MarshalOptions{Indent: jsonIndent}
+ ret, err := mm.Marshal(protov1.MessageV2(ee))
if err != nil {
// This may fail for proto.Anys, e.g. for xDS v2, LDS, the v2
// messages are not imported, and this will fail because the message
// is not found.
return fmt.Sprintf("%+v", ee)
}
- return ret
+ return string(ret)
case protov2.Message:
mm := protojson.MarshalOptions{
Multiline: true,
diff --git a/vendor/google.golang.org/grpc/internal/status/status.go b/vendor/google.golang.org/grpc/internal/status/status.go
index 03ef2fedd5..c7dbc82059 100644
--- a/vendor/google.golang.org/grpc/internal/status/status.go
+++ b/vendor/google.golang.org/grpc/internal/status/status.go
@@ -31,10 +31,11 @@ import (
"errors"
"fmt"
- "github.com/golang/protobuf/proto"
- "github.com/golang/protobuf/ptypes"
spb "google.golang.org/genproto/googleapis/rpc/status"
"google.golang.org/grpc/codes"
+ "google.golang.org/protobuf/proto"
+ "google.golang.org/protobuf/protoadapt"
+ "google.golang.org/protobuf/types/known/anypb"
)
// Status represents an RPC status code, message, and details. It is immutable
@@ -130,14 +131,14 @@ func (s *Status) Err() error {
// WithDetails returns a new status with the provided details messages appended to the status.
// If any errors are encountered, it returns nil and the first error encountered.
-func (s *Status) WithDetails(details ...proto.Message) (*Status, error) {
+func (s *Status) WithDetails(details ...protoadapt.MessageV1) (*Status, error) {
if s.Code() == codes.OK {
return nil, errors.New("no error details for status with code OK")
}
// s.Code() != OK implies that s.Proto() != nil.
p := s.Proto()
for _, detail := range details {
- any, err := ptypes.MarshalAny(detail)
+ any, err := anypb.New(protoadapt.MessageV2Of(detail))
if err != nil {
return nil, err
}
@@ -154,12 +155,12 @@ func (s *Status) Details() []any {
}
details := make([]any, 0, len(s.s.Details))
for _, any := range s.s.Details {
- detail := &ptypes.DynamicAny{}
- if err := ptypes.UnmarshalAny(any, detail); err != nil {
+ detail, err := any.UnmarshalNew()
+ if err != nil {
details = append(details, err)
continue
}
- details = append(details, detail.Message)
+ details = append(details, detail)
}
return details
}
diff --git a/vendor/google.golang.org/grpc/internal/transport/controlbuf.go b/vendor/google.golang.org/grpc/internal/transport/controlbuf.go
index b330ccedc8..83c3829826 100644
--- a/vendor/google.golang.org/grpc/internal/transport/controlbuf.go
+++ b/vendor/google.golang.org/grpc/internal/transport/controlbuf.go
@@ -535,8 +535,8 @@ const minBatchSize = 1000
// size is too low to give stream goroutines a chance to fill it up.
//
// Upon exiting, if the error causing the exit is not an I/O error, run()
-// flushes and closes the underlying connection. Otherwise, the connection is
-// left open to allow the I/O error to be encountered by the reader instead.
+// flushes the underlying connection. The connection is always left open to
+// allow different closing behavior on the client and server.
func (l *loopyWriter) run() (err error) {
defer func() {
if l.logger.V(logLevel) {
@@ -544,7 +544,6 @@ func (l *loopyWriter) run() (err error) {
}
if !isIOError(err) {
l.framer.writer.Flush()
- l.conn.Close()
}
l.cbuf.finish()
}()
diff --git a/vendor/google.golang.org/grpc/internal/transport/handler_server.go b/vendor/google.golang.org/grpc/internal/transport/handler_server.go
index a9d70e2a16..bd39ff9a22 100644
--- a/vendor/google.golang.org/grpc/internal/transport/handler_server.go
+++ b/vendor/google.golang.org/grpc/internal/transport/handler_server.go
@@ -35,7 +35,6 @@ import (
"sync"
"time"
- "github.com/golang/protobuf/proto"
"golang.org/x/net/http2"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
@@ -45,6 +44,7 @@ import (
"google.golang.org/grpc/peer"
"google.golang.org/grpc/stats"
"google.golang.org/grpc/status"
+ "google.golang.org/protobuf/proto"
)
// NewServerHandlerTransport returns a ServerTransport handling gRPC from
diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_client.go b/vendor/google.golang.org/grpc/internal/transport/http2_client.go
index c33ac5961b..eff8799640 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http2_client.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http2_client.go
@@ -451,7 +451,13 @@ func newHTTP2Client(connectCtx, ctx context.Context, addr resolver.Address, opts
}
go func() {
t.loopy = newLoopyWriter(clientSide, t.framer, t.controlBuf, t.bdpEst, t.conn, t.logger)
- t.loopy.run()
+ if err := t.loopy.run(); !isIOError(err) {
+ // Immediately close the connection, as the loopy writer returns
+ // when there are no more active streams and we were draining (the
+ // server sent a GOAWAY). For I/O errors, the reader will hit it
+ // after draining any remaining incoming data.
+ t.conn.Close()
+ }
close(t.writerDone)
}()
return t, nil
diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_server.go b/vendor/google.golang.org/grpc/internal/transport/http2_server.go
index f6bac0e8a0..3839c1ade2 100644
--- a/vendor/google.golang.org/grpc/internal/transport/http2_server.go
+++ b/vendor/google.golang.org/grpc/internal/transport/http2_server.go
@@ -32,13 +32,13 @@ import (
"sync/atomic"
"time"
- "github.com/golang/protobuf/proto"
"golang.org/x/net/http2"
"golang.org/x/net/http2/hpack"
"google.golang.org/grpc/internal/grpclog"
"google.golang.org/grpc/internal/grpcutil"
"google.golang.org/grpc/internal/pretty"
"google.golang.org/grpc/internal/syscall"
+ "google.golang.org/protobuf/proto"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
@@ -322,8 +322,24 @@ func NewServerTransport(conn net.Conn, config *ServerConfig) (_ ServerTransport,
go func() {
t.loopy = newLoopyWriter(serverSide, t.framer, t.controlBuf, t.bdpEst, t.conn, t.logger)
t.loopy.ssGoAwayHandler = t.outgoingGoAwayHandler
- t.loopy.run()
+ err := t.loopy.run()
close(t.loopyWriterDone)
+ if !isIOError(err) {
+ // Close the connection if a non-I/O error occurs (for I/O errors
+ // the reader will also encounter the error and close). Wait 1
+ // second before closing the connection, or when the reader is done
+ // (i.e. the client already closed the connection or a connection
+ // error occurred). This avoids the potential problem where there
+ // is unread data on the receive side of the connection, which, if
+ // closed, would lead to a TCP RST instead of FIN, and the client
+ // encountering errors. For more info:
+ // https://github.com/grpc/grpc-go/issues/5358
+ select {
+ case <-t.readerDone:
+ case <-time.After(time.Second):
+ }
+ t.conn.Close()
+ }
}()
go t.keepalive()
return t, nil
@@ -609,8 +625,8 @@ func (t *http2Server) operateHeaders(ctx context.Context, frame *http2.MetaHeade
// traceCtx attaches trace to ctx and returns the new context.
func (t *http2Server) HandleStreams(ctx context.Context, handle func(*Stream)) {
defer func() {
- <-t.loopyWriterDone
close(t.readerDone)
+ <-t.loopyWriterDone
}()
for {
t.controlBuf.throttle()
@@ -636,10 +652,6 @@ func (t *http2Server) HandleStreams(ctx context.Context, handle func(*Stream)) {
}
continue
}
- if err == io.EOF || err == io.ErrUnexpectedEOF {
- t.Close(err)
- return
- }
t.Close(err)
return
}
@@ -1329,6 +1341,7 @@ func (t *http2Server) outgoingGoAwayHandler(g *goAway) (bool, error) {
if err := t.framer.fr.WriteGoAway(sid, g.code, g.debugData); err != nil {
return false, err
}
+ t.framer.writer.Flush()
if retErr != nil {
return false, retErr
}
@@ -1349,7 +1362,7 @@ func (t *http2Server) outgoingGoAwayHandler(g *goAway) (bool, error) {
return false, err
}
go func() {
- timer := time.NewTimer(time.Minute)
+ timer := time.NewTimer(5 * time.Second)
defer timer.Stop()
select {
case <-t.drainEvent.Done():
diff --git a/vendor/google.golang.org/grpc/rpc_util.go b/vendor/google.golang.org/grpc/rpc_util.go
index a4b6bc6873..d17ede0fa4 100644
--- a/vendor/google.golang.org/grpc/rpc_util.go
+++ b/vendor/google.golang.org/grpc/rpc_util.go
@@ -189,6 +189,20 @@ type EmptyCallOption struct{}
func (EmptyCallOption) before(*callInfo) error { return nil }
func (EmptyCallOption) after(*callInfo, *csAttempt) {}
+// StaticMethod returns a CallOption which specifies that a call is being made
+// to a method that is static, which means the method is known at compile time
+// and doesn't change at runtime. This can be used as a signal to stats plugins
+// that this method is safe to include as a key to a measurement.
+func StaticMethod() CallOption {
+ return StaticMethodCallOption{}
+}
+
+// StaticMethodCallOption is a CallOption that specifies that a call comes
+// from a static method.
+type StaticMethodCallOption struct {
+ EmptyCallOption
+}
+
// Header returns a CallOptions that retrieves the header metadata
// for a unary RPC.
func Header(md *metadata.MD) CallOption {
@@ -958,6 +972,7 @@ const (
SupportPackageIsVersion5 = true
SupportPackageIsVersion6 = true
SupportPackageIsVersion7 = true
+ SupportPackageIsVersion8 = true
)
const grpcUA = "grpc-go/" + Version
diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go
index e89c5ac613..0bf5c78b0d 100644
--- a/vendor/google.golang.org/grpc/server.go
+++ b/vendor/google.golang.org/grpc/server.go
@@ -33,8 +33,6 @@ import (
"sync/atomic"
"time"
- "golang.org/x/net/trace"
-
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
"google.golang.org/grpc/encoding"
@@ -131,7 +129,7 @@ type Server struct {
drain bool
cv *sync.Cond // signaled when connections close for GracefulStop
services map[string]*serviceInfo // service name -> service info
- events trace.EventLog
+ events traceEventLog
quit *grpcsync.Event
done *grpcsync.Event
@@ -670,7 +668,7 @@ func NewServer(opt ...ServerOption) *Server {
s.cv = sync.NewCond(&s.mu)
if EnableTracing {
_, file, line, _ := runtime.Caller(1)
- s.events = trace.NewEventLog("grpc.Server", fmt.Sprintf("%s:%d", file, line))
+ s.events = newTraceEventLog("grpc.Server", fmt.Sprintf("%s:%d", file, line))
}
if s.opts.numServerWorkers > 0 {
@@ -1734,8 +1732,8 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Str
ctx = contextWithServer(ctx, s)
var ti *traceInfo
if EnableTracing {
- tr := trace.New("grpc.Recv."+methodFamily(stream.Method()), stream.Method())
- ctx = trace.NewContext(ctx, tr)
+ tr := newTrace("grpc.Recv."+methodFamily(stream.Method()), stream.Method())
+ ctx = newTraceContext(ctx, tr)
ti = &traceInfo{
tr: tr,
firstLine: firstLine{
diff --git a/vendor/google.golang.org/grpc/stream.go b/vendor/google.golang.org/grpc/stream.go
index d621f52b1a..814e998354 100644
--- a/vendor/google.golang.org/grpc/stream.go
+++ b/vendor/google.golang.org/grpc/stream.go
@@ -27,7 +27,6 @@ import (
"sync"
"time"
- "golang.org/x/net/trace"
"google.golang.org/grpc/balancer"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/encoding"
@@ -431,7 +430,7 @@ func (cs *clientStream) newAttemptLocked(isTransparent bool) (*csAttempt, error)
var trInfo *traceInfo
if EnableTracing {
trInfo = &traceInfo{
- tr: trace.New("grpc.Sent."+methodFamily(method), method),
+ tr: newTrace("grpc.Sent."+methodFamily(method), method),
firstLine: firstLine{
client: true,
},
@@ -440,7 +439,7 @@ func (cs *clientStream) newAttemptLocked(isTransparent bool) (*csAttempt, error)
trInfo.firstLine.deadline = time.Until(deadline)
}
trInfo.tr.LazyLog(&trInfo.firstLine, false)
- ctx = trace.NewContext(ctx, trInfo.tr)
+ ctx = newTraceContext(ctx, trInfo.tr)
}
if cs.cc.parsedTarget.URL.Scheme == internal.GRPCResolverSchemeExtraMetadata {
diff --git a/vendor/google.golang.org/grpc/trace.go b/vendor/google.golang.org/grpc/trace.go
index 9ded79321b..10f4f798f5 100644
--- a/vendor/google.golang.org/grpc/trace.go
+++ b/vendor/google.golang.org/grpc/trace.go
@@ -26,8 +26,6 @@ import (
"strings"
"sync"
"time"
-
- "golang.org/x/net/trace"
)
// EnableTracing controls whether to trace RPCs using the golang.org/x/net/trace package.
@@ -44,9 +42,31 @@ func methodFamily(m string) string {
return m
}
+// traceEventLog mirrors golang.org/x/net/trace.EventLog.
+//
+// It exists in order to avoid importing x/net/trace on grpcnotrace builds.
+type traceEventLog interface {
+ Printf(format string, a ...any)
+ Errorf(format string, a ...any)
+ Finish()
+}
+
+// traceLog mirrors golang.org/x/net/trace.Trace.
+//
+// It exists in order to avoid importing x/net/trace on grpcnotrace builds.
+type traceLog interface {
+ LazyLog(x fmt.Stringer, sensitive bool)
+ LazyPrintf(format string, a ...any)
+ SetError()
+ SetRecycler(f func(any))
+ SetTraceInfo(traceID, spanID uint64)
+ SetMaxEvents(m int)
+ Finish()
+}
+
// traceInfo contains tracing information for an RPC.
type traceInfo struct {
- tr trace.Trace
+ tr traceLog
firstLine firstLine
}
diff --git a/vendor/google.golang.org/grpc/trace_notrace.go b/vendor/google.golang.org/grpc/trace_notrace.go
new file mode 100644
index 0000000000..1da3a2308e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/trace_notrace.go
@@ -0,0 +1,52 @@
+//go:build grpcnotrace
+
+/*
+ *
+ * Copyright 2024 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+// grpcnotrace can be used to avoid importing golang.org/x/net/trace, which in
+// turn enables binaries using gRPC-Go for dead code elimination, which can
+// yield 10-15% improvements in binary size when tracing is not needed.
+
+import (
+ "context"
+ "fmt"
+)
+
+type notrace struct{}
+
+func (notrace) LazyLog(x fmt.Stringer, sensitive bool) {}
+func (notrace) LazyPrintf(format string, a ...any) {}
+func (notrace) SetError() {}
+func (notrace) SetRecycler(f func(any)) {}
+func (notrace) SetTraceInfo(traceID, spanID uint64) {}
+func (notrace) SetMaxEvents(m int) {}
+func (notrace) Finish() {}
+
+func newTrace(family, title string) traceLog {
+ return notrace{}
+}
+
+func newTraceContext(ctx context.Context, tr traceLog) context.Context {
+ return ctx
+}
+
+func newTraceEventLog(family, title string) traceEventLog {
+ return nil
+}
diff --git a/vendor/google.golang.org/grpc/trace_withtrace.go b/vendor/google.golang.org/grpc/trace_withtrace.go
new file mode 100644
index 0000000000..88d6e8571e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/trace_withtrace.go
@@ -0,0 +1,39 @@
+//go:build !grpcnotrace
+
+/*
+ *
+ * Copyright 2024 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package grpc
+
+import (
+ "context"
+
+ t "golang.org/x/net/trace"
+)
+
+func newTrace(family, title string) traceLog {
+ return t.New(family, title)
+}
+
+func newTraceContext(ctx context.Context, tr traceLog) context.Context {
+ return t.NewContext(ctx, tr)
+}
+
+func newTraceEventLog(family, title string) traceEventLog {
+ return t.NewEventLog(family, title)
+}
diff --git a/vendor/google.golang.org/grpc/version.go b/vendor/google.golang.org/grpc/version.go
index 1ad1ba2ad6..df85a021ad 100644
--- a/vendor/google.golang.org/grpc/version.go
+++ b/vendor/google.golang.org/grpc/version.go
@@ -19,4 +19,4 @@
package grpc
// Version is the current grpc version.
-const Version = "1.61.0"
+const Version = "1.62.0"
diff --git a/vendor/google.golang.org/grpc/vet.sh b/vendor/google.golang.org/grpc/vet.sh
index 5da38a4099..7a33c215b5 100644
--- a/vendor/google.golang.org/grpc/vet.sh
+++ b/vendor/google.golang.org/grpc/vet.sh
@@ -41,7 +41,7 @@ if [[ "$1" = "-install" ]]; then
popd
if [[ -z "${VET_SKIP_PROTO}" ]]; then
if [[ "${GITHUB_ACTIONS}" = "true" ]]; then
- PROTOBUF_VERSION=22.0 # a.k.a v4.22.0 in pb.go files.
+ PROTOBUF_VERSION=25.2 # a.k.a. v4.22.0 in pb.go files.
PROTOC_FILENAME=protoc-${PROTOBUF_VERSION}-linux-x86_64.zip
pushd /home/runner/go
wget https://github.com/google/protobuf/releases/download/v${PROTOBUF_VERSION}/${PROTOC_FILENAME}
diff --git a/vendor/google.golang.org/protobuf/protoadapt/convert.go b/vendor/google.golang.org/protobuf/protoadapt/convert.go
new file mode 100644
index 0000000000..ea276d15a0
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/protoadapt/convert.go
@@ -0,0 +1,31 @@
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package protoadapt bridges the original and new proto APIs.
+package protoadapt
+
+import (
+ "google.golang.org/protobuf/proto"
+ "google.golang.org/protobuf/runtime/protoiface"
+ "google.golang.org/protobuf/runtime/protoimpl"
+)
+
+// MessageV1 is the original [github.com/golang/protobuf/proto.Message] type.
+type MessageV1 = protoiface.MessageV1
+
+// MessageV2 is the [google.golang.org/protobuf/proto.Message] type used by the
+// current [google.golang.org/protobuf] module, adding support for reflection.
+type MessageV2 = proto.Message
+
+// MessageV1Of converts a v2 message to a v1 message.
+// It returns nil if m is nil.
+func MessageV1Of(m MessageV2) MessageV1 {
+ return protoimpl.X.ProtoMessageV1Of(m)
+}
+
+// MessageV2Of converts a v1 message to a v2 message.
+// It returns nil if m is nil.
+func MessageV2Of(m MessageV1) MessageV2 {
+ return protoimpl.X.ProtoMessageV2Of(m)
+}
diff --git a/vendor/k8s.io/api/admissionregistration/v1/generated.proto b/vendor/k8s.io/api/admissionregistration/v1/generated.proto
index a8903621c8..ab5baa57c6 100644
--- a/vendor/k8s.io/api/admissionregistration/v1/generated.proto
+++ b/vendor/k8s.io/api/admissionregistration/v1/generated.proto
@@ -76,6 +76,7 @@ message MutatingWebhook {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
repeated RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -183,6 +184,7 @@ message MutatingWebhook {
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
+ // +listType=atomic
repeated string admissionReviewVersions = 8;
// reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation.
@@ -236,6 +238,8 @@ message MutatingWebhookConfiguration {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated MutatingWebhook Webhooks = 2;
}
@@ -352,6 +356,7 @@ message ValidatingWebhook {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
repeated RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -459,6 +464,7 @@ message ValidatingWebhook {
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
+ // +listType=atomic
repeated string admissionReviewVersions = 8;
// MatchConditions is a list of conditions that must be met for a request to be sent to this
@@ -494,6 +500,8 @@ message ValidatingWebhookConfiguration {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated ValidatingWebhook Webhooks = 2;
}
diff --git a/vendor/k8s.io/api/admissionregistration/v1/types.go b/vendor/k8s.io/api/admissionregistration/v1/types.go
index 07ed7a6246..e86268d78e 100644
--- a/vendor/k8s.io/api/admissionregistration/v1/types.go
+++ b/vendor/k8s.io/api/admissionregistration/v1/types.go
@@ -134,6 +134,8 @@ type ValidatingWebhookConfiguration struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Webhooks []ValidatingWebhook `json:"webhooks,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=Webhooks"`
}
@@ -164,6 +166,8 @@ type MutatingWebhookConfiguration struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Webhooks []MutatingWebhook `json:"webhooks,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=Webhooks"`
}
@@ -199,6 +203,7 @@ type ValidatingWebhook struct {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
Rules []RuleWithOperations `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -306,6 +311,7 @@ type ValidatingWebhook struct {
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
+ // +listType=atomic
AdmissionReviewVersions []string `json:"admissionReviewVersions" protobuf:"bytes,8,rep,name=admissionReviewVersions"`
// MatchConditions is a list of conditions that must be met for a request to be sent to this
@@ -350,6 +356,7 @@ type MutatingWebhook struct {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
Rules []RuleWithOperations `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -457,6 +464,7 @@ type MutatingWebhook struct {
// If a persisted webhook configuration specifies allowed versions and does not
// include any versions known to the API Server, calls to the webhook will fail
// and be subject to the failure policy.
+ // +listType=atomic
AdmissionReviewVersions []string `json:"admissionReviewVersions" protobuf:"bytes,8,rep,name=admissionReviewVersions"`
// reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation.
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto b/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto
index 1855cdfc4f..833393085a 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/generated.proto
@@ -222,6 +222,7 @@ message MutatingWebhook {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
repeated k8s.io.api.admissionregistration.v1.RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -332,6 +333,7 @@ message MutatingWebhook {
// and be subject to the failure policy.
// Default to `['v1beta1']`.
// +optional
+ // +listType=atomic
repeated string admissionReviewVersions = 8;
// reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation.
@@ -386,6 +388,8 @@ message MutatingWebhookConfiguration {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated MutatingWebhook Webhooks = 2;
}
@@ -765,6 +769,7 @@ message ValidatingWebhook {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
repeated k8s.io.api.admissionregistration.v1.RuleWithOperations rules = 3;
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -856,6 +861,7 @@ message ValidatingWebhook {
// Requests with the dryRun attribute will be auto-rejected if they match a webhook with
// sideEffects == Unknown or Some. Defaults to Unknown.
// +optional
+ // +listType=atomic
optional string sideEffects = 6;
// TimeoutSeconds specifies the timeout for this webhook. After the timeout passes,
@@ -875,6 +881,7 @@ message ValidatingWebhook {
// and be subject to the failure policy.
// Default to `['v1beta1']`.
// +optional
+ // +listType=atomic
repeated string admissionReviewVersions = 8;
// MatchConditions is a list of conditions that must be met for a request to be sent to this
@@ -911,6 +918,8 @@ message ValidatingWebhookConfiguration {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated ValidatingWebhook Webhooks = 2;
}
diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/types.go b/vendor/k8s.io/api/admissionregistration/v1beta1/types.go
index 12c680dc97..ed3bce3ccf 100644
--- a/vendor/k8s.io/api/admissionregistration/v1beta1/types.go
+++ b/vendor/k8s.io/api/admissionregistration/v1beta1/types.go
@@ -684,6 +684,8 @@ type ValidatingWebhookConfiguration struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Webhooks []ValidatingWebhook `json:"webhooks,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=Webhooks"`
}
@@ -723,6 +725,8 @@ type MutatingWebhookConfiguration struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Webhooks []MutatingWebhook `json:"webhooks,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=Webhooks"`
}
@@ -762,6 +766,7 @@ type ValidatingWebhook struct {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
Rules []RuleWithOperations `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -853,6 +858,7 @@ type ValidatingWebhook struct {
// Requests with the dryRun attribute will be auto-rejected if they match a webhook with
// sideEffects == Unknown or Some. Defaults to Unknown.
// +optional
+ // +listType=atomic
SideEffects *SideEffectClass `json:"sideEffects,omitempty" protobuf:"bytes,6,opt,name=sideEffects,casttype=SideEffectClass"`
// TimeoutSeconds specifies the timeout for this webhook. After the timeout passes,
@@ -872,6 +878,7 @@ type ValidatingWebhook struct {
// and be subject to the failure policy.
// Default to `['v1beta1']`.
// +optional
+ // +listType=atomic
AdmissionReviewVersions []string `json:"admissionReviewVersions,omitempty" protobuf:"bytes,8,rep,name=admissionReviewVersions"`
// MatchConditions is a list of conditions that must be met for a request to be sent to this
@@ -916,6 +923,7 @@ type MutatingWebhook struct {
// from putting the cluster in a state which cannot be recovered from without completely
// disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called
// on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.
+ // +listType=atomic
Rules []RuleWithOperations `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
// FailurePolicy defines how unrecognized errors from the admission endpoint are handled -
@@ -1026,6 +1034,7 @@ type MutatingWebhook struct {
// and be subject to the failure policy.
// Default to `['v1beta1']`.
// +optional
+ // +listType=atomic
AdmissionReviewVersions []string `json:"admissionReviewVersions,omitempty" protobuf:"bytes,8,rep,name=admissionReviewVersions"`
// reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation.
diff --git a/vendor/k8s.io/api/apps/v1/generated.proto b/vendor/k8s.io/api/apps/v1/generated.proto
index a7a7e7c547..9001416861 100644
--- a/vendor/k8s.io/api/apps/v1/generated.proto
+++ b/vendor/k8s.io/api/apps/v1/generated.proto
@@ -200,6 +200,8 @@ message DaemonSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DaemonSetCondition conditions = 10;
}
@@ -341,6 +343,8 @@ message DeploymentStatus {
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DeploymentCondition conditions = 6;
// Count of hash collisions for the Deployment. The Deployment controller uses this
@@ -475,6 +479,8 @@ message ReplicaSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated ReplicaSetCondition conditions = 6;
}
@@ -688,6 +694,7 @@ message StatefulSetSpec {
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
+ // +listType=atomic
repeated k8s.io.api.core.v1.PersistentVolumeClaim volumeClaimTemplates = 4;
// serviceName is the name of the service that governs this StatefulSet.
@@ -782,6 +789,8 @@ message StatefulSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated StatefulSetCondition conditions = 10;
// Total number of available pods (ready for at least minReadySeconds) targeted by this statefulset.
diff --git a/vendor/k8s.io/api/apps/v1/types.go b/vendor/k8s.io/api/apps/v1/types.go
index 644d368fe4..96ff620986 100644
--- a/vendor/k8s.io/api/apps/v1/types.go
+++ b/vendor/k8s.io/api/apps/v1/types.go
@@ -211,6 +211,7 @@ type StatefulSetSpec struct {
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
+ // +listType=atomic
VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty" protobuf:"bytes,4,rep,name=volumeClaimTemplates"`
// serviceName is the name of the service that governs this StatefulSet.
@@ -305,6 +306,8 @@ type StatefulSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []StatefulSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
// Total number of available pods (ready for at least minReadySeconds) targeted by this statefulset.
@@ -507,6 +510,8 @@ type DeploymentStatus struct {
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DeploymentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
// Count of hash collisions for the Deployment. The Deployment controller uses this
@@ -714,6 +719,8 @@ type DaemonSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DaemonSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
}
@@ -884,6 +891,8 @@ type ReplicaSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []ReplicaSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
}
diff --git a/vendor/k8s.io/api/apps/v1beta1/generated.proto b/vendor/k8s.io/api/apps/v1beta1/generated.proto
index 245ec30f42..8965622257 100644
--- a/vendor/k8s.io/api/apps/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/apps/v1beta1/generated.proto
@@ -208,6 +208,8 @@ message DeploymentStatus {
// Conditions represent the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DeploymentCondition conditions = 6;
// collisionCount is the count of hash collisions for the Deployment. The Deployment controller uses this
@@ -445,6 +447,7 @@ message StatefulSetSpec {
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
+ // +listType=atomic
repeated k8s.io.api.core.v1.PersistentVolumeClaim volumeClaimTemplates = 4;
// serviceName is the name of the service that governs this StatefulSet.
@@ -536,6 +539,8 @@ message StatefulSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated StatefulSetCondition conditions = 10;
// availableReplicas is the total number of available pods (ready for at least minReadySeconds) targeted by this StatefulSet.
diff --git a/vendor/k8s.io/api/apps/v1beta1/types.go b/vendor/k8s.io/api/apps/v1beta1/types.go
index 59ed9c2ac3..bdf9f93a9b 100644
--- a/vendor/k8s.io/api/apps/v1beta1/types.go
+++ b/vendor/k8s.io/api/apps/v1beta1/types.go
@@ -251,6 +251,7 @@ type StatefulSetSpec struct {
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
+ // +listType=atomic
VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty" protobuf:"bytes,4,rep,name=volumeClaimTemplates"`
// serviceName is the name of the service that governs this StatefulSet.
@@ -342,6 +343,8 @@ type StatefulSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []StatefulSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
// availableReplicas is the total number of available pods (ready for at least minReadySeconds) targeted by this StatefulSet.
@@ -577,6 +580,8 @@ type DeploymentStatus struct {
// Conditions represent the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DeploymentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
// collisionCount is the count of hash collisions for the Deployment. The Deployment controller uses this
diff --git a/vendor/k8s.io/api/apps/v1beta2/generated.proto b/vendor/k8s.io/api/apps/v1beta2/generated.proto
index ddbe354411..3ae8a80094 100644
--- a/vendor/k8s.io/api/apps/v1beta2/generated.proto
+++ b/vendor/k8s.io/api/apps/v1beta2/generated.proto
@@ -204,6 +204,8 @@ message DaemonSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DaemonSetCondition conditions = 10;
}
@@ -346,6 +348,8 @@ message DeploymentStatus {
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DeploymentCondition conditions = 6;
// Count of hash collisions for the Deployment. The Deployment controller uses this
@@ -481,6 +485,8 @@ message ReplicaSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated ReplicaSetCondition conditions = 6;
}
@@ -733,6 +739,7 @@ message StatefulSetSpec {
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
+ // +listType=atomic
repeated k8s.io.api.core.v1.PersistentVolumeClaim volumeClaimTemplates = 4;
// serviceName is the name of the service that governs this StatefulSet.
@@ -824,6 +831,8 @@ message StatefulSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated StatefulSetCondition conditions = 10;
// Total number of available pods (ready for at least minReadySeconds) targeted by this StatefulSet.
diff --git a/vendor/k8s.io/api/apps/v1beta2/types.go b/vendor/k8s.io/api/apps/v1beta2/types.go
index a97ac6fcf0..6981c2a175 100644
--- a/vendor/k8s.io/api/apps/v1beta2/types.go
+++ b/vendor/k8s.io/api/apps/v1beta2/types.go
@@ -261,6 +261,7 @@ type StatefulSetSpec struct {
// any volumes in the template, with the same name.
// TODO: Define the behavior if a claim already exists with the same name.
// +optional
+ // +listType=atomic
VolumeClaimTemplates []v1.PersistentVolumeClaim `json:"volumeClaimTemplates,omitempty" protobuf:"bytes,4,rep,name=volumeClaimTemplates"`
// serviceName is the name of the service that governs this StatefulSet.
@@ -352,6 +353,8 @@ type StatefulSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []StatefulSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
// Total number of available pods (ready for at least minReadySeconds) targeted by this StatefulSet.
@@ -555,6 +558,8 @@ type DeploymentStatus struct {
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DeploymentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
// Count of hash collisions for the Deployment. The Deployment controller uses this
@@ -765,6 +770,8 @@ type DaemonSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DaemonSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
}
@@ -951,6 +958,8 @@ type ReplicaSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []ReplicaSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
}
diff --git a/vendor/k8s.io/api/authentication/v1/generated.proto b/vendor/k8s.io/api/authentication/v1/generated.proto
index 1632070c87..1fe2f4f2ce 100644
--- a/vendor/k8s.io/api/authentication/v1/generated.proto
+++ b/vendor/k8s.io/api/authentication/v1/generated.proto
@@ -99,6 +99,7 @@ message TokenRequestSpec {
// token issued for multiple audiences may be used to authenticate
// against any of the audiences listed but implies a high degree of
// trust between the target audiences.
+ // +listType=atomic
repeated string audiences = 1;
// ExpirationSeconds is the requested duration of validity of the request. The
@@ -154,6 +155,7 @@ message TokenReviewSpec {
// this list. If no audiences are provided, the audience will default to the
// audience of the Kubernetes apiserver.
// +optional
+ // +listType=atomic
repeated string audiences = 2;
}
@@ -177,6 +179,7 @@ message TokenReviewStatus {
// status.audience field where status.authenticated is "true", the token is
// valid against the audience of the Kubernetes API server.
// +optional
+ // +listType=atomic
repeated string audiences = 4;
// Error indicates that the token couldn't be checked
@@ -199,6 +202,7 @@ message UserInfo {
// The names of groups this user is a part of.
// +optional
+ // +listType=atomic
repeated string groups = 3;
// Any additional information provided by the authenticator.
diff --git a/vendor/k8s.io/api/authentication/v1/types.go b/vendor/k8s.io/api/authentication/v1/types.go
index b498007c00..4f4400e305 100644
--- a/vendor/k8s.io/api/authentication/v1/types.go
+++ b/vendor/k8s.io/api/authentication/v1/types.go
@@ -75,6 +75,7 @@ type TokenReviewSpec struct {
// this list. If no audiences are provided, the audience will default to the
// audience of the Kubernetes apiserver.
// +optional
+ // +listType=atomic
Audiences []string `json:"audiences,omitempty" protobuf:"bytes,2,rep,name=audiences"`
}
@@ -96,6 +97,7 @@ type TokenReviewStatus struct {
// status.audience field where status.authenticated is "true", the token is
// valid against the audience of the Kubernetes API server.
// +optional
+ // +listType=atomic
Audiences []string `json:"audiences,omitempty" protobuf:"bytes,4,rep,name=audiences"`
// Error indicates that the token couldn't be checked
// +optional
@@ -115,6 +117,7 @@ type UserInfo struct {
UID string `json:"uid,omitempty" protobuf:"bytes,2,opt,name=uid"`
// The names of groups this user is a part of.
// +optional
+ // +listType=atomic
Groups []string `json:"groups,omitempty" protobuf:"bytes,3,rep,name=groups"`
// Any additional information provided by the authenticator.
// +optional
@@ -156,6 +159,7 @@ type TokenRequestSpec struct {
// token issued for multiple audiences may be used to authenticate
// against any of the audiences listed but implies a high degree of
// trust between the target audiences.
+ // +listType=atomic
Audiences []string `json:"audiences" protobuf:"bytes,1,rep,name=audiences"`
// ExpirationSeconds is the requested duration of validity of the request. The
diff --git a/vendor/k8s.io/api/authentication/v1beta1/generated.proto b/vendor/k8s.io/api/authentication/v1beta1/generated.proto
index 53b4635d7e..61658245d4 100644
--- a/vendor/k8s.io/api/authentication/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/authentication/v1beta1/generated.proto
@@ -87,6 +87,7 @@ message TokenReviewSpec {
// this list. If no audiences are provided, the audience will default to the
// audience of the Kubernetes apiserver.
// +optional
+ // +listType=atomic
repeated string audiences = 2;
}
@@ -110,6 +111,7 @@ message TokenReviewStatus {
// status.audience field where status.authenticated is "true", the token is
// valid against the audience of the Kubernetes API server.
// +optional
+ // +listType=atomic
repeated string audiences = 4;
// Error indicates that the token couldn't be checked
@@ -132,6 +134,7 @@ message UserInfo {
// The names of groups this user is a part of.
// +optional
+ // +listType=atomic
repeated string groups = 3;
// Any additional information provided by the authenticator.
diff --git a/vendor/k8s.io/api/authentication/v1beta1/types.go b/vendor/k8s.io/api/authentication/v1beta1/types.go
index 5bce82e7cf..8038ef7d34 100644
--- a/vendor/k8s.io/api/authentication/v1beta1/types.go
+++ b/vendor/k8s.io/api/authentication/v1beta1/types.go
@@ -60,6 +60,7 @@ type TokenReviewSpec struct {
// this list. If no audiences are provided, the audience will default to the
// audience of the Kubernetes apiserver.
// +optional
+ // +listType=atomic
Audiences []string `json:"audiences,omitempty" protobuf:"bytes,2,rep,name=audiences"`
}
@@ -81,6 +82,7 @@ type TokenReviewStatus struct {
// status.audience field where status.authenticated is "true", the token is
// valid against the audience of the Kubernetes API server.
// +optional
+ // +listType=atomic
Audiences []string `json:"audiences,omitempty" protobuf:"bytes,4,rep,name=audiences"`
// Error indicates that the token couldn't be checked
// +optional
@@ -100,6 +102,7 @@ type UserInfo struct {
UID string `json:"uid,omitempty" protobuf:"bytes,2,opt,name=uid"`
// The names of groups this user is a part of.
// +optional
+ // +listType=atomic
Groups []string `json:"groups,omitempty" protobuf:"bytes,3,rep,name=groups"`
// Any additional information provided by the authenticator.
// +optional
diff --git a/vendor/k8s.io/api/authorization/v1/generated.proto b/vendor/k8s.io/api/authorization/v1/generated.proto
index 47d3a57a07..83283d0bdb 100644
--- a/vendor/k8s.io/api/authorization/v1/generated.proto
+++ b/vendor/k8s.io/api/authorization/v1/generated.proto
@@ -69,11 +69,13 @@ message NonResourceAttributes {
// NonResourceRule holds information that describes a rule for the non-resource
message NonResourceRule {
// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. "*" means all.
+ // +listType=atomic
repeated string verbs = 1;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full,
// final step in the path. "*" means all.
// +optional
+ // +listType=atomic
repeated string nonResourceURLs = 2;
}
@@ -115,20 +117,24 @@ message ResourceAttributes {
// may contain duplicates, and possibly be incomplete.
message ResourceRule {
// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. "*" means all.
+ // +listType=atomic
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
// +optional
+ // +listType=atomic
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
+ // +listType=atomic
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
// +optional
+ // +listType=atomic
repeated string resourceNames = 4;
}
@@ -220,6 +226,7 @@ message SubjectAccessReviewSpec {
// Groups is the groups you're testing for.
// +optional
+ // +listType=atomic
repeated string groups = 4;
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
@@ -262,10 +269,12 @@ message SubjectAccessReviewStatus {
message SubjectRulesReviewStatus {
// ResourceRules is the list of actions the subject is allowed to perform on resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
repeated ResourceRule resourceRules = 1;
// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
repeated NonResourceRule nonResourceRules = 2;
// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
diff --git a/vendor/k8s.io/api/authorization/v1/types.go b/vendor/k8s.io/api/authorization/v1/types.go
index d1fe483f96..3b42956f89 100644
--- a/vendor/k8s.io/api/authorization/v1/types.go
+++ b/vendor/k8s.io/api/authorization/v1/types.go
@@ -143,6 +143,7 @@ type SubjectAccessReviewSpec struct {
User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"`
// Groups is the groups you're testing for.
// +optional
+ // +listType=atomic
Groups []string `json:"groups,omitempty" protobuf:"bytes,4,rep,name=groups"`
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
// it needs a reflection here.
@@ -232,9 +233,11 @@ type SelfSubjectRulesReviewSpec struct {
type SubjectRulesReviewStatus struct {
// ResourceRules is the list of actions the subject is allowed to perform on resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
ResourceRules []ResourceRule `json:"resourceRules" protobuf:"bytes,1,rep,name=resourceRules"`
// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
NonResourceRules []NonResourceRule `json:"nonResourceRules" protobuf:"bytes,2,rep,name=nonResourceRules"`
// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
// encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.
@@ -250,28 +253,34 @@ type SubjectRulesReviewStatus struct {
// may contain duplicates, and possibly be incomplete.
type ResourceRule struct {
// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. "*" means all.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
// +optional
+ // +listType=atomic
APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,2,rep,name=apiGroups"`
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
+ // +listType=atomic
Resources []string `json:"resources,omitempty" protobuf:"bytes,3,rep,name=resources"`
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
// +optional
+ // +listType=atomic
ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,4,rep,name=resourceNames"`
}
// NonResourceRule holds information that describes a rule for the non-resource
type NonResourceRule struct {
// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. "*" means all.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full,
// final step in the path. "*" means all.
// +optional
+ // +listType=atomic
NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,2,rep,name=nonResourceURLs"`
}
diff --git a/vendor/k8s.io/api/authorization/v1beta1/generated.proto b/vendor/k8s.io/api/authorization/v1beta1/generated.proto
index 01736202f8..43bea7aa12 100644
--- a/vendor/k8s.io/api/authorization/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/authorization/v1beta1/generated.proto
@@ -69,11 +69,13 @@ message NonResourceAttributes {
// NonResourceRule holds information that describes a rule for the non-resource
message NonResourceRule {
// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. "*" means all.
+ // +listType=atomic
repeated string verbs = 1;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full,
// final step in the path. "*" means all.
// +optional
+ // +listType=atomic
repeated string nonResourceURLs = 2;
}
@@ -115,20 +117,24 @@ message ResourceAttributes {
// may contain duplicates, and possibly be incomplete.
message ResourceRule {
// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. "*" means all.
+ // +listType=atomic
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
// +optional
+ // +listType=atomic
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
+ // +listType=atomic
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
// +optional
+ // +listType=atomic
repeated string resourceNames = 4;
}
@@ -220,6 +226,7 @@ message SubjectAccessReviewSpec {
// Groups is the groups you're testing for.
// +optional
+ // +listType=atomic
repeated string group = 4;
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
@@ -262,10 +269,12 @@ message SubjectAccessReviewStatus {
message SubjectRulesReviewStatus {
// ResourceRules is the list of actions the subject is allowed to perform on resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
repeated ResourceRule resourceRules = 1;
// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
repeated NonResourceRule nonResourceRules = 2;
// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
diff --git a/vendor/k8s.io/api/authorization/v1beta1/types.go b/vendor/k8s.io/api/authorization/v1beta1/types.go
index 2653098655..ef3a501b05 100644
--- a/vendor/k8s.io/api/authorization/v1beta1/types.go
+++ b/vendor/k8s.io/api/authorization/v1beta1/types.go
@@ -152,6 +152,7 @@ type SubjectAccessReviewSpec struct {
User string `json:"user,omitempty" protobuf:"bytes,3,opt,name=user"`
// Groups is the groups you're testing for.
// +optional
+ // +listType=atomic
Groups []string `json:"group,omitempty" protobuf:"bytes,4,rep,name=group"`
// Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer
// it needs a reflection here.
@@ -244,9 +245,11 @@ type SelfSubjectRulesReviewSpec struct {
type SubjectRulesReviewStatus struct {
// ResourceRules is the list of actions the subject is allowed to perform on resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
ResourceRules []ResourceRule `json:"resourceRules" protobuf:"bytes,1,rep,name=resourceRules"`
// NonResourceRules is the list of actions the subject is allowed to perform on non-resources.
// The list ordering isn't significant, may contain duplicates, and possibly be incomplete.
+ // +listType=atomic
NonResourceRules []NonResourceRule `json:"nonResourceRules" protobuf:"bytes,2,rep,name=nonResourceRules"`
// Incomplete is true when the rules returned by this call are incomplete. This is most commonly
// encountered when an authorizer, such as an external authorizer, doesn't support rules evaluation.
@@ -262,28 +265,34 @@ type SubjectRulesReviewStatus struct {
// may contain duplicates, and possibly be incomplete.
type ResourceRule struct {
// Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. "*" means all.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
// +optional
+ // +listType=atomic
APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,2,rep,name=apiGroups"`
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
+ // +listType=atomic
Resources []string `json:"resources,omitempty" protobuf:"bytes,3,rep,name=resources"`
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
// +optional
+ // +listType=atomic
ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,4,rep,name=resourceNames"`
}
// NonResourceRule holds information that describes a rule for the non-resource
type NonResourceRule struct {
// Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. "*" means all.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full,
// final step in the path. "*" means all.
// +optional
+ // +listType=atomic
NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,2,rep,name=nonResourceURLs"`
}
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto b/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto
index 6b3d415212..e2119d5550 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/generated.proto
@@ -220,6 +220,7 @@ message HorizontalPodAutoscalerSpec {
// increased, and vice-versa. See the individual metric source types for
// more information about how each type of metric must respond.
// +optional
+ // +listType=atomic
repeated MetricSpec metrics = 4;
}
@@ -244,11 +245,13 @@ message HorizontalPodAutoscalerStatus {
// currentMetrics is the last read state of the metrics used by this autoscaler.
// +optional
+ // +listType=atomic
repeated MetricStatus currentMetrics = 5;
// conditions is the set of conditions required for this autoscaler to scale its target,
// and indicates whether or not those conditions are met.
// +optional
+ // +listType=atomic
repeated HorizontalPodAutoscalerCondition conditions = 6;
}
diff --git a/vendor/k8s.io/api/autoscaling/v2beta1/types.go b/vendor/k8s.io/api/autoscaling/v2beta1/types.go
index 842284072d..193cc43549 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta1/types.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta1/types.go
@@ -56,6 +56,7 @@ type HorizontalPodAutoscalerSpec struct {
// increased, and vice-versa. See the individual metric source types for
// more information about how each type of metric must respond.
// +optional
+ // +listType=atomic
Metrics []MetricSpec `json:"metrics,omitempty" protobuf:"bytes,4,rep,name=metrics"`
}
@@ -260,11 +261,13 @@ type HorizontalPodAutoscalerStatus struct {
// currentMetrics is the last read state of the metrics used by this autoscaler.
// +optional
+ // +listType=atomic
CurrentMetrics []MetricStatus `json:"currentMetrics" protobuf:"bytes,5,rep,name=currentMetrics"`
// conditions is the set of conditions required for this autoscaler to scale its target,
// and indicates whether or not those conditions are met.
// +optional
+ // +listType=atomic
Conditions []HorizontalPodAutoscalerCondition `json:"conditions" protobuf:"bytes,6,rep,name=conditions"`
}
diff --git a/vendor/k8s.io/api/autoscaling/v2beta2/generated.proto b/vendor/k8s.io/api/autoscaling/v2beta2/generated.proto
index 5b2fe9442a..41f7a16ea1 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta2/generated.proto
+++ b/vendor/k8s.io/api/autoscaling/v2beta2/generated.proto
@@ -136,6 +136,7 @@ message HPAScalingRules {
// policies is a list of potential scaling polices which can be used during scaling.
// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid
// +optional
+ // +listType=atomic
repeated HPAScalingPolicy policies = 2;
}
@@ -238,6 +239,7 @@ message HorizontalPodAutoscalerSpec {
// more information about how each type of metric must respond.
// If not set, the default metric will be set to 80% average CPU utilization.
// +optional
+ // +listType=atomic
repeated MetricSpec metrics = 4;
// behavior configures the scaling behavior of the target
@@ -268,11 +270,13 @@ message HorizontalPodAutoscalerStatus {
// currentMetrics is the last read state of the metrics used by this autoscaler.
// +optional
+ // +listType=atomic
repeated MetricStatus currentMetrics = 5;
// conditions is the set of conditions required for this autoscaler to scale its target,
// and indicates whether or not those conditions are met.
// +optional
+ // +listType=atomic
repeated HorizontalPodAutoscalerCondition conditions = 6;
}
diff --git a/vendor/k8s.io/api/autoscaling/v2beta2/types.go b/vendor/k8s.io/api/autoscaling/v2beta2/types.go
index b0b7681c0e..2fee0b8a0f 100644
--- a/vendor/k8s.io/api/autoscaling/v2beta2/types.go
+++ b/vendor/k8s.io/api/autoscaling/v2beta2/types.go
@@ -76,6 +76,7 @@ type HorizontalPodAutoscalerSpec struct {
// more information about how each type of metric must respond.
// If not set, the default metric will be set to 80% average CPU utilization.
// +optional
+ // +listType=atomic
Metrics []MetricSpec `json:"metrics,omitempty" protobuf:"bytes,4,rep,name=metrics"`
// behavior configures the scaling behavior of the target
@@ -199,6 +200,7 @@ type HPAScalingRules struct {
// policies is a list of potential scaling polices which can be used during scaling.
// At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid
// +optional
+ // +listType=atomic
Policies []HPAScalingPolicy `json:"policies,omitempty" protobuf:"bytes,2,rep,name=policies"`
}
@@ -393,11 +395,13 @@ type HorizontalPodAutoscalerStatus struct {
// currentMetrics is the last read state of the metrics used by this autoscaler.
// +optional
+ // +listType=atomic
CurrentMetrics []MetricStatus `json:"currentMetrics" protobuf:"bytes,5,rep,name=currentMetrics"`
// conditions is the set of conditions required for this autoscaler to scale its target,
// and indicates whether or not those conditions are met.
// +optional
+ // +listType=atomic
Conditions []HorizontalPodAutoscalerCondition `json:"conditions" protobuf:"bytes,6,rep,name=conditions"`
}
diff --git a/vendor/k8s.io/api/batch/v1/generated.proto b/vendor/k8s.io/api/batch/v1/generated.proto
index f899779889..f050072b7c 100644
--- a/vendor/k8s.io/api/batch/v1/generated.proto
+++ b/vendor/k8s.io/api/batch/v1/generated.proto
@@ -361,7 +361,8 @@ message JobStatus {
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time completionTime = 3;
- // The number of pending and running pods.
+ // The number of pending and running pods which are not terminating (without
+ // a deletionTimestamp).
// +optional
optional int32 active = 4;
diff --git a/vendor/k8s.io/api/batch/v1/types.go b/vendor/k8s.io/api/batch/v1/types.go
index 53fdf3c8d0..a48190ae1e 100644
--- a/vendor/k8s.io/api/batch/v1/types.go
+++ b/vendor/k8s.io/api/batch/v1/types.go
@@ -441,7 +441,8 @@ type JobStatus struct {
// +optional
CompletionTime *metav1.Time `json:"completionTime,omitempty" protobuf:"bytes,3,opt,name=completionTime"`
- // The number of pending and running pods.
+ // The number of pending and running pods which are not terminating (without
+ // a deletionTimestamp).
// +optional
Active int32 `json:"active,omitempty" protobuf:"varint,4,opt,name=active"`
diff --git a/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go
index 980f1e4750..911c436f8d 100644
--- a/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/batch/v1/types_swagger_doc_generated.go
@@ -137,7 +137,7 @@ var map_JobStatus = map[string]string{
"conditions": "The latest available observations of an object's current state. When a Job fails, one of the conditions will have type \"Failed\" and status true. When a Job is suspended, one of the conditions will have type \"Suspended\" and status true; when the Job is resumed, the status of this condition will become false. When a Job is completed, one of the conditions will have type \"Complete\" and status true. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/",
"startTime": "Represents time when the job controller started processing a job. When a Job is created in the suspended state, this field is not set until the first time it is resumed. This field is reset every time a Job is resumed from suspension. It is represented in RFC3339 form and is in UTC.",
"completionTime": "Represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. The completion time is only set when the job finishes successfully.",
- "active": "The number of pending and running pods.",
+ "active": "The number of pending and running pods which are not terminating (without a deletionTimestamp).",
"succeeded": "The number of pods which reached phase Succeeded.",
"failed": "The number of pods which reached phase Failed.",
"terminating": "The number of pods which are terminating (in phase Pending or Running and have a deletionTimestamp).\n\nThis field is beta-level. The job controller populates the field when the feature gate JobPodReplacementPolicy is enabled (enabled by default).",
diff --git a/vendor/k8s.io/api/core/v1/generated.proto b/vendor/k8s.io/api/core/v1/generated.proto
index cf9b6e6ebc..9d24e7ccb4 100644
--- a/vendor/k8s.io/api/core/v1/generated.proto
+++ b/vendor/k8s.io/api/core/v1/generated.proto
@@ -93,6 +93,7 @@ message AvoidPods {
// Bounded-sized list of signatures of pods that should avoid this node, sorted
// in timestamp order from oldest to newest. Size of the slice is unspecified.
// +optional
+ // +listType=atomic
repeated PreferAvoidPodsEntry preferAvoidPods = 1;
}
@@ -269,10 +270,12 @@ message CSIVolumeSource {
message Capabilities {
// Added capabilities
// +optional
+ // +listType=atomic
repeated string add = 1;
// Removed capabilities
// +optional
+ // +listType=atomic
repeated string drop = 2;
}
@@ -281,6 +284,7 @@ message Capabilities {
message CephFSPersistentVolumeSource {
// monitors is Required: Monitors is a collection of Ceph monitors
// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ // +listType=atomic
repeated string monitors = 1;
// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /
@@ -314,6 +318,7 @@ message CephFSPersistentVolumeSource {
message CephFSVolumeSource {
// monitors is Required: Monitors is a collection of Ceph monitors
// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ // +listType=atomic
repeated string monitors = 1;
// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /
@@ -498,6 +503,8 @@ message ComponentStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated ComponentCondition conditions = 2;
}
@@ -628,6 +635,7 @@ message ConfigMapProjection {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
repeated KeyToPath items = 2;
// optional specify whether the ConfigMap or its keys must be defined
@@ -652,6 +660,7 @@ message ConfigMapVolumeSource {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
repeated KeyToPath items = 2;
// defaultMode is optional: mode bits used to set permissions on created files by default.
@@ -692,6 +701,7 @@ message Container {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
repeated string command = 3;
// Arguments to the entrypoint.
@@ -703,6 +713,7 @@ message Container {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
repeated string args = 4;
// Container's working directory.
@@ -734,6 +745,7 @@ message Container {
// Values defined by an Env with a duplicate key will take precedence.
// Cannot be updated.
// +optional
+ // +listType=atomic
repeated EnvFromSource envFrom = 19;
// List of environment variables to set in the container.
@@ -741,6 +753,8 @@ message Container {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated EnvVar env = 7;
// Compute Resources required by this container.
@@ -779,11 +793,15 @@ message Container {
// +optional
// +patchMergeKey=mountPath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=mountPath
repeated VolumeMount volumeMounts = 9;
// volumeDevices is the list of block devices to be used by the container.
// +patchMergeKey=devicePath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=devicePath
// +optional
repeated VolumeDevice volumeDevices = 21;
@@ -877,6 +895,7 @@ message ContainerImage {
// Names by which this image is known.
// e.g. ["kubernetes.example/hyperkube:v1.0.7", "cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7"]
// +optional
+ // +listType=atomic
repeated string names = 1;
// The size of the image in bytes.
@@ -1076,6 +1095,7 @@ message DaemonEndpoint {
message DownwardAPIProjection {
// Items is a list of DownwardAPIVolume file
// +optional
+ // +listType=atomic
repeated DownwardAPIVolumeFile items = 1;
}
@@ -1108,6 +1128,7 @@ message DownwardAPIVolumeFile {
message DownwardAPIVolumeSource {
// Items is a list of downward API volume file
// +optional
+ // +listType=atomic
repeated DownwardAPIVolumeFile items = 1;
// Optional: mode bits to use on created files by default. Must be a
@@ -1218,16 +1239,19 @@ message EndpointSubset {
// IP addresses which offer the related ports that are marked as ready. These endpoints
// should be considered safe for load balancers and clients to utilize.
// +optional
+ // +listType=atomic
repeated EndpointAddress addresses = 1;
// IP addresses which offer the related ports but are not currently marked as ready
// because they have not yet finished starting, have recently failed a readiness check,
// or have recently failed a liveness check.
// +optional
+ // +listType=atomic
repeated EndpointAddress notReadyAddresses = 2;
// Port numbers available on the related IP addresses.
// +optional
+ // +listType=atomic
repeated EndpointPort ports = 3;
}
@@ -1258,6 +1282,7 @@ message Endpoints {
// NotReadyAddresses in the same subset.
// Sets of addresses and ports that comprise a service.
// +optional
+ // +listType=atomic
repeated EndpointSubset subsets = 2;
}
@@ -1377,6 +1402,7 @@ message EphemeralContainerCommon {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
repeated string command = 3;
// Arguments to the entrypoint.
@@ -1388,6 +1414,7 @@ message EphemeralContainerCommon {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
repeated string args = 4;
// Container's working directory.
@@ -1413,6 +1440,7 @@ message EphemeralContainerCommon {
// Values defined by an Env with a duplicate key will take precedence.
// Cannot be updated.
// +optional
+ // +listType=atomic
repeated EnvFromSource envFrom = 19;
// List of environment variables to set in the container.
@@ -1420,6 +1448,8 @@ message EphemeralContainerCommon {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated EnvVar env = 7;
// Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
@@ -1446,11 +1476,15 @@ message EphemeralContainerCommon {
// +optional
// +patchMergeKey=mountPath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=mountPath
repeated VolumeMount volumeMounts = 9;
// volumeDevices is the list of block devices to be used by the container.
// +patchMergeKey=devicePath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=devicePath
// +optional
repeated VolumeDevice volumeDevices = 21;
@@ -1661,6 +1695,7 @@ message ExecAction {
// a shell, you need to explicitly call out to that shell.
// Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
// +optional
+ // +listType=atomic
repeated string command = 1;
}
@@ -1670,6 +1705,7 @@ message ExecAction {
message FCVolumeSource {
// targetWWNs is Optional: FC target worldwide names (WWNs)
// +optional
+ // +listType=atomic
repeated string targetWWNs = 1;
// lun is Optional: FC target lun number
@@ -1691,6 +1727,7 @@ message FCVolumeSource {
// wwids Optional: FC volume world wide identifiers (wwids)
// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
// +optional
+ // +listType=atomic
repeated string wwids = 5;
}
@@ -1903,6 +1940,7 @@ message HTTPGetAction {
// Custom headers to set in the request. HTTP allows repeated headers.
// +optional
+ // +listType=atomic
repeated HTTPHeader httpHeaders = 5;
}
@@ -1923,6 +1961,7 @@ message HostAlias {
optional string ip = 1;
// Hostnames for the above IP address.
+ // +listType=atomic
repeated string hostnames = 2;
}
@@ -1982,6 +2021,7 @@ message ISCSIPersistentVolumeSource {
// portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port
// is other than default (typically TCP ports 860 and 3260).
// +optional
+ // +listType=atomic
repeated string portals = 7;
// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
@@ -2038,6 +2078,7 @@ message ISCSIVolumeSource {
// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
// is other than default (typically TCP ports 860 and 3260).
// +optional
+ // +listType=atomic
repeated string portals = 7;
// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
@@ -2181,6 +2222,7 @@ message LimitRangeList {
// LimitRangeSpec defines a min/max usage limit for resources that match on kind.
message LimitRangeSpec {
// Limits is the list of LimitRangeItem objects that are enforced.
+ // +listType=atomic
repeated LimitRangeItem limits = 1;
}
@@ -2229,6 +2271,7 @@ message LoadBalancerStatus {
// Ingress is a list containing ingress points for the load-balancer.
// Traffic intended for the service should be sent to these ingress points.
// +optional
+ // +listType=atomic
repeated LoadBalancerIngress ingress = 1;
}
@@ -2347,6 +2390,7 @@ message NamespaceSpec {
// Finalizers is an opaque list of values that must be empty to permanently remove object from storage.
// More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
// +optional
+ // +listType=atomic
repeated string finalizers = 1;
}
@@ -2361,6 +2405,8 @@ message NamespaceStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated NamespaceCondition conditions = 2;
}
@@ -2414,6 +2460,7 @@ message NodeAffinity {
// "weight" to the sum if the node matches the corresponding matchExpressions; the
// node(s) with the highest sum are the most preferred.
// +optional
+ // +listType=atomic
repeated PreferredSchedulingTerm preferredDuringSchedulingIgnoredDuringExecution = 2;
}
@@ -2537,6 +2584,7 @@ message NodeResources {
// +structType=atomic
message NodeSelector {
// Required. A list of node selector terms. The terms are ORed.
+ // +listType=atomic
repeated NodeSelectorTerm nodeSelectorTerms = 1;
}
@@ -2556,6 +2604,7 @@ message NodeSelectorRequirement {
// array must have a single element, which will be interpreted as an integer.
// This array is replaced during a strategic merge patch.
// +optional
+ // +listType=atomic
repeated string values = 3;
}
@@ -2566,10 +2615,12 @@ message NodeSelectorRequirement {
message NodeSelectorTerm {
// A list of node selector requirements by node's labels.
// +optional
+ // +listType=atomic
repeated NodeSelectorRequirement matchExpressions = 1;
// A list of node selector requirements by node's fields.
// +optional
+ // +listType=atomic
repeated NodeSelectorRequirement matchFields = 2;
}
@@ -2584,6 +2635,7 @@ message NodeSpec {
// each of IPv4 and IPv6.
// +optional
// +patchStrategy=merge
+ // +listType=set
repeated string podCIDRs = 7;
// ID of the node assigned by the cloud provider in the format: ://
@@ -2597,6 +2649,7 @@ message NodeSpec {
// If specified, the node's taints.
// +optional
+ // +listType=atomic
repeated Taint taints = 5;
// Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.
@@ -2632,6 +2685,8 @@ message NodeStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated NodeCondition conditions = 4;
// List of addresses reachable to the node.
@@ -2647,6 +2702,8 @@ message NodeStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated NodeAddress addresses = 5;
// Endpoints of daemons running on the Node.
@@ -2660,14 +2717,17 @@ message NodeStatus {
// List of container images on this node
// +optional
+ // +listType=atomic
repeated ContainerImage images = 8;
// List of attachable volumes in use (mounted) by the node.
// +optional
+ // +listType=atomic
repeated string volumesInUse = 9;
// List of volumes that are attached to the node.
// +optional
+ // +listType=atomic
repeated AttachedVolume volumesAttached = 10;
// Status of the config assigned to the node via the dynamic Kubelet config feature.
@@ -2840,7 +2900,7 @@ message PersistentVolumeClaimCondition {
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastTransitionTime = 4;
// reason is a unique, this should be a short, machine understandable string that gives the reason
- // for condition's last transition. If it reports "ResizeStarted" that means the underlying
+ // for condition's last transition. If it reports "Resizing" that means the underlying
// persistent volume is being resized.
// +optional
optional string reason = 5;
@@ -2868,6 +2928,7 @@ message PersistentVolumeClaimSpec {
// accessModes contains the desired access modes the volume should have.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
// +optional
+ // +listType=atomic
repeated string accessModes = 1;
// selector is a label query over volumes to consider for binding.
@@ -2959,6 +3020,7 @@ message PersistentVolumeClaimStatus {
// accessModes contains the actual access modes the volume backing the PVC has.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
// +optional
+ // +listType=atomic
repeated string accessModes = 2;
// capacity represents the actual resources of the underlying volume.
@@ -2966,10 +3028,12 @@ message PersistentVolumeClaimStatus {
map capacity = 3;
// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being
- // resized then the Condition will be set to 'ResizeStarted'.
+ // resized then the Condition will be set to 'Resizing'.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated PersistentVolumeClaimCondition conditions = 4;
// allocatedResources tracks the resources allocated to a PVC including its capacity.
@@ -3217,6 +3281,7 @@ message PersistentVolumeSpec {
// accessModes contains all ways the volume can be mounted.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
// +optional
+ // +listType=atomic
repeated string accessModes = 3;
// claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
@@ -3244,6 +3309,7 @@ message PersistentVolumeSpec {
// simply fail if one is invalid.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
// +optional
+ // +listType=atomic
repeated string mountOptions = 7;
// volumeMode defines if a volume is intended to be used with a formatted filesystem
@@ -3286,7 +3352,7 @@ message PersistentVolumeStatus {
// lastPhaseTransitionTime is the time the phase transitioned from one to another
// and automatically resets to current time everytime a volume phase transitions.
- // This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature.
+ // This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).
// +featureGate=PersistentVolumeLastPhaseTransitionTime
// +optional
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastPhaseTransitionTime = 4;
@@ -3335,6 +3401,7 @@ message PodAffinity {
// When there are multiple elements, the lists of nodes corresponding to each
// podAffinityTerm are intersected, i.e. all terms must be satisfied.
// +optional
+ // +listType=atomic
repeated PodAffinityTerm requiredDuringSchedulingIgnoredDuringExecution = 1;
// The scheduler will prefer to schedule pods to nodes that satisfy
@@ -3347,6 +3414,7 @@ message PodAffinity {
// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
// node(s) with the highest sum are the most preferred.
// +optional
+ // +listType=atomic
repeated WeightedPodAffinityTerm preferredDuringSchedulingIgnoredDuringExecution = 2;
}
@@ -3367,6 +3435,7 @@ message PodAffinityTerm {
// and the ones selected by namespaceSelector.
// null or empty namespaces list and null namespaceSelector means "this pod's namespace".
// +optional
+ // +listType=atomic
repeated string namespaces = 2;
// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
@@ -3386,12 +3455,12 @@ message PodAffinityTerm {
// MatchLabelKeys is a set of pod label keys to select which pods will
// be taken into consideration. The keys are used to lookup values from the
- // incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
+ // incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
// to select the group of existing pods which pods will be taken into consideration
// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
// pod labels will be ignored. The default value is empty.
- // The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
- // Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
+ // The same key is forbidden to exist in both matchLabelKeys and labelSelector.
+ // Also, matchLabelKeys cannot be set when labelSelector isn't set.
// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
// +listType=atomic
// +optional
@@ -3399,12 +3468,12 @@ message PodAffinityTerm {
// MismatchLabelKeys is a set of pod label keys to select which pods will
// be taken into consideration. The keys are used to lookup values from the
- // incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
+ // incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
// to select the group of existing pods which pods will be taken into consideration
// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
// pod labels will be ignored. The default value is empty.
- // The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
- // Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
+ // The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
+ // Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
// +listType=atomic
// +optional
@@ -3421,6 +3490,7 @@ message PodAntiAffinity {
// When there are multiple elements, the lists of nodes corresponding to each
// podAffinityTerm are intersected, i.e. all terms must be satisfied.
// +optional
+ // +listType=atomic
repeated PodAffinityTerm requiredDuringSchedulingIgnoredDuringExecution = 1;
// The scheduler will prefer to schedule pods to nodes that satisfy
@@ -3433,6 +3503,7 @@ message PodAntiAffinity {
// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
// node(s) with the highest sum are the most preferred.
// +optional
+ // +listType=atomic
repeated WeightedPodAffinityTerm preferredDuringSchedulingIgnoredDuringExecution = 2;
}
@@ -3504,12 +3575,14 @@ message PodDNSConfig {
// This will be appended to the base nameservers generated from DNSPolicy.
// Duplicated nameservers will be removed.
// +optional
+ // +listType=atomic
repeated string nameservers = 1;
// A list of DNS search domains for host-name lookup.
// This will be appended to the base search paths generated from DNSPolicy.
// Duplicated search paths will be removed.
// +optional
+ // +listType=atomic
repeated string searches = 2;
// A list of DNS resolver options.
@@ -3517,6 +3590,7 @@ message PodDNSConfig {
// Duplicated entries will be removed. Resolution options given in Options
// will override those that appear in the base DNSPolicy.
// +optional
+ // +listType=atomic
repeated PodDNSConfigOption options = 3;
}
@@ -3558,6 +3632,7 @@ message PodExecOptions {
optional string container = 5;
// Command is the remote command to execute. argv array. Not executed within a shell.
+ // +listType=atomic
repeated string command = 6;
}
@@ -3652,6 +3727,7 @@ message PodPortForwardOptions {
// List of ports to forward
// Required when using WebSockets
// +optional
+ // +listType=atomic
repeated int32 ports = 1;
}
@@ -3760,6 +3836,7 @@ message PodSecurityContext {
// even if they are not included in this list.
// Note that this field cannot be set when spec.os.name is windows.
// +optional
+ // +listType=atomic
repeated int64 supplementalGroups = 4;
// A special supplemental group that applies to all containers in a pod.
@@ -3779,6 +3856,7 @@ message PodSecurityContext {
// sysctls (by the container runtime) might fail to launch.
// Note that this field cannot be set when spec.os.name is windows.
// +optional
+ // +listType=atomic
repeated Sysctl sysctls = 7;
// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
@@ -3812,6 +3890,8 @@ message PodSpec {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge,retainKeys
+ // +listType=map
+ // +listMapKey=name
repeated Volume volumes = 1;
// List of initialization containers belonging to the pod.
@@ -3829,6 +3909,8 @@ message PodSpec {
// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated Container initContainers = 20;
// List of containers belonging to the pod.
@@ -3837,6 +3919,8 @@ message PodSpec {
// Cannot be updated.
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated Container containers = 2;
// List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing
@@ -3846,6 +3930,8 @@ message PodSpec {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated EphemeralContainer ephemeralContainers = 34;
// Restart policy for all containers within the pod.
@@ -3893,7 +3979,7 @@ message PodSpec {
// +optional
optional string serviceAccountName = 8;
- // DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
+ // DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.
// Deprecated: Use serviceAccountName instead.
// +k8s:conversion-gen=false
// +optional
@@ -3948,6 +4034,8 @@ message PodSpec {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated LocalObjectReference imagePullSecrets = 15;
// Specifies the hostname of the Pod
@@ -3971,6 +4059,7 @@ message PodSpec {
// If specified, the pod's tolerations.
// +optional
+ // +listType=atomic
repeated Toleration tolerations = 22;
// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
@@ -3978,6 +4067,8 @@ message PodSpec {
// +optional
// +patchMergeKey=ip
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=ip
repeated HostAlias hostAliases = 23;
// If specified, indicates the pod's priority. "system-node-critical" and
@@ -4008,6 +4099,7 @@ message PodSpec {
// all conditions specified in the readiness gates have status equal to "True"
// More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates
// +optional
+ // +listType=atomic
repeated PodReadinessGate readinessGates = 28;
// RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
@@ -4168,6 +4260,8 @@ message PodStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated PodCondition conditions = 2;
// A human readable message indicating details about why the pod is in this condition.
@@ -4216,6 +4310,8 @@ message PodStatus {
// +optional
// +patchStrategy=merge
// +patchMergeKey=ip
+ // +listType=map
+ // +listMapKey=ip
repeated PodIP podIPs = 12;
// RFC 3339 date and time at which the object was acknowledged by the Kubelet.
@@ -4227,11 +4323,13 @@ message PodStatus {
// init container will have ready = true, the most recently started container will have
// startTime set.
// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
+ // +listType=atomic
repeated ContainerStatus initContainerStatuses = 10;
// The list has one entry per container in the manifest.
// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
// +optional
+ // +listType=atomic
repeated ContainerStatus containerStatuses = 8;
// The Quality of Service (QOS) classification assigned to the pod based on resource requirements
@@ -4242,6 +4340,7 @@ message PodStatus {
// Status for any ephemeral containers that have run in this pod.
// +optional
+ // +listType=atomic
repeated ContainerStatus ephemeralContainerStatuses = 13;
// Status of resources resize desired for pod's containers.
@@ -4459,6 +4558,7 @@ message ProbeHandler {
message ProjectedVolumeSource {
// sources is the list of volume projections
// +optional
+ // +listType=atomic
repeated VolumeProjection sources = 1;
// defaultMode are the mode bits used to set permissions on created files by default.
@@ -4508,6 +4608,7 @@ message QuobyteVolumeSource {
message RBDPersistentVolumeSource {
// monitors is a collection of Ceph monitors.
// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ // +listType=atomic
repeated string monitors = 1;
// image is the rados image name.
@@ -4559,6 +4660,7 @@ message RBDPersistentVolumeSource {
message RBDVolumeSource {
// monitors is a collection of Ceph monitors.
// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ // +listType=atomic
repeated string monitors = 1;
// image is the rados image name.
@@ -4733,6 +4835,8 @@ message ReplicationControllerStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated ReplicationControllerCondition conditions = 6;
}
@@ -4799,6 +4903,7 @@ message ResourceQuotaSpec {
// A collection of filters that must match each object tracked by a quota.
// If not specified, the quota matches all objects.
// +optional
+ // +listType=atomic
repeated string scopes = 2;
// scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota
@@ -4966,6 +5071,7 @@ message ScaleIOVolumeSource {
message ScopeSelector {
// A list of scope selector requirements by scope of the resources.
// +optional
+ // +listType=atomic
repeated ScopedResourceSelectorRequirement matchExpressions = 1;
}
@@ -4984,6 +5090,7 @@ message ScopedResourceSelectorRequirement {
// the values array must be empty.
// This array is replaced during a strategic merge patch.
// +optional
+ // +listType=atomic
repeated string values = 3;
}
@@ -5101,6 +5208,7 @@ message SecretProjection {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
repeated KeyToPath items = 2;
// optional field specify whether the Secret or its key must be defined
@@ -5140,6 +5248,7 @@ message SecretVolumeSource {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
repeated KeyToPath items = 2;
// defaultMode is Optional: mode bits used to set permissions on created files by default.
@@ -5293,6 +5402,8 @@ message ServiceAccount {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated ObjectReference secrets = 2;
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
@@ -5300,6 +5411,7 @@ message ServiceAccount {
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
// More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
// +optional
+ // +listType=atomic
repeated LocalObjectReference imagePullSecrets = 3;
// AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted.
@@ -5520,6 +5632,7 @@ message ServiceSpec {
// at a node with this IP. A common example is external load-balancers
// that are not part of the Kubernetes system.
// +optional
+ // +listType=atomic
repeated string externalIPs = 5;
// Supports "ClientIP" and "None". Used to maintain session affinity.
@@ -5545,6 +5658,7 @@ message ServiceSpec {
// cloud-provider does not support the feature."
// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
// +optional
+ // +listType=atomic
repeated string loadBalancerSourceRanges = 9;
// externalName is the external reference that discovery mechanisms will
@@ -5838,6 +5952,7 @@ message TopologySelectorLabelRequirement {
// An array of string values. One value must match the label to be selected.
// Each entry in Values is ORed.
+ // +listType=atomic
repeated string values = 2;
}
@@ -5850,6 +5965,7 @@ message TopologySelectorLabelRequirement {
message TopologySelectorTerm {
// A list of topology selector requirements by labels.
// +optional
+ // +listType=atomic
repeated TopologySelectorLabelRequirement matchLabelExpressions = 1;
}
diff --git a/vendor/k8s.io/api/core/v1/types.go b/vendor/k8s.io/api/core/v1/types.go
index 1aade3806f..5f70beec9c 100644
--- a/vendor/k8s.io/api/core/v1/types.go
+++ b/vendor/k8s.io/api/core/v1/types.go
@@ -331,6 +331,7 @@ type PersistentVolumeSpec struct {
// accessModes contains all ways the volume can be mounted.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
// +optional
+ // +listType=atomic
AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,3,rep,name=accessModes,casttype=PersistentVolumeAccessMode"`
// claimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
// Expected to be non-nil when bound.
@@ -354,6 +355,7 @@ type PersistentVolumeSpec struct {
// simply fail if one is invalid.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
// +optional
+ // +listType=atomic
MountOptions []string `json:"mountOptions,omitempty" protobuf:"bytes,7,opt,name=mountOptions"`
// volumeMode defines if a volume is intended to be used with a formatted filesystem
// or to remain in raw block state. Value of Filesystem is implied when not included in spec.
@@ -423,7 +425,7 @@ type PersistentVolumeStatus struct {
Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"`
// lastPhaseTransitionTime is the time the phase transitioned from one to another
// and automatically resets to current time everytime a volume phase transitions.
- // This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature.
+ // This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).
// +featureGate=PersistentVolumeLastPhaseTransitionTime
// +optional
LastPhaseTransitionTime *metav1.Time `json:"lastPhaseTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastPhaseTransitionTime"`
@@ -486,6 +488,7 @@ type PersistentVolumeClaimSpec struct {
// accessModes contains the desired access modes the volume should have.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
// +optional
+ // +listType=atomic
AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,1,rep,name=accessModes,casttype=PersistentVolumeAccessMode"`
// selector is a label query over volumes to consider for binding.
// +optional
@@ -660,7 +663,7 @@ type PersistentVolumeClaimCondition struct {
// +optional
LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastTransitionTime"`
// reason is a unique, this should be a short, machine understandable string that gives the reason
- // for condition's last transition. If it reports "ResizeStarted" that means the underlying
+ // for condition's last transition. If it reports "Resizing" that means the underlying
// persistent volume is being resized.
// +optional
Reason string `json:"reason,omitempty" protobuf:"bytes,5,opt,name=reason"`
@@ -677,15 +680,18 @@ type PersistentVolumeClaimStatus struct {
// accessModes contains the actual access modes the volume backing the PVC has.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
// +optional
+ // +listType=atomic
AccessModes []PersistentVolumeAccessMode `json:"accessModes,omitempty" protobuf:"bytes,2,rep,name=accessModes,casttype=PersistentVolumeAccessMode"`
// capacity represents the actual resources of the underlying volume.
// +optional
Capacity ResourceList `json:"capacity,omitempty" protobuf:"bytes,3,rep,name=capacity,casttype=ResourceList,castkey=ResourceName"`
// conditions is the current Condition of persistent volume claim. If underlying persistent volume is being
- // resized then the Condition will be set to 'ResizeStarted'.
+ // resized then the Condition will be set to 'Resizing'.
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []PersistentVolumeClaimCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,4,rep,name=conditions"`
// allocatedResources tracks the resources allocated to a PVC including its capacity.
// Key names follow standard Kubernetes label syntax. Valid values are either:
@@ -921,6 +927,7 @@ type GlusterfsPersistentVolumeSource struct {
type RBDVolumeSource struct {
// monitors is a collection of Ceph monitors.
// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ // +listType=atomic
CephMonitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"`
// image is the rados image name.
// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
@@ -965,6 +972,7 @@ type RBDVolumeSource struct {
type RBDPersistentVolumeSource struct {
// monitors is a collection of Ceph monitors.
// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
+ // +listType=atomic
CephMonitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"`
// image is the rados image name.
// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
@@ -1059,6 +1067,7 @@ type CinderPersistentVolumeSource struct {
type CephFSVolumeSource struct {
// monitors is Required: Monitors is a collection of Ceph monitors
// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ // +listType=atomic
Monitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"`
// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /
// +optional
@@ -1099,6 +1108,7 @@ type SecretReference struct {
type CephFSPersistentVolumeSource struct {
// monitors is Required: Monitors is a collection of Ceph monitors
// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
+ // +listType=atomic
Monitors []string `json:"monitors" protobuf:"bytes,1,rep,name=monitors"`
// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /
// +optional
@@ -1341,6 +1351,7 @@ type SecretVolumeSource struct {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"`
// defaultMode is Optional: mode bits used to set permissions on created files by default.
// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
@@ -1376,6 +1387,7 @@ type SecretProjection struct {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"`
// optional field specify whether the Secret or its key must be defined
// +optional
@@ -1429,6 +1441,7 @@ type ISCSIVolumeSource struct {
// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
// is other than default (typically TCP ports 860 and 3260).
// +optional
+ // +listType=atomic
Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"`
// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
// +optional
@@ -1475,6 +1488,7 @@ type ISCSIPersistentVolumeSource struct {
// portals is the iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port
// is other than default (typically TCP ports 860 and 3260).
// +optional
+ // +listType=atomic
Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"`
// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
// +optional
@@ -1498,6 +1512,7 @@ type ISCSIPersistentVolumeSource struct {
type FCVolumeSource struct {
// targetWWNs is Optional: FC target worldwide names (WWNs)
// +optional
+ // +listType=atomic
TargetWWNs []string `json:"targetWWNs,omitempty" protobuf:"bytes,1,rep,name=targetWWNs"`
// lun is Optional: FC target lun number
// +optional
@@ -1515,6 +1530,7 @@ type FCVolumeSource struct {
// wwids Optional: FC volume world wide identifiers (wwids)
// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
// +optional
+ // +listType=atomic
WWIDs []string `json:"wwids,omitempty" protobuf:"bytes,5,rep,name=wwids"`
}
@@ -1771,6 +1787,7 @@ type ConfigMapVolumeSource struct {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"`
// defaultMode is optional: mode bits used to set permissions on created files by default.
// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
@@ -1807,6 +1824,7 @@ type ConfigMapProjection struct {
// the volume setup will error unless it is marked optional. Paths must be
// relative and may not contain the '..' path or start with '..'.
// +optional
+ // +listType=atomic
Items []KeyToPath `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"`
// optional specify whether the ConfigMap or its keys must be defined
// +optional
@@ -1875,6 +1893,7 @@ type ClusterTrustBundleProjection struct {
type ProjectedVolumeSource struct {
// sources is the list of volume projections
// +optional
+ // +listType=atomic
Sources []VolumeProjection `json:"sources" protobuf:"bytes,1,rep,name=sources"`
// defaultMode are the mode bits used to set permissions on created files by default.
// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
@@ -2347,6 +2366,7 @@ type HTTPGetAction struct {
Scheme URIScheme `json:"scheme,omitempty" protobuf:"bytes,4,opt,name=scheme,casttype=URIScheme"`
// Custom headers to set in the request. HTTP allows repeated headers.
// +optional
+ // +listType=atomic
HTTPHeaders []HTTPHeader `json:"httpHeaders,omitempty" protobuf:"bytes,5,rep,name=httpHeaders"`
}
@@ -2393,6 +2413,7 @@ type ExecAction struct {
// a shell, you need to explicitly call out to that shell.
// Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
// +optional
+ // +listType=atomic
Command []string `json:"command,omitempty" protobuf:"bytes,1,rep,name=command"`
}
@@ -2514,9 +2535,11 @@ type Capability string
type Capabilities struct {
// Added capabilities
// +optional
+ // +listType=atomic
Add []Capability `json:"add,omitempty" protobuf:"bytes,1,rep,name=add,casttype=Capability"`
// Removed capabilities
// +optional
+ // +listType=atomic
Drop []Capability `json:"drop,omitempty" protobuf:"bytes,2,rep,name=drop,casttype=Capability"`
}
@@ -2602,6 +2625,7 @@ type Container struct {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"`
// Arguments to the entrypoint.
// The container image's CMD is used if this is not provided.
@@ -2612,6 +2636,7 @@ type Container struct {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"`
// Container's working directory.
// If not specified, the container runtime's default will be used, which
@@ -2640,12 +2665,15 @@ type Container struct {
// Values defined by an Env with a duplicate key will take precedence.
// Cannot be updated.
// +optional
+ // +listType=atomic
EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"`
// List of environment variables to set in the container.
// Cannot be updated.
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"`
// Compute Resources required by this container.
// Cannot be updated.
@@ -2680,10 +2708,14 @@ type Container struct {
// +optional
// +patchMergeKey=mountPath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=mountPath
VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"`
// volumeDevices is the list of block devices to be used by the container.
// +patchMergeKey=devicePath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=devicePath
// +optional
VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"`
// Periodic probe of container liveness.
@@ -3123,6 +3155,7 @@ const (
// +structType=atomic
type NodeSelector struct {
// Required. A list of node selector terms. The terms are ORed.
+ // +listType=atomic
NodeSelectorTerms []NodeSelectorTerm `json:"nodeSelectorTerms" protobuf:"bytes,1,rep,name=nodeSelectorTerms"`
}
@@ -3133,9 +3166,11 @@ type NodeSelector struct {
type NodeSelectorTerm struct {
// A list of node selector requirements by node's labels.
// +optional
+ // +listType=atomic
MatchExpressions []NodeSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,1,rep,name=matchExpressions"`
// A list of node selector requirements by node's fields.
// +optional
+ // +listType=atomic
MatchFields []NodeSelectorRequirement `json:"matchFields,omitempty" protobuf:"bytes,2,rep,name=matchFields"`
}
@@ -3153,6 +3188,7 @@ type NodeSelectorRequirement struct {
// array must have a single element, which will be interpreted as an integer.
// This array is replaced during a strategic merge patch.
// +optional
+ // +listType=atomic
Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"`
}
@@ -3181,6 +3217,7 @@ type TopologySelectorTerm struct {
// A list of topology selector requirements by labels.
// +optional
+ // +listType=atomic
MatchLabelExpressions []TopologySelectorLabelRequirement `json:"matchLabelExpressions,omitempty" protobuf:"bytes,1,rep,name=matchLabelExpressions"`
}
@@ -3191,6 +3228,7 @@ type TopologySelectorLabelRequirement struct {
Key string `json:"key" protobuf:"bytes,1,opt,name=key"`
// An array of string values. One value must match the label to be selected.
// Each entry in Values is ORed.
+ // +listType=atomic
Values []string `json:"values" protobuf:"bytes,2,rep,name=values"`
}
@@ -3228,6 +3266,7 @@ type PodAffinity struct {
// When there are multiple elements, the lists of nodes corresponding to each
// podAffinityTerm are intersected, i.e. all terms must be satisfied.
// +optional
+ // +listType=atomic
RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,rep,name=requiredDuringSchedulingIgnoredDuringExecution"`
// The scheduler will prefer to schedule pods to nodes that satisfy
// the affinity expressions specified by this field, but it may choose
@@ -3239,6 +3278,7 @@ type PodAffinity struct {
// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
// node(s) with the highest sum are the most preferred.
// +optional
+ // +listType=atomic
PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"`
}
@@ -3263,6 +3303,7 @@ type PodAntiAffinity struct {
// When there are multiple elements, the lists of nodes corresponding to each
// podAffinityTerm are intersected, i.e. all terms must be satisfied.
// +optional
+ // +listType=atomic
RequiredDuringSchedulingIgnoredDuringExecution []PodAffinityTerm `json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,1,rep,name=requiredDuringSchedulingIgnoredDuringExecution"`
// The scheduler will prefer to schedule pods to nodes that satisfy
// the anti-affinity expressions specified by this field, but it may choose
@@ -3274,6 +3315,7 @@ type PodAntiAffinity struct {
// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
// node(s) with the highest sum are the most preferred.
// +optional
+ // +listType=atomic
PreferredDuringSchedulingIgnoredDuringExecution []WeightedPodAffinityTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"`
}
@@ -3302,6 +3344,7 @@ type PodAffinityTerm struct {
// and the ones selected by namespaceSelector.
// null or empty namespaces list and null namespaceSelector means "this pod's namespace".
// +optional
+ // +listType=atomic
Namespaces []string `json:"namespaces,omitempty" protobuf:"bytes,2,rep,name=namespaces"`
// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
// the labelSelector in the specified namespaces, where co-located is defined as running on a node
@@ -3318,24 +3361,24 @@ type PodAffinityTerm struct {
NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty" protobuf:"bytes,4,opt,name=namespaceSelector"`
// MatchLabelKeys is a set of pod label keys to select which pods will
// be taken into consideration. The keys are used to lookup values from the
- // incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
+ // incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
// to select the group of existing pods which pods will be taken into consideration
// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
// pod labels will be ignored. The default value is empty.
- // The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
- // Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
+ // The same key is forbidden to exist in both matchLabelKeys and labelSelector.
+ // Also, matchLabelKeys cannot be set when labelSelector isn't set.
// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
// +listType=atomic
// +optional
MatchLabelKeys []string `json:"matchLabelKeys,omitempty" protobuf:"bytes,5,opt,name=matchLabelKeys"`
// MismatchLabelKeys is a set of pod label keys to select which pods will
// be taken into consideration. The keys are used to lookup values from the
- // incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
+ // incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
// to select the group of existing pods which pods will be taken into consideration
// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
// pod labels will be ignored. The default value is empty.
- // The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
- // Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
+ // The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
+ // Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
// +listType=atomic
// +optional
@@ -3370,6 +3413,7 @@ type NodeAffinity struct {
// "weight" to the sum if the node matches the corresponding matchExpressions; the
// node(s) with the highest sum are the most preferred.
// +optional
+ // +listType=atomic
PreferredDuringSchedulingIgnoredDuringExecution []PreferredSchedulingTerm `json:"preferredDuringSchedulingIgnoredDuringExecution,omitempty" protobuf:"bytes,2,rep,name=preferredDuringSchedulingIgnoredDuringExecution"`
}
@@ -3475,6 +3519,8 @@ type PodSpec struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge,retainKeys
+ // +listType=map
+ // +listMapKey=name
Volumes []Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"`
// List of initialization containers belonging to the pod.
// Init containers are executed in order prior to containers being started. If any
@@ -3491,6 +3537,8 @@ type PodSpec struct {
// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
InitContainers []Container `json:"initContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,20,rep,name=initContainers"`
// List of containers belonging to the pod.
// Containers cannot currently be added or removed.
@@ -3498,6 +3546,8 @@ type PodSpec struct {
// Cannot be updated.
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Containers []Container `json:"containers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"`
// List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing
// pod to perform user-initiated actions such as debugging. This list cannot be specified when
@@ -3506,6 +3556,8 @@ type PodSpec struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
EphemeralContainers []EphemeralContainer `json:"ephemeralContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,34,rep,name=ephemeralContainers"`
// Restart policy for all containers within the pod.
// One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.
@@ -3547,7 +3599,7 @@ type PodSpec struct {
// More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
// +optional
ServiceAccountName string `json:"serviceAccountName,omitempty" protobuf:"bytes,8,opt,name=serviceAccountName"`
- // DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
+ // DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.
// Deprecated: Use serviceAccountName instead.
// +k8s:conversion-gen=false
// +optional
@@ -3595,6 +3647,8 @@ type PodSpec struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,15,rep,name=imagePullSecrets"`
// Specifies the hostname of the Pod
// If not specified, the pod's hostname will be set to a system-defined value.
@@ -3613,12 +3667,15 @@ type PodSpec struct {
SchedulerName string `json:"schedulerName,omitempty" protobuf:"bytes,19,opt,name=schedulerName"`
// If specified, the pod's tolerations.
// +optional
+ // +listType=atomic
Tolerations []Toleration `json:"tolerations,omitempty" protobuf:"bytes,22,opt,name=tolerations"`
// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
// file if specified. This is only valid for non-hostNetwork pods.
// +optional
// +patchMergeKey=ip
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=ip
HostAliases []HostAlias `json:"hostAliases,omitempty" patchStrategy:"merge" patchMergeKey:"ip" protobuf:"bytes,23,rep,name=hostAliases"`
// If specified, indicates the pod's priority. "system-node-critical" and
// "system-cluster-critical" are two special keywords which indicate the
@@ -3645,6 +3702,7 @@ type PodSpec struct {
// all conditions specified in the readiness gates have status equal to "True"
// More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates
// +optional
+ // +listType=atomic
ReadinessGates []PodReadinessGate `json:"readinessGates,omitempty" protobuf:"bytes,28,opt,name=readinessGates"`
// RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
// to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.
@@ -4001,6 +4059,7 @@ type HostAlias struct {
// IP address of the host file entry.
IP string `json:"ip,omitempty" protobuf:"bytes,1,opt,name=ip"`
// Hostnames for the above IP address.
+ // +listType=atomic
Hostnames []string `json:"hostnames,omitempty" protobuf:"bytes,2,rep,name=hostnames"`
}
@@ -4071,6 +4130,7 @@ type PodSecurityContext struct {
// even if they are not included in this list.
// Note that this field cannot be set when spec.os.name is windows.
// +optional
+ // +listType=atomic
SupplementalGroups []int64 `json:"supplementalGroups,omitempty" protobuf:"varint,4,rep,name=supplementalGroups"`
// A special supplemental group that applies to all containers in a pod.
// Some volume types allow the Kubelet to change the ownership of that volume
@@ -4088,6 +4148,7 @@ type PodSecurityContext struct {
// sysctls (by the container runtime) might fail to launch.
// Note that this field cannot be set when spec.os.name is windows.
// +optional
+ // +listType=atomic
Sysctls []Sysctl `json:"sysctls,omitempty" protobuf:"bytes,7,rep,name=sysctls"`
// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
// before being exposed inside Pod. This field will only apply to
@@ -4158,17 +4219,20 @@ type PodDNSConfig struct {
// This will be appended to the base nameservers generated from DNSPolicy.
// Duplicated nameservers will be removed.
// +optional
+ // +listType=atomic
Nameservers []string `json:"nameservers,omitempty" protobuf:"bytes,1,rep,name=nameservers"`
// A list of DNS search domains for host-name lookup.
// This will be appended to the base search paths generated from DNSPolicy.
// Duplicated search paths will be removed.
// +optional
+ // +listType=atomic
Searches []string `json:"searches,omitempty" protobuf:"bytes,2,rep,name=searches"`
// A list of DNS resolver options.
// This will be merged with the base options generated from DNSPolicy.
// Duplicated entries will be removed. Resolution options given in Options
// will override those that appear in the base DNSPolicy.
// +optional
+ // +listType=atomic
Options []PodDNSConfigOption `json:"options,omitempty" protobuf:"bytes,3,rep,name=options"`
}
@@ -4212,6 +4276,7 @@ type EphemeralContainerCommon struct {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"`
// Arguments to the entrypoint.
// The image's CMD is used if this is not provided.
@@ -4222,6 +4287,7 @@ type EphemeralContainerCommon struct {
// of whether the variable exists or not. Cannot be updated.
// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
// +optional
+ // +listType=atomic
Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"`
// Container's working directory.
// If not specified, the container runtime's default will be used, which
@@ -4244,12 +4310,15 @@ type EphemeralContainerCommon struct {
// Values defined by an Env with a duplicate key will take precedence.
// Cannot be updated.
// +optional
+ // +listType=atomic
EnvFrom []EnvFromSource `json:"envFrom,omitempty" protobuf:"bytes,19,rep,name=envFrom"`
// List of environment variables to set in the container.
// Cannot be updated.
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Env []EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"`
// Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources
// already allocated to the pod.
@@ -4272,10 +4341,14 @@ type EphemeralContainerCommon struct {
// +optional
// +patchMergeKey=mountPath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=mountPath
VolumeMounts []VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"`
// volumeDevices is the list of block devices to be used by the container.
// +patchMergeKey=devicePath
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=devicePath
// +optional
VolumeDevices []VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"`
// Probes are not allowed for ephemeral containers.
@@ -4401,6 +4474,8 @@ type PodStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []PodCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"`
// A human readable message indicating details about why the pod is in this condition.
// +optional
@@ -4446,6 +4521,8 @@ type PodStatus struct {
// +optional
// +patchStrategy=merge
// +patchMergeKey=ip
+ // +listType=map
+ // +listMapKey=ip
PodIPs []PodIP `json:"podIPs,omitempty" protobuf:"bytes,12,rep,name=podIPs" patchStrategy:"merge" patchMergeKey:"ip"`
// RFC 3339 date and time at which the object was acknowledged by the Kubelet.
@@ -4457,11 +4534,13 @@ type PodStatus struct {
// init container will have ready = true, the most recently started container will have
// startTime set.
// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
+ // +listType=atomic
InitContainerStatuses []ContainerStatus `json:"initContainerStatuses,omitempty" protobuf:"bytes,10,rep,name=initContainerStatuses"`
// The list has one entry per container in the manifest.
// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
// +optional
+ // +listType=atomic
ContainerStatuses []ContainerStatus `json:"containerStatuses,omitempty" protobuf:"bytes,8,rep,name=containerStatuses"`
// The Quality of Service (QOS) classification assigned to the pod based on resource requirements
// See PodQOSClass type for available QOS classes
@@ -4470,6 +4549,7 @@ type PodStatus struct {
QOSClass PodQOSClass `json:"qosClass,omitempty" protobuf:"bytes,9,rep,name=qosClass"`
// Status for any ephemeral containers that have run in this pod.
// +optional
+ // +listType=atomic
EphemeralContainerStatuses []ContainerStatus `json:"ephemeralContainerStatuses,omitempty" protobuf:"bytes,13,rep,name=ephemeralContainerStatuses"`
// Status of resources resize desired for pod's containers.
@@ -4658,6 +4738,8 @@ type ReplicationControllerStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []ReplicationControllerCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
}
@@ -4859,6 +4941,7 @@ type LoadBalancerStatus struct {
// Ingress is a list containing ingress points for the load-balancer.
// Traffic intended for the service should be sent to these ingress points.
// +optional
+ // +listType=atomic
Ingress []LoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"`
}
@@ -5024,6 +5107,7 @@ type ServiceSpec struct {
// at a node with this IP. A common example is external load-balancers
// that are not part of the Kubernetes system.
// +optional
+ // +listType=atomic
ExternalIPs []string `json:"externalIPs,omitempty" protobuf:"bytes,5,rep,name=externalIPs"`
// Supports "ClientIP" and "None". Used to maintain session affinity.
@@ -5049,6 +5133,7 @@ type ServiceSpec struct {
// cloud-provider does not support the feature."
// More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
// +optional
+ // +listType=atomic
LoadBalancerSourceRanges []string `json:"loadBalancerSourceRanges,omitempty" protobuf:"bytes,9,opt,name=loadBalancerSourceRanges"`
// externalName is the external reference that discovery mechanisms will
@@ -5303,6 +5388,8 @@ type ServiceAccount struct {
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Secrets []ObjectReference `json:"secrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=secrets"`
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
@@ -5310,6 +5397,7 @@ type ServiceAccount struct {
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
// More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
// +optional
+ // +listType=atomic
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" protobuf:"bytes,3,rep,name=imagePullSecrets"`
// AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted.
@@ -5364,6 +5452,7 @@ type Endpoints struct {
// NotReadyAddresses in the same subset.
// Sets of addresses and ports that comprise a service.
// +optional
+ // +listType=atomic
Subsets []EndpointSubset `json:"subsets,omitempty" protobuf:"bytes,2,rep,name=subsets"`
}
@@ -5384,14 +5473,17 @@ type EndpointSubset struct {
// IP addresses which offer the related ports that are marked as ready. These endpoints
// should be considered safe for load balancers and clients to utilize.
// +optional
+ // +listType=atomic
Addresses []EndpointAddress `json:"addresses,omitempty" protobuf:"bytes,1,rep,name=addresses"`
// IP addresses which offer the related ports but are not currently marked as ready
// because they have not yet finished starting, have recently failed a readiness check,
// or have recently failed a liveness check.
// +optional
+ // +listType=atomic
NotReadyAddresses []EndpointAddress `json:"notReadyAddresses,omitempty" protobuf:"bytes,2,rep,name=notReadyAddresses"`
// Port numbers available on the related IP addresses.
// +optional
+ // +listType=atomic
Ports []EndpointPort `json:"ports,omitempty" protobuf:"bytes,3,rep,name=ports"`
}
@@ -5476,6 +5568,7 @@ type NodeSpec struct {
// each of IPv4 and IPv6.
// +optional
// +patchStrategy=merge
+ // +listType=set
PodCIDRs []string `json:"podCIDRs,omitempty" protobuf:"bytes,7,opt,name=podCIDRs" patchStrategy:"merge"`
// ID of the node assigned by the cloud provider in the format: ://
@@ -5487,6 +5580,7 @@ type NodeSpec struct {
Unschedulable bool `json:"unschedulable,omitempty" protobuf:"varint,4,opt,name=unschedulable"`
// If specified, the node's taints.
// +optional
+ // +listType=atomic
Taints []Taint `json:"taints,omitempty" protobuf:"bytes,5,opt,name=taints"`
// Deprecated: Previously used to specify the source of the node's configuration for the DynamicKubeletConfig feature. This feature is removed.
@@ -5657,6 +5751,8 @@ type NodeStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []NodeCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,4,rep,name=conditions"`
// List of addresses reachable to the node.
// Queried from cloud provider, if available.
@@ -5671,6 +5767,8 @@ type NodeStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Addresses []NodeAddress `json:"addresses,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,5,rep,name=addresses"`
// Endpoints of daemons running on the Node.
// +optional
@@ -5681,12 +5779,15 @@ type NodeStatus struct {
NodeInfo NodeSystemInfo `json:"nodeInfo,omitempty" protobuf:"bytes,7,opt,name=nodeInfo"`
// List of container images on this node
// +optional
+ // +listType=atomic
Images []ContainerImage `json:"images,omitempty" protobuf:"bytes,8,rep,name=images"`
// List of attachable volumes in use (mounted) by the node.
// +optional
+ // +listType=atomic
VolumesInUse []UniqueVolumeName `json:"volumesInUse,omitempty" protobuf:"bytes,9,rep,name=volumesInUse"`
// List of volumes that are attached to the node.
// +optional
+ // +listType=atomic
VolumesAttached []AttachedVolume `json:"volumesAttached,omitempty" protobuf:"bytes,10,rep,name=volumesAttached"`
// Status of the config assigned to the node via the dynamic Kubelet config feature.
// +optional
@@ -5711,6 +5812,7 @@ type AvoidPods struct {
// Bounded-sized list of signatures of pods that should avoid this node, sorted
// in timestamp order from oldest to newest. Size of the slice is unspecified.
// +optional
+ // +listType=atomic
PreferAvoidPods []PreferAvoidPodsEntry `json:"preferAvoidPods,omitempty" protobuf:"bytes,1,rep,name=preferAvoidPods"`
}
@@ -5742,6 +5844,7 @@ type ContainerImage struct {
// Names by which this image is known.
// e.g. ["kubernetes.example/hyperkube:v1.0.7", "cloud-vendor.registry.example/cloud-vendor/hyperkube:v1.0.7"]
// +optional
+ // +listType=atomic
Names []string `json:"names" protobuf:"bytes,1,rep,name=names"`
// The size of the image in bytes.
// +optional
@@ -5764,8 +5867,7 @@ const (
type NodeConditionType string
// These are valid but not exhaustive conditions of node. A cloud provider may set a condition not listed here.
-// The built-in set of conditions are:
-// NodeReachable, NodeLive, NodeReady, NodeSchedulable, NodeRunnable.
+// Relevant events contain "NodeReady", "NodeNotReady", "NodeSchedulable", and "NodeNotSchedulable".
const (
// NodeReady means kubelet is healthy and ready to accept pods.
NodeReady NodeConditionType = "Ready"
@@ -5867,7 +5969,6 @@ const (
// Volume size, in bytes (e,g. 5Gi = 5GiB = 5 * 1024 * 1024 * 1024)
ResourceStorage ResourceName = "storage"
// Local ephemeral storage, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
- // The resource name for ResourceEphemeralStorage is alpha and it can change across releases.
ResourceEphemeralStorage ResourceName = "ephemeral-storage"
)
@@ -5937,6 +6038,7 @@ type NamespaceSpec struct {
// Finalizers is an opaque list of values that must be empty to permanently remove object from storage.
// More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
// +optional
+ // +listType=atomic
Finalizers []FinalizerName `json:"finalizers,omitempty" protobuf:"bytes,1,rep,name=finalizers,casttype=FinalizerName"`
}
@@ -5951,6 +6053,8 @@ type NamespaceStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []NamespaceCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"`
}
@@ -6188,6 +6292,7 @@ type PodExecOptions struct {
Container string `json:"container,omitempty" protobuf:"bytes,5,opt,name=container"`
// Command is the remote command to execute. argv array. Not executed within a shell.
+ // +listType=atomic
Command []string `json:"command" protobuf:"bytes,6,rep,name=command"`
}
@@ -6206,6 +6311,7 @@ type PodPortForwardOptions struct {
// List of ports to forward
// Required when using WebSockets
// +optional
+ // +listType=atomic
Ports []int32 `json:"ports,omitempty" protobuf:"varint,1,rep,name=ports"`
}
@@ -6499,6 +6605,7 @@ type LimitRangeItem struct {
// LimitRangeSpec defines a min/max usage limit for resources that match on kind.
type LimitRangeSpec struct {
// Limits is the list of LimitRangeItem objects that are enforced.
+ // +listType=atomic
Limits []LimitRangeItem `json:"limits" protobuf:"bytes,1,rep,name=limits"`
}
@@ -6607,6 +6714,7 @@ type ResourceQuotaSpec struct {
// A collection of filters that must match each object tracked by a quota.
// If not specified, the quota matches all objects.
// +optional
+ // +listType=atomic
Scopes []ResourceQuotaScope `json:"scopes,omitempty" protobuf:"bytes,2,rep,name=scopes,casttype=ResourceQuotaScope"`
// scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota
// but expressed using ScopeSelectorOperator in combination with possible values.
@@ -6621,6 +6729,7 @@ type ResourceQuotaSpec struct {
type ScopeSelector struct {
// A list of scope selector requirements by scope of the resources.
// +optional
+ // +listType=atomic
MatchExpressions []ScopedResourceSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,1,rep,name=matchExpressions"`
}
@@ -6637,6 +6746,7 @@ type ScopedResourceSelectorRequirement struct {
// the values array must be empty.
// This array is replaced during a strategic merge patch.
// +optional
+ // +listType=atomic
Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"`
}
@@ -6936,6 +7046,8 @@ type ComponentStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []ComponentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,2,rep,name=conditions"`
}
@@ -6959,6 +7071,7 @@ type ComponentStatusList struct {
type DownwardAPIVolumeSource struct {
// Items is a list of downward API volume file
// +optional
+ // +listType=atomic
Items []DownwardAPIVolumeFile `json:"items,omitempty" protobuf:"bytes,1,rep,name=items"`
// Optional: mode bits to use on created files by default. Must be a
// Optional: mode bits used to set permissions on created files by default.
@@ -7003,6 +7116,7 @@ type DownwardAPIVolumeFile struct {
type DownwardAPIProjection struct {
// Items is a list of DownwardAPIVolume file
// +optional
+ // +listType=atomic
Items []DownwardAPIVolumeFile `json:"items,omitempty" protobuf:"bytes,1,rep,name=items"`
}
diff --git a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
index 01152a0964..2d0544b3b0 100644
--- a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go
@@ -1345,7 +1345,7 @@ var map_PersistentVolumeClaimCondition = map[string]string{
"": "PersistentVolumeClaimCondition contains details about state of pvc",
"lastProbeTime": "lastProbeTime is the time we probed the condition.",
"lastTransitionTime": "lastTransitionTime is the time the condition transitioned from one status to another.",
- "reason": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"ResizeStarted\" that means the underlying persistent volume is being resized.",
+ "reason": "reason is a unique, this should be a short, machine understandable string that gives the reason for condition's last transition. If it reports \"Resizing\" that means the underlying persistent volume is being resized.",
"message": "message is the human-readable message indicating details about last transition.",
}
@@ -1385,7 +1385,7 @@ var map_PersistentVolumeClaimStatus = map[string]string{
"phase": "phase represents the current phase of PersistentVolumeClaim.",
"accessModes": "accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1",
"capacity": "capacity represents the actual resources of the underlying volume.",
- "conditions": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'ResizeStarted'.",
+ "conditions": "conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to 'Resizing'.",
"allocatedResources": "allocatedResources tracks the resources allocated to a PVC including its capacity. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nCapacity reported here may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity.\n\nA controller that receives PVC update with previously unknown resourceName should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.",
"allocatedResourceStatuses": "allocatedResourceStatuses stores status of resource being resized for the given PVC. Key names follow standard Kubernetes label syntax. Valid values are either:\n\t* Un-prefixed keys:\n\t\t- storage - the capacity of the volume.\n\t* Custom resources must use implementation-defined prefixed names such as \"example.com/my-custom-resource\"\nApart from above values - keys that are unprefixed or have kubernetes.io prefix are considered reserved and hence may not be used.\n\nClaimResourceStatus can be in any of following states:\n\t- ControllerResizeInProgress:\n\t\tState set when resize controller starts resizing the volume in control-plane.\n\t- ControllerResizeFailed:\n\t\tState set when resize has failed in resize controller with a terminal error.\n\t- NodeResizePending:\n\t\tState set when resize controller has finished resizing the volume but further resizing of\n\t\tvolume is needed on the node.\n\t- NodeResizeInProgress:\n\t\tState set when kubelet starts resizing the volume.\n\t- NodeResizeFailed:\n\t\tState set when resizing has failed in kubelet with a terminal error. Transient errors don't set\n\t\tNodeResizeFailed.\nFor example: if expanding a PVC for more capacity - this field can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] = \"NodeResizeFailed\"\nWhen this field is not set, it means that no resize operation is in progress for the given PVC.\n\nA controller that receives PVC update with previously unknown resourceName or ClaimResourceStatus should ignore the update for the purpose it was designed. For example - a controller that only is responsible for resizing capacity of the volume, should ignore PVC updates that change other valid resources associated with PVC.\n\nThis is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.",
"currentVolumeAttributesClassName": "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim This is an alpha field and requires enabling VolumeAttributesClass feature.",
@@ -1478,7 +1478,7 @@ var map_PersistentVolumeStatus = map[string]string{
"phase": "phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase",
"message": "message is a human-readable message indicating details about why the volume is in this state.",
"reason": "reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.",
- "lastPhaseTransitionTime": "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature.",
+ "lastPhaseTransitionTime": "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).",
}
func (PersistentVolumeStatus) SwaggerDoc() map[string]string {
@@ -1522,8 +1522,8 @@ var map_PodAffinityTerm = map[string]string{
"namespaces": "namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means \"this pod's namespace\".",
"topologyKey": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.",
"namespaceSelector": "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means \"this pod's namespace\". An empty selector ({}) matches all namespaces.",
- "matchLabelKeys": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- "mismatchLabelKeys": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ "matchLabelKeys": "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ "mismatchLabelKeys": "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
}
func (PodAffinityTerm) SwaggerDoc() map[string]string {
@@ -1741,7 +1741,7 @@ var map_PodSpec = map[string]string{
"dnsPolicy": "Set DNS policy for the pod. Defaults to \"ClusterFirst\". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.",
"nodeSelector": "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/",
"serviceAccountName": "ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/",
- "serviceAccount": "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.",
+ "serviceAccount": "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.",
"automountServiceAccountToken": "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.",
"nodeName": "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.",
"hostNetwork": "Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.",
diff --git a/vendor/k8s.io/api/extensions/v1beta1/generated.proto b/vendor/k8s.io/api/extensions/v1beta1/generated.proto
index 3f2549681e..60effc8f71 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/extensions/v1beta1/generated.proto
@@ -176,6 +176,8 @@ message DaemonSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DaemonSetCondition conditions = 10;
}
@@ -343,6 +345,8 @@ message DeploymentStatus {
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated DeploymentCondition conditions = 6;
// Count of hash collisions for the Deployment. The Deployment controller uses this
@@ -406,6 +410,7 @@ message HTTPIngressPath {
// or '#'.
message HTTPIngressRuleValue {
// A collection of paths that map requests to backends.
+ // +listType=atomic
repeated HTTPIngressPath paths = 1;
}
@@ -422,6 +427,7 @@ message IPBlock {
// Valid examples are "192.168.1.0/24" or "2001:db8::/64"
// Except values will be rejected if they are outside the CIDR range
// +optional
+ // +listType=atomic
repeated string except = 2;
}
@@ -495,6 +501,7 @@ message IngressLoadBalancerIngress {
message IngressLoadBalancerStatus {
// Ingress is a list containing ingress points for the load-balancer.
// +optional
+ // +listType=atomic
repeated IngressLoadBalancerIngress ingress = 1;
}
@@ -602,11 +609,13 @@ message IngressSpec {
// through the SNI TLS extension, if the ingress controller fulfilling the
// ingress supports SNI.
// +optional
+ // +listType=atomic
repeated IngressTLS tls = 2;
// A list of host rules used to configure the Ingress. If unspecified, or
// no rule matches, all traffic is sent to the default backend.
// +optional
+ // +listType=atomic
repeated IngressRule rules = 3;
}
@@ -624,6 +633,7 @@ message IngressTLS {
// wildcard host setting for the loadbalancer controller fulfilling this
// Ingress, if left unspecified.
// +optional
+ // +listType=atomic
repeated string hosts = 1;
// SecretName is the name of the secret used to terminate SSL traffic on 443.
@@ -659,6 +669,7 @@ message NetworkPolicyEgressRule {
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPort ports = 1;
// List of destinations for outgoing traffic of pods selected for this rule.
@@ -667,6 +678,7 @@ message NetworkPolicyEgressRule {
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPeer to = 2;
}
@@ -679,6 +691,7 @@ message NetworkPolicyIngressRule {
// If this field is present and contains at least one item, then this rule allows traffic
// only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPort ports = 1;
// List of sources which should be able to access the pods selected for this rule.
@@ -687,6 +700,7 @@ message NetworkPolicyIngressRule {
// If this field is present and contains at least one item, this rule allows traffic only if the
// traffic matches at least one item in the from list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPeer from = 2;
}
@@ -767,6 +781,7 @@ message NetworkPolicySpec {
// If this field is empty then this NetworkPolicy does not allow any traffic
// (and serves solely to ensure that the pods it selects are isolated by default).
// +optional
+ // +listType=atomic
repeated NetworkPolicyIngressRule ingress = 2;
// List of egress rules to be applied to the selected pods. Outgoing traffic is
@@ -777,6 +792,7 @@ message NetworkPolicySpec {
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
repeated NetworkPolicyEgressRule egress = 3;
// List of rule types that the NetworkPolicy relates to.
@@ -790,6 +806,7 @@ message NetworkPolicySpec {
// an Egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
repeated string policyTypes = 4;
}
@@ -905,6 +922,8 @@ message ReplicaSetStatus {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
repeated ReplicaSetCondition conditions = 6;
}
diff --git a/vendor/k8s.io/api/extensions/v1beta1/types.go b/vendor/k8s.io/api/extensions/v1beta1/types.go
index 70b349f654..cc2deadac0 100644
--- a/vendor/k8s.io/api/extensions/v1beta1/types.go
+++ b/vendor/k8s.io/api/extensions/v1beta1/types.go
@@ -270,6 +270,8 @@ type DeploymentStatus struct {
// Represents the latest available observations of a deployment's current state.
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DeploymentCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
// Count of hash collisions for the Deployment. The Deployment controller uses this
@@ -490,6 +492,8 @@ type DaemonSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []DaemonSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,10,rep,name=conditions"`
}
@@ -652,11 +656,13 @@ type IngressSpec struct {
// through the SNI TLS extension, if the ingress controller fulfilling the
// ingress supports SNI.
// +optional
+ // +listType=atomic
TLS []IngressTLS `json:"tls,omitempty" protobuf:"bytes,2,rep,name=tls"`
// A list of host rules used to configure the Ingress. If unspecified, or
// no rule matches, all traffic is sent to the default backend.
// +optional
+ // +listType=atomic
Rules []IngressRule `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
// TODO: Add the ability to specify load-balancer IP through claims
}
@@ -668,6 +674,7 @@ type IngressTLS struct {
// wildcard host setting for the loadbalancer controller fulfilling this
// Ingress, if left unspecified.
// +optional
+ // +listType=atomic
Hosts []string `json:"hosts,omitempty" protobuf:"bytes,1,rep,name=hosts"`
// SecretName is the name of the secret used to terminate SSL traffic on 443.
// Field is left optional to allow SSL routing based on SNI hostname alone.
@@ -690,6 +697,7 @@ type IngressStatus struct {
type IngressLoadBalancerStatus struct {
// Ingress is a list containing ingress points for the load-balancer.
// +optional
+ // +listType=atomic
Ingress []IngressLoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"`
}
@@ -797,6 +805,7 @@ type IngressRuleValue struct {
// or '#'.
type HTTPIngressRuleValue struct {
// A collection of paths that map requests to backends.
+ // +listType=atomic
Paths []HTTPIngressPath `json:"paths" protobuf:"bytes,1,rep,name=paths"`
// TODO: Consider adding fields for ingress-type specific global
// options usable by a loadbalancer, like http keep-alive.
@@ -991,6 +1000,8 @@ type ReplicaSetStatus struct {
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=type
Conditions []ReplicaSetCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,6,rep,name=conditions"`
}
@@ -1076,6 +1087,7 @@ type NetworkPolicySpec struct {
// If this field is empty then this NetworkPolicy does not allow any traffic
// (and serves solely to ensure that the pods it selects are isolated by default).
// +optional
+ // +listType=atomic
Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty" protobuf:"bytes,2,rep,name=ingress"`
// List of egress rules to be applied to the selected pods. Outgoing traffic is
@@ -1086,6 +1098,7 @@ type NetworkPolicySpec struct {
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"`
// List of rule types that the NetworkPolicy relates to.
@@ -1099,6 +1112,7 @@ type NetworkPolicySpec struct {
// an Egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
PolicyTypes []PolicyType `json:"policyTypes,omitempty" protobuf:"bytes,4,rep,name=policyTypes,casttype=PolicyType"`
}
@@ -1111,6 +1125,7 @@ type NetworkPolicyIngressRule struct {
// If this field is present and contains at least one item, then this rule allows traffic
// only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
// List of sources which should be able to access the pods selected for this rule.
@@ -1119,6 +1134,7 @@ type NetworkPolicyIngressRule struct {
// If this field is present and contains at least one item, this rule allows traffic only if the
// traffic matches at least one item in the from list.
// +optional
+ // +listType=atomic
From []NetworkPolicyPeer `json:"from,omitempty" protobuf:"bytes,2,rep,name=from"`
}
@@ -1133,6 +1149,7 @@ type NetworkPolicyEgressRule struct {
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
// List of destinations for outgoing traffic of pods selected for this rule.
@@ -1141,6 +1158,7 @@ type NetworkPolicyEgressRule struct {
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
+ // +listType=atomic
To []NetworkPolicyPeer `json:"to,omitempty" protobuf:"bytes,2,rep,name=to"`
}
@@ -1178,6 +1196,7 @@ type IPBlock struct {
// Valid examples are "192.168.1.0/24" or "2001:db8::/64"
// Except values will be rejected if they are outside the CIDR range
// +optional
+ // +listType=atomic
Except []string `json:"except,omitempty" protobuf:"bytes,2,rep,name=except"`
}
diff --git a/vendor/k8s.io/api/networking/v1/generated.proto b/vendor/k8s.io/api/networking/v1/generated.proto
index b50dd491e0..22a9085a54 100644
--- a/vendor/k8s.io/api/networking/v1/generated.proto
+++ b/vendor/k8s.io/api/networking/v1/generated.proto
@@ -84,6 +84,7 @@ message IPBlock {
// Valid examples are "192.168.1.0/24" or "2001:db8::/64"
// Except values will be rejected if they are outside the cidr range
// +optional
+ // +listType=atomic
repeated string except = 2;
}
@@ -225,6 +226,7 @@ message IngressLoadBalancerIngress {
message IngressLoadBalancerStatus {
// ingress is a list containing ingress points for the load-balancer.
// +optional
+ // +listType=atomic
repeated IngressLoadBalancerIngress ingress = 1;
}
@@ -396,6 +398,7 @@ message NetworkPolicyEgressRule {
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPort ports = 1;
// to is a list of destinations for outgoing traffic of pods selected for this rule.
@@ -404,6 +407,7 @@ message NetworkPolicyEgressRule {
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPeer to = 2;
}
@@ -416,6 +420,7 @@ message NetworkPolicyIngressRule {
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPort ports = 1;
// from is a list of sources which should be able to access the pods selected for this rule.
@@ -424,6 +429,7 @@ message NetworkPolicyIngressRule {
// source). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the from list.
// +optional
+ // +listType=atomic
repeated NetworkPolicyPeer from = 2;
}
@@ -505,6 +511,7 @@ message NetworkPolicySpec {
// this field is empty then this NetworkPolicy does not allow any traffic (and serves
// solely to ensure that the pods it selects are isolated by default)
// +optional
+ // +listType=atomic
repeated NetworkPolicyIngressRule ingress = 2;
// egress is a list of egress rules to be applied to the selected pods. Outgoing traffic
@@ -515,6 +522,7 @@ message NetworkPolicySpec {
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
repeated NetworkPolicyEgressRule egress = 3;
// policyTypes is a list of rule types that the NetworkPolicy relates to.
@@ -528,6 +536,7 @@ message NetworkPolicySpec {
// an egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
repeated string policyTypes = 4;
}
diff --git a/vendor/k8s.io/api/networking/v1/types.go b/vendor/k8s.io/api/networking/v1/types.go
index a17e2cb5b3..8ee62918b0 100644
--- a/vendor/k8s.io/api/networking/v1/types.go
+++ b/vendor/k8s.io/api/networking/v1/types.go
@@ -74,6 +74,7 @@ type NetworkPolicySpec struct {
// this field is empty then this NetworkPolicy does not allow any traffic (and serves
// solely to ensure that the pods it selects are isolated by default)
// +optional
+ // +listType=atomic
Ingress []NetworkPolicyIngressRule `json:"ingress,omitempty" protobuf:"bytes,2,rep,name=ingress"`
// egress is a list of egress rules to be applied to the selected pods. Outgoing traffic
@@ -84,6 +85,7 @@ type NetworkPolicySpec struct {
// solely to ensure that the pods it selects are isolated by default).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
Egress []NetworkPolicyEgressRule `json:"egress,omitempty" protobuf:"bytes,3,rep,name=egress"`
// policyTypes is a list of rule types that the NetworkPolicy relates to.
@@ -97,6 +99,7 @@ type NetworkPolicySpec struct {
// an egress section and would otherwise default to just [ "Ingress" ]).
// This field is beta-level in 1.8
// +optional
+ // +listType=atomic
PolicyTypes []PolicyType `json:"policyTypes,omitempty" protobuf:"bytes,4,rep,name=policyTypes,casttype=PolicyType"`
}
@@ -109,6 +112,7 @@ type NetworkPolicyIngressRule struct {
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
// from is a list of sources which should be able to access the pods selected for this rule.
@@ -117,6 +121,7 @@ type NetworkPolicyIngressRule struct {
// source). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the from list.
// +optional
+ // +listType=atomic
From []NetworkPolicyPeer `json:"from,omitempty" protobuf:"bytes,2,rep,name=from"`
}
@@ -130,6 +135,7 @@ type NetworkPolicyEgressRule struct {
// If this field is present and contains at least one item, then this rule allows
// traffic only if the traffic matches at least one port in the list.
// +optional
+ // +listType=atomic
Ports []NetworkPolicyPort `json:"ports,omitempty" protobuf:"bytes,1,rep,name=ports"`
// to is a list of destinations for outgoing traffic of pods selected for this rule.
@@ -138,6 +144,7 @@ type NetworkPolicyEgressRule struct {
// destination). If this field is present and contains at least one item, this rule
// allows traffic only if the traffic matches at least one item in the to list.
// +optional
+ // +listType=atomic
To []NetworkPolicyPeer `json:"to,omitempty" protobuf:"bytes,2,rep,name=to"`
}
@@ -175,6 +182,7 @@ type IPBlock struct {
// Valid examples are "192.168.1.0/24" or "2001:db8::/64"
// Except values will be rejected if they are outside the cidr range
// +optional
+ // +listType=atomic
Except []string `json:"except,omitempty" protobuf:"bytes,2,rep,name=except"`
}
@@ -329,6 +337,7 @@ type IngressStatus struct {
type IngressLoadBalancerStatus struct {
// ingress is a list containing ingress points for the load-balancer.
// +optional
+ // +listType=atomic
Ingress []IngressLoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"`
}
diff --git a/vendor/k8s.io/api/networking/v1alpha1/generated.proto b/vendor/k8s.io/api/networking/v1alpha1/generated.proto
index fb7971745d..8914fffcf8 100644
--- a/vendor/k8s.io/api/networking/v1alpha1/generated.proto
+++ b/vendor/k8s.io/api/networking/v1alpha1/generated.proto
@@ -121,6 +121,7 @@ message ServiceCIDRSpec {
// from which to assign service cluster IPs. Max of two CIDRs is allowed, one of each IP family.
// This field is immutable.
// +optional
+ // +listType=atomic
repeated string cidrs = 1;
}
diff --git a/vendor/k8s.io/api/networking/v1alpha1/types.go b/vendor/k8s.io/api/networking/v1alpha1/types.go
index 9d56ca193e..bcdc33b459 100644
--- a/vendor/k8s.io/api/networking/v1alpha1/types.go
+++ b/vendor/k8s.io/api/networking/v1alpha1/types.go
@@ -111,6 +111,7 @@ type ServiceCIDRSpec struct {
// from which to assign service cluster IPs. Max of two CIDRs is allowed, one of each IP family.
// This field is immutable.
// +optional
+ // +listType=atomic
CIDRs []string `json:"cidrs,omitempty" protobuf:"bytes,1,opt,name=cidrs"`
}
diff --git a/vendor/k8s.io/api/networking/v1beta1/generated.proto b/vendor/k8s.io/api/networking/v1beta1/generated.proto
index 46bb7f66f2..f36df9ec19 100644
--- a/vendor/k8s.io/api/networking/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/networking/v1beta1/generated.proto
@@ -69,6 +69,7 @@ message HTTPIngressPath {
// or '#'.
message HTTPIngressRuleValue {
// paths is a collection of paths that map requests to backends.
+ // +listType=atomic
repeated HTTPIngressPath paths = 1;
}
@@ -211,6 +212,7 @@ message IngressLoadBalancerIngress {
message IngressLoadBalancerStatus {
// ingress is a list containing ingress points for the load-balancer.
// +optional
+ // +listType=atomic
repeated IngressLoadBalancerIngress ingress = 1;
}
@@ -313,11 +315,13 @@ message IngressSpec {
// through the SNI TLS extension, if the ingress controller fulfilling the
// ingress supports SNI.
// +optional
+ // +listType=atomic
repeated IngressTLS tls = 2;
// rules is a list of host rules used to configure the Ingress. If unspecified, or
// no rule matches, all traffic is sent to the default backend.
// +optional
+ // +listType=atomic
repeated IngressRule rules = 3;
}
@@ -335,6 +339,7 @@ message IngressTLS {
// wildcard host setting for the loadbalancer controller fulfilling this
// Ingress, if left unspecified.
// +optional
+ // +listType=atomic
repeated string hosts = 1;
// secretName is the name of the secret used to terminate TLS traffic on
diff --git a/vendor/k8s.io/api/networking/v1beta1/types.go b/vendor/k8s.io/api/networking/v1beta1/types.go
index 87cc91654b..34dfe76aa3 100644
--- a/vendor/k8s.io/api/networking/v1beta1/types.go
+++ b/vendor/k8s.io/api/networking/v1beta1/types.go
@@ -97,11 +97,13 @@ type IngressSpec struct {
// through the SNI TLS extension, if the ingress controller fulfilling the
// ingress supports SNI.
// +optional
+ // +listType=atomic
TLS []IngressTLS `json:"tls,omitempty" protobuf:"bytes,2,rep,name=tls"`
// rules is a list of host rules used to configure the Ingress. If unspecified, or
// no rule matches, all traffic is sent to the default backend.
// +optional
+ // +listType=atomic
Rules []IngressRule `json:"rules,omitempty" protobuf:"bytes,3,rep,name=rules"`
// TODO: Add the ability to specify load-balancer IP through claims
}
@@ -113,6 +115,7 @@ type IngressTLS struct {
// wildcard host setting for the loadbalancer controller fulfilling this
// Ingress, if left unspecified.
// +optional
+ // +listType=atomic
Hosts []string `json:"hosts,omitempty" protobuf:"bytes,1,rep,name=hosts"`
// secretName is the name of the secret used to terminate TLS traffic on
@@ -136,6 +139,7 @@ type IngressStatus struct {
type IngressLoadBalancerStatus struct {
// ingress is a list containing ingress points for the load-balancer.
// +optional
+ // +listType=atomic
Ingress []IngressLoadBalancerIngress `json:"ingress,omitempty" protobuf:"bytes,1,rep,name=ingress"`
}
@@ -239,6 +243,7 @@ type IngressRuleValue struct {
// or '#'.
type HTTPIngressRuleValue struct {
// paths is a collection of paths that map requests to backends.
+ // +listType=atomic
Paths []HTTPIngressPath `json:"paths" protobuf:"bytes,1,rep,name=paths"`
// TODO: Consider adding fields for ingress-type specific global
// options usable by a loadbalancer, like http keep-alive.
diff --git a/vendor/k8s.io/api/rbac/v1/generated.proto b/vendor/k8s.io/api/rbac/v1/generated.proto
index 13ff60ea71..62f5e558ba 100644
--- a/vendor/k8s.io/api/rbac/v1/generated.proto
+++ b/vendor/k8s.io/api/rbac/v1/generated.proto
@@ -33,6 +33,7 @@ message AggregationRule {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
+ // +listType=atomic
repeated k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector clusterRoleSelectors = 1;
}
@@ -44,6 +45,7 @@ message ClusterRole {
// Rules holds all the PolicyRules for this ClusterRole
// +optional
+ // +listType=atomic
repeated PolicyRule rules = 2;
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
@@ -62,6 +64,7 @@ message ClusterRoleBinding {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
repeated Subject subjects = 2;
// RoleRef can only reference a ClusterRole in the global namespace.
@@ -94,25 +97,30 @@ message ClusterRoleList {
// about who the rule applies to or which namespace the rule applies to.
message PolicyRule {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ // +listType=atomic
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
// +optional
+ // +listType=atomic
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. '*' represents all resources.
// +optional
+ // +listType=atomic
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
+ // +listType=atomic
repeated string resourceNames = 4;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
+ // +listType=atomic
repeated string nonResourceURLs = 5;
}
@@ -124,6 +132,7 @@ message Role {
// Rules holds all the PolicyRules for this Role
// +optional
+ // +listType=atomic
repeated PolicyRule rules = 2;
}
@@ -137,6 +146,7 @@ message RoleBinding {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
repeated Subject subjects = 2;
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
diff --git a/vendor/k8s.io/api/rbac/v1/types.go b/vendor/k8s.io/api/rbac/v1/types.go
index ce845d69b4..8bef1ac462 100644
--- a/vendor/k8s.io/api/rbac/v1/types.go
+++ b/vendor/k8s.io/api/rbac/v1/types.go
@@ -48,23 +48,28 @@ const (
// about who the rule applies to or which namespace the rule applies to.
type PolicyRule struct {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
// +optional
+ // +listType=atomic
APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,2,rep,name=apiGroups"`
// Resources is a list of resources this rule applies to. '*' represents all resources.
// +optional
+ // +listType=atomic
Resources []string `json:"resources,omitempty" protobuf:"bytes,3,rep,name=resources"`
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
+ // +listType=atomic
ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,4,rep,name=resourceNames"`
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
+ // +listType=atomic
NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,5,rep,name=nonResourceURLs"`
}
@@ -111,6 +116,7 @@ type Role struct {
// Rules holds all the PolicyRules for this Role
// +optional
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}
@@ -128,6 +134,7 @@ type RoleBinding struct {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
Subjects []Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
@@ -175,6 +182,7 @@ type ClusterRole struct {
// Rules holds all the PolicyRules for this ClusterRole
// +optional
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
@@ -189,6 +197,7 @@ type AggregationRule struct {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
+ // +listType=atomic
ClusterRoleSelectors []metav1.LabelSelector `json:"clusterRoleSelectors,omitempty" protobuf:"bytes,1,rep,name=clusterRoleSelectors"`
}
@@ -206,6 +215,7 @@ type ClusterRoleBinding struct {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
Subjects []Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can only reference a ClusterRole in the global namespace.
diff --git a/vendor/k8s.io/api/rbac/v1alpha1/generated.proto b/vendor/k8s.io/api/rbac/v1alpha1/generated.proto
index d5ceaa0e82..170e008a56 100644
--- a/vendor/k8s.io/api/rbac/v1alpha1/generated.proto
+++ b/vendor/k8s.io/api/rbac/v1alpha1/generated.proto
@@ -33,6 +33,7 @@ message AggregationRule {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
+ // +listType=atomic
repeated k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector clusterRoleSelectors = 1;
}
@@ -45,6 +46,7 @@ message ClusterRole {
// Rules holds all the PolicyRules for this ClusterRole
// +optional
+ // +listType=atomic
repeated PolicyRule rules = 2;
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
@@ -64,6 +66,7 @@ message ClusterRoleBinding {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
repeated Subject subjects = 2;
// RoleRef can only reference a ClusterRole in the global namespace.
@@ -97,25 +100,30 @@ message ClusterRoleList {
// about who the rule applies to or which namespace the rule applies to.
message PolicyRule {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ // +listType=atomic
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
// +optional
+ // +listType=atomic
repeated string apiGroups = 3;
// Resources is a list of resources this rule applies to. '*' represents all resources.
// +optional
+ // +listType=atomic
repeated string resources = 4;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
+ // +listType=atomic
repeated string resourceNames = 5;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
+ // +listType=atomic
repeated string nonResourceURLs = 6;
}
@@ -128,6 +136,7 @@ message Role {
// Rules holds all the PolicyRules for this Role
// +optional
+ // +listType=atomic
repeated PolicyRule rules = 2;
}
@@ -142,6 +151,7 @@ message RoleBinding {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
repeated Subject subjects = 2;
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
diff --git a/vendor/k8s.io/api/rbac/v1alpha1/types.go b/vendor/k8s.io/api/rbac/v1alpha1/types.go
index e0e75b1503..9a0a219774 100644
--- a/vendor/k8s.io/api/rbac/v1alpha1/types.go
+++ b/vendor/k8s.io/api/rbac/v1alpha1/types.go
@@ -48,23 +48,28 @@ const (
// about who the rule applies to or which namespace the rule applies to.
type PolicyRule struct {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
// +optional
+ // +listType=atomic
APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,3,rep,name=apiGroups"`
// Resources is a list of resources this rule applies to. '*' represents all resources.
// +optional
+ // +listType=atomic
Resources []string `json:"resources,omitempty" protobuf:"bytes,4,rep,name=resources"`
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
+ // +listType=atomic
ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,5,rep,name=resourceNames"`
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
+ // +listType=atomic
NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,6,rep,name=nonResourceURLs"`
}
@@ -111,6 +116,7 @@ type Role struct {
// Rules holds all the PolicyRules for this Role
// +optional
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}
@@ -129,6 +135,7 @@ type RoleBinding struct {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
Subjects []Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
@@ -178,6 +185,7 @@ type ClusterRole struct {
// Rules holds all the PolicyRules for this ClusterRole
// +optional
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
@@ -192,6 +200,7 @@ type AggregationRule struct {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
+ // +listType=atomic
ClusterRoleSelectors []metav1.LabelSelector `json:"clusterRoleSelectors,omitempty" protobuf:"bytes,1,rep,name=clusterRoleSelectors"`
}
@@ -210,6 +219,7 @@ type ClusterRoleBinding struct {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
Subjects []Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can only reference a ClusterRole in the global namespace.
diff --git a/vendor/k8s.io/api/rbac/v1beta1/generated.proto b/vendor/k8s.io/api/rbac/v1beta1/generated.proto
index f6b2f0dde1..7dfc50d7eb 100644
--- a/vendor/k8s.io/api/rbac/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/rbac/v1beta1/generated.proto
@@ -33,6 +33,7 @@ message AggregationRule {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
+ // +listType=atomic
repeated k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector clusterRoleSelectors = 1;
}
@@ -45,6 +46,7 @@ message ClusterRole {
// Rules holds all the PolicyRules for this ClusterRole
// +optional
+ // +listType=atomic
repeated PolicyRule rules = 2;
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
@@ -64,6 +66,7 @@ message ClusterRoleBinding {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
repeated Subject subjects = 2;
// RoleRef can only reference a ClusterRole in the global namespace.
@@ -97,26 +100,31 @@ message ClusterRoleList {
// about who the rule applies to or which namespace the rule applies to.
message PolicyRule {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ // +listType=atomic
repeated string verbs = 1;
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
// +optional
+ // +listType=atomic
repeated string apiGroups = 2;
// Resources is a list of resources this rule applies to. '*' represents all resources in the specified apiGroups.
// '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
+ // +listType=atomic
repeated string resources = 3;
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
+ // +listType=atomic
repeated string resourceNames = 4;
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
+ // +listType=atomic
repeated string nonResourceURLs = 5;
}
@@ -129,6 +137,7 @@ message Role {
// Rules holds all the PolicyRules for this Role
// +optional
+ // +listType=atomic
repeated PolicyRule rules = 2;
}
@@ -143,6 +152,7 @@ message RoleBinding {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
repeated Subject subjects = 2;
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
diff --git a/vendor/k8s.io/api/rbac/v1beta1/types.go b/vendor/k8s.io/api/rbac/v1beta1/types.go
index 4941cd2abc..f761f81a6f 100644
--- a/vendor/k8s.io/api/rbac/v1beta1/types.go
+++ b/vendor/k8s.io/api/rbac/v1beta1/types.go
@@ -48,24 +48,29 @@ const (
// about who the rule applies to or which namespace the rule applies to.
type PolicyRule struct {
// Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.
+ // +listType=atomic
Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.
// +optional
+ // +listType=atomic
APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,2,rep,name=apiGroups"`
// Resources is a list of resources this rule applies to. '*' represents all resources in the specified apiGroups.
// '*/foo' represents the subresource 'foo' for all resources in the specified apiGroups.
// +optional
+ // +listType=atomic
Resources []string `json:"resources,omitempty" protobuf:"bytes,3,rep,name=resources"`
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.
// +optional
+ // +listType=atomic
ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,4,rep,name=resourceNames"`
// NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.
// +optional
+ // +listType=atomic
NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,5,rep,name=nonResourceURLs"`
}
@@ -115,6 +120,7 @@ type Role struct {
// Rules holds all the PolicyRules for this Role
// +optional
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}
@@ -137,6 +143,7 @@ type RoleBinding struct {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
Subjects []Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
@@ -198,6 +205,7 @@ type ClusterRole struct {
// Rules holds all the PolicyRules for this ClusterRole
// +optional
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
// If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be
@@ -211,6 +219,7 @@ type AggregationRule struct {
// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
// If any of the selectors match, then the ClusterRole's permissions will be added
// +optional
+ // +listType=atomic
ClusterRoleSelectors []metav1.LabelSelector `json:"clusterRoleSelectors,omitempty" protobuf:"bytes,1,rep,name=clusterRoleSelectors"`
}
@@ -233,6 +242,7 @@ type ClusterRoleBinding struct {
// Subjects holds references to the objects the role applies to.
// +optional
+ // +listType=atomic
Subjects []Subject `json:"subjects,omitempty" protobuf:"bytes,2,rep,name=subjects"`
// RoleRef can only reference a ClusterRole in the global namespace.
diff --git a/vendor/k8s.io/api/resource/v1alpha2/generated.proto b/vendor/k8s.io/api/resource/v1alpha2/generated.proto
index f7748f9a1a..c9f1ec1c0f 100644
--- a/vendor/k8s.io/api/resource/v1alpha2/generated.proto
+++ b/vendor/k8s.io/api/resource/v1alpha2/generated.proto
@@ -257,6 +257,8 @@ message ResourceClaimStatus {
//
// +listType=map
// +listMapKey=uid
+ // +patchStrategy=merge
+ // +patchMergeKey=uid
// +optional
repeated ResourceClaimConsumerReference reservedFor = 3;
diff --git a/vendor/k8s.io/api/resource/v1alpha2/types.go b/vendor/k8s.io/api/resource/v1alpha2/types.go
index a614ff9dc1..f862cd960b 100644
--- a/vendor/k8s.io/api/resource/v1alpha2/types.go
+++ b/vendor/k8s.io/api/resource/v1alpha2/types.go
@@ -114,8 +114,10 @@ type ResourceClaimStatus struct {
//
// +listType=map
// +listMapKey=uid
+ // +patchStrategy=merge
+ // +patchMergeKey=uid
// +optional
- ReservedFor []ResourceClaimConsumerReference `json:"reservedFor,omitempty" protobuf:"bytes,3,opt,name=reservedFor"`
+ ReservedFor []ResourceClaimConsumerReference `json:"reservedFor,omitempty" protobuf:"bytes,3,opt,name=reservedFor" patchStrategy:"merge" patchMergeKey:"uid"`
// DeallocationRequested indicates that a ResourceClaim is to be
// deallocated.
diff --git a/vendor/k8s.io/api/storage/v1/generated.proto b/vendor/k8s.io/api/storage/v1/generated.proto
index b35f708c66..06bbe3d5cf 100644
--- a/vendor/k8s.io/api/storage/v1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1/generated.proto
@@ -103,7 +103,7 @@ message CSIDriverSpec {
// deployed on such a cluster and the deployment determines which mode that is, for example
// via a command line parameter of the driver.
//
- // This field is immutable.
+ // This field was immutable in Kubernetes < 1.29 and now is mutable.
//
// +optional
optional bool podInfoOnMount = 2;
@@ -150,7 +150,7 @@ message CSIDriverSpec {
// permission of the volume before being mounted.
// Refer to the specific FSGroupPolicy values for additional details.
//
- // This field is immutable.
+ // This field was immutable in Kubernetes < 1.29 and now is mutable.
//
// Defaults to ReadWriteOnceWithFSType, which will examine each volume
// to determine if Kubernetes should modify ownership and permissions of the volume.
@@ -261,6 +261,7 @@ message CSINodeDriver {
// It is possible for different nodes to use different topology keys.
// This can be empty if driver does not support topology.
// +optional
+ // +listType=atomic
repeated string topologyKeys = 3;
// allocatable represents the volume resources of a node that are available for scheduling.
@@ -286,6 +287,8 @@ message CSINodeSpec {
// If all drivers in the list are uninstalled, this can become empty.
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated CSINodeDriver drivers = 1;
}
@@ -378,8 +381,6 @@ message CSIStorageCapacityList {
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CSIStorageCapacity objects.
- // +listType=map
- // +listMapKey=name
repeated CSIStorageCapacity items = 2;
}
@@ -411,6 +412,7 @@ message StorageClass {
// e.g. ["ro", "soft"]. Not validated -
// mount of the PVs will simply fail if one is invalid.
// +optional
+ // +listType=atomic
repeated string mountOptions = 5;
// allowVolumeExpansion shows whether the storage class allow volume expand.
diff --git a/vendor/k8s.io/api/storage/v1/types.go b/vendor/k8s.io/api/storage/v1/types.go
index 7d7b7664b8..a94c7f44c5 100644
--- a/vendor/k8s.io/api/storage/v1/types.go
+++ b/vendor/k8s.io/api/storage/v1/types.go
@@ -56,6 +56,7 @@ type StorageClass struct {
// e.g. ["ro", "soft"]. Not validated -
// mount of the PVs will simply fail if one is invalid.
// +optional
+ // +listType=atomic
MountOptions []string `json:"mountOptions,omitempty" protobuf:"bytes,5,opt,name=mountOptions"`
// allowVolumeExpansion shows whether the storage class allow volume expand.
@@ -306,7 +307,7 @@ type CSIDriverSpec struct {
// deployed on such a cluster and the deployment determines which mode that is, for example
// via a command line parameter of the driver.
//
- // This field is immutable.
+ // This field was immutable in Kubernetes < 1.29 and now is mutable.
//
// +optional
PodInfoOnMount *bool `json:"podInfoOnMount,omitempty" protobuf:"bytes,2,opt,name=podInfoOnMount"`
@@ -353,7 +354,7 @@ type CSIDriverSpec struct {
// permission of the volume before being mounted.
// Refer to the specific FSGroupPolicy values for additional details.
//
- // This field is immutable.
+ // This field was immutable in Kubernetes < 1.29 and now is mutable.
//
// Defaults to ReadWriteOnceWithFSType, which will examine each volume
// to determine if Kubernetes should modify ownership and permissions of the volume.
@@ -517,6 +518,8 @@ type CSINodeSpec struct {
// If all drivers in the list are uninstalled, this can become empty.
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Drivers []CSINodeDriver `json:"drivers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,1,rep,name=drivers"`
}
@@ -549,6 +552,7 @@ type CSINodeDriver struct {
// It is possible for different nodes to use different topology keys.
// This can be empty if driver does not support topology.
// +optional
+ // +listType=atomic
TopologyKeys []string `json:"topologyKeys" protobuf:"bytes,3,rep,name=topologyKeys"`
// allocatable represents the volume resources of a node that are available for scheduling.
@@ -680,7 +684,5 @@ type CSIStorageCapacityList struct {
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// items is the list of CSIStorageCapacity objects.
- // +listType=map
- // +listMapKey=name
Items []CSIStorageCapacity `json:"items" protobuf:"bytes,2,rep,name=items"`
}
diff --git a/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go
index 69ee683610..89b1cbb201 100644
--- a/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go
+++ b/vendor/k8s.io/api/storage/v1/types_swagger_doc_generated.go
@@ -50,10 +50,10 @@ func (CSIDriverList) SwaggerDoc() map[string]string {
var map_CSIDriverSpec = map[string]string{
"": "CSIDriverSpec is the specification of a CSIDriver.",
"attachRequired": "attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.\n\nThis field is immutable.",
- "podInfoOnMount": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
+ "podInfoOnMount": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
"volumeLifecycleModes": "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is beta. This field is immutable.",
"storageCapacity": "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.",
- "fsGroupPolicy": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+ "fsGroupPolicy": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
"tokenRequests": "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n \"\": {\n \"token\": ,\n \"expirationTimestamp\": ,\n },\n ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.",
"requiresRepublish": "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.",
"seLinuxMount": "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".",
diff --git a/vendor/k8s.io/api/storage/v1alpha1/generated.proto b/vendor/k8s.io/api/storage/v1alpha1/generated.proto
index 49e522be53..93aefd933a 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1alpha1/generated.proto
@@ -119,8 +119,6 @@ message CSIStorageCapacityList {
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CSIStorageCapacity objects.
- // +listType=map
- // +listMapKey=name
repeated CSIStorageCapacity items = 2;
}
diff --git a/vendor/k8s.io/api/storage/v1alpha1/types.go b/vendor/k8s.io/api/storage/v1alpha1/types.go
index 5957e48074..1fbf65f819 100644
--- a/vendor/k8s.io/api/storage/v1alpha1/types.go
+++ b/vendor/k8s.io/api/storage/v1alpha1/types.go
@@ -247,8 +247,6 @@ type CSIStorageCapacityList struct {
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// items is the list of CSIStorageCapacity objects.
- // +listType=map
- // +listMapKey=name
Items []CSIStorageCapacity `json:"items" protobuf:"bytes,2,rep,name=items"`
}
diff --git a/vendor/k8s.io/api/storage/v1beta1/generated.proto b/vendor/k8s.io/api/storage/v1beta1/generated.proto
index b99fd39e48..f6e619d05d 100644
--- a/vendor/k8s.io/api/storage/v1beta1/generated.proto
+++ b/vendor/k8s.io/api/storage/v1beta1/generated.proto
@@ -127,6 +127,7 @@ message CSIDriverSpec {
// This field is immutable.
//
// +optional
+ // +listType=atomic
repeated string volumeLifecycleModes = 3;
// storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage
@@ -263,6 +264,7 @@ message CSINodeDriver {
// It is possible for different nodes to use different topology keys.
// This can be empty if driver does not support topology.
// +optional
+ // +listType=atomic
repeated string topologyKeys = 3;
// allocatable represents the volume resources of a node that are available for scheduling.
@@ -287,6 +289,8 @@ message CSINodeSpec {
// If all drivers in the list are uninstalled, this can become empty.
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
repeated CSINodeDriver drivers = 1;
}
@@ -379,8 +383,6 @@ message CSIStorageCapacityList {
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
// items is the list of CSIStorageCapacity objects.
- // +listType=map
- // +listMapKey=name
repeated CSIStorageCapacity items = 2;
}
@@ -412,6 +414,7 @@ message StorageClass {
// e.g. ["ro", "soft"]. Not validated -
// mount of the PVs will simply fail if one is invalid.
// +optional
+ // +listType=atomic
repeated string mountOptions = 5;
// allowVolumeExpansion shows whether the storage class allow volume expand
diff --git a/vendor/k8s.io/api/storage/v1beta1/types.go b/vendor/k8s.io/api/storage/v1beta1/types.go
index 0f5ade3c13..9333a28b8d 100644
--- a/vendor/k8s.io/api/storage/v1beta1/types.go
+++ b/vendor/k8s.io/api/storage/v1beta1/types.go
@@ -59,6 +59,7 @@ type StorageClass struct {
// e.g. ["ro", "soft"]. Not validated -
// mount of the PVs will simply fail if one is invalid.
// +optional
+ // +listType=atomic
MountOptions []string `json:"mountOptions,omitempty" protobuf:"bytes,5,opt,name=mountOptions"`
// allowVolumeExpansion shows whether the storage class allow volume expand
@@ -347,6 +348,7 @@ type CSIDriverSpec struct {
// This field is immutable.
//
// +optional
+ // +listType=atomic
VolumeLifecycleModes []VolumeLifecycleMode `json:"volumeLifecycleModes,omitempty" protobuf:"bytes,3,opt,name=volumeLifecycleModes"`
// storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage
@@ -535,6 +537,8 @@ type CSINodeSpec struct {
// If all drivers in the list are uninstalled, this can become empty.
// +patchMergeKey=name
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=name
Drivers []CSINodeDriver `json:"drivers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,1,rep,name=drivers"`
}
@@ -567,6 +571,7 @@ type CSINodeDriver struct {
// It is possible for different nodes to use different topology keys.
// This can be empty if driver does not support topology.
// +optional
+ // +listType=atomic
TopologyKeys []string `json:"topologyKeys" protobuf:"bytes,3,rep,name=topologyKeys"`
// allocatable represents the volume resources of a node that are available for scheduling.
@@ -707,7 +712,5 @@ type CSIStorageCapacityList struct {
metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
// items is the list of CSIStorageCapacity objects.
- // +listType=map
- // +listMapKey=name
Items []CSIStorageCapacity `json:"items" protobuf:"bytes,2,rep,name=items"`
}
diff --git a/vendor/k8s.io/apimachinery/pkg/api/validation/OWNERS b/vendor/k8s.io/apimachinery/pkg/api/validation/OWNERS
new file mode 100644
index 0000000000..4023732476
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/api/validation/OWNERS
@@ -0,0 +1,11 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+# Disable inheritance as this is an api owners file
+options:
+ no_parent_owners: true
+approvers:
+ - api-approvers
+reviewers:
+ - api-reviewers
+labels:
+ - kind/api-change
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
index a2cd8015fb..2b95700f72 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
@@ -34,6 +34,7 @@ message APIGroup {
optional string name = 1;
// versions are the versions supported in this group.
+ // +listType=atomic
repeated GroupVersionForDiscovery versions = 2;
// preferredVersion is the version preferred by the API server, which
@@ -49,6 +50,7 @@ message APIGroup {
// For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP.
// Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
// +optional
+ // +listType=atomic
repeated ServerAddressByClientCIDR serverAddressByClientCIDRs = 4;
}
@@ -56,6 +58,7 @@ message APIGroup {
// /apis.
message APIGroupList {
// groups is a list of APIGroup.
+ // +listType=atomic
repeated APIGroup groups = 1;
}
@@ -88,9 +91,11 @@ message APIResource {
optional Verbs verbs = 4;
// shortNames is a list of suggested short names of the resource.
+ // +listType=atomic
repeated string shortNames = 5;
// categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ // +listType=atomic
repeated string categories = 7;
// The hash value of the storage version, the version this resource is
@@ -112,6 +117,7 @@ message APIResourceList {
optional string groupVersion = 1;
// resources contains the name of the resources and if they are namespaced.
+ // +listType=atomic
repeated APIResource resources = 2;
}
@@ -122,6 +128,7 @@ message APIResourceList {
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
message APIVersions {
// versions are the api versions that are available.
+ // +listType=atomic
repeated string versions = 1;
// a map of client CIDR to server address that is serving this group.
@@ -131,6 +138,7 @@ message APIVersions {
// The server returns only those CIDRs that it thinks that the client can match.
// For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP.
// Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
+ // +listType=atomic
repeated ServerAddressByClientCIDR serverAddressByClientCIDRs = 2;
}
@@ -145,6 +153,7 @@ message ApplyOptions {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
repeated string dryRun = 1;
// Force is going to "force" Apply requests. It means user will
@@ -235,6 +244,7 @@ message CreateOptions {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
repeated string dryRun = 1;
// fieldManager is a name associated with the actor or entity
@@ -303,6 +313,7 @@ message DeleteOptions {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
repeated string dryRun = 5;
}
@@ -418,6 +429,7 @@ message LabelSelector {
// matchExpressions is a list of label selector requirements. The requirements are ANDed.
// +optional
+ // +listType=atomic
repeated LabelSelectorRequirement matchExpressions = 2;
}
@@ -436,6 +448,7 @@ message LabelSelectorRequirement {
// the values array must be empty. This array is replaced during a strategic
// merge patch.
// +optional
+ // +listType=atomic
repeated string values = 3;
}
@@ -788,6 +801,8 @@ message ObjectMeta {
// +optional
// +patchMergeKey=uid
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=uid
repeated OwnerReference ownerReferences = 13;
// Must be empty before the object is deleted from the registry. Each entry
@@ -805,6 +820,7 @@ message ObjectMeta {
// are not vulnerable to ordering changes in the list.
// +optional
// +patchStrategy=merge
+ // +listType=set
repeated string finalizers = 14;
// ManagedFields maps workflow-id and version to the set of fields
@@ -816,6 +832,7 @@ message ObjectMeta {
// workflow used when modifying the object.
//
// +optional
+ // +listType=atomic
repeated ManagedFieldsEntry managedFields = 17;
}
@@ -890,6 +907,7 @@ message PatchOptions {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
repeated string dryRun = 1;
// Force is going to "force" Apply requests. It means user will
@@ -943,6 +961,7 @@ message Preconditions {
// For example: "/healthz", "/apis".
message RootPaths {
// paths are the paths available at root.
+ // +listType=atomic
repeated string paths = 1;
}
@@ -985,6 +1004,7 @@ message Status {
// is not guaranteed to conform to any schema except that defined by
// the reason type.
// +optional
+ // +listType=atomic
optional StatusDetails details = 5;
// Suggested HTTP return code for this status, 0 if not set.
@@ -1049,6 +1069,7 @@ message StatusDetails {
// The Causes array includes more details associated with the StatusReason
// failure. Not all StatusReasons may provide detailed causes.
// +optional
+ // +listType=atomic
repeated StatusCause causes = 4;
// If specified, the time in seconds before the operation should be retried. Some errors may indicate
@@ -1135,6 +1156,7 @@ message UpdateOptions {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
repeated string dryRun = 1;
// fieldManager is a name associated with the actor or entity
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go
index 8a8ff70189..881cc959da 100644
--- a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/types.go
@@ -236,6 +236,8 @@ type ObjectMeta struct {
// +optional
// +patchMergeKey=uid
// +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=uid
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty" patchStrategy:"merge" patchMergeKey:"uid" protobuf:"bytes,13,rep,name=ownerReferences"`
// Must be empty before the object is deleted from the registry. Each entry
@@ -253,6 +255,7 @@ type ObjectMeta struct {
// are not vulnerable to ordering changes in the list.
// +optional
// +patchStrategy=merge
+ // +listType=set
Finalizers []string `json:"finalizers,omitempty" patchStrategy:"merge" protobuf:"bytes,14,rep,name=finalizers"`
// Tombstone: ClusterName was a legacy field that was always cleared by
@@ -268,6 +271,7 @@ type ObjectMeta struct {
// workflow used when modifying the object.
//
// +optional
+ // +listType=atomic
ManagedFields []ManagedFieldsEntry `json:"managedFields,omitempty" protobuf:"bytes,17,rep,name=managedFields"`
}
@@ -531,6 +535,7 @@ type DeleteOptions struct {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
DryRun []string `json:"dryRun,omitempty" protobuf:"bytes,5,rep,name=dryRun"`
}
@@ -556,6 +561,7 @@ type CreateOptions struct {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
DryRun []string `json:"dryRun,omitempty" protobuf:"bytes,1,rep,name=dryRun"`
// +k8s:deprecated=includeUninitialized,protobuf=2
@@ -600,6 +606,7 @@ type PatchOptions struct {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
DryRun []string `json:"dryRun,omitempty" protobuf:"bytes,1,rep,name=dryRun"`
// Force is going to "force" Apply requests. It means user will
@@ -651,6 +658,7 @@ type ApplyOptions struct {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
DryRun []string `json:"dryRun,omitempty" protobuf:"bytes,1,rep,name=dryRun"`
// Force is going to "force" Apply requests. It means user will
@@ -683,6 +691,7 @@ type UpdateOptions struct {
// request. Valid values are:
// - All: all dry run stages will be processed
// +optional
+ // +listType=atomic
DryRun []string `json:"dryRun,omitempty" protobuf:"bytes,1,rep,name=dryRun"`
// fieldManager is a name associated with the actor or entity
@@ -751,6 +760,7 @@ type Status struct {
// is not guaranteed to conform to any schema except that defined by
// the reason type.
// +optional
+ // +listType=atomic
Details *StatusDetails `json:"details,omitempty" protobuf:"bytes,5,opt,name=details"`
// Suggested HTTP return code for this status, 0 if not set.
// +optional
@@ -784,6 +794,7 @@ type StatusDetails struct {
// The Causes array includes more details associated with the StatusReason
// failure. Not all StatusReasons may provide detailed causes.
// +optional
+ // +listType=atomic
Causes []StatusCause `json:"causes,omitempty" protobuf:"bytes,4,rep,name=causes"`
// If specified, the time in seconds before the operation should be retried. Some errors may indicate
// the client must take an alternate action - for those errors this field may indicate how long to wait
@@ -1047,6 +1058,7 @@ type List struct {
type APIVersions struct {
TypeMeta `json:",inline"`
// versions are the api versions that are available.
+ // +listType=atomic
Versions []string `json:"versions" protobuf:"bytes,1,rep,name=versions"`
// a map of client CIDR to server address that is serving this group.
// This is to help clients reach servers in the most network-efficient way possible.
@@ -1055,6 +1067,7 @@ type APIVersions struct {
// The server returns only those CIDRs that it thinks that the client can match.
// For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP.
// Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
+ // +listType=atomic
ServerAddressByClientCIDRs []ServerAddressByClientCIDR `json:"serverAddressByClientCIDRs" protobuf:"bytes,2,rep,name=serverAddressByClientCIDRs"`
}
@@ -1065,6 +1078,7 @@ type APIVersions struct {
type APIGroupList struct {
TypeMeta `json:",inline"`
// groups is a list of APIGroup.
+ // +listType=atomic
Groups []APIGroup `json:"groups" protobuf:"bytes,1,rep,name=groups"`
}
@@ -1077,6 +1091,7 @@ type APIGroup struct {
// name is the name of the group.
Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
// versions are the versions supported in this group.
+ // +listType=atomic
Versions []GroupVersionForDiscovery `json:"versions" protobuf:"bytes,2,rep,name=versions"`
// preferredVersion is the version preferred by the API server, which
// probably is the storage version.
@@ -1090,6 +1105,7 @@ type APIGroup struct {
// For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP.
// Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
// +optional
+ // +listType=atomic
ServerAddressByClientCIDRs []ServerAddressByClientCIDR `json:"serverAddressByClientCIDRs,omitempty" protobuf:"bytes,4,rep,name=serverAddressByClientCIDRs"`
}
@@ -1134,8 +1150,10 @@ type APIResource struct {
// update, patch, delete, deletecollection, and proxy)
Verbs Verbs `json:"verbs" protobuf:"bytes,4,opt,name=verbs"`
// shortNames is a list of suggested short names of the resource.
+ // +listType=atomic
ShortNames []string `json:"shortNames,omitempty" protobuf:"bytes,5,rep,name=shortNames"`
// categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ // +listType=atomic
Categories []string `json:"categories,omitempty" protobuf:"bytes,7,rep,name=categories"`
// The hash value of the storage version, the version this resource is
// converted to when written to the data store. Value must be treated
@@ -1168,6 +1186,7 @@ type APIResourceList struct {
// groupVersion is the group and version this APIResourceList is for.
GroupVersion string `json:"groupVersion" protobuf:"bytes,1,opt,name=groupVersion"`
// resources contains the name of the resources and if they are namespaced.
+ // +listType=atomic
APIResources []APIResource `json:"resources" protobuf:"bytes,2,rep,name=resources"`
}
@@ -1175,6 +1194,7 @@ type APIResourceList struct {
// For example: "/healthz", "/apis".
type RootPaths struct {
// paths are the paths available at root.
+ // +listType=atomic
Paths []string `json:"paths" protobuf:"bytes,1,rep,name=paths"`
}
@@ -1218,6 +1238,7 @@ type LabelSelector struct {
MatchLabels map[string]string `json:"matchLabels,omitempty" protobuf:"bytes,1,rep,name=matchLabels"`
// matchExpressions is a list of label selector requirements. The requirements are ANDed.
// +optional
+ // +listType=atomic
MatchExpressions []LabelSelectorRequirement `json:"matchExpressions,omitempty" protobuf:"bytes,2,rep,name=matchExpressions"`
}
@@ -1234,6 +1255,7 @@ type LabelSelectorRequirement struct {
// the values array must be empty. This array is replaced during a strategic
// merge patch.
// +optional
+ // +listType=atomic
Values []string `json:"values,omitempty" protobuf:"bytes,3,rep,name=values"`
}
@@ -1335,8 +1357,10 @@ type Table struct {
// columnDefinitions describes each column in the returned items array. The number of cells per row
// will always match the number of column definitions.
+ // +listType=atomic
ColumnDefinitions []TableColumnDefinition `json:"columnDefinitions"`
// rows is the list of items in the table.
+ // +listType=atomic
Rows []TableRow `json:"rows"`
}
@@ -1369,12 +1393,14 @@ type TableRow struct {
// cells will be as wide as the column definitions array and may contain strings, numbers (float64 or
// int64), booleans, simple maps, lists, or null. See the type field of the column definition for a
// more detailed description.
+ // +listType=atomic
Cells []interface{} `json:"cells"`
// conditions describe additional status of a row that are relevant for a human user. These conditions
// apply to the row, not to the object, and will be specific to table output. The only defined
// condition type is 'Completed', for a row that indicates a resource that has run to completion and
// can be given less visual priority.
// +optional
+ // +listType=atomic
Conditions []TableRowCondition `json:"conditions,omitempty"`
// This field contains the requested additional information about each object based on the includeObject
// policy when requesting the Table. If "None", this field is empty, if "Object" this will be the
diff --git a/vendor/k8s.io/apimachinery/pkg/runtime/helper.go b/vendor/k8s.io/apimachinery/pkg/runtime/helper.go
index f46a24cc6c..cc0a77bba6 100644
--- a/vendor/k8s.io/apimachinery/pkg/runtime/helper.go
+++ b/vendor/k8s.io/apimachinery/pkg/runtime/helper.go
@@ -236,10 +236,14 @@ func (e WithVersionEncoder) Encode(obj Object, stream io.Writer) error {
gvk = preferredGVK
}
}
- kind.SetGroupVersionKind(gvk)
- err = e.Encoder.Encode(obj, stream)
- kind.SetGroupVersionKind(oldGVK)
- return err
+
+ // The gvk only needs to be set if not already as desired.
+ if gvk != oldGVK {
+ kind.SetGroupVersionKind(gvk)
+ defer kind.SetGroupVersionKind(oldGVK)
+ }
+
+ return e.Encoder.Encode(obj, stream)
}
// WithoutVersionDecoder clears the group version kind of a deserialized object.
diff --git a/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go b/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go
index 194883390c..fd281bdb88 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/sets/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
// Package sets has generic set and specified sets. Generic set will
// replace specified ones over time. And specific ones are deprecated.
-package sets
+package sets // import "k8s.io/apimachinery/pkg/util/sets"
diff --git a/vendor/k8s.io/apimachinery/pkg/util/sets/ordered.go b/vendor/k8s.io/apimachinery/pkg/util/sets/ordered.go
deleted file mode 100644
index 443dac62eb..0000000000
--- a/vendor/k8s.io/apimachinery/pkg/util/sets/ordered.go
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
-Copyright 2022 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package sets
-
-// ordered is a constraint that permits any ordered type: any type
-// that supports the operators < <= >= >.
-// If future releases of Go add new ordered types,
-// this constraint will be modified to include them.
-type ordered interface {
- integer | float | ~string
-}
-
-// integer is a constraint that permits any integer type.
-// If future releases of Go add new predeclared integer types,
-// this constraint will be modified to include them.
-type integer interface {
- signed | unsigned
-}
-
-// float is a constraint that permits any floating-point type.
-// If future releases of Go add new predeclared floating-point types,
-// this constraint will be modified to include them.
-type float interface {
- ~float32 | ~float64
-}
-
-// signed is a constraint that permits any signed integer type.
-// If future releases of Go add new predeclared signed integer types,
-// this constraint will be modified to include them.
-type signed interface {
- ~int | ~int8 | ~int16 | ~int32 | ~int64
-}
-
-// unsigned is a constraint that permits any unsigned integer type.
-// If future releases of Go add new predeclared unsigned integer types,
-// this constraint will be modified to include them.
-type unsigned interface {
- ~uint | ~uint8 | ~uint16 | ~uint32 | ~uint64 | ~uintptr
-}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/sets/set.go b/vendor/k8s.io/apimachinery/pkg/util/sets/set.go
index d50526f426..b76129a1ca 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/sets/set.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/sets/set.go
@@ -17,6 +17,7 @@ limitations under the License.
package sets
import (
+ "cmp"
"sort"
)
@@ -37,7 +38,7 @@ func New[T comparable](items ...T) Set[T] {
// KeySet creates a Set from a keys of a map[comparable](? extends interface{}).
// If the value passed in is not actually a map, this will panic.
func KeySet[T comparable, V any](theMap map[T]V) Set[T] {
- ret := Set[T]{}
+ ret := make(Set[T], len(theMap))
for keyValue := range theMap {
ret.Insert(keyValue)
}
@@ -193,7 +194,7 @@ func (s1 Set[T]) Equal(s2 Set[T]) bool {
return len(s1) == len(s2) && s1.IsSuperset(s2)
}
-type sortableSliceOfGeneric[T ordered] []T
+type sortableSliceOfGeneric[T cmp.Ordered] []T
func (g sortableSliceOfGeneric[T]) Len() int { return len(g) }
func (g sortableSliceOfGeneric[T]) Less(i, j int) bool { return less[T](g[i], g[j]) }
@@ -203,7 +204,7 @@ func (g sortableSliceOfGeneric[T]) Swap(i, j int) { g[i], g[j] = g[j], g[i]
//
// This is a separate function and not a method because not all types supported
// by Generic are ordered and only those can be sorted.
-func List[T ordered](s Set[T]) []T {
+func List[T cmp.Ordered](s Set[T]) []T {
res := make(sortableSliceOfGeneric[T], 0, len(s))
for key := range s {
res = append(res, key)
@@ -236,6 +237,6 @@ func (s Set[T]) Len() int {
return len(s)
}
-func less[T ordered](lhs, rhs T) bool {
+func less[T cmp.Ordered](lhs, rhs T) bool {
return lhs < rhs
}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/OWNERS b/vendor/k8s.io/apimachinery/pkg/util/validation/OWNERS
new file mode 100644
index 0000000000..4023732476
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/OWNERS
@@ -0,0 +1,11 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+# Disable inheritance as this is an api owners file
+options:
+ no_parent_owners: true
+approvers:
+ - api-approvers
+reviewers:
+ - api-reviewers
+labels:
+ - kind/api-change
diff --git a/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go b/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go
index 0b8a6cb354..94c3fdb77f 100644
--- a/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go
+++ b/vendor/k8s.io/apimachinery/pkg/util/validation/validation.go
@@ -19,9 +19,7 @@ package validation
import (
"fmt"
"math"
- "net"
"regexp"
- "strconv"
"strings"
"k8s.io/apimachinery/pkg/util/validation/field"
@@ -352,11 +350,12 @@ func IsValidPortName(port string) []string {
}
// IsValidIP tests that the argument is a valid IP address.
-func IsValidIP(value string) []string {
+func IsValidIP(fldPath *field.Path, value string) field.ErrorList {
+ var allErrors field.ErrorList
if netutils.ParseIPSloppy(value) == nil {
- return []string{"must be a valid IP address, (e.g. 10.9.8.7 or 2001:db8::ffff)"}
+ allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid IP address, (e.g. 10.9.8.7 or 2001:db8::ffff)"))
}
- return nil
+ return allErrors
}
// IsValidIPv4Address tests that the argument is a valid IPv4 address.
@@ -379,6 +378,16 @@ func IsValidIPv6Address(fldPath *field.Path, value string) field.ErrorList {
return allErrors
}
+// IsValidCIDR tests that the argument is a valid CIDR value.
+func IsValidCIDR(fldPath *field.Path, value string) field.ErrorList {
+ var allErrors field.ErrorList
+ _, _, err := netutils.ParseCIDRSloppy(value)
+ if err != nil {
+ allErrors = append(allErrors, field.Invalid(fldPath, value, "must be a valid CIDR value, (e.g. 10.9.8.0/24 or 2001:db8::/64)"))
+ }
+ return allErrors
+}
+
const percentFmt string = "[0-9]+%"
const percentErrMsg string = "a valid percent string must be a numeric string followed by an ending '%'"
@@ -493,18 +502,3 @@ func hasChDirPrefix(value string) []string {
}
return errs
}
-
-// IsValidSocketAddr checks that string represents a valid socket address
-// as defined in RFC 789. (e.g 0.0.0.0:10254 or [::]:10254))
-func IsValidSocketAddr(value string) []string {
- var errs []string
- ip, port, err := net.SplitHostPort(value)
- if err != nil {
- errs = append(errs, "must be a valid socket address format, (e.g. 0.0.0.0:10254 or [::]:10254)")
- return errs
- }
- portInt, _ := strconv.Atoi(port)
- errs = append(errs, IsValidPortNum(portInt)...)
- errs = append(errs, IsValidIP(ip)...)
- return errs
-}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/cel/composition.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/cel/composition.go
index 2dbfa09916..9c449ecda2 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/cel/composition.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/cel/composition.go
@@ -54,13 +54,22 @@ func NewCompositedCompiler(envSet *environment.EnvSet) (*CompositedCompiler, err
if err != nil {
return nil, err
}
- compiler := NewCompiler(compositionContext.EnvSet)
- filterCompiler := NewFilterCompiler(compositionContext.EnvSet)
+ return NewCompositedCompilerFromTemplate(compositionContext), nil
+}
+
+func NewCompositedCompilerFromTemplate(context *CompositionEnv) *CompositedCompiler {
+ context = &CompositionEnv{
+ MapType: context.MapType,
+ EnvSet: context.EnvSet,
+ CompiledVariables: map[string]CompilationResult{},
+ }
+ compiler := NewCompiler(context.EnvSet)
+ filterCompiler := NewFilterCompiler(context.EnvSet)
return &CompositedCompiler{
Compiler: compiler,
FilterCompiler: filterCompiler,
- CompositionEnv: compositionContext,
- }, nil
+ CompositionEnv: context,
+ }
}
func (c *CompositedCompiler) CompileAndStoreVariables(variables []NamedExpressionAccessor, options OptionalVariableDeclarations, mode environment.Type) {
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/accessor.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/accessor.go
new file mode 100644
index 0000000000..ae6d069a35
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/accessor.go
@@ -0,0 +1,42 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+ "k8s.io/api/admissionregistration/v1beta1"
+ "k8s.io/apimachinery/pkg/types"
+)
+
+type PolicyAccessor interface {
+ GetName() string
+ GetNamespace() string
+ GetParamKind() *v1beta1.ParamKind
+ GetMatchConstraints() *v1beta1.MatchResources
+}
+
+type BindingAccessor interface {
+ GetName() string
+ GetNamespace() string
+
+ // GetPolicyName returns the name of the (Validating/Mutating)AdmissionPolicy,
+ // which is cluster-scoped, so namespace is usually left blank.
+ // But we leave the door open to add a namespaced vesion in the future
+ GetPolicyName() types.NamespacedName
+ GetParamRef() *v1beta1.ParamRef
+
+ GetMatchResources() *v1beta1.MatchResources
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/interfaces.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/interfaces.go
new file mode 100644
index 0000000000..d4dbfb0aa5
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/interfaces.go
@@ -0,0 +1,64 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+ "context"
+
+ "k8s.io/apiserver/pkg/admission"
+)
+
+// Hook represents a dynamic admission hook. The hook may be a webhook or a
+// policy. For webhook, the Hook may describe how to contact the endpoint, expected
+// cert, etc. For policies, the hook may describe a compiled policy-binding pair.
+type Hook interface {
+ // All hooks are expected to contain zero or more match conditions, object
+ // selectors, namespace selectors to help the dispatcher decide when to apply
+ // the hook.
+ //
+ // Methods of matching logic is applied are specific to the hook and left up
+ // to the implementation.
+}
+
+// Source can list dynamic admission plugins.
+type Source[H Hook] interface {
+ // Hooks returns the list of currently known admission hooks.
+ Hooks() []H
+
+ // Run the source. This method should be called only once at startup.
+ Run(ctx context.Context) error
+
+ // HasSynced returns true if the source has completed its initial sync.
+ HasSynced() bool
+}
+
+// Dispatcher dispatches evaluates an admission request against the currently
+// active hooks returned by the source.
+type Dispatcher[H Hook] interface {
+ // Dispatch a request to the policies. Dispatcher may choose not to
+ // call a hook, either because the rules of the hook does not match, or
+ // the namespaceSelector or the objectSelector of the hook does not
+ // match. A non-nil error means the request is rejected.
+ Dispatch(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces, hooks []H) error
+}
+
+// An evaluator represents a compiled CEL expression that can be evaluated a
+// given a set of inputs used by the generic PolicyHook for Mutating and
+// ValidatingAdmissionPolicy.
+// Mutating and Validating may have different forms of evaluators
+type Evaluator interface {
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/plugin.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/plugin.go
new file mode 100644
index 0000000000..6dafd01424
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/plugin.go
@@ -0,0 +1,199 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+ "context"
+ "errors"
+ "fmt"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+ "k8s.io/apiserver/pkg/admission"
+ "k8s.io/apiserver/pkg/admission/initializer"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/matching"
+ "k8s.io/apiserver/pkg/authorization/authorizer"
+ "k8s.io/client-go/dynamic"
+ "k8s.io/client-go/informers"
+ "k8s.io/client-go/kubernetes"
+)
+
+// H is the Hook type generated by the source and consumed by the dispatcher.
+type sourceFactory[H any] func(informers.SharedInformerFactory, kubernetes.Interface, dynamic.Interface, meta.RESTMapper) Source[H]
+type dispatcherFactory[H any] func(authorizer.Authorizer, *matching.Matcher) Dispatcher[H]
+
+// AdmissionPolicyManager is an abstract admission plugin with all the
+// infrastructure to define Admit or Validate on-top.
+type Plugin[H any] struct {
+ *admission.Handler
+
+ sourceFactory sourceFactory[H]
+ dispatcherFactory dispatcherFactory[H]
+
+ source Source[H]
+ dispatcher Dispatcher[H]
+ matcher *matching.Matcher
+
+ informerFactory informers.SharedInformerFactory
+ client kubernetes.Interface
+ restMapper meta.RESTMapper
+ dynamicClient dynamic.Interface
+ stopCh <-chan struct{}
+ authorizer authorizer.Authorizer
+ enabled bool
+}
+
+var (
+ _ initializer.WantsExternalKubeInformerFactory = &Plugin[any]{}
+ _ initializer.WantsExternalKubeClientSet = &Plugin[any]{}
+ _ initializer.WantsRESTMapper = &Plugin[any]{}
+ _ initializer.WantsDynamicClient = &Plugin[any]{}
+ _ initializer.WantsDrainedNotification = &Plugin[any]{}
+ _ initializer.WantsAuthorizer = &Plugin[any]{}
+ _ admission.InitializationValidator = &Plugin[any]{}
+)
+
+func NewPlugin[H any](
+ handler *admission.Handler,
+ sourceFactory sourceFactory[H],
+ dispatcherFactory dispatcherFactory[H],
+) *Plugin[H] {
+ return &Plugin[H]{
+ Handler: handler,
+ sourceFactory: sourceFactory,
+ dispatcherFactory: dispatcherFactory,
+ }
+}
+
+func (c *Plugin[H]) SetExternalKubeInformerFactory(f informers.SharedInformerFactory) {
+ c.informerFactory = f
+}
+
+func (c *Plugin[H]) SetExternalKubeClientSet(client kubernetes.Interface) {
+ c.client = client
+}
+
+func (c *Plugin[H]) SetRESTMapper(mapper meta.RESTMapper) {
+ c.restMapper = mapper
+}
+
+func (c *Plugin[H]) SetDynamicClient(client dynamic.Interface) {
+ c.dynamicClient = client
+}
+
+func (c *Plugin[H]) SetDrainedNotification(stopCh <-chan struct{}) {
+ c.stopCh = stopCh
+}
+
+func (c *Plugin[H]) SetAuthorizer(authorizer authorizer.Authorizer) {
+ c.authorizer = authorizer
+}
+
+func (c *Plugin[H]) SetMatcher(matcher *matching.Matcher) {
+ c.matcher = matcher
+}
+
+func (c *Plugin[H]) SetEnabled(enabled bool) {
+ c.enabled = enabled
+}
+
+// ValidateInitialization - once clientset and informer factory are provided, creates and starts the admission controller
+func (c *Plugin[H]) ValidateInitialization() error {
+ // By default enabled is set to false. It is up to types which embed this
+ // struct to set it to true (if feature gate is enabled, or other conditions)
+ if !c.enabled {
+ return nil
+ }
+ if c.Handler == nil {
+ return errors.New("missing handler")
+ }
+ if c.informerFactory == nil {
+ return errors.New("missing informer factory")
+ }
+ if c.client == nil {
+ return errors.New("missing kubernetes client")
+ }
+ if c.restMapper == nil {
+ return errors.New("missing rest mapper")
+ }
+ if c.dynamicClient == nil {
+ return errors.New("missing dynamic client")
+ }
+ if c.stopCh == nil {
+ return errors.New("missing stop channel")
+ }
+ if c.authorizer == nil {
+ return errors.New("missing authorizer")
+ }
+
+ // Use default matcher
+ namespaceInformer := c.informerFactory.Core().V1().Namespaces()
+ c.matcher = matching.NewMatcher(namespaceInformer.Lister(), c.client)
+
+ if err := c.matcher.ValidateInitialization(); err != nil {
+ return err
+ }
+
+ c.source = c.sourceFactory(c.informerFactory, c.client, c.dynamicClient, c.restMapper)
+ c.dispatcher = c.dispatcherFactory(c.authorizer, c.matcher)
+
+ pluginContext, pluginContextCancel := context.WithCancel(context.Background())
+ go func() {
+ defer pluginContextCancel()
+ <-c.stopCh
+ }()
+
+ go func() {
+ err := c.source.Run(pluginContext)
+ if err != nil && !errors.Is(err, context.Canceled) {
+ utilruntime.HandleError(fmt.Errorf("policy source context unexpectedly closed: %v", err))
+ }
+ }()
+
+ c.SetReadyFunc(func() bool {
+ return namespaceInformer.Informer().HasSynced() && c.source.HasSynced()
+ })
+ return nil
+}
+
+func (c *Plugin[H]) Dispatch(
+ ctx context.Context,
+ a admission.Attributes,
+ o admission.ObjectInterfaces,
+) (err error) {
+ if !c.enabled {
+ return nil
+ } else if isPolicyResource(a) {
+ return nil
+ } else if !c.WaitForReady() {
+ return admission.NewForbidden(a, fmt.Errorf("not yet ready to handle request"))
+ }
+
+ return c.dispatcher.Dispatch(ctx, a, o, c.source.Hooks())
+}
+
+func isPolicyResource(attr admission.Attributes) bool {
+ gvk := attr.GetResource()
+ if gvk.Group == "admissionregistration.k8s.io" {
+ if gvk.Resource == "validatingadmissionpolicies" || gvk.Resource == "validatingadmissionpolicybindings" {
+ return true
+ } else if gvk.Resource == "mutatingadmissionpolicies" || gvk.Resource == "mutatingadmissionpolicybindings" {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_dispatcher.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_dispatcher.go
new file mode 100644
index 0000000000..a3d21235f3
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_dispatcher.go
@@ -0,0 +1,354 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "time"
+
+ "k8s.io/api/admissionregistration/v1beta1"
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+ "k8s.io/apiserver/pkg/admission"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/matching"
+ webhookgeneric "k8s.io/apiserver/pkg/admission/plugin/webhook/generic"
+ "k8s.io/client-go/informers"
+ "k8s.io/client-go/tools/cache"
+)
+
+// A policy invocation is a single policy-binding-param tuple from a Policy Hook
+// in the context of a specific request. The params have already been resolved
+// and any error in configuration or setting up the invocation is stored in
+// the Error field.
+type PolicyInvocation[P runtime.Object, B runtime.Object, E Evaluator] struct {
+ // Relevant policy for this hook.
+ // This field is always populated
+ Policy P
+
+ // Matched Kind for the request given the policy's matchconstraints
+ // May be empty if there was an error matching the resource
+ Kind schema.GroupVersionKind
+
+ // Matched Resource for the request given the policy's matchconstraints
+ // May be empty if there was an error matching the resource
+ Resource schema.GroupVersionResource
+
+ // Relevant binding for this hook.
+ // May be empty if there was an error with the policy's configuration itself
+ Binding B
+
+ // Compiled policy evaluator
+ Evaluator E
+
+ // Params fetched by the binding to use to evaluate the policy
+ Param runtime.Object
+
+ // Error is set if there was an error with the policy or binding or its
+ // params, etc
+ Error error
+}
+
+// dispatcherDelegate is called during a request with a pre-filtered list
+// of (Policy, Binding, Param) tuples that are active and match the request.
+// The dispatcher delegate is responsible for updating the object on the
+// admission attributes in the case of mutation, or returning a status error in
+// the case of validation.
+//
+// The delegate provides the "validation" or "mutation" aspect of dispatcher functionality
+// (in contrast to generic.PolicyDispatcher which only selects active policies and params)
+type dispatcherDelegate[P, B runtime.Object, E Evaluator] func(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces, versionedAttributes webhookgeneric.VersionedAttributeAccessor, invocations []PolicyInvocation[P, B, E]) error
+
+type policyDispatcher[P runtime.Object, B runtime.Object, E Evaluator] struct {
+ newPolicyAccessor func(P) PolicyAccessor
+ newBindingAccessor func(B) BindingAccessor
+ matcher PolicyMatcher
+ delegate dispatcherDelegate[P, B, E]
+}
+
+func NewPolicyDispatcher[P runtime.Object, B runtime.Object, E Evaluator](
+ newPolicyAccessor func(P) PolicyAccessor,
+ newBindingAccessor func(B) BindingAccessor,
+ matcher *matching.Matcher,
+ delegate dispatcherDelegate[P, B, E],
+) Dispatcher[PolicyHook[P, B, E]] {
+ return &policyDispatcher[P, B, E]{
+ newPolicyAccessor: newPolicyAccessor,
+ newBindingAccessor: newBindingAccessor,
+ matcher: NewPolicyMatcher(matcher),
+ delegate: delegate,
+ }
+}
+
+// Dispatch implements generic.Dispatcher. It loops through all active hooks
+// (policy x binding pairs) and selects those which are active for the current
+// request. It then resolves all params and creates an Invocation for each
+// matching policy-binding-param tuple. The delegate is then called with the
+// list of tuples.
+//
+// Note: MatchConditions expressions are not evaluated here. The dispatcher delegate
+// is expected to ignore the result of any policies whose match conditions dont pass.
+// This may be possible to refactor so matchconditions are checked here instead.
+func (d *policyDispatcher[P, B, E]) Dispatch(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces, hooks []PolicyHook[P, B, E]) error {
+ var relevantHooks []PolicyInvocation[P, B, E]
+ // Construct all the versions we need to call our webhooks
+ versionedAttrAccessor := &versionedAttributeAccessor{
+ versionedAttrs: map[schema.GroupVersionKind]*admission.VersionedAttributes{},
+ attr: a,
+ objectInterfaces: o,
+ }
+
+ for _, hook := range hooks {
+ policyAccessor := d.newPolicyAccessor(hook.Policy)
+ matches, matchGVR, matchGVK, err := d.matcher.DefinitionMatches(a, o, policyAccessor)
+ if err != nil {
+ // There was an error evaluating if this policy matches anything.
+ utilruntime.HandleError(err)
+ relevantHooks = append(relevantHooks, PolicyInvocation[P, B, E]{
+ Policy: hook.Policy,
+ Error: err,
+ })
+ continue
+ } else if !matches {
+ continue
+ } else if hook.ConfigurationError != nil {
+ // The policy matches but there is a configuration error with the
+ // policy itself
+ relevantHooks = append(relevantHooks, PolicyInvocation[P, B, E]{
+ Policy: hook.Policy,
+ Error: hook.ConfigurationError,
+ Resource: matchGVR,
+ Kind: matchGVK,
+ })
+ utilruntime.HandleError(hook.ConfigurationError)
+ continue
+ }
+
+ for _, binding := range hook.Bindings {
+ bindingAccessor := d.newBindingAccessor(binding)
+ matches, err = d.matcher.BindingMatches(a, o, bindingAccessor)
+ if err != nil {
+ // There was an error evaluating if this binding matches anything.
+ utilruntime.HandleError(err)
+ relevantHooks = append(relevantHooks, PolicyInvocation[P, B, E]{
+ Policy: hook.Policy,
+ Binding: binding,
+ Error: err,
+ Resource: matchGVR,
+ Kind: matchGVK,
+ })
+ continue
+ } else if !matches {
+ continue
+ }
+
+ // Collect params for this binding
+ params, err := CollectParams(
+ policyAccessor.GetParamKind(),
+ hook.ParamInformer,
+ hook.ParamScope,
+ bindingAccessor.GetParamRef(),
+ a.GetNamespace(),
+ )
+ if err != nil {
+ // There was an error collecting params for this binding.
+ utilruntime.HandleError(err)
+ relevantHooks = append(relevantHooks, PolicyInvocation[P, B, E]{
+ Policy: hook.Policy,
+ Binding: binding,
+ Error: err,
+ Resource: matchGVR,
+ Kind: matchGVK,
+ })
+ continue
+ }
+
+ // If params is empty and there was no error, that means that
+ // ParamNotFoundAction is ignore, so it shouldnt be added to list
+ for _, param := range params {
+ relevantHooks = append(relevantHooks, PolicyInvocation[P, B, E]{
+ Policy: hook.Policy,
+ Binding: binding,
+ Kind: matchGVK,
+ Resource: matchGVR,
+ Param: param,
+ Evaluator: hook.Evaluator,
+ })
+ }
+
+ // VersionedAttr result will be cached and reused later during parallel
+ // hook calls
+ _, err = versionedAttrAccessor.VersionedAttribute(matchGVK)
+ if err != nil {
+ return apierrors.NewInternalError(err)
+ }
+ }
+
+ }
+
+ if len(relevantHooks) == 0 {
+ // no matching hooks
+ return nil
+ }
+
+ return d.delegate(ctx, a, o, versionedAttrAccessor, relevantHooks)
+}
+
+// Returns params to use to evaluate a policy-binding with given param
+// configuration. If the policy-binding has no param configuration, it
+// returns a single-element list with a nil param.
+func CollectParams(
+ paramKind *v1beta1.ParamKind,
+ paramInformer informers.GenericInformer,
+ paramScope meta.RESTScope,
+ paramRef *v1beta1.ParamRef,
+ namespace string,
+) ([]runtime.Object, error) {
+ // If definition has paramKind, paramRef is required in binding.
+ // If definition has no paramKind, paramRef set in binding will be ignored.
+ var params []runtime.Object
+ var paramStore cache.GenericNamespaceLister
+
+ // Make sure the param kind is ready to use
+ if paramKind != nil && paramRef != nil {
+ if paramInformer == nil {
+ return nil, fmt.Errorf("paramKind kind `%v` not known",
+ paramKind.String())
+ }
+
+ // Set up cluster-scoped, or namespaced access to the params
+ // "default" if not provided, and paramKind is namespaced
+ paramStore = paramInformer.Lister()
+ if paramScope.Name() == meta.RESTScopeNameNamespace {
+ paramsNamespace := namespace
+ if len(paramRef.Namespace) > 0 {
+ paramsNamespace = paramRef.Namespace
+ } else if len(paramsNamespace) == 0 {
+ // You must supply namespace if your matcher can possibly
+ // match a cluster-scoped resource
+ return nil, fmt.Errorf("cannot use namespaced paramRef in policy binding that matches cluster-scoped resources")
+ }
+
+ paramStore = paramInformer.Lister().ByNamespace(paramsNamespace)
+ }
+
+ // If the param informer for this admission policy has not yet
+ // had time to perform an initial listing, don't attempt to use
+ // it.
+ timeoutCtx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
+ defer cancel()
+
+ if !cache.WaitForCacheSync(timeoutCtx.Done(), paramInformer.Informer().HasSynced) {
+ return nil, fmt.Errorf("paramKind kind `%v` not yet synced to use for admission",
+ paramKind.String())
+ }
+ }
+
+ // Find params to use with policy
+ switch {
+ case paramKind == nil:
+ // ParamKind is unset. Ignore any globalParamRef or namespaceParamRef
+ // setting.
+ return []runtime.Object{nil}, nil
+ case paramRef == nil:
+ // Policy ParamKind is set, but binding does not use it.
+ // Validate with nil params
+ return []runtime.Object{nil}, nil
+ case len(paramRef.Namespace) > 0 && paramScope.Name() == meta.RESTScopeRoot.Name():
+ // Not allowed to set namespace for cluster-scoped param
+ return nil, fmt.Errorf("paramRef.namespace must not be provided for a cluster-scoped `paramKind`")
+
+ case len(paramRef.Name) > 0:
+ if paramRef.Selector != nil {
+ // This should be validated, but just in case.
+ return nil, fmt.Errorf("paramRef.name and paramRef.selector are mutually exclusive")
+ }
+
+ switch param, err := paramStore.Get(paramRef.Name); {
+ case err == nil:
+ params = []runtime.Object{param}
+ case apierrors.IsNotFound(err):
+ // Param not yet available. User may need to wait a bit
+ // before being able to use it for validation.
+ //
+ // Set params to nil to prepare for not found action
+ params = nil
+ case apierrors.IsInvalid(err):
+ // Param mis-configured
+ // require to set namespace for namespaced resource
+ // and unset namespace for cluster scoped resource
+ return nil, err
+ default:
+ // Internal error
+ utilruntime.HandleError(err)
+ return nil, err
+ }
+ case paramRef.Selector != nil:
+ // Select everything by default if empty name and selector
+ selector, err := metav1.LabelSelectorAsSelector(paramRef.Selector)
+ if err != nil {
+ // Cannot parse label selector: configuration error
+ return nil, err
+
+ }
+
+ paramList, err := paramStore.List(selector)
+ if err != nil {
+ // There was a bad internal error
+ utilruntime.HandleError(err)
+ return nil, err
+ }
+
+ // Successfully grabbed params
+ params = paramList
+ default:
+ // Should be unreachable due to validation
+ return nil, fmt.Errorf("one of name or selector must be provided")
+ }
+
+ // Apply fail action for params not found case
+ if len(params) == 0 && paramRef.ParameterNotFoundAction != nil && *paramRef.ParameterNotFoundAction == v1beta1.DenyAction {
+ return nil, errors.New("no params found for policy binding with `Deny` parameterNotFoundAction")
+ }
+
+ return params, nil
+}
+
+var _ webhookgeneric.VersionedAttributeAccessor = &versionedAttributeAccessor{}
+
+type versionedAttributeAccessor struct {
+ versionedAttrs map[schema.GroupVersionKind]*admission.VersionedAttributes
+ attr admission.Attributes
+ objectInterfaces admission.ObjectInterfaces
+}
+
+func (v *versionedAttributeAccessor) VersionedAttribute(gvk schema.GroupVersionKind) (*admission.VersionedAttributes, error) {
+ if val, ok := v.versionedAttrs[gvk]; ok {
+ return val, nil
+ }
+ versionedAttr, err := admission.NewVersionedAttributes(v.attr, gvk, v.objectInterfaces)
+ if err != nil {
+ return nil, err
+ }
+ v.versionedAttrs[gvk] = versionedAttr
+ return versionedAttr, nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matcher.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_matcher.go
similarity index 60%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matcher.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_matcher.go
index 397f2c2671..9f8b6b432f 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matcher.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_matcher.go
@@ -14,44 +14,42 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package generic
import (
+ "fmt"
+
"k8s.io/api/admissionregistration/v1beta1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apiserver/pkg/admission"
- "k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/matching"
)
-var _ matching.MatchCriteria = &matchCriteria{}
-
-type matchCriteria struct {
- constraints *v1beta1.MatchResources
-}
+// Matcher is used for matching ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding to attributes
+type PolicyMatcher interface {
+ admission.InitializationValidator
-// GetParsedNamespaceSelector returns the converted LabelSelector which implements labels.Selector
-func (m *matchCriteria) GetParsedNamespaceSelector() (labels.Selector, error) {
- return metav1.LabelSelectorAsSelector(m.constraints.NamespaceSelector)
-}
+ // DefinitionMatches says whether this policy definition matches the provided admission
+ // resource request
+ DefinitionMatches(a admission.Attributes, o admission.ObjectInterfaces, definition PolicyAccessor) (bool, schema.GroupVersionResource, schema.GroupVersionKind, error)
-// GetParsedObjectSelector returns the converted LabelSelector which implements labels.Selector
-func (m *matchCriteria) GetParsedObjectSelector() (labels.Selector, error) {
- return metav1.LabelSelectorAsSelector(m.constraints.ObjectSelector)
-}
+ // BindingMatches says whether this policy definition matches the provided admission
+ // resource request
+ BindingMatches(a admission.Attributes, o admission.ObjectInterfaces, binding BindingAccessor) (bool, error)
-// GetMatchResources returns the matchConstraints
-func (m *matchCriteria) GetMatchResources() v1beta1.MatchResources {
- return *m.constraints
+ // GetNamespace retrieves the Namespace resource by the given name. The name may be empty, in which case
+ // GetNamespace must return nil, nil
+ GetNamespace(name string) (*corev1.Namespace, error)
}
type matcher struct {
Matcher *matching.Matcher
}
-func NewMatcher(m *matching.Matcher) Matcher {
+func NewPolicyMatcher(m *matching.Matcher) PolicyMatcher {
return &matcher{
Matcher: m,
}
@@ -63,17 +61,23 @@ func (c *matcher) ValidateInitialization() error {
}
// DefinitionMatches returns whether this ValidatingAdmissionPolicy matches the provided admission resource request
-func (c *matcher) DefinitionMatches(a admission.Attributes, o admission.ObjectInterfaces, definition *v1beta1.ValidatingAdmissionPolicy) (bool, schema.GroupVersionResource, schema.GroupVersionKind, error) {
- criteria := matchCriteria{constraints: definition.Spec.MatchConstraints}
+func (c *matcher) DefinitionMatches(a admission.Attributes, o admission.ObjectInterfaces, definition PolicyAccessor) (bool, schema.GroupVersionResource, schema.GroupVersionKind, error) {
+ constraints := definition.GetMatchConstraints()
+ if constraints == nil {
+ return false, schema.GroupVersionResource{}, schema.GroupVersionKind{}, fmt.Errorf("policy contained no match constraints, a required field")
+ }
+ criteria := matchCriteria{constraints: constraints}
return c.Matcher.Matches(a, o, &criteria)
}
// BindingMatches returns whether this ValidatingAdmissionPolicyBinding matches the provided admission resource request
-func (c *matcher) BindingMatches(a admission.Attributes, o admission.ObjectInterfaces, binding *v1beta1.ValidatingAdmissionPolicyBinding) (bool, error) {
- if binding.Spec.MatchResources == nil {
+func (c *matcher) BindingMatches(a admission.Attributes, o admission.ObjectInterfaces, binding BindingAccessor) (bool, error) {
+ matchResources := binding.GetMatchResources()
+ if matchResources == nil {
return true, nil
}
- criteria := matchCriteria{constraints: binding.Spec.MatchResources}
+
+ criteria := matchCriteria{constraints: matchResources}
isMatch, _, _, err := c.Matcher.Matches(a, o, &criteria)
return isMatch, err
}
@@ -81,3 +85,24 @@ func (c *matcher) BindingMatches(a admission.Attributes, o admission.ObjectInter
func (c *matcher) GetNamespace(name string) (*corev1.Namespace, error) {
return c.Matcher.GetNamespace(name)
}
+
+var _ matching.MatchCriteria = &matchCriteria{}
+
+type matchCriteria struct {
+ constraints *v1beta1.MatchResources
+}
+
+// GetParsedNamespaceSelector returns the converted LabelSelector which implements labels.Selector
+func (m *matchCriteria) GetParsedNamespaceSelector() (labels.Selector, error) {
+ return metav1.LabelSelectorAsSelector(m.constraints.NamespaceSelector)
+}
+
+// GetParsedObjectSelector returns the converted LabelSelector which implements labels.Selector
+func (m *matchCriteria) GetParsedObjectSelector() (labels.Selector, error) {
+ return metav1.LabelSelectorAsSelector(m.constraints.ObjectSelector)
+}
+
+// GetMatchResources returns the matchConstraints
+func (m *matchCriteria) GetMatchResources() v1beta1.MatchResources {
+ return *m.constraints
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_source.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_source.go
new file mode 100644
index 0000000000..9b2e2146a8
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_source.go
@@ -0,0 +1,477 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+ "context"
+ goerrors "errors"
+ "fmt"
+ "sync"
+ "sync/atomic"
+ "time"
+
+ corev1 "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/api/meta"
+ "k8s.io/apimachinery/pkg/labels"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/types"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+ "k8s.io/apimachinery/pkg/util/wait"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic"
+ "k8s.io/client-go/dynamic"
+ "k8s.io/client-go/dynamic/dynamicinformer"
+ "k8s.io/client-go/informers"
+ "k8s.io/client-go/tools/cache"
+ "k8s.io/klog/v2"
+)
+
+type policySource[P runtime.Object, B runtime.Object, E Evaluator] struct {
+ ctx context.Context
+ policyInformer generic.Informer[P]
+ bindingInformer generic.Informer[B]
+ restMapper meta.RESTMapper
+ newPolicyAccessor func(P) PolicyAccessor
+ newBindingAccessor func(B) BindingAccessor
+
+ informerFactory informers.SharedInformerFactory
+ dynamicClient dynamic.Interface
+
+ compiler func(P) E
+
+ // Currently compiled list of valid/active policy-binding pairs
+ policies atomic.Pointer[[]PolicyHook[P, B, E]]
+ // Whether the cache of policies is dirty and needs to be recompiled
+ policiesDirty atomic.Bool
+
+ lock sync.Mutex
+ compiledPolicies map[types.NamespacedName]compiledPolicyEntry[E]
+
+ // Temporary until we use the dynamic informer factory
+ paramsCRDControllers map[schema.GroupVersionKind]*paramInfo
+}
+
+type paramInfo struct {
+ mapping meta.RESTMapping
+
+ // When the param is changed, or the informer is done being used, the cancel
+ // func should be called to stop/cleanup the original informer
+ cancelFunc func()
+
+ // The lister for this param
+ informer informers.GenericInformer
+}
+
+type compiledPolicyEntry[E Evaluator] struct {
+ policyVersion string
+ evaluator E
+}
+
+type PolicyHook[P runtime.Object, B runtime.Object, E Evaluator] struct {
+ Policy P
+ Bindings []B
+
+ // ParamInformer is the informer for the param CRD for this policy, or nil if
+ // there is no param or if there was a configuration error
+ ParamInformer informers.GenericInformer
+ ParamScope meta.RESTScope
+
+ Evaluator E
+ ConfigurationError error
+}
+
+var _ Source[PolicyHook[runtime.Object, runtime.Object, Evaluator]] = &policySource[runtime.Object, runtime.Object, Evaluator]{}
+
+func NewPolicySource[P runtime.Object, B runtime.Object, E Evaluator](
+ policyInformer cache.SharedIndexInformer,
+ bindingInformer cache.SharedIndexInformer,
+ newPolicyAccessor func(P) PolicyAccessor,
+ newBindingAccessor func(B) BindingAccessor,
+ compiler func(P) E,
+ paramInformerFactory informers.SharedInformerFactory,
+ dynamicClient dynamic.Interface,
+ restMapper meta.RESTMapper,
+) Source[PolicyHook[P, B, E]] {
+ res := &policySource[P, B, E]{
+ compiler: compiler,
+ policyInformer: generic.NewInformer[P](policyInformer),
+ bindingInformer: generic.NewInformer[B](bindingInformer),
+ compiledPolicies: map[types.NamespacedName]compiledPolicyEntry[E]{},
+ newPolicyAccessor: newPolicyAccessor,
+ newBindingAccessor: newBindingAccessor,
+ paramsCRDControllers: map[schema.GroupVersionKind]*paramInfo{},
+ informerFactory: paramInformerFactory,
+ dynamicClient: dynamicClient,
+ restMapper: restMapper,
+ }
+ return res
+}
+
+func (s *policySource[P, B, E]) Run(ctx context.Context) error {
+ if s.ctx != nil {
+ return fmt.Errorf("policy source already running")
+ }
+
+ // Wait for initial cache sync of policies and informers before reconciling
+ // any
+ if !cache.WaitForNamedCacheSync(fmt.Sprintf("%T", s), ctx.Done(), s.UpstreamHasSynced) {
+ err := ctx.Err()
+ if err == nil {
+ err = fmt.Errorf("initial cache sync for %T failed", s)
+ }
+ return err
+ }
+
+ s.ctx = ctx
+
+ // Perform initial policy compilation after initial list has finished
+ s.notify()
+ s.refreshPolicies()
+
+ notifyFuncs := cache.ResourceEventHandlerFuncs{
+ AddFunc: func(_ interface{}) {
+ s.notify()
+ },
+ UpdateFunc: func(_, _ interface{}) {
+ s.notify()
+ },
+ DeleteFunc: func(_ interface{}) {
+ s.notify()
+ },
+ }
+ handle, err := s.policyInformer.AddEventHandler(notifyFuncs)
+ if err != nil {
+ return err
+ }
+ defer func() {
+ if err := s.policyInformer.RemoveEventHandler(handle); err != nil {
+ utilruntime.HandleError(fmt.Errorf("failed to remove policy event handler: %w", err))
+ }
+ }()
+
+ bindingHandle, err := s.bindingInformer.AddEventHandler(notifyFuncs)
+ if err != nil {
+ return err
+ }
+ defer func() {
+ if err := s.bindingInformer.RemoveEventHandler(bindingHandle); err != nil {
+ utilruntime.HandleError(fmt.Errorf("failed to remove binding event handler: %w", err))
+ }
+ }()
+
+ // Start a worker that checks every second to see if policy data is dirty
+ // and needs to be recompiled
+ go func() {
+ // Loop every 1 second until context is cancelled, refreshing policies
+ wait.Until(s.refreshPolicies, 1*time.Second, ctx.Done())
+ }()
+
+ <-ctx.Done()
+ return nil
+}
+
+func (s *policySource[P, B, E]) UpstreamHasSynced() bool {
+ return s.policyInformer.HasSynced() && s.bindingInformer.HasSynced()
+}
+
+// HasSynced implements Source.
+func (s *policySource[P, B, E]) HasSynced() bool {
+ // As an invariant we never store `nil` into the atomic list of processed
+ // policy hooks. If it is nil, then we haven't compiled all the policies
+ // and stored them yet.
+ return s.Hooks() != nil
+}
+
+// Hooks implements Source.
+func (s *policySource[P, B, E]) Hooks() []PolicyHook[P, B, E] {
+ res := s.policies.Load()
+
+ // Error case should not happen since evaluation function never
+ // returns error
+ if res == nil {
+ // Not yet synced
+ return nil
+ }
+
+ return *res
+}
+
+func (s *policySource[P, B, E]) refreshPolicies() {
+ if !s.UpstreamHasSynced() {
+ return
+ } else if !s.policiesDirty.Swap(false) {
+ return
+ }
+
+ // It is ok the cache gets marked dirty again between us clearing the
+ // flag and us calculating the policies. The dirty flag would be marked again,
+ // and we'd have a no-op after comparing resource versions on the next sync.
+ klog.Infof("refreshing policies")
+ policies, err := s.calculatePolicyData()
+
+ // Intentionally store policy list regardless of error. There may be
+ // an error returned if there was a configuration error in one of the policies,
+ // but we would still want those policies evaluated
+ // (for instance to return error on failaction). Or if there was an error
+ // listing all policies at all, we would want to wipe the list.
+ s.policies.Store(&policies)
+
+ if err != nil {
+ // An error was generated while syncing policies. Mark it as dirty again
+ // so we can retry later
+ utilruntime.HandleError(fmt.Errorf("encountered error syncing policies: %w. Rescheduling policy sync", err))
+ s.notify()
+ }
+}
+
+func (s *policySource[P, B, E]) notify() {
+ s.policiesDirty.Store(true)
+}
+
+// calculatePolicyData calculates the list of policies and bindings for each
+// policy. If there is an error in generation, it will return the error and
+// the partial list of policies that were able to be generated. Policies that
+// have an error will have a non-nil ConfigurationError field, but still be
+// included in the result.
+//
+// This function caches the result of the intermediate compilations
+func (s *policySource[P, B, E]) calculatePolicyData() ([]PolicyHook[P, B, E], error) {
+ if !s.UpstreamHasSynced() {
+ return nil, fmt.Errorf("cannot calculate policy data until upstream has synced")
+ }
+
+ // Fat-fingered lock that can be made more fine-tuned if required
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ // Create a local copy of all policies and bindings
+ policiesToBindings := map[types.NamespacedName][]B{}
+ bindingList, err := s.bindingInformer.List(labels.Everything())
+ if err != nil {
+ // This should never happen unless types are misconfigured
+ // (can't use meta.accessor on them)
+ return nil, err
+ }
+
+ // Gather a list of all active policy bindings
+ for _, bindingSpec := range bindingList {
+ bindingAccessor := s.newBindingAccessor(bindingSpec)
+ policyKey := bindingAccessor.GetPolicyName()
+
+ // Add this binding to the list of bindings for this policy
+ policiesToBindings[policyKey] = append(policiesToBindings[policyKey], bindingSpec)
+ }
+
+ result := make([]PolicyHook[P, B, E], 0, len(bindingList))
+ usedParams := map[schema.GroupVersionKind]struct{}{}
+ var errs []error
+ for policyKey, bindingSpecs := range policiesToBindings {
+ var inf generic.NamespacedLister[P] = s.policyInformer
+ if len(policyKey.Namespace) > 0 {
+ inf = s.policyInformer.Namespaced(policyKey.Namespace)
+ }
+ policySpec, err := inf.Get(policyKey.Name)
+ if errors.IsNotFound(err) {
+ // Policy for bindings doesn't exist. This can happen if the policy
+ // was deleted before the binding, or the binding was created first.
+ //
+ // Just skip bindings that refer to non-existent policies
+ // If the policy is recreated, the cache will be marked dirty and
+ // this function will run again.
+ continue
+ } else if err != nil {
+ // This should never happen since fetching from a cache should never
+ // fail and this function checks that the cache was synced before
+ // even getting to this point.
+ errs = append(errs, err)
+ continue
+ }
+
+ var parsedParamKind *schema.GroupVersionKind
+ policyAccessor := s.newPolicyAccessor(policySpec)
+
+ if paramKind := policyAccessor.GetParamKind(); paramKind != nil {
+ groupVersion, err := schema.ParseGroupVersion(paramKind.APIVersion)
+ if err != nil {
+ errs = append(errs, fmt.Errorf("failed to parse paramKind APIVersion: %w", err))
+ continue
+ }
+ parsedParamKind = &schema.GroupVersionKind{
+ Group: groupVersion.Group,
+ Version: groupVersion.Version,
+ Kind: paramKind.Kind,
+ }
+
+ // TEMPORARY UNTIL WE HAVE SHARED PARAM INFORMERS
+ usedParams[*parsedParamKind] = struct{}{}
+ }
+
+ paramInformer, paramScope, configurationError := s.ensureParamsForPolicyLocked(parsedParamKind)
+ result = append(result, PolicyHook[P, B, E]{
+ Policy: policySpec,
+ Bindings: bindingSpecs,
+ Evaluator: s.compilePolicyLocked(policySpec),
+ ParamInformer: paramInformer,
+ ParamScope: paramScope,
+ ConfigurationError: configurationError,
+ })
+
+ // Should queue a re-sync for policy sync error. If our shared param
+ // informer can notify us when CRD discovery changes we can remove this
+ // and just rely on the informer to notify us when the CRDs change
+ if configurationError != nil {
+ errs = append(errs, configurationError)
+ }
+ }
+
+ // Clean up orphaned policies by replacing the old cache of compiled policies
+ // (the map of used policies is updated by `compilePolicy`)
+ for policyKey := range s.compiledPolicies {
+ if _, wasSeen := policiesToBindings[policyKey]; !wasSeen {
+ delete(s.compiledPolicies, policyKey)
+ }
+ }
+
+ // Clean up orphaned param informers
+ for paramKind, info := range s.paramsCRDControllers {
+ if _, wasSeen := usedParams[paramKind]; !wasSeen {
+ info.cancelFunc()
+ delete(s.paramsCRDControllers, paramKind)
+ }
+ }
+
+ err = nil
+ if len(errs) > 0 {
+ err = goerrors.Join(errs...)
+ }
+ return result, err
+}
+
+// ensureParamsForPolicyLocked ensures that the informer for the paramKind is
+// started and returns the informer and the scope of the paramKind.
+//
+// Must be called under write lock
+func (s *policySource[P, B, E]) ensureParamsForPolicyLocked(paramSource *schema.GroupVersionKind) (informers.GenericInformer, meta.RESTScope, error) {
+ if paramSource == nil {
+ return nil, nil, nil
+ } else if info, ok := s.paramsCRDControllers[*paramSource]; ok {
+ return info.informer, info.mapping.Scope, nil
+ }
+
+ mapping, err := s.restMapper.RESTMapping(schema.GroupKind{
+ Group: paramSource.Group,
+ Kind: paramSource.Kind,
+ }, paramSource.Version)
+
+ if err != nil {
+ // Failed to resolve. Return error so we retry again (rate limited)
+ // Save a record of this definition with an evaluator that unconditionally
+ return nil, nil, fmt.Errorf("failed to find resource referenced by paramKind: '%v'", *paramSource)
+ }
+
+ // We are not watching this param. Start an informer for it.
+ instanceContext, instanceCancel := context.WithCancel(s.ctx)
+
+ var informer informers.GenericInformer
+
+ // Try to see if our provided informer factory has an informer for this type.
+ // We assume the informer is already started, and starts all types associated
+ // with it.
+ if genericInformer, err := s.informerFactory.ForResource(mapping.Resource); err == nil {
+ informer = genericInformer
+
+ // Start the informer
+ s.informerFactory.Start(instanceContext.Done())
+
+ } else {
+ // Dynamic JSON informer fallback.
+ // Cannot use shared dynamic informer since it would be impossible
+ // to clean CRD informers properly with multiple dependents
+ // (cannot start ahead of time, and cannot track dependencies via stopCh)
+ informer = dynamicinformer.NewFilteredDynamicInformer(
+ s.dynamicClient,
+ mapping.Resource,
+ corev1.NamespaceAll,
+ // Use same interval as is used for k8s typed sharedInformerFactory
+ // https://github.com/kubernetes/kubernetes/blob/7e0923899fed622efbc8679cca6b000d43633e38/cmd/kube-apiserver/app/server.go#L430
+ 10*time.Minute,
+ cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc},
+ nil,
+ )
+ go informer.Informer().Run(instanceContext.Done())
+ }
+
+ klog.Infof("informer started for %v", *paramSource)
+ ret := ¶mInfo{
+ mapping: *mapping,
+ cancelFunc: instanceCancel,
+ informer: informer,
+ }
+ s.paramsCRDControllers[*paramSource] = ret
+ return ret.informer, mapping.Scope, nil
+}
+
+// For testing
+func (s *policySource[P, B, E]) getParamInformer(param schema.GroupVersionKind) (informers.GenericInformer, meta.RESTScope) {
+ s.lock.Lock()
+ defer s.lock.Unlock()
+
+ if info, ok := s.paramsCRDControllers[param]; ok {
+ return info.informer, info.mapping.Scope
+ }
+
+ return nil, nil
+}
+
+// compilePolicyLocked compiles the policy and returns the evaluator for it.
+// If the policy has not changed since the last compilation, it will return
+// the cached evaluator.
+//
+// Must be called under write lock
+func (s *policySource[P, B, E]) compilePolicyLocked(policySpec P) E {
+ policyMeta, err := meta.Accessor(policySpec)
+ if err != nil {
+ // This should not happen if P, and B have ObjectMeta, but
+ // unfortunately there is no way to express "able to call
+ // meta.Accessor" as a type constraint
+ utilruntime.HandleError(err)
+ var emptyEvaluator E
+ return emptyEvaluator
+ }
+ key := types.NamespacedName{
+ Namespace: policyMeta.GetNamespace(),
+ Name: policyMeta.GetName(),
+ }
+
+ compiledPolicy, wasCompiled := s.compiledPolicies[key]
+
+ // If the policy or binding has changed since it was last compiled,
+ // and if there is no configuration error (like a missing param CRD)
+ // then we recompile
+ if !wasCompiled ||
+ compiledPolicy.policyVersion != policyMeta.GetResourceVersion() {
+
+ compiledPolicy = compiledPolicyEntry[E]{
+ policyVersion: policyMeta.GetResourceVersion(),
+ evaluator: s.compiler(policySpec),
+ }
+ s.compiledPolicies[key] = compiledPolicy
+ }
+
+ return compiledPolicy.evaluator
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_test_context.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_test_context.go
new file mode 100644
index 0000000000..0d5fee3e2f
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/generic/policy_test_context.go
@@ -0,0 +1,638 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package generic
+
+import (
+ "context"
+ "fmt"
+ "time"
+
+ corev1 "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/util/uuid"
+ "k8s.io/apimachinery/pkg/util/wait"
+ "k8s.io/apimachinery/pkg/watch"
+ "k8s.io/client-go/dynamic"
+ dynamicfake "k8s.io/client-go/dynamic/fake"
+ "k8s.io/client-go/informers"
+ "k8s.io/client-go/kubernetes"
+ "k8s.io/client-go/kubernetes/fake"
+ clienttesting "k8s.io/client-go/testing"
+ "k8s.io/client-go/tools/cache"
+ "k8s.io/component-base/featuregate"
+
+ "k8s.io/apiserver/pkg/admission"
+ "k8s.io/apiserver/pkg/admission/initializer"
+ "k8s.io/apiserver/pkg/authorization/authorizer"
+ "k8s.io/apiserver/pkg/features"
+)
+
+// PolicyTestContext is everything you need to unit test a policy plugin
+type PolicyTestContext[P runtime.Object, B runtime.Object, E Evaluator] struct {
+ context.Context
+ Plugin *Plugin[PolicyHook[P, B, E]]
+ Source Source[PolicyHook[P, B, E]]
+ Start func() error
+
+ scheme *runtime.Scheme
+ restMapper *meta.DefaultRESTMapper
+ policyGVR schema.GroupVersionResource
+ bindingGVR schema.GroupVersionResource
+
+ policyGVK schema.GroupVersionKind
+ bindingGVK schema.GroupVersionKind
+
+ nativeTracker clienttesting.ObjectTracker
+ policyAndBindingTracker clienttesting.ObjectTracker
+ unstructuredTracker clienttesting.ObjectTracker
+}
+
+func NewPolicyTestContext[P, B runtime.Object, E Evaluator](
+ newPolicyAccessor func(P) PolicyAccessor,
+ newBindingAccessor func(B) BindingAccessor,
+ compileFunc func(P) E,
+ dispatcher dispatcherFactory[PolicyHook[P, B, E]],
+ initialObjects []runtime.Object,
+ paramMappings []meta.RESTMapping,
+) (*PolicyTestContext[P, B, E], func(), error) {
+ var Pexample P
+ var Bexample B
+
+ // Create a fake resource and kind for the provided policy and binding types
+ fakePolicyGVR := schema.GroupVersionResource{
+ Group: "policy.example.com",
+ Version: "v1",
+ Resource: "fakepolicies",
+ }
+ fakeBindingGVR := schema.GroupVersionResource{
+ Group: "policy.example.com",
+ Version: "v1",
+ Resource: "fakebindings",
+ }
+ fakePolicyGVK := fakePolicyGVR.GroupVersion().WithKind("FakePolicy")
+ fakeBindingGVK := fakeBindingGVR.GroupVersion().WithKind("FakeBinding")
+
+ policySourceTestScheme, err := func() (*runtime.Scheme, error) {
+ scheme := runtime.NewScheme()
+
+ if err := fake.AddToScheme(scheme); err != nil {
+ return nil, err
+ }
+
+ scheme.AddKnownTypeWithName(fakePolicyGVK, Pexample)
+ scheme.AddKnownTypeWithName(fakeBindingGVK, Bexample)
+ scheme.AddKnownTypeWithName(fakePolicyGVK.GroupVersion().WithKind(fakePolicyGVK.Kind+"List"), &FakeList[P]{})
+ scheme.AddKnownTypeWithName(fakeBindingGVK.GroupVersion().WithKind(fakeBindingGVK.Kind+"List"), &FakeList[B]{})
+
+ for _, mapping := range paramMappings {
+ // Skip if it is in the scheme already
+ if scheme.Recognizes(mapping.GroupVersionKind) {
+ continue
+ }
+ scheme.AddKnownTypeWithName(mapping.GroupVersionKind, &unstructured.Unstructured{})
+ scheme.AddKnownTypeWithName(mapping.GroupVersionKind.GroupVersion().WithKind(mapping.GroupVersionKind.Kind+"List"), &unstructured.UnstructuredList{})
+ }
+
+ return scheme, nil
+ }()
+ if err != nil {
+ return nil, nil, err
+ }
+
+ fakeRestMapper := func() *meta.DefaultRESTMapper {
+ res := meta.NewDefaultRESTMapper([]schema.GroupVersion{
+ {
+ Group: "",
+ Version: "v1",
+ },
+ })
+
+ res.Add(fakePolicyGVK, meta.RESTScopeRoot)
+ res.Add(fakeBindingGVK, meta.RESTScopeRoot)
+ res.Add(corev1.SchemeGroupVersion.WithKind("ConfigMap"), meta.RESTScopeNamespace)
+
+ for _, mapping := range paramMappings {
+ res.AddSpecific(mapping.GroupVersionKind, mapping.Resource, mapping.Resource, mapping.Scope)
+ }
+
+ return res
+ }()
+
+ nativeClient := fake.NewSimpleClientset()
+ dynamicClient := dynamicfake.NewSimpleDynamicClient(policySourceTestScheme)
+ fakeInformerFactory := informers.NewSharedInformerFactory(nativeClient, 30*time.Second)
+
+ // Make an object tracker specifically for our policies and bindings
+ policiesAndBindingsTracker := clienttesting.NewObjectTracker(
+ policySourceTestScheme,
+ serializer.NewCodecFactory(policySourceTestScheme).UniversalDecoder())
+
+ // Make an informer for our policies and bindings
+
+ policyInformer := cache.NewSharedIndexInformer(
+ &cache.ListWatch{
+ ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {
+ return policiesAndBindingsTracker.List(fakePolicyGVR, fakePolicyGVK, "")
+ },
+ WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
+ return policiesAndBindingsTracker.Watch(fakePolicyGVR, "")
+ },
+ },
+ Pexample,
+ 30*time.Second,
+ cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc},
+ )
+ bindingInformer := cache.NewSharedIndexInformer(
+ &cache.ListWatch{
+ ListFunc: func(options metav1.ListOptions) (runtime.Object, error) {
+ return policiesAndBindingsTracker.List(fakeBindingGVR, fakeBindingGVK, "")
+ },
+ WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
+ return policiesAndBindingsTracker.Watch(fakeBindingGVR, "")
+ },
+ },
+ Bexample,
+ 30*time.Second,
+ cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc},
+ )
+
+ var source Source[PolicyHook[P, B, E]]
+ plugin := NewPlugin[PolicyHook[P, B, E]](
+ admission.NewHandler(admission.Connect, admission.Create, admission.Delete, admission.Update),
+ func(sif informers.SharedInformerFactory, i1 kubernetes.Interface, i2 dynamic.Interface, r meta.RESTMapper) Source[PolicyHook[P, B, E]] {
+ source = NewPolicySource[P, B, E](
+ policyInformer,
+ bindingInformer,
+ newPolicyAccessor,
+ newBindingAccessor,
+ compileFunc,
+ sif,
+ i2,
+ r,
+ )
+ return source
+ }, dispatcher)
+ plugin.SetEnabled(true)
+
+ featureGate := featuregate.NewFeatureGate()
+ err = featureGate.Add(map[featuregate.Feature]featuregate.FeatureSpec{
+ //!TODO: move this to validating specific tests
+ features.ValidatingAdmissionPolicy: {
+ Default: true, PreRelease: featuregate.Beta}})
+ if err != nil {
+ return nil, nil, err
+ }
+ err = featureGate.SetFromMap(map[string]bool{string(features.ValidatingAdmissionPolicy): true})
+ if err != nil {
+ return nil, nil, err
+ }
+
+ testContext, testCancel := context.WithCancel(context.Background())
+ genericInitializer := initializer.New(
+ nativeClient,
+ dynamicClient,
+ fakeInformerFactory,
+ fakeAuthorizer{},
+ featureGate,
+ testContext.Done(),
+ )
+ genericInitializer.Initialize(plugin)
+ plugin.SetRESTMapper(fakeRestMapper)
+
+ if err := plugin.ValidateInitialization(); err != nil {
+ testCancel()
+ return nil, nil, err
+ }
+
+ res := &PolicyTestContext[P, B, E]{
+ Context: testContext,
+ Plugin: plugin,
+ Source: source,
+
+ restMapper: fakeRestMapper,
+ scheme: policySourceTestScheme,
+ policyGVK: fakePolicyGVK,
+ bindingGVK: fakeBindingGVK,
+ policyGVR: fakePolicyGVR,
+ bindingGVR: fakeBindingGVR,
+ nativeTracker: nativeClient.Tracker(),
+ policyAndBindingTracker: policiesAndBindingsTracker,
+ unstructuredTracker: dynamicClient.Tracker(),
+ }
+
+ for _, obj := range initialObjects {
+ err := res.updateOne(obj)
+ if err != nil {
+ testCancel()
+ return nil, nil, err
+ }
+ }
+
+ res.Start = func() error {
+ fakeInformerFactory.Start(res.Done())
+ go policyInformer.Run(res.Done())
+ go bindingInformer.Run(res.Done())
+
+ if !cache.WaitForCacheSync(res.Done(), res.Source.HasSynced) {
+ return fmt.Errorf("timed out waiting for initial cache sync")
+ }
+ return nil
+ }
+ return res, testCancel, nil
+}
+
+// UpdateAndWait updates the given object in the test, or creates it if it doesn't exist
+// Depending upon object type, waits afterward until the object is synced
+// by the policy source
+//
+// Be aware the UpdateAndWait will modify the ResourceVersion of the
+// provided objects.
+func (p *PolicyTestContext[P, B, E]) UpdateAndWait(objects ...runtime.Object) error {
+ return p.update(true, objects...)
+}
+
+// Update updates the given object in the test, or creates it if it doesn't exist
+//
+// Be aware the Update will modify the ResourceVersion of the
+// provided objects.
+func (p *PolicyTestContext[P, B, E]) Update(objects ...runtime.Object) error {
+ return p.update(false, objects...)
+}
+
+// Objects the given object in the test, or creates it if it doesn't exist
+// Depending upon object type, waits afterward until the object is synced
+// by the policy source
+func (p *PolicyTestContext[P, B, E]) update(wait bool, objects ...runtime.Object) error {
+ for _, object := range objects {
+ if err := p.updateOne(object); err != nil {
+ return err
+ }
+ }
+
+ if wait {
+ timeoutCtx, timeoutCancel := context.WithTimeout(p, 3*time.Second)
+ defer timeoutCancel()
+
+ for _, object := range objects {
+ if err := p.WaitForReconcile(timeoutCtx, object); err != nil {
+ return fmt.Errorf("error waiting for reconcile of %v: %v", object, err)
+ }
+ }
+ }
+ return nil
+}
+
+// Depending upon object type, waits afterward until the object is synced
+// by the policy source. Note that policies that are not bound are skipped,
+// so you should not try to wait for an unbound policy. Create both the binding
+// and policy, then wait.
+func (p *PolicyTestContext[P, B, E]) WaitForReconcile(timeoutCtx context.Context, object runtime.Object) error {
+ if !p.Source.HasSynced() {
+ return nil
+ }
+
+ objectMeta, err := meta.Accessor(object)
+ if err != nil {
+ return err
+ }
+
+ objectGVK, _, err := p.inferGVK(object)
+ if err != nil {
+ return err
+ }
+
+ switch objectGVK {
+ case p.policyGVK:
+ return wait.PollUntilContextCancel(timeoutCtx, 100*time.Millisecond, true, func(ctx context.Context) (done bool, err error) {
+ policies := p.Source.Hooks()
+ for _, policy := range policies {
+ policyMeta, err := meta.Accessor(policy.Policy)
+ if err != nil {
+ return true, err
+ } else if policyMeta.GetName() == objectMeta.GetName() && policyMeta.GetResourceVersion() == objectMeta.GetResourceVersion() {
+ return true, nil
+ }
+ }
+ return false, nil
+ })
+ case p.bindingGVK:
+ return wait.PollUntilContextCancel(timeoutCtx, 100*time.Millisecond, true, func(ctx context.Context) (done bool, err error) {
+ policies := p.Source.Hooks()
+ for _, policy := range policies {
+ for _, binding := range policy.Bindings {
+ bindingMeta, err := meta.Accessor(binding)
+ if err != nil {
+ return true, err
+ } else if bindingMeta.GetName() == objectMeta.GetName() && bindingMeta.GetResourceVersion() == objectMeta.GetResourceVersion() {
+ return true, nil
+ }
+ }
+ }
+ return false, nil
+ })
+
+ default:
+ // Do nothing, params are visible immediately
+ // Loop until one of the params is visible via get of the param informer
+ return wait.PollUntilContextCancel(timeoutCtx, 100*time.Millisecond, true, func(ctx context.Context) (done bool, err error) {
+ informer, scope := p.Source.(*policySource[P, B, E]).getParamInformer(objectGVK)
+ if informer == nil {
+ // Informer does not exist yet, keep waiting for sync
+ return false, nil
+ }
+
+ if !cache.WaitForCacheSync(timeoutCtx.Done(), informer.Informer().HasSynced) {
+ return false, fmt.Errorf("timed out waiting for cache sync of param informer")
+ }
+
+ var lister cache.GenericNamespaceLister = informer.Lister()
+ if scope == meta.RESTScopeNamespace {
+ lister = informer.Lister().ByNamespace(objectMeta.GetNamespace())
+ }
+
+ fetched, err := lister.Get(objectMeta.GetName())
+ if err != nil {
+ if errors.IsNotFound(err) {
+ return false, nil
+ }
+ return true, err
+ }
+
+ // Ensure RV matches
+ fetchedMeta, err := meta.Accessor(fetched)
+ if err != nil {
+ return true, err
+ } else if fetchedMeta.GetResourceVersion() != objectMeta.GetResourceVersion() {
+ return false, nil
+ }
+
+ return true, nil
+ })
+ }
+}
+
+func (p *PolicyTestContext[P, B, E]) waitForDelete(ctx context.Context, objectGVK schema.GroupVersionKind, name types.NamespacedName) error {
+ srce := p.Source.(*policySource[P, B, E])
+
+ return wait.PollUntilContextCancel(ctx, 100*time.Millisecond, true, func(ctx context.Context) (done bool, err error) {
+ switch objectGVK {
+ case p.policyGVK:
+ for _, hook := range p.Source.Hooks() {
+ accessor := srce.newPolicyAccessor(hook.Policy)
+ if accessor.GetName() == name.Name && accessor.GetNamespace() == name.Namespace {
+ return false, nil
+ }
+ }
+
+ return true, nil
+ case p.bindingGVK:
+ for _, hook := range p.Source.Hooks() {
+ for _, binding := range hook.Bindings {
+ accessor := srce.newBindingAccessor(binding)
+ if accessor.GetName() == name.Name && accessor.GetNamespace() == name.Namespace {
+ return false, nil
+ }
+ }
+ }
+ return true, nil
+ default:
+ // Do nothing, params are visible immediately
+ // Loop until one of the params is visible via get of the param informer
+ informer, scope := p.Source.(*policySource[P, B, E]).getParamInformer(objectGVK)
+ if informer == nil {
+ return true, nil
+ }
+
+ var lister cache.GenericNamespaceLister = informer.Lister()
+ if scope == meta.RESTScopeNamespace {
+ lister = informer.Lister().ByNamespace(name.Namespace)
+ }
+
+ _, err = lister.Get(name.Name)
+ if err != nil {
+ if errors.IsNotFound(err) {
+ return true, nil
+ }
+ return false, err
+ }
+ return false, nil
+ }
+ })
+}
+
+func (p *PolicyTestContext[P, B, E]) updateOne(object runtime.Object) error {
+ objectMeta, err := meta.Accessor(object)
+ if err != nil {
+ return err
+ }
+ objectMeta.SetResourceVersion(string(uuid.NewUUID()))
+ objectGVK, gvr, err := p.inferGVK(object)
+ if err != nil {
+ return err
+ }
+
+ switch objectGVK {
+ case p.policyGVK:
+ err := p.policyAndBindingTracker.Update(p.policyGVR, object, objectMeta.GetNamespace())
+ if errors.IsNotFound(err) {
+ err = p.policyAndBindingTracker.Create(p.policyGVR, object, objectMeta.GetNamespace())
+ }
+
+ return err
+ case p.bindingGVK:
+ err := p.policyAndBindingTracker.Update(p.bindingGVR, object, objectMeta.GetNamespace())
+ if errors.IsNotFound(err) {
+ err = p.policyAndBindingTracker.Create(p.bindingGVR, object, objectMeta.GetNamespace())
+ }
+
+ return err
+ default:
+ if _, ok := object.(*unstructured.Unstructured); ok {
+ if err := p.unstructuredTracker.Create(gvr, object, objectMeta.GetNamespace()); err != nil {
+ if errors.IsAlreadyExists(err) {
+ return p.unstructuredTracker.Update(gvr, object, objectMeta.GetNamespace())
+ }
+ return err
+ }
+ return nil
+ } else if err := p.nativeTracker.Create(gvr, object, objectMeta.GetNamespace()); err != nil {
+ if errors.IsAlreadyExists(err) {
+ return p.nativeTracker.Update(gvr, object, objectMeta.GetNamespace())
+ }
+ }
+ return nil
+ }
+}
+
+// Depending upon object type, waits afterward until the object is synced
+// by the policy source
+func (p *PolicyTestContext[P, B, E]) DeleteAndWait(object ...runtime.Object) error {
+ for _, object := range object {
+ if err := p.deleteOne(object); err != nil && !errors.IsNotFound(err) {
+ return err
+ }
+ }
+
+ timeoutCtx, timeoutCancel := context.WithTimeout(p, 3*time.Second)
+ defer timeoutCancel()
+
+ for _, object := range object {
+ accessor, err := meta.Accessor(object)
+ if err != nil {
+ return err
+ }
+
+ objectGVK, _, err := p.inferGVK(object)
+ if err != nil {
+ return err
+ }
+
+ if err := p.waitForDelete(
+ timeoutCtx,
+ objectGVK,
+ types.NamespacedName{Name: accessor.GetName(), Namespace: accessor.GetNamespace()}); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (p *PolicyTestContext[P, B, E]) deleteOne(object runtime.Object) error {
+ objectMeta, err := meta.Accessor(object)
+ if err != nil {
+ return err
+ }
+ objectMeta.SetResourceVersion(string(uuid.NewUUID()))
+ objectGVK, gvr, err := p.inferGVK(object)
+ if err != nil {
+ return err
+ }
+
+ switch objectGVK {
+ case p.policyGVK:
+ return p.policyAndBindingTracker.Delete(p.policyGVR, objectMeta.GetNamespace(), objectMeta.GetName())
+ case p.bindingGVK:
+ return p.policyAndBindingTracker.Delete(p.bindingGVR, objectMeta.GetNamespace(), objectMeta.GetName())
+ default:
+ if _, ok := object.(*unstructured.Unstructured); ok {
+ return p.unstructuredTracker.Delete(gvr, objectMeta.GetNamespace(), objectMeta.GetName())
+ }
+ return p.nativeTracker.Delete(gvr, objectMeta.GetNamespace(), objectMeta.GetName())
+ }
+}
+
+func (p *PolicyTestContext[P, B, E]) Dispatch(
+ new, old runtime.Object,
+ operation admission.Operation,
+) error {
+ if old == nil && new == nil {
+ return fmt.Errorf("both old and new objects cannot be nil")
+ }
+
+ nonNilObject := new
+ if nonNilObject == nil {
+ nonNilObject = old
+ }
+
+ gvk, gvr, err := p.inferGVK(nonNilObject)
+ if err != nil {
+ return err
+ }
+
+ nonNilMeta, err := meta.Accessor(nonNilObject)
+ if err != nil {
+ return err
+ }
+
+ return p.Plugin.Dispatch(
+ p,
+ admission.NewAttributesRecord(
+ new,
+ old,
+ gvk,
+ nonNilMeta.GetName(),
+ nonNilMeta.GetNamespace(),
+ gvr,
+ "",
+ operation,
+ nil,
+ false,
+ nil,
+ ), admission.NewObjectInterfacesFromScheme(p.scheme))
+}
+
+func (p *PolicyTestContext[P, B, E]) inferGVK(object runtime.Object) (schema.GroupVersionKind, schema.GroupVersionResource, error) {
+ objectGVK := object.GetObjectKind().GroupVersionKind()
+ if objectGVK.Empty() {
+ // If the object doesn't have a GVK, ask the schema for preferred GVK
+ knownKinds, _, err := p.scheme.ObjectKinds(object)
+ if err != nil {
+ return schema.GroupVersionKind{}, schema.GroupVersionResource{}, err
+ } else if len(knownKinds) == 0 {
+ return schema.GroupVersionKind{}, schema.GroupVersionResource{}, fmt.Errorf("no known GVKs for object in schema: %T", object)
+ }
+ toTake := 0
+
+ // Prefer GVK if it is our fake policy or binding
+ for i, knownKind := range knownKinds {
+ if knownKind == p.policyGVK || knownKind == p.bindingGVK {
+ toTake = i
+ break
+ }
+ }
+
+ objectGVK = knownKinds[toTake]
+ }
+
+ // Make sure GVK is known to the fake rest mapper. To prevent cryptic error
+ mapping, err := p.restMapper.RESTMapping(objectGVK.GroupKind(), objectGVK.Version)
+ if err != nil {
+ return schema.GroupVersionKind{}, schema.GroupVersionResource{}, err
+ }
+ return objectGVK, mapping.Resource, nil
+}
+
+type FakeList[T runtime.Object] struct {
+ metav1.TypeMeta
+ metav1.ListMeta
+ Items []T
+}
+
+func (fl *FakeList[P]) DeepCopyObject() runtime.Object {
+ copiedItems := make([]P, len(fl.Items))
+ for i, item := range fl.Items {
+ copiedItems[i] = item.DeepCopyObject().(P)
+ }
+ return &FakeList[P]{
+ TypeMeta: fl.TypeMeta,
+ ListMeta: fl.ListMeta,
+ Items: copiedItems,
+ }
+}
+
+type fakeAuthorizer struct{}
+
+func (f fakeAuthorizer) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) {
+ return authorizer.DecisionAllow, "", nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/controller.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/controller.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/controller.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/controller.go
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/doc.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/doc.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/doc.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/doc.go
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/informer.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/informer.go
similarity index 79%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/informer.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/informer.go
index 3025aa1953..acb6316ec3 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/informer.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/informer.go
@@ -28,6 +28,10 @@ type informer[T runtime.Object] struct {
lister[T]
}
+// Creates a generic informer around a type-erased cache.SharedIndexInformer
+// It is incumbent on the caller to ensure that the generic type argument is
+// consistent with the type of the objects stored inside the SharedIndexInformer
+// as they will be casted.
func NewInformer[T runtime.Object](informe cache.SharedIndexInformer) Informer[T] {
return informer[T]{
SharedIndexInformer: informe,
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/interface.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/interface.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/interface.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/interface.go
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/lister.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/lister.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic/lister.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic/lister.go
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching/matching.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/matching/matching.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching/matching.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/matching/matching.go
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/accessor.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/accessor.go
new file mode 100644
index 0000000000..6af2857598
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/accessor.go
@@ -0,0 +1,82 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validating
+
+import (
+ "k8s.io/api/admissionregistration/v1beta1"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/generic"
+)
+
+func NewValidatingAdmissionPolicyAccessor(obj *v1beta1.ValidatingAdmissionPolicy) generic.PolicyAccessor {
+ return &validatingAdmissionPolicyAccessor{
+ ValidatingAdmissionPolicy: obj,
+ }
+}
+
+func NewValidatingAdmissionPolicyBindingAccessor(obj *v1beta1.ValidatingAdmissionPolicyBinding) generic.BindingAccessor {
+ return &validatingAdmissionPolicyBindingAccessor{
+ ValidatingAdmissionPolicyBinding: obj,
+ }
+}
+
+type validatingAdmissionPolicyAccessor struct {
+ *v1beta1.ValidatingAdmissionPolicy
+}
+
+func (v *validatingAdmissionPolicyAccessor) GetNamespace() string {
+ return v.Namespace
+}
+
+func (v *validatingAdmissionPolicyAccessor) GetName() string {
+ return v.Name
+}
+
+func (v *validatingAdmissionPolicyAccessor) GetParamKind() *v1beta1.ParamKind {
+ return v.Spec.ParamKind
+}
+
+func (v *validatingAdmissionPolicyAccessor) GetMatchConstraints() *v1beta1.MatchResources {
+ return v.Spec.MatchConstraints
+}
+
+type validatingAdmissionPolicyBindingAccessor struct {
+ *v1beta1.ValidatingAdmissionPolicyBinding
+}
+
+func (v *validatingAdmissionPolicyBindingAccessor) GetNamespace() string {
+ return v.Namespace
+}
+
+func (v *validatingAdmissionPolicyBindingAccessor) GetName() string {
+ return v.Name
+}
+
+func (v *validatingAdmissionPolicyBindingAccessor) GetPolicyName() types.NamespacedName {
+ return types.NamespacedName{
+ Namespace: "",
+ Name: v.Spec.PolicyName,
+ }
+}
+
+func (v *validatingAdmissionPolicyBindingAccessor) GetMatchResources() *v1beta1.MatchResources {
+ return v.Spec.MatchResources
+}
+
+func (v *validatingAdmissionPolicyBindingAccessor) GetParamRef() *v1beta1.ParamRef {
+ return v.Spec.ParamRef
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/caching_authorizer.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/caching_authorizer.go
similarity index 99%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/caching_authorizer.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/caching_authorizer.go
index a295cb30dc..fbefd595e5 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/caching_authorizer.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/caching_authorizer.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"context"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/dispatcher.go
similarity index 55%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/dispatcher.go
index 46b76e06d5..3fc67a4c6a 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/dispatcher.go
@@ -14,67 +14,45 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"context"
"errors"
"fmt"
"strings"
- "sync"
- "sync/atomic"
- "time"
"k8s.io/api/admissionregistration/v1beta1"
v1 "k8s.io/api/core/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
- "k8s.io/apimachinery/pkg/api/meta"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
utiljson "k8s.io/apimachinery/pkg/util/json"
- utilruntime "k8s.io/apimachinery/pkg/util/runtime"
- "k8s.io/apimachinery/pkg/util/sets"
- "k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apiserver/pkg/admission"
- celmetrics "k8s.io/apiserver/pkg/admission/cel"
- "k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic"
- "k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/generic"
+ celmetrics "k8s.io/apiserver/pkg/admission/plugin/policy/validating/metrics"
celconfig "k8s.io/apiserver/pkg/apis/cel"
"k8s.io/apiserver/pkg/authorization/authorizer"
"k8s.io/apiserver/pkg/warning"
- "k8s.io/client-go/dynamic"
- "k8s.io/client-go/informers"
- "k8s.io/client-go/kubernetes"
- "k8s.io/client-go/tools/cache"
"k8s.io/klog/v2"
)
-var _ CELPolicyEvaluator = &celAdmissionController{}
-
-// celAdmissionController is the top-level controller for admission control using CEL
-// it is responsible for watching policy definitions, bindings, and config param CRDs
-type celAdmissionController struct {
- // Controller which manages book-keeping for the cluster's dynamic policy
- // information.
- policyController *policyController
-
- // atomic []policyData
- // list of every known policy definition, and all informatoin required to
- // validate its bindings against an object.
- // A snapshot of the current policy configuration is synced with this field
- // asynchronously
- definitions atomic.Value
-
- authz authorizer.Authorizer
+type dispatcher struct {
+ matcher generic.PolicyMatcher
+ authz authorizer.Authorizer
}
-// Everything someone might need to validate a single ValidatingPolicyDefinition
-// against all of its registered bindings.
-type policyData struct {
- definitionInfo
- paramInfo
- bindings []bindingInfo
+var _ generic.Dispatcher[PolicyHook] = &dispatcher{}
+
+func NewDispatcher(
+ authorizer authorizer.Authorizer,
+ matcher generic.PolicyMatcher,
+) generic.Dispatcher[PolicyHook] {
+ return &dispatcher{
+ matcher: matcher,
+ authz: authorizer,
+ }
}
// contains the cel PolicyDecisions along with the ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding
@@ -85,110 +63,8 @@ type policyDecisionWithMetadata struct {
Binding *v1beta1.ValidatingAdmissionPolicyBinding
}
-// namespaceName is used as a key in definitionInfo and bindingInfos
-type namespacedName struct {
- namespace, name string
-}
-
-type definitionInfo struct {
- // Error about the state of the definition's configuration and the cluster
- // preventing its enforcement or compilation.
- // Reset every reconciliation
- configurationError error
-
- // Last value seen by this controller to be used in policy enforcement
- // May not be nil
- lastReconciledValue *v1beta1.ValidatingAdmissionPolicy
-}
-
-type bindingInfo struct {
- // Compiled CEL expression turned into an validator
- validator Validator
-
- // Last value seen by this controller to be used in policy enforcement
- // May not be nil
- lastReconciledValue *v1beta1.ValidatingAdmissionPolicyBinding
-}
-
-type paramInfo struct {
- // Controller which is watching this param CRD
- controller generic.Controller[runtime.Object]
-
- // Function to call to stop the informer and clean up the controller
- stop func()
-
- // Whether this param is cluster or namespace scoped
- scope meta.RESTScope
-
- // Policy Definitions which refer to this param CRD
- dependentDefinitions sets.Set[namespacedName]
-}
-
-func NewAdmissionController(
- // Injected Dependencies
- informerFactory informers.SharedInformerFactory,
- client kubernetes.Interface,
- restMapper meta.RESTMapper,
- dynamicClient dynamic.Interface,
- authz authorizer.Authorizer,
-) CELPolicyEvaluator {
- return &celAdmissionController{
- definitions: atomic.Value{},
- policyController: newPolicyController(
- restMapper,
- client,
- dynamicClient,
- informerFactory,
- nil,
- NewMatcher(matching.NewMatcher(informerFactory.Core().V1().Namespaces().Lister(), client)),
- generic.NewInformer[*v1beta1.ValidatingAdmissionPolicy](
- informerFactory.Admissionregistration().V1beta1().ValidatingAdmissionPolicies().Informer()),
- generic.NewInformer[*v1beta1.ValidatingAdmissionPolicyBinding](
- informerFactory.Admissionregistration().V1beta1().ValidatingAdmissionPolicyBindings().Informer()),
- ),
- authz: authz,
- }
-}
-
-func (c *celAdmissionController) Run(stopCh <-chan struct{}) {
- ctx, cancel := context.WithCancel(context.Background())
- wg := sync.WaitGroup{}
-
- wg.Add(1)
- go func() {
- defer wg.Done()
- c.policyController.Run(ctx)
- }()
-
- wg.Add(1)
- go func() {
- defer wg.Done()
-
- // Wait indefinitely until policies/bindings are listed & handled before
- // allowing policies to be refreshed
- if !cache.WaitForNamedCacheSync("cel-admission-controller", ctx.Done(), c.policyController.HasSynced) {
- return
- }
-
- // Loop every 1 second until context is cancelled, refreshing policies
- wait.Until(c.refreshPolicies, 1*time.Second, ctx.Done())
- }()
-
- <-stopCh
- cancel()
- wg.Wait()
-}
-
-const maxAuditAnnotationValueLength = 10 * 1024
-
-func (c *celAdmissionController) Validate(
- ctx context.Context,
- a admission.Attributes,
- o admission.ObjectInterfaces,
-) (err error) {
- if !c.HasSynced() {
- return admission.NewForbidden(a, fmt.Errorf("not yet ready to handle request"))
- }
+// Dispatch implements generic.Dispatcher.
+func (c *dispatcher) Dispatch(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces, hooks []PolicyHook) error {
var deniedDecisions []policyDecisionWithMetadata
@@ -232,19 +108,18 @@ func (c *celAdmissionController) Validate(
})
}
}
- policyDatas := c.definitions.Load().([]policyData)
authz := newCachingAuthorizer(c.authz)
- for _, definitionInfo := range policyDatas {
+ for _, hook := range hooks {
// versionedAttributes will be set to non-nil inside of the loop, but
// is scoped outside of the param loop so we only convert once. We defer
// conversion so that it is only performed when we know a policy matches,
// saving the cost of converting non-matching requests.
var versionedAttr *admission.VersionedAttributes
- definition := definitionInfo.lastReconciledValue
- matches, matchResource, matchKind, err := c.policyController.matcher.DefinitionMatches(a, o, definition)
+ definition := hook.Policy
+ matches, matchResource, matchKind, err := c.matcher.DefinitionMatches(a, o, NewValidatingAdmissionPolicyAccessor(definition))
if err != nil {
// Configuration error.
addConfigError(err, definition, nil)
@@ -253,18 +128,17 @@ func (c *celAdmissionController) Validate(
if !matches {
// Policy definition does not match request
continue
- } else if definitionInfo.configurationError != nil {
+ } else if hook.ConfigurationError != nil {
// Configuration error.
- addConfigError(definitionInfo.configurationError, definition, nil)
+ addConfigError(hook.ConfigurationError, definition, nil)
continue
}
auditAnnotationCollector := newAuditAnnotationCollector()
- for _, bindingInfo := range definitionInfo.bindings {
+ for _, binding := range hook.Bindings {
// If the key is inside dependentBindings, there is guaranteed to
// be a bindingInfo for it
- binding := bindingInfo.lastReconciledValue
- matches, err := c.policyController.matcher.BindingMatches(a, o, binding)
+ matches, err := c.matcher.BindingMatches(a, o, NewValidatingAdmissionPolicyBindingAccessor(binding))
if err != nil {
// Configuration error.
addConfigError(err, definition, binding)
@@ -274,7 +148,14 @@ func (c *celAdmissionController) Validate(
continue
}
- params, err := c.collectParams(definition.Spec.ParamKind, definitionInfo.paramInfo, binding.Spec.ParamRef, a.GetNamespace())
+ params, err := generic.CollectParams(
+ hook.Policy.Spec.ParamKind,
+ hook.ParamInformer,
+ hook.ParamScope,
+ binding.Spec.ParamRef,
+ a.GetNamespace(),
+ )
+
if err != nil {
addConfigError(err, definition, binding)
continue
@@ -303,7 +184,7 @@ func (c *celAdmissionController) Validate(
// if it is cluster scoped, namespaceName will be empty
// Otherwise, get the Namespace resource.
if namespaceName != "" {
- namespace, err = c.policyController.matcher.GetNamespace(namespaceName)
+ namespace, err = c.matcher.GetNamespace(namespaceName)
if err != nil {
return err
}
@@ -323,7 +204,18 @@ func (c *celAdmissionController) Validate(
nested: param,
}
}
- validationResults = append(validationResults, bindingInfo.validator.Validate(ctx, matchResource, versionedAttr, p, namespace, celconfig.RuntimeCELCostBudget, authz))
+
+ validationResults = append(validationResults,
+ hook.Evaluator.Validate(
+ ctx,
+ matchResource,
+ versionedAttr,
+ p,
+ namespace,
+ celconfig.RuntimeCELCostBudget,
+ authz,
+ ),
+ )
}
for _, validationResult := range validationResults {
@@ -344,7 +236,7 @@ func (c *celAdmissionController) Validate(
})
celmetrics.Metrics.ObserveRejection(ctx, decision.Elapsed, definition.Name, binding.Name, "active")
case v1beta1.Audit:
- c.publishValidationFailureAnnotation(binding, i, decision, versionedAttr)
+ publishValidationFailureAnnotation(binding, i, decision, versionedAttr)
celmetrics.Metrics.ObserveAudit(ctx, decision.Elapsed, definition.Name, binding.Name, "active")
case v1beta1.Warn:
warning.AddWarning(ctx, "", fmt.Sprintf("Validation failed for ValidatingAdmissionPolicy '%s' with binding '%s': %s", definition.Name, binding.Name, decision.Message))
@@ -410,127 +302,10 @@ func (c *celAdmissionController) Validate(
return nil
}
-// Returns objects to use to evaluate the policy
-func (c *celAdmissionController) collectParams(
- paramKind *v1beta1.ParamKind,
- info paramInfo,
- paramRef *v1beta1.ParamRef,
- namespace string,
-) ([]runtime.Object, error) {
- // If definition has paramKind, paramRef is required in binding.
- // If definition has no paramKind, paramRef set in binding will be ignored.
- var params []runtime.Object
- var paramStore generic.NamespacedLister[runtime.Object]
-
- // Make sure the param kind is ready to use
- if paramKind != nil && paramRef != nil {
- if info.controller == nil {
- return nil, fmt.Errorf("paramKind kind `%v` not known",
- paramKind.String())
- }
-
- // Set up cluster-scoped, or namespaced access to the params
- // "default" if not provided, and paramKind is namespaced
- paramStore = info.controller.Informer()
- if info.scope.Name() == meta.RESTScopeNameNamespace {
- paramsNamespace := namespace
- if len(paramRef.Namespace) > 0 {
- paramsNamespace = paramRef.Namespace
- } else if len(paramsNamespace) == 0 {
- // You must supply namespace if your matcher can possibly
- // match a cluster-scoped resource
- return nil, fmt.Errorf("cannot use namespaced paramRef in policy binding that matches cluster-scoped resources")
- }
-
- paramStore = info.controller.Informer().Namespaced(paramsNamespace)
- }
-
- // If the param informer for this admission policy has not yet
- // had time to perform an initial listing, don't attempt to use
- // it.
- timeoutCtx, cancel := context.WithTimeout(c.policyController.context, 1*time.Second)
- defer cancel()
-
- if !cache.WaitForCacheSync(timeoutCtx.Done(), info.controller.HasSynced) {
- return nil, fmt.Errorf("paramKind kind `%v` not yet synced to use for admission",
- paramKind.String())
- }
- }
-
- // Find params to use with policy
- switch {
- case paramKind == nil:
- // ParamKind is unset. Ignore any globalParamRef or namespaceParamRef
- // setting.
- return []runtime.Object{nil}, nil
- case paramRef == nil:
- // Policy ParamKind is set, but binding does not use it.
- // Validate with nil params
- return []runtime.Object{nil}, nil
- case len(paramRef.Namespace) > 0 && info.scope.Name() == meta.RESTScopeRoot.Name():
- // Not allowed to set namespace for cluster-scoped param
- return nil, fmt.Errorf("paramRef.namespace must not be provided for a cluster-scoped `paramKind`")
-
- case len(paramRef.Name) > 0:
- if paramRef.Selector != nil {
- // This should be validated, but just in case.
- return nil, fmt.Errorf("paramRef.name and paramRef.selector are mutually exclusive")
- }
-
- switch param, err := paramStore.Get(paramRef.Name); {
- case err == nil:
- params = []runtime.Object{param}
- case k8serrors.IsNotFound(err):
- // Param not yet available. User may need to wait a bit
- // before being able to use it for validation.
- //
- // Set params to nil to prepare for not found action
- params = nil
- case k8serrors.IsInvalid(err):
- // Param mis-configured
- // require to set namespace for namespaced resource
- // and unset namespace for cluster scoped resource
- return nil, err
- default:
- // Internal error
- utilruntime.HandleError(err)
- return nil, err
- }
- case paramRef.Selector != nil:
- // Select everything by default if empty name and selector
- selector, err := metav1.LabelSelectorAsSelector(paramRef.Selector)
- if err != nil {
- // Cannot parse label selector: configuration error
- return nil, err
-
- }
-
- paramList, err := paramStore.List(selector)
- if err != nil {
- // There was a bad internal error
- utilruntime.HandleError(err)
- return nil, err
- }
-
- // Successfully grabbed params
- params = paramList
- default:
- // Should be unreachable due to validation
- return nil, fmt.Errorf("one of name or selector must be provided")
- }
-
- // Apply fail action for params not found case
- if len(params) == 0 && paramRef.ParameterNotFoundAction != nil && *paramRef.ParameterNotFoundAction == v1beta1.DenyAction {
- return nil, errors.New("no params found for policy binding with `Deny` parameterNotFoundAction")
- }
-
- return params, nil
-}
-
-func (c *celAdmissionController) publishValidationFailureAnnotation(binding *v1beta1.ValidatingAdmissionPolicyBinding, expressionIndex int, decision PolicyDecision, attributes admission.Attributes) {
+func publishValidationFailureAnnotation(binding *v1beta1.ValidatingAdmissionPolicyBinding, expressionIndex int, decision PolicyDecision, attributes admission.Attributes) {
key := "validation.policy.admission.k8s.io/validation_failure"
// Marshal to a list of failures since, in the future, we may need to support multiple failures
- valueJson, err := utiljson.Marshal([]validationFailureValue{{
+ valueJSON, err := utiljson.Marshal([]ValidationFailureValue{{
ExpressionIndex: expressionIndex,
Message: decision.Message,
ValidationActions: binding.Spec.ValidationActions,
@@ -540,27 +315,17 @@ func (c *celAdmissionController) publishValidationFailureAnnotation(binding *v1b
if err != nil {
klog.Warningf("Failed to set admission audit annotation %s for ValidatingAdmissionPolicy %s and ValidatingAdmissionPolicyBinding %s: %v", key, binding.Spec.PolicyName, binding.Name, err)
}
- value := string(valueJson)
+ value := string(valueJSON)
if err := attributes.AddAnnotation(key, value); err != nil {
klog.Warningf("Failed to set admission audit annotation %s to %s for ValidatingAdmissionPolicy %s and ValidatingAdmissionPolicyBinding %s: %v", key, value, binding.Spec.PolicyName, binding.Name, err)
}
}
-func (c *celAdmissionController) HasSynced() bool {
- return c.policyController.HasSynced() && c.definitions.Load() != nil
-}
-
-func (c *celAdmissionController) ValidateInitialization() error {
- return c.policyController.matcher.ValidateInitialization()
-}
-
-func (c *celAdmissionController) refreshPolicies() {
- c.definitions.Store(c.policyController.latestPolicyData())
-}
+const maxAuditAnnotationValueLength = 10 * 1024
// validationFailureValue defines the JSON format of a "validation.policy.admission.k8s.io/validation_failure" audit
// annotation value.
-type validationFailureValue struct {
+type ValidationFailureValue struct {
Message string `json:"message"`
Policy string `json:"policy"`
Binding string `json:"binding"`
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/initializer.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/initializer.go
similarity index 96%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/initializer.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/initializer.go
index 15b7579858..c7cb9c657e 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/initializer.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/initializer.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"context"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/interface.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/interface.go
similarity index 75%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/interface.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/interface.go
index 206fc13783..97eeb95504 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/interface.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/interface.go
@@ -14,14 +14,13 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"context"
celgo "github.com/google/cel-go/cel"
- "k8s.io/api/admissionregistration/v1beta1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
@@ -80,23 +79,6 @@ func (v *Variable) GetName() string {
return v.Name
}
-// Matcher is used for matching ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding to attributes
-type Matcher interface {
- admission.InitializationValidator
-
- // DefinitionMatches says whether this policy definition matches the provided admission
- // resource request
- DefinitionMatches(a admission.Attributes, o admission.ObjectInterfaces, definition *v1beta1.ValidatingAdmissionPolicy) (bool, schema.GroupVersionResource, schema.GroupVersionKind, error)
-
- // BindingMatches says whether this policy definition matches the provided admission
- // resource request
- BindingMatches(a admission.Attributes, o admission.ObjectInterfaces, definition *v1beta1.ValidatingAdmissionPolicyBinding) (bool, error)
-
- // GetNamespace retrieves the Namespace resource by the given name. The name may be empty, in which case
- // GetNamespace must return nil, nil
- GetNamespace(name string) (*corev1.Namespace, error)
-}
-
// ValidateResult defines the result of a Validator.Validate operation.
type ValidateResult struct {
// Decisions specifies the outcome of the validation as well as the details about the decision.
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/message.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/message.go
similarity index 96%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/message.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/message.go
index 772891e3c8..8b7d973617 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/message.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/message.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
celgo "github.com/google/cel-go/cel"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/cel/metrics.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/metrics/metrics.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/admission/cel/metrics.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/metrics/metrics.go
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/plugin.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/plugin.go
new file mode 100644
index 0000000000..56b22fc04f
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/plugin.go
@@ -0,0 +1,202 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package validating
+
+import (
+ "context"
+ "io"
+
+ v1 "k8s.io/api/admissionregistration/v1"
+ "k8s.io/api/admissionregistration/v1beta1"
+ "k8s.io/apimachinery/pkg/api/meta"
+ "k8s.io/apiserver/pkg/admission"
+ "k8s.io/apiserver/pkg/admission/initializer"
+ "k8s.io/apiserver/pkg/admission/plugin/cel"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/generic"
+ "k8s.io/apiserver/pkg/admission/plugin/policy/matching"
+ "k8s.io/apiserver/pkg/admission/plugin/webhook/matchconditions"
+ "k8s.io/apiserver/pkg/authorization/authorizer"
+ "k8s.io/apiserver/pkg/cel/environment"
+ "k8s.io/apiserver/pkg/features"
+ "k8s.io/client-go/dynamic"
+ "k8s.io/client-go/informers"
+ "k8s.io/client-go/kubernetes"
+ "k8s.io/component-base/featuregate"
+)
+
+const (
+ // PluginName indicates the name of admission plug-in
+ PluginName = "ValidatingAdmissionPolicy"
+)
+
+var (
+ compositionEnvTemplate *cel.CompositionEnv = func() *cel.CompositionEnv {
+ compositionEnvTemplate, err := cel.NewCompositionEnv(cel.VariablesTypeName, environment.MustBaseEnvSet(environment.DefaultCompatibilityVersion()))
+ if err != nil {
+ panic(err)
+ }
+
+ return compositionEnvTemplate
+ }()
+)
+
+// Register registers a plugin
+func Register(plugins *admission.Plugins) {
+ plugins.Register(PluginName, func(configFile io.Reader) (admission.Interface, error) {
+ return NewPlugin(configFile), nil
+ })
+}
+
+// Plugin is an implementation of admission.Interface.
+type Policy = v1beta1.ValidatingAdmissionPolicy
+type PolicyBinding = v1beta1.ValidatingAdmissionPolicyBinding
+type PolicyEvaluator = Validator
+type PolicyHook = generic.PolicyHook[*Policy, *PolicyBinding, PolicyEvaluator]
+
+type Plugin struct {
+ *generic.Plugin[PolicyHook]
+}
+
+var _ admission.Interface = &Plugin{}
+var _ admission.ValidationInterface = &Plugin{}
+var _ initializer.WantsFeatures = &Plugin{}
+
+func NewPlugin(_ io.Reader) *Plugin {
+ handler := admission.NewHandler(admission.Connect, admission.Create, admission.Delete, admission.Update)
+
+ return &Plugin{
+ Plugin: generic.NewPlugin(
+ handler,
+ func(f informers.SharedInformerFactory, client kubernetes.Interface, dynamicClient dynamic.Interface, restMapper meta.RESTMapper) generic.Source[PolicyHook] {
+ return generic.NewPolicySource(
+ f.Admissionregistration().V1beta1().ValidatingAdmissionPolicies().Informer(),
+ f.Admissionregistration().V1beta1().ValidatingAdmissionPolicyBindings().Informer(),
+ NewValidatingAdmissionPolicyAccessor,
+ NewValidatingAdmissionPolicyBindingAccessor,
+ compilePolicy,
+ f,
+ dynamicClient,
+ restMapper,
+ )
+ },
+ func(a authorizer.Authorizer, m *matching.Matcher) generic.Dispatcher[PolicyHook] {
+ return NewDispatcher(a, generic.NewPolicyMatcher(m))
+ },
+ ),
+ }
+}
+
+// Validate makes an admission decision based on the request attributes.
+func (a *Plugin) Validate(ctx context.Context, attr admission.Attributes, o admission.ObjectInterfaces) error {
+ return a.Plugin.Dispatch(ctx, attr, o)
+}
+
+func (a *Plugin) InspectFeatureGates(featureGates featuregate.FeatureGate) {
+ a.Plugin.SetEnabled(featureGates.Enabled(features.ValidatingAdmissionPolicy))
+}
+
+func compilePolicy(policy *Policy) Validator {
+ hasParam := false
+ if policy.Spec.ParamKind != nil {
+ hasParam = true
+ }
+ optionalVars := cel.OptionalVariableDeclarations{HasParams: hasParam, HasAuthorizer: true}
+ expressionOptionalVars := cel.OptionalVariableDeclarations{HasParams: hasParam, HasAuthorizer: false}
+ failurePolicy := convertv1beta1FailurePolicyTypeTov1FailurePolicyType(policy.Spec.FailurePolicy)
+ var matcher matchconditions.Matcher = nil
+ matchConditions := policy.Spec.MatchConditions
+
+ filterCompiler := cel.NewCompositedCompilerFromTemplate(compositionEnvTemplate)
+ filterCompiler.CompileAndStoreVariables(convertv1beta1Variables(policy.Spec.Variables), optionalVars, environment.StoredExpressions)
+
+ if len(matchConditions) > 0 {
+ matchExpressionAccessors := make([]cel.ExpressionAccessor, len(matchConditions))
+ for i := range matchConditions {
+ matchExpressionAccessors[i] = (*matchconditions.MatchCondition)(&matchConditions[i])
+ }
+ matcher = matchconditions.NewMatcher(filterCompiler.Compile(matchExpressionAccessors, optionalVars, environment.StoredExpressions), failurePolicy, "policy", "validate", policy.Name)
+ }
+ res := NewValidator(
+ filterCompiler.Compile(convertv1beta1Validations(policy.Spec.Validations), optionalVars, environment.StoredExpressions),
+ matcher,
+ filterCompiler.Compile(convertv1beta1AuditAnnotations(policy.Spec.AuditAnnotations), optionalVars, environment.StoredExpressions),
+ filterCompiler.Compile(convertv1beta1MessageExpressions(policy.Spec.Validations), expressionOptionalVars, environment.StoredExpressions),
+ failurePolicy,
+ )
+
+ return res
+}
+
+func convertv1beta1FailurePolicyTypeTov1FailurePolicyType(policyType *v1beta1.FailurePolicyType) *v1.FailurePolicyType {
+ if policyType == nil {
+ return nil
+ }
+
+ var v1FailPolicy v1.FailurePolicyType
+ if *policyType == v1beta1.Fail {
+ v1FailPolicy = v1.Fail
+ } else if *policyType == v1beta1.Ignore {
+ v1FailPolicy = v1.Ignore
+ }
+ return &v1FailPolicy
+}
+
+func convertv1beta1Validations(inputValidations []v1beta1.Validation) []cel.ExpressionAccessor {
+ celExpressionAccessor := make([]cel.ExpressionAccessor, len(inputValidations))
+ for i, validation := range inputValidations {
+ validation := ValidationCondition{
+ Expression: validation.Expression,
+ Message: validation.Message,
+ Reason: validation.Reason,
+ }
+ celExpressionAccessor[i] = &validation
+ }
+ return celExpressionAccessor
+}
+
+func convertv1beta1MessageExpressions(inputValidations []v1beta1.Validation) []cel.ExpressionAccessor {
+ celExpressionAccessor := make([]cel.ExpressionAccessor, len(inputValidations))
+ for i, validation := range inputValidations {
+ if validation.MessageExpression != "" {
+ condition := MessageExpressionCondition{
+ MessageExpression: validation.MessageExpression,
+ }
+ celExpressionAccessor[i] = &condition
+ }
+ }
+ return celExpressionAccessor
+}
+
+func convertv1beta1AuditAnnotations(inputValidations []v1beta1.AuditAnnotation) []cel.ExpressionAccessor {
+ celExpressionAccessor := make([]cel.ExpressionAccessor, len(inputValidations))
+ for i, validation := range inputValidations {
+ validation := AuditAnnotationCondition{
+ Key: validation.Key,
+ ValueExpression: validation.ValueExpression,
+ }
+ celExpressionAccessor[i] = &validation
+ }
+ return celExpressionAccessor
+}
+
+func convertv1beta1Variables(variables []v1beta1.Variable) []cel.NamedExpressionAccessor {
+ namedExpressions := make([]cel.NamedExpressionAccessor, len(variables))
+ for i, variable := range variables {
+ namedExpressions[i] = &Variable{Name: variable.Name, Expression: variable.Expression}
+ }
+ return namedExpressions
+}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/policy_decision.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/policy_decision.go
similarity index 98%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/policy_decision.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/policy_decision.go
index 939cbea70c..3ea17038a3 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/policy_decision.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/policy_decision.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"net/http"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/typechecking.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/typechecking.go
similarity index 79%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/typechecking.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/typechecking.go
index 86c8479c3a..d54d3b667a 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/typechecking.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/typechecking.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"errors"
@@ -28,6 +28,7 @@ import (
"k8s.io/api/admissionregistration/v1beta1"
"k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/runtime/schema"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/apimachinery/pkg/util/validation/field"
"k8s.io/apimachinery/pkg/util/version"
@@ -55,6 +56,8 @@ type TypeCheckingContext struct {
declTypes []*apiservercel.DeclType
paramGVK schema.GroupVersionKind
paramDeclType *apiservercel.DeclType
+
+ variables []v1beta1.Variable
}
type typeOverwrite struct {
@@ -68,7 +71,7 @@ type TypeCheckingResult struct {
// GVK is the associated GVK
GVK schema.GroupVersionKind
// Issues contain machine-readable information about the typechecking result.
- Issues *cel.Issues
+ Issues error
// Err is the possible error that was encounter during type checking.
Err error
}
@@ -168,26 +171,70 @@ func (c *TypeChecker) CreateContext(policy *v1beta1.ValidatingAdmissionPolicy) *
}
ctx.paramGVK = paramsGVK
ctx.paramDeclType = paramsDeclType
+ ctx.variables = policy.Spec.Variables
return ctx
}
+func (c *TypeChecker) compiler(ctx *TypeCheckingContext, typeOverwrite typeOverwrite) (*plugincel.CompositedCompiler, error) {
+ envSet, err := buildEnvSet(
+ /* hasParams */ ctx.paramDeclType != nil,
+ /* hasAuthorizer */ true,
+ typeOverwrite)
+ if err != nil {
+ return nil, err
+ }
+ env, err := plugincel.NewCompositionEnv(plugincel.VariablesTypeName, envSet)
+ if err != nil {
+ return nil, err
+ }
+ compiler := &plugincel.CompositedCompiler{
+ Compiler: &typeCheckingCompiler{typeOverwrite: typeOverwrite, compositionEnv: env},
+ CompositionEnv: env,
+ }
+ return compiler, nil
+}
+
// CheckExpression type checks a single expression, given the context
func (c *TypeChecker) CheckExpression(ctx *TypeCheckingContext, expression string) TypeCheckingResults {
var results TypeCheckingResults
for i, gvk := range ctx.gvks {
declType := ctx.declTypes[i]
- // TODO(jiahuif) hasAuthorizer always true for now, will change after expending type checking to all fields.
- issues, err := c.checkExpression(expression, ctx.paramDeclType != nil, true, typeOverwrite{
+ compiler, err := c.compiler(ctx, typeOverwrite{
object: declType,
params: ctx.paramDeclType,
})
- if issues != nil || err != nil {
- results = append(results, &TypeCheckingResult{Issues: issues, Err: err, GVK: gvk})
+ if err != nil {
+ utilruntime.HandleError(err)
+ continue
+ }
+ options := plugincel.OptionalVariableDeclarations{
+ HasParams: ctx.paramDeclType != nil,
+ HasAuthorizer: true,
+ }
+ compiler.CompileAndStoreVariables(convertv1beta1Variables(ctx.variables), options, environment.StoredExpressions)
+ result := compiler.CompileCELExpression(celExpression(expression), options, environment.StoredExpressions)
+ if err := result.Error; err != nil {
+ typeCheckingResult := &TypeCheckingResult{GVK: gvk}
+ if err.Type == apiservercel.ErrorTypeInvalid {
+ typeCheckingResult.Issues = err
+ } else {
+ typeCheckingResult.Err = err
+ }
+ results = append(results, typeCheckingResult)
}
}
return results
}
+type celExpression string
+
+func (c celExpression) GetExpression() string {
+ return string(c)
+}
+
+func (c celExpression) ReturnTypes() []*cel.Type {
+ return []*cel.Type{cel.AnyType}
+}
func generateUniqueTypeName(kind string) string {
return fmt.Sprintf("%s%d", kind, time.Now().Nanosecond())
}
@@ -214,23 +261,6 @@ func (c *TypeChecker) paramsGVK(policy *v1beta1.ValidatingAdmissionPolicy) schem
return gv.WithKind(policy.Spec.ParamKind.Kind)
}
-func (c *TypeChecker) checkExpression(expression string, hasParams, hasAuthorizer bool, types typeOverwrite) (*cel.Issues, error) {
- env, err := buildEnv(hasParams, hasAuthorizer, types)
- if err != nil {
- return nil, err
- }
-
- // We cannot reuse an AST that is parsed by another env, so reparse it here.
- // Compile = Parse + Check, we especially want the results of Check.
- //
- // Paradoxically, we discard the type-checked result and let the admission
- // controller use the dynamic typed program.
- // This is a compromise that is defined in the KEP. We can revisit this
- // decision and expect a change with limited size.
- _, issues := env.Compile(expression)
- return issues, nil
-}
-
// typesToCheck extracts a list of GVKs that needs type checking from the policy
// the result is sorted in the order of Group, Version, and Kind
func (c *TypeChecker) typesToCheck(p *v1beta1.ValidatingAdmissionPolicy) []schema.GroupVersionKind {
@@ -360,7 +390,7 @@ func (c *TypeChecker) tryRefreshRESTMapper() {
}
}
-func buildEnv(hasParams bool, hasAuthorizer bool, types typeOverwrite) (*cel.Env, error) {
+func buildEnvSet(hasParams bool, hasAuthorizer bool, types typeOverwrite) (*environment.EnvSet, error) {
baseEnv := environment.MustBaseEnvSet(environment.DefaultCompatibilityVersion())
requestType := plugincel.BuildRequestType()
namespaceType := plugincel.BuildNamespaceType()
@@ -392,7 +422,7 @@ func buildEnv(hasParams bool, hasAuthorizer bool, types typeOverwrite) (*cel.Env
varOpts = append(varOpts, cel.Variable("authorizer", library.AuthorizerType))
}
- env, err := baseEnv.Extend(
+ return baseEnv.Extend(
environment.VersionedOptions{
// Feature epoch was actually 1.26, but we artificially set it to 1.0 because these
// options should always be present.
@@ -401,10 +431,6 @@ func buildEnv(hasParams bool, hasAuthorizer bool, types typeOverwrite) (*cel.Env
DeclTypes: declTypes,
},
)
- if err != nil {
- return nil, err
- }
- return env.Env(environment.StoredExpressions)
}
// createVariableOpts creates a slice of EnvOption
@@ -421,3 +447,40 @@ func createVariableOpts(declType *apiservercel.DeclType, variables ...string) []
}
return opts
}
+
+type typeCheckingCompiler struct {
+ compositionEnv *plugincel.CompositionEnv
+ typeOverwrite typeOverwrite
+}
+
+// CompileCELExpression compiles the given expression.
+// The implementation is the same as that of staging/src/k8s.io/apiserver/pkg/admission/plugin/cel/compile.go
+// except that:
+// - object, oldObject, and params are typed instead of Dyn
+// - compiler does not enforce the output type
+// - the compiler does not initialize the program
+func (c *typeCheckingCompiler) CompileCELExpression(expressionAccessor plugincel.ExpressionAccessor, options plugincel.OptionalVariableDeclarations, mode environment.Type) plugincel.CompilationResult {
+ resultError := func(errorString string, errType apiservercel.ErrorType) plugincel.CompilationResult {
+ return plugincel.CompilationResult{
+ Error: &apiservercel.Error{
+ Type: errType,
+ Detail: errorString,
+ },
+ ExpressionAccessor: expressionAccessor,
+ }
+ }
+ env, err := c.compositionEnv.Env(mode)
+ if err != nil {
+ return resultError(fmt.Sprintf("fail to build env: %v", err), apiservercel.ErrorTypeInternal)
+ }
+ ast, issues := env.Compile(expressionAccessor.GetExpression())
+ if issues != nil {
+ return resultError(issues.String(), apiservercel.ErrorTypeInvalid)
+ }
+ // type checker does not require the program, however the type must still be set.
+ return plugincel.CompilationResult{
+ OutputType: ast.OutputType(),
+ }
+}
+
+var _ plugincel.Compiler = (*typeCheckingCompiler)(nil)
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/validator.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/validator.go
similarity index 99%
rename from vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/validator.go
rename to vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/validator.go
index 9630a49747..64d5fdc476 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/validator.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/policy/validating/validator.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package validatingadmissionpolicy
+package validating
import (
"context"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/OWNERS b/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/OWNERS
deleted file mode 100644
index 6a637d28d5..0000000000
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/OWNERS
+++ /dev/null
@@ -1,10 +0,0 @@
-# See the OWNERS docs at https://go.k8s.io/owners
-
-approvers:
- - jpbetz
- - cici37
- - alexzielenski
-reviewers:
- - jpbetz
- - cici37
- - alexzielenski
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/admission.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/admission.go
deleted file mode 100644
index e51bc6e737..0000000000
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/admission.go
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
-Copyright 2022 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package validatingadmissionpolicy
-
-import (
- "context"
- "errors"
- "fmt"
- "io"
-
- "k8s.io/apimachinery/pkg/api/meta"
- "k8s.io/apiserver/pkg/authorization/authorizer"
- "k8s.io/apiserver/pkg/features"
- "k8s.io/client-go/dynamic"
- "k8s.io/component-base/featuregate"
-
- "k8s.io/apiserver/pkg/admission"
- "k8s.io/apiserver/pkg/admission/initializer"
- "k8s.io/client-go/informers"
- "k8s.io/client-go/kubernetes"
-)
-
-////////////////////////////////////////////////////////////////////////////////
-// Plugin Definition
-////////////////////////////////////////////////////////////////////////////////
-
-// Definition for CEL admission plugin. This is the entry point into the
-// CEL admission control system.
-//
-// Each plugin is asked to validate every object update.
-
-const (
- // PluginName indicates the name of admission plug-in
- PluginName = "ValidatingAdmissionPolicy"
-)
-
-// Register registers a plugin
-func Register(plugins *admission.Plugins) {
- plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
- return NewPlugin()
- })
-}
-
-////////////////////////////////////////////////////////////////////////////////
-// Plugin Initialization & Dependency Injection
-////////////////////////////////////////////////////////////////////////////////
-
-type celAdmissionPlugin struct {
- *admission.Handler
- evaluator CELPolicyEvaluator
-
- inspectedFeatureGates bool
- enabled bool
-
- // Injected Dependencies
- informerFactory informers.SharedInformerFactory
- client kubernetes.Interface
- restMapper meta.RESTMapper
- dynamicClient dynamic.Interface
- stopCh <-chan struct{}
- authorizer authorizer.Authorizer
-}
-
-var _ initializer.WantsExternalKubeInformerFactory = &celAdmissionPlugin{}
-var _ initializer.WantsExternalKubeClientSet = &celAdmissionPlugin{}
-var _ initializer.WantsRESTMapper = &celAdmissionPlugin{}
-var _ initializer.WantsDynamicClient = &celAdmissionPlugin{}
-var _ initializer.WantsDrainedNotification = &celAdmissionPlugin{}
-var _ initializer.WantsAuthorizer = &celAdmissionPlugin{}
-var _ admission.InitializationValidator = &celAdmissionPlugin{}
-var _ admission.ValidationInterface = &celAdmissionPlugin{}
-
-func NewPlugin() (admission.Interface, error) {
- return &celAdmissionPlugin{
- Handler: admission.NewHandler(admission.Connect, admission.Create, admission.Delete, admission.Update),
- }, nil
-}
-
-func (c *celAdmissionPlugin) SetExternalKubeInformerFactory(f informers.SharedInformerFactory) {
- c.informerFactory = f
-}
-
-func (c *celAdmissionPlugin) SetExternalKubeClientSet(client kubernetes.Interface) {
- c.client = client
-}
-
-func (c *celAdmissionPlugin) SetRESTMapper(mapper meta.RESTMapper) {
- c.restMapper = mapper
-}
-
-func (c *celAdmissionPlugin) SetDynamicClient(client dynamic.Interface) {
- c.dynamicClient = client
-}
-
-func (c *celAdmissionPlugin) SetDrainedNotification(stopCh <-chan struct{}) {
- c.stopCh = stopCh
-}
-
-func (c *celAdmissionPlugin) SetAuthorizer(authorizer authorizer.Authorizer) {
- c.authorizer = authorizer
-}
-func (c *celAdmissionPlugin) InspectFeatureGates(featureGates featuregate.FeatureGate) {
- if featureGates.Enabled(features.ValidatingAdmissionPolicy) {
- c.enabled = true
- }
- c.inspectedFeatureGates = true
-}
-
-// ValidateInitialization - once clientset and informer factory are provided, creates and starts the admission controller
-func (c *celAdmissionPlugin) ValidateInitialization() error {
- if !c.inspectedFeatureGates {
- return fmt.Errorf("%s did not see feature gates", PluginName)
- }
- if !c.enabled {
- return nil
- }
- if c.informerFactory == nil {
- return errors.New("missing informer factory")
- }
- if c.client == nil {
- return errors.New("missing kubernetes client")
- }
- if c.restMapper == nil {
- return errors.New("missing rest mapper")
- }
- if c.dynamicClient == nil {
- return errors.New("missing dynamic client")
- }
- if c.stopCh == nil {
- return errors.New("missing stop channel")
- }
- if c.authorizer == nil {
- return errors.New("missing authorizer")
- }
- c.evaluator = NewAdmissionController(c.informerFactory, c.client, c.restMapper, c.dynamicClient, c.authorizer)
- if err := c.evaluator.ValidateInitialization(); err != nil {
- return err
- }
-
- c.SetReadyFunc(c.evaluator.HasSynced)
- go c.evaluator.Run(c.stopCh)
- return nil
-}
-
-////////////////////////////////////////////////////////////////////////////////
-// admission.ValidationInterface
-////////////////////////////////////////////////////////////////////////////////
-
-func (c *celAdmissionPlugin) Handles(operation admission.Operation) bool {
- return true
-}
-
-func (c *celAdmissionPlugin) Validate(
- ctx context.Context,
- a admission.Attributes,
- o admission.ObjectInterfaces,
-) (err error) {
- if !c.enabled {
- return nil
- }
-
- // isPolicyResource determines if an admission.Attributes object is describing
- // the admission of a ValidatingAdmissionPolicy or a ValidatingAdmissionPolicyBinding
- if isPolicyResource(a) {
- return
- }
-
- if !c.WaitForReady() {
- return admission.NewForbidden(a, fmt.Errorf("not yet ready to handle request"))
- }
-
- return c.evaluator.Validate(ctx, a, o)
-}
-
-func isPolicyResource(attr admission.Attributes) bool {
- gvk := attr.GetResource()
- if gvk.Group == "admissionregistration.k8s.io" {
- if gvk.Resource == "validatingadmissionpolicies" || gvk.Resource == "validatingadmissionpolicybindings" {
- return true
- }
- }
- return false
-}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go
deleted file mode 100644
index b2624694c8..0000000000
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go
+++ /dev/null
@@ -1,550 +0,0 @@
-/*
-Copyright 2022 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package validatingadmissionpolicy
-
-import (
- "context"
- "fmt"
- "sync"
- "time"
-
- v1 "k8s.io/api/admissionregistration/v1"
- "k8s.io/api/admissionregistration/v1beta1"
- corev1 "k8s.io/api/core/v1"
- apiequality "k8s.io/apimachinery/pkg/api/equality"
- "k8s.io/apimachinery/pkg/api/meta"
- "k8s.io/apimachinery/pkg/runtime"
- "k8s.io/apimachinery/pkg/runtime/schema"
- utilruntime "k8s.io/apimachinery/pkg/util/runtime"
- "k8s.io/apimachinery/pkg/util/sets"
- celmetrics "k8s.io/apiserver/pkg/admission/cel"
- "k8s.io/apiserver/pkg/admission/plugin/cel"
- "k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic"
- "k8s.io/apiserver/pkg/admission/plugin/webhook/matchconditions"
- "k8s.io/apiserver/pkg/cel/environment"
- "k8s.io/client-go/dynamic"
- "k8s.io/client-go/dynamic/dynamicinformer"
- "k8s.io/client-go/informers"
- "k8s.io/client-go/kubernetes"
- "k8s.io/client-go/tools/cache"
-)
-
-type policyController struct {
- once sync.Once
- context context.Context
- dynamicClient dynamic.Interface
- informerFactory informers.SharedInformerFactory
- restMapper meta.RESTMapper
- policyDefinitionsController generic.Controller[*v1beta1.ValidatingAdmissionPolicy]
- policyBindingController generic.Controller[*v1beta1.ValidatingAdmissionPolicyBinding]
-
- // Provided to the policy's Compile function as an injected dependency to
- // assist with compiling its expressions to CEL
- // pass nil to create filter compiler in demand
- filterCompiler cel.FilterCompiler
-
- matcher Matcher
-
- newValidator
-
- client kubernetes.Interface
- // Lock which protects
- // All Below fields
- // All above fields should be assumed constant
- mutex sync.RWMutex
-
- cachedPolicies []policyData
-
- // controller and metadata
- paramsCRDControllers map[v1beta1.ParamKind]*paramInfo
-
- // Index for each definition namespace/name, contains all binding
- // namespace/names known to exist for that definition
- definitionInfo map[namespacedName]*definitionInfo
-
- // Index for each bindings namespace/name. Contains compiled templates
- // for the binding depending on the policy/param combination.
- bindingInfos map[namespacedName]*bindingInfo
-
- // Map from namespace/name of a definition to a set of namespace/name
- // of bindings which depend on it.
- // All keys must have at least one dependent binding
- // All binding names MUST exist as a key bindingInfos
- definitionsToBindings map[namespacedName]sets.Set[namespacedName]
-}
-
-type newValidator func(validationFilter cel.Filter, celMatcher matchconditions.Matcher, auditAnnotationFilter, messageFilter cel.Filter, failurePolicy *v1.FailurePolicyType) Validator
-
-func newPolicyController(
- restMapper meta.RESTMapper,
- client kubernetes.Interface,
- dynamicClient dynamic.Interface,
- informerFactory informers.SharedInformerFactory,
- filterCompiler cel.FilterCompiler,
- matcher Matcher,
- policiesInformer generic.Informer[*v1beta1.ValidatingAdmissionPolicy],
- bindingsInformer generic.Informer[*v1beta1.ValidatingAdmissionPolicyBinding],
-) *policyController {
- res := &policyController{}
- *res = policyController{
- filterCompiler: filterCompiler,
- definitionInfo: make(map[namespacedName]*definitionInfo),
- bindingInfos: make(map[namespacedName]*bindingInfo),
- paramsCRDControllers: make(map[v1beta1.ParamKind]*paramInfo),
- definitionsToBindings: make(map[namespacedName]sets.Set[namespacedName]),
- matcher: matcher,
- newValidator: NewValidator,
- policyDefinitionsController: generic.NewController(
- policiesInformer,
- res.reconcilePolicyDefinition,
- generic.ControllerOptions{
- Workers: 1,
- Name: "cel-policy-definitions",
- },
- ),
- policyBindingController: generic.NewController(
- bindingsInformer,
- res.reconcilePolicyBinding,
- generic.ControllerOptions{
- Workers: 1,
- Name: "cel-policy-bindings",
- },
- ),
- restMapper: restMapper,
- dynamicClient: dynamicClient,
- informerFactory: informerFactory,
- client: client,
- }
- return res
-}
-
-func (c *policyController) Run(ctx context.Context) {
- // Only support being run once
- c.once.Do(func() {
- c.context = ctx
-
- wg := sync.WaitGroup{}
-
- wg.Add(1)
- go func() {
- defer wg.Done()
- c.policyDefinitionsController.Run(ctx)
- }()
-
- wg.Add(1)
- go func() {
- defer wg.Done()
- c.policyBindingController.Run(ctx)
- }()
-
- <-ctx.Done()
- wg.Wait()
- })
-}
-
-func (c *policyController) HasSynced() bool {
- return c.policyDefinitionsController.HasSynced() && c.policyBindingController.HasSynced()
-}
-
-func (c *policyController) reconcilePolicyDefinition(namespace, name string, definition *v1beta1.ValidatingAdmissionPolicy) error {
- c.mutex.Lock()
- defer c.mutex.Unlock()
- err := c.reconcilePolicyDefinitionSpec(namespace, name, definition)
- return err
-}
-
-func (c *policyController) reconcilePolicyDefinitionSpec(namespace, name string, definition *v1beta1.ValidatingAdmissionPolicy) error {
- c.cachedPolicies = nil // invalidate cachedPolicies
-
- // Namespace for policydefinition is empty.
- nn := getNamespaceName(namespace, name)
- info, ok := c.definitionInfo[nn]
- if !ok {
- info = &definitionInfo{}
- c.definitionInfo[nn] = info
- // TODO(DangerOnTheRanger): add support for "warn" being a valid enforcementAction
- celmetrics.Metrics.ObserveDefinition(context.TODO(), "active", "deny")
- }
-
- // Skip reconcile if the spec of the definition is unchanged
- if info.lastReconciledValue != nil && definition != nil &&
- apiequality.Semantic.DeepEqual(info.lastReconciledValue.Spec, definition.Spec) {
- return nil
- }
-
- var paramSource *v1beta1.ParamKind
- if definition != nil {
- paramSource = definition.Spec.ParamKind
- }
-
- // If param source has changed, remove definition as dependent of old params
- // If there are no more dependents of old param, stop and clean up controller
- if info.lastReconciledValue != nil && info.lastReconciledValue.Spec.ParamKind != nil {
- oldParamSource := *info.lastReconciledValue.Spec.ParamKind
-
- // If we are:
- // - switching from having a param to not having a param (includes deletion)
- // - or from having a param to a different one
- // we remove dependency on the controller.
- if paramSource == nil || *paramSource != oldParamSource {
- if oldParamInfo, ok := c.paramsCRDControllers[oldParamSource]; ok {
- oldParamInfo.dependentDefinitions.Delete(nn)
- if len(oldParamInfo.dependentDefinitions) == 0 {
- oldParamInfo.stop()
- delete(c.paramsCRDControllers, oldParamSource)
- }
- }
- }
- }
-
- // Reset all previously compiled evaluators in case something relevant in
- // definition has changed.
- for key := range c.definitionsToBindings[nn] {
- bindingInfo := c.bindingInfos[key]
- bindingInfo.validator = nil
- c.bindingInfos[key] = bindingInfo
- }
-
- if definition == nil {
- delete(c.definitionInfo, nn)
- return nil
- }
-
- // Update definition info
- info.lastReconciledValue = definition
- info.configurationError = nil
-
- if paramSource == nil {
- // Skip setting up controller for empty param type
- return nil
- }
- // find GVR for params
- // Parse param source into a GVK
-
- paramSourceGV, err := schema.ParseGroupVersion(paramSource.APIVersion)
- if err != nil {
- // Failed to resolve. Return error so we retry again (rate limited)
- // Save a record of this definition with an evaluator that unconditionally
- info.configurationError = fmt.Errorf("failed to parse apiVersion of paramKind '%v' with error: %w", paramSource.String(), err)
-
- // Return nil, since this error cannot be resolved by waiting more time
- return nil
- }
-
- paramsGVR, err := c.restMapper.RESTMapping(schema.GroupKind{
- Group: paramSourceGV.Group,
- Kind: paramSource.Kind,
- }, paramSourceGV.Version)
-
- if err != nil {
- // Failed to resolve. Return error so we retry again (rate limited)
- // Save a record of this definition with an evaluator that unconditionally
- //
- info.configurationError = fmt.Errorf("failed to find resource referenced by paramKind: '%v'", paramSourceGV.WithKind(paramSource.Kind))
- return info.configurationError
- }
-
- paramInfo := c.ensureParamInfo(paramSource, paramsGVR)
- paramInfo.dependentDefinitions.Insert(nn)
-
- return nil
-}
-
-// Ensures that there is an informer started for the given GVK to be used as a
-// param
-func (c *policyController) ensureParamInfo(paramSource *v1beta1.ParamKind, mapping *meta.RESTMapping) *paramInfo {
- if info, ok := c.paramsCRDControllers[*paramSource]; ok {
- return info
- }
-
- // We are not watching this param. Start an informer for it.
- instanceContext, instanceCancel := context.WithCancel(c.context)
-
- var informer cache.SharedIndexInformer
-
- // Try to see if our provided informer factory has an informer for this type.
- // We assume the informer is already started, and starts all types associated
- // with it.
- if genericInformer, err := c.informerFactory.ForResource(mapping.Resource); err == nil {
- informer = genericInformer.Informer()
-
- // Ensure the informer is started
- // Use policyController's context rather than the instance context.
- // PolicyController context is expected to last until app shutdown
- // This is due to behavior of informerFactory which would cause the
- // informer to stop running once the context is cancelled, and
- // never started again.
- c.informerFactory.Start(c.context.Done())
- } else {
- // Dynamic JSON informer fallback.
- // Cannot use shared dynamic informer since it would be impossible
- // to clean CRD informers properly with multiple dependents
- // (cannot start ahead of time, and cannot track dependencies via stopCh)
- informer = dynamicinformer.NewFilteredDynamicInformer(
- c.dynamicClient,
- mapping.Resource,
- corev1.NamespaceAll,
- // Use same interval as is used for k8s typed sharedInformerFactory
- // https://github.com/kubernetes/kubernetes/blob/7e0923899fed622efbc8679cca6b000d43633e38/cmd/kube-apiserver/app/server.go#L430
- 10*time.Minute,
- cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc},
- nil,
- ).Informer()
- go informer.Run(instanceContext.Done())
- }
-
- controller := generic.NewController(
- generic.NewInformer[runtime.Object](informer),
- c.reconcileParams,
- generic.ControllerOptions{
- Workers: 1,
- Name: paramSource.String() + "-controller",
- },
- )
-
- ret := ¶mInfo{
- controller: controller,
- stop: instanceCancel,
- scope: mapping.Scope,
- dependentDefinitions: sets.New[namespacedName](),
- }
- c.paramsCRDControllers[*paramSource] = ret
-
- go controller.Run(instanceContext)
- return ret
-
-}
-
-func (c *policyController) reconcilePolicyBinding(namespace, name string, binding *v1beta1.ValidatingAdmissionPolicyBinding) error {
- c.mutex.Lock()
- defer c.mutex.Unlock()
-
- c.cachedPolicies = nil // invalidate cachedPolicies
-
- // Namespace for PolicyBinding is empty. In the future a namespaced binding
- // may be added
- // https://github.com/kubernetes/enhancements/blob/bf5c3c81ea2081d60c1dc7c832faa98479e06209/keps/sig-api-machinery/3488-cel-admission-control/README.md?plain=1#L1042
- nn := getNamespaceName(namespace, name)
- info, ok := c.bindingInfos[nn]
- if !ok {
- info = &bindingInfo{}
- c.bindingInfos[nn] = info
- }
-
- // Skip if the spec of the binding is unchanged.
- if info.lastReconciledValue != nil && binding != nil &&
- apiequality.Semantic.DeepEqual(info.lastReconciledValue.Spec, binding.Spec) {
- return nil
- }
-
- var oldNamespacedDefinitionName namespacedName
- if info.lastReconciledValue != nil {
- // All validating policies are cluster-scoped so have empty namespace
- oldNamespacedDefinitionName = getNamespaceName("", info.lastReconciledValue.Spec.PolicyName)
- }
-
- var namespacedDefinitionName namespacedName
- if binding != nil {
- // All validating policies are cluster-scoped so have empty namespace
- namespacedDefinitionName = getNamespaceName("", binding.Spec.PolicyName)
- }
-
- // Remove record of binding from old definition if the referred policy
- // has changed
- if oldNamespacedDefinitionName != namespacedDefinitionName {
- if dependentBindings, ok := c.definitionsToBindings[oldNamespacedDefinitionName]; ok {
- dependentBindings.Delete(nn)
-
- // if there are no more dependent bindings, remove knowledge of the
- // definition altogether
- if len(dependentBindings) == 0 {
- delete(c.definitionsToBindings, oldNamespacedDefinitionName)
- }
- }
- }
-
- if binding == nil {
- delete(c.bindingInfos, nn)
- return nil
- }
-
- // Add record of binding to new definition
- if dependentBindings, ok := c.definitionsToBindings[namespacedDefinitionName]; ok {
- dependentBindings.Insert(nn)
- } else {
- c.definitionsToBindings[namespacedDefinitionName] = sets.New(nn)
- }
-
- // Remove compiled template for old binding
- info.validator = nil
- info.lastReconciledValue = binding
- return nil
-}
-
-func (c *policyController) reconcileParams(namespace, name string, params runtime.Object) error {
- // Do nothing.
- // When we add informational type checking we will need to compile in the
- // reconcile loops instead of lazily so we can add compiler errors / type
- // checker errors to the status of the resources.
- return nil
-}
-
-// Fetches the latest set of policy data or recalculates it if it has changed
-// since it was last fetched
-func (c *policyController) latestPolicyData() []policyData {
- existing := func() []policyData {
- c.mutex.RLock()
- defer c.mutex.RUnlock()
-
- return c.cachedPolicies
- }()
-
- if existing != nil {
- return existing
- }
-
- c.mutex.Lock()
- defer c.mutex.Unlock()
-
- var res []policyData
- for definitionNN, definitionInfo := range c.definitionInfo {
- var bindingInfos []bindingInfo
- for bindingNN := range c.definitionsToBindings[definitionNN] {
- bindingInfo := c.bindingInfos[bindingNN]
- if bindingInfo.validator == nil && definitionInfo.configurationError == nil {
- hasParam := false
- if definitionInfo.lastReconciledValue.Spec.ParamKind != nil {
- hasParam = true
- }
- optionalVars := cel.OptionalVariableDeclarations{HasParams: hasParam, HasAuthorizer: true}
- expressionOptionalVars := cel.OptionalVariableDeclarations{HasParams: hasParam, HasAuthorizer: false}
- failurePolicy := convertv1beta1FailurePolicyTypeTov1FailurePolicyType(definitionInfo.lastReconciledValue.Spec.FailurePolicy)
- var matcher matchconditions.Matcher = nil
- matchConditions := definitionInfo.lastReconciledValue.Spec.MatchConditions
-
- filterCompiler := c.filterCompiler
- if filterCompiler == nil {
- compositedCompiler, err := cel.NewCompositedCompiler(environment.MustBaseEnvSet(environment.DefaultCompatibilityVersion()))
- if err == nil {
- filterCompiler = compositedCompiler
- compositedCompiler.CompileAndStoreVariables(convertv1beta1Variables(definitionInfo.lastReconciledValue.Spec.Variables), optionalVars, environment.StoredExpressions)
- } else {
- utilruntime.HandleError(err)
- }
- }
- if len(matchConditions) > 0 {
- matchExpressionAccessors := make([]cel.ExpressionAccessor, len(matchConditions))
- for i := range matchConditions {
- matchExpressionAccessors[i] = (*matchconditions.MatchCondition)(&matchConditions[i])
- }
- matcher = matchconditions.NewMatcher(filterCompiler.Compile(matchExpressionAccessors, optionalVars, environment.StoredExpressions), failurePolicy, "policy", "validate", definitionInfo.lastReconciledValue.Name)
- }
- bindingInfo.validator = c.newValidator(
- filterCompiler.Compile(convertv1beta1Validations(definitionInfo.lastReconciledValue.Spec.Validations), optionalVars, environment.StoredExpressions),
- matcher,
- filterCompiler.Compile(convertv1beta1AuditAnnotations(definitionInfo.lastReconciledValue.Spec.AuditAnnotations), optionalVars, environment.StoredExpressions),
- filterCompiler.Compile(convertv1beta1MessageExpressions(definitionInfo.lastReconciledValue.Spec.Validations), expressionOptionalVars, environment.StoredExpressions),
- failurePolicy,
- )
- }
- bindingInfos = append(bindingInfos, *bindingInfo)
- }
-
- var pInfo paramInfo
- if paramKind := definitionInfo.lastReconciledValue.Spec.ParamKind; paramKind != nil {
- if info, ok := c.paramsCRDControllers[*paramKind]; ok {
- pInfo = *info
- }
- }
-
- res = append(res, policyData{
- definitionInfo: *definitionInfo,
- paramInfo: pInfo,
- bindings: bindingInfos,
- })
- }
-
- c.cachedPolicies = res
- return res
-}
-
-func convertv1beta1FailurePolicyTypeTov1FailurePolicyType(policyType *v1beta1.FailurePolicyType) *v1.FailurePolicyType {
- if policyType == nil {
- return nil
- }
-
- var v1FailPolicy v1.FailurePolicyType
- if *policyType == v1beta1.Fail {
- v1FailPolicy = v1.Fail
- } else if *policyType == v1beta1.Ignore {
- v1FailPolicy = v1.Ignore
- }
- return &v1FailPolicy
-}
-
-func convertv1beta1Validations(inputValidations []v1beta1.Validation) []cel.ExpressionAccessor {
- celExpressionAccessor := make([]cel.ExpressionAccessor, len(inputValidations))
- for i, validation := range inputValidations {
- validation := ValidationCondition{
- Expression: validation.Expression,
- Message: validation.Message,
- Reason: validation.Reason,
- }
- celExpressionAccessor[i] = &validation
- }
- return celExpressionAccessor
-}
-
-func convertv1beta1MessageExpressions(inputValidations []v1beta1.Validation) []cel.ExpressionAccessor {
- celExpressionAccessor := make([]cel.ExpressionAccessor, len(inputValidations))
- for i, validation := range inputValidations {
- if validation.MessageExpression != "" {
- condition := MessageExpressionCondition{
- MessageExpression: validation.MessageExpression,
- }
- celExpressionAccessor[i] = &condition
- }
- }
- return celExpressionAccessor
-}
-
-func convertv1beta1AuditAnnotations(inputValidations []v1beta1.AuditAnnotation) []cel.ExpressionAccessor {
- celExpressionAccessor := make([]cel.ExpressionAccessor, len(inputValidations))
- for i, validation := range inputValidations {
- validation := AuditAnnotationCondition{
- Key: validation.Key,
- ValueExpression: validation.ValueExpression,
- }
- celExpressionAccessor[i] = &validation
- }
- return celExpressionAccessor
-}
-
-func convertv1beta1Variables(variables []v1beta1.Variable) []cel.NamedExpressionAccessor {
- namedExpressions := make([]cel.NamedExpressionAccessor, len(variables))
- for i, variable := range variables {
- namedExpressions[i] = &Variable{Name: variable.Name, Expression: variable.Expression}
- }
- return namedExpressions
-}
-
-func getNamespaceName(namespace, name string) namespacedName {
- return namespacedName{
- namespace: namespace,
- name: name,
- }
-}
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/doc.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/doc.go
index 63ab310393..087162e36a 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/doc.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
// +k8s:deepcopy-gen=package
-package webhookadmission
+package webhookadmission // import "k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/doc.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/doc.go
index 92cfed1074..58875a59f2 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/doc.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
// +groupName=apiserver.config.k8s.io
// Package v1 is the v1 version of the API.
-package v1
+package v1 // import "k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1"
diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/doc.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/doc.go
index 703f467f9f..c8ee58d5d9 100644
--- a/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/doc.go
+++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1/doc.go
@@ -20,4 +20,4 @@ limitations under the License.
// +groupName=apiserver.config.k8s.io
// Package v1alpha1 is the v1alpha1 version of the API.
-package v1alpha1
+package v1alpha1 // import "k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1alpha1"
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/register.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/register.go
index d42852d93e..fd0b087c8d 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/register.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/register.go
@@ -45,6 +45,7 @@ func addKnownTypes(scheme *runtime.Scheme) error {
&AdmissionConfiguration{},
&AuthenticationConfiguration{},
&AuthorizationConfiguration{},
+ &EncryptionConfiguration{},
&EgressSelectorConfiguration{},
&TracingConfiguration{},
)
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/types.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/types.go
index f3b4ae321e..9153dfaf79 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/types.go
@@ -180,8 +180,17 @@ type Issuer struct {
URL string
CertificateAuthority string
Audiences []string
+ AudienceMatchPolicy AudienceMatchPolicyType
}
+// AudienceMatchPolicyType is a set of valid values for Issuer.AudienceMatchPolicy
+type AudienceMatchPolicyType string
+
+// Valid types for AudienceMatchPolicyType
+const (
+ AudienceMatchPolicyMatchAny AudienceMatchPolicyType = "MatchAny"
+)
+
// ClaimValidationRule provides the configuration for a single claim validation rule.
type ClaimValidationRule struct {
Claim string
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/types.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/types_encryption.go
similarity index 99%
rename from vendor/k8s.io/apiserver/pkg/apis/config/types.go
rename to vendor/k8s.io/apiserver/pkg/apis/apiserver/types_encryption.go
index bae49e8eee..fb66305050 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/config/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/types_encryption.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package config
+package apiserver
import (
"fmt"
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/defaults.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/defaults.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/apis/config/v1/defaults.go
rename to vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/defaults.go
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/register.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/register.go
index 8d3bf987f9..0de8db4971 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/register.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/register.go
@@ -40,13 +40,17 @@ func init() {
// generated functions takes place in the generated files. The separation
// makes the code compile even when the generated files are missing.
localSchemeBuilder.Register(addKnownTypes)
+ localSchemeBuilder.Register(addDefaultingFuncs)
}
// Adds the list of known types to the given scheme.
func addKnownTypes(scheme *runtime.Scheme) error {
scheme.AddKnownTypes(SchemeGroupVersion,
&AdmissionConfiguration{},
+ &EncryptionConfiguration{},
)
+ // also register into the v1 group as EncryptionConfig (due to a docs bug)
+ scheme.AddKnownTypeWithName(schema.GroupVersionKind{Group: "", Version: "v1", Kind: "EncryptionConfig"}, &EncryptionConfiguration{})
metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
return nil
}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/types.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/types_encryption.go
similarity index 100%
rename from vendor/k8s.io/apiserver/pkg/apis/config/v1/types.go
rename to vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/types_encryption.go
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.conversion.go
index 22562c87a0..c0f218742a 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.conversion.go
@@ -24,6 +24,7 @@ package v1
import (
unsafe "unsafe"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
conversion "k8s.io/apimachinery/pkg/conversion"
runtime "k8s.io/apimachinery/pkg/runtime"
apiserver "k8s.io/apiserver/pkg/apis/apiserver"
@@ -36,6 +37,16 @@ func init() {
// RegisterConversions adds conversion functions to the given scheme.
// Public to allow building arbitrary schemes.
func RegisterConversions(s *runtime.Scheme) error {
+ if err := s.AddGeneratedConversionFunc((*AESConfiguration)(nil), (*apiserver.AESConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_AESConfiguration_To_apiserver_AESConfiguration(a.(*AESConfiguration), b.(*apiserver.AESConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.AESConfiguration)(nil), (*AESConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_AESConfiguration_To_v1_AESConfiguration(a.(*apiserver.AESConfiguration), b.(*AESConfiguration), scope)
+ }); err != nil {
+ return err
+ }
if err := s.AddGeneratedConversionFunc((*AdmissionConfiguration)(nil), (*apiserver.AdmissionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
return Convert_v1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration(a.(*AdmissionConfiguration), b.(*apiserver.AdmissionConfiguration), scope)
}); err != nil {
@@ -56,9 +67,99 @@ func RegisterConversions(s *runtime.Scheme) error {
}); err != nil {
return err
}
+ if err := s.AddGeneratedConversionFunc((*EncryptionConfiguration)(nil), (*apiserver.EncryptionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_EncryptionConfiguration_To_apiserver_EncryptionConfiguration(a.(*EncryptionConfiguration), b.(*apiserver.EncryptionConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.EncryptionConfiguration)(nil), (*EncryptionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_EncryptionConfiguration_To_v1_EncryptionConfiguration(a.(*apiserver.EncryptionConfiguration), b.(*EncryptionConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*IdentityConfiguration)(nil), (*apiserver.IdentityConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_IdentityConfiguration_To_apiserver_IdentityConfiguration(a.(*IdentityConfiguration), b.(*apiserver.IdentityConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.IdentityConfiguration)(nil), (*IdentityConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_IdentityConfiguration_To_v1_IdentityConfiguration(a.(*apiserver.IdentityConfiguration), b.(*IdentityConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*KMSConfiguration)(nil), (*apiserver.KMSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_KMSConfiguration_To_apiserver_KMSConfiguration(a.(*KMSConfiguration), b.(*apiserver.KMSConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.KMSConfiguration)(nil), (*KMSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_KMSConfiguration_To_v1_KMSConfiguration(a.(*apiserver.KMSConfiguration), b.(*KMSConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*Key)(nil), (*apiserver.Key)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_Key_To_apiserver_Key(a.(*Key), b.(*apiserver.Key), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.Key)(nil), (*Key)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_Key_To_v1_Key(a.(*apiserver.Key), b.(*Key), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*ProviderConfiguration)(nil), (*apiserver.ProviderConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_ProviderConfiguration_To_apiserver_ProviderConfiguration(a.(*ProviderConfiguration), b.(*apiserver.ProviderConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.ProviderConfiguration)(nil), (*ProviderConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_ProviderConfiguration_To_v1_ProviderConfiguration(a.(*apiserver.ProviderConfiguration), b.(*ProviderConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*ResourceConfiguration)(nil), (*apiserver.ResourceConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_ResourceConfiguration_To_apiserver_ResourceConfiguration(a.(*ResourceConfiguration), b.(*apiserver.ResourceConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.ResourceConfiguration)(nil), (*ResourceConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_ResourceConfiguration_To_v1_ResourceConfiguration(a.(*apiserver.ResourceConfiguration), b.(*ResourceConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*SecretboxConfiguration)(nil), (*apiserver.SecretboxConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_SecretboxConfiguration_To_apiserver_SecretboxConfiguration(a.(*SecretboxConfiguration), b.(*apiserver.SecretboxConfiguration), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*apiserver.SecretboxConfiguration)(nil), (*SecretboxConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_apiserver_SecretboxConfiguration_To_v1_SecretboxConfiguration(a.(*apiserver.SecretboxConfiguration), b.(*SecretboxConfiguration), scope)
+ }); err != nil {
+ return err
+ }
return nil
}
+func autoConvert_v1_AESConfiguration_To_apiserver_AESConfiguration(in *AESConfiguration, out *apiserver.AESConfiguration, s conversion.Scope) error {
+ out.Keys = *(*[]apiserver.Key)(unsafe.Pointer(&in.Keys))
+ return nil
+}
+
+// Convert_v1_AESConfiguration_To_apiserver_AESConfiguration is an autogenerated conversion function.
+func Convert_v1_AESConfiguration_To_apiserver_AESConfiguration(in *AESConfiguration, out *apiserver.AESConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_AESConfiguration_To_apiserver_AESConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_AESConfiguration_To_v1_AESConfiguration(in *apiserver.AESConfiguration, out *AESConfiguration, s conversion.Scope) error {
+ out.Keys = *(*[]Key)(unsafe.Pointer(&in.Keys))
+ return nil
+}
+
+// Convert_apiserver_AESConfiguration_To_v1_AESConfiguration is an autogenerated conversion function.
+func Convert_apiserver_AESConfiguration_To_v1_AESConfiguration(in *apiserver.AESConfiguration, out *AESConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_AESConfiguration_To_v1_AESConfiguration(in, out, s)
+}
+
func autoConvert_v1_AdmissionConfiguration_To_apiserver_AdmissionConfiguration(in *AdmissionConfiguration, out *apiserver.AdmissionConfiguration, s conversion.Scope) error {
out.Plugins = *(*[]apiserver.AdmissionPluginConfiguration)(unsafe.Pointer(&in.Plugins))
return nil
@@ -102,3 +203,161 @@ func autoConvert_apiserver_AdmissionPluginConfiguration_To_v1_AdmissionPluginCon
func Convert_apiserver_AdmissionPluginConfiguration_To_v1_AdmissionPluginConfiguration(in *apiserver.AdmissionPluginConfiguration, out *AdmissionPluginConfiguration, s conversion.Scope) error {
return autoConvert_apiserver_AdmissionPluginConfiguration_To_v1_AdmissionPluginConfiguration(in, out, s)
}
+
+func autoConvert_v1_EncryptionConfiguration_To_apiserver_EncryptionConfiguration(in *EncryptionConfiguration, out *apiserver.EncryptionConfiguration, s conversion.Scope) error {
+ out.Resources = *(*[]apiserver.ResourceConfiguration)(unsafe.Pointer(&in.Resources))
+ return nil
+}
+
+// Convert_v1_EncryptionConfiguration_To_apiserver_EncryptionConfiguration is an autogenerated conversion function.
+func Convert_v1_EncryptionConfiguration_To_apiserver_EncryptionConfiguration(in *EncryptionConfiguration, out *apiserver.EncryptionConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_EncryptionConfiguration_To_apiserver_EncryptionConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_EncryptionConfiguration_To_v1_EncryptionConfiguration(in *apiserver.EncryptionConfiguration, out *EncryptionConfiguration, s conversion.Scope) error {
+ out.Resources = *(*[]ResourceConfiguration)(unsafe.Pointer(&in.Resources))
+ return nil
+}
+
+// Convert_apiserver_EncryptionConfiguration_To_v1_EncryptionConfiguration is an autogenerated conversion function.
+func Convert_apiserver_EncryptionConfiguration_To_v1_EncryptionConfiguration(in *apiserver.EncryptionConfiguration, out *EncryptionConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_EncryptionConfiguration_To_v1_EncryptionConfiguration(in, out, s)
+}
+
+func autoConvert_v1_IdentityConfiguration_To_apiserver_IdentityConfiguration(in *IdentityConfiguration, out *apiserver.IdentityConfiguration, s conversion.Scope) error {
+ return nil
+}
+
+// Convert_v1_IdentityConfiguration_To_apiserver_IdentityConfiguration is an autogenerated conversion function.
+func Convert_v1_IdentityConfiguration_To_apiserver_IdentityConfiguration(in *IdentityConfiguration, out *apiserver.IdentityConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_IdentityConfiguration_To_apiserver_IdentityConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_IdentityConfiguration_To_v1_IdentityConfiguration(in *apiserver.IdentityConfiguration, out *IdentityConfiguration, s conversion.Scope) error {
+ return nil
+}
+
+// Convert_apiserver_IdentityConfiguration_To_v1_IdentityConfiguration is an autogenerated conversion function.
+func Convert_apiserver_IdentityConfiguration_To_v1_IdentityConfiguration(in *apiserver.IdentityConfiguration, out *IdentityConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_IdentityConfiguration_To_v1_IdentityConfiguration(in, out, s)
+}
+
+func autoConvert_v1_KMSConfiguration_To_apiserver_KMSConfiguration(in *KMSConfiguration, out *apiserver.KMSConfiguration, s conversion.Scope) error {
+ out.APIVersion = in.APIVersion
+ out.Name = in.Name
+ out.CacheSize = (*int32)(unsafe.Pointer(in.CacheSize))
+ out.Endpoint = in.Endpoint
+ out.Timeout = (*metav1.Duration)(unsafe.Pointer(in.Timeout))
+ return nil
+}
+
+// Convert_v1_KMSConfiguration_To_apiserver_KMSConfiguration is an autogenerated conversion function.
+func Convert_v1_KMSConfiguration_To_apiserver_KMSConfiguration(in *KMSConfiguration, out *apiserver.KMSConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_KMSConfiguration_To_apiserver_KMSConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_KMSConfiguration_To_v1_KMSConfiguration(in *apiserver.KMSConfiguration, out *KMSConfiguration, s conversion.Scope) error {
+ out.APIVersion = in.APIVersion
+ out.Name = in.Name
+ out.CacheSize = (*int32)(unsafe.Pointer(in.CacheSize))
+ out.Endpoint = in.Endpoint
+ out.Timeout = (*metav1.Duration)(unsafe.Pointer(in.Timeout))
+ return nil
+}
+
+// Convert_apiserver_KMSConfiguration_To_v1_KMSConfiguration is an autogenerated conversion function.
+func Convert_apiserver_KMSConfiguration_To_v1_KMSConfiguration(in *apiserver.KMSConfiguration, out *KMSConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_KMSConfiguration_To_v1_KMSConfiguration(in, out, s)
+}
+
+func autoConvert_v1_Key_To_apiserver_Key(in *Key, out *apiserver.Key, s conversion.Scope) error {
+ out.Name = in.Name
+ out.Secret = in.Secret
+ return nil
+}
+
+// Convert_v1_Key_To_apiserver_Key is an autogenerated conversion function.
+func Convert_v1_Key_To_apiserver_Key(in *Key, out *apiserver.Key, s conversion.Scope) error {
+ return autoConvert_v1_Key_To_apiserver_Key(in, out, s)
+}
+
+func autoConvert_apiserver_Key_To_v1_Key(in *apiserver.Key, out *Key, s conversion.Scope) error {
+ out.Name = in.Name
+ out.Secret = in.Secret
+ return nil
+}
+
+// Convert_apiserver_Key_To_v1_Key is an autogenerated conversion function.
+func Convert_apiserver_Key_To_v1_Key(in *apiserver.Key, out *Key, s conversion.Scope) error {
+ return autoConvert_apiserver_Key_To_v1_Key(in, out, s)
+}
+
+func autoConvert_v1_ProviderConfiguration_To_apiserver_ProviderConfiguration(in *ProviderConfiguration, out *apiserver.ProviderConfiguration, s conversion.Scope) error {
+ out.AESGCM = (*apiserver.AESConfiguration)(unsafe.Pointer(in.AESGCM))
+ out.AESCBC = (*apiserver.AESConfiguration)(unsafe.Pointer(in.AESCBC))
+ out.Secretbox = (*apiserver.SecretboxConfiguration)(unsafe.Pointer(in.Secretbox))
+ out.Identity = (*apiserver.IdentityConfiguration)(unsafe.Pointer(in.Identity))
+ out.KMS = (*apiserver.KMSConfiguration)(unsafe.Pointer(in.KMS))
+ return nil
+}
+
+// Convert_v1_ProviderConfiguration_To_apiserver_ProviderConfiguration is an autogenerated conversion function.
+func Convert_v1_ProviderConfiguration_To_apiserver_ProviderConfiguration(in *ProviderConfiguration, out *apiserver.ProviderConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_ProviderConfiguration_To_apiserver_ProviderConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_ProviderConfiguration_To_v1_ProviderConfiguration(in *apiserver.ProviderConfiguration, out *ProviderConfiguration, s conversion.Scope) error {
+ out.AESGCM = (*AESConfiguration)(unsafe.Pointer(in.AESGCM))
+ out.AESCBC = (*AESConfiguration)(unsafe.Pointer(in.AESCBC))
+ out.Secretbox = (*SecretboxConfiguration)(unsafe.Pointer(in.Secretbox))
+ out.Identity = (*IdentityConfiguration)(unsafe.Pointer(in.Identity))
+ out.KMS = (*KMSConfiguration)(unsafe.Pointer(in.KMS))
+ return nil
+}
+
+// Convert_apiserver_ProviderConfiguration_To_v1_ProviderConfiguration is an autogenerated conversion function.
+func Convert_apiserver_ProviderConfiguration_To_v1_ProviderConfiguration(in *apiserver.ProviderConfiguration, out *ProviderConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_ProviderConfiguration_To_v1_ProviderConfiguration(in, out, s)
+}
+
+func autoConvert_v1_ResourceConfiguration_To_apiserver_ResourceConfiguration(in *ResourceConfiguration, out *apiserver.ResourceConfiguration, s conversion.Scope) error {
+ out.Resources = *(*[]string)(unsafe.Pointer(&in.Resources))
+ out.Providers = *(*[]apiserver.ProviderConfiguration)(unsafe.Pointer(&in.Providers))
+ return nil
+}
+
+// Convert_v1_ResourceConfiguration_To_apiserver_ResourceConfiguration is an autogenerated conversion function.
+func Convert_v1_ResourceConfiguration_To_apiserver_ResourceConfiguration(in *ResourceConfiguration, out *apiserver.ResourceConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_ResourceConfiguration_To_apiserver_ResourceConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_ResourceConfiguration_To_v1_ResourceConfiguration(in *apiserver.ResourceConfiguration, out *ResourceConfiguration, s conversion.Scope) error {
+ out.Resources = *(*[]string)(unsafe.Pointer(&in.Resources))
+ out.Providers = *(*[]ProviderConfiguration)(unsafe.Pointer(&in.Providers))
+ return nil
+}
+
+// Convert_apiserver_ResourceConfiguration_To_v1_ResourceConfiguration is an autogenerated conversion function.
+func Convert_apiserver_ResourceConfiguration_To_v1_ResourceConfiguration(in *apiserver.ResourceConfiguration, out *ResourceConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_ResourceConfiguration_To_v1_ResourceConfiguration(in, out, s)
+}
+
+func autoConvert_v1_SecretboxConfiguration_To_apiserver_SecretboxConfiguration(in *SecretboxConfiguration, out *apiserver.SecretboxConfiguration, s conversion.Scope) error {
+ out.Keys = *(*[]apiserver.Key)(unsafe.Pointer(&in.Keys))
+ return nil
+}
+
+// Convert_v1_SecretboxConfiguration_To_apiserver_SecretboxConfiguration is an autogenerated conversion function.
+func Convert_v1_SecretboxConfiguration_To_apiserver_SecretboxConfiguration(in *SecretboxConfiguration, out *apiserver.SecretboxConfiguration, s conversion.Scope) error {
+ return autoConvert_v1_SecretboxConfiguration_To_apiserver_SecretboxConfiguration(in, out, s)
+}
+
+func autoConvert_apiserver_SecretboxConfiguration_To_v1_SecretboxConfiguration(in *apiserver.SecretboxConfiguration, out *SecretboxConfiguration, s conversion.Scope) error {
+ out.Keys = *(*[]Key)(unsafe.Pointer(&in.Keys))
+ return nil
+}
+
+// Convert_apiserver_SecretboxConfiguration_To_v1_SecretboxConfiguration is an autogenerated conversion function.
+func Convert_apiserver_SecretboxConfiguration_To_v1_SecretboxConfiguration(in *apiserver.SecretboxConfiguration, out *SecretboxConfiguration, s conversion.Scope) error {
+ return autoConvert_apiserver_SecretboxConfiguration_To_v1_SecretboxConfiguration(in, out, s)
+}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.deepcopy.go
index d1bc5e01f5..cbdcaa5a06 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.deepcopy.go
@@ -22,9 +22,31 @@ limitations under the License.
package v1
import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
)
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AESConfiguration) DeepCopyInto(out *AESConfiguration) {
+ *out = *in
+ if in.Keys != nil {
+ in, out := &in.Keys, &out.Keys
+ *out = make([]Key, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AESConfiguration.
+func (in *AESConfiguration) DeepCopy() *AESConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(AESConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AdmissionConfiguration) DeepCopyInto(out *AdmissionConfiguration) {
*out = *in
@@ -77,3 +99,183 @@ func (in *AdmissionPluginConfiguration) DeepCopy() *AdmissionPluginConfiguration
in.DeepCopyInto(out)
return out
}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *EncryptionConfiguration) DeepCopyInto(out *EncryptionConfiguration) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ if in.Resources != nil {
+ in, out := &in.Resources, &out.Resources
+ *out = make([]ResourceConfiguration, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfiguration.
+func (in *EncryptionConfiguration) DeepCopy() *EncryptionConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(EncryptionConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *EncryptionConfiguration) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IdentityConfiguration) DeepCopyInto(out *IdentityConfiguration) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityConfiguration.
+func (in *IdentityConfiguration) DeepCopy() *IdentityConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(IdentityConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *KMSConfiguration) DeepCopyInto(out *KMSConfiguration) {
+ *out = *in
+ if in.CacheSize != nil {
+ in, out := &in.CacheSize, &out.CacheSize
+ *out = new(int32)
+ **out = **in
+ }
+ if in.Timeout != nil {
+ in, out := &in.Timeout, &out.Timeout
+ *out = new(metav1.Duration)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfiguration.
+func (in *KMSConfiguration) DeepCopy() *KMSConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(KMSConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Key) DeepCopyInto(out *Key) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
+func (in *Key) DeepCopy() *Key {
+ if in == nil {
+ return nil
+ }
+ out := new(Key)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ProviderConfiguration) DeepCopyInto(out *ProviderConfiguration) {
+ *out = *in
+ if in.AESGCM != nil {
+ in, out := &in.AESGCM, &out.AESGCM
+ *out = new(AESConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.AESCBC != nil {
+ in, out := &in.AESCBC, &out.AESCBC
+ *out = new(AESConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.Secretbox != nil {
+ in, out := &in.Secretbox, &out.Secretbox
+ *out = new(SecretboxConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.Identity != nil {
+ in, out := &in.Identity, &out.Identity
+ *out = new(IdentityConfiguration)
+ **out = **in
+ }
+ if in.KMS != nil {
+ in, out := &in.KMS, &out.KMS
+ *out = new(KMSConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfiguration.
+func (in *ProviderConfiguration) DeepCopy() *ProviderConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(ProviderConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceConfiguration) DeepCopyInto(out *ResourceConfiguration) {
+ *out = *in
+ if in.Resources != nil {
+ in, out := &in.Resources, &out.Resources
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
+ if in.Providers != nil {
+ in, out := &in.Providers, &out.Providers
+ *out = make([]ProviderConfiguration, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceConfiguration.
+func (in *ResourceConfiguration) DeepCopy() *ResourceConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(ResourceConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SecretboxConfiguration) DeepCopyInto(out *SecretboxConfiguration) {
+ *out = *in
+ if in.Keys != nil {
+ in, out := &in.Keys, &out.Keys
+ *out = make([]Key, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretboxConfiguration.
+func (in *SecretboxConfiguration) DeepCopy() *SecretboxConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(SecretboxConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.defaults.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.defaults.go
index dac177e93b..82fec01110 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.defaults.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1/zz_generated.defaults.go
@@ -29,5 +29,18 @@ import (
// Public to allow building arbitrary schemes.
// All generated defaulters are covering - they call all nested defaulters.
func RegisterDefaults(scheme *runtime.Scheme) error {
+ scheme.AddTypeDefaultingFunc(&EncryptionConfiguration{}, func(obj interface{}) { SetObjectDefaults_EncryptionConfiguration(obj.(*EncryptionConfiguration)) })
return nil
}
+
+func SetObjectDefaults_EncryptionConfiguration(in *EncryptionConfiguration) {
+ for i := range in.Resources {
+ a := &in.Resources[i]
+ for j := range a.Providers {
+ b := &a.Providers[j]
+ if b.KMS != nil {
+ SetDefaults_KMSConfiguration(b.KMS)
+ }
+ }
+ }
+}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go
index 9394ba6f70..74b1aa002e 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go
@@ -225,8 +225,32 @@ type Issuer struct {
// Required to be non-empty.
// +required
Audiences []string `json:"audiences"`
+
+ // audienceMatchPolicy defines how the "audiences" field is used to match the "aud" claim in the presented JWT.
+ // Allowed values are:
+ // 1. "MatchAny" when multiple audiences are specified and
+ // 2. empty (or unset) or "MatchAny" when a single audience is specified.
+ //
+ // - MatchAny: the "aud" claim in the presented JWT must match at least one of the entries in the "audiences" field.
+ // For example, if "audiences" is ["foo", "bar"], the "aud" claim in the presented JWT must contain either "foo" or "bar" (and may contain both).
+ //
+ // - "": The match policy can be empty (or unset) when a single audience is specified in the "audiences" field. The "aud" claim in the presented JWT must contain the single audience (and may contain others).
+ //
+ // For more nuanced audience validation, use claimValidationRules.
+ // example: claimValidationRule[].expression: 'sets.equivalent(claims.aud, ["bar", "foo", "baz"])' to require an exact match.
+ // +optional
+ AudienceMatchPolicy AudienceMatchPolicyType `json:"audienceMatchPolicy,omitempty"`
}
+// AudienceMatchPolicyType is a set of valid values for issuer.audienceMatchPolicy
+type AudienceMatchPolicyType string
+
+// Valid types for AudienceMatchPolicyType
+const (
+ // MatchAny means the "aud" claim in the presented JWT must match at least one of the entries in the "audiences" field.
+ AudienceMatchPolicyMatchAny AudienceMatchPolicyType = "MatchAny"
+)
+
// ClaimValidationRule provides the configuration for a single claim validation rule.
type ClaimValidationRule struct {
// claim is the name of a required claim.
@@ -376,6 +400,7 @@ type ExtraMapping struct {
// subdomain as defined by RFC 1123. All characters trailing the first "/" must
// be valid HTTP Path characters as defined by RFC 3986.
// key must be lowercase.
+ // Required to be unique.
// +required
Key string `json:"key"`
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
index 9206020684..815df06aa9 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/zz_generated.conversion.go
@@ -582,6 +582,7 @@ func autoConvert_v1alpha1_Issuer_To_apiserver_Issuer(in *Issuer, out *apiserver.
out.URL = in.URL
out.CertificateAuthority = in.CertificateAuthority
out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
+ out.AudienceMatchPolicy = apiserver.AudienceMatchPolicyType(in.AudienceMatchPolicy)
return nil
}
@@ -594,6 +595,7 @@ func autoConvert_apiserver_Issuer_To_v1alpha1_Issuer(in *apiserver.Issuer, out *
out.URL = in.URL
out.CertificateAuthority = in.CertificateAuthority
out.Audiences = *(*[]string)(unsafe.Pointer(&in.Audiences))
+ out.AudienceMatchPolicy = AudienceMatchPolicyType(in.AudienceMatchPolicy)
return nil
}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation.go
index 843324085c..eb0d3dd6de 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation.go
@@ -40,16 +40,9 @@ import (
"k8s.io/client-go/util/cert"
)
-const (
- atLeastOneRequiredErrFmt = "at least one %s is required"
-)
-
-var (
- root = field.NewPath("jwt")
-)
-
// ValidateAuthenticationConfiguration validates a given AuthenticationConfiguration.
func ValidateAuthenticationConfiguration(c *api.AuthenticationConfiguration) field.ErrorList {
+ root := field.NewPath("jwt")
var allErrs field.ErrorList
// This stricter validation is solely based on what the current implementation supports.
@@ -108,7 +101,7 @@ func validateIssuer(issuer api.Issuer, fldPath *field.Path) field.ErrorList {
var allErrs field.ErrorList
allErrs = append(allErrs, validateURL(issuer.URL, fldPath.Child("url"))...)
- allErrs = append(allErrs, validateAudiences(issuer.Audiences, fldPath.Child("audiences"))...)
+ allErrs = append(allErrs, validateAudiences(issuer.Audiences, issuer.AudienceMatchPolicy, fldPath.Child("audiences"), fldPath.Child("audienceMatchPolicy"))...)
allErrs = append(allErrs, validateCertificateAuthority(issuer.CertificateAuthority, fldPath.Child("certificateAuthority"))...)
return allErrs
@@ -143,25 +136,31 @@ func validateURL(issuerURL string, fldPath *field.Path) field.ErrorList {
return allErrs
}
-func validateAudiences(audiences []string, fldPath *field.Path) field.ErrorList {
+func validateAudiences(audiences []string, audienceMatchPolicy api.AudienceMatchPolicyType, fldPath, audienceMatchPolicyFldPath *field.Path) field.ErrorList {
var allErrs field.ErrorList
if len(audiences) == 0 {
allErrs = append(allErrs, field.Required(fldPath, fmt.Sprintf(atLeastOneRequiredErrFmt, fldPath)))
return allErrs
}
- // This stricter validation is because the --oidc-client-id flag option is singular.
- // This will be removed when we support multiple audiences with the StructuredAuthenticationConfiguration feature gate.
- if len(audiences) > 1 {
- allErrs = append(allErrs, field.TooMany(fldPath, len(audiences), 1))
- return allErrs
- }
+ seenAudiences := sets.NewString()
for i, audience := range audiences {
fldPath := fldPath.Index(i)
if len(audience) == 0 {
allErrs = append(allErrs, field.Required(fldPath, "audience can't be empty"))
}
+ if seenAudiences.Has(audience) {
+ allErrs = append(allErrs, field.Duplicate(fldPath, audience))
+ }
+ seenAudiences.Insert(audience)
+ }
+
+ if len(audiences) > 1 && audienceMatchPolicy != api.AudienceMatchPolicyMatchAny {
+ allErrs = append(allErrs, field.Invalid(audienceMatchPolicyFldPath, audienceMatchPolicy, "audienceMatchPolicy must be MatchAny for multiple audiences"))
+ }
+ if len(audiences) == 1 && (len(audienceMatchPolicy) > 0 && audienceMatchPolicy != api.AudienceMatchPolicyMatchAny) {
+ allErrs = append(allErrs, field.Invalid(audienceMatchPolicyFldPath, audienceMatchPolicy, "audienceMatchPolicy must be empty or MatchAny for single audience"))
}
return allErrs
@@ -220,6 +219,7 @@ func validateClaimValidationRules(compiler authenticationcel.Compiler, celMapper
compilationResult, err := compileClaimsCELExpression(compiler, &authenticationcel.ClaimValidationCondition{
Expression: rule.Expression,
+ Message: rule.Message,
}, fldPath.Child("expression"))
if err != nil {
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/validation/validation.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation_encryption.go
similarity index 91%
rename from vendor/k8s.io/apiserver/pkg/apis/config/validation/validation.go
rename to vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation_encryption.go
index 90708472a8..b8dd5fe0b5 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/config/validation/validation.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/validation/validation_encryption.go
@@ -26,7 +26,7 @@ import (
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/util/sets"
"k8s.io/apimachinery/pkg/util/validation/field"
- "k8s.io/apiserver/pkg/apis/config"
+ "k8s.io/apiserver/pkg/apis/apiserver"
)
const (
@@ -59,12 +59,11 @@ var (
// See https://godoc.org/golang.org/x/crypto/nacl/secretbox#Open for details on the supported key sizes for Secretbox.
secretBoxKeySizes = []int{32}
-
- root = field.NewPath("resources")
)
// ValidateEncryptionConfiguration validates a v1.EncryptionConfiguration.
-func ValidateEncryptionConfiguration(c *config.EncryptionConfiguration, reload bool) field.ErrorList {
+func ValidateEncryptionConfiguration(c *apiserver.EncryptionConfiguration, reload bool) field.ErrorList {
+ root := field.NewPath("resources")
allErrs := field.ErrorList{}
if c == nil {
@@ -78,7 +77,7 @@ func ValidateEncryptionConfiguration(c *config.EncryptionConfiguration, reload b
}
// kmsProviderNames is used to track config names to ensure they are unique.
- kmsProviderNames := sets.NewString()
+ kmsProviderNames := sets.New[string]()
for i, conf := range c.Resources {
r := root.Index(i).Child("resources")
p := root.Index(i).Child("providers")
@@ -284,7 +283,7 @@ func validateResourceNames(resources []string, fieldPath *field.Path) field.Erro
return allErrs
}
-func validateSingleProvider(provider config.ProviderConfiguration, fieldPath *field.Path) field.ErrorList {
+func validateSingleProvider(provider apiserver.ProviderConfiguration, fieldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
found := 0
@@ -315,7 +314,7 @@ func validateSingleProvider(provider config.ProviderConfiguration, fieldPath *fi
return allErrs
}
-func validateKeys(keys []config.Key, fieldPath *field.Path, expectedLen []int) field.ErrorList {
+func validateKeys(keys []apiserver.Key, fieldPath *field.Path, expectedLen []int) field.ErrorList {
allErrs := field.ErrorList{}
if len(keys) == 0 {
@@ -330,7 +329,7 @@ func validateKeys(keys []config.Key, fieldPath *field.Path, expectedLen []int) f
return allErrs
}
-func validateKey(key config.Key, fieldPath *field.Path, expectedLen []int) field.ErrorList {
+func validateKey(key apiserver.Key, fieldPath *field.Path, expectedLen []int) field.ErrorList {
allErrs := field.ErrorList{}
if key.Name == "" {
@@ -363,7 +362,7 @@ func validateKey(key config.Key, fieldPath *field.Path, expectedLen []int) field
return allErrs
}
-func validateKMSConfiguration(c *config.KMSConfiguration, fieldPath *field.Path, kmsProviderNames sets.String, reload bool) field.ErrorList {
+func validateKMSConfiguration(c *apiserver.KMSConfiguration, fieldPath *field.Path, kmsProviderNames sets.Set[string], reload bool) field.ErrorList {
allErrs := field.ErrorList{}
allErrs = append(allErrs, validateKMSConfigName(c, fieldPath.Child("name"), kmsProviderNames, reload)...)
@@ -374,7 +373,7 @@ func validateKMSConfiguration(c *config.KMSConfiguration, fieldPath *field.Path,
return allErrs
}
-func validateKMSCacheSize(c *config.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
+func validateKMSCacheSize(c *apiserver.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
// In defaulting, we set the cache size to the default value only when API version is v1.
@@ -389,7 +388,7 @@ func validateKMSCacheSize(c *config.KMSConfiguration, fieldPath *field.Path) fie
return allErrs
}
-func validateKMSTimeout(c *config.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
+func validateKMSTimeout(c *apiserver.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
if c.Timeout.Duration <= 0 {
allErrs = append(allErrs, field.Invalid(fieldPath, c.Timeout, fmt.Sprintf(zeroOrNegativeErrFmt, "timeout")))
@@ -398,7 +397,7 @@ func validateKMSTimeout(c *config.KMSConfiguration, fieldPath *field.Path) field
return allErrs
}
-func validateKMSEndpoint(c *config.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
+func validateKMSEndpoint(c *apiserver.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
if len(c.Endpoint) == 0 {
return append(allErrs, field.Invalid(fieldPath, "", fmt.Sprintf(mandatoryFieldErrFmt, "endpoint", "kms")))
@@ -416,7 +415,7 @@ func validateKMSEndpoint(c *config.KMSConfiguration, fieldPath *field.Path) fiel
return allErrs
}
-func validateKMSAPIVersion(c *config.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
+func validateKMSAPIVersion(c *apiserver.KMSConfiguration, fieldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{}
if c.APIVersion != "v1" && c.APIVersion != "v2" {
allErrs = append(allErrs, field.Invalid(fieldPath, c.APIVersion, fmt.Sprintf(unsupportedKMSAPIVersionErrFmt, "apiVersion")))
@@ -425,7 +424,7 @@ func validateKMSAPIVersion(c *config.KMSConfiguration, fieldPath *field.Path) fi
return allErrs
}
-func validateKMSConfigName(c *config.KMSConfiguration, fieldPath *field.Path, kmsProviderNames sets.String, reload bool) field.ErrorList {
+func validateKMSConfigName(c *apiserver.KMSConfiguration, fieldPath *field.Path, kmsProviderNames sets.Set[string], reload bool) field.ErrorList {
allErrs := field.ErrorList{}
if c.Name == "" {
allErrs = append(allErrs, field.Required(fieldPath, fmt.Sprintf(mandatoryFieldErrFmt, "name", "provider")))
diff --git a/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go
index 77e5c31421..b88c47c672 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/apiserver/zz_generated.deepcopy.go
@@ -22,9 +22,31 @@ limitations under the License.
package apiserver
import (
+ v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
)
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AESConfiguration) DeepCopyInto(out *AESConfiguration) {
+ *out = *in
+ if in.Keys != nil {
+ in, out := &in.Keys, &out.Keys
+ *out = make([]Key, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AESConfiguration.
+func (in *AESConfiguration) DeepCopy() *AESConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(AESConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AdmissionConfiguration) DeepCopyInto(out *AdmissionConfiguration) {
*out = *in
@@ -289,6 +311,38 @@ func (in *EgressSelectorConfiguration) DeepCopyObject() runtime.Object {
return nil
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *EncryptionConfiguration) DeepCopyInto(out *EncryptionConfiguration) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ if in.Resources != nil {
+ in, out := &in.Resources, &out.Resources
+ *out = make([]ResourceConfiguration, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfiguration.
+func (in *EncryptionConfiguration) DeepCopy() *EncryptionConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(EncryptionConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *EncryptionConfiguration) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ExtraMapping) DeepCopyInto(out *ExtraMapping) {
*out = *in
@@ -305,6 +359,22 @@ func (in *ExtraMapping) DeepCopy() *ExtraMapping {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *IdentityConfiguration) DeepCopyInto(out *IdentityConfiguration) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityConfiguration.
+func (in *IdentityConfiguration) DeepCopy() *IdentityConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(IdentityConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Issuer) DeepCopyInto(out *Issuer) {
*out = *in
@@ -354,6 +424,48 @@ func (in *JWTAuthenticator) DeepCopy() *JWTAuthenticator {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *KMSConfiguration) DeepCopyInto(out *KMSConfiguration) {
+ *out = *in
+ if in.CacheSize != nil {
+ in, out := &in.CacheSize, &out.CacheSize
+ *out = new(int32)
+ **out = **in
+ }
+ if in.Timeout != nil {
+ in, out := &in.Timeout, &out.Timeout
+ *out = new(v1.Duration)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfiguration.
+func (in *KMSConfiguration) DeepCopy() *KMSConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(KMSConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Key) DeepCopyInto(out *Key) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
+func (in *Key) DeepCopy() *Key {
+ if in == nil {
+ return nil
+ }
+ out := new(Key)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PrefixedClaimOrExpression) DeepCopyInto(out *PrefixedClaimOrExpression) {
*out = *in
@@ -375,6 +487,96 @@ func (in *PrefixedClaimOrExpression) DeepCopy() *PrefixedClaimOrExpression {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ProviderConfiguration) DeepCopyInto(out *ProviderConfiguration) {
+ *out = *in
+ if in.AESGCM != nil {
+ in, out := &in.AESGCM, &out.AESGCM
+ *out = new(AESConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.AESCBC != nil {
+ in, out := &in.AESCBC, &out.AESCBC
+ *out = new(AESConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.Secretbox != nil {
+ in, out := &in.Secretbox, &out.Secretbox
+ *out = new(SecretboxConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.Identity != nil {
+ in, out := &in.Identity, &out.Identity
+ *out = new(IdentityConfiguration)
+ **out = **in
+ }
+ if in.KMS != nil {
+ in, out := &in.KMS, &out.KMS
+ *out = new(KMSConfiguration)
+ (*in).DeepCopyInto(*out)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfiguration.
+func (in *ProviderConfiguration) DeepCopy() *ProviderConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(ProviderConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResourceConfiguration) DeepCopyInto(out *ResourceConfiguration) {
+ *out = *in
+ if in.Resources != nil {
+ in, out := &in.Resources, &out.Resources
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
+ if in.Providers != nil {
+ in, out := &in.Providers, &out.Providers
+ *out = make([]ProviderConfiguration, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceConfiguration.
+func (in *ResourceConfiguration) DeepCopy() *ResourceConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(ResourceConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SecretboxConfiguration) DeepCopyInto(out *SecretboxConfiguration) {
+ *out = *in
+ if in.Keys != nil {
+ in, out := &in.Keys, &out.Keys
+ *out = make([]Key, len(*in))
+ copy(*out, *in)
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretboxConfiguration.
+func (in *SecretboxConfiguration) DeepCopy() *SecretboxConfiguration {
+ if in == nil {
+ return nil
+ }
+ out := new(SecretboxConfiguration)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TCPTransport) DeepCopyInto(out *TCPTransport) {
*out = *in
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto b/vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto
index 13c41e54ce..bda8c6953c 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1/generated.proto
@@ -62,6 +62,7 @@ message Event {
// IP in the list up to here (X-Forwarded-For or X-Real-Ip).
// Note: All but the last IP can be arbitrarily set by the client.
// +optional
+ // +listType=atomic
repeated string sourceIPs = 8;
// UserAgent records the user agent string reported by the client.
@@ -140,12 +141,14 @@ message GroupResources {
//
// An empty list implies all resources and subresources in this API groups apply.
// +optional
+ // +listType=atomic
repeated string resources = 2;
// ResourceNames is a list of resource instance names that the policy matches.
// Using this field requires Resources to be specified.
// An empty list implies that every instance of the resource is matched.
// +optional
+ // +listType=atomic
repeated string resourceNames = 3;
}
@@ -190,11 +193,13 @@ message Policy {
// A request may match multiple rules, in which case the FIRST matching rule is used.
// The default audit level is None, but can be overridden by a catch-all rule at the end of the list.
// PolicyRules are strictly ordered.
+ // +listType=atomic
repeated PolicyRule rules = 2;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified per rule in which case the union of both are omitted.
// +optional
+ // +listType=atomic
repeated string omitStages = 3;
// OmitManagedFields indicates whether to omit the managed fields of the request
@@ -224,27 +229,32 @@ message PolicyRule {
// The users (by authenticated user name) this rule applies to.
// An empty list implies every user.
// +optional
+ // +listType=atomic
repeated string users = 2;
// The user groups this rule applies to. A user is considered matching
// if it is a member of any of the UserGroups.
// An empty list implies every user group.
// +optional
+ // +listType=atomic
repeated string userGroups = 3;
// The verbs that match this rule.
// An empty list implies every verb.
// +optional
+ // +listType=atomic
repeated string verbs = 4;
// Resources that this rule matches. An empty list implies all kinds in all API groups.
// +optional
+ // +listType=atomic
repeated GroupResources resources = 5;
// Namespaces that this rule matches.
// The empty string "" matches non-namespaced resources.
// An empty list implies every namespace.
// +optional
+ // +listType=atomic
repeated string namespaces = 6;
// NonResourceURLs is a set of URL paths that should be audited.
@@ -253,12 +263,14 @@ message PolicyRule {
// - `/metrics` - Log requests for apiserver metrics
// - `/healthz*` - Log all health checks
// +optional
+ // +listType=atomic
repeated string nonResourceURLs = 7;
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified policy wide in which case the union of both are omitted.
// An empty list means no restrictions will apply.
// +optional
+ // +listType=atomic
repeated string omitStages = 8;
// OmitManagedFields indicates whether to omit the managed fields of the request
diff --git a/vendor/k8s.io/apiserver/pkg/apis/audit/v1/types.go b/vendor/k8s.io/apiserver/pkg/apis/audit/v1/types.go
index 151c56c689..ae122d6c4d 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/audit/v1/types.go
+++ b/vendor/k8s.io/apiserver/pkg/apis/audit/v1/types.go
@@ -98,6 +98,7 @@ type Event struct {
// IP in the list up to here (X-Forwarded-For or X-Real-Ip).
// Note: All but the last IP can be arbitrarily set by the client.
// +optional
+ // +listType=atomic
SourceIPs []string `json:"sourceIPs,omitempty" protobuf:"bytes,8,rep,name=sourceIPs"`
// UserAgent records the user agent string reported by the client.
// Note that the UserAgent is provided by the client, and must not be trusted.
@@ -166,11 +167,13 @@ type Policy struct {
// A request may match multiple rules, in which case the FIRST matching rule is used.
// The default audit level is None, but can be overridden by a catch-all rule at the end of the list.
// PolicyRules are strictly ordered.
+ // +listType=atomic
Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified per rule in which case the union of both are omitted.
// +optional
+ // +listType=atomic
OmitStages []Stage `json:"omitStages,omitempty" protobuf:"bytes,3,rep,name=omitStages"`
// OmitManagedFields indicates whether to omit the managed fields of the request
@@ -203,16 +206,19 @@ type PolicyRule struct {
// The users (by authenticated user name) this rule applies to.
// An empty list implies every user.
// +optional
+ // +listType=atomic
Users []string `json:"users,omitempty" protobuf:"bytes,2,rep,name=users"`
// The user groups this rule applies to. A user is considered matching
// if it is a member of any of the UserGroups.
// An empty list implies every user group.
// +optional
+ // +listType=atomic
UserGroups []string `json:"userGroups,omitempty" protobuf:"bytes,3,rep,name=userGroups"`
// The verbs that match this rule.
// An empty list implies every verb.
// +optional
+ // +listType=atomic
Verbs []string `json:"verbs,omitempty" protobuf:"bytes,4,rep,name=verbs"`
// Rules can apply to API resources (such as "pods" or "secrets"),
@@ -221,11 +227,13 @@ type PolicyRule struct {
// Resources that this rule matches. An empty list implies all kinds in all API groups.
// +optional
+ // +listType=atomic
Resources []GroupResources `json:"resources,omitempty" protobuf:"bytes,5,rep,name=resources"`
// Namespaces that this rule matches.
// The empty string "" matches non-namespaced resources.
// An empty list implies every namespace.
// +optional
+ // +listType=atomic
Namespaces []string `json:"namespaces,omitempty" protobuf:"bytes,6,rep,name=namespaces"`
// NonResourceURLs is a set of URL paths that should be audited.
@@ -234,12 +242,14 @@ type PolicyRule struct {
// - `/metrics` - Log requests for apiserver metrics
// - `/healthz*` - Log all health checks
// +optional
+ // +listType=atomic
NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,7,rep,name=nonResourceURLs"`
// OmitStages is a list of stages for which no events are created. Note that this can also
// be specified policy wide in which case the union of both are omitted.
// An empty list means no restrictions will apply.
// +optional
+ // +listType=atomic
OmitStages []Stage `json:"omitStages,omitempty" protobuf:"bytes,8,rep,name=omitStages"`
// OmitManagedFields indicates whether to omit the managed fields of the request
@@ -274,11 +284,13 @@ type GroupResources struct {
//
// An empty list implies all resources and subresources in this API groups apply.
// +optional
+ // +listType=atomic
Resources []string `json:"resources,omitempty" protobuf:"bytes,2,rep,name=resources"`
// ResourceNames is a list of resource instance names that the policy matches.
// Using this field requires Resources to be specified.
// An empty list implies that every instance of the resource is matched.
// +optional
+ // +listType=atomic
ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,3,rep,name=resourceNames"`
}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/register.go b/vendor/k8s.io/apiserver/pkg/apis/config/register.go
deleted file mode 100644
index 6a0aae8e56..0000000000
--- a/vendor/k8s.io/apiserver/pkg/apis/config/register.go
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package config
-
-import (
- "k8s.io/apimachinery/pkg/runtime"
- "k8s.io/apimachinery/pkg/runtime/schema"
-)
-
-var (
- // SchemeBuilder points to a list of functions added to Scheme.
- SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
- // AddToScheme adds this group to a scheme.
- AddToScheme = SchemeBuilder.AddToScheme
-)
-
-// GroupName is the group name use in this package.
-const GroupName = "apiserver.config.k8s.io"
-
-// SchemeGroupVersion is group version used to register these objects.
-var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
-
-// Kind takes an unqualified kind and returns a Group qualified GroupKind.
-func Kind(kind string) schema.GroupKind {
- return SchemeGroupVersion.WithKind(kind).GroupKind()
-}
-
-// Resource takes an unqualified resource and returns a Group qualified GroupResource.
-func Resource(resource string) schema.GroupResource {
- return SchemeGroupVersion.WithResource(resource).GroupResource()
-}
-
-func addKnownTypes(scheme *runtime.Scheme) error {
- // TODO this will get cleaned up with the scheme types are fixed
- scheme.AddKnownTypes(SchemeGroupVersion,
- &EncryptionConfiguration{},
- )
- return nil
-}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/register.go b/vendor/k8s.io/apiserver/pkg/apis/config/v1/register.go
deleted file mode 100644
index 32b5634c44..0000000000
--- a/vendor/k8s.io/apiserver/pkg/apis/config/v1/register.go
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import (
- "k8s.io/apimachinery/pkg/runtime"
- "k8s.io/apimachinery/pkg/runtime/schema"
-)
-
-// GroupName is the group name use in this package.
-const GroupName = "apiserver.config.k8s.io"
-
-// SchemeGroupVersion is group version used to register these objects.
-var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}
-
-var (
- // SchemeBuilder points to a list of functions added to Scheme.
- SchemeBuilder runtime.SchemeBuilder
- localSchemeBuilder = &SchemeBuilder
- // AddToScheme adds this group to a scheme.
- AddToScheme = localSchemeBuilder.AddToScheme
-)
-
-func init() {
- // We only register manually written functions here. The registration of the
- // generated functions takes place in the generated files. The separation
- // makes the code compile even when the generated files are missing.
- localSchemeBuilder.Register(addKnownTypes)
- localSchemeBuilder.Register(addDefaultingFuncs)
-}
-
-func addKnownTypes(scheme *runtime.Scheme) error {
- scheme.AddKnownTypes(SchemeGroupVersion,
- &EncryptionConfiguration{},
- )
- // also register into the v1 group as EncryptionConfig (due to a docs bug)
- scheme.AddKnownTypeWithName(schema.GroupVersionKind{Group: "", Version: "v1", Kind: "EncryptionConfig"}, &EncryptionConfiguration{})
- return nil
-}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.conversion.go b/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.conversion.go
deleted file mode 100644
index 8585428632..0000000000
--- a/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.conversion.go
+++ /dev/null
@@ -1,299 +0,0 @@
-//go:build !ignore_autogenerated
-// +build !ignore_autogenerated
-
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by conversion-gen. DO NOT EDIT.
-
-package v1
-
-import (
- unsafe "unsafe"
-
- metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
- conversion "k8s.io/apimachinery/pkg/conversion"
- runtime "k8s.io/apimachinery/pkg/runtime"
- config "k8s.io/apiserver/pkg/apis/config"
-)
-
-func init() {
- localSchemeBuilder.Register(RegisterConversions)
-}
-
-// RegisterConversions adds conversion functions to the given scheme.
-// Public to allow building arbitrary schemes.
-func RegisterConversions(s *runtime.Scheme) error {
- if err := s.AddGeneratedConversionFunc((*AESConfiguration)(nil), (*config.AESConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_AESConfiguration_To_config_AESConfiguration(a.(*AESConfiguration), b.(*config.AESConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.AESConfiguration)(nil), (*AESConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_AESConfiguration_To_v1_AESConfiguration(a.(*config.AESConfiguration), b.(*AESConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*EncryptionConfiguration)(nil), (*config.EncryptionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration(a.(*EncryptionConfiguration), b.(*config.EncryptionConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.EncryptionConfiguration)(nil), (*EncryptionConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration(a.(*config.EncryptionConfiguration), b.(*EncryptionConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*IdentityConfiguration)(nil), (*config.IdentityConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration(a.(*IdentityConfiguration), b.(*config.IdentityConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.IdentityConfiguration)(nil), (*IdentityConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration(a.(*config.IdentityConfiguration), b.(*IdentityConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*KMSConfiguration)(nil), (*config.KMSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_KMSConfiguration_To_config_KMSConfiguration(a.(*KMSConfiguration), b.(*config.KMSConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.KMSConfiguration)(nil), (*KMSConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_KMSConfiguration_To_v1_KMSConfiguration(a.(*config.KMSConfiguration), b.(*KMSConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*Key)(nil), (*config.Key)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_Key_To_config_Key(a.(*Key), b.(*config.Key), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.Key)(nil), (*Key)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_Key_To_v1_Key(a.(*config.Key), b.(*Key), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*ProviderConfiguration)(nil), (*config.ProviderConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration(a.(*ProviderConfiguration), b.(*config.ProviderConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.ProviderConfiguration)(nil), (*ProviderConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration(a.(*config.ProviderConfiguration), b.(*ProviderConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*ResourceConfiguration)(nil), (*config.ResourceConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration(a.(*ResourceConfiguration), b.(*config.ResourceConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.ResourceConfiguration)(nil), (*ResourceConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration(a.(*config.ResourceConfiguration), b.(*ResourceConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*SecretboxConfiguration)(nil), (*config.SecretboxConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration(a.(*SecretboxConfiguration), b.(*config.SecretboxConfiguration), scope)
- }); err != nil {
- return err
- }
- if err := s.AddGeneratedConversionFunc((*config.SecretboxConfiguration)(nil), (*SecretboxConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
- return Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration(a.(*config.SecretboxConfiguration), b.(*SecretboxConfiguration), scope)
- }); err != nil {
- return err
- }
- return nil
-}
-
-func autoConvert_v1_AESConfiguration_To_config_AESConfiguration(in *AESConfiguration, out *config.AESConfiguration, s conversion.Scope) error {
- out.Keys = *(*[]config.Key)(unsafe.Pointer(&in.Keys))
- return nil
-}
-
-// Convert_v1_AESConfiguration_To_config_AESConfiguration is an autogenerated conversion function.
-func Convert_v1_AESConfiguration_To_config_AESConfiguration(in *AESConfiguration, out *config.AESConfiguration, s conversion.Scope) error {
- return autoConvert_v1_AESConfiguration_To_config_AESConfiguration(in, out, s)
-}
-
-func autoConvert_config_AESConfiguration_To_v1_AESConfiguration(in *config.AESConfiguration, out *AESConfiguration, s conversion.Scope) error {
- out.Keys = *(*[]Key)(unsafe.Pointer(&in.Keys))
- return nil
-}
-
-// Convert_config_AESConfiguration_To_v1_AESConfiguration is an autogenerated conversion function.
-func Convert_config_AESConfiguration_To_v1_AESConfiguration(in *config.AESConfiguration, out *AESConfiguration, s conversion.Scope) error {
- return autoConvert_config_AESConfiguration_To_v1_AESConfiguration(in, out, s)
-}
-
-func autoConvert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration(in *EncryptionConfiguration, out *config.EncryptionConfiguration, s conversion.Scope) error {
- out.Resources = *(*[]config.ResourceConfiguration)(unsafe.Pointer(&in.Resources))
- return nil
-}
-
-// Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration is an autogenerated conversion function.
-func Convert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration(in *EncryptionConfiguration, out *config.EncryptionConfiguration, s conversion.Scope) error {
- return autoConvert_v1_EncryptionConfiguration_To_config_EncryptionConfiguration(in, out, s)
-}
-
-func autoConvert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration(in *config.EncryptionConfiguration, out *EncryptionConfiguration, s conversion.Scope) error {
- out.Resources = *(*[]ResourceConfiguration)(unsafe.Pointer(&in.Resources))
- return nil
-}
-
-// Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration is an autogenerated conversion function.
-func Convert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration(in *config.EncryptionConfiguration, out *EncryptionConfiguration, s conversion.Scope) error {
- return autoConvert_config_EncryptionConfiguration_To_v1_EncryptionConfiguration(in, out, s)
-}
-
-func autoConvert_v1_IdentityConfiguration_To_config_IdentityConfiguration(in *IdentityConfiguration, out *config.IdentityConfiguration, s conversion.Scope) error {
- return nil
-}
-
-// Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration is an autogenerated conversion function.
-func Convert_v1_IdentityConfiguration_To_config_IdentityConfiguration(in *IdentityConfiguration, out *config.IdentityConfiguration, s conversion.Scope) error {
- return autoConvert_v1_IdentityConfiguration_To_config_IdentityConfiguration(in, out, s)
-}
-
-func autoConvert_config_IdentityConfiguration_To_v1_IdentityConfiguration(in *config.IdentityConfiguration, out *IdentityConfiguration, s conversion.Scope) error {
- return nil
-}
-
-// Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration is an autogenerated conversion function.
-func Convert_config_IdentityConfiguration_To_v1_IdentityConfiguration(in *config.IdentityConfiguration, out *IdentityConfiguration, s conversion.Scope) error {
- return autoConvert_config_IdentityConfiguration_To_v1_IdentityConfiguration(in, out, s)
-}
-
-func autoConvert_v1_KMSConfiguration_To_config_KMSConfiguration(in *KMSConfiguration, out *config.KMSConfiguration, s conversion.Scope) error {
- out.APIVersion = in.APIVersion
- out.Name = in.Name
- out.CacheSize = (*int32)(unsafe.Pointer(in.CacheSize))
- out.Endpoint = in.Endpoint
- out.Timeout = (*metav1.Duration)(unsafe.Pointer(in.Timeout))
- return nil
-}
-
-// Convert_v1_KMSConfiguration_To_config_KMSConfiguration is an autogenerated conversion function.
-func Convert_v1_KMSConfiguration_To_config_KMSConfiguration(in *KMSConfiguration, out *config.KMSConfiguration, s conversion.Scope) error {
- return autoConvert_v1_KMSConfiguration_To_config_KMSConfiguration(in, out, s)
-}
-
-func autoConvert_config_KMSConfiguration_To_v1_KMSConfiguration(in *config.KMSConfiguration, out *KMSConfiguration, s conversion.Scope) error {
- out.APIVersion = in.APIVersion
- out.Name = in.Name
- out.CacheSize = (*int32)(unsafe.Pointer(in.CacheSize))
- out.Endpoint = in.Endpoint
- out.Timeout = (*metav1.Duration)(unsafe.Pointer(in.Timeout))
- return nil
-}
-
-// Convert_config_KMSConfiguration_To_v1_KMSConfiguration is an autogenerated conversion function.
-func Convert_config_KMSConfiguration_To_v1_KMSConfiguration(in *config.KMSConfiguration, out *KMSConfiguration, s conversion.Scope) error {
- return autoConvert_config_KMSConfiguration_To_v1_KMSConfiguration(in, out, s)
-}
-
-func autoConvert_v1_Key_To_config_Key(in *Key, out *config.Key, s conversion.Scope) error {
- out.Name = in.Name
- out.Secret = in.Secret
- return nil
-}
-
-// Convert_v1_Key_To_config_Key is an autogenerated conversion function.
-func Convert_v1_Key_To_config_Key(in *Key, out *config.Key, s conversion.Scope) error {
- return autoConvert_v1_Key_To_config_Key(in, out, s)
-}
-
-func autoConvert_config_Key_To_v1_Key(in *config.Key, out *Key, s conversion.Scope) error {
- out.Name = in.Name
- out.Secret = in.Secret
- return nil
-}
-
-// Convert_config_Key_To_v1_Key is an autogenerated conversion function.
-func Convert_config_Key_To_v1_Key(in *config.Key, out *Key, s conversion.Scope) error {
- return autoConvert_config_Key_To_v1_Key(in, out, s)
-}
-
-func autoConvert_v1_ProviderConfiguration_To_config_ProviderConfiguration(in *ProviderConfiguration, out *config.ProviderConfiguration, s conversion.Scope) error {
- out.AESGCM = (*config.AESConfiguration)(unsafe.Pointer(in.AESGCM))
- out.AESCBC = (*config.AESConfiguration)(unsafe.Pointer(in.AESCBC))
- out.Secretbox = (*config.SecretboxConfiguration)(unsafe.Pointer(in.Secretbox))
- out.Identity = (*config.IdentityConfiguration)(unsafe.Pointer(in.Identity))
- out.KMS = (*config.KMSConfiguration)(unsafe.Pointer(in.KMS))
- return nil
-}
-
-// Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration is an autogenerated conversion function.
-func Convert_v1_ProviderConfiguration_To_config_ProviderConfiguration(in *ProviderConfiguration, out *config.ProviderConfiguration, s conversion.Scope) error {
- return autoConvert_v1_ProviderConfiguration_To_config_ProviderConfiguration(in, out, s)
-}
-
-func autoConvert_config_ProviderConfiguration_To_v1_ProviderConfiguration(in *config.ProviderConfiguration, out *ProviderConfiguration, s conversion.Scope) error {
- out.AESGCM = (*AESConfiguration)(unsafe.Pointer(in.AESGCM))
- out.AESCBC = (*AESConfiguration)(unsafe.Pointer(in.AESCBC))
- out.Secretbox = (*SecretboxConfiguration)(unsafe.Pointer(in.Secretbox))
- out.Identity = (*IdentityConfiguration)(unsafe.Pointer(in.Identity))
- out.KMS = (*KMSConfiguration)(unsafe.Pointer(in.KMS))
- return nil
-}
-
-// Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration is an autogenerated conversion function.
-func Convert_config_ProviderConfiguration_To_v1_ProviderConfiguration(in *config.ProviderConfiguration, out *ProviderConfiguration, s conversion.Scope) error {
- return autoConvert_config_ProviderConfiguration_To_v1_ProviderConfiguration(in, out, s)
-}
-
-func autoConvert_v1_ResourceConfiguration_To_config_ResourceConfiguration(in *ResourceConfiguration, out *config.ResourceConfiguration, s conversion.Scope) error {
- out.Resources = *(*[]string)(unsafe.Pointer(&in.Resources))
- out.Providers = *(*[]config.ProviderConfiguration)(unsafe.Pointer(&in.Providers))
- return nil
-}
-
-// Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration is an autogenerated conversion function.
-func Convert_v1_ResourceConfiguration_To_config_ResourceConfiguration(in *ResourceConfiguration, out *config.ResourceConfiguration, s conversion.Scope) error {
- return autoConvert_v1_ResourceConfiguration_To_config_ResourceConfiguration(in, out, s)
-}
-
-func autoConvert_config_ResourceConfiguration_To_v1_ResourceConfiguration(in *config.ResourceConfiguration, out *ResourceConfiguration, s conversion.Scope) error {
- out.Resources = *(*[]string)(unsafe.Pointer(&in.Resources))
- out.Providers = *(*[]ProviderConfiguration)(unsafe.Pointer(&in.Providers))
- return nil
-}
-
-// Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration is an autogenerated conversion function.
-func Convert_config_ResourceConfiguration_To_v1_ResourceConfiguration(in *config.ResourceConfiguration, out *ResourceConfiguration, s conversion.Scope) error {
- return autoConvert_config_ResourceConfiguration_To_v1_ResourceConfiguration(in, out, s)
-}
-
-func autoConvert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration(in *SecretboxConfiguration, out *config.SecretboxConfiguration, s conversion.Scope) error {
- out.Keys = *(*[]config.Key)(unsafe.Pointer(&in.Keys))
- return nil
-}
-
-// Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration is an autogenerated conversion function.
-func Convert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration(in *SecretboxConfiguration, out *config.SecretboxConfiguration, s conversion.Scope) error {
- return autoConvert_v1_SecretboxConfiguration_To_config_SecretboxConfiguration(in, out, s)
-}
-
-func autoConvert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration(in *config.SecretboxConfiguration, out *SecretboxConfiguration, s conversion.Scope) error {
- out.Keys = *(*[]Key)(unsafe.Pointer(&in.Keys))
- return nil
-}
-
-// Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration is an autogenerated conversion function.
-func Convert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration(in *config.SecretboxConfiguration, out *SecretboxConfiguration, s conversion.Scope) error {
- return autoConvert_config_SecretboxConfiguration_To_v1_SecretboxConfiguration(in, out, s)
-}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.deepcopy.go
deleted file mode 100644
index 3d2ac484b0..0000000000
--- a/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.deepcopy.go
+++ /dev/null
@@ -1,228 +0,0 @@
-//go:build !ignore_autogenerated
-// +build !ignore_autogenerated
-
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by deepcopy-gen. DO NOT EDIT.
-
-package v1
-
-import (
- metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
- runtime "k8s.io/apimachinery/pkg/runtime"
-)
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *AESConfiguration) DeepCopyInto(out *AESConfiguration) {
- *out = *in
- if in.Keys != nil {
- in, out := &in.Keys, &out.Keys
- *out = make([]Key, len(*in))
- copy(*out, *in)
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AESConfiguration.
-func (in *AESConfiguration) DeepCopy() *AESConfiguration {
- if in == nil {
- return nil
- }
- out := new(AESConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *EncryptionConfiguration) DeepCopyInto(out *EncryptionConfiguration) {
- *out = *in
- out.TypeMeta = in.TypeMeta
- if in.Resources != nil {
- in, out := &in.Resources, &out.Resources
- *out = make([]ResourceConfiguration, len(*in))
- for i := range *in {
- (*in)[i].DeepCopyInto(&(*out)[i])
- }
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfiguration.
-func (in *EncryptionConfiguration) DeepCopy() *EncryptionConfiguration {
- if in == nil {
- return nil
- }
- out := new(EncryptionConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *EncryptionConfiguration) DeepCopyObject() runtime.Object {
- if c := in.DeepCopy(); c != nil {
- return c
- }
- return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *IdentityConfiguration) DeepCopyInto(out *IdentityConfiguration) {
- *out = *in
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityConfiguration.
-func (in *IdentityConfiguration) DeepCopy() *IdentityConfiguration {
- if in == nil {
- return nil
- }
- out := new(IdentityConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *KMSConfiguration) DeepCopyInto(out *KMSConfiguration) {
- *out = *in
- if in.CacheSize != nil {
- in, out := &in.CacheSize, &out.CacheSize
- *out = new(int32)
- **out = **in
- }
- if in.Timeout != nil {
- in, out := &in.Timeout, &out.Timeout
- *out = new(metav1.Duration)
- **out = **in
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfiguration.
-func (in *KMSConfiguration) DeepCopy() *KMSConfiguration {
- if in == nil {
- return nil
- }
- out := new(KMSConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *Key) DeepCopyInto(out *Key) {
- *out = *in
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
-func (in *Key) DeepCopy() *Key {
- if in == nil {
- return nil
- }
- out := new(Key)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ProviderConfiguration) DeepCopyInto(out *ProviderConfiguration) {
- *out = *in
- if in.AESGCM != nil {
- in, out := &in.AESGCM, &out.AESGCM
- *out = new(AESConfiguration)
- (*in).DeepCopyInto(*out)
- }
- if in.AESCBC != nil {
- in, out := &in.AESCBC, &out.AESCBC
- *out = new(AESConfiguration)
- (*in).DeepCopyInto(*out)
- }
- if in.Secretbox != nil {
- in, out := &in.Secretbox, &out.Secretbox
- *out = new(SecretboxConfiguration)
- (*in).DeepCopyInto(*out)
- }
- if in.Identity != nil {
- in, out := &in.Identity, &out.Identity
- *out = new(IdentityConfiguration)
- **out = **in
- }
- if in.KMS != nil {
- in, out := &in.KMS, &out.KMS
- *out = new(KMSConfiguration)
- (*in).DeepCopyInto(*out)
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfiguration.
-func (in *ProviderConfiguration) DeepCopy() *ProviderConfiguration {
- if in == nil {
- return nil
- }
- out := new(ProviderConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourceConfiguration) DeepCopyInto(out *ResourceConfiguration) {
- *out = *in
- if in.Resources != nil {
- in, out := &in.Resources, &out.Resources
- *out = make([]string, len(*in))
- copy(*out, *in)
- }
- if in.Providers != nil {
- in, out := &in.Providers, &out.Providers
- *out = make([]ProviderConfiguration, len(*in))
- for i := range *in {
- (*in)[i].DeepCopyInto(&(*out)[i])
- }
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceConfiguration.
-func (in *ResourceConfiguration) DeepCopy() *ResourceConfiguration {
- if in == nil {
- return nil
- }
- out := new(ResourceConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *SecretboxConfiguration) DeepCopyInto(out *SecretboxConfiguration) {
- *out = *in
- if in.Keys != nil {
- in, out := &in.Keys, &out.Keys
- *out = make([]Key, len(*in))
- copy(*out, *in)
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretboxConfiguration.
-func (in *SecretboxConfiguration) DeepCopy() *SecretboxConfiguration {
- if in == nil {
- return nil
- }
- out := new(SecretboxConfiguration)
- in.DeepCopyInto(out)
- return out
-}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.defaults.go b/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.defaults.go
deleted file mode 100644
index 82fec01110..0000000000
--- a/vendor/k8s.io/apiserver/pkg/apis/config/v1/zz_generated.defaults.go
+++ /dev/null
@@ -1,46 +0,0 @@
-//go:build !ignore_autogenerated
-// +build !ignore_autogenerated
-
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by defaulter-gen. DO NOT EDIT.
-
-package v1
-
-import (
- runtime "k8s.io/apimachinery/pkg/runtime"
-)
-
-// RegisterDefaults adds defaulters functions to the given scheme.
-// Public to allow building arbitrary schemes.
-// All generated defaulters are covering - they call all nested defaulters.
-func RegisterDefaults(scheme *runtime.Scheme) error {
- scheme.AddTypeDefaultingFunc(&EncryptionConfiguration{}, func(obj interface{}) { SetObjectDefaults_EncryptionConfiguration(obj.(*EncryptionConfiguration)) })
- return nil
-}
-
-func SetObjectDefaults_EncryptionConfiguration(in *EncryptionConfiguration) {
- for i := range in.Resources {
- a := &in.Resources[i]
- for j := range a.Providers {
- b := &a.Providers[j]
- if b.KMS != nil {
- SetDefaults_KMSConfiguration(b.KMS)
- }
- }
- }
-}
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/zz_generated.deepcopy.go b/vendor/k8s.io/apiserver/pkg/apis/config/zz_generated.deepcopy.go
deleted file mode 100644
index 13e5cffca8..0000000000
--- a/vendor/k8s.io/apiserver/pkg/apis/config/zz_generated.deepcopy.go
+++ /dev/null
@@ -1,228 +0,0 @@
-//go:build !ignore_autogenerated
-// +build !ignore_autogenerated
-
-/*
-Copyright The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-// Code generated by deepcopy-gen. DO NOT EDIT.
-
-package config
-
-import (
- v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
- runtime "k8s.io/apimachinery/pkg/runtime"
-)
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *AESConfiguration) DeepCopyInto(out *AESConfiguration) {
- *out = *in
- if in.Keys != nil {
- in, out := &in.Keys, &out.Keys
- *out = make([]Key, len(*in))
- copy(*out, *in)
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AESConfiguration.
-func (in *AESConfiguration) DeepCopy() *AESConfiguration {
- if in == nil {
- return nil
- }
- out := new(AESConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *EncryptionConfiguration) DeepCopyInto(out *EncryptionConfiguration) {
- *out = *in
- out.TypeMeta = in.TypeMeta
- if in.Resources != nil {
- in, out := &in.Resources, &out.Resources
- *out = make([]ResourceConfiguration, len(*in))
- for i := range *in {
- (*in)[i].DeepCopyInto(&(*out)[i])
- }
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfiguration.
-func (in *EncryptionConfiguration) DeepCopy() *EncryptionConfiguration {
- if in == nil {
- return nil
- }
- out := new(EncryptionConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *EncryptionConfiguration) DeepCopyObject() runtime.Object {
- if c := in.DeepCopy(); c != nil {
- return c
- }
- return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *IdentityConfiguration) DeepCopyInto(out *IdentityConfiguration) {
- *out = *in
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityConfiguration.
-func (in *IdentityConfiguration) DeepCopy() *IdentityConfiguration {
- if in == nil {
- return nil
- }
- out := new(IdentityConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *KMSConfiguration) DeepCopyInto(out *KMSConfiguration) {
- *out = *in
- if in.CacheSize != nil {
- in, out := &in.CacheSize, &out.CacheSize
- *out = new(int32)
- **out = **in
- }
- if in.Timeout != nil {
- in, out := &in.Timeout, &out.Timeout
- *out = new(v1.Duration)
- **out = **in
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KMSConfiguration.
-func (in *KMSConfiguration) DeepCopy() *KMSConfiguration {
- if in == nil {
- return nil
- }
- out := new(KMSConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *Key) DeepCopyInto(out *Key) {
- *out = *in
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
-func (in *Key) DeepCopy() *Key {
- if in == nil {
- return nil
- }
- out := new(Key)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ProviderConfiguration) DeepCopyInto(out *ProviderConfiguration) {
- *out = *in
- if in.AESGCM != nil {
- in, out := &in.AESGCM, &out.AESGCM
- *out = new(AESConfiguration)
- (*in).DeepCopyInto(*out)
- }
- if in.AESCBC != nil {
- in, out := &in.AESCBC, &out.AESCBC
- *out = new(AESConfiguration)
- (*in).DeepCopyInto(*out)
- }
- if in.Secretbox != nil {
- in, out := &in.Secretbox, &out.Secretbox
- *out = new(SecretboxConfiguration)
- (*in).DeepCopyInto(*out)
- }
- if in.Identity != nil {
- in, out := &in.Identity, &out.Identity
- *out = new(IdentityConfiguration)
- **out = **in
- }
- if in.KMS != nil {
- in, out := &in.KMS, &out.KMS
- *out = new(KMSConfiguration)
- (*in).DeepCopyInto(*out)
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfiguration.
-func (in *ProviderConfiguration) DeepCopy() *ProviderConfiguration {
- if in == nil {
- return nil
- }
- out := new(ProviderConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ResourceConfiguration) DeepCopyInto(out *ResourceConfiguration) {
- *out = *in
- if in.Resources != nil {
- in, out := &in.Resources, &out.Resources
- *out = make([]string, len(*in))
- copy(*out, *in)
- }
- if in.Providers != nil {
- in, out := &in.Providers, &out.Providers
- *out = make([]ProviderConfiguration, len(*in))
- for i := range *in {
- (*in)[i].DeepCopyInto(&(*out)[i])
- }
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceConfiguration.
-func (in *ResourceConfiguration) DeepCopy() *ResourceConfiguration {
- if in == nil {
- return nil
- }
- out := new(ResourceConfiguration)
- in.DeepCopyInto(out)
- return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *SecretboxConfiguration) DeepCopyInto(out *SecretboxConfiguration) {
- *out = *in
- if in.Keys != nil {
- in, out := &in.Keys, &out.Keys
- *out = make([]Key, len(*in))
- copy(*out, *in)
- }
- return
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretboxConfiguration.
-func (in *SecretboxConfiguration) DeepCopy() *SecretboxConfiguration {
- if in == nil {
- return nil
- }
- out := new(SecretboxConfiguration)
- in.DeepCopyInto(out)
- return out
-}
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
index c55fe5d2ed..3e29d4e71c 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
+++ b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
@@ -39,6 +39,12 @@ const (
// CredentialIDKey is the key used in a user's "extra" to specify the unique
// identifier for this identity document).
CredentialIDKey = "authentication.kubernetes.io/credential-id"
+ // IssuedCredentialIDAuditAnnotationKey is the annotation key used in the audit event that is persisted to the
+ // '/token' endpoint for service accounts.
+ // This annotation indicates the generated credential identifier for the service account token being issued.
+ // This is useful when tracing back the origin of tokens that have gone on to make request that have persisted
+ // their credential-identifier into the audit log via the user's extra info stored on subsequent audit events.
+ IssuedCredentialIDAuditAnnotationKey = "authentication.kubernetes.io/issued-credential-id"
// PodNameKey is the key used in a user's "extra" to specify the pod name of
// the authenticating request.
PodNameKey = "authentication.kubernetes.io/pod-name"
diff --git a/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go b/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
index 2a826981cf..8261c5b583 100644
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
@@ -153,7 +153,7 @@ const (
DecisionDeny Decision = iota
// DecisionAllow means that an authorizer decided to allow the action.
DecisionAllow
- // DecisionNoOpionion means that an authorizer has no opinion on whether
+ // DecisionNoOpinion means that an authorizer has no opinion on whether
// to allow or deny an action.
DecisionNoOpinion
)
diff --git a/vendor/k8s.io/apiserver/pkg/cel/cidr.go b/vendor/k8s.io/apiserver/pkg/cel/cidr.go
new file mode 100644
index 0000000000..8e97f63cd7
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/cel/cidr.go
@@ -0,0 +1,87 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cel
+
+import (
+ "fmt"
+ "math"
+ "net/netip"
+ "reflect"
+
+ "github.com/google/cel-go/cel"
+ "github.com/google/cel-go/common/types"
+ "github.com/google/cel-go/common/types/ref"
+)
+
+// CIDR provides a CEL representation of an network address.
+type CIDR struct {
+ netip.Prefix
+}
+
+var (
+ CIDRType = cel.OpaqueType("net.CIDR")
+)
+
+// ConvertToNative implements ref.Val.ConvertToNative.
+func (d CIDR) ConvertToNative(typeDesc reflect.Type) (any, error) {
+ if reflect.TypeOf(d.Prefix).AssignableTo(typeDesc) {
+ return d.Prefix, nil
+ }
+ if reflect.TypeOf("").AssignableTo(typeDesc) {
+ return d.Prefix.String(), nil
+ }
+ return nil, fmt.Errorf("type conversion error from 'CIDR' to '%v'", typeDesc)
+}
+
+// ConvertToType implements ref.Val.ConvertToType.
+func (d CIDR) ConvertToType(typeVal ref.Type) ref.Val {
+ switch typeVal {
+ case CIDRType:
+ return d
+ case types.TypeType:
+ return CIDRType
+ case types.StringType:
+ return types.String(d.Prefix.String())
+ }
+ return types.NewErr("type conversion error from '%s' to '%s'", CIDRType, typeVal)
+}
+
+// Equal implements ref.Val.Equal.
+func (d CIDR) Equal(other ref.Val) ref.Val {
+ otherD, ok := other.(CIDR)
+ if !ok {
+ return types.ValOrErr(other, "no such overload")
+ }
+
+ return types.Bool(d.Prefix == otherD.Prefix)
+}
+
+// Type implements ref.Val.Type.
+func (d CIDR) Type() ref.Type {
+ return CIDRType
+}
+
+// Value implements ref.Val.Value.
+func (d CIDR) Value() any {
+ return d.Prefix
+}
+
+// Size returns the size of the CIDR prefix address in bytes.
+// Used in the size estimation of the runtime cost.
+func (d CIDR) Size() ref.Val {
+ return types.Int(int(math.Ceil(float64(d.Prefix.Bits()) / 8)))
+}
diff --git a/vendor/k8s.io/apiserver/pkg/cel/environment/base.go b/vendor/k8s.io/apiserver/pkg/cel/environment/base.go
index 0c1dee82dc..c108bdd644 100644
--- a/vendor/k8s.io/apiserver/pkg/cel/environment/base.go
+++ b/vendor/k8s.io/apiserver/pkg/cel/environment/base.go
@@ -43,7 +43,7 @@ import (
// desirable because it means that CEL expressions are portable across a wider range
// of Kubernetes versions.
func DefaultCompatibilityVersion() *version.Version {
- return version.MajorMinor(1, 28)
+ return version.MajorMinor(1, 29)
}
var baseOpts = []VersionedOptions{
@@ -123,6 +123,13 @@ var baseOpts = []VersionedOptions{
ext.Sets(),
},
},
+ {
+ IntroducedVersion: version.MajorMinor(1, 30),
+ EnvOptions: []cel.EnvOption{
+ library.IP(),
+ library.CIDR(),
+ },
+ },
}
// MustBaseEnvSet returns the common CEL base environments for Kubernetes for Version, or panics
diff --git a/vendor/k8s.io/apiserver/pkg/cel/ip.go b/vendor/k8s.io/apiserver/pkg/cel/ip.go
new file mode 100644
index 0000000000..f91c6cb7a8
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/cel/ip.go
@@ -0,0 +1,86 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cel
+
+import (
+ "fmt"
+ "math"
+ "net/netip"
+ "reflect"
+
+ "github.com/google/cel-go/cel"
+ "github.com/google/cel-go/common/types"
+ "github.com/google/cel-go/common/types/ref"
+)
+
+// IP provides a CEL representation of an IP address.
+type IP struct {
+ netip.Addr
+}
+
+var (
+ IPType = cel.OpaqueType("net.IP")
+)
+
+// ConvertToNative implements ref.Val.ConvertToNative.
+func (d IP) ConvertToNative(typeDesc reflect.Type) (any, error) {
+ if reflect.TypeOf(d.Addr).AssignableTo(typeDesc) {
+ return d.Addr, nil
+ }
+ if reflect.TypeOf("").AssignableTo(typeDesc) {
+ return d.Addr.String(), nil
+ }
+ return nil, fmt.Errorf("type conversion error from 'IP' to '%v'", typeDesc)
+}
+
+// ConvertToType implements ref.Val.ConvertToType.
+func (d IP) ConvertToType(typeVal ref.Type) ref.Val {
+ switch typeVal {
+ case IPType:
+ return d
+ case types.TypeType:
+ return IPType
+ case types.StringType:
+ return types.String(d.Addr.String())
+ }
+ return types.NewErr("type conversion error from '%s' to '%s'", IPType, typeVal)
+}
+
+// Equal implements ref.Val.Equal.
+func (d IP) Equal(other ref.Val) ref.Val {
+ otherD, ok := other.(IP)
+ if !ok {
+ return types.ValOrErr(other, "no such overload")
+ }
+ return types.Bool(d.Addr == otherD.Addr)
+}
+
+// Type implements ref.Val.Type.
+func (d IP) Type() ref.Type {
+ return IPType
+}
+
+// Value implements ref.Val.Value.
+func (d IP) Value() any {
+ return d.Addr
+}
+
+// Size returns the size of the IP address in bytes.
+// Used in the size estimation of the runtime cost.
+func (d IP) Size() ref.Val {
+ return types.Int(int(math.Ceil(float64(d.Addr.BitLen()) / 8)))
+}
diff --git a/vendor/k8s.io/apiserver/pkg/cel/library/cidr.go b/vendor/k8s.io/apiserver/pkg/cel/library/cidr.go
new file mode 100644
index 0000000000..c4259daed9
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/cel/library/cidr.go
@@ -0,0 +1,287 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package library
+
+import (
+ "fmt"
+ "net/netip"
+
+ "github.com/google/cel-go/cel"
+ "github.com/google/cel-go/common/types"
+ "github.com/google/cel-go/common/types/ref"
+
+ apiservercel "k8s.io/apiserver/pkg/cel"
+)
+
+// CIDR provides a CEL function library extension of CIDR notation parsing functions.
+//
+// cidr
+//
+// Converts a string in CIDR notation to a network address representation or results in an error if the string is not a valid CIDR notation.
+// The CIDR must be an IPv4 or IPv6 subnet address with a mask.
+// Leading zeros in IPv4 address octets are not allowed.
+// IPv4-mapped IPv6 addresses (e.g. ::ffff:1.2.3.4/24) are not allowed.
+//
+// cidr()
+//
+// Examples:
+//
+// cidr('192.168.0.0/16') // returns an IPv4 address with a CIDR mask
+// cidr('::1/128') // returns an IPv6 address with a CIDR mask
+// cidr('192.168.0.0/33') // error
+// cidr('::1/129') // error
+// cidr('192.168.0.1/16') // error, because there are non-0 bits after the prefix
+//
+// isCIDR
+//
+// Returns true if a string is a valid CIDR notation respresentation of a subnet with mask.
+// The CIDR must be an IPv4 or IPv6 subnet address with a mask.
+// Leading zeros in IPv4 address octets are not allowed.
+// IPv4-mapped IPv6 addresses (e.g. ::ffff:1.2.3.4/24) are not allowed.
+//
+// isCIDR()
+//
+// Examples:
+//
+// isCIDR('192.168.0.0/16') // returns true
+// isCIDR('::1/128') // returns true
+// isCIDR('192.168.0.0/33') // returns false
+// isCIDR('::1/129') // returns false
+//
+// containsIP / containerCIDR / ip / masked / prefixLength
+//
+// - containsIP: Returns true if a the CIDR contains the given IP address.
+// The IP address must be an IPv4 or IPv6 address.
+// May take either a string or IP address as an argument.
+//
+// - containsCIDR: Returns true if a the CIDR contains the given CIDR.
+// The CIDR must be an IPv4 or IPv6 subnet address with a mask.
+// May take either a string or CIDR as an argument.
+//
+// - ip: Returns the IP address representation of the CIDR.
+//
+// - masked: Returns the CIDR representation of the network address with a masked prefix.
+// This can be used to return the canonical form of the CIDR network.
+//
+// - prefixLength: Returns the prefix length of the CIDR in bits.
+// This is the number of bits in the mask.
+//
+// Examples:
+//
+// cidr('192.168.0.0/24').containsIP(ip('192.168.0.1')) // returns true
+// cidr('192.168.0.0/24').containsIP(ip('192.168.1.1')) // returns false
+// cidr('192.168.0.0/24').containsIP('192.168.0.1') // returns true
+// cidr('192.168.0.0/24').containsIP('192.168.1.1') // returns false
+// cidr('192.168.0.0/16').containsCIDR(cidr('192.168.10.0/24')) // returns true
+// cidr('192.168.1.0/24').containsCIDR(cidr('192.168.2.0/24')) // returns false
+// cidr('192.168.0.0/16').containsCIDR('192.168.10.0/24') // returns true
+// cidr('192.168.1.0/24').containsCIDR('192.168.2.0/24') // returns false
+// cidr('192.168.0.1/24').ip() // returns ipAddr('192.168.0.1')
+// cidr('192.168.0.1/24').ip().family() // returns '4'
+// cidr('::1/128').ip() // returns ipAddr('::1')
+// cidr('::1/128').ip().family() // returns '6'
+// cidr('192.168.0.0/24').masked() // returns cidr('192.168.0.0/24')
+// cidr('192.168.0.1/24').masked() // returns cidr('192.168.0.0/24')
+// cidr('192.168.0.0/24') == cidr('192.168.0.0/24').masked() // returns true, CIDR was already in canonical format
+// cidr('192.168.0.1/24') == cidr('192.168.0.1/24').masked() // returns false, CIDR was not in canonical format
+// cidr('192.168.0.0/16').prefixLength() // returns 16
+// cidr('::1/128').prefixLength() // returns 128
+func CIDR() cel.EnvOption {
+ return cel.Lib(cidrsLib)
+}
+
+var cidrsLib = &cidrs{}
+
+type cidrs struct{}
+
+func (*cidrs) LibraryName() string {
+ return "net.cidr"
+}
+
+var cidrLibraryDecls = map[string][]cel.FunctionOpt{
+ "cidr": {
+ cel.Overload("string_to_cidr", []*cel.Type{cel.StringType}, apiservercel.CIDRType,
+ cel.UnaryBinding(stringToCIDR)),
+ },
+ "containsIP": {
+ cel.MemberOverload("cidr_contains_ip_string", []*cel.Type{apiservercel.CIDRType, cel.StringType}, cel.BoolType,
+ cel.BinaryBinding(cidrContainsIPString)),
+ cel.MemberOverload("cidr_contains_ip_ip", []*cel.Type{apiservercel.CIDRType, apiservercel.IPType}, cel.BoolType,
+ cel.BinaryBinding(cidrContainsIP)),
+ },
+ "containsCIDR": {
+ cel.MemberOverload("cidr_contains_cidr_string", []*cel.Type{apiservercel.CIDRType, cel.StringType}, cel.BoolType,
+ cel.BinaryBinding(cidrContainsCIDRString)),
+ cel.MemberOverload("cidr_contains_cidr", []*cel.Type{apiservercel.CIDRType, apiservercel.CIDRType}, cel.BoolType,
+ cel.BinaryBinding(cidrContainsCIDR)),
+ },
+ "ip": {
+ cel.MemberOverload("cidr_ip", []*cel.Type{apiservercel.CIDRType}, apiservercel.IPType,
+ cel.UnaryBinding(cidrToIP)),
+ },
+ "prefixLength": {
+ cel.MemberOverload("cidr_prefix_length", []*cel.Type{apiservercel.CIDRType}, cel.IntType,
+ cel.UnaryBinding(prefixLength)),
+ },
+ "masked": {
+ cel.MemberOverload("cidr_masked", []*cel.Type{apiservercel.CIDRType}, apiservercel.CIDRType,
+ cel.UnaryBinding(masked)),
+ },
+ "isCIDR": {
+ cel.Overload("is_cidr", []*cel.Type{cel.StringType}, cel.BoolType,
+ cel.UnaryBinding(isCIDR)),
+ },
+ "string": {
+ cel.Overload("cidr_to_string", []*cel.Type{apiservercel.CIDRType}, cel.StringType,
+ cel.UnaryBinding(cidrToString)),
+ },
+}
+
+func (*cidrs) CompileOptions() []cel.EnvOption {
+ options := []cel.EnvOption{cel.Types(apiservercel.CIDRType),
+ cel.Variable(apiservercel.CIDRType.TypeName(), types.NewTypeTypeWithParam(apiservercel.CIDRType)),
+ }
+ for name, overloads := range cidrLibraryDecls {
+ options = append(options, cel.Function(name, overloads...))
+ }
+ return options
+}
+
+func (*cidrs) ProgramOptions() []cel.ProgramOption {
+ return []cel.ProgramOption{}
+}
+
+func stringToCIDR(arg ref.Val) ref.Val {
+ s, ok := arg.Value().(string)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ net, err := parseCIDR(s)
+ if err != nil {
+ return types.NewErr("network address parse error during conversion from string: %v", err)
+ }
+
+ return apiservercel.CIDR{
+ Prefix: net,
+ }
+}
+
+func cidrToString(arg ref.Val) ref.Val {
+ cidr, ok := arg.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.String(cidr.Prefix.String())
+}
+
+func cidrContainsIPString(arg ref.Val, other ref.Val) ref.Val {
+ return cidrContainsIP(arg, stringToIP(other))
+}
+
+func cidrContainsCIDRString(arg ref.Val, other ref.Val) ref.Val {
+ return cidrContainsCIDR(arg, stringToCIDR(other))
+}
+
+func cidrContainsIP(arg ref.Val, other ref.Val) ref.Val {
+ cidr, ok := arg.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(other)
+ }
+
+ ip, ok := other.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Bool(cidr.Contains(ip.Addr))
+}
+
+func cidrContainsCIDR(arg ref.Val, other ref.Val) ref.Val {
+ cidr, ok := arg.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ containsCIDR, ok := other.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(other)
+ }
+
+ equalMasked := cidr.Prefix.Masked() == netip.PrefixFrom(containsCIDR.Prefix.Addr(), cidr.Prefix.Bits())
+ return types.Bool(equalMasked && cidr.Prefix.Bits() <= containsCIDR.Prefix.Bits())
+}
+
+func prefixLength(arg ref.Val) ref.Val {
+ cidr, ok := arg.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Int(cidr.Prefix.Bits())
+}
+
+func isCIDR(arg ref.Val) ref.Val {
+ s, ok := arg.Value().(string)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ _, err := parseCIDR(s)
+ return types.Bool(err == nil)
+}
+
+func cidrToIP(arg ref.Val) ref.Val {
+ cidr, ok := arg.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return apiservercel.IP{
+ Addr: cidr.Prefix.Addr(),
+ }
+}
+
+func masked(arg ref.Val) ref.Val {
+ cidr, ok := arg.(apiservercel.CIDR)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ maskedCIDR := cidr.Prefix.Masked()
+ return apiservercel.CIDR{
+ Prefix: maskedCIDR,
+ }
+}
+
+// parseCIDR parses a string into an CIDR.
+// We use this function to parse CIDR notation in the CEL library
+// so that we can share the common logic of rejecting strings
+// that IPv4-mapped IPv6 addresses or contain non-zero bits after the mask.
+func parseCIDR(raw string) (netip.Prefix, error) {
+ net, err := netip.ParsePrefix(raw)
+ if err != nil {
+ return netip.Prefix{}, fmt.Errorf("network address parse error during conversion from string: %v", err)
+ }
+
+ if net.Addr().Is4In6() {
+ return netip.Prefix{}, fmt.Errorf("IPv4-mapped IPv6 address %q is not allowed", raw)
+ }
+
+ return net, nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/cel/library/cost.go b/vendor/k8s.io/apiserver/pkg/cel/library/cost.go
index d18c138ec8..e3bde017be 100644
--- a/vendor/k8s.io/apiserver/pkg/cel/library/cost.go
+++ b/vendor/k8s.io/apiserver/pkg/cel/library/cost.go
@@ -79,6 +79,82 @@ func (l *CostEstimator) CallCost(function, overloadId string, args []ref.Val, re
cost := strCost * regexCost
return &cost
}
+ case "cidr", "isIP", "isCIDR":
+ // IP and CIDR parsing is a string traversal.
+ if len(args) >= 1 {
+ cost := uint64(math.Ceil(float64(actualSize(args[0])) * common.StringTraversalCostFactor))
+ return &cost
+ }
+ case "ip":
+ // IP and CIDR parsing is a string traversal.
+ if len(args) >= 1 {
+ if overloadId == "cidr_ip" {
+ // The IP member of the CIDR object is just accessing a field.
+ // Nominal cost.
+ cost := uint64(1)
+ return &cost
+ }
+
+ cost := uint64(math.Ceil(float64(actualSize(args[0])) * common.StringTraversalCostFactor))
+ return &cost
+ }
+ case "ip.isCanonical":
+ if len(args) >= 1 {
+ // We have to parse the string and then compare the parsed string to the original string.
+ // So we double the cost of parsing the string.
+ cost := uint64(math.Ceil(float64(actualSize(args[0])) * 2 * common.StringTraversalCostFactor))
+ return &cost
+ }
+ case "masked", "prefixLength", "family", "isUnspecified", "isLoopback", "isLinkLocalMulticast", "isLinkLocalUnicast":
+ // IP and CIDR accessors are nominal cost.
+ cost := uint64(1)
+ return &cost
+ case "containsIP":
+ if len(args) >= 2 {
+ cidrSize := actualSize(args[0])
+ otherSize := actualSize(args[1])
+
+ // This is the base cost of comparing two byte lists.
+ // We will compare only up to the length of the CIDR prefix in bytes, so use the cidrSize twice.
+ cost := uint64(math.Ceil(float64(cidrSize+cidrSize) * common.StringTraversalCostFactor))
+
+ if overloadId == "cidr_contains_ip_string" {
+ // If we are comparing a string, we must parse the string to into the right type, so add the cost of traversing the string again.
+ cost += uint64(math.Ceil(float64(otherSize) * common.StringTraversalCostFactor))
+
+ }
+
+ return &cost
+ }
+ case "containsCIDR":
+ if len(args) >= 2 {
+ cidrSize := actualSize(args[0])
+ otherSize := actualSize(args[1])
+
+ // This is the base cost of comparing two byte lists.
+ // We will compare only up to the length of the CIDR prefix in bytes, so use the cidrSize twice.
+ cost := uint64(math.Ceil(float64(cidrSize+cidrSize) * common.StringTraversalCostFactor))
+
+ // As we are comparing if a CIDR is within another CIDR, we first mask the base CIDR and
+ // also compare the CIDR bits.
+ // This has an additional cost of the length of the IP being traversed again, plus 1.
+ cost += uint64(math.Ceil(float64(cidrSize)*common.StringTraversalCostFactor)) + 1
+
+ if overloadId == "cidr_contains_cidr_string" {
+ // If we are comparing a string, we must parse the string to into the right type, so add the cost of traversing the string again.
+ cost += uint64(math.Ceil(float64(otherSize) * common.StringTraversalCostFactor))
+ }
+
+ return &cost
+ }
+ case "quantity", "isQuantity":
+ if len(args) >= 1 {
+ cost := uint64(math.Ceil(float64(actualSize(args[0])) * common.StringTraversalCostFactor))
+ return &cost
+ }
+ case "sign", "asInteger", "isInteger", "asApproximateFloat", "isGreaterThan", "isLessThan", "compareTo", "add", "sub":
+ cost := uint64(1)
+ return &cost
}
return nil
}
@@ -225,6 +301,80 @@ func (l *CostEstimator) EstimateCallCost(function, overloadId string, target *ch
// worst case size of result is that every char is returned as separate find result.
return &checker.CallEstimate{CostEstimate: strCost.Multiply(regexCost), ResultSize: &checker.SizeEstimate{Min: 0, Max: sz.Max}}
}
+ case "cidr", "isIP", "isCIDR":
+ if target != nil {
+ sz := l.sizeEstimate(args[0])
+ return &checker.CallEstimate{CostEstimate: sz.MultiplyByCostFactor(common.StringTraversalCostFactor)}
+ }
+ case "ip":
+ if target != nil && len(args) >= 1 {
+ if overloadId == "cidr_ip" {
+ // The IP member of the CIDR object is just accessing a field.
+ // Nominal cost.
+ return &checker.CallEstimate{CostEstimate: checker.CostEstimate{Min: 1, Max: 1}}
+ }
+
+ sz := l.sizeEstimate(args[0])
+ return &checker.CallEstimate{CostEstimate: sz.MultiplyByCostFactor(common.StringTraversalCostFactor)}
+ } else if target != nil {
+ // The IP member of a CIDR is a just accessing a field, nominal cost.
+ return &checker.CallEstimate{CostEstimate: checker.CostEstimate{Min: 1, Max: 1}}
+ }
+ case "ip.isCanonical":
+ if target != nil && len(args) >= 1 {
+ sz := l.sizeEstimate(args[0])
+ // We have to parse the string and then compare the parsed string to the original string.
+ // So we double the cost of parsing the string.
+ return &checker.CallEstimate{CostEstimate: sz.MultiplyByCostFactor(2 * common.StringTraversalCostFactor)}
+ }
+ case "masked", "prefixLength", "family", "isUnspecified", "isLoopback", "isLinkLocalMulticast", "isLinkLocalUnicast":
+ // IP and CIDR accessors are nominal cost.
+ return &checker.CallEstimate{CostEstimate: checker.CostEstimate{Min: 1, Max: 1}}
+ case "containsIP":
+ if target != nil && len(args) >= 1 {
+ // The base cost of the function is the cost of comparing two byte lists.
+ // The byte lists will be either ipv4 or ipv6 so will have a length of 4, or 16 bytes.
+ sz := checker.SizeEstimate{Min: 4, Max: 16}
+
+ // We have to compare the two strings to determine if the CIDR/IP is in the other CIDR.
+ ipCompCost := sz.Add(sz).MultiplyByCostFactor(common.StringTraversalCostFactor)
+
+ if overloadId == "cidr_contains_ip_string" {
+ // If we are comparing a string, we must parse the string to into the right type, so add the cost of traversing the string again.
+ ipCompCost = ipCompCost.Add(checker.CostEstimate(l.sizeEstimate(args[0])).MultiplyByCostFactor(common.StringTraversalCostFactor))
+ }
+
+ return &checker.CallEstimate{CostEstimate: ipCompCost}
+ }
+ case "containsCIDR":
+ if target != nil && len(args) >= 1 {
+ // The base cost of the function is the cost of comparing two byte lists.
+ // The byte lists will be either ipv4 or ipv6 so will have a length of 4, or 16 bytes.
+ sz := checker.SizeEstimate{Min: 4, Max: 16}
+
+ // We have to compare the two strings to determine if the CIDR/IP is in the other CIDR.
+ ipCompCost := sz.Add(sz).MultiplyByCostFactor(common.StringTraversalCostFactor)
+
+ // As we are comparing if a CIDR is within another CIDR, we first mask the base CIDR and
+ // also compare the CIDR bits.
+ // This has an additional cost of the length of the IP being traversed again, plus 1.
+ ipCompCost = ipCompCost.Add(sz.MultiplyByCostFactor(common.StringTraversalCostFactor))
+ ipCompCost = ipCompCost.Add(checker.CostEstimate{Min: 1, Max: 1})
+
+ if overloadId == "cidr_contains_cidr_string" {
+ // If we are comparing a string, we must parse the string to into the right type, so add the cost of traversing the string again.
+ ipCompCost = ipCompCost.Add(checker.CostEstimate(l.sizeEstimate(args[0])).MultiplyByCostFactor(common.StringTraversalCostFactor))
+ }
+
+ return &checker.CallEstimate{CostEstimate: ipCompCost}
+ }
+ case "quantity", "isQuantity":
+ if target != nil {
+ sz := l.sizeEstimate(args[0])
+ return &checker.CallEstimate{CostEstimate: sz.MultiplyByCostFactor(common.StringTraversalCostFactor)}
+ }
+ case "sign", "asInteger", "isInteger", "asApproximateFloat", "isGreaterThan", "isLessThan", "compareTo", "add", "sub":
+ return &checker.CallEstimate{CostEstimate: checker.CostEstimate{Min: 1, Max: 1}}
}
return nil
}
diff --git a/vendor/k8s.io/apiserver/pkg/cel/library/ip.go b/vendor/k8s.io/apiserver/pkg/cel/library/ip.go
new file mode 100644
index 0000000000..cdfeb1daf2
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/cel/library/ip.go
@@ -0,0 +1,329 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package library
+
+import (
+ "fmt"
+ "net/netip"
+
+ "github.com/google/cel-go/cel"
+ "github.com/google/cel-go/common/types"
+ "github.com/google/cel-go/common/types/ref"
+
+ apiservercel "k8s.io/apiserver/pkg/cel"
+)
+
+// IP provides a CEL function library extension of IP address parsing functions.
+//
+// ip
+//
+// Converts a string to an IP address or results in an error if the string is not a valid IP address.
+// The IP address must be an IPv4 or IPv6 address.
+// IPv4-mapped IPv6 addresses (e.g. ::ffff:1.2.3.4) are not allowed.
+// IP addresses with zones (e.g. fe80::1%eth0) are not allowed.
+// Leading zeros in IPv4 address octets are not allowed.
+//
+// ip()
+//
+// Examples:
+//
+// ip('127.0.0.1') // returns an IPv4 address
+// ip('::1') // returns an IPv6 address
+// ip('127.0.0.256') // error
+// ip(':::1') // error
+//
+// isIP
+//
+// Returns true if a string is a valid IP address.
+// The IP address must be an IPv4 or IPv6 address.
+// IPv4-mapped IPv6 addresses (e.g. ::ffff:1.2.3.4) are not allowed.
+// IP addresses with zones (e.g. fe80::1%eth0) are not allowed.
+// Leading zeros in IPv4 address octets are not allowed.
+//
+// isIP()
+//
+// Examples:
+//
+// isIP('127.0.0.1') // returns true
+// isIP('::1') // returns true
+// isIP('127.0.0.256') // returns false
+// isIP(':::1') // returns false
+//
+// ip.isCanonical
+//
+// Returns true if the IP address is in its canonical form.
+// There is exactly one canonical form for every IP address, so fields containing
+// IPs in canonical form can just be treated as strings when checking for equality or uniqueness.
+//
+// ip.isCanonical()
+//
+// Examples:
+//
+// ip.isCanonical('127.0.0.1') // returns true; all valid IPv4 addresses are canonical
+// ip.isCanonical('2001:db8::abcd') // returns true
+// ip.isCanonical('2001:DB8::ABCD') // returns false
+// ip.isCanonical('2001:db8::0:0:0:abcd') // returns false
+//
+// family / isUnspecified / isLoopback / isLinkLocalMulticast / isLinkLocalUnicast / isGlobalUnicast
+//
+// - family: returns the IP addresses' family (IPv4 or IPv6) as an integer, either '4' or '6'.
+//
+// - isUnspecified: returns true if the IP address is the unspecified address.
+// Either the IPv4 address "0.0.0.0" or the IPv6 address "::".
+//
+// - isLoopback: returns true if the IP address is the loopback address.
+// Either an IPv4 address with a value of 127.x.x.x or an IPv6 address with a value of ::1.
+//
+// - isLinkLocalMulticast: returns true if the IP address is a link-local multicast address.
+// Either an IPv4 address with a value of 224.0.0.x or an IPv6 address in the network ff00::/8.
+//
+// - isLinkLocalUnicast: returns true if the IP address is a link-local unicast address.
+// Either an IPv4 address with a value of 169.254.x.x or an IPv6 address in the network fe80::/10.
+//
+// - isGlobalUnicast: returns true if the IP address is a global unicast address.
+// Either an IPv4 address that is not zero or 255.255.255.255 or an IPv6 address that is not a link-local unicast, loopback or multicast address.
+//
+// Examples:
+//
+// ip('127.0.0.1').family() // returns '4”
+// ip('::1').family() // returns '6'
+// ip('127.0.0.1').family() == 4 // returns true
+// ip('::1').family() == 6 // returns true
+// ip('0.0.0.0').isUnspecified() // returns true
+// ip('127.0.0.1').isUnspecified() // returns false
+// ip('::').isUnspecified() // returns true
+// ip('::1').isUnspecified() // returns false
+// ip('127.0.0.1').isLoopback() // returns true
+// ip('192.168.0.1').isLoopback() // returns false
+// ip('::1').isLoopback() // returns true
+// ip('2001:db8::abcd').isLoopback() // returns false
+// ip('224.0.0.1').isLinkLocalMulticast() // returns true
+// ip('224.0.1.1').isLinkLocalMulticast() // returns false
+// ip('ff02::1').isLinkLocalMulticast() // returns true
+// ip('fd00::1').isLinkLocalMulticast() // returns false
+// ip('169.254.169.254').isLinkLocalUnicast() // returns true
+// ip('192.168.0.1').isLinkLocalUnicast() // returns false
+// ip('fe80::1').isLinkLocalUnicast() // returns true
+// ip('fd80::1').isLinkLocalUnicast() // returns false
+// ip('192.168.0.1').isGlobalUnicast() // returns true
+// ip('255.255.255.255').isGlobalUnicast() // returns false
+// ip('2001:db8::abcd').isGlobalUnicast() // returns true
+// ip('ff00::1').isGlobalUnicast() // returns false
+func IP() cel.EnvOption {
+ return cel.Lib(ipLib)
+}
+
+var ipLib = &ip{}
+
+type ip struct{}
+
+func (*ip) LibraryName() string {
+ return "net.ip"
+}
+
+var ipLibraryDecls = map[string][]cel.FunctionOpt{
+ "ip": {
+ cel.Overload("string_to_ip", []*cel.Type{cel.StringType}, apiservercel.IPType,
+ cel.UnaryBinding(stringToIP)),
+ },
+ "family": {
+ cel.MemberOverload("ip_family", []*cel.Type{apiservercel.IPType}, cel.IntType,
+ cel.UnaryBinding(family)),
+ },
+ "ip.isCanonical": {
+ cel.Overload("ip_is_canonical", []*cel.Type{cel.StringType}, cel.BoolType,
+ cel.UnaryBinding(ipIsCanonical)),
+ },
+ "isUnspecified": {
+ cel.MemberOverload("ip_is_unspecified", []*cel.Type{apiservercel.IPType}, cel.BoolType,
+ cel.UnaryBinding(isUnspecified)),
+ },
+ "isLoopback": {
+ cel.MemberOverload("ip_is_loopback", []*cel.Type{apiservercel.IPType}, cel.BoolType,
+ cel.UnaryBinding(isLoopback)),
+ },
+ "isLinkLocalMulticast": {
+ cel.MemberOverload("ip_is_link_local_multicast", []*cel.Type{apiservercel.IPType}, cel.BoolType,
+ cel.UnaryBinding(isLinkLocalMulticast)),
+ },
+ "isLinkLocalUnicast": {
+ cel.MemberOverload("ip_is_link_local_unicast", []*cel.Type{apiservercel.IPType}, cel.BoolType,
+ cel.UnaryBinding(isLinkLocalUnicast)),
+ },
+ "isGlobalUnicast": {
+ cel.MemberOverload("ip_is_global_unicast", []*cel.Type{apiservercel.IPType}, cel.BoolType,
+ cel.UnaryBinding(isGlobalUnicast)),
+ },
+ "isIP": {
+ cel.Overload("is_ip", []*cel.Type{cel.StringType}, cel.BoolType,
+ cel.UnaryBinding(isIP)),
+ },
+ "string": {
+ cel.Overload("ip_to_string", []*cel.Type{apiservercel.IPType}, cel.StringType,
+ cel.UnaryBinding(ipToString)),
+ },
+}
+
+func (*ip) CompileOptions() []cel.EnvOption {
+ options := []cel.EnvOption{cel.Types(apiservercel.IPType),
+ cel.Variable(apiservercel.IPType.TypeName(), types.NewTypeTypeWithParam(apiservercel.IPType)),
+ }
+ for name, overloads := range ipLibraryDecls {
+ options = append(options, cel.Function(name, overloads...))
+ }
+ return options
+}
+
+func (*ip) ProgramOptions() []cel.ProgramOption {
+ return []cel.ProgramOption{}
+}
+
+func stringToIP(arg ref.Val) ref.Val {
+ s, ok := arg.Value().(string)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ addr, err := parseIPAddr(s)
+ if err != nil {
+ // Don't add context, we control the error message already.
+ return types.NewErr("%v", err)
+ }
+
+ return apiservercel.IP{
+ Addr: addr,
+ }
+}
+
+func ipToString(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.String(ip.Addr.String())
+}
+
+func family(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ switch {
+ case ip.Addr.Is4():
+ return types.Int(4)
+ case ip.Addr.Is6():
+ return types.Int(6)
+ default:
+ return types.NewErr("IP address %q is not an IPv4 or IPv6 address", ip.Addr.String())
+ }
+}
+
+func ipIsCanonical(arg ref.Val) ref.Val {
+ s, ok := arg.Value().(string)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ addr, err := parseIPAddr(s)
+ if err != nil {
+ // Don't add context, we control the error message already.
+ return types.NewErr("%v", err)
+ }
+
+ // Addr.String() always returns the canonical form of the IP address.
+ // Therefore comparing this with the original string representation
+ // will tell us if the IP address is in its canonical form.
+ return types.Bool(addr.String() == s)
+}
+
+func isIP(arg ref.Val) ref.Val {
+ s, ok := arg.Value().(string)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ _, err := parseIPAddr(s)
+ return types.Bool(err == nil)
+}
+
+func isUnspecified(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Bool(ip.Addr.IsUnspecified())
+}
+
+func isLoopback(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Bool(ip.Addr.IsLoopback())
+}
+
+func isLinkLocalMulticast(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Bool(ip.Addr.IsLinkLocalMulticast())
+}
+
+func isLinkLocalUnicast(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Bool(ip.Addr.IsLinkLocalUnicast())
+}
+
+func isGlobalUnicast(arg ref.Val) ref.Val {
+ ip, ok := arg.(apiservercel.IP)
+ if !ok {
+ return types.MaybeNoSuchOverloadErr(arg)
+ }
+
+ return types.Bool(ip.Addr.IsGlobalUnicast())
+}
+
+// parseIPAddr parses a string into an IP address.
+// We use this function to parse IP addresses in the CEL library
+// so that we can share the common logic of rejecting IP addresses
+// that contain zones or are IPv4-mapped IPv6 addresses.
+func parseIPAddr(raw string) (netip.Addr, error) {
+ addr, err := netip.ParseAddr(raw)
+ if err != nil {
+ return netip.Addr{}, fmt.Errorf("IP Address %q parse error during conversion from string: %v", raw, err)
+ }
+
+ if addr.Zone() != "" {
+ return netip.Addr{}, fmt.Errorf("IP address %q with zone value is not allowed", raw)
+ }
+
+ if addr.Is4In6() {
+ return netip.Addr{}, fmt.Errorf("IPv4-mapped IPv6 address %q is not allowed", raw)
+ }
+
+ return addr, nil
+}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/request_deadline.go b/vendor/k8s.io/apiserver/pkg/endpoints/filters/request_deadline.go
index 51425bb8ac..7497bc38a4 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/request_deadline.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/request_deadline.go
@@ -58,7 +58,7 @@ func withRequestDeadline(handler http.Handler, sink audit.Sink, policy audit.Pol
requestInfo, ok := request.RequestInfoFrom(ctx)
if !ok {
- handleError(w, req, http.StatusInternalServerError, fmt.Errorf("no RequestInfo found in context, handler chain must be wrong"))
+ handleError(w, req, http.StatusInternalServerError, nil, "no RequestInfo found in context, handler chain must be wrong")
return
}
if longRunning(req, requestInfo) {
@@ -166,8 +166,12 @@ func parseTimeout(req *http.Request) (time.Duration, bool, error) {
return timeout, true, nil
}
-func handleError(w http.ResponseWriter, r *http.Request, code int, err error) {
- errorMsg := fmt.Sprintf("Error - %s: %#v", err.Error(), r.RequestURI)
- http.Error(w, errorMsg, code)
- klog.Errorf(errorMsg)
+// handleError does the following:
+// a) it writes the specified error code, and msg to the ResponseWriter
+// object, it does not print the given innerErr into the ResponseWriter object.
+// b) additionally, it prints the given msg, and innerErr to the log with other
+// request scoped data that helps identify the given request.
+func handleError(w http.ResponseWriter, r *http.Request, code int, innerErr error, msg string) {
+ http.Error(w, msg, code)
+ klog.ErrorSDepth(1, innerErr, msg, "method", r.Method, "URI", r.RequestURI, "auditID", audit.GetAuditIDTruncated(r.Context()))
}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/filters/webhook_duration.go b/vendor/k8s.io/apiserver/pkg/endpoints/filters/webhook_duration.go
index 8ac47422a4..e1c89da78d 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/filters/webhook_duration.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/filters/webhook_duration.go
@@ -18,7 +18,6 @@ package filters
import (
"context"
- "fmt"
"net/http"
"time"
@@ -39,7 +38,7 @@ func WithLatencyTrackers(handler http.Handler) http.Handler {
ctx := req.Context()
requestInfo, ok := request.RequestInfoFrom(ctx)
if !ok {
- handleError(w, req, http.StatusInternalServerError, fmt.Errorf("no RequestInfo found in context, handler chain must be wrong"))
+ handleError(w, req, http.StatusInternalServerError, nil, "no RequestInfo found in context, handler chain must be wrong")
return
}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/get.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/get.go
index d3b501cf52..d928deed09 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/get.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/get.go
@@ -41,6 +41,7 @@ import (
"k8s.io/apiserver/pkg/endpoints/request"
"k8s.io/apiserver/pkg/features"
"k8s.io/apiserver/pkg/registry/rest"
+ genericfilters "k8s.io/apiserver/pkg/server/filters"
utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/component-base/tracing"
"k8s.io/klog/v2"
@@ -259,16 +260,37 @@ func ListResource(r rest.Lister, rw rest.Watcher, scope *RequestScope, forceWatc
}
klog.V(3).InfoS("Starting watch", "path", req.URL.Path, "resourceVersion", opts.ResourceVersion, "labels", opts.LabelSelector, "fields", opts.FieldSelector, "timeout", timeout)
ctx, cancel := context.WithTimeout(ctx, timeout)
- defer cancel()
+ defer func() { cancel() }()
watcher, err := rw.Watch(ctx, &opts)
if err != nil {
scope.err(err, w, req)
return
}
- requestInfo, _ := request.RequestInfoFrom(ctx)
- metrics.RecordLongRunning(req, requestInfo, metrics.APIServerComponent, func() {
- serveWatch(watcher, scope, outputMediaType, req, w, timeout, metrics.CleanListScope(ctx, &opts))
- })
+ handler, err := serveWatchHandler(watcher, scope, outputMediaType, req, w, timeout, metrics.CleanListScope(ctx, &opts))
+ if err != nil {
+ scope.err(err, w, req)
+ return
+ }
+ // Invalidate cancel() to defer until serve() is complete.
+ deferredCancel := cancel
+ cancel = func() {}
+
+ serve := func() {
+ defer deferredCancel()
+ requestInfo, _ := request.RequestInfoFrom(ctx)
+ metrics.RecordLongRunning(req, requestInfo, metrics.APIServerComponent, func() {
+ defer watcher.Stop()
+ handler.ServeHTTP(w, req)
+ })
+ }
+
+ // Run watch serving in a separate goroutine to allow freeing current stack memory
+ t := genericfilters.TaskFrom(req.Context())
+ if t != nil {
+ t.Func = serve
+ } else {
+ serve()
+ }
return
}
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/watch.go b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/watch.go
index 6e86b79be5..6a9257d10e 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/handlers/watch.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/handlers/watch.go
@@ -17,8 +17,9 @@ limitations under the License.
package handlers
import (
- "bytes"
+ "context"
"fmt"
+ "io"
"net/http"
"time"
@@ -61,30 +62,25 @@ func (w *realTimeoutFactory) TimeoutCh() (<-chan time.Time, func() bool) {
return t.C, t.Stop
}
-// serveWatch will serve a watch response.
+// serveWatchHandler returns a handle to serve a watch response.
// TODO: the functionality in this method and in WatchServer.Serve is not cleanly decoupled.
-func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions negotiation.MediaTypeOptions, req *http.Request, w http.ResponseWriter, timeout time.Duration, metricsScope string) {
- defer watcher.Stop()
-
+func serveWatchHandler(watcher watch.Interface, scope *RequestScope, mediaTypeOptions negotiation.MediaTypeOptions, req *http.Request, w http.ResponseWriter, timeout time.Duration, metricsScope string) (http.Handler, error) {
options, err := optionsForTransform(mediaTypeOptions, req)
if err != nil {
- scope.err(err, w, req)
- return
+ return nil, err
}
// negotiate for the stream serializer from the scope's serializer
serializer, err := negotiation.NegotiateOutputMediaTypeStream(req, scope.Serializer, scope)
if err != nil {
- scope.err(err, w, req)
- return
+ return nil, err
}
framer := serializer.StreamSerializer.Framer
streamSerializer := serializer.StreamSerializer.Serializer
encoder := scope.Serializer.EncoderForVersion(streamSerializer, scope.Kind.GroupVersion())
useTextFraming := serializer.EncodesAsText
if framer == nil {
- scope.err(fmt.Errorf("no framer defined for %q available for embedded encoding", serializer.MediaType), w, req)
- return
+ return nil, fmt.Errorf("no framer defined for %q available for embedded encoding", serializer.MediaType)
}
// TODO: next step, get back mediaTypeOptions from negotiate and return the exact value here
mediaType := serializer.MediaType
@@ -100,8 +96,7 @@ func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions n
if transform {
info, ok := runtime.SerializerInfoForMediaType(contentSerializer.SupportedMediaTypes(), serializer.MediaType)
if !ok {
- scope.err(fmt.Errorf("no encoder for %q exists in the requested target %#v", serializer.MediaType, contentSerializer), w, req)
- return
+ return nil, fmt.Errorf("no encoder for %q exists in the requested target %#v", serializer.MediaType, contentSerializer)
}
embeddedEncoder = contentSerializer.EncoderForVersion(info.Serializer, contentKind.GroupVersion())
} else {
@@ -114,7 +109,6 @@ func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions n
// don't put the allocator inside the embeddedEncodeFn as that would allocate memory on every call.
// instead, we allocate the buffer for the entire watch session and release it when we close the connection.
memoryAllocator = runtime.AllocatorPool.Get().(*runtime.Allocator)
- defer runtime.AllocatorPool.Put(memoryAllocator)
embeddedEncoder = runtime.NewEncoderWithAllocator(encoderWithAllocator, memoryAllocator)
}
var tableOptions *metav1.TableOptions
@@ -122,8 +116,7 @@ func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions n
if passedOptions, ok := options.(*metav1.TableOptions); ok {
tableOptions = passedOptions
} else {
- scope.err(fmt.Errorf("unexpected options type: %T", options), w, req)
- return
+ return nil, fmt.Errorf("unexpected options type: %T", options)
}
}
embeddedEncoder = newWatchEmbeddedEncoder(ctx, embeddedEncoder, mediaTypeOptions.Convert, tableOptions, scope)
@@ -133,7 +126,6 @@ func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions n
// don't put the allocator inside the embeddedEncodeFn as that would allocate memory on every call.
// instead, we allocate the buffer for the entire watch session and release it when we close the connection.
memoryAllocator = runtime.AllocatorPool.Get().(*runtime.Allocator)
- defer runtime.AllocatorPool.Put(memoryAllocator)
}
encoder = runtime.NewEncoderWithAllocator(encoderWithAllocator, memoryAllocator)
}
@@ -153,13 +145,18 @@ func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions n
Encoder: encoder,
EmbeddedEncoder: embeddedEncoder,
+ MemoryAllocator: memoryAllocator,
TimeoutFactory: &realTimeoutFactory{timeout},
ServerShuttingDownCh: serverShuttingDownCh,
metricsScope: metricsScope,
}
- server.ServeHTTP(w, req)
+ if wsstream.IsWebSocketRequest(req) {
+ w.Header().Set("Content-Type", server.MediaType)
+ return websocket.Handler(server.HandleWS), nil
+ }
+ return http.HandlerFunc(server.HandleHTTP), nil
}
// WatchServer serves a watch.Interface over a websocket or vanilla HTTP.
@@ -178,22 +175,21 @@ type WatchServer struct {
// used to encode the nested object in the watch stream
EmbeddedEncoder runtime.Encoder
+ MemoryAllocator runtime.MemoryAllocator
TimeoutFactory TimeoutFactory
ServerShuttingDownCh <-chan struct{}
metricsScope string
}
-// ServeHTTP serves a series of encoded events via HTTP with Transfer-Encoding: chunked
+// HandleHTTP serves a series of encoded events via HTTP with Transfer-Encoding: chunked.
// or over a websocket connection.
-func (s *WatchServer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
- kind := s.Scope.Kind
-
- if wsstream.IsWebSocketRequest(req) {
- w.Header().Set("Content-Type", s.MediaType)
- websocket.Handler(s.HandleWS).ServeHTTP(w, req)
- return
- }
+func (s *WatchServer) HandleHTTP(w http.ResponseWriter, req *http.Request) {
+ defer func() {
+ if s.MemoryAllocator != nil {
+ runtime.AllocatorPool.Put(s.MemoryAllocator)
+ }
+ }()
flusher, ok := w.(http.Flusher)
if !ok {
@@ -222,6 +218,7 @@ func (s *WatchServer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
w.WriteHeader(http.StatusOK)
flusher.Flush()
+ kind := s.Scope.Kind
watchEncoder := newWatchEncoder(req.Context(), kind, s.EmbeddedEncoder, s.Encoder, framer)
ch := s.Watching.ResultChan()
done := req.Context().Done()
@@ -265,10 +262,19 @@ func (s *WatchServer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
}
}
-// HandleWS implements a websocket handler.
+// HandleWS serves a series of encoded events over a websocket connection.
func (s *WatchServer) HandleWS(ws *websocket.Conn) {
+ defer func() {
+ if s.MemoryAllocator != nil {
+ runtime.AllocatorPool.Put(s.MemoryAllocator)
+ }
+ }()
+
defer ws.Close()
done := make(chan struct{})
+ // ensure the connection times out
+ timeoutCh, cleanup := s.TimeoutFactory.TimeoutCh()
+ defer cleanup()
go func() {
defer utilruntime.HandleCrash()
@@ -279,67 +285,62 @@ func (s *WatchServer) HandleWS(ws *websocket.Conn) {
close(done)
}()
- var unknown runtime.Unknown
- internalEvent := &metav1.InternalEvent{}
- buf := &bytes.Buffer{}
- streamBuf := &bytes.Buffer{}
+ framer := newWebsocketFramer(ws, s.UseTextFraming)
+
+ kind := s.Scope.Kind
+ watchEncoder := newWatchEncoder(context.TODO(), kind, s.EmbeddedEncoder, s.Encoder, framer)
ch := s.Watching.ResultChan()
for {
select {
case <-done:
return
+ case <-timeoutCh:
+ return
case event, ok := <-ch:
if !ok {
// End of results.
return
}
- if err := s.EmbeddedEncoder.Encode(event.Object, buf); err != nil {
- // unexpected error
- utilruntime.HandleError(fmt.Errorf("unable to encode watch object %T: %v", event.Object, err))
- return
- }
-
- // ContentType is not required here because we are defaulting to the serializer
- // type
- unknown.Raw = buf.Bytes()
- event.Object = &unknown
-
- // the internal event will be versioned by the encoder
- // create the external type directly and encode it. Clients will only recognize the serialization we provide.
- // The internal event is being reused, not reallocated so its just a few extra assignments to do it this way
- // and we get the benefit of using conversion functions which already have to stay in sync
- outEvent := &metav1.WatchEvent{}
- *internalEvent = metav1.InternalEvent(event)
- err := metav1.Convert_v1_InternalEvent_To_v1_WatchEvent(internalEvent, outEvent, nil)
- if err != nil {
- utilruntime.HandleError(fmt.Errorf("unable to convert watch object: %v", err))
+ if err := watchEncoder.Encode(event); err != nil {
+ utilruntime.HandleError(err)
// client disconnect.
return
}
- if err := s.Encoder.Encode(outEvent, streamBuf); err != nil {
- // encoding error
- utilruntime.HandleError(fmt.Errorf("unable to encode event: %v", err))
- return
- }
- if s.UseTextFraming {
- if err := websocket.Message.Send(ws, streamBuf.String()); err != nil {
- // Client disconnect.
- return
- }
- } else {
- if err := websocket.Message.Send(ws, streamBuf.Bytes()); err != nil {
- // Client disconnect.
- return
- }
- }
- buf.Reset()
- streamBuf.Reset()
}
}
}
+type websocketFramer struct {
+ ws *websocket.Conn
+ useTextFraming bool
+}
+
+func newWebsocketFramer(ws *websocket.Conn, useTextFraming bool) io.Writer {
+ return &websocketFramer{
+ ws: ws,
+ useTextFraming: useTextFraming,
+ }
+}
+
+func (w *websocketFramer) Write(p []byte) (int, error) {
+ if w.useTextFraming {
+ // bytes.Buffer::String() has a special handling of nil value, but given
+ // we're writing serialized watch events, this will never happen here.
+ if err := websocket.Message.Send(w.ws, string(p)); err != nil {
+ return 0, err
+ }
+ return len(p), nil
+ }
+ if err := websocket.Message.Send(w.ws, p); err != nil {
+ return 0, err
+ }
+ return len(p), nil
+}
+
+var _ io.Writer = &websocketFramer{}
+
func shouldRecordWatchListLatency(event watch.Event) bool {
if event.Type != watch.Bookmark || !utilfeature.DefaultFeatureGate.Enabled(features.WatchList) {
return false
diff --git a/vendor/k8s.io/apiserver/pkg/endpoints/request/webhook_duration.go b/vendor/k8s.io/apiserver/pkg/endpoints/request/webhook_duration.go
index 612c671d85..b7b7f897c6 100644
--- a/vendor/k8s.io/apiserver/pkg/endpoints/request/webhook_duration.go
+++ b/vendor/k8s.io/apiserver/pkg/endpoints/request/webhook_duration.go
@@ -152,6 +152,13 @@ type LatencyTrackers struct {
// The Write method can be invoked multiple times, so we use a
// latency tracker that sums up the duration from each call.
ResponseWriteTracker DurationTracker
+
+ // DecodeTracker is used to track latency incurred inside the function
+ // that takes an object returned from the underlying storage layer
+ // (etcd) and performs decoding of the response object.
+ // When called multiple times, the latency incurred inside to
+ // decode func each time will be summed up.
+ DecodeTracker DurationTracker
}
type latencyTrackersKeyType int
@@ -177,6 +184,7 @@ func WithLatencyTrackersAndCustomClock(parent context.Context, c clock.Clock) co
TransformTracker: newSumLatencyTracker(c),
SerializationTracker: newSumLatencyTracker(c),
ResponseWriteTracker: newSumLatencyTracker(c),
+ DecodeTracker: newSumLatencyTracker(c),
})
}
@@ -243,6 +251,17 @@ func TrackAPFQueueWaitLatency(ctx context.Context, d time.Duration) {
}
}
+// TrackDecodeLatency is used to track latency incurred inside the function
+// that takes an object returned from the underlying storage layer
+// (etcd) and performs decoding of the response object.
+// When called multiple times, the latency incurred inside to
+// decode func each time will be summed up.
+func TrackDecodeLatency(ctx context.Context, d time.Duration) {
+ if tracker, ok := LatencyTrackersFrom(ctx); ok {
+ tracker.DecodeTracker.TrackDuration(d)
+ }
+}
+
// AuditAnnotationsFromLatencyTrackers will inspect each latency tracker
// associated with the request context and return a set of audit
// annotations that can be added to the API audit entry.
@@ -254,6 +273,7 @@ func AuditAnnotationsFromLatencyTrackers(ctx context.Context) map[string]string
responseWriteLatencyKey = "apiserver.latency.k8s.io/response-write"
mutatingWebhookLatencyKey = "apiserver.latency.k8s.io/mutating-webhook"
validatingWebhookLatencyKey = "apiserver.latency.k8s.io/validating-webhook"
+ decodeLatencyKey = "apiserver.latency.k8s.io/decode-response-object"
)
tracker, ok := LatencyTrackersFrom(ctx)
@@ -280,6 +300,9 @@ func AuditAnnotationsFromLatencyTrackers(ctx context.Context) map[string]string
if latency := tracker.ValidatingWebhookTracker.GetLatency(); latency != 0 {
annotations[validatingWebhookLatencyKey] = latency.String()
}
+ if latency := tracker.DecodeTracker.GetLatency(); latency != 0 {
+ annotations[decodeLatencyKey] = latency.String()
+ }
return annotations
}
diff --git a/vendor/k8s.io/apiserver/pkg/features/kube_features.go b/vendor/k8s.io/apiserver/pkg/features/kube_features.go
index f059cef9bc..9c90ca2040 100644
--- a/vendor/k8s.io/apiserver/pkg/features/kube_features.go
+++ b/vendor/k8s.io/apiserver/pkg/features/kube_features.go
@@ -90,6 +90,12 @@ const (
// Add support for distributed tracing in the API Server
APIServerTracing featuregate.Feature = "APIServerTracing"
+ // owner: @linxiulei
+ // beta: v1.30
+ //
+ // Enables serving watch requests in separate goroutines.
+ APIServingWithRoutine featuregate.Feature = "APIServingWithRoutine"
+
// owner: @cici37 @jpbetz
// kep: http://kep.k8s.io/3488
// alpha: v1.26
@@ -137,6 +143,13 @@ const (
// Enables the use of derived encryption keys with KMS v2.
KMSv2KDF featuregate.Feature = "KMSv2KDF"
+ // owner: @alexzielenski, @cici37, @jiahuif
+ // kep: https://kep.k8s.io/3962
+ // alpha: v1.30
+ //
+ // Enables the MutatingAdmissionPolicy in Admission Chain
+ MutatingAdmissionPolicy featuregate.Feature = "MutatingAdmissionPolicy"
+
// owner: @jiahuif
// kep: https://kep.k8s.io/2887
// alpha: v1.23
@@ -155,14 +168,6 @@ const (
// to a chunking list request.
RemainingItemCount featuregate.Feature = "RemainingItemCount"
- // owner: @wojtek-t
- // alpha: v1.16
- // beta: v1.20
- // GA: v1.24
- //
- // Deprecates and removes SelfLink from ObjectMeta and ListMeta.
- RemoveSelfLink featuregate.Feature = "RemoveSelfLink"
-
// owner: @apelisse, @lavalamp
// alpha: v1.14
// beta: v1.16
@@ -197,6 +202,12 @@ const (
// clients.
UnauthenticatedHTTP2DOSMitigation featuregate.Feature = "UnauthenticatedHTTP2DOSMitigation"
+ // owner: @jpbetz
+ // alpha: v1.30
+ // Resource create requests using generateName are retried automatically by the apiserver
+ // if the generated name conflicts with an existing resource name, up to a maximum number of 7 retries.
+ RetryGenerateName featuregate.Feature = "RetryGenerateName"
+
// owner: @caesarxuchao @roycaihw
// alpha: v1.20
//
@@ -255,6 +266,7 @@ const (
// owner: @tkashem
// beta: v1.29
+ // GA: v1.30
//
// Allow Priority & Fairness in the API server to use a zero value for
// the 'nominalConcurrencyShares' field of the 'limited' section of a
@@ -285,6 +297,8 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS
APIServerTracing: {Default: true, PreRelease: featuregate.Beta},
+ APIServingWithRoutine: {Default: true, PreRelease: featuregate.Beta},
+
ValidatingAdmissionPolicy: {Default: false, PreRelease: featuregate.Beta},
CustomResourceValidationExpressions: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.31
@@ -301,7 +315,7 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS
RemainingItemCount: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.32
- RemoveSelfLink: {Default: true, PreRelease: featuregate.GA, LockToDefault: true},
+ RetryGenerateName: {Default: false, PreRelease: featuregate.Alpha},
ServerSideApply: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.29
@@ -325,5 +339,5 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS
ConsistentListFromCache: {Default: false, PreRelease: featuregate.Alpha},
- ZeroLimitedNominalConcurrencyShares: {Default: false, PreRelease: featuregate.Beta},
+ ZeroLimitedNominalConcurrencyShares: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.32
}
diff --git a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go
index 028053952a..a8e01708a3 100644
--- a/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/generic/registry/store.go
@@ -23,6 +23,8 @@ import (
"sync"
"time"
+ "sigs.k8s.io/structured-merge-diff/v4/fieldpath"
+
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/api/validation"
@@ -40,15 +42,16 @@ import (
"k8s.io/apimachinery/pkg/watch"
"k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager"
genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
+ "k8s.io/apiserver/pkg/features"
"k8s.io/apiserver/pkg/registry/generic"
"k8s.io/apiserver/pkg/registry/rest"
"k8s.io/apiserver/pkg/storage"
storeerr "k8s.io/apiserver/pkg/storage/errors"
"k8s.io/apiserver/pkg/storage/etcd3/metrics"
"k8s.io/apiserver/pkg/util/dryrun"
+ utilfeature "k8s.io/apiserver/pkg/util/feature"
flowcontrolrequest "k8s.io/apiserver/pkg/util/flowcontrol/request"
"k8s.io/client-go/tools/cache"
- "sigs.k8s.io/structured-merge-diff/v4/fieldpath"
"k8s.io/klog/v2"
)
@@ -392,11 +395,54 @@ func (e *Store) ListPredicate(ctx context.Context, p storage.SelectionPredicate,
// finishNothing is a do-nothing FinishFunc.
func finishNothing(context.Context, bool) {}
+// maxNameGenerationCreateAttempts is the maximum number of
+// times create will be attempted when generateName is used
+// and create attempts fails due to name conflict errors.
+// Each attempt uses a newly randomly generated name.
+// 8 was selected as the max because it is sufficient to generate
+// 1 million names per generateName prefix, with only a 0.1%
+// probability of any generated name conflicting with existing names.
+// Without retry, a 0.1% probability occurs at ~500
+// generated names and a 50% probability occurs at ~4500
+// generated names.
+const maxNameGenerationCreateAttempts = 8
+
// Create inserts a new item according to the unique key from the object.
// Note that registries may mutate the input object (e.g. in the strategy
// hooks). Tests which call this might want to call DeepCopy if they expect to
// be able to examine the input and output objects for differences.
func (e *Store) Create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) {
+ if utilfeature.DefaultFeatureGate.Enabled(features.RetryGenerateName) && needsNameGeneration(obj) {
+ return e.createWithGenerateNameRetry(ctx, obj, createValidation, options)
+ }
+
+ return e.create(ctx, obj, createValidation, options)
+}
+
+// needsNameGeneration returns true if the obj has a generateName but no name.
+func needsNameGeneration(obj runtime.Object) bool {
+ if objectMeta, err := meta.Accessor(obj); err == nil {
+ if len(objectMeta.GetGenerateName()) > 0 && len(objectMeta.GetName()) == 0 {
+ return true
+ }
+ }
+ return false
+}
+
+// createWithGenerateNameRetry attempts to create obj up to maxNameGenerationCreateAttempts
+// when create fails due to a name conflict error. Each attempt randomly generates a new
+// name based on generateName.
+func (e *Store) createWithGenerateNameRetry(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (resultObj runtime.Object, err error) {
+ for i := 0; i < maxNameGenerationCreateAttempts; i++ {
+ resultObj, err = e.create(ctx, obj.DeepCopyObject(), createValidation, options)
+ if err == nil || !apierrors.IsAlreadyExists(err) {
+ return resultObj, err
+ }
+ }
+ return resultObj, err
+}
+
+func (e *Store) create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) {
var finishCreate FinishFunc = finishNothing
// Init metadata as early as possible.
diff --git a/vendor/k8s.io/apiserver/pkg/server/config.go b/vendor/k8s.io/apiserver/pkg/server/config.go
index beff08f14d..81a7d6ddb3 100644
--- a/vendor/k8s.io/apiserver/pkg/server/config.go
+++ b/vendor/k8s.io/apiserver/pkg/server/config.go
@@ -668,6 +668,11 @@ func (c *Config) DrainedNotify() <-chan struct{} {
return c.lifecycleSignals.InFlightRequestsDrained.Signaled()
}
+// ShutdownInitiated returns a lifecycle signal of apiserver shutdown having been initiated.
+func (c *Config) ShutdownInitiatedNotify() <-chan struct{} {
+ return c.lifecycleSignals.ShutdownInitiated.Signaled()
+}
+
// Complete fills in any fields not set that are required to have valid data and can be derived
// from other fields. If you're going to `ApplyOptions`, do that first. It's mutating the receiver.
func (c *Config) Complete(informers informers.SharedInformerFactory) CompletedConfig {
@@ -799,15 +804,14 @@ func (c completedConfig) New(name string, delegationTarget DelegationTarget) (*G
preShutdownHooks: map[string]preShutdownHookEntry{},
disabledPostStartHooks: c.DisabledPostStartHooks,
- healthzChecks: c.HealthzChecks,
- livezChecks: c.LivezChecks,
- readyzChecks: c.ReadyzChecks,
+ healthzRegistry: healthCheckRegistry{path: "/healthz", checks: c.HealthzChecks},
+ livezRegistry: healthCheckRegistry{path: "/livez", checks: c.LivezChecks, clock: clock.RealClock{}},
+ readyzRegistry: healthCheckRegistry{path: "/readyz", checks: c.ReadyzChecks},
livezGracePeriod: c.LivezGracePeriod,
DiscoveryGroupManager: discovery.NewRootAPIsHandler(c.DiscoveryAddresses, c.Serializer),
maxRequestBodyBytes: c.MaxRequestBodyBytes,
- livezClock: clock.RealClock{},
lifecycleSignals: c.lifecycleSignals,
ShutdownSendRetryAfter: c.ShutdownSendRetryAfter,
@@ -1012,6 +1016,10 @@ func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler {
handler = genericfilters.WithCORS(handler, c.CorsAllowedOriginList, nil, nil, nil, "true")
+ // WithWarningRecorder must be wrapped by the timeout handler
+ // to make the addition of warning headers threadsafe
+ handler = genericapifilters.WithWarningRecorder(handler)
+
// WithTimeoutForNonLongRunningRequests will call the rest of the request handling in a go-routine with the
// context with deadline. The go-routine can keep running, while the timeout logic will return a timeout to the client.
handler = genericfilters.WithTimeoutForNonLongRunningRequests(handler, c.LongRunningFunc)
@@ -1025,7 +1033,6 @@ func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler {
if c.SecureServing != nil && !c.SecureServing.DisableHTTP2 && c.GoawayChance > 0 {
handler = genericfilters.WithProbabilisticGoaway(handler, c.GoawayChance)
}
- handler = genericapifilters.WithWarningRecorder(handler)
handler = genericapifilters.WithCacheControl(handler)
handler = genericfilters.WithHSTS(handler, c.HSTSDirectives)
if c.ShutdownSendRetryAfter {
@@ -1036,6 +1043,12 @@ func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler {
handler = genericapifilters.WithTracing(handler, c.TracerProvider)
}
handler = genericapifilters.WithLatencyTrackers(handler)
+ // WithRoutine will execute future handlers in a separate goroutine and serving
+ // handler in current goroutine to minimize the stack memory usage. It must be
+ // after WithPanicRecover() to be protected from panics.
+ if utilfeature.DefaultFeatureGate.Enabled(genericfeatures.APIServingWithRoutine) {
+ handler = genericfilters.WithRoutine(handler, c.LongRunningFunc)
+ }
handler = genericapifilters.WithRequestInfo(handler, c.RequestInfoResolver)
handler = genericapifilters.WithRequestReceivedTimestamp(handler)
handler = genericapifilters.WithMuxAndDiscoveryComplete(handler, c.lifecycleSignals.MuxAndDiscoveryComplete.Signaled())
diff --git a/vendor/k8s.io/apiserver/pkg/server/filters/routine.go b/vendor/k8s.io/apiserver/pkg/server/filters/routine.go
new file mode 100644
index 0000000000..3f4dfa2bb2
--- /dev/null
+++ b/vendor/k8s.io/apiserver/pkg/server/filters/routine.go
@@ -0,0 +1,77 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package filters
+
+import (
+ "context"
+ "net/http"
+
+ "k8s.io/apiserver/pkg/endpoints/request"
+)
+
+type taskKeyType int
+
+const taskKey taskKeyType = iota
+
+type Task struct {
+ Func func()
+}
+
+func WithTask(parent context.Context, t *Task) context.Context {
+ return request.WithValue(parent, taskKey, t)
+}
+
+func TaskFrom(ctx context.Context) *Task {
+ t, _ := ctx.Value(taskKey).(*Task)
+ return t
+}
+
+// WithRoutine returns an http.Handler that executes preparation of long running requests (i.e. watches)
+// in a separate Goroutine and then serves the long running request in the main Goroutine. Doing so allows
+// freeing stack memory used in preparation Goroutine for better memory efficiency.
+func WithRoutine(handler http.Handler, longRunning request.LongRunningRequestCheck) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+ ctx := req.Context()
+ requestInfo, _ := request.RequestInfoFrom(ctx)
+ if !longRunning(req, requestInfo) {
+ handler.ServeHTTP(w, req)
+ return
+ }
+
+ req = req.WithContext(WithTask(ctx, &Task{}))
+ panicCh := make(chan any, 1)
+ go func() {
+ defer func() {
+ if r := recover(); r != nil {
+ panicCh <- r
+ }
+ close(panicCh)
+ }()
+ handler.ServeHTTP(w, req)
+ }()
+
+ if p, ok := <-panicCh; ok {
+ panic(p)
+ }
+
+ ctx = req.Context()
+ if t := TaskFrom(ctx); t != nil && t.Func != nil {
+ t.Func()
+ }
+
+ })
+}
diff --git a/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go b/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go
index 450c7d4f64..53bed80fa9 100644
--- a/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go
+++ b/vendor/k8s.io/apiserver/pkg/server/genericapiserver.go
@@ -60,7 +60,6 @@ import (
"k8s.io/kube-openapi/pkg/handler3"
openapiutil "k8s.io/kube-openapi/pkg/util"
"k8s.io/kube-openapi/pkg/validation/spec"
- "k8s.io/utils/clock"
)
// Info about an API group.
@@ -191,19 +190,11 @@ type GenericAPIServer struct {
preShutdownHooksCalled bool
// healthz checks
- healthzLock sync.Mutex
- healthzChecks []healthz.HealthChecker
- healthzChecksInstalled bool
- // livez checks
- livezLock sync.Mutex
- livezChecks []healthz.HealthChecker
- livezChecksInstalled bool
- // readyz checks
- readyzLock sync.Mutex
- readyzChecks []healthz.HealthChecker
- readyzChecksInstalled bool
- livezGracePeriod time.Duration
- livezClock clock.Clock
+ healthzRegistry healthCheckRegistry
+ readyzRegistry healthCheckRegistry
+ livezRegistry healthCheckRegistry
+
+ livezGracePeriod time.Duration
// auditing. The backend is started before the server starts listening.
AuditBackend audit.Backend
@@ -330,7 +321,7 @@ func (s *GenericAPIServer) PreShutdownHooks() map[string]preShutdownHookEntry {
return s.preShutdownHooks
}
func (s *GenericAPIServer) HealthzChecks() []healthz.HealthChecker {
- return s.healthzChecks
+ return s.healthzRegistry.checks
}
func (s *GenericAPIServer) ListedPaths() []string {
return s.listedPathProvider.ListedPaths()
diff --git a/vendor/k8s.io/apiserver/pkg/server/healthz.go b/vendor/k8s.io/apiserver/pkg/server/healthz.go
index d6d13444d7..f4b564c48f 100644
--- a/vendor/k8s.io/apiserver/pkg/server/healthz.go
+++ b/vendor/k8s.io/apiserver/pkg/server/healthz.go
@@ -19,12 +19,60 @@ package server
import (
"fmt"
"net/http"
+ "sync"
"time"
"k8s.io/apiserver/pkg/server/healthz"
"k8s.io/utils/clock"
)
+// healthMux is an interface describing the methods InstallHandler requires.
+type healthMux interface {
+ Handle(pattern string, handler http.Handler)
+}
+
+type healthCheckRegistry struct {
+ path string
+ lock sync.Mutex
+ checks []healthz.HealthChecker
+ checksInstalled bool
+ clock clock.Clock
+}
+
+func (reg *healthCheckRegistry) addHealthChecks(checks ...healthz.HealthChecker) error {
+ return reg.addDelayedHealthChecks(0, checks...)
+}
+
+func (reg *healthCheckRegistry) addDelayedHealthChecks(delay time.Duration, checks ...healthz.HealthChecker) error {
+ if delay > 0 && reg.clock == nil {
+ return fmt.Errorf("nil clock in healthCheckRegistry for %s endpoint", reg.path)
+ }
+ reg.lock.Lock()
+ defer reg.lock.Unlock()
+ if reg.checksInstalled {
+ return fmt.Errorf("unable to add because the %s endpoint has already been created", reg.path)
+ }
+ if delay > 0 {
+ for _, check := range checks {
+ reg.checks = append(reg.checks, delayedHealthCheck(check, reg.clock, delay))
+ }
+ } else {
+ reg.checks = append(reg.checks, checks...)
+ }
+ return nil
+}
+
+func (reg *healthCheckRegistry) installHandler(mux healthMux) {
+ reg.installHandlerWithHealthyFunc(mux, nil)
+}
+
+func (reg *healthCheckRegistry) installHandlerWithHealthyFunc(mux healthMux, firstTimeHealthy func()) {
+ reg.lock.Lock()
+ defer reg.lock.Unlock()
+ reg.checksInstalled = true
+ healthz.InstallPathHandlerWithHealthyFunc(mux, reg.path, firstTimeHealthy, reg.checks...)
+}
+
// AddHealthChecks adds HealthCheck(s) to health endpoints (healthz, livez, readyz) but
// configures the liveness grace period to be zero, which means we expect this health check
// to immediately indicate that the apiserver is unhealthy.
@@ -47,40 +95,23 @@ func (s *GenericAPIServer) AddBootSequenceHealthChecks(checks ...healthz.HealthC
// addHealthChecks adds health checks to healthz, livez, and readyz. The delay passed in will set
// a corresponding grace period on livez.
func (s *GenericAPIServer) addHealthChecks(livezGracePeriod time.Duration, checks ...healthz.HealthChecker) error {
- s.healthzLock.Lock()
- defer s.healthzLock.Unlock()
- if s.healthzChecksInstalled {
- return fmt.Errorf("unable to add because the healthz endpoint has already been created")
+ if err := s.healthzRegistry.addHealthChecks(checks...); err != nil {
+ return err
}
- s.healthzChecks = append(s.healthzChecks, checks...)
- if err := s.AddLivezChecks(livezGracePeriod, checks...); err != nil {
+ if err := s.livezRegistry.addDelayedHealthChecks(livezGracePeriod, checks...); err != nil {
return err
}
- return s.AddReadyzChecks(checks...)
+ return s.readyzRegistry.addHealthChecks(checks...)
}
// AddReadyzChecks allows you to add a HealthCheck to readyz.
func (s *GenericAPIServer) AddReadyzChecks(checks ...healthz.HealthChecker) error {
- s.readyzLock.Lock()
- defer s.readyzLock.Unlock()
- if s.readyzChecksInstalled {
- return fmt.Errorf("unable to add because the readyz endpoint has already been created")
- }
- s.readyzChecks = append(s.readyzChecks, checks...)
- return nil
+ return s.readyzRegistry.addHealthChecks(checks...)
}
// AddLivezChecks allows you to add a HealthCheck to livez.
func (s *GenericAPIServer) AddLivezChecks(delay time.Duration, checks ...healthz.HealthChecker) error {
- s.livezLock.Lock()
- defer s.livezLock.Unlock()
- if s.livezChecksInstalled {
- return fmt.Errorf("unable to add because the livez endpoint has already been created")
- }
- for _, check := range checks {
- s.livezChecks = append(s.livezChecks, delayedHealthCheck(check, s.livezClock, delay))
- }
- return nil
+ return s.livezRegistry.addDelayedHealthChecks(delay, checks...)
}
// addReadyzShutdownCheck is a convenience function for adding a readyz shutdown check, so
@@ -92,29 +123,20 @@ func (s *GenericAPIServer) addReadyzShutdownCheck(stopCh <-chan struct{}) error
// installHealthz creates the healthz endpoint for this server
func (s *GenericAPIServer) installHealthz() {
- s.healthzLock.Lock()
- defer s.healthzLock.Unlock()
- s.healthzChecksInstalled = true
- healthz.InstallHandler(s.Handler.NonGoRestfulMux, s.healthzChecks...)
+ s.healthzRegistry.installHandler(s.Handler.NonGoRestfulMux)
}
// installReadyz creates the readyz endpoint for this server.
func (s *GenericAPIServer) installReadyz() {
- s.readyzLock.Lock()
- defer s.readyzLock.Unlock()
- s.readyzChecksInstalled = true
- healthz.InstallReadyzHandlerWithHealthyFunc(s.Handler.NonGoRestfulMux, func() {
- // note: InstallReadyzHandlerWithHealthyFunc guarantees that this is called only once
+ s.readyzRegistry.installHandlerWithHealthyFunc(s.Handler.NonGoRestfulMux, func() {
+ // note: installHandlerWithHealthyFunc guarantees that this is called only once
s.lifecycleSignals.HasBeenReady.Signal()
- }, s.readyzChecks...)
+ })
}
// installLivez creates the livez endpoint for this server.
func (s *GenericAPIServer) installLivez() {
- s.livezLock.Lock()
- defer s.livezLock.Unlock()
- s.livezChecksInstalled = true
- healthz.InstallLivezHandler(s.Handler.NonGoRestfulMux, s.livezChecks...)
+ s.livezRegistry.installHandler(s.Handler.NonGoRestfulMux)
}
// shutdownCheck fails if the embedded channel is closed. This is intended to allow for graceful shutdown sequences
diff --git a/vendor/k8s.io/apiserver/pkg/server/healthz/healthz.go b/vendor/k8s.io/apiserver/pkg/server/healthz/healthz.go
index 63ff59750f..4613fd6d17 100644
--- a/vendor/k8s.io/apiserver/pkg/server/healthz/healthz.go
+++ b/vendor/k8s.io/apiserver/pkg/server/healthz/healthz.go
@@ -142,12 +142,6 @@ func InstallReadyzHandler(mux mux, checks ...HealthChecker) {
InstallPathHandler(mux, "/readyz", checks...)
}
-// InstallReadyzHandlerWithHealthyFunc is like InstallReadyzHandler, but in addition call firstTimeReady
-// the first time /readyz succeeds.
-func InstallReadyzHandlerWithHealthyFunc(mux mux, firstTimeReady func(), checks ...HealthChecker) {
- InstallPathHandlerWithHealthyFunc(mux, "/readyz", firstTimeReady, checks...)
-}
-
// InstallLivezHandler registers handlers for liveness checking on the path
// "/livez" to mux. *All handlers* for mux must be specified in
// exactly one call to InstallHandler. Calling InstallHandler more
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/admission.go b/vendor/k8s.io/apiserver/pkg/server/options/admission.go
index 6f4990a7e2..3f65a0d1f3 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/admission.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/admission.go
@@ -29,7 +29,7 @@ import (
"k8s.io/apiserver/pkg/admission/initializer"
admissionmetrics "k8s.io/apiserver/pkg/admission/metrics"
"k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle"
- "k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy"
+ validatingadmissionpolicy "k8s.io/apiserver/pkg/admission/plugin/policy/validating"
mutatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating"
validatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/validating"
apiserverapi "k8s.io/apiserver/pkg/apis/apiserver"
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
index 5b3da51faf..2dbf335b2b 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/config.go
@@ -24,7 +24,6 @@ import (
"encoding/base64"
"errors"
"fmt"
- "io"
"net/http"
"os"
"sync"
@@ -38,9 +37,9 @@ import (
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/uuid"
"k8s.io/apimachinery/pkg/util/wait"
- apiserverconfig "k8s.io/apiserver/pkg/apis/config"
- apiserverconfigv1 "k8s.io/apiserver/pkg/apis/config/v1"
- "k8s.io/apiserver/pkg/apis/config/validation"
+ "k8s.io/apiserver/pkg/apis/apiserver"
+ apiserverv1 "k8s.io/apiserver/pkg/apis/apiserver/v1"
+ "k8s.io/apiserver/pkg/apis/apiserver/validation"
"k8s.io/apiserver/pkg/features"
"k8s.io/apiserver/pkg/server/healthz"
"k8s.io/apiserver/pkg/server/options/encryptionconfig/metrics"
@@ -129,8 +128,8 @@ func GetKDF() bool {
func init() {
configScheme := runtime.NewScheme()
- utilruntime.Must(apiserverconfig.AddToScheme(configScheme))
- utilruntime.Must(apiserverconfigv1.AddToScheme(configScheme))
+ utilruntime.Must(apiserver.AddToScheme(configScheme))
+ utilruntime.Must(apiserverv1.AddToScheme(configScheme))
codecs = serializer.NewCodecFactory(configScheme)
envelopemetrics.RegisterMetrics()
storagevalue.RegisterMetrics()
@@ -243,7 +242,7 @@ func LoadEncryptionConfig(ctx context.Context, filepath string, reload bool, api
// getTransformerOverridesAndKMSPluginHealthzCheckers creates the set of transformers and KMS healthz checks based on the given config.
// It may launch multiple go routines whose lifecycle is controlled by ctx.
// In case of an error, the caller is responsible for canceling ctx to clean up any go routines that may have been launched.
-func getTransformerOverridesAndKMSPluginHealthzCheckers(ctx context.Context, config *apiserverconfig.EncryptionConfiguration, apiServerID string) (map[schema.GroupResource]storagevalue.Transformer, []healthz.HealthChecker, *kmsState, error) {
+func getTransformerOverridesAndKMSPluginHealthzCheckers(ctx context.Context, config *apiserver.EncryptionConfiguration, apiServerID string) (map[schema.GroupResource]storagevalue.Transformer, []healthz.HealthChecker, *kmsState, error) {
var kmsHealthChecks []healthz.HealthChecker
transformers, probes, kmsUsed, err := getTransformerOverridesAndKMSPluginProbes(ctx, config, apiServerID)
if err != nil {
@@ -264,7 +263,7 @@ type healthChecker interface {
// getTransformerOverridesAndKMSPluginProbes creates the set of transformers and KMS probes based on the given config.
// It may launch multiple go routines whose lifecycle is controlled by ctx.
// In case of an error, the caller is responsible for canceling ctx to clean up any go routines that may have been launched.
-func getTransformerOverridesAndKMSPluginProbes(ctx context.Context, config *apiserverconfig.EncryptionConfiguration, apiServerID string) (map[schema.GroupResource]storagevalue.Transformer, []healthChecker, *kmsState, error) {
+func getTransformerOverridesAndKMSPluginProbes(ctx context.Context, config *apiserver.EncryptionConfiguration, apiServerID string) (map[schema.GroupResource]storagevalue.Transformer, []healthChecker, *kmsState, error) {
resourceToPrefixTransformer := map[schema.GroupResource][]storagevalue.PrefixTransformer{}
var probes []healthChecker
var kmsUsed kmsState
@@ -503,7 +502,7 @@ func (h *kmsv2PluginProbe) isKMSv2ProviderHealthyAndMaybeRotateDEK(ctx context.C
}
// loadConfig parses the encryption configuration file at filepath and returns the parsed config and hash of the file.
-func loadConfig(filepath string, reload bool) (*apiserverconfig.EncryptionConfiguration, string, error) {
+func loadConfig(filepath string, reload bool) (*apiserver.EncryptionConfiguration, string, error) {
data, contentHash, err := loadDataAndHash(filepath)
if err != nil {
return nil, "", fmt.Errorf("error while loading file: %w", err)
@@ -513,7 +512,7 @@ func loadConfig(filepath string, reload bool) (*apiserverconfig.EncryptionConfig
if err != nil {
return nil, "", fmt.Errorf("error decoding encryption provider configuration file %q: %w", filepath, err)
}
- config, ok := configObj.(*apiserverconfig.EncryptionConfiguration)
+ config, ok := configObj.(*apiserver.EncryptionConfiguration)
if !ok {
return nil, "", fmt.Errorf("got unexpected config type: %v", gvk)
}
@@ -522,15 +521,9 @@ func loadConfig(filepath string, reload bool) (*apiserverconfig.EncryptionConfig
}
func loadDataAndHash(filepath string) ([]byte, string, error) {
- f, err := os.Open(filepath)
+ data, err := os.ReadFile(filepath)
if err != nil {
- return nil, "", fmt.Errorf("error opening encryption provider configuration file %q: %w", filepath, err)
- }
- defer f.Close()
-
- data, err := io.ReadAll(f)
- if err != nil {
- return nil, "", fmt.Errorf("could not read contents: %w", err)
+ return nil, "", fmt.Errorf("error reading encryption provider configuration file %q: %w", filepath, err)
}
if len(data) == 0 {
return nil, "", fmt.Errorf("encryption provider configuration file %q is empty", filepath)
@@ -549,7 +542,7 @@ func GetEncryptionConfigHash(filepath string) (string, error) {
// prefixTransformersAndProbes creates the set of transformers and KMS probes based on the given resource config.
// It may launch multiple go routines whose lifecycle is controlled by ctx.
// In case of an error, the caller is responsible for canceling ctx to clean up any go routines that may have been launched.
-func prefixTransformersAndProbes(ctx context.Context, config apiserverconfig.ResourceConfiguration, apiServerID string) ([]storagevalue.PrefixTransformer, []healthChecker, *kmsState, error) {
+func prefixTransformersAndProbes(ctx context.Context, config apiserver.ResourceConfiguration, apiServerID string) ([]storagevalue.PrefixTransformer, []healthChecker, *kmsState, error) {
var transformers []storagevalue.PrefixTransformer
var probes []healthChecker
var kmsUsed kmsState
@@ -605,7 +598,7 @@ func prefixTransformersAndProbes(ctx context.Context, config apiserverconfig.Res
type blockTransformerFunc func(cipher.Block) (storagevalue.Transformer, error)
-func aesPrefixTransformer(config *apiserverconfig.AESConfiguration, fn blockTransformerFunc, prefix string) (storagevalue.PrefixTransformer, error) {
+func aesPrefixTransformer(config *apiserver.AESConfiguration, fn blockTransformerFunc, prefix string) (storagevalue.PrefixTransformer, error) {
var result storagevalue.PrefixTransformer
if len(config.Keys) == 0 {
@@ -658,7 +651,7 @@ func aesPrefixTransformer(config *apiserverconfig.AESConfiguration, fn blockTran
return result, nil
}
-func secretboxPrefixTransformer(config *apiserverconfig.SecretboxConfiguration) (storagevalue.PrefixTransformer, error) {
+func secretboxPrefixTransformer(config *apiserver.SecretboxConfiguration) (storagevalue.PrefixTransformer, error) {
var result storagevalue.PrefixTransformer
if len(config.Keys) == 0 {
@@ -736,7 +729,7 @@ func (s *kmsState) accumulate(other *kmsState) {
// kmsPrefixTransformer creates a KMS transformer and probe based on the given KMS config.
// It may launch multiple go routines whose lifecycle is controlled by ctx.
// In case of an error, the caller is responsible for canceling ctx to clean up any go routines that may have been launched.
-func kmsPrefixTransformer(ctx context.Context, config *apiserverconfig.KMSConfiguration, apiServerID string) (storagevalue.PrefixTransformer, healthChecker, *kmsState, error) {
+func kmsPrefixTransformer(ctx context.Context, config *apiserver.KMSConfiguration, apiServerID string) (storagevalue.PrefixTransformer, healthChecker, *kmsState, error) {
kmsName := config.Name
switch config.APIVersion {
case kmsAPIVersionV1:
@@ -853,7 +846,7 @@ func primeAndProbeKMSv2(ctx context.Context, probe *kmsv2PluginProbe, kmsName st
})
}
-func envelopePrefixTransformer(config *apiserverconfig.KMSConfiguration, envelopeService envelope.Service, prefix string) storagevalue.PrefixTransformer {
+func envelopePrefixTransformer(config *apiserver.KMSConfiguration, envelopeService envelope.Service, prefix string) storagevalue.PrefixTransformer {
baseTransformerFunc := func(block cipher.Block) (storagevalue.Transformer, error) {
gcm, err := aestransformer.NewGCMTransformer(block)
if err != nil {
@@ -902,7 +895,7 @@ func (u unionTransformers) TransformToStorage(ctx context.Context, data []byte,
// We use a hash instead of the raw file contents when tracking changes to avoid holding any encryption keys in memory outside of their associated transformers.
// This hash must be used in-memory and not externalized to the process because it has no cross-release stability guarantees.
func computeEncryptionConfigHash(data []byte) string {
- return fmt.Sprintf("%x", sha256.Sum256(data))
+ return fmt.Sprintf("k8s:enc:unstable:1:%x", sha256.Sum256(data))
}
var _ storagevalue.ResourceTransformers = &DynamicTransformers{}
diff --git a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/metrics/metrics.go b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/metrics/metrics.go
index 70414035fe..745277002b 100644
--- a/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/metrics/metrics.go
+++ b/vendor/k8s.io/apiserver/pkg/server/options/encryptionconfig/metrics/metrics.go
@@ -32,24 +32,41 @@ const (
)
var (
- encryptionConfigAutomaticReloadFailureTotal = metrics.NewCounterVec(
+ encryptionConfigAutomaticReloadsTotal = metrics.NewCounterVec(
&metrics.CounterOpts{
Namespace: namespace,
Subsystem: subsystem,
- Name: "automatic_reload_failures_total",
- Help: "Total number of failed automatic reloads of encryption configuration split by apiserver identity.",
+ Name: "automatic_reloads_total",
+ Help: "Total number of reload successes and failures of encryption configuration split by apiserver identity.",
StabilityLevel: metrics.ALPHA,
},
+ []string{"status", "apiserver_id_hash"},
+ )
+
+ // deprecatedEncryptionConfigAutomaticReloadFailureTotal has been deprecated in 1.30.0
+ // use encryptionConfigAutomaticReloadsTotal instead
+ deprecatedEncryptionConfigAutomaticReloadFailureTotal = metrics.NewCounterVec(
+ &metrics.CounterOpts{
+ Namespace: namespace,
+ Subsystem: subsystem,
+ Name: "automatic_reload_failures_total",
+ Help: "Total number of failed automatic reloads of encryption configuration split by apiserver identity.",
+ StabilityLevel: metrics.ALPHA,
+ DeprecatedVersion: "1.30.0",
+ },
[]string{"apiserver_id_hash"},
)
- encryptionConfigAutomaticReloadSuccessTotal = metrics.NewCounterVec(
+ // deprecatedEncryptionConfigAutomaticReloadSuccessTotal has been deprecated in 1.30.0
+ // use encryptionConfigAutomaticReloadsTotal instead
+ deprecatedEncryptionConfigAutomaticReloadSuccessTotal = metrics.NewCounterVec(
&metrics.CounterOpts{
- Namespace: namespace,
- Subsystem: subsystem,
- Name: "automatic_reload_success_total",
- Help: "Total number of successful automatic reloads of encryption configuration split by apiserver identity.",
- StabilityLevel: metrics.ALPHA,
+ Namespace: namespace,
+ Subsystem: subsystem,
+ Name: "automatic_reload_success_total",
+ Help: "Total number of successful automatic reloads of encryption configuration split by apiserver identity.",
+ StabilityLevel: metrics.ALPHA,
+ DeprecatedVersion: "1.30.0",
},
[]string{"apiserver_id_hash"},
)
@@ -76,21 +93,24 @@ func RegisterMetrics() {
return sha256.New()
},
}
- legacyregistry.MustRegister(encryptionConfigAutomaticReloadFailureTotal)
- legacyregistry.MustRegister(encryptionConfigAutomaticReloadSuccessTotal)
+ legacyregistry.MustRegister(encryptionConfigAutomaticReloadsTotal)
+ legacyregistry.MustRegister(deprecatedEncryptionConfigAutomaticReloadFailureTotal)
+ legacyregistry.MustRegister(deprecatedEncryptionConfigAutomaticReloadSuccessTotal)
legacyregistry.MustRegister(encryptionConfigAutomaticReloadLastTimestampSeconds)
})
}
func RecordEncryptionConfigAutomaticReloadFailure(apiServerID string) {
apiServerIDHash := getHash(apiServerID)
- encryptionConfigAutomaticReloadFailureTotal.WithLabelValues(apiServerIDHash).Inc()
+ encryptionConfigAutomaticReloadsTotal.WithLabelValues("failure", apiServerIDHash).Inc()
+ deprecatedEncryptionConfigAutomaticReloadFailureTotal.WithLabelValues(apiServerIDHash).Inc()
recordEncryptionConfigAutomaticReloadTimestamp("failure", apiServerIDHash)
}
func RecordEncryptionConfigAutomaticReloadSuccess(apiServerID string) {
apiServerIDHash := getHash(apiServerID)
- encryptionConfigAutomaticReloadSuccessTotal.WithLabelValues(apiServerIDHash).Inc()
+ encryptionConfigAutomaticReloadsTotal.WithLabelValues("success", apiServerIDHash).Inc()
+ deprecatedEncryptionConfigAutomaticReloadSuccessTotal.WithLabelValues(apiServerIDHash).Inc()
recordEncryptionConfigAutomaticReloadTimestamp("success", apiServerIDHash)
}
diff --git a/vendor/k8s.io/apiserver/pkg/server/plugins.go b/vendor/k8s.io/apiserver/pkg/server/plugins.go
index 25acf92dc8..2390446419 100644
--- a/vendor/k8s.io/apiserver/pkg/server/plugins.go
+++ b/vendor/k8s.io/apiserver/pkg/server/plugins.go
@@ -20,7 +20,7 @@ package server
import (
"k8s.io/apiserver/pkg/admission"
"k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle"
- "k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy"
+ validatingadmissionpolicy "k8s.io/apiserver/pkg/admission/plugin/policy/validating"
mutatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/mutating"
validatingwebhook "k8s.io/apiserver/pkg/admission/plugin/webhook/validating"
)
diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go
index 4f40804419..079d197a2c 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go
@@ -44,9 +44,9 @@ import (
utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/client-go/tools/cache"
"k8s.io/component-base/tracing"
-
"k8s.io/klog/v2"
"k8s.io/utils/clock"
+ "k8s.io/utils/ptr"
)
var (
@@ -413,7 +413,7 @@ func NewCacherFromConfig(config Config) (*Cacher, error) {
reflector.MaxInternalErrorRetryDuration = time.Second * 30
// since the watch-list is provided by the watch cache instruct
// the reflector to issue a regular LIST against the store
- reflector.UseWatchList = false
+ reflector.UseWatchList = ptr.To(false)
cacher.watchCache = watchCache
cacher.reflector = reflector
@@ -746,7 +746,7 @@ func (c *Cacher) listItems(ctx context.Context, listRV uint64, key string, pred
}
return nil, readResourceVersion, "", nil
}
- return c.watchCache.WaitUntilFreshAndList(ctx, listRV, pred.MatcherIndex())
+ return c.watchCache.WaitUntilFreshAndList(ctx, listRV, pred.MatcherIndex(ctx))
}
// GetList implements storage.Interface
diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/util.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/util.go
index 7943a93dca..63a23800f0 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/cacher/util.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/util.go
@@ -44,17 +44,3 @@ func hasPathPrefix(s, pathPrefix string) bool {
}
return false
}
-
-func max(a, b int) int {
- if a > b {
- return a
- }
- return b
-}
-
-func min(a, b int) int {
- if a < b {
- return a
- }
- return b
-}
diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go
index c26eb55dac..c27ca053b7 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go
@@ -492,8 +492,7 @@ func (s sortableStoreElements) Swap(i, j int) {
// WaitUntilFreshAndList returns list of pointers to `storeElement` objects along
// with their ResourceVersion and the name of the index, if any, that was used.
-func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion uint64, matchValues []storage.MatchValue) ([]interface{}, uint64, string, error) {
- var err error
+func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion uint64, matchValues []storage.MatchValue) (result []interface{}, rv uint64, index string, err error) {
if utilfeature.DefaultFeatureGate.Enabled(features.ConsistentListFromCache) && w.notFresh(resourceVersion) {
w.waitingUntilFresh.Add()
err = w.waitUntilFreshAndBlock(ctx, resourceVersion)
@@ -501,12 +500,14 @@ func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion
} else {
err = w.waitUntilFreshAndBlock(ctx, resourceVersion)
}
+
+ defer func() { sort.Sort(sortableStoreElements(result)) }()
defer w.RUnlock()
if err != nil {
- return nil, 0, "", err
+ return result, rv, index, err
}
- result, rv, index, err := func() ([]interface{}, uint64, string, error) {
+ result, rv, index, err = func() ([]interface{}, uint64, string, error) {
// This isn't the place where we do "final filtering" - only some "prefiltering" is happening here. So the only
// requirement here is to NOT miss anything that should be returned. We can return as many non-matching items as we
// want - they will be filtered out later. The fact that we return less things is only further performance improvement.
@@ -519,7 +520,6 @@ func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion
return w.store.List(), w.resourceVersion, "", nil
}()
- sort.Sort(sortableStoreElements(result))
return result, rv, index, err
}
diff --git a/vendor/k8s.io/apiserver/pkg/storage/errors.go b/vendor/k8s.io/apiserver/pkg/storage/errors.go
index 5f29097c59..e7e0957489 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/errors.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/errors.go
@@ -33,6 +33,7 @@ const (
ErrCodeResourceVersionConflicts
ErrCodeInvalidObj
ErrCodeUnreachable
+ ErrCodeTimeout
)
var errCodeToMessage = map[int]string{
@@ -41,6 +42,7 @@ var errCodeToMessage = map[int]string{
ErrCodeResourceVersionConflicts: "resource version conflicts",
ErrCodeInvalidObj: "invalid object",
ErrCodeUnreachable: "server unreachable",
+ ErrCodeTimeout: "request timeout",
}
func NewKeyNotFoundError(key string, rv int64) *StorageError {
@@ -75,6 +77,14 @@ func NewUnreachableError(key string, rv int64) *StorageError {
}
}
+func NewTimeoutError(key, msg string) *StorageError {
+ return &StorageError{
+ Code: ErrCodeTimeout,
+ Key: key,
+ AdditionalErrorMsg: msg,
+ }
+}
+
func NewInvalidObjError(key, msg string) *StorageError {
return &StorageError{
Code: ErrCodeInvalidObj,
@@ -115,6 +125,11 @@ func IsConflict(err error) bool {
return isErrCode(err, ErrCodeResourceVersionConflicts)
}
+// IsRequestTimeout returns true if and only if err indicates that the request has timed out.
+func IsRequestTimeout(err error) bool {
+ return isErrCode(err, ErrCodeTimeout)
+}
+
// IsInvalidObj returns true if and only if err is invalid error
func IsInvalidObj(err error) bool {
return isErrCode(err, ErrCodeInvalidObj)
diff --git a/vendor/k8s.io/apiserver/pkg/storage/errors/storage.go b/vendor/k8s.io/apiserver/pkg/storage/errors/storage.go
index 89f3453980..60a6d5cd86 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/errors/storage.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/errors/storage.go
@@ -28,7 +28,7 @@ func InterpretListError(err error, qualifiedResource schema.GroupResource) error
switch {
case storage.IsNotFound(err):
return errors.NewNotFound(qualifiedResource, "")
- case storage.IsUnreachable(err):
+ case storage.IsUnreachable(err), storage.IsRequestTimeout(err):
return errors.NewServerTimeout(qualifiedResource, "list", 2) // TODO: make configurable or handled at a higher level
case storage.IsInternalError(err):
return errors.NewInternalError(err)
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go b/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go
index fadc87d53d..29026e07e0 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go
@@ -84,7 +84,7 @@ var (
},
[]string{"endpoint"},
)
- storageSizeDescription = compbasemetrics.NewDesc("apiserver_storage_size_bytes", "Size of the storage database file physically allocated in bytes.", []string{"cluster"}, nil, compbasemetrics.ALPHA, "")
+ storageSizeDescription = compbasemetrics.NewDesc("apiserver_storage_size_bytes", "Size of the storage database file physically allocated in bytes.", []string{"cluster"}, nil, compbasemetrics.STABLE, "")
storageMonitor = &monitorCollector{monitorGetter: func() ([]Monitor, error) { return nil, nil }}
etcdEventsReceivedCounts = compbasemetrics.NewCounterVec(
&compbasemetrics.CounterOpts{
@@ -167,6 +167,7 @@ func Register() {
legacyregistry.MustRegister(objectCounts)
legacyregistry.MustRegister(dbTotalSize)
legacyregistry.CustomMustRegister(storageMonitor)
+ legacyregistry.MustRegister(etcdEventsReceivedCounts)
legacyregistry.MustRegister(etcdBookmarkCounts)
legacyregistry.MustRegister(etcdLeaseObjectCounts)
legacyregistry.MustRegister(listStorageCount)
diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go b/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go
index 1e5e40d623..ed6ebe4669 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/store.go
@@ -38,6 +38,7 @@ import (
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/watch"
"k8s.io/apiserver/pkg/audit"
+ endpointsrequest "k8s.io/apiserver/pkg/endpoints/request"
"k8s.io/apiserver/pkg/storage"
"k8s.io/apiserver/pkg/storage/etcd3/metrics"
"k8s.io/apiserver/pkg/storage/value"
@@ -584,6 +585,47 @@ func (s *store) Count(key string) (int64, error) {
return getResp.Count, nil
}
+// resolveGetListRev is used by GetList to resolve the rev to use in the client.KV.Get request.
+func (s *store) resolveGetListRev(continueKey string, continueRV int64, opts storage.ListOptions) (int64, error) {
+ var withRev int64
+ // Uses continueRV if this is a continuation request.
+ if len(continueKey) > 0 {
+ if len(opts.ResourceVersion) > 0 && opts.ResourceVersion != "0" {
+ return withRev, apierrors.NewBadRequest("specifying resource version is not allowed when using continue")
+ }
+ // If continueRV > 0, the LIST request needs a specific resource version.
+ // continueRV==0 is invalid.
+ // If continueRV < 0, the request is for the latest resource version.
+ if continueRV > 0 {
+ withRev = continueRV
+ }
+ return withRev, nil
+ }
+ // Returns 0 if ResourceVersion is not specified.
+ if len(opts.ResourceVersion) == 0 {
+ return withRev, nil
+ }
+ parsedRV, err := s.versioner.ParseResourceVersion(opts.ResourceVersion)
+ if err != nil {
+ return withRev, apierrors.NewBadRequest(fmt.Sprintf("invalid resource version: %v", err))
+ }
+
+ switch opts.ResourceVersionMatch {
+ case metav1.ResourceVersionMatchNotOlderThan:
+ // The not older than constraint is checked after we get a response from etcd,
+ // and returnedRV is then set to the revision we get from the etcd response.
+ case metav1.ResourceVersionMatchExact:
+ withRev = int64(parsedRV)
+ case "": // legacy case
+ if opts.Recursive && opts.Predicate.Limit > 0 && parsedRV > 0 {
+ withRev = int64(parsedRV)
+ }
+ default:
+ return withRev, fmt.Errorf("unknown ResourceVersionMatch value: %v", opts.ResourceVersionMatch)
+ }
+ return withRev, nil
+}
+
// GetList implements storage.Interface.
func (s *store) GetList(ctx context.Context, key string, opts storage.ListOptions, listObj runtime.Object) error {
preparedKey, err := s.prepareKey(key)
@@ -636,41 +678,15 @@ func (s *store) GetList(ctx context.Context, key string, opts storage.ListOption
var continueRV, withRev int64
var continueKey string
- switch {
- case opts.Recursive && len(opts.Predicate.Continue) > 0:
+ if opts.Recursive && len(opts.Predicate.Continue) > 0 {
continueKey, continueRV, err = storage.DecodeContinue(opts.Predicate.Continue, keyPrefix)
if err != nil {
return apierrors.NewBadRequest(fmt.Sprintf("invalid continue token: %v", err))
}
-
- if len(opts.ResourceVersion) > 0 && opts.ResourceVersion != "0" {
- return apierrors.NewBadRequest("specifying resource version is not allowed when using continue")
- }
preparedKey = continueKey
- // If continueRV > 0, the LIST request needs a specific resource version.
- // continueRV==0 is invalid.
- // If continueRV < 0, the request is for the latest resource version.
- if continueRV > 0 {
- withRev = continueRV
- }
- case len(opts.ResourceVersion) > 0:
- parsedRV, err := s.versioner.ParseResourceVersion(opts.ResourceVersion)
- if err != nil {
- return apierrors.NewBadRequest(fmt.Sprintf("invalid resource version: %v", err))
- }
- switch opts.ResourceVersionMatch {
- case metav1.ResourceVersionMatchNotOlderThan:
- // The not older than constraint is checked after we get a response from etcd,
- // and returnedRV is then set to the revision we get from the etcd response.
- case metav1.ResourceVersionMatchExact:
- withRev = int64(parsedRV)
- case "": // legacy case
- if opts.Recursive && opts.Predicate.Limit > 0 && parsedRV > 0 {
- withRev = int64(parsedRV)
- }
- default:
- return fmt.Errorf("unknown ResourceVersionMatch value: %v", opts.ResourceVersionMatch)
- }
+ }
+ if withRev, err = s.resolveGetListRev(continueKey, continueRV, opts); err != nil {
+ return err
}
if withRev != 0 {
@@ -738,10 +754,25 @@ func (s *store) GetList(ctx context.Context, key string, opts storage.ListOption
return storage.NewInternalErrorf("unable to transform key %q: %v", kv.Key, err)
}
- if err := appendListItem(v, data, uint64(kv.ModRevision), opts.Predicate, s.codec, s.versioner, newItemFunc); err != nil {
+ // Check if the request has already timed out before decode object
+ select {
+ case <-ctx.Done():
+ // parent context is canceled or timed out, no point in continuing
+ return storage.NewTimeoutError(string(kv.Key), "request did not complete within requested timeout")
+ default:
+ }
+
+ obj, err := decodeListItem(ctx, data, uint64(kv.ModRevision), s.codec, s.versioner, newItemFunc)
+ if err != nil {
recordDecodeError(s.groupResourceString, string(kv.Key))
return err
}
+
+ // being unable to set the version does not prevent the object from being extracted
+ if matched, err := opts.Predicate.Matches(obj); err == nil && matched {
+ v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
+ }
+
numEvald++
// free kv early. Long lists can take O(seconds) to decode.
@@ -1015,20 +1046,23 @@ func decode(codec runtime.Codec, versioner storage.Versioner, value []byte, objP
return nil
}
-// appendListItem decodes and appends the object (if it passes filter) to v, which must be a slice.
-func appendListItem(v reflect.Value, data []byte, rev uint64, pred storage.SelectionPredicate, codec runtime.Codec, versioner storage.Versioner, newItemFunc func() runtime.Object) error {
+// decodeListItem decodes bytes value in array into object.
+func decodeListItem(ctx context.Context, data []byte, rev uint64, codec runtime.Codec, versioner storage.Versioner, newItemFunc func() runtime.Object) (runtime.Object, error) {
+ startedAt := time.Now()
+ defer func() {
+ endpointsrequest.TrackDecodeLatency(ctx, time.Since(startedAt))
+ }()
+
obj, _, err := codec.Decode(data, nil, newItemFunc())
if err != nil {
- return err
+ return nil, err
}
- // being unable to set the version does not prevent the object from being extracted
+
if err := versioner.UpdateObject(obj, rev); err != nil {
klog.Errorf("failed to update object version: %v", err)
}
- if matched, err := pred.Matches(obj); err == nil && matched {
- v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
- }
- return nil
+
+ return obj, nil
}
// recordDecodeError record decode error split by object type.
diff --git a/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go b/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go
index a0a14366f2..e652845c28 100644
--- a/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go
+++ b/vendor/k8s.io/apiserver/pkg/storage/selection_predicate.go
@@ -17,10 +17,13 @@ limitations under the License.
package storage
import (
+ "context"
+
"k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/fields"
"k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apiserver/pkg/endpoints/request"
)
// AttrFunc returns label and field sets and the uninitialized flag for List or Watch to match.
@@ -145,11 +148,16 @@ func (s *SelectionPredicate) Empty() bool {
// For any index defined by IndexFields, if a matcher can match only (a subset)
// of objects that return for a given index, a pair (, )
// wil be returned.
-func (s *SelectionPredicate) MatcherIndex() []MatchValue {
+func (s *SelectionPredicate) MatcherIndex(ctx context.Context) []MatchValue {
var result []MatchValue
for _, field := range s.IndexFields {
if value, ok := s.Field.RequiresExactMatch(field); ok {
result = append(result, MatchValue{IndexName: FieldIndex(field), Value: value})
+ } else if field == "metadata.namespace" {
+ // list pods in the namespace. i.e. /api/v1/namespaces/default/pods
+ if namespace, isNamespaceScope := isNamespaceScopedRequest(ctx); isNamespaceScope {
+ result = append(result, MatchValue{IndexName: FieldIndex(field), Value: namespace})
+ }
}
}
for _, label := range s.IndexLabels {
@@ -160,6 +168,14 @@ func (s *SelectionPredicate) MatcherIndex() []MatchValue {
return result
}
+func isNamespaceScopedRequest(ctx context.Context) (string, bool) {
+ re, _ := request.RequestInfoFrom(ctx)
+ if re == nil || len(re.Namespace) == 0 {
+ return "", false
+ }
+ return re.Namespace, true
+}
+
// LabelIndex add prefix for label index.
func LabelIndex(label string) string {
return "l:" + label
diff --git a/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/doc.go b/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/doc.go
index fc30ebfd5b..0cbe499cd0 100644
--- a/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/doc.go
+++ b/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/doc.go
@@ -116,4 +116,4 @@ limitations under the License.
// queue’s virtual start time is advanced by G. When a request
// finishes being served, and the actual service time was S, the
// queue’s virtual start time is decremented by G - S.
-package queueset
+package queueset // import "k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset"
diff --git a/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/queueset.go b/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/queueset.go
index b675bb5453..6d911ee2eb 100644
--- a/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/queueset.go
+++ b/vendor/k8s.io/apiserver/pkg/util/flowcontrol/fairqueuing/queueset/queueset.go
@@ -33,11 +33,6 @@ import (
fqrequest "k8s.io/apiserver/pkg/util/flowcontrol/request"
"k8s.io/apiserver/pkg/util/shufflesharding"
"k8s.io/klog/v2"
-
- // The following hack is needed to work around a tooling deficiency.
- // Packages imported only for test code are not included in vendor.
- // See https://kubernetes.slack.com/archives/C0EG7JC6T/p1626985671458800?thread_ts=1626983387.450800&cid=C0EG7JC6T
- _ "k8s.io/utils/clock/testing"
)
const nsTimeFmt = "2006-01-02 15:04:05.000000000"
@@ -792,11 +787,11 @@ func (qs *queueSet) findDispatchQueueToBoundLocked() (*queue, *request) {
queue := qs.queues[qs.robinIndex]
oldestWaiting, _ := queue.requestsWaiting.Peek()
if oldestWaiting != nil {
- sMin = ssMin(sMin, queue.nextDispatchR)
- sMax = ssMax(sMax, queue.nextDispatchR)
+ sMin = min(sMin, queue.nextDispatchR)
+ sMax = max(sMax, queue.nextDispatchR)
estimatedWorkInProgress := fqrequest.SeatsTimesDuration(float64(queue.seatsInUse), qs.estimatedServiceDuration)
- dsMin = ssMin(dsMin, queue.nextDispatchR-estimatedWorkInProgress)
- dsMax = ssMax(dsMax, queue.nextDispatchR-estimatedWorkInProgress)
+ dsMin = min(dsMin, queue.nextDispatchR-estimatedWorkInProgress)
+ dsMax = max(dsMax, queue.nextDispatchR-estimatedWorkInProgress)
currentVirtualFinish := queue.nextDispatchR + oldestWaiting.totalWork()
klog.V(11).InfoS("Considering queue to dispatch", "queueSet", qs.qCfg.Name, "queue", qs.robinIndex, "finishR", currentVirtualFinish)
if currentVirtualFinish < minVirtualFinish {
@@ -848,20 +843,6 @@ func (qs *queueSet) findDispatchQueueToBoundLocked() (*queue, *request) {
return minQueue, oldestReqFromMinQueue
}
-func ssMin(a, b fqrequest.SeatSeconds) fqrequest.SeatSeconds {
- if a > b {
- return b
- }
- return a
-}
-
-func ssMax(a, b fqrequest.SeatSeconds) fqrequest.SeatSeconds {
- if a < b {
- return b
- }
- return a
-}
-
// finishRequestAndDispatchAsMuchAsPossible is a convenience method
// which calls finishRequest for a given request and then dispatches
// as many requests as possible. This is all of what needs to be done
diff --git a/vendor/k8s.io/apiserver/pkg/util/webhook/client.go b/vendor/k8s.io/apiserver/pkg/util/webhook/client.go
index ec3585b45a..63ea4e2666 100644
--- a/vendor/k8s.io/apiserver/pkg/util/webhook/client.go
+++ b/vendor/k8s.io/apiserver/pkg/util/webhook/client.go
@@ -24,6 +24,7 @@ import (
"net"
"net/url"
"strconv"
+ "strings"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
@@ -32,6 +33,7 @@ import (
"k8s.io/apiserver/pkg/util/x509metrics"
"k8s.io/client-go/rest"
"k8s.io/utils/lru"
+ netutils "k8s.io/utils/net"
)
const (
@@ -128,7 +130,20 @@ func (cm *ClientManager) HookClient(cc ClientConfig) (*rest.RESTClient, error) {
return client.(*rest.RESTClient), nil
}
- complete := func(cfg *rest.Config) (*rest.RESTClient, error) {
+ cfg, err := cm.hookClientConfig(cc)
+ if err != nil {
+ return nil, err
+ }
+
+ client, err := rest.UnversionedRESTClientFor(cfg)
+ if err == nil {
+ cm.cache.Add(string(cacheKey), client)
+ }
+ return client, err
+}
+
+func (cm *ClientManager) hookClientConfig(cc ClientConfig) (*rest.Config, error) {
+ complete := func(cfg *rest.Config) (*rest.Config, error) {
// Avoid client-side rate limiting talking to the webhook backend.
// Rate limiting should happen when deciding how many requests to serve.
cfg.QPS = -1
@@ -139,11 +154,6 @@ func (cm *ClientManager) HookClient(cc ClientConfig) (*rest.RESTClient, error) {
}
cfg.TLSClientConfig.CAData = append(cfg.TLSClientConfig.CAData, cc.CABundle...)
- // Use http/1.1 instead of http/2.
- // This is a workaround for http/2-enabled clients not load-balancing concurrent requests to multiple backends.
- // See https://issue.k8s.io/75791 for details.
- cfg.NextProtos = []string{"http/1.1"}
-
cfg.ContentConfig.NegotiatedSerializer = cm.negotiatedSerializer
cfg.ContentConfig.ContentType = runtime.ContentTypeJSON
@@ -153,12 +163,7 @@ func (cm *ClientManager) HookClient(cc ClientConfig) (*rest.RESTClient, error) {
x509MissingSANCounter,
x509InsecureSHA1Counter,
))
-
- client, err := rest.UnversionedRESTClientFor(cfg)
- if err == nil {
- cm.cache.Add(string(cacheKey), client)
- }
- return client, err
+ return cfg, nil
}
if cc.Service != nil {
@@ -173,6 +178,12 @@ func (cm *ClientManager) HookClient(cc ClientConfig) (*rest.RESTClient, error) {
return nil, err
}
cfg := rest.CopyConfig(restConfig)
+
+ // Use http/1.1 instead of http/2.
+ // This is a workaround for http/2-enabled clients not load-balancing concurrent requests to multiple backends.
+ // See https://issue.k8s.io/75791 for details.
+ cfg.NextProtos = []string{"http/1.1"}
+
serverName := cc.Service.Name + "." + cc.Service.Namespace + ".svc"
host := net.JoinHostPort(serverName, strconv.Itoa(int(port)))
@@ -225,6 +236,22 @@ func (cm *ClientManager) HookClient(cc ClientConfig) (*rest.RESTClient, error) {
cfg := rest.CopyConfig(restConfig)
cfg.Host = u.Scheme + "://" + u.Host
cfg.APIPath = u.Path
+ if !isLocalHost(u) {
+ cfg.NextProtos = []string{"http/1.1"}
+ }
return complete(cfg)
}
+
+func isLocalHost(u *url.URL) bool {
+ host := u.Hostname()
+ if strings.EqualFold(host, "localhost") {
+ return true
+ }
+
+ netIP := netutils.ParseIPSloppy(host)
+ if netIP != nil {
+ return netIP.IsLoopback()
+ }
+ return false
+}
diff --git a/vendor/k8s.io/client-go/dynamic/fake/simple.go b/vendor/k8s.io/client-go/dynamic/fake/simple.go
new file mode 100644
index 0000000000..5d0a6f69f2
--- /dev/null
+++ b/vendor/k8s.io/client-go/dynamic/fake/simple.go
@@ -0,0 +1,539 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fake
+
+import (
+ "context"
+ "fmt"
+ "strings"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/labels"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/watch"
+ "k8s.io/client-go/dynamic"
+ "k8s.io/client-go/testing"
+)
+
+func NewSimpleDynamicClient(scheme *runtime.Scheme, objects ...runtime.Object) *FakeDynamicClient {
+ unstructuredScheme := runtime.NewScheme()
+ for gvk := range scheme.AllKnownTypes() {
+ if unstructuredScheme.Recognizes(gvk) {
+ continue
+ }
+ if strings.HasSuffix(gvk.Kind, "List") {
+ unstructuredScheme.AddKnownTypeWithName(gvk, &unstructured.UnstructuredList{})
+ continue
+ }
+ unstructuredScheme.AddKnownTypeWithName(gvk, &unstructured.Unstructured{})
+ }
+
+ objects, err := convertObjectsToUnstructured(scheme, objects)
+ if err != nil {
+ panic(err)
+ }
+
+ for _, obj := range objects {
+ gvk := obj.GetObjectKind().GroupVersionKind()
+ if !unstructuredScheme.Recognizes(gvk) {
+ unstructuredScheme.AddKnownTypeWithName(gvk, &unstructured.Unstructured{})
+ }
+ gvk.Kind += "List"
+ if !unstructuredScheme.Recognizes(gvk) {
+ unstructuredScheme.AddKnownTypeWithName(gvk, &unstructured.UnstructuredList{})
+ }
+ }
+
+ return NewSimpleDynamicClientWithCustomListKinds(unstructuredScheme, nil, objects...)
+}
+
+// NewSimpleDynamicClientWithCustomListKinds try not to use this. In general you want to have the scheme have the List types registered
+// and allow the default guessing for resources match. Sometimes that doesn't work, so you can specify a custom mapping here.
+func NewSimpleDynamicClientWithCustomListKinds(scheme *runtime.Scheme, gvrToListKind map[schema.GroupVersionResource]string, objects ...runtime.Object) *FakeDynamicClient {
+ // In order to use List with this client, you have to have your lists registered so that the object tracker will find them
+ // in the scheme to support the t.scheme.New(listGVK) call when it's building the return value.
+ // Since the base fake client needs the listGVK passed through the action (in cases where there are no instances, it
+ // cannot look up the actual hits), we need to know a mapping of GVR to listGVK here. For GETs and other types of calls,
+ // there is no return value that contains a GVK, so it doesn't have to know the mapping in advance.
+
+ // first we attempt to invert known List types from the scheme to auto guess the resource with unsafe guesses
+ // this covers common usage of registering types in scheme and passing them
+ completeGVRToListKind := map[schema.GroupVersionResource]string{}
+ for listGVK := range scheme.AllKnownTypes() {
+ if !strings.HasSuffix(listGVK.Kind, "List") {
+ continue
+ }
+ nonListGVK := listGVK.GroupVersion().WithKind(listGVK.Kind[:len(listGVK.Kind)-4])
+ plural, _ := meta.UnsafeGuessKindToResource(nonListGVK)
+ completeGVRToListKind[plural] = listGVK.Kind
+ }
+
+ for gvr, listKind := range gvrToListKind {
+ if !strings.HasSuffix(listKind, "List") {
+ panic("coding error, listGVK must end in List or this fake client doesn't work right")
+ }
+ listGVK := gvr.GroupVersion().WithKind(listKind)
+
+ // if we already have this type registered, just skip it
+ if _, err := scheme.New(listGVK); err == nil {
+ completeGVRToListKind[gvr] = listKind
+ continue
+ }
+
+ scheme.AddKnownTypeWithName(listGVK, &unstructured.UnstructuredList{})
+ completeGVRToListKind[gvr] = listKind
+ }
+
+ codecs := serializer.NewCodecFactory(scheme)
+ o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder())
+ for _, obj := range objects {
+ if err := o.Add(obj); err != nil {
+ panic(err)
+ }
+ }
+
+ cs := &FakeDynamicClient{scheme: scheme, gvrToListKind: completeGVRToListKind, tracker: o}
+ cs.AddReactor("*", "*", testing.ObjectReaction(o))
+ cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) {
+ gvr := action.GetResource()
+ ns := action.GetNamespace()
+ watch, err := o.Watch(gvr, ns)
+ if err != nil {
+ return false, nil, err
+ }
+ return true, watch, nil
+ })
+
+ return cs
+}
+
+// Clientset implements clientset.Interface. Meant to be embedded into a
+// struct to get a default implementation. This makes faking out just the method
+// you want to test easier.
+type FakeDynamicClient struct {
+ testing.Fake
+ scheme *runtime.Scheme
+ gvrToListKind map[schema.GroupVersionResource]string
+ tracker testing.ObjectTracker
+}
+
+type dynamicResourceClient struct {
+ client *FakeDynamicClient
+ namespace string
+ resource schema.GroupVersionResource
+ listKind string
+}
+
+var (
+ _ dynamic.Interface = &FakeDynamicClient{}
+ _ testing.FakeClient = &FakeDynamicClient{}
+)
+
+func (c *FakeDynamicClient) Tracker() testing.ObjectTracker {
+ return c.tracker
+}
+
+func (c *FakeDynamicClient) Resource(resource schema.GroupVersionResource) dynamic.NamespaceableResourceInterface {
+ return &dynamicResourceClient{client: c, resource: resource, listKind: c.gvrToListKind[resource]}
+}
+
+func (c *dynamicResourceClient) Namespace(ns string) dynamic.ResourceInterface {
+ ret := *c
+ ret.namespace = ns
+ return &ret
+}
+
+func (c *dynamicResourceClient) Create(ctx context.Context, obj *unstructured.Unstructured, opts metav1.CreateOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ var uncastRet runtime.Object
+ var err error
+ switch {
+ case len(c.namespace) == 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootCreateAction(c.resource, obj), obj)
+
+ case len(c.namespace) == 0 && len(subresources) > 0:
+ var accessor metav1.Object // avoid shadowing err
+ accessor, err = meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ name := accessor.GetName()
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootCreateSubresourceAction(c.resource, name, strings.Join(subresources, "/"), obj), obj)
+
+ case len(c.namespace) > 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewCreateAction(c.resource, c.namespace, obj), obj)
+
+ case len(c.namespace) > 0 && len(subresources) > 0:
+ var accessor metav1.Object // avoid shadowing err
+ accessor, err = meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ name := accessor.GetName()
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewCreateSubresourceAction(c.resource, name, strings.Join(subresources, "/"), c.namespace, obj), obj)
+
+ }
+
+ if err != nil {
+ return nil, err
+ }
+ if uncastRet == nil {
+ return nil, err
+ }
+
+ ret := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(uncastRet, ret, nil); err != nil {
+ return nil, err
+ }
+ return ret, err
+}
+
+func (c *dynamicResourceClient) Update(ctx context.Context, obj *unstructured.Unstructured, opts metav1.UpdateOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ var uncastRet runtime.Object
+ var err error
+ switch {
+ case len(c.namespace) == 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootUpdateAction(c.resource, obj), obj)
+
+ case len(c.namespace) == 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootUpdateSubresourceAction(c.resource, strings.Join(subresources, "/"), obj), obj)
+
+ case len(c.namespace) > 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewUpdateAction(c.resource, c.namespace, obj), obj)
+
+ case len(c.namespace) > 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewUpdateSubresourceAction(c.resource, strings.Join(subresources, "/"), c.namespace, obj), obj)
+
+ }
+
+ if err != nil {
+ return nil, err
+ }
+ if uncastRet == nil {
+ return nil, err
+ }
+
+ ret := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(uncastRet, ret, nil); err != nil {
+ return nil, err
+ }
+ return ret, err
+}
+
+func (c *dynamicResourceClient) UpdateStatus(ctx context.Context, obj *unstructured.Unstructured, opts metav1.UpdateOptions) (*unstructured.Unstructured, error) {
+ var uncastRet runtime.Object
+ var err error
+ switch {
+ case len(c.namespace) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootUpdateSubresourceAction(c.resource, "status", obj), obj)
+
+ case len(c.namespace) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewUpdateSubresourceAction(c.resource, "status", c.namespace, obj), obj)
+
+ }
+
+ if err != nil {
+ return nil, err
+ }
+ if uncastRet == nil {
+ return nil, err
+ }
+
+ ret := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(uncastRet, ret, nil); err != nil {
+ return nil, err
+ }
+ return ret, err
+}
+
+func (c *dynamicResourceClient) Delete(ctx context.Context, name string, opts metav1.DeleteOptions, subresources ...string) error {
+ var err error
+ switch {
+ case len(c.namespace) == 0 && len(subresources) == 0:
+ _, err = c.client.Fake.
+ Invokes(testing.NewRootDeleteAction(c.resource, name), &metav1.Status{Status: "dynamic delete fail"})
+
+ case len(c.namespace) == 0 && len(subresources) > 0:
+ _, err = c.client.Fake.
+ Invokes(testing.NewRootDeleteSubresourceAction(c.resource, strings.Join(subresources, "/"), name), &metav1.Status{Status: "dynamic delete fail"})
+
+ case len(c.namespace) > 0 && len(subresources) == 0:
+ _, err = c.client.Fake.
+ Invokes(testing.NewDeleteAction(c.resource, c.namespace, name), &metav1.Status{Status: "dynamic delete fail"})
+
+ case len(c.namespace) > 0 && len(subresources) > 0:
+ _, err = c.client.Fake.
+ Invokes(testing.NewDeleteSubresourceAction(c.resource, strings.Join(subresources, "/"), c.namespace, name), &metav1.Status{Status: "dynamic delete fail"})
+ }
+
+ return err
+}
+
+func (c *dynamicResourceClient) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOptions metav1.ListOptions) error {
+ var err error
+ switch {
+ case len(c.namespace) == 0:
+ action := testing.NewRootDeleteCollectionAction(c.resource, listOptions)
+ _, err = c.client.Fake.Invokes(action, &metav1.Status{Status: "dynamic deletecollection fail"})
+
+ case len(c.namespace) > 0:
+ action := testing.NewDeleteCollectionAction(c.resource, c.namespace, listOptions)
+ _, err = c.client.Fake.Invokes(action, &metav1.Status{Status: "dynamic deletecollection fail"})
+
+ }
+
+ return err
+}
+
+func (c *dynamicResourceClient) Get(ctx context.Context, name string, opts metav1.GetOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ var uncastRet runtime.Object
+ var err error
+ switch {
+ case len(c.namespace) == 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootGetAction(c.resource, name), &metav1.Status{Status: "dynamic get fail"})
+
+ case len(c.namespace) == 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootGetSubresourceAction(c.resource, strings.Join(subresources, "/"), name), &metav1.Status{Status: "dynamic get fail"})
+
+ case len(c.namespace) > 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewGetAction(c.resource, c.namespace, name), &metav1.Status{Status: "dynamic get fail"})
+
+ case len(c.namespace) > 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewGetSubresourceAction(c.resource, c.namespace, strings.Join(subresources, "/"), name), &metav1.Status{Status: "dynamic get fail"})
+ }
+
+ if err != nil {
+ return nil, err
+ }
+ if uncastRet == nil {
+ return nil, err
+ }
+
+ ret := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(uncastRet, ret, nil); err != nil {
+ return nil, err
+ }
+ return ret, err
+}
+
+func (c *dynamicResourceClient) List(ctx context.Context, opts metav1.ListOptions) (*unstructured.UnstructuredList, error) {
+ if len(c.listKind) == 0 {
+ panic(fmt.Sprintf("coding error: you must register resource to list kind for every resource you're going to LIST when creating the client. See NewSimpleDynamicClientWithCustomListKinds or register the list into the scheme: %v out of %v", c.resource, c.client.gvrToListKind))
+ }
+ listGVK := c.resource.GroupVersion().WithKind(c.listKind)
+ listForFakeClientGVK := c.resource.GroupVersion().WithKind(c.listKind[:len(c.listKind)-4]) /*base library appends List*/
+
+ var obj runtime.Object
+ var err error
+ switch {
+ case len(c.namespace) == 0:
+ obj, err = c.client.Fake.
+ Invokes(testing.NewRootListAction(c.resource, listForFakeClientGVK, opts), &metav1.Status{Status: "dynamic list fail"})
+
+ case len(c.namespace) > 0:
+ obj, err = c.client.Fake.
+ Invokes(testing.NewListAction(c.resource, listForFakeClientGVK, c.namespace, opts), &metav1.Status{Status: "dynamic list fail"})
+
+ }
+
+ if obj == nil {
+ return nil, err
+ }
+
+ label, _, _ := testing.ExtractFromListOptions(opts)
+ if label == nil {
+ label = labels.Everything()
+ }
+
+ retUnstructured := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(obj, retUnstructured, nil); err != nil {
+ return nil, err
+ }
+ entireList, err := retUnstructured.ToList()
+ if err != nil {
+ return nil, err
+ }
+
+ list := &unstructured.UnstructuredList{}
+ list.SetRemainingItemCount(entireList.GetRemainingItemCount())
+ list.SetResourceVersion(entireList.GetResourceVersion())
+ list.SetContinue(entireList.GetContinue())
+ list.GetObjectKind().SetGroupVersionKind(listGVK)
+ for i := range entireList.Items {
+ item := &entireList.Items[i]
+ metadata, err := meta.Accessor(item)
+ if err != nil {
+ return nil, err
+ }
+ if label.Matches(labels.Set(metadata.GetLabels())) {
+ list.Items = append(list.Items, *item)
+ }
+ }
+ return list, nil
+}
+
+func (c *dynamicResourceClient) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
+ switch {
+ case len(c.namespace) == 0:
+ return c.client.Fake.
+ InvokesWatch(testing.NewRootWatchAction(c.resource, opts))
+
+ case len(c.namespace) > 0:
+ return c.client.Fake.
+ InvokesWatch(testing.NewWatchAction(c.resource, c.namespace, opts))
+
+ }
+
+ panic("math broke")
+}
+
+// TODO: opts are currently ignored.
+func (c *dynamicResourceClient) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ var uncastRet runtime.Object
+ var err error
+ switch {
+ case len(c.namespace) == 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootPatchAction(c.resource, name, pt, data), &metav1.Status{Status: "dynamic patch fail"})
+
+ case len(c.namespace) == 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootPatchSubresourceAction(c.resource, name, pt, data, subresources...), &metav1.Status{Status: "dynamic patch fail"})
+
+ case len(c.namespace) > 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewPatchAction(c.resource, c.namespace, name, pt, data), &metav1.Status{Status: "dynamic patch fail"})
+
+ case len(c.namespace) > 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewPatchSubresourceAction(c.resource, c.namespace, name, pt, data, subresources...), &metav1.Status{Status: "dynamic patch fail"})
+
+ }
+
+ if err != nil {
+ return nil, err
+ }
+ if uncastRet == nil {
+ return nil, err
+ }
+
+ ret := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(uncastRet, ret, nil); err != nil {
+ return nil, err
+ }
+ return ret, err
+}
+
+// TODO: opts are currently ignored.
+func (c *dynamicResourceClient) Apply(ctx context.Context, name string, obj *unstructured.Unstructured, options metav1.ApplyOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ outBytes, err := runtime.Encode(unstructured.UnstructuredJSONScheme, obj)
+ if err != nil {
+ return nil, err
+ }
+ var uncastRet runtime.Object
+ switch {
+ case len(c.namespace) == 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootPatchAction(c.resource, name, types.ApplyPatchType, outBytes), &metav1.Status{Status: "dynamic patch fail"})
+
+ case len(c.namespace) == 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewRootPatchSubresourceAction(c.resource, name, types.ApplyPatchType, outBytes, subresources...), &metav1.Status{Status: "dynamic patch fail"})
+
+ case len(c.namespace) > 0 && len(subresources) == 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewPatchAction(c.resource, c.namespace, name, types.ApplyPatchType, outBytes), &metav1.Status{Status: "dynamic patch fail"})
+
+ case len(c.namespace) > 0 && len(subresources) > 0:
+ uncastRet, err = c.client.Fake.
+ Invokes(testing.NewPatchSubresourceAction(c.resource, c.namespace, name, types.ApplyPatchType, outBytes, subresources...), &metav1.Status{Status: "dynamic patch fail"})
+
+ }
+
+ if err != nil {
+ return nil, err
+ }
+ if uncastRet == nil {
+ return nil, err
+ }
+
+ ret := &unstructured.Unstructured{}
+ if err := c.client.scheme.Convert(uncastRet, ret, nil); err != nil {
+ return nil, err
+ }
+ return ret, nil
+}
+
+func (c *dynamicResourceClient) ApplyStatus(ctx context.Context, name string, obj *unstructured.Unstructured, options metav1.ApplyOptions) (*unstructured.Unstructured, error) {
+ return c.Apply(ctx, name, obj, options, "status")
+}
+
+func convertObjectsToUnstructured(s *runtime.Scheme, objs []runtime.Object) ([]runtime.Object, error) {
+ ul := make([]runtime.Object, 0, len(objs))
+
+ for _, obj := range objs {
+ u, err := convertToUnstructured(s, obj)
+ if err != nil {
+ return nil, err
+ }
+
+ ul = append(ul, u)
+ }
+ return ul, nil
+}
+
+func convertToUnstructured(s *runtime.Scheme, obj runtime.Object) (runtime.Object, error) {
+ var (
+ err error
+ u unstructured.Unstructured
+ )
+
+ u.Object, err = runtime.DefaultUnstructuredConverter.ToUnstructured(obj)
+ if err != nil {
+ return nil, fmt.Errorf("failed to convert to unstructured: %w", err)
+ }
+
+ gvk := u.GroupVersionKind()
+ if gvk.Group == "" || gvk.Kind == "" {
+ gvks, _, err := s.ObjectKinds(obj)
+ if err != nil {
+ return nil, fmt.Errorf("failed to convert to unstructured - unable to get GVK %w", err)
+ }
+ apiv, k := gvks[0].ToAPIVersionAndKind()
+ u.SetAPIVersion(apiv)
+ u.SetKind(k)
+ }
+ return &u, nil
+}
diff --git a/vendor/k8s.io/client-go/informers/doc.go b/vendor/k8s.io/client-go/informers/doc.go
index 231bffb69b..f37c3e4d01 100644
--- a/vendor/k8s.io/client-go/informers/doc.go
+++ b/vendor/k8s.io/client-go/informers/doc.go
@@ -15,4 +15,4 @@ limitations under the License.
*/
// Package informers provides generated informers for Kubernetes APIs.
-package informers
+package informers // import "k8s.io/client-go/informers"
diff --git a/vendor/k8s.io/client-go/kubernetes/doc.go b/vendor/k8s.io/client-go/kubernetes/doc.go
index 9cef4242f2..e052f81b85 100644
--- a/vendor/k8s.io/client-go/kubernetes/doc.go
+++ b/vendor/k8s.io/client-go/kubernetes/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
// Package kubernetes holds packages which implement a clientset for Kubernetes
// APIs.
-package kubernetes
+package kubernetes // import "k8s.io/client-go/kubernetes"
diff --git a/vendor/k8s.io/client-go/tools/cache/index.go b/vendor/k8s.io/client-go/tools/cache/index.go
index b78d3086b8..c5819fb6f8 100644
--- a/vendor/k8s.io/client-go/tools/cache/index.go
+++ b/vendor/k8s.io/client-go/tools/cache/index.go
@@ -50,8 +50,7 @@ type Indexer interface {
// GetIndexers return the indexers
GetIndexers() Indexers
- // AddIndexers adds more indexers to this store. If you call this after you already have data
- // in the store, the results are undefined.
+ // AddIndexers adds more indexers to this store. This supports adding indexes after the store already has items.
AddIndexers(newIndexers Indexers) error
}
diff --git a/vendor/k8s.io/client-go/tools/cache/reflector.go b/vendor/k8s.io/client-go/tools/cache/reflector.go
index c1ea13de57..f733e244cc 100644
--- a/vendor/k8s.io/client-go/tools/cache/reflector.go
+++ b/vendor/k8s.io/client-go/tools/cache/reflector.go
@@ -43,6 +43,7 @@ import (
"k8s.io/klog/v2"
"k8s.io/utils/clock"
"k8s.io/utils/pointer"
+ "k8s.io/utils/ptr"
"k8s.io/utils/trace"
)
@@ -107,7 +108,9 @@ type Reflector struct {
// might result in an increased memory consumption of the APIServer.
//
// See https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/3157-watch-list#design-details
- UseWatchList bool
+ //
+ // TODO(#115478): Consider making reflector.UseWatchList a private field. Since we implemented "api streaming" on the etcd storage layer it should work.
+ UseWatchList *bool
}
// ResourceVersionUpdater is an interface that allows store implementation to
@@ -237,8 +240,12 @@ func NewReflectorWithOptions(lw ListerWatcher, expectedType interface{}, store S
r.expectedGVK = getExpectedGVKFromObject(expectedType)
}
- if s := os.Getenv("ENABLE_CLIENT_GO_WATCH_LIST_ALPHA"); len(s) > 0 {
- r.UseWatchList = true
+ // don't overwrite UseWatchList if already set
+ // because the higher layers (e.g. storage/cacher) disabled it on purpose
+ if r.UseWatchList == nil {
+ if s := os.Getenv("ENABLE_CLIENT_GO_WATCH_LIST_ALPHA"); len(s) > 0 {
+ r.UseWatchList = ptr.To(true)
+ }
}
return r
@@ -325,9 +332,10 @@ func (r *Reflector) ListAndWatch(stopCh <-chan struct{}) error {
klog.V(3).Infof("Listing and watching %v from %s", r.typeDescription, r.name)
var err error
var w watch.Interface
- fallbackToList := !r.UseWatchList
+ useWatchList := ptr.Deref(r.UseWatchList, false)
+ fallbackToList := !useWatchList
- if r.UseWatchList {
+ if useWatchList {
w, err = r.watchList(stopCh)
if w == nil && err == nil {
// stopCh was closed
diff --git a/vendor/k8s.io/client-go/tools/cache/shared_informer.go b/vendor/k8s.io/client-go/tools/cache/shared_informer.go
index b3f37431d5..a06df6e6e7 100644
--- a/vendor/k8s.io/client-go/tools/cache/shared_informer.go
+++ b/vendor/k8s.io/client-go/tools/cache/shared_informer.go
@@ -540,8 +540,8 @@ func (s *sharedIndexInformer) AddIndexers(indexers Indexers) error {
s.startedLock.Lock()
defer s.startedLock.Unlock()
- if s.started {
- return fmt.Errorf("informer has already started")
+ if s.stopped {
+ return fmt.Errorf("indexer was not added because it has stopped already")
}
return s.indexer.AddIndexers(indexers)
diff --git a/vendor/k8s.io/client-go/tools/cache/thread_safe_store.go b/vendor/k8s.io/client-go/tools/cache/thread_safe_store.go
index 145e93ee53..7a4df0e1ba 100644
--- a/vendor/k8s.io/client-go/tools/cache/thread_safe_store.go
+++ b/vendor/k8s.io/client-go/tools/cache/thread_safe_store.go
@@ -52,8 +52,7 @@ type ThreadSafeStore interface {
ByIndex(indexName, indexedValue string) ([]interface{}, error)
GetIndexers() Indexers
- // AddIndexers adds more indexers to this store. If you call this after you already have data
- // in the store, the results are undefined.
+ // AddIndexers adds more indexers to this store. This supports adding indexes after the store already has items.
AddIndexers(newIndexers Indexers) error
// Resync is a no-op and is deprecated
Resync() error
@@ -135,50 +134,66 @@ func (i *storeIndex) addIndexers(newIndexers Indexers) error {
return nil
}
-// updateIndices modifies the objects location in the managed indexes:
+// updateSingleIndex modifies the objects location in the named index:
// - for create you must provide only the newObj
// - for update you must provide both the oldObj and the newObj
// - for delete you must provide only the oldObj
-// updateIndices must be called from a function that already has a lock on the cache
-func (i *storeIndex) updateIndices(oldObj interface{}, newObj interface{}, key string) {
+// updateSingleIndex must be called from a function that already has a lock on the cache
+func (i *storeIndex) updateSingleIndex(name string, oldObj interface{}, newObj interface{}, key string) {
var oldIndexValues, indexValues []string
- var err error
- for name, indexFunc := range i.indexers {
- if oldObj != nil {
- oldIndexValues, err = indexFunc(oldObj)
- } else {
- oldIndexValues = oldIndexValues[:0]
- }
+ indexFunc, ok := i.indexers[name]
+ if !ok {
+ // Should never happen. Caller is responsible for ensuring this exists, and should call with lock
+ // held to avoid any races.
+ panic(fmt.Errorf("indexer %q does not exist", name))
+ }
+ if oldObj != nil {
+ var err error
+ oldIndexValues, err = indexFunc(oldObj)
if err != nil {
panic(fmt.Errorf("unable to calculate an index entry for key %q on index %q: %v", key, name, err))
}
+ } else {
+ oldIndexValues = oldIndexValues[:0]
+ }
- if newObj != nil {
- indexValues, err = indexFunc(newObj)
- } else {
- indexValues = indexValues[:0]
- }
+ if newObj != nil {
+ var err error
+ indexValues, err = indexFunc(newObj)
if err != nil {
panic(fmt.Errorf("unable to calculate an index entry for key %q on index %q: %v", key, name, err))
}
+ } else {
+ indexValues = indexValues[:0]
+ }
- index := i.indices[name]
- if index == nil {
- index = Index{}
- i.indices[name] = index
- }
+ index := i.indices[name]
+ if index == nil {
+ index = Index{}
+ i.indices[name] = index
+ }
- if len(indexValues) == 1 && len(oldIndexValues) == 1 && indexValues[0] == oldIndexValues[0] {
- // We optimize for the most common case where indexFunc returns a single value which has not been changed
- continue
- }
+ if len(indexValues) == 1 && len(oldIndexValues) == 1 && indexValues[0] == oldIndexValues[0] {
+ // We optimize for the most common case where indexFunc returns a single value which has not been changed
+ return
+ }
- for _, value := range oldIndexValues {
- i.deleteKeyFromIndex(key, value, index)
- }
- for _, value := range indexValues {
- i.addKeyToIndex(key, value, index)
- }
+ for _, value := range oldIndexValues {
+ i.deleteKeyFromIndex(key, value, index)
+ }
+ for _, value := range indexValues {
+ i.addKeyToIndex(key, value, index)
+ }
+}
+
+// updateIndices modifies the objects location in the managed indexes:
+// - for create you must provide only the newObj
+// - for update you must provide both the oldObj and the newObj
+// - for delete you must provide only the oldObj
+// updateIndices must be called from a function that already has a lock on the cache
+func (i *storeIndex) updateIndices(oldObj interface{}, newObj interface{}, key string) {
+ for name := range i.indexers {
+ i.updateSingleIndex(name, oldObj, newObj, key)
}
}
@@ -339,11 +354,18 @@ func (c *threadSafeMap) AddIndexers(newIndexers Indexers) error {
c.lock.Lock()
defer c.lock.Unlock()
- if len(c.items) > 0 {
- return fmt.Errorf("cannot add indexers to running index")
+ if err := c.index.addIndexers(newIndexers); err != nil {
+ return err
+ }
+
+ // If there are already items, index them
+ for key, item := range c.items {
+ for name := range newIndexers {
+ c.index.updateSingleIndex(name, nil, item, key)
+ }
}
- return c.index.addIndexers(newIndexers)
+ return nil
}
func (c *threadSafeMap) Resync() error {
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go b/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go
index 5871575a66..fd913a3083 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/doc.go
@@ -16,4 +16,4 @@ limitations under the License.
// +k8s:deepcopy-gen=package
-package api
+package api // import "k8s.io/client-go/tools/clientcmd/api"
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
index 3ccdebc1c3..9e483e9d75 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
@@ -18,4 +18,4 @@ limitations under the License.
// +k8s:deepcopy-gen=package
// +k8s:defaulter-gen=Kind
-package v1
+package v1 // import "k8s.io/client-go/tools/clientcmd/api/v1"
diff --git a/vendor/k8s.io/client-go/tools/clientcmd/client_config.go b/vendor/k8s.io/client-go/tools/clientcmd/client_config.go
index ae0f01f325..952f6d7eb6 100644
--- a/vendor/k8s.io/client-go/tools/clientcmd/client_config.go
+++ b/vendor/k8s.io/client-go/tools/clientcmd/client_config.go
@@ -72,6 +72,13 @@ type ClientConfig interface {
ConfigAccess() ConfigAccess
}
+// OverridingClientConfig is used to enable overrriding the raw KubeConfig
+type OverridingClientConfig interface {
+ ClientConfig
+ // MergedRawConfig return the RawConfig merged with all overrides.
+ MergedRawConfig() (clientcmdapi.Config, error)
+}
+
type PersistAuthProviderConfigForUser func(user string) restclient.AuthProviderConfigPersister
type promptedCredentials struct {
@@ -91,22 +98,22 @@ type DirectClientConfig struct {
}
// NewDefaultClientConfig creates a DirectClientConfig using the config.CurrentContext as the context name
-func NewDefaultClientConfig(config clientcmdapi.Config, overrides *ConfigOverrides) ClientConfig {
+func NewDefaultClientConfig(config clientcmdapi.Config, overrides *ConfigOverrides) OverridingClientConfig {
return &DirectClientConfig{config, config.CurrentContext, overrides, nil, NewDefaultClientConfigLoadingRules(), promptedCredentials{}}
}
// NewNonInteractiveClientConfig creates a DirectClientConfig using the passed context name and does not have a fallback reader for auth information
-func NewNonInteractiveClientConfig(config clientcmdapi.Config, contextName string, overrides *ConfigOverrides, configAccess ConfigAccess) ClientConfig {
+func NewNonInteractiveClientConfig(config clientcmdapi.Config, contextName string, overrides *ConfigOverrides, configAccess ConfigAccess) OverridingClientConfig {
return &DirectClientConfig{config, contextName, overrides, nil, configAccess, promptedCredentials{}}
}
// NewInteractiveClientConfig creates a DirectClientConfig using the passed context name and a reader in case auth information is not provided via files or flags
-func NewInteractiveClientConfig(config clientcmdapi.Config, contextName string, overrides *ConfigOverrides, fallbackReader io.Reader, configAccess ConfigAccess) ClientConfig {
+func NewInteractiveClientConfig(config clientcmdapi.Config, contextName string, overrides *ConfigOverrides, fallbackReader io.Reader, configAccess ConfigAccess) OverridingClientConfig {
return &DirectClientConfig{config, contextName, overrides, fallbackReader, configAccess, promptedCredentials{}}
}
// NewClientConfigFromBytes takes your kubeconfig and gives you back a ClientConfig
-func NewClientConfigFromBytes(configBytes []byte) (ClientConfig, error) {
+func NewClientConfigFromBytes(configBytes []byte) (OverridingClientConfig, error) {
config, err := Load(configBytes)
if err != nil {
return nil, err
@@ -129,6 +136,40 @@ func (config *DirectClientConfig) RawConfig() (clientcmdapi.Config, error) {
return config.config, nil
}
+// MergedRawConfig returns the raw kube config merged with the overrides
+func (config *DirectClientConfig) MergedRawConfig() (clientcmdapi.Config, error) {
+ if err := config.ConfirmUsable(); err != nil {
+ return clientcmdapi.Config{}, err
+ }
+ merged := config.config.DeepCopy()
+
+ // set the AuthInfo merged with overrides in the merged config
+ mergedAuthInfo, err := config.getAuthInfo()
+ if err != nil {
+ return clientcmdapi.Config{}, err
+ }
+ mergedAuthInfoName, _ := config.getAuthInfoName()
+ merged.AuthInfos[mergedAuthInfoName] = &mergedAuthInfo
+
+ // set the Context merged with overrides in the merged config
+ mergedContext, err := config.getContext()
+ if err != nil {
+ return clientcmdapi.Config{}, err
+ }
+ mergedContextName, _ := config.getContextName()
+ merged.Contexts[mergedContextName] = &mergedContext
+ merged.CurrentContext = mergedContextName
+
+ // set the Cluster merged with overrides in the merged config
+ configClusterInfo, err := config.getCluster()
+ if err != nil {
+ return clientcmdapi.Config{}, err
+ }
+ configClusterName, _ := config.getClusterName()
+ merged.Clusters[configClusterName] = &configClusterInfo
+ return *merged, nil
+}
+
// ClientConfig implements ClientConfig
func (config *DirectClientConfig) ClientConfig() (*restclient.Config, error) {
// check that getAuthInfo, getContext, and getCluster do not return an error.
diff --git a/vendor/k8s.io/client-go/tools/events/event_broadcaster.go b/vendor/k8s.io/client-go/tools/events/event_broadcaster.go
index e0164f301e..94c2012b8b 100644
--- a/vendor/k8s.io/client-go/tools/events/event_broadcaster.go
+++ b/vendor/k8s.io/client-go/tools/events/event_broadcaster.go
@@ -404,7 +404,15 @@ type eventBroadcasterAdapterImpl struct {
// NewEventBroadcasterAdapter creates a wrapper around new and legacy broadcasters to simplify
// migration of individual components to the new Event API.
+//
+//logcheck:context // NewEventBroadcasterAdapterWithContext should be used instead because record.NewBroadcaster is called and works better when a context is supplied (contextual logging, cancellation).
func NewEventBroadcasterAdapter(client clientset.Interface) EventBroadcasterAdapter {
+ return NewEventBroadcasterAdapterWithContext(context.Background(), client)
+}
+
+// NewEventBroadcasterAdapterWithContext creates a wrapper around new and legacy broadcasters to simplify
+// migration of individual components to the new Event API.
+func NewEventBroadcasterAdapterWithContext(ctx context.Context, client clientset.Interface) EventBroadcasterAdapter {
eventClient := &eventBroadcasterAdapterImpl{}
if _, err := client.Discovery().ServerResourcesForGroupVersion(eventsv1.SchemeGroupVersion.String()); err == nil {
eventClient.eventsv1Client = client.EventsV1()
@@ -414,7 +422,7 @@ func NewEventBroadcasterAdapter(client clientset.Interface) EventBroadcasterAdap
// we create it unconditionally because its overhead is minor and will simplify using usage
// patterns of this library in all components.
eventClient.coreClient = client.CoreV1()
- eventClient.coreBroadcaster = record.NewBroadcaster()
+ eventClient.coreBroadcaster = record.NewBroadcaster(record.WithContext(ctx))
return eventClient
}
diff --git a/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go b/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go
index c1151baf20..af840c4a25 100644
--- a/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go
+++ b/vendor/k8s.io/client-go/tools/leaderelection/leaderelection.go
@@ -325,7 +325,22 @@ func (le *LeaderElector) tryAcquireOrRenew(ctx context.Context) bool {
AcquireTime: now,
}
- // 1. obtain or create the ElectionRecord
+ // 1. fast path for the leader to update optimistically assuming that the record observed
+ // last time is the current version.
+ if le.IsLeader() && le.isLeaseValid(now.Time) {
+ oldObservedRecord := le.getObservedRecord()
+ leaderElectionRecord.AcquireTime = oldObservedRecord.AcquireTime
+ leaderElectionRecord.LeaderTransitions = oldObservedRecord.LeaderTransitions
+
+ err := le.config.Lock.Update(ctx, leaderElectionRecord)
+ if err == nil {
+ le.setObservedRecord(&leaderElectionRecord)
+ return true
+ }
+ klog.Errorf("Failed to update lock optimitically: %v, falling back to slow path", err)
+ }
+
+ // 2. obtain or create the ElectionRecord
oldLeaderElectionRecord, oldLeaderElectionRawRecord, err := le.config.Lock.Get(ctx)
if err != nil {
if !errors.IsNotFound(err) {
@@ -342,24 +357,23 @@ func (le *LeaderElector) tryAcquireOrRenew(ctx context.Context) bool {
return true
}
- // 2. Record obtained, check the Identity & Time
+ // 3. Record obtained, check the Identity & Time
if !bytes.Equal(le.observedRawRecord, oldLeaderElectionRawRecord) {
le.setObservedRecord(oldLeaderElectionRecord)
le.observedRawRecord = oldLeaderElectionRawRecord
}
- if len(oldLeaderElectionRecord.HolderIdentity) > 0 &&
- le.observedTime.Add(time.Second*time.Duration(oldLeaderElectionRecord.LeaseDurationSeconds)).After(now.Time) &&
- !le.IsLeader() {
+ if len(oldLeaderElectionRecord.HolderIdentity) > 0 && le.isLeaseValid(now.Time) && !le.IsLeader() {
klog.V(4).Infof("lock is held by %v and has not yet expired", oldLeaderElectionRecord.HolderIdentity)
return false
}
- // 3. We're going to try to update. The leaderElectionRecord is set to it's default
+ // 4. We're going to try to update. The leaderElectionRecord is set to it's default
// here. Let's correct it before updating.
if le.IsLeader() {
leaderElectionRecord.AcquireTime = oldLeaderElectionRecord.AcquireTime
leaderElectionRecord.LeaderTransitions = oldLeaderElectionRecord.LeaderTransitions
+ le.metrics.slowpathExercised(le.config.Name)
} else {
leaderElectionRecord.LeaderTransitions = oldLeaderElectionRecord.LeaderTransitions + 1
}
@@ -400,6 +414,10 @@ func (le *LeaderElector) Check(maxTolerableExpiredLease time.Duration) error {
return nil
}
+func (le *LeaderElector) isLeaseValid(now time.Time) bool {
+ return le.observedTime.Add(time.Second * time.Duration(le.getObservedRecord().LeaseDurationSeconds)).After(now)
+}
+
// setObservedRecord will set a new observedRecord and update observedTime to the current time.
// Protect critical sections with lock.
func (le *LeaderElector) setObservedRecord(observedRecord *rl.LeaderElectionRecord) {
diff --git a/vendor/k8s.io/client-go/tools/leaderelection/metrics.go b/vendor/k8s.io/client-go/tools/leaderelection/metrics.go
index 65917bf88e..7438345fb1 100644
--- a/vendor/k8s.io/client-go/tools/leaderelection/metrics.go
+++ b/vendor/k8s.io/client-go/tools/leaderelection/metrics.go
@@ -26,24 +26,26 @@ import (
type leaderMetricsAdapter interface {
leaderOn(name string)
leaderOff(name string)
+ slowpathExercised(name string)
}
-// GaugeMetric represents a single numerical value that can arbitrarily go up
-// and down.
-type SwitchMetric interface {
+// LeaderMetric instruments metrics used in leader election.
+type LeaderMetric interface {
On(name string)
Off(name string)
+ SlowpathExercised(name string)
}
type noopMetric struct{}
-func (noopMetric) On(name string) {}
-func (noopMetric) Off(name string) {}
+func (noopMetric) On(name string) {}
+func (noopMetric) Off(name string) {}
+func (noopMetric) SlowpathExercised(name string) {}
// defaultLeaderMetrics expects the caller to lock before setting any metrics.
type defaultLeaderMetrics struct {
// leader's value indicates if the current process is the owner of name lease
- leader SwitchMetric
+ leader LeaderMetric
}
func (m *defaultLeaderMetrics) leaderOn(name string) {
@@ -60,19 +62,27 @@ func (m *defaultLeaderMetrics) leaderOff(name string) {
m.leader.Off(name)
}
+func (m *defaultLeaderMetrics) slowpathExercised(name string) {
+ if m == nil {
+ return
+ }
+ m.leader.SlowpathExercised(name)
+}
+
type noMetrics struct{}
-func (noMetrics) leaderOn(name string) {}
-func (noMetrics) leaderOff(name string) {}
+func (noMetrics) leaderOn(name string) {}
+func (noMetrics) leaderOff(name string) {}
+func (noMetrics) slowpathExercised(name string) {}
// MetricsProvider generates various metrics used by the leader election.
type MetricsProvider interface {
- NewLeaderMetric() SwitchMetric
+ NewLeaderMetric() LeaderMetric
}
type noopMetricsProvider struct{}
-func (_ noopMetricsProvider) NewLeaderMetric() SwitchMetric {
+func (noopMetricsProvider) NewLeaderMetric() LeaderMetric {
return noopMetric{}
}
diff --git a/vendor/k8s.io/client-go/tools/record/event.go b/vendor/k8s.io/client-go/tools/record/event.go
index d1511696d0..0745fb4a35 100644
--- a/vendor/k8s.io/client-go/tools/record/event.go
+++ b/vendor/k8s.io/client-go/tools/record/event.go
@@ -198,16 +198,29 @@ func NewBroadcaster(opts ...BroadcasterOption) EventBroadcaster {
ctx := c.Context
if ctx == nil {
ctx = context.Background()
- } else {
+ }
+ // The are two scenarios where it makes no sense to wait for context cancelation:
+ // - The context was nil.
+ // - The context was context.Background() to begin with.
+ //
+ // Both cases get checked here.
+ haveCtxCancelation := ctx.Done() == nil
+
+ eventBroadcaster.cancelationCtx, eventBroadcaster.cancel = context.WithCancel(ctx)
+
+ if haveCtxCancelation {
// Calling Shutdown is not required when a context was provided:
// when the context is canceled, this goroutine will shut down
// the broadcaster.
+ //
+ // If Shutdown is called first, then this goroutine will
+ // also stop.
go func() {
- <-ctx.Done()
+ <-eventBroadcaster.cancelationCtx.Done()
eventBroadcaster.Broadcaster.Shutdown()
}()
}
- eventBroadcaster.cancelationCtx, eventBroadcaster.cancel = context.WithCancel(ctx)
+
return eventBroadcaster
}
diff --git a/vendor/k8s.io/client-go/util/flowcontrol/backoff.go b/vendor/k8s.io/client-go/util/flowcontrol/backoff.go
index 3ef88dbdb8..82e4c4c408 100644
--- a/vendor/k8s.io/client-go/util/flowcontrol/backoff.go
+++ b/vendor/k8s.io/client-go/util/flowcontrol/backoff.go
@@ -23,7 +23,6 @@ import (
"k8s.io/utils/clock"
testingclock "k8s.io/utils/clock/testing"
- "k8s.io/utils/integer"
)
type backoffEntry struct {
@@ -100,7 +99,7 @@ func (p *Backoff) Next(id string, eventTime time.Time) {
} else {
delay := entry.backoff * 2 // exponential
delay += p.jitter(entry.backoff) // add some jitter to the delay
- entry.backoff = time.Duration(integer.Int64Min(int64(delay), int64(p.maxDuration)))
+ entry.backoff = min(delay, p.maxDuration)
}
entry.lastUpdate = p.Clock.Now()
}
diff --git a/vendor/k8s.io/code-generator/README.md b/vendor/k8s.io/code-generator/README.md
index 122868a5c6..b0055265ec 100644
--- a/vendor/k8s.io/code-generator/README.md
+++ b/vendor/k8s.io/code-generator/README.md
@@ -14,6 +14,10 @@ These code-generators can be used
- The example [sample controller](https://github.com/kubernetes/sample-controller) shows a code example of a controller that uses the clients, listers and informers generated by this library.
- The article [Kubernetes Deep Dive: Code Generation for CustomResources](https://cloud.redhat.com/blog/kubernetes-deep-dive-code-generation-customresources/) gives a step by step instruction on how to use this library.
+## Usage
+
+The examples above are dated. The current recommended script to use is [kube_codegen.sh](kube_codegen.sh).
+
## Compatibility
HEAD of this repo will match HEAD of k8s.io/apiserver, k8s.io/apimachinery, and k8s.io/client-go.
diff --git a/vendor/k8s.io/code-generator/cmd/applyconfiguration-gen/args/args.go b/vendor/k8s.io/code-generator/cmd/applyconfiguration-gen/args/args.go
index 78f364841f..95ebd79598 100644
--- a/vendor/k8s.io/code-generator/cmd/applyconfiguration-gen/args/args.go
+++ b/vendor/k8s.io/code-generator/cmd/applyconfiguration-gen/args/args.go
@@ -49,10 +49,15 @@ func NewDefaults() (*args.GeneratorArgs, *CustomArgs) {
genericArgs := args.Default().WithoutDefaultFlagParsing()
customArgs := &CustomArgs{
ExternalApplyConfigurations: map[types.Name]string{
- // Always include TypeMeta and ObjectMeta. They are sufficient for the vast majority of use cases.
- {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "TypeMeta"}: "k8s.io/client-go/applyconfigurations/meta/v1",
- {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "ObjectMeta"}: "k8s.io/client-go/applyconfigurations/meta/v1",
- {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "OwnerReference"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ // Always include the applyconfigurations we've generated in client-go. They are sufficient for the vast majority of use cases.
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "Condition"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "DeleteOptions"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "LabelSelector"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "LabelSelectorRequirement"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "ManagedFieldsEntry"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "ObjectMeta"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "OwnerReference"}: "k8s.io/client-go/applyconfigurations/meta/v1",
+ {Package: "k8s.io/apimachinery/pkg/apis/meta/v1", Name: "TypeMeta"}: "k8s.io/client-go/applyconfigurations/meta/v1",
},
}
genericArgs.CustomArgs = customArgs
@@ -65,10 +70,10 @@ func NewDefaults() (*args.GeneratorArgs, *CustomArgs) {
}
func (ca *CustomArgs) AddFlags(fs *pflag.FlagSet, inputBase string) {
- pflag.Var(NewExternalApplyConfigurationValue(&ca.ExternalApplyConfigurations, nil), "external-applyconfigurations",
+ fs.Var(NewExternalApplyConfigurationValue(&ca.ExternalApplyConfigurations, nil), "external-applyconfigurations",
"list of comma separated external apply configurations locations in .: form."+
"For example: k8s.io/api/apps/v1.Deployment:k8s.io/client-go/applyconfigurations/apps/v1")
- pflag.StringVar(&ca.OpenAPISchemaFilePath, "openapi-schema", "",
+ fs.StringVar(&ca.OpenAPISchemaFilePath, "openapi-schema", "",
"path to the openapi schema containing all the types that apply configurations will be generated for")
}
diff --git a/vendor/k8s.io/code-generator/cmd/client-gen/args/args.go b/vendor/k8s.io/code-generator/cmd/client-gen/args/args.go
index 4460ad26a2..5b3f1981fa 100644
--- a/vendor/k8s.io/code-generator/cmd/client-gen/args/args.go
+++ b/vendor/k8s.io/code-generator/cmd/client-gen/args/args.go
@@ -81,13 +81,13 @@ func NewDefaults() (*args.GeneratorArgs, *CustomArgs) {
func (ca *CustomArgs) AddFlags(fs *pflag.FlagSet, inputBase string) {
gvsBuilder := NewGroupVersionsBuilder(&ca.Groups)
- pflag.Var(NewGVPackagesValue(gvsBuilder, nil), "input", "group/versions that client-gen will generate clients for. At most one version per group is allowed. Specified in the format \"group1/version1,group2/version2...\".")
- pflag.Var(NewGVTypesValue(&ca.IncludedTypesOverrides, []string{}), "included-types-overrides", "list of group/version/type for which client should be generated. By default, client is generated for all types which have genclient in types.go. This overrides that. For each groupVersion in this list, only the types mentioned here will be included. The default check of genclient will be used for other group versions.")
- pflag.Var(NewInputBasePathValue(gvsBuilder, inputBase), "input-base", "base path to look for the api group.")
- pflag.StringVarP(&ca.ClientsetName, "clientset-name", "n", ca.ClientsetName, "the name of the generated clientset package.")
- pflag.StringVarP(&ca.ClientsetAPIPath, "clientset-api-path", "", ca.ClientsetAPIPath, "the value of default API HTTP path, starting with / and without trailing /.")
- pflag.BoolVar(&ca.ClientsetOnly, "clientset-only", ca.ClientsetOnly, "when set, client-gen only generates the clientset shell, without generating the individual typed clients")
- pflag.BoolVar(&ca.FakeClient, "fake-clientset", ca.FakeClient, "when set, client-gen will generate the fake clientset that can be used in tests")
+ fs.Var(NewGVPackagesValue(gvsBuilder, nil), "input", "group/versions that client-gen will generate clients for. At most one version per group is allowed. Specified in the format \"group1/version1,group2/version2...\".")
+ fs.Var(NewGVTypesValue(&ca.IncludedTypesOverrides, []string{}), "included-types-overrides", "list of group/version/type for which client should be generated. By default, client is generated for all types which have genclient in types.go. This overrides that. For each groupVersion in this list, only the types mentioned here will be included. The default check of genclient will be used for other group versions.")
+ fs.Var(NewInputBasePathValue(gvsBuilder, inputBase), "input-base", "base path to look for the api group.")
+ fs.StringVarP(&ca.ClientsetName, "clientset-name", "n", ca.ClientsetName, "the name of the generated clientset package.")
+ fs.StringVarP(&ca.ClientsetAPIPath, "clientset-api-path", "", ca.ClientsetAPIPath, "the value of default API HTTP path, starting with / and without trailing /.")
+ fs.BoolVar(&ca.ClientsetOnly, "clientset-only", ca.ClientsetOnly, "when set, client-gen only generates the clientset shell, without generating the individual typed clients")
+ fs.BoolVar(&ca.FakeClient, "fake-clientset", ca.FakeClient, "when set, client-gen will generate the fake clientset that can be used in tests")
fs.StringSliceVar(&ca.PluralExceptions, "plural-exceptions", ca.PluralExceptions, "list of comma separated plural exception definitions in Type:PluralizedType form")
fs.StringVar(&ca.ApplyConfigurationPackage, "apply-configuration-package", ca.ApplyConfigurationPackage, "optional package of apply configurations, generated by applyconfiguration-gen, that are required to generate Apply functions for each type in the clientset. By default Apply functions are not generated.")
diff --git a/vendor/k8s.io/code-generator/cmd/conversion-gen/args/args.go b/vendor/k8s.io/code-generator/cmd/conversion-gen/args/args.go
index c69280b106..d3166b5659 100644
--- a/vendor/k8s.io/code-generator/cmd/conversion-gen/args/args.go
+++ b/vendor/k8s.io/code-generator/cmd/conversion-gen/args/args.go
@@ -68,13 +68,13 @@ func NewDefaults() (*args.GeneratorArgs, *CustomArgs) {
// AddFlags add the generator flags to the flag set.
func (ca *CustomArgs) AddFlags(fs *pflag.FlagSet) {
- pflag.CommandLine.StringSliceVar(&ca.BasePeerDirs, "base-peer-dirs", ca.BasePeerDirs,
+ fs.StringSliceVar(&ca.BasePeerDirs, "base-peer-dirs", ca.BasePeerDirs,
"Comma-separated list of apimachinery import paths which are considered, after tag-specified peers, for conversions. Only change these if you have very good reasons.")
- pflag.CommandLine.StringSliceVar(&ca.ExtraPeerDirs, "extra-peer-dirs", ca.ExtraPeerDirs,
+ fs.StringSliceVar(&ca.ExtraPeerDirs, "extra-peer-dirs", ca.ExtraPeerDirs,
"Application specific comma-separated list of import paths which are considered, after tag-specified peers and base-peer-dirs, for conversions.")
- pflag.CommandLine.StringSliceVar(&ca.ExtraDirs, "extra-dirs", ca.ExtraDirs,
+ fs.StringSliceVar(&ca.ExtraDirs, "extra-dirs", ca.ExtraDirs,
"Application specific comma-separated list of import paths which are loaded and considered for callable conversions, but are not considered peers for conversion.")
- pflag.CommandLine.BoolVar(&ca.SkipUnsafe, "skip-unsafe", ca.SkipUnsafe,
+ fs.BoolVar(&ca.SkipUnsafe, "skip-unsafe", ca.SkipUnsafe,
"If true, will not generate code using unsafe pointer conversions; resulting code may be slower.")
}
diff --git a/vendor/k8s.io/code-generator/cmd/deepcopy-gen/args/args.go b/vendor/k8s.io/code-generator/cmd/deepcopy-gen/args/args.go
index 789713012a..9674e5b5c9 100644
--- a/vendor/k8s.io/code-generator/cmd/deepcopy-gen/args/args.go
+++ b/vendor/k8s.io/code-generator/cmd/deepcopy-gen/args/args.go
@@ -38,7 +38,7 @@ func NewDefaults() (*args.GeneratorArgs, *CustomArgs) {
// AddFlags add the generator flags to the flag set.
func (ca *CustomArgs) AddFlags(fs *pflag.FlagSet) {
- pflag.CommandLine.StringSliceVar(&ca.BoundingDirs, "bounding-dirs", ca.BoundingDirs,
+ fs.StringSliceVar(&ca.BoundingDirs, "bounding-dirs", ca.BoundingDirs,
"Comma-separated list of import paths which bound the types for which deep-copies will be generated.")
}
diff --git a/vendor/k8s.io/code-generator/cmd/defaulter-gen/args/args.go b/vendor/k8s.io/code-generator/cmd/defaulter-gen/args/args.go
index 3c5a042c7c..b6ea2dd028 100644
--- a/vendor/k8s.io/code-generator/cmd/defaulter-gen/args/args.go
+++ b/vendor/k8s.io/code-generator/cmd/defaulter-gen/args/args.go
@@ -38,7 +38,7 @@ func NewDefaults() (*args.GeneratorArgs, *CustomArgs) {
// AddFlags add the generator flags to the flag set.
func (ca *CustomArgs) AddFlags(fs *pflag.FlagSet) {
- pflag.CommandLine.StringSliceVar(&ca.ExtraPeerDirs, "extra-peer-dirs", ca.ExtraPeerDirs,
+ fs.StringSliceVar(&ca.ExtraPeerDirs, "extra-peer-dirs", ca.ExtraPeerDirs,
"Comma-separated list of import paths which are considered, after tag-specified peers, for conversions.")
}
diff --git a/vendor/k8s.io/code-generator/cmd/register-gen/generators/register_external.go b/vendor/k8s.io/code-generator/cmd/register-gen/generators/register_external.go
index c831c575d6..3c0827e6a7 100644
--- a/vendor/k8s.io/code-generator/cmd/register-gen/generators/register_external.go
+++ b/vendor/k8s.io/code-generator/cmd/register-gen/generators/register_external.go
@@ -91,7 +91,7 @@ var (
// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
SchemeBuilder runtime.SchemeBuilder
localSchemeBuilder = &SchemeBuilder
- // Depreciated: use Install instead
+ // Deprecated: use Install instead
AddToScheme = localSchemeBuilder.AddToScheme
Install = localSchemeBuilder.AddToScheme
)
diff --git a/vendor/k8s.io/code-generator/generate-internal-groups.sh b/vendor/k8s.io/code-generator/generate-internal-groups.sh
index 9676fac313..415b0b67c6 100644
--- a/vendor/k8s.io/code-generator/generate-internal-groups.sh
+++ b/vendor/k8s.io/code-generator/generate-internal-groups.sh
@@ -55,6 +55,12 @@ echo "WARNING: $(basename "$0") is deprecated."
echo "WARNING: Please use k8s.io/code-generator/kube_codegen.sh instead."
echo
+# If verification only is requested, avoid deleting files
+verify_only=""
+for ((i = 1; i <= $#; i++)); do
+ if [ "${!i}" = --verify-only ]; then verify_only=1; fi
+done
+
if [ "${GENS}" = "all" ] || grep -qw "all" <<<"${GENS}"; then
ALL="client,conversion,deepcopy,defaulter,informer,lister,openapi"
echo "WARNING: Specifying \"all\" as a generator is deprecated."
@@ -124,12 +130,14 @@ CLIENTSET_PKG="${CLIENTSET_PKG_NAME:-clientset}"
CLIENTSET_NAME="${CLIENTSET_NAME_VERSIONED:-versioned}"
if grep -qw "deepcopy" <<<"${GENS}"; then
- # Nuke existing files
- for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${ALL_FQ_APIS[@]}"); do
- pushd "${dir}" >/dev/null
- git_find -z ':(glob)**'/zz_generated.deepcopy.go | xargs -0 rm -f
- popd >/dev/null
- done
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${ALL_FQ_APIS[@]}"); do
+ pushd "${dir}" >/dev/null
+ git_find -z ':(glob)**'/zz_generated.deepcopy.go | xargs -0 rm -f
+ popd >/dev/null
+ done
+ fi
echo "Generating deepcopy funcs"
"${gobin}/deepcopy-gen" \
@@ -139,12 +147,14 @@ if grep -qw "deepcopy" <<<"${GENS}"; then
fi
if grep -qw "defaulter" <<<"${GENS}"; then
- # Nuke existing files
- for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${ALL_FQ_APIS[@]}"); do
- pushd "${dir}" >/dev/null
- git_find -z ':(glob)**'/zz_generated.defaults.go | xargs -0 rm -f
- popd >/dev/null
- done
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${ALL_FQ_APIS[@]}"); do
+ pushd "${dir}" >/dev/null
+ git_find -z ':(glob)**'/zz_generated.defaults.go | xargs -0 rm -f
+ popd >/dev/null
+ done
+ fi
echo "Generating defaulters"
"${gobin}/defaulter-gen" \
@@ -154,12 +164,14 @@ if grep -qw "defaulter" <<<"${GENS}"; then
fi
if grep -qw "conversion" <<<"${GENS}"; then
- # Nuke existing files
- for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${ALL_FQ_APIS[@]}"); do
- pushd "${dir}" >/dev/null
- git_find -z ':(glob)**'/zz_generated.conversion.go | xargs -0 rm -f
- popd >/dev/null
- done
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${ALL_FQ_APIS[@]}"); do
+ pushd "${dir}" >/dev/null
+ git_find -z ':(glob)**'/zz_generated.conversion.go | xargs -0 rm -f
+ popd >/dev/null
+ done
+ fi
echo "Generating conversions"
"${gobin}/conversion-gen" \
@@ -171,15 +183,17 @@ fi
if grep -qw "applyconfiguration" <<<"${GENS}"; then
APPLY_CONFIGURATION_PACKAGE="${OUTPUT_PKG}/${APPLYCONFIGURATION_PKG_NAME:-applyconfiguration}"
- # Nuke existing files
- root="$(GO111MODULE=on go list -f '{{.Dir}}' "${APPLY_CONFIGURATION_PACKAGE}" 2>/dev/null || true)"
- if [ -n "${root}" ]; then
- pushd "${root}" >/dev/null
- git_grep -l --null \
- -e '^// Code generated by applyconfiguration-gen. DO NOT EDIT.$' \
- ':(glob)**/*.go' \
- | xargs -0 rm -f
- popd >/dev/null
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ root="$(GO111MODULE=on go list -f '{{.Dir}}' "${APPLY_CONFIGURATION_PACKAGE}" 2>/dev/null || true)"
+ if [ -n "${root}" ]; then
+ pushd "${root}" >/dev/null
+ git_grep -l --null \
+ -e '^// Code generated by applyconfiguration-gen. DO NOT EDIT.$' \
+ ':(glob)**/*.go' \
+ | xargs -0 rm -f
+ popd >/dev/null
+ fi
fi
echo "Generating apply configuration for ${GROUPS_WITH_VERSIONS} at ${APPLY_CONFIGURATION_PACKAGE}"
@@ -190,15 +204,17 @@ if grep -qw "applyconfiguration" <<<"${GENS}"; then
fi
if grep -qw "client" <<<"${GENS}"; then
- # Nuke existing files
- root="$(GO111MODULE=on go list -f '{{.Dir}}' "${OUTPUT_PKG}/${CLIENTSET_PKG}/${CLIENTSET_NAME}" 2>/dev/null || true)"
- if [ -n "${root}" ]; then
- pushd "${root}" >/dev/null
- git_grep -l --null \
- -e '^// Code generated by client-gen. DO NOT EDIT.$' \
- ':(glob)**/*.go' \
- | xargs -0 rm -f
- popd >/dev/null
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ root="$(GO111MODULE=on go list -f '{{.Dir}}' "${OUTPUT_PKG}/${CLIENTSET_PKG}/${CLIENTSET_NAME}" 2>/dev/null || true)"
+ if [ -n "${root}" ]; then
+ pushd "${root}" >/dev/null
+ git_grep -l --null \
+ -e '^// Code generated by client-gen. DO NOT EDIT.$' \
+ ':(glob)**/*.go' \
+ | xargs -0 rm -f
+ popd >/dev/null
+ fi
fi
echo "Generating clientset for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/${CLIENTSET_PKG}"
@@ -212,18 +228,20 @@ if grep -qw "client" <<<"${GENS}"; then
fi
if grep -qw "lister" <<<"${GENS}"; then
- # Nuke existing files
- for gv in "${GROUP_VERSIONS[@]}"; do
- root="$(GO111MODULE=on go list -f '{{.Dir}}' "${OUTPUT_PKG}/listers/${gv}" 2>/dev/null || true)"
- if [ -n "${root}" ]; then
- pushd "${root}" >/dev/null
- git_grep -l --null \
- -e '^// Code generated by lister-gen. DO NOT EDIT.$' \
- ':(glob)**/*.go' \
- | xargs -0 rm -f
- popd >/dev/null
- fi
- done
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ for gv in "${GROUP_VERSIONS[@]}"; do
+ root="$(GO111MODULE=on go list -f '{{.Dir}}' "${OUTPUT_PKG}/listers/${gv}" 2>/dev/null || true)"
+ if [ -n "${root}" ]; then
+ pushd "${root}" >/dev/null
+ git_grep -l --null \
+ -e '^// Code generated by lister-gen. DO NOT EDIT.$' \
+ ':(glob)**/*.go' \
+ | xargs -0 rm -f
+ popd >/dev/null
+ fi
+ done
+ fi
echo "Generating listers for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/listers"
"${gobin}/lister-gen" \
@@ -233,15 +251,17 @@ if grep -qw "lister" <<<"${GENS}"; then
fi
if grep -qw "informer" <<<"${GENS}"; then
- # Nuke existing files
- root="$(GO111MODULE=on go list -f '{{.Dir}}' "${OUTPUT_PKG}/informers/externalversions" 2>/dev/null || true)"
- if [ -n "${root}" ]; then
- pushd "${root}" >/dev/null
- git_grep -l --null \
- -e '^// Code generated by informer-gen. DO NOT EDIT.$' \
- ':(glob)**/*.go' \
- | xargs -0 rm -f
- popd >/dev/null
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ root="$(GO111MODULE=on go list -f '{{.Dir}}' "${OUTPUT_PKG}/informers/externalversions" 2>/dev/null || true)"
+ if [ -n "${root}" ]; then
+ pushd "${root}" >/dev/null
+ git_grep -l --null \
+ -e '^// Code generated by informer-gen. DO NOT EDIT.$' \
+ ':(glob)**/*.go' \
+ | xargs -0 rm -f
+ popd >/dev/null
+ fi
fi
echo "Generating informers for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/informers"
@@ -254,12 +274,14 @@ if grep -qw "informer" <<<"${GENS}"; then
fi
if grep -qw "openapi" <<<"${GENS}"; then
- # Nuke existing files
- for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${FQ_APIS[@]}"); do
- pushd "${dir}" >/dev/null
- git_find -z ':(glob)**'/zz_generated.openapi.go | xargs -0 rm -f
- popd >/dev/null
- done
+ if [ ! "$verify_only" ]; then
+ # Nuke existing files
+ for dir in $(GO111MODULE=on go list -f '{{.Dir}}' "${FQ_APIS[@]}"); do
+ pushd "${dir}" >/dev/null
+ git_find -z ':(glob)**'/zz_generated.openapi.go | xargs -0 rm -f
+ popd >/dev/null
+ done
+ fi
echo "Generating OpenAPI definitions for ${GROUPS_WITH_VERSIONS} at ${OUTPUT_PKG}/openapi"
declare -a OPENAPI_EXTRA_PACKAGES
diff --git a/vendor/k8s.io/code-generator/kube_codegen.sh b/vendor/k8s.io/code-generator/kube_codegen.sh
index 6ded204836..48e0a0c63a 100644
--- a/vendor/k8s.io/code-generator/kube_codegen.sh
+++ b/vendor/k8s.io/code-generator/kube_codegen.sh
@@ -17,23 +17,30 @@
# This presents several functions for packages which want to use kubernetes
# code-generation tools.
+# These functions insist that your input IDL (commented go) files be located in
+# go packages following the pattern $input_pkg_root/$something_sans_slash/$api_version .
+# Those $something_sans_slash will be propagated into the output directory structure.
+
set -o errexit
set -o nounset
set -o pipefail
KUBE_CODEGEN_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd -P)"
-function kube::codegen::internal::git_find() {
- # Similar to find but faster and easier to understand. We want to include
- # modified and untracked files because this might be running against code
- # which is not tracked by git yet.
- git ls-files -cmo --exclude-standard "$@"
+function kube::codegen::internal::findz() {
+ # We use `find` rather than `git ls-files` because sometimes external
+ # projects use this across repos. This is an imperfect wrapper of find,
+ # but good enough for this script.
+ find "$@" -print0
}
-function kube::codegen::internal::git_grep() {
- # We want to include modified and untracked files because this might be
- # running against code which is not tracked by git yet.
- git grep --untracked "$@"
+function kube::codegen::internal::grep() {
+ # We use `grep` rather than `git grep` because sometimes external projects
+ # use this across repos.
+ grep "$@" \
+ --exclude-dir .git \
+ --exclude-dir _output \
+ --exclude-dir vendor
}
# Generate tagged helper code: conversions, deepcopy, and defaults
@@ -42,6 +49,7 @@ function kube::codegen::internal::git_grep() {
# --input-pkg-root
# The root package under which to search for files which request code to be
# generated. This must be Go package syntax, e.g. "k8s.io/foo/bar".
+# See note at the top about package structure below that.
#
# --output-base
# The root directory under which to emit code. The concatenation of
@@ -118,23 +126,26 @@ function kube::codegen::gen_helpers() {
# Deepcopy
#
local input_pkgs=()
- while read -r file; do
- dir="$(dirname "${file}")"
+ while read -r dir; do
pkg="$(cd "${dir}" && GO111MODULE=on go list -find .)"
input_pkgs+=("${pkg}")
done < <(
- ( kube::codegen::internal::git_grep -l \
+ ( kube::codegen::internal::grep -l --null \
-e '+k8s:deepcopy-gen=' \
- ":(glob)${root}"/'**/*.go' \
+ -r "${root}" \
+ --include '*.go' \
|| true \
- ) | LC_ALL=C sort -u
+ ) | while read -r -d $'\0' F; do dirname "${F}"; done \
+ | LC_ALL=C sort -u
)
if [ "${#input_pkgs[@]}" != 0 ]; then
echo "Generating deepcopy code for ${#input_pkgs[@]} targets"
- kube::codegen::internal::git_find -z \
- ":(glob)${root}"/'**/zz_generated.deepcopy.go' \
+ kube::codegen::internal::findz \
+ "${root}" \
+ -type f \
+ -name zz_generated.deepcopy.go \
| xargs -0 rm -f
local input_args=()
@@ -143,7 +154,7 @@ function kube::codegen::gen_helpers() {
done
"${gobin}/deepcopy-gen" \
-v "${v}" \
- -O zz_generated.deepcopy \
+ --output-file-base zz_generated.deepcopy \
--go-header-file "${boilerplate}" \
--output-base "${out_base}" \
"${input_args[@]}"
@@ -152,23 +163,26 @@ function kube::codegen::gen_helpers() {
# Defaults
#
local input_pkgs=()
- while read -r file; do
- dir="$(dirname "${file}")"
+ while read -r dir; do
pkg="$(cd "${dir}" && GO111MODULE=on go list -find .)"
input_pkgs+=("${pkg}")
done < <(
- ( kube::codegen::internal::git_grep -l \
+ ( kube::codegen::internal::grep -l --null \
-e '+k8s:defaulter-gen=' \
- ":(glob)${root}"/'**/*.go' \
+ -r "${root}" \
+ --include '*.go' \
|| true \
- ) | LC_ALL=C sort -u
+ ) | while read -r -d $'\0' F; do dirname "${F}"; done \
+ | LC_ALL=C sort -u
)
if [ "${#input_pkgs[@]}" != 0 ]; then
echo "Generating defaulter code for ${#input_pkgs[@]} targets"
- kube::codegen::internal::git_find -z \
- ":(glob)${root}"/'**/zz_generated.defaults.go' \
+ kube::codegen::internal::findz \
+ "${root}" \
+ -type f \
+ -name zz_generated.defaults.go \
| xargs -0 rm -f
local input_args=()
@@ -177,7 +191,7 @@ function kube::codegen::gen_helpers() {
done
"${gobin}/defaulter-gen" \
-v "${v}" \
- -O zz_generated.defaults \
+ --output-file-base zz_generated.defaults \
--go-header-file "${boilerplate}" \
--output-base "${out_base}" \
"${input_args[@]}"
@@ -186,23 +200,26 @@ function kube::codegen::gen_helpers() {
# Conversions
#
local input_pkgs=()
- while read -r file; do
- dir="$(dirname "${file}")"
+ while read -r dir; do
pkg="$(cd "${dir}" && GO111MODULE=on go list -find .)"
input_pkgs+=("${pkg}")
done < <(
- ( kube::codegen::internal::git_grep -l \
+ ( kube::codegen::internal::grep -l --null \
-e '+k8s:conversion-gen=' \
- ":(glob)${root}"/'**/*.go' \
+ -r "${root}" \
+ --include '*.go' \
|| true \
- ) | LC_ALL=C sort -u
+ ) | while read -r -d $'\0' F; do dirname "${F}"; done \
+ | LC_ALL=C sort -u
)
if [ "${#input_pkgs[@]}" != 0 ]; then
echo "Generating conversion code for ${#input_pkgs[@]} targets"
- kube::codegen::internal::git_find -z \
- ":(glob)${root}"/'**/zz_generated.conversion.go' \
+ kube::codegen::internal::findz \
+ "${root}" \
+ -type f \
+ -name zz_generated.conversion.go \
| xargs -0 rm -f
local input_args=()
@@ -215,7 +232,7 @@ function kube::codegen::gen_helpers() {
done
"${gobin}/conversion-gen" \
-v "${v}" \
- -O zz_generated.conversion \
+ --output-file-base zz_generated.conversion \
--go-header-file "${boilerplate}" \
--output-base "${out_base}" \
"${extra_peer_args[@]:+"${extra_peer_args[@]}"}" \
@@ -229,6 +246,7 @@ function kube::codegen::gen_helpers() {
# --input-pkg-root
# The root package under which to search for files which request openapi to
# be generated. This must be Go package syntax, e.g. "k8s.io/foo/bar".
+# See note at the top about package structure below that.
#
# --output-pkg-root
# The root package under which generated directories and files
@@ -347,23 +365,26 @@ function kube::codegen::gen_openapi() {
root="$(cd "${root}" && pwd -P)"
local input_pkgs=( "${extra_pkgs[@]:+"${extra_pkgs[@]}"}")
- while read -r file; do
- dir="$(dirname "${file}")"
+ while read -r dir; do
pkg="$(cd "${dir}" && GO111MODULE=on go list -find .)"
input_pkgs+=("${pkg}")
done < <(
- ( kube::codegen::internal::git_grep -l \
+ ( kube::codegen::internal::grep -l --null \
-e '+k8s:openapi-gen=' \
- ":(glob)${root}"/'**/*.go' \
+ -r "${root}" \
+ --include '*.go' \
|| true \
- ) | LC_ALL=C sort -u
+ ) | while read -r -d $'\0' F; do dirname "${F}"; done \
+ | LC_ALL=C sort -u
)
if [ "${#input_pkgs[@]}" != 0 ]; then
echo "Generating openapi code for ${#input_pkgs[@]} targets"
- kube::codegen::internal::git_find -z \
- ":(glob)${root}"/'**/zz_generated.openapi.go' \
+ kube::codegen::internal::findz \
+ "${root}" \
+ -type f \
+ -name zz_generated.openapi.go \
| xargs -0 rm -f
local inputs=()
@@ -372,7 +393,7 @@ function kube::codegen::gen_openapi() {
done
"${gobin}/openapi-gen" \
-v "${v}" \
- -O zz_generated.openapi \
+ --output-file-base zz_generated.openapi \
--go-header-file "${boilerplate}" \
--output-base "${out_base}" \
--output-package "${out_pkg_root}/${openapi_subdir}" \
@@ -396,9 +417,15 @@ function kube::codegen::gen_openapi() {
#
# Args:
# --input-pkg-root
-# The root package under which to search for types.go files which request
+# The root package under which to search for *.go files which request
# clients to be generated. This must be Go package syntax, e.g.
# "k8s.io/foo/bar".
+# See note at the top about package structure below that.
+#
+# --one-input-api
+# A specific API (a directory) under the --input-pkg-root for which to
+# generate a client. If this is not set, clients for all APIs under the
+# input root will be generated (under the --output-pkg-root).
#
# --output-pkg-root
# The root package into which generated directories and files will be
@@ -424,6 +451,10 @@ function kube::codegen::gen_openapi() {
# --applyconfig-name
# An optional override for the leaf name of the generated "applyconfiguration" directory.
#
+# --applyconfig-externals
+# An optional list of comma separated external apply configurations locations
+# in .: form.
+#
# --with-watch
# Enables generation of listers and informers for APIs which support WATCH.
#
@@ -433,18 +464,24 @@ function kube::codegen::gen_openapi() {
# --informers-name
# An optional override for the leaf name of the generated "informers" directory.
#
+# --plural-exceptions
+# An optional list of comma separated plural exception definitions in Type:PluralizedType form.
+#
function kube::codegen::gen_client() {
local in_pkg_root=""
+ local one_input_api=""
local out_pkg_root=""
local out_base="" # gengo needs the output dir must be $out_base/$out_pkg_root
local clientset_subdir="clientset"
local clientset_versioned_name="versioned"
local applyconfig="false"
local applyconfig_subdir="applyconfiguration"
+ local applyconfig_external=""
local watchable="false"
local listers_subdir="listers"
local informers_subdir="informers"
local boilerplate="${KUBE_CODEGEN_ROOT}/hack/boilerplate.go.txt"
+ local plural_exceptions=""
local v="${KUBE_VERBOSE:-0}"
while [ "$#" -gt 0 ]; do
@@ -453,6 +490,10 @@ function kube::codegen::gen_client() {
in_pkg_root="$2"
shift 2
;;
+ "--one-input-api")
+ one_input_api="/$2"
+ shift 2
+ ;;
"--output-pkg-root")
out_pkg_root="$2"
shift 2
@@ -481,6 +522,10 @@ function kube::codegen::gen_client() {
applyconfig_subdir="$2"
shift 2
;;
+ "--applyconfig-externals")
+ applyconfig_external="$2"
+ shift 2
+ ;;
"--with-watch")
watchable="true"
shift
@@ -493,6 +538,10 @@ function kube::codegen::gen_client() {
informers_subdir="$2"
shift 2
;;
+ "--plural-exceptions")
+ plural_exceptions="$2"
+ shift 2
+ ;;
*)
echo "unknown argument: $1" >&2
return 1
@@ -538,8 +587,7 @@ function kube::codegen::gen_client() {
local group_versions=()
local input_pkgs=()
- while read -r file; do
- dir="$(dirname "${file}")"
+ while read -r dir; do
pkg="$(cd "${dir}" && GO111MODULE=on go list -find .)"
leaf="$(basename "${dir}")"
if grep -E -q '^v[0-9]+((alpha|beta)[0-9]+)?$' <<< "${leaf}"; then
@@ -550,11 +598,13 @@ function kube::codegen::gen_client() {
group_versions+=("${leaf2}/${leaf}")
fi
done < <(
- ( kube::codegen::internal::git_grep -l \
+ ( kube::codegen::internal::grep -l --null \
-e '+genclient' \
- ":(glob)${in_root}"/'**/types.go' \
+ -r "${in_root}${one_input_api}" \
+ --include '*.go' \
|| true \
- ) | LC_ALL=C sort -u
+ ) | while read -r -d $'\0' F; do dirname "${F}"; done \
+ | LC_ALL=C sort -u
)
if [ "${#group_versions[@]}" == 0 ]; then
@@ -567,9 +617,10 @@ function kube::codegen::gen_client() {
echo "Generating applyconfig code for ${#input_pkgs[@]} targets"
- ( kube::codegen::internal::git_grep -l --null \
+ ( kube::codegen::internal::grep -l --null \
-e '^// Code generated by applyconfiguration-gen. DO NOT EDIT.$' \
- ":(glob)${out_root}/${applyconfig_subdir}"/'**/*.go' \
+ -r "${out_root}/${applyconfig_subdir}" \
+ --include '*.go' \
|| true \
) | xargs -0 rm -f
@@ -582,14 +633,16 @@ function kube::codegen::gen_client() {
--go-header-file "${boilerplate}" \
--output-base "${out_base}" \
--output-package "${out_pkg_root}/${applyconfig_subdir}" \
+ --external-applyconfigurations "${applyconfig_external}" \
"${inputs[@]}"
fi
echo "Generating client code for ${#group_versions[@]} targets"
- ( kube::codegen::internal::git_grep -l --null \
+ ( kube::codegen::internal::grep -l --null \
-e '^// Code generated by client-gen. DO NOT EDIT.$' \
- ":(glob)${out_root}/${clientset_subdir}"/'**/*.go' \
+ -r "${out_root}/${clientset_subdir}" \
+ --include '*.go' \
|| true \
) | xargs -0 rm -f
@@ -605,14 +658,16 @@ function kube::codegen::gen_client() {
--output-base "${out_base}" \
--output-package "${out_pkg_root}/${clientset_subdir}" \
--apply-configuration-package "${applyconfig_pkg}" \
+ --plural-exceptions "${plural_exceptions}" \
"${inputs[@]}"
if [ "${watchable}" == "true" ]; then
echo "Generating lister code for ${#input_pkgs[@]} targets"
- ( kube::codegen::internal::git_grep -l --null \
+ ( kube::codegen::internal::grep -l --null \
-e '^// Code generated by lister-gen. DO NOT EDIT.$' \
- ":(glob)${out_root}/${listers_subdir}"/'**/*.go' \
+ -r "${out_root}/${listers_subdir}" \
+ --include '*.go' \
|| true \
) | xargs -0 rm -f
@@ -625,13 +680,15 @@ function kube::codegen::gen_client() {
--go-header-file "${boilerplate}" \
--output-base "${out_base}" \
--output-package "${out_pkg_root}/${listers_subdir}" \
+ --plural-exceptions "${plural_exceptions}" \
"${inputs[@]}"
echo "Generating informer code for ${#input_pkgs[@]} targets"
- ( kube::codegen::internal::git_grep -l --null \
+ ( kube::codegen::internal::grep -l --null \
-e '^// Code generated by informer-gen. DO NOT EDIT.$' \
- ":(glob)${out_root}/${informers_subdir}"/'**/*.go' \
+ -r "${out_root}/${informers_subdir}" \
+ --include '*.go' \
|| true \
) | xargs -0 rm -f
@@ -646,6 +703,7 @@ function kube::codegen::gen_client() {
--output-package "${out_pkg_root}/${informers_subdir}" \
--versioned-clientset-package "${out_pkg_root}/${clientset_subdir}/${clientset_versioned_name}" \
--listers-package "${out_pkg_root}/${listers_subdir}" \
+ --plural-exceptions "${plural_exceptions}" \
"${inputs[@]}"
fi
}
diff --git a/vendor/k8s.io/component-base/featuregate/feature_gate.go b/vendor/k8s.io/component-base/featuregate/feature_gate.go
index a826b0e67e..1e441289ea 100644
--- a/vendor/k8s.io/component-base/featuregate/feature_gate.go
+++ b/vendor/k8s.io/component-base/featuregate/feature_gate.go
@@ -115,6 +115,17 @@ type MutableFeatureGate interface {
GetAll() map[Feature]FeatureSpec
// AddMetrics adds feature enablement metrics
AddMetrics()
+ // OverrideDefault sets a local override for the registered default value of a named
+ // feature. If the feature has not been previously registered (e.g. by a call to Add), has a
+ // locked default, or if the gate has already registered itself with a FlagSet, a non-nil
+ // error is returned.
+ //
+ // When two or more components consume a common feature, one component can override its
+ // default at runtime in order to adopt new defaults before or after the other
+ // components. For example, a new feature can be evaluated with a limited blast radius by
+ // overriding its default to true for a limited number of components without simultaneously
+ // changing its default for all consuming components.
+ OverrideDefault(name Feature, override bool) error
}
// featureGate implements FeatureGate as well as pflag.Value for flag parsing.
@@ -126,9 +137,9 @@ type featureGate struct {
// lock guards writes to known, enabled, and reads/writes of closed
lock sync.Mutex
// known holds a map[Feature]FeatureSpec
- known *atomic.Value
+ known atomic.Value
// enabled holds a map[Feature]bool
- enabled *atomic.Value
+ enabled atomic.Value
// closed is set to true when AddFlag is called, and prevents subsequent calls to Add
closed bool
}
@@ -166,19 +177,13 @@ func NewFeatureGate() *featureGate {
known[k] = v
}
- knownValue := &atomic.Value{}
- knownValue.Store(known)
-
- enabled := map[Feature]bool{}
- enabledValue := &atomic.Value{}
- enabledValue.Store(enabled)
-
f := &featureGate{
featureGateName: naming.GetNameFromCallsite(internalPackages...),
- known: knownValue,
special: specialFeatures,
- enabled: enabledValue,
}
+ f.known.Store(known)
+ f.enabled.Store(map[Feature]bool{})
+
return f
}
@@ -296,6 +301,38 @@ func (f *featureGate) Add(features map[Feature]FeatureSpec) error {
return nil
}
+func (f *featureGate) OverrideDefault(name Feature, override bool) error {
+ f.lock.Lock()
+ defer f.lock.Unlock()
+
+ if f.closed {
+ return fmt.Errorf("cannot override default for feature %q: gates already added to a flag set", name)
+ }
+
+ known := map[Feature]FeatureSpec{}
+ for name, spec := range f.known.Load().(map[Feature]FeatureSpec) {
+ known[name] = spec
+ }
+
+ spec, ok := known[name]
+ switch {
+ case !ok:
+ return fmt.Errorf("cannot override default: feature %q is not registered", name)
+ case spec.LockToDefault:
+ return fmt.Errorf("cannot override default: feature %q default is locked to %t", name, spec.Default)
+ case spec.PreRelease == Deprecated:
+ klog.Warningf("Overriding default of deprecated feature gate %s=%t. It will be removed in a future release.", name, override)
+ case spec.PreRelease == GA:
+ klog.Warningf("Overriding default of GA feature gate %s=%t. It will be removed in a future release.", name, override)
+ }
+
+ spec.Default = override
+ known[name] = spec
+ f.known.Store(known)
+
+ return nil
+}
+
// GetAll returns a copy of the map of known feature names to feature specs.
func (f *featureGate) GetAll() map[Feature]FeatureSpec {
retval := map[Feature]FeatureSpec{}
@@ -367,19 +404,16 @@ func (f *featureGate) DeepCopy() MutableFeatureGate {
enabled[k] = v
}
- // Store copied state in new atomics.
- knownValue := &atomic.Value{}
- knownValue.Store(known)
- enabledValue := &atomic.Value{}
- enabledValue.Store(enabled)
-
// Construct a new featureGate around the copied state.
// Note that specialFeatures is treated as immutable by convention,
// and we maintain the value of f.closed across the copy.
- return &featureGate{
+ fg := &featureGate{
special: specialFeatures,
- known: knownValue,
- enabled: enabledValue,
closed: f.closed,
}
+
+ fg.known.Store(known)
+ fg.enabled.Store(enabled)
+
+ return fg
}
diff --git a/vendor/k8s.io/component-base/logs/api/v1/kube_features.go b/vendor/k8s.io/component-base/logs/api/v1/kube_features.go
index ae434ecd64..4cfc69f891 100644
--- a/vendor/k8s.io/component-base/logs/api/v1/kube_features.go
+++ b/vendor/k8s.io/component-base/logs/api/v1/kube_features.go
@@ -24,15 +24,17 @@ const (
// owner: @pohly
// kep: https://kep.k8s.io/3077
// alpha: v1.24
+ // beta: v1.30
//
// Enables looking up a logger from a context.Context instead of using
// the global fallback logger and manipulating the logger that is
// used by a call chain.
ContextualLogging featuregate.Feature = "ContextualLogging"
- // contextualLoggingDefault must remain false while in alpha. It can
- // become true in beta.
- contextualLoggingDefault = false
+ // contextualLoggingDefault is now true because the feature reached beta
+ // and performance comparisons showed no relevant degradation when
+ // enabling it.
+ contextualLoggingDefault = true
// Allow fine-tuning of experimental, alpha-quality logging options.
//
@@ -57,7 +59,7 @@ const (
func featureGates() map[featuregate.Feature]featuregate.FeatureSpec {
return map[featuregate.Feature]featuregate.FeatureSpec{
- ContextualLogging: {Default: contextualLoggingDefault, PreRelease: featuregate.Alpha},
+ ContextualLogging: {Default: contextualLoggingDefault, PreRelease: featuregate.Beta},
LoggingAlphaOptions: {Default: false, PreRelease: featuregate.Alpha},
LoggingBetaOptions: {Default: true, PreRelease: featuregate.Beta},
diff --git a/vendor/k8s.io/component-base/logs/api/v1/options.go b/vendor/k8s.io/component-base/logs/api/v1/options.go
index 2db9b1f538..4abcc1de81 100644
--- a/vendor/k8s.io/component-base/logs/api/v1/options.go
+++ b/vendor/k8s.io/component-base/logs/api/v1/options.go
@@ -31,6 +31,7 @@ import (
"github.com/spf13/pflag"
"k8s.io/klog/v2"
+ "k8s.io/klog/v2/textlogger"
"k8s.io/apimachinery/pkg/api/resource"
"k8s.io/apimachinery/pkg/util/validation/field"
@@ -188,10 +189,22 @@ func Validate(c *LoggingConfiguration, featureGate featuregate.FeatureGate, fldP
func validateFormatOptions(c *LoggingConfiguration, featureGate featuregate.FeatureGate, fldPath *field.Path) field.ErrorList {
errs := field.ErrorList{}
+ errs = append(errs, validateTextOptions(c, featureGate, fldPath.Child("text"))...)
errs = append(errs, validateJSONOptions(c, featureGate, fldPath.Child("json"))...)
return errs
}
+func validateTextOptions(c *LoggingConfiguration, featureGate featuregate.FeatureGate, fldPath *field.Path) field.ErrorList {
+ errs := field.ErrorList{}
+ if gate := LoggingAlphaOptions; c.Options.Text.SplitStream && !featureEnabled(featureGate, gate) {
+ errs = append(errs, field.Forbidden(fldPath.Child("splitStream"), fmt.Sprintf("Feature %s is disabled", gate)))
+ }
+ if gate := LoggingAlphaOptions; c.Options.Text.InfoBufferSize.Value() != 0 && !featureEnabled(featureGate, gate) {
+ errs = append(errs, field.Forbidden(fldPath.Child("infoBufferSize"), fmt.Sprintf("Feature %s is disabled", gate)))
+ }
+ return errs
+}
+
func validateJSONOptions(c *LoggingConfiguration, featureGate featuregate.FeatureGate, fldPath *field.Path) field.ErrorList {
errs := field.ErrorList{}
if gate := LoggingAlphaOptions; c.Options.JSON.SplitStream && !featureEnabled(featureGate, gate) {
@@ -254,7 +267,14 @@ func apply(c *LoggingConfiguration, options *LoggingOptions, featureGate feature
defer setverbositylevel.Mutex.Unlock()
setverbositylevel.Callbacks = append(setverbositylevel.Callbacks, control.SetVerbosityLevel)
}
- klog.SetLoggerWithOptions(log, klog.ContextualLogger(p.ContextualLoggingEnabled), klog.FlushLogger(control.Flush))
+ opts := []klog.LoggerOption{
+ klog.ContextualLogger(p.ContextualLoggingEnabled),
+ klog.FlushLogger(control.Flush),
+ }
+ if writer, ok := log.GetSink().(textlogger.KlogBufferWriter); ok {
+ opts = append(opts, klog.WriteKlogBuffer(writer.WriteKlogBuffer))
+ }
+ klog.SetLoggerWithOptions(log, opts...)
}
if err := loggingFlags.Lookup("v").Value.Set(VerbosityLevelPflag(&c.Verbosity).String()); err != nil {
return fmt.Errorf("internal error while setting klog verbosity: %v", err)
@@ -346,6 +366,9 @@ func addFlags(c *LoggingConfiguration, fs flagSet) {
fs.VarP(VerbosityLevelPflag(&c.Verbosity), "v", "v", "number for the log level verbosity")
fs.Var(VModuleConfigurationPflag(&c.VModule), "vmodule", "comma-separated list of pattern=N settings for file-filtered logging (only works for text log format)")
+ fs.BoolVar(&c.Options.Text.SplitStream, "log-text-split-stream", false, "[Alpha] In text format, write error messages to stderr and info messages to stdout. The default is to write a single stream to stdout. Enable the LoggingAlphaOptions feature gate to use this.")
+ fs.Var(&c.Options.Text.InfoBufferSize, "log-text-info-buffer-size", "[Alpha] In text format with split output streams, the info messages can be buffered for a while to increase performance. The default value of zero bytes disables buffering. The size can be specified as number of bytes (512), multiples of 1000 (1K), multiples of 1024 (2Ki), or powers of those (3M, 4G, 5Mi, 6Gi). Enable the LoggingAlphaOptions feature gate to use this.")
+
// JSON options. We only register them if "json" is a valid format. The
// config file API however always has them.
if _, err := logRegistry.get("json"); err == nil {
@@ -368,16 +391,21 @@ func SetRecommendedLoggingConfiguration(c *LoggingConfiguration) {
c.FlushFrequency.Duration.Duration = LogFlushFreqDefault
c.FlushFrequency.SerializeAsString = true
}
+ setRecommendedOutputRouting(&c.Options.Text.OutputRoutingOptions)
+ setRecommendedOutputRouting(&c.Options.JSON.OutputRoutingOptions)
+}
+
+func setRecommendedOutputRouting(o *OutputRoutingOptions) {
var empty resource.QuantityValue
- if c.Options.JSON.InfoBufferSize == empty {
- c.Options.JSON.InfoBufferSize = resource.QuantityValue{
+ if o.InfoBufferSize == empty {
+ o.InfoBufferSize = resource.QuantityValue{
// This is similar, but not quite the same as a default
// constructed instance.
Quantity: *resource.NewQuantity(0, resource.DecimalSI),
}
// This sets the unexported Quantity.s which will be compared
// by reflect.DeepEqual in some tests.
- _ = c.Options.JSON.InfoBufferSize.String()
+ _ = o.InfoBufferSize.String()
}
}
diff --git a/vendor/k8s.io/component-base/logs/api/v1/registry.go b/vendor/k8s.io/component-base/logs/api/v1/registry.go
index 6dc23ec182..f16c9ce6f1 100644
--- a/vendor/k8s.io/component-base/logs/api/v1/registry.go
+++ b/vendor/k8s.io/component-base/logs/api/v1/registry.go
@@ -79,7 +79,7 @@ func newLogFormatRegistry() *logFormatRegistry {
registry: make(map[string]logFormat),
frozen: false,
}
- registry.register("text", logFormat{feature: LoggingStableOptions})
+ _ = registry.register(DefaultLogFormat, logFormat{factory: textFactory{}, feature: LoggingStableOptions})
return registry
}
diff --git a/vendor/k8s.io/component-base/logs/api/v1/text.go b/vendor/k8s.io/component-base/logs/api/v1/text.go
new file mode 100644
index 0000000000..2983d7d920
--- /dev/null
+++ b/vendor/k8s.io/component-base/logs/api/v1/text.go
@@ -0,0 +1,142 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import (
+ "bufio"
+ "fmt"
+ "io"
+ "sync"
+
+ "github.com/go-logr/logr"
+
+ "k8s.io/component-base/featuregate"
+ "k8s.io/klog/v2/textlogger"
+)
+
+// textFactory produces klog text logger instances.
+type textFactory struct{}
+
+var _ LogFormatFactory = textFactory{}
+
+func (f textFactory) Feature() featuregate.Feature {
+ return LoggingStableOptions
+}
+
+func (f textFactory) Create(c LoggingConfiguration, o LoggingOptions) (logr.Logger, RuntimeControl) {
+ output := o.ErrorStream
+ var flush func()
+ if c.Options.Text.SplitStream {
+ r := &klogMsgRouter{
+ info: o.InfoStream,
+ error: o.ErrorStream,
+ }
+ size := c.Options.Text.InfoBufferSize.Value()
+ if size > 0 {
+ // Prevent integer overflow.
+ if size > 2*1024*1024*1024 {
+ size = 2 * 1024 * 1024 * 1024
+ }
+ info := newBufferedWriter(r.info, int(size))
+ flush = info.Flush
+ r.info = info
+ }
+ output = r
+ }
+
+ options := []textlogger.ConfigOption{
+ textlogger.Verbosity(int(c.Verbosity)),
+ textlogger.Output(output),
+ }
+ loggerConfig := textlogger.NewConfig(options...)
+
+ // This should never fail, we produce a valid string here.
+ _ = loggerConfig.VModule().Set(VModuleConfigurationPflag(&c.VModule).String())
+
+ return textlogger.NewLogger(loggerConfig),
+ RuntimeControl{
+ SetVerbosityLevel: func(v uint32) error {
+ return loggerConfig.Verbosity().Set(fmt.Sprintf("%d", v))
+ },
+ Flush: flush,
+ }
+}
+
+type klogMsgRouter struct {
+ info, error io.Writer
+}
+
+var _ io.Writer = &klogMsgRouter{}
+
+// Write redirects the message into either the info or error
+// stream, depending on its type as indicated in text format
+// by the first byte.
+func (r *klogMsgRouter) Write(p []byte) (int, error) {
+ if len(p) == 0 {
+ return 0, nil
+ }
+
+ if p[0] == 'I' {
+ return r.info.Write(p)
+ }
+ return r.error.Write(p)
+}
+
+// bufferedWriter is an io.Writer that buffers writes in-memory before
+// flushing them to a wrapped io.Writer after reaching some limit
+// or getting flushed.
+type bufferedWriter struct {
+ mu sync.Mutex
+ writer *bufio.Writer
+ out io.Writer
+}
+
+func newBufferedWriter(out io.Writer, size int) *bufferedWriter {
+ return &bufferedWriter{
+ writer: bufio.NewWriterSize(out, size),
+ out: out,
+ }
+}
+
+func (b *bufferedWriter) Write(p []byte) (int, error) {
+ b.mu.Lock()
+ defer b.mu.Unlock()
+
+ // To avoid partial writes into the underlying writer, we ensure that
+ // the entire new data fits into the buffer or flush first.
+ if len(p) > b.writer.Available() && b.writer.Buffered() > 0 {
+ if err := b.writer.Flush(); err != nil {
+ return 0, err
+ }
+ }
+
+ // If it still doesn't fit, then we bypass the now empty buffer
+ // and write directly.
+ if len(p) > b.writer.Available() {
+ return b.out.Write(p)
+ }
+
+ // This goes into the buffer.
+ return b.writer.Write(p)
+}
+
+func (b *bufferedWriter) Flush() {
+ b.mu.Lock()
+ defer b.mu.Unlock()
+
+ _ = b.writer.Flush()
+}
diff --git a/vendor/k8s.io/component-base/logs/api/v1/types.go b/vendor/k8s.io/component-base/logs/api/v1/types.go
index 33becd9d02..603ccb4740 100644
--- a/vendor/k8s.io/component-base/logs/api/v1/types.go
+++ b/vendor/k8s.io/component-base/logs/api/v1/types.go
@@ -94,13 +94,26 @@ func (t *TimeOrMetaDuration) UnmarshalJSON(b []byte) error {
// FormatOptions contains options for the different logging formats.
type FormatOptions struct {
+ // [Alpha] Text contains options for logging format "text".
+ // Only available when the LoggingAlphaOptions feature gate is enabled.
+ Text TextOptions `json:"text,omitempty"`
// [Alpha] JSON contains options for logging format "json".
// Only available when the LoggingAlphaOptions feature gate is enabled.
JSON JSONOptions `json:"json,omitempty"`
}
+// TextOptions contains options for logging format "text".
+type TextOptions struct {
+ OutputRoutingOptions `json:",inline"`
+}
+
// JSONOptions contains options for logging format "json".
type JSONOptions struct {
+ OutputRoutingOptions `json:",inline"`
+}
+
+// OutputRoutingOptions contains options that are supported by both "text" and "json".
+type OutputRoutingOptions struct {
// [Alpha] SplitStream redirects error messages to stderr while
// info messages go to stdout, with buffering. The default is to write
// both to stdout, without buffering. Only available when
diff --git a/vendor/k8s.io/component-base/logs/api/v1/zz_generated.deepcopy.go b/vendor/k8s.io/component-base/logs/api/v1/zz_generated.deepcopy.go
index e90cbcb349..0317c80202 100644
--- a/vendor/k8s.io/component-base/logs/api/v1/zz_generated.deepcopy.go
+++ b/vendor/k8s.io/component-base/logs/api/v1/zz_generated.deepcopy.go
@@ -24,6 +24,7 @@ package v1
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *FormatOptions) DeepCopyInto(out *FormatOptions) {
*out = *in
+ in.Text.DeepCopyInto(&out.Text)
in.JSON.DeepCopyInto(&out.JSON)
return
}
@@ -41,7 +42,7 @@ func (in *FormatOptions) DeepCopy() *FormatOptions {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *JSONOptions) DeepCopyInto(out *JSONOptions) {
*out = *in
- in.InfoBufferSize.DeepCopyInto(&out.InfoBufferSize)
+ in.OutputRoutingOptions.DeepCopyInto(&out.OutputRoutingOptions)
return
}
@@ -78,6 +79,40 @@ func (in *LoggingConfiguration) DeepCopy() *LoggingConfiguration {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *OutputRoutingOptions) DeepCopyInto(out *OutputRoutingOptions) {
+ *out = *in
+ in.InfoBufferSize.DeepCopyInto(&out.InfoBufferSize)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OutputRoutingOptions.
+func (in *OutputRoutingOptions) DeepCopy() *OutputRoutingOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(OutputRoutingOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TextOptions) DeepCopyInto(out *TextOptions) {
+ *out = *in
+ in.OutputRoutingOptions.DeepCopyInto(&out.OutputRoutingOptions)
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TextOptions.
+func (in *TextOptions) DeepCopy() *TextOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(TextOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TimeOrMetaDuration) DeepCopyInto(out *TimeOrMetaDuration) {
*out = *in
diff --git a/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go b/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go
index 3d464d12d7..3741e8d3d9 100644
--- a/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go
+++ b/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go
@@ -28,8 +28,6 @@ const (
Error HealthcheckStatus = "error"
)
-type HealthcheckType string
-
var (
// healthcheck is a Prometheus Gauge metrics used for recording the results of a k8s healthcheck.
healthcheck = k8smetrics.NewGaugeVec(
@@ -57,6 +55,7 @@ var (
func Register(registry k8smetrics.KubeRegistry) {
registry.Register(healthcheck)
registry.Register(healthchecksTotal)
+ _ = k8smetrics.RegisterProcessStartTime(registry.Register)
}
func ResetHealthMetrics() {
diff --git a/vendor/k8s.io/component-base/metrics/testutil/testutil.go b/vendor/k8s.io/component-base/metrics/testutil/testutil.go
index 26d2d5fd71..b00f949c37 100644
--- a/vendor/k8s.io/component-base/metrics/testutil/testutil.go
+++ b/vendor/k8s.io/component-base/metrics/testutil/testutil.go
@@ -19,7 +19,6 @@ package testutil
import (
"fmt"
"io"
- "testing"
"github.com/prometheus/client_golang/prometheus/testutil"
@@ -28,6 +27,12 @@ import (
"k8s.io/component-base/metrics/legacyregistry"
)
+type TB interface {
+ Logf(format string, args ...any)
+ Errorf(format string, args ...any)
+ Fatalf(format string, args ...any)
+}
+
// CollectAndCompare registers the provided Collector with a newly created
// pedantic Registry. It then does the same as GatherAndCompare, gathering the
// metrics from the pedantic Registry.
@@ -94,7 +99,7 @@ func NewFakeKubeRegistry(ver string) metrics.KubeRegistry {
return metrics.NewKubeRegistry()
}
-func AssertVectorCount(t *testing.T, name string, labelFilter map[string]string, wantCount int) {
+func AssertVectorCount(t TB, name string, labelFilter map[string]string, wantCount int) {
metrics, err := legacyregistry.DefaultGatherer.Gather()
if err != nil {
t.Fatalf("Failed to gather metrics: %s", err)
@@ -124,7 +129,7 @@ func AssertVectorCount(t *testing.T, name string, labelFilter map[string]string,
}
}
-func AssertHistogramTotalCount(t *testing.T, name string, labelFilter map[string]string, wantCount int) {
+func AssertHistogramTotalCount(t TB, name string, labelFilter map[string]string, wantCount int) {
metrics, err := legacyregistry.DefaultGatherer.Gather()
if err != nil {
t.Fatalf("Failed to gather metrics: %s", err)
diff --git a/vendor/k8s.io/component-base/tracing/utils.go b/vendor/k8s.io/component-base/tracing/utils.go
index 72c8cf23e8..b5141f0338 100644
--- a/vendor/k8s.io/component-base/tracing/utils.go
+++ b/vendor/k8s.io/component-base/tracing/utils.go
@@ -91,7 +91,7 @@ func NewProvider(ctx context.Context,
}
// WithTracing adds tracing to requests if the incoming request is sampled
-func WithTracing(handler http.Handler, tp oteltrace.TracerProvider, serviceName string) http.Handler {
+func WithTracing(handler http.Handler, tp oteltrace.TracerProvider, spanName string) http.Handler {
opts := []otelhttp.Option{
otelhttp.WithPropagators(Propagators()),
otelhttp.WithTracerProvider(tp),
@@ -106,7 +106,7 @@ func WithTracing(handler http.Handler, tp oteltrace.TracerProvider, serviceName
})
// With Noop TracerProvider, the otelhttp still handles context propagation.
// See https://github.com/open-telemetry/opentelemetry-go/tree/main/example/passthrough
- return otelhttp.NewHandler(wrappedHandler, serviceName, opts...)
+ return otelhttp.NewHandler(wrappedHandler, spanName, opts...)
}
// WrapperFor can be used to add tracing to a *rest.Config.
diff --git a/vendor/k8s.io/klog/v2/OWNERS b/vendor/k8s.io/klog/v2/OWNERS
index a2fe8f351b..7500475a64 100644
--- a/vendor/k8s.io/klog/v2/OWNERS
+++ b/vendor/k8s.io/klog/v2/OWNERS
@@ -1,14 +1,16 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- harshanarayana
+ - mengjiao-liu
- pohly
approvers:
- dims
+ - pohly
- thockin
- - serathius
emeritus_approvers:
- brancz
- justinsb
- lavalamp
- piosz
+ - serathius
- tallclair
diff --git a/vendor/k8s.io/apiserver/pkg/apis/config/v1/doc.go b/vendor/k8s.io/klog/v2/contextual_slog.go
similarity index 59%
rename from vendor/k8s.io/apiserver/pkg/apis/config/v1/doc.go
rename to vendor/k8s.io/klog/v2/contextual_slog.go
index b1a18ccab5..d3b562521d 100644
--- a/vendor/k8s.io/apiserver/pkg/apis/config/v1/doc.go
+++ b/vendor/k8s.io/klog/v2/contextual_slog.go
@@ -1,5 +1,8 @@
+//go:build go1.21
+// +build go1.21
+
/*
-Copyright 2018 The Kubernetes Authors.
+Copyright 2021 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -14,10 +17,15 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-// +k8s:conversion-gen=k8s.io/apiserver/pkg/apis/config
-// +k8s:deepcopy-gen=package
-// +k8s:defaulter-gen=TypeMeta
-// +groupName=apiserver.config.k8s.io
+package klog
+
+import (
+ "log/slog"
+
+ "github.com/go-logr/logr"
+)
-// Package v1 is the v1 version of the API.
-package v1
+// SetSlogLogger reconfigures klog to log through the slog logger. The logger must not be nil.
+func SetSlogLogger(logger *slog.Logger) {
+ SetLoggerWithOptions(logr.FromSlogHandler(logger.Handler()), ContextualLogger(true))
+}
diff --git a/vendor/k8s.io/klog/v2/internal/verbosity/verbosity.go b/vendor/k8s.io/klog/v2/internal/verbosity/verbosity.go
new file mode 100644
index 0000000000..40ec27d87a
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/internal/verbosity/verbosity.go
@@ -0,0 +1,303 @@
+/*
+Copyright 2013 Google Inc. All Rights Reserved.
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package verbosity
+
+import (
+ "bytes"
+ "errors"
+ "flag"
+ "fmt"
+ "path/filepath"
+ "runtime"
+ "strconv"
+ "strings"
+ "sync"
+ "sync/atomic"
+)
+
+// New returns a struct that implements -v and -vmodule support. Changing and
+// checking these settings is thread-safe, with all concurrency issues handled
+// internally.
+func New() *VState {
+ vs := new(VState)
+
+ // The two fields must have a pointer to the overal struct for their
+ // implementation of Set.
+ vs.vmodule.vs = vs
+ vs.verbosity.vs = vs
+
+ return vs
+}
+
+// Value is an extension that makes it possible to use the values in pflag.
+type Value interface {
+ flag.Value
+ Type() string
+}
+
+func (vs *VState) V() Value {
+ return &vs.verbosity
+}
+
+func (vs *VState) VModule() Value {
+ return &vs.vmodule
+}
+
+// VState contains settings and state. Some of its fields can be accessed
+// through atomic read/writes, in other cases a mutex must be held.
+type VState struct {
+ mu sync.Mutex
+
+ // These flags are modified only under lock, although verbosity may be fetched
+ // safely using atomic.LoadInt32.
+ vmodule moduleSpec // The state of the -vmodule flag.
+ verbosity levelSpec // V logging level, the value of the -v flag/
+
+ // pcs is used in V to avoid an allocation when computing the caller's PC.
+ pcs [1]uintptr
+ // vmap is a cache of the V Level for each V() call site, identified by PC.
+ // It is wiped whenever the vmodule flag changes state.
+ vmap map[uintptr]Level
+ // filterLength stores the length of the vmodule filter chain. If greater
+ // than zero, it means vmodule is enabled. It may be read safely
+ // using sync.LoadInt32, but is only modified under mu.
+ filterLength int32
+}
+
+// Level must be an int32 to support atomic read/writes.
+type Level int32
+
+type levelSpec struct {
+ vs *VState
+ l Level
+}
+
+// get returns the value of the level.
+func (l *levelSpec) get() Level {
+ return Level(atomic.LoadInt32((*int32)(&l.l)))
+}
+
+// set sets the value of the level.
+func (l *levelSpec) set(val Level) {
+ atomic.StoreInt32((*int32)(&l.l), int32(val))
+}
+
+// String is part of the flag.Value interface.
+func (l *levelSpec) String() string {
+ return strconv.FormatInt(int64(l.l), 10)
+}
+
+// Get is part of the flag.Getter interface. It returns the
+// verbosity level as int32.
+func (l *levelSpec) Get() interface{} {
+ return int32(l.l)
+}
+
+// Type is part of pflag.Value.
+func (l *levelSpec) Type() string {
+ return "Level"
+}
+
+// Set is part of the flag.Value interface.
+func (l *levelSpec) Set(value string) error {
+ v, err := strconv.ParseInt(value, 10, 32)
+ if err != nil {
+ return err
+ }
+ l.vs.mu.Lock()
+ defer l.vs.mu.Unlock()
+ l.vs.set(Level(v), l.vs.vmodule.filter, false)
+ return nil
+}
+
+// moduleSpec represents the setting of the -vmodule flag.
+type moduleSpec struct {
+ vs *VState
+ filter []modulePat
+}
+
+// modulePat contains a filter for the -vmodule flag.
+// It holds a verbosity level and a file pattern to match.
+type modulePat struct {
+ pattern string
+ literal bool // The pattern is a literal string
+ level Level
+}
+
+// match reports whether the file matches the pattern. It uses a string
+// comparison if the pattern contains no metacharacters.
+func (m *modulePat) match(file string) bool {
+ if m.literal {
+ return file == m.pattern
+ }
+ match, _ := filepath.Match(m.pattern, file)
+ return match
+}
+
+func (m *moduleSpec) String() string {
+ // Lock because the type is not atomic. TODO: clean this up.
+ // Empty instances don't have and don't need a lock (can
+ // happen when flag uses introspection).
+ if m.vs != nil {
+ m.vs.mu.Lock()
+ defer m.vs.mu.Unlock()
+ }
+ var b bytes.Buffer
+ for i, f := range m.filter {
+ if i > 0 {
+ b.WriteRune(',')
+ }
+ fmt.Fprintf(&b, "%s=%d", f.pattern, f.level)
+ }
+ return b.String()
+}
+
+// Get is part of the (Go 1.2) flag.Getter interface. It always returns nil for this flag type since the
+// struct is not exported.
+func (m *moduleSpec) Get() interface{} {
+ return nil
+}
+
+// Type is part of pflag.Value
+func (m *moduleSpec) Type() string {
+ return "pattern=N,..."
+}
+
+var errVmoduleSyntax = errors.New("syntax error: expect comma-separated list of filename=N")
+
+// Set will sets module value
+// Syntax: -vmodule=recordio=2,file=1,gfs*=3
+func (m *moduleSpec) Set(value string) error {
+ var filter []modulePat
+ for _, pat := range strings.Split(value, ",") {
+ if len(pat) == 0 {
+ // Empty strings such as from a trailing comma can be ignored.
+ continue
+ }
+ patLev := strings.Split(pat, "=")
+ if len(patLev) != 2 || len(patLev[0]) == 0 || len(patLev[1]) == 0 {
+ return errVmoduleSyntax
+ }
+ pattern := patLev[0]
+ v, err := strconv.ParseInt(patLev[1], 10, 32)
+ if err != nil {
+ return errors.New("syntax error: expect comma-separated list of filename=N")
+ }
+ if v < 0 {
+ return errors.New("negative value for vmodule level")
+ }
+ if v == 0 {
+ continue // Ignore. It's harmless but no point in paying the overhead.
+ }
+ // TODO: check syntax of filter?
+ filter = append(filter, modulePat{pattern, isLiteral(pattern), Level(v)})
+ }
+ m.vs.mu.Lock()
+ defer m.vs.mu.Unlock()
+ m.vs.set(m.vs.verbosity.l, filter, true)
+ return nil
+}
+
+// isLiteral reports whether the pattern is a literal string, that is, has no metacharacters
+// that require filepath.Match to be called to match the pattern.
+func isLiteral(pattern string) bool {
+ return !strings.ContainsAny(pattern, `\*?[]`)
+}
+
+// set sets a consistent state for V logging.
+// The mutex must be held.
+func (vs *VState) set(l Level, filter []modulePat, setFilter bool) {
+ // Turn verbosity off so V will not fire while we are in transition.
+ vs.verbosity.set(0)
+ // Ditto for filter length.
+ atomic.StoreInt32(&vs.filterLength, 0)
+
+ // Set the new filters and wipe the pc->Level map if the filter has changed.
+ if setFilter {
+ vs.vmodule.filter = filter
+ vs.vmap = make(map[uintptr]Level)
+ }
+
+ // Things are consistent now, so enable filtering and verbosity.
+ // They are enabled in order opposite to that in V.
+ atomic.StoreInt32(&vs.filterLength, int32(len(filter)))
+ vs.verbosity.set(l)
+}
+
+// Enabled checks whether logging is enabled at the given level. This must be
+// called with depth=0 when the caller of enabled will do the logging and
+// higher values when more stack levels need to be skipped.
+//
+// The mutex will be locked only if needed.
+func (vs *VState) Enabled(level Level, depth int) bool {
+ // This function tries hard to be cheap unless there's work to do.
+ // The fast path is two atomic loads and compares.
+
+ // Here is a cheap but safe test to see if V logging is enabled globally.
+ if vs.verbosity.get() >= level {
+ return true
+ }
+
+ // It's off globally but vmodule may still be set.
+ // Here is another cheap but safe test to see if vmodule is enabled.
+ if atomic.LoadInt32(&vs.filterLength) > 0 {
+ // Now we need a proper lock to use the logging structure. The pcs field
+ // is shared so we must lock before accessing it. This is fairly expensive,
+ // but if V logging is enabled we're slow anyway.
+ vs.mu.Lock()
+ defer vs.mu.Unlock()
+ if runtime.Callers(depth+2, vs.pcs[:]) == 0 {
+ return false
+ }
+ // runtime.Callers returns "return PCs", but we want
+ // to look up the symbolic information for the call,
+ // so subtract 1 from the PC. runtime.CallersFrames
+ // would be cleaner, but allocates.
+ pc := vs.pcs[0] - 1
+ v, ok := vs.vmap[pc]
+ if !ok {
+ v = vs.setV(pc)
+ }
+ return v >= level
+ }
+ return false
+}
+
+// setV computes and remembers the V level for a given PC
+// when vmodule is enabled.
+// File pattern matching takes the basename of the file, stripped
+// of its .go suffix, and uses filepath.Match, which is a little more
+// general than the *? matching used in C++.
+// Mutex is held.
+func (vs *VState) setV(pc uintptr) Level {
+ fn := runtime.FuncForPC(pc)
+ file, _ := fn.FileLine(pc)
+ // The file is something like /a/b/c/d.go. We want just the d.
+ file = strings.TrimSuffix(file, ".go")
+ if slash := strings.LastIndex(file, "/"); slash >= 0 {
+ file = file[slash+1:]
+ }
+ for _, filter := range vs.vmodule.filter {
+ if filter.match(file) {
+ vs.vmap[pc] = filter.level
+ return filter.level
+ }
+ }
+ vs.vmap[pc] = 0
+ return 0
+}
diff --git a/vendor/k8s.io/klog/v2/klog.go b/vendor/k8s.io/klog/v2/klog.go
index 72502db3ae..026be9e3b1 100644
--- a/vendor/k8s.io/klog/v2/klog.go
+++ b/vendor/k8s.io/klog/v2/klog.go
@@ -14,9 +14,26 @@
// See the License for the specific language governing permissions and
// limitations under the License.
-// Package klog implements logging analogous to the Google-internal C++ INFO/ERROR/V setup.
-// It provides functions Info, Warning, Error, Fatal, plus formatting variants such as
-// Infof. It also provides V-style logging controlled by the -v and -vmodule=file=2 flags.
+// Package klog contains the following functionality:
+//
+// - output routing as defined via command line flags ([InitFlags])
+// - log formatting as text, either with a single, unstructured string ([Info], [Infof], etc.)
+// or as a structured log entry with message and key/value pairs ([InfoS], etc.)
+// - management of a go-logr [Logger] ([SetLogger], [Background], [TODO])
+// - helper functions for logging values ([Format]) and managing the state of klog ([CaptureState], [State.Restore])
+// - wrappers for [logr] APIs for contextual logging where the wrappers can
+// be turned into no-ops ([EnableContextualLogging], [NewContext], [FromContext],
+// [LoggerWithValues], [LoggerWithName]); if the ability to turn off
+// contextual logging is not needed, then go-logr can also be used directly
+// - type aliases for go-logr types to simplify imports in code which uses both (e.g. [Logger])
+// - [k8s.io/klog/v2/textlogger]: a logger which uses the same formatting as klog log with
+// simpler output routing; beware that it comes with its own command line flags
+// and does not use the ones from klog
+// - [k8s.io/klog/v2/ktesting]: per-test output in Go unit tests
+// - [k8s.io/klog/v2/klogr]: a deprecated, standalone [logr.Logger] on top of the main klog package;
+// use [Background] instead if klog output routing is needed, [k8s.io/klog/v2/textlogger] if not
+// - [k8s.io/klog/v2/examples]: demos of this functionality
+// - [k8s.io/klog/v2/test]: reusable tests for [logr.Logger] implementations
//
// Basic examples:
//
diff --git a/vendor/k8s.io/klog/v2/klogr_slog.go b/vendor/k8s.io/klog/v2/klogr_slog.go
index f7bf740306..c77d7baafa 100644
--- a/vendor/k8s.io/klog/v2/klogr_slog.go
+++ b/vendor/k8s.io/klog/v2/klogr_slog.go
@@ -25,7 +25,7 @@ import (
"strconv"
"time"
- "github.com/go-logr/logr/slogr"
+ "github.com/go-logr/logr"
"k8s.io/klog/v2/internal/buffer"
"k8s.io/klog/v2/internal/serialize"
@@ -35,7 +35,7 @@ import (
func (l *klogger) Handle(ctx context.Context, record slog.Record) error {
if logging.logger != nil {
- if slogSink, ok := logging.logger.GetSink().(slogr.SlogSink); ok {
+ if slogSink, ok := logging.logger.GetSink().(logr.SlogSink); ok {
// Let that logger do the work.
return slogSink.Handle(ctx, record)
}
@@ -77,13 +77,13 @@ func slogOutput(file string, line int, now time.Time, err error, s severity.Seve
buffer.PutBuffer(b)
}
-func (l *klogger) WithAttrs(attrs []slog.Attr) slogr.SlogSink {
+func (l *klogger) WithAttrs(attrs []slog.Attr) logr.SlogSink {
clone := *l
clone.values = serialize.WithValues(l.values, sloghandler.Attrs2KVList(l.groups, attrs))
return &clone
}
-func (l *klogger) WithGroup(name string) slogr.SlogSink {
+func (l *klogger) WithGroup(name string) logr.SlogSink {
clone := *l
if clone.groups != "" {
clone.groups += "." + name
@@ -93,4 +93,4 @@ func (l *klogger) WithGroup(name string) slogr.SlogSink {
return &clone
}
-var _ slogr.SlogSink = &klogger{}
+var _ logr.SlogSink = &klogger{}
diff --git a/vendor/k8s.io/klog/v2/safeptr.go b/vendor/k8s.io/klog/v2/safeptr.go
new file mode 100644
index 0000000000..bbe24c2e82
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/safeptr.go
@@ -0,0 +1,34 @@
+//go:build go1.18
+// +build go1.18
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package klog
+
+// SafePtr is a function that takes a pointer of any type (T) as an argument.
+// If the provided pointer is not nil, it returns the same pointer. If it is nil, it returns nil instead.
+//
+// This function is particularly useful to prevent nil pointer dereferencing when:
+//
+// - The type implements interfaces that are called by the logger, such as `fmt.Stringer`.
+// - And these interface implementations do not perform nil checks themselves.
+func SafePtr[T any](p *T) any {
+ if p == nil {
+ return nil
+ }
+ return p
+}
diff --git a/vendor/k8s.io/klog/v2/textlogger/options.go b/vendor/k8s.io/klog/v2/textlogger/options.go
new file mode 100644
index 0000000000..b1c4eefb37
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/textlogger/options.go
@@ -0,0 +1,154 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package textlogger
+
+import (
+ "flag"
+ "io"
+ "os"
+ "strconv"
+ "time"
+
+ "k8s.io/klog/v2/internal/verbosity"
+)
+
+// Config influences logging in a text logger. To make this configurable via
+// command line flags, instantiate this once per program and use AddFlags to
+// bind command line flags to the instance before passing it to NewTestContext.
+//
+// Must be constructed with NewConfig.
+type Config struct {
+ vstate *verbosity.VState
+ co configOptions
+}
+
+// Verbosity returns a value instance that can be used to query (via String) or
+// modify (via Set) the verbosity threshold. This is thread-safe and can be
+// done at runtime.
+func (c *Config) Verbosity() flag.Value {
+ return c.vstate.V()
+}
+
+// VModule returns a value instance that can be used to query (via String) or
+// modify (via Set) the vmodule settings. This is thread-safe and can be done
+// at runtime.
+func (c *Config) VModule() flag.Value {
+ return c.vstate.VModule()
+}
+
+// ConfigOption implements functional parameters for NewConfig.
+type ConfigOption func(co *configOptions)
+
+type configOptions struct {
+ verbosityFlagName string
+ vmoduleFlagName string
+ verbosityDefault int
+ fixedTime *time.Time
+ unwind func(int) (string, int)
+ output io.Writer
+}
+
+// VerbosityFlagName overrides the default -v for the verbosity level.
+func VerbosityFlagName(name string) ConfigOption {
+ return func(co *configOptions) {
+
+ co.verbosityFlagName = name
+ }
+}
+
+// VModulFlagName overrides the default -vmodule for the per-module
+// verbosity levels.
+func VModuleFlagName(name string) ConfigOption {
+ return func(co *configOptions) {
+ co.vmoduleFlagName = name
+ }
+}
+
+// Verbosity overrides the default verbosity level of 0.
+// See https://github.com/kubernetes/community/blob/9406b4352fe2d5810cb21cc3cb059ce5886de157/contributors/devel/sig-instrumentation/logging.md#logging-conventions
+// for log level conventions in Kubernetes.
+func Verbosity(level int) ConfigOption {
+ return func(co *configOptions) {
+ co.verbosityDefault = level
+ }
+}
+
+// Output overrides stderr as the output stream.
+func Output(output io.Writer) ConfigOption {
+ return func(co *configOptions) {
+ co.output = output
+ }
+}
+
+// FixedTime overrides the actual time with a fixed time. Useful only for testing.
+//
+// # Experimental
+//
+// Notice: This function is EXPERIMENTAL and may be changed or removed in a
+// later release.
+func FixedTime(ts time.Time) ConfigOption {
+ return func(co *configOptions) {
+ co.fixedTime = &ts
+ }
+}
+
+// Backtrace overrides the default mechanism for determining the call site.
+// The callback is invoked with the number of function calls between itself
+// and the call site. It must return the file name and line number. An empty
+// file name indicates that the information is unknown.
+//
+// # Experimental
+//
+// Notice: This function is EXPERIMENTAL and may be changed or removed in a
+// later release.
+func Backtrace(unwind func(skip int) (filename string, line int)) ConfigOption {
+ return func(co *configOptions) {
+ co.unwind = unwind
+ }
+}
+
+// NewConfig returns a configuration with recommended defaults and optional
+// modifications. Command line flags are not bound to any FlagSet yet.
+func NewConfig(opts ...ConfigOption) *Config {
+ c := &Config{
+ vstate: verbosity.New(),
+ co: configOptions{
+ verbosityFlagName: "v",
+ vmoduleFlagName: "vmodule",
+ verbosityDefault: 0,
+ unwind: runtimeBacktrace,
+ output: os.Stderr,
+ },
+ }
+ for _, opt := range opts {
+ opt(&c.co)
+ }
+
+ // Cannot fail for this input.
+ _ = c.Verbosity().Set(strconv.FormatInt(int64(c.co.verbosityDefault), 10))
+ return c
+}
+
+// AddFlags registers the command line flags that control the configuration.
+//
+// The default flag names are the same as in klog, so unless those defaults
+// are changed, either klog.InitFlags or Config.AddFlags can be used for the
+// same flag set, but not both.
+func (c *Config) AddFlags(fs *flag.FlagSet) {
+ fs.Var(c.Verbosity(), c.co.verbosityFlagName, "number for the log level verbosity of the testing logger")
+ fs.Var(c.VModule(), c.co.vmoduleFlagName, "comma-separated list of pattern=N log level settings for files matching the patterns")
+}
diff --git a/vendor/k8s.io/klog/v2/textlogger/textlogger.go b/vendor/k8s.io/klog/v2/textlogger/textlogger.go
new file mode 100644
index 0000000000..fb240c53ca
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/textlogger/textlogger.go
@@ -0,0 +1,187 @@
+/*
+Copyright 2019 The Kubernetes Authors.
+Copyright 2020 Intel Coporation.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package textlogger contains an implementation of the logr interface which is
+// producing the exact same output as klog. It does not route output through
+// klog (i.e. ignores [k8s.io/klog/v2.InitFlags]). Instead, all settings must be
+// configured through its own [NewConfig] and [Config.AddFlags].
+package textlogger
+
+import (
+ "runtime"
+ "strconv"
+ "strings"
+ "time"
+
+ "github.com/go-logr/logr"
+
+ "k8s.io/klog/v2/internal/buffer"
+ "k8s.io/klog/v2/internal/serialize"
+ "k8s.io/klog/v2/internal/severity"
+ "k8s.io/klog/v2/internal/verbosity"
+)
+
+var (
+ // TimeNow is used to retrieve the current time. May be changed for testing.
+ TimeNow = time.Now
+)
+
+const (
+ // nameKey is used to log the `WithName` values as an additional attribute.
+ nameKey = "logger"
+)
+
+// NewLogger constructs a new logger.
+//
+// Verbosity can be modified at any time through the Config.V and
+// Config.VModule API.
+func NewLogger(c *Config) logr.Logger {
+ return logr.New(&tlogger{
+ values: nil,
+ config: c,
+ })
+}
+
+type tlogger struct {
+ callDepth int
+
+ // hasPrefix is true if the first entry in values is the special
+ // nameKey key/value. Such an entry gets added and later updated in
+ // WithName.
+ hasPrefix bool
+
+ values []interface{}
+ groups string
+ config *Config
+}
+
+func (l *tlogger) Init(info logr.RuntimeInfo) {
+ l.callDepth = info.CallDepth
+}
+
+func (l *tlogger) WithCallDepth(depth int) logr.LogSink {
+ newLogger := *l
+ newLogger.callDepth += depth
+ return &newLogger
+}
+
+func (l *tlogger) Enabled(level int) bool {
+ return l.config.vstate.Enabled(verbosity.Level(level), 1+l.callDepth)
+}
+
+func (l *tlogger) Info(_ int, msg string, kvList ...interface{}) {
+ l.print(nil, severity.InfoLog, msg, kvList)
+}
+
+func (l *tlogger) Error(err error, msg string, kvList ...interface{}) {
+ l.print(err, severity.ErrorLog, msg, kvList)
+}
+
+func (l *tlogger) print(err error, s severity.Severity, msg string, kvList []interface{}) {
+ // Determine caller.
+ // +1 for this frame, +1 for Info/Error.
+ skip := l.callDepth + 2
+ file, line := l.config.co.unwind(skip)
+ if file == "" {
+ file = "???"
+ line = 1
+ } else if slash := strings.LastIndex(file, "/"); slash >= 0 {
+ file = file[slash+1:]
+ }
+ l.printWithInfos(file, line, time.Now(), err, s, msg, kvList)
+}
+
+func runtimeBacktrace(skip int) (string, int) {
+ _, file, line, ok := runtime.Caller(skip + 1)
+ if !ok {
+ return "", 0
+ }
+ return file, line
+}
+
+func (l *tlogger) printWithInfos(file string, line int, now time.Time, err error, s severity.Severity, msg string, kvList []interface{}) {
+ // Only create a new buffer if we don't have one cached.
+ b := buffer.GetBuffer()
+ defer buffer.PutBuffer(b)
+
+ // Format header.
+ if l.config.co.fixedTime != nil {
+ now = *l.config.co.fixedTime
+ }
+ b.FormatHeader(s, file, line, now)
+
+ // The message is always quoted, even if it contains line breaks.
+ // If developers want multi-line output, they should use a small, fixed
+ // message and put the multi-line output into a value.
+ b.WriteString(strconv.Quote(msg))
+ if err != nil {
+ serialize.KVFormat(&b.Buffer, "err", err)
+ }
+ serialize.MergeAndFormatKVs(&b.Buffer, l.values, kvList)
+ if b.Len() == 0 || b.Bytes()[b.Len()-1] != '\n' {
+ b.WriteByte('\n')
+ }
+ _, _ = l.config.co.output.Write(b.Bytes())
+}
+
+func (l *tlogger) WriteKlogBuffer(data []byte) {
+ _, _ = l.config.co.output.Write(data)
+}
+
+// WithName returns a new logr.Logger with the specified name appended. klogr
+// uses '/' characters to separate name elements. Callers should not pass '/'
+// in the provided name string, but this library does not actually enforce that.
+func (l *tlogger) WithName(name string) logr.LogSink {
+ clone := *l
+ if l.hasPrefix {
+ // Copy slice and modify value. No length checks and type
+ // assertions are needed because hasPrefix is only true if the
+ // first two elements exist and are key/value strings.
+ v := make([]interface{}, 0, len(l.values))
+ v = append(v, l.values...)
+ prefix, _ := v[1].(string)
+ v[1] = prefix + "." + name
+ clone.values = v
+ } else {
+ // Preprend new key/value pair.
+ v := make([]interface{}, 0, 2+len(l.values))
+ v = append(v, nameKey, name)
+ v = append(v, l.values...)
+ clone.values = v
+ clone.hasPrefix = true
+ }
+ return &clone
+}
+
+func (l *tlogger) WithValues(kvList ...interface{}) logr.LogSink {
+ clone := *l
+ clone.values = serialize.WithValues(l.values, kvList)
+ return &clone
+}
+
+// KlogBufferWriter is implemented by the textlogger LogSink.
+type KlogBufferWriter interface {
+ // WriteKlogBuffer takes a pre-formatted buffer prepared by klog and
+ // writes it unchanged to the output stream. Can be used with
+ // klog.WriteKlogBuffer when setting a logger through
+ // klog.SetLoggerWithOptions.
+ WriteKlogBuffer([]byte)
+}
+
+var _ logr.LogSink = &tlogger{}
+var _ logr.CallDepthLogSink = &tlogger{}
+var _ KlogBufferWriter = &tlogger{}
diff --git a/vendor/k8s.io/klog/v2/textlogger/textlogger_slog.go b/vendor/k8s.io/klog/v2/textlogger/textlogger_slog.go
new file mode 100644
index 0000000000..c888ef8a6b
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/textlogger/textlogger_slog.go
@@ -0,0 +1,52 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package textlogger
+
+import (
+ "context"
+ "log/slog"
+
+ "github.com/go-logr/logr"
+
+ "k8s.io/klog/v2/internal/serialize"
+ "k8s.io/klog/v2/internal/sloghandler"
+)
+
+func (l *tlogger) Handle(ctx context.Context, record slog.Record) error {
+ return sloghandler.Handle(ctx, record, l.groups, l.printWithInfos)
+}
+
+func (l *tlogger) WithAttrs(attrs []slog.Attr) logr.SlogSink {
+ clone := *l
+ clone.values = serialize.WithValues(l.values, sloghandler.Attrs2KVList(l.groups, attrs))
+ return &clone
+}
+
+func (l *tlogger) WithGroup(name string) logr.SlogSink {
+ clone := *l
+ if clone.groups != "" {
+ clone.groups += "." + name
+ } else {
+ clone.groups = name
+ }
+ return &clone
+}
+
+var _ logr.SlogSink = &tlogger{}
diff --git a/vendor/k8s.io/kube-openapi/pkg/generators/rules/idl_tag.go b/vendor/k8s.io/kube-openapi/pkg/generators/rules/idl_tag.go
index 474d79e89d..0abe0aa072 100644
--- a/vendor/k8s.io/kube-openapi/pkg/generators/rules/idl_tag.go
+++ b/vendor/k8s.io/kube-openapi/pkg/generators/rules/idl_tag.go
@@ -33,7 +33,8 @@ func (l *ListTypeMissing) Validate(t *types.Type) ([]string, error) {
continue
}
- if m.Type.Kind == types.Slice && !hasListType {
+ // All slice fields must have a list-type tag except []byte
+ if m.Type.Kind == types.Slice && m.Type.Elem != types.Byte && !hasListType {
fields = append(fields, m.Name)
continue
}
diff --git a/vendor/k8s.io/utils/integer/integer.go b/vendor/k8s.io/utils/integer/integer.go
deleted file mode 100644
index e0811e8344..0000000000
--- a/vendor/k8s.io/utils/integer/integer.go
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package integer
-
-import "math"
-
-// IntMax returns the maximum of the params
-func IntMax(a, b int) int {
- if b > a {
- return b
- }
- return a
-}
-
-// IntMin returns the minimum of the params
-func IntMin(a, b int) int {
- if b < a {
- return b
- }
- return a
-}
-
-// Int32Max returns the maximum of the params
-func Int32Max(a, b int32) int32 {
- if b > a {
- return b
- }
- return a
-}
-
-// Int32Min returns the minimum of the params
-func Int32Min(a, b int32) int32 {
- if b < a {
- return b
- }
- return a
-}
-
-// Int64Max returns the maximum of the params
-func Int64Max(a, b int64) int64 {
- if b > a {
- return b
- }
- return a
-}
-
-// Int64Min returns the minimum of the params
-func Int64Min(a, b int64) int64 {
- if b < a {
- return b
- }
- return a
-}
-
-// RoundToInt32 rounds floats into integer numbers.
-// Deprecated: use math.Round() and a cast directly.
-func RoundToInt32(a float64) int32 {
- return int32(math.Round(a))
-}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 3c742ba610..952aff3eb2 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -60,8 +60,8 @@ github.com/go-logr/logr/slogr
# github.com/go-logr/stdr v1.2.2
## explicit; go 1.16
github.com/go-logr/stdr
-# github.com/go-logr/zapr v1.2.3
-## explicit; go 1.16
+# github.com/go-logr/zapr v1.3.0
+## explicit; go 1.18
github.com/go-logr/zapr
# github.com/go-openapi/jsonpointer v0.19.6
## explicit; go 1.13
@@ -84,7 +84,6 @@ github.com/gogo/protobuf/sortkeys
github.com/golang/groupcache/lru
# github.com/golang/protobuf v1.5.3
## explicit; go 1.9
-github.com/golang/protobuf/jsonpb
github.com/golang/protobuf/proto
github.com/golang/protobuf/ptypes
github.com/golang/protobuf/ptypes/any
@@ -137,14 +136,14 @@ github.com/google/go-cmp/cmp/internal/value
## explicit; go 1.12
github.com/google/gofuzz
github.com/google/gofuzz/bytesource
-# github.com/google/uuid v1.4.0
+# github.com/google/uuid v1.6.0
## explicit
github.com/google/uuid
# github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
## explicit
github.com/grpc-ecosystem/go-grpc-prometheus
-# github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0
-## explicit; go 1.17
+# github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0
+## explicit; go 1.19
github.com/grpc-ecosystem/grpc-gateway/v2/internal/httprule
github.com/grpc-ecosystem/grpc-gateway/v2/runtime
github.com/grpc-ecosystem/grpc-gateway/v2/utilities
@@ -249,7 +248,7 @@ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/inte
## explicit; go 1.19
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil
-# go.opentelemetry.io/otel v1.22.0
+# go.opentelemetry.io/otel v1.24.0
## explicit; go 1.20
go.opentelemetry.io/otel
go.opentelemetry.io/otel/attribute
@@ -264,22 +263,22 @@ go.opentelemetry.io/otel/semconv/internal
go.opentelemetry.io/otel/semconv/v1.12.0
go.opentelemetry.io/otel/semconv/v1.17.0
go.opentelemetry.io/otel/semconv/v1.24.0
-# go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0
+# go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0
## explicit; go 1.20
go.opentelemetry.io/otel/exporters/otlp/otlptrace
go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform
-# go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.22.0
+# go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.24.0
## explicit; go 1.20
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/envconfig
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/otlpconfig
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/retry
-# go.opentelemetry.io/otel/metric v1.22.0
+# go.opentelemetry.io/otel/metric v1.24.0
## explicit; go 1.20
go.opentelemetry.io/otel/metric
go.opentelemetry.io/otel/metric/embedded
-# go.opentelemetry.io/otel/sdk v1.22.0
+# go.opentelemetry.io/otel/sdk v1.24.0
## explicit; go 1.20
go.opentelemetry.io/otel/sdk
go.opentelemetry.io/otel/sdk/instrumentation
@@ -287,33 +286,33 @@ go.opentelemetry.io/otel/sdk/internal
go.opentelemetry.io/otel/sdk/internal/env
go.opentelemetry.io/otel/sdk/resource
go.opentelemetry.io/otel/sdk/trace
-# go.opentelemetry.io/otel/trace v1.22.0
+# go.opentelemetry.io/otel/trace v1.24.0
## explicit; go 1.20
go.opentelemetry.io/otel/trace
go.opentelemetry.io/otel/trace/embedded
go.opentelemetry.io/otel/trace/noop
-# go.opentelemetry.io/proto/otlp v1.0.0
+# go.opentelemetry.io/proto/otlp v1.1.0
## explicit; go 1.17
go.opentelemetry.io/proto/otlp/collector/trace/v1
go.opentelemetry.io/proto/otlp/common/v1
go.opentelemetry.io/proto/otlp/resource/v1
go.opentelemetry.io/proto/otlp/trace/v1
-# go.uber.org/atomic v1.10.0
-## explicit; go 1.18
-go.uber.org/atomic
# go.uber.org/multierr v1.11.0
## explicit; go 1.19
go.uber.org/multierr
-# go.uber.org/zap v1.19.0
-## explicit; go 1.13
+# go.uber.org/zap v1.26.0
+## explicit; go 1.19
go.uber.org/zap
go.uber.org/zap/buffer
+go.uber.org/zap/internal
go.uber.org/zap/internal/bufferpool
go.uber.org/zap/internal/color
go.uber.org/zap/internal/exit
+go.uber.org/zap/internal/pool
+go.uber.org/zap/internal/stacktrace
go.uber.org/zap/zapcore
go.uber.org/zap/zapgrpc
-# golang.org/x/crypto v0.18.0
+# golang.org/x/crypto v0.19.0
## explicit; go 1.18
golang.org/x/crypto/cryptobyte
golang.org/x/crypto/cryptobyte/asn1
@@ -341,21 +340,21 @@ golang.org/x/net/idna
golang.org/x/net/internal/timeseries
golang.org/x/net/trace
golang.org/x/net/websocket
-# golang.org/x/oauth2 v0.14.0
+# golang.org/x/oauth2 v0.16.0
## explicit; go 1.18
golang.org/x/oauth2
golang.org/x/oauth2/internal
-# golang.org/x/sync v0.5.0
+# golang.org/x/sync v0.6.0
## explicit; go 1.18
golang.org/x/sync/singleflight
-# golang.org/x/sys v0.16.0
+# golang.org/x/sys v0.17.0
## explicit; go 1.18
golang.org/x/sys/cpu
golang.org/x/sys/plan9
golang.org/x/sys/unix
golang.org/x/sys/windows
golang.org/x/sys/windows/registry
-# golang.org/x/term v0.16.0
+# golang.org/x/term v0.17.0
## explicit; go 1.18
golang.org/x/term
# golang.org/x/text v0.14.0
@@ -401,20 +400,20 @@ google.golang.org/appengine/internal/log
google.golang.org/appengine/internal/remote_api
google.golang.org/appengine/internal/urlfetch
google.golang.org/appengine/urlfetch
-# google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17
+# google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80
## explicit; go 1.19
google.golang.org/genproto/internal
-# google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17
+# google.golang.org/genproto/googleapis/api v0.0.0-20240123012728-ef4313101c80
## explicit; go 1.19
google.golang.org/genproto/googleapis/api
google.golang.org/genproto/googleapis/api/annotations
google.golang.org/genproto/googleapis/api/expr/v1alpha1
google.golang.org/genproto/googleapis/api/httpbody
-# google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17
+# google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80
## explicit; go 1.19
google.golang.org/genproto/googleapis/rpc/errdetails
google.golang.org/genproto/googleapis/rpc/status
-# google.golang.org/grpc v1.61.0
+# google.golang.org/grpc v1.62.0
## explicit; go 1.19
google.golang.org/grpc
google.golang.org/grpc/attributes
@@ -495,6 +494,7 @@ google.golang.org/protobuf/internal/set
google.golang.org/protobuf/internal/strs
google.golang.org/protobuf/internal/version
google.golang.org/protobuf/proto
+google.golang.org/protobuf/protoadapt
google.golang.org/protobuf/reflect/protodesc
google.golang.org/protobuf/reflect/protoreflect
google.golang.org/protobuf/reflect/protoregistry
@@ -521,7 +521,7 @@ gopkg.in/yaml.v2
# gopkg.in/yaml.v3 v3.0.1
## explicit
gopkg.in/yaml.v3
-# k8s.io/api v0.29.1
+# k8s.io/api v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/api/admission/v1
k8s.io/api/admission/v1beta1
@@ -577,7 +577,7 @@ k8s.io/api/scheduling/v1beta1
k8s.io/api/storage/v1
k8s.io/api/storage/v1alpha1
k8s.io/api/storage/v1beta1
-# k8s.io/apimachinery v0.29.1
+# k8s.io/apimachinery v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/apimachinery/pkg/api/equality
k8s.io/apimachinery/pkg/api/errors
@@ -637,18 +637,19 @@ k8s.io/apimachinery/pkg/version
k8s.io/apimachinery/pkg/watch
k8s.io/apimachinery/third_party/forked/golang/json
k8s.io/apimachinery/third_party/forked/golang/reflect
-# k8s.io/apiserver v0.29.1
+# k8s.io/apiserver v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/apiserver/pkg/admission
-k8s.io/apiserver/pkg/admission/cel
k8s.io/apiserver/pkg/admission/configuration
k8s.io/apiserver/pkg/admission/initializer
k8s.io/apiserver/pkg/admission/metrics
k8s.io/apiserver/pkg/admission/plugin/cel
k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle
-k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy
-k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/internal/generic
-k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/matching
+k8s.io/apiserver/pkg/admission/plugin/policy/generic
+k8s.io/apiserver/pkg/admission/plugin/policy/internal/generic
+k8s.io/apiserver/pkg/admission/plugin/policy/matching
+k8s.io/apiserver/pkg/admission/plugin/policy/validating
+k8s.io/apiserver/pkg/admission/plugin/policy/validating/metrics
k8s.io/apiserver/pkg/admission/plugin/webhook
k8s.io/apiserver/pkg/admission/plugin/webhook/config
k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission
@@ -674,9 +675,6 @@ k8s.io/apiserver/pkg/apis/audit/install
k8s.io/apiserver/pkg/apis/audit/v1
k8s.io/apiserver/pkg/apis/audit/validation
k8s.io/apiserver/pkg/apis/cel
-k8s.io/apiserver/pkg/apis/config
-k8s.io/apiserver/pkg/apis/config/v1
-k8s.io/apiserver/pkg/apis/config/validation
k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap
k8s.io/apiserver/pkg/audit
k8s.io/apiserver/pkg/audit/policy
@@ -785,7 +783,7 @@ k8s.io/apiserver/plugin/pkg/audit/truncate
k8s.io/apiserver/plugin/pkg/audit/webhook
k8s.io/apiserver/plugin/pkg/authenticator/token/webhook
k8s.io/apiserver/plugin/pkg/authorizer/webhook
-# k8s.io/client-go v0.29.1
+# k8s.io/client-go v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/client-go/applyconfigurations/admissionregistration/v1
k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1
@@ -840,6 +838,7 @@ k8s.io/client-go/discovery/fake
k8s.io/client-go/dynamic
k8s.io/client-go/dynamic/dynamicinformer
k8s.io/client-go/dynamic/dynamiclister
+k8s.io/client-go/dynamic/fake
k8s.io/client-go/informers
k8s.io/client-go/informers/admissionregistration
k8s.io/client-go/informers/admissionregistration/v1
@@ -1096,7 +1095,7 @@ k8s.io/client-go/util/flowcontrol
k8s.io/client-go/util/homedir
k8s.io/client-go/util/keyutil
k8s.io/client-go/util/workqueue
-# k8s.io/code-generator v0.29.1
+# k8s.io/code-generator v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/code-generator
k8s.io/code-generator/cmd/applyconfiguration-gen
@@ -1134,7 +1133,7 @@ k8s.io/code-generator/cmd/set-gen
k8s.io/code-generator/pkg/namer
k8s.io/code-generator/pkg/util
k8s.io/code-generator/third_party/forked/golang/reflect
-# k8s.io/component-base v0.29.1
+# k8s.io/component-base v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/component-base/cli
k8s.io/component-base/cli/flag
@@ -1158,7 +1157,7 @@ k8s.io/component-base/metrics/testutil
k8s.io/component-base/tracing
k8s.io/component-base/tracing/api/v1
k8s.io/component-base/version
-# k8s.io/component-helpers v0.29.1
+# k8s.io/component-helpers v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/component-helpers/scheduling/corev1
k8s.io/component-helpers/scheduling/corev1/nodeaffinity
@@ -1174,8 +1173,8 @@ k8s.io/gengo/generator
k8s.io/gengo/namer
k8s.io/gengo/parser
k8s.io/gengo/types
-# k8s.io/klog/v2 v2.110.1
-## explicit; go 1.13
+# k8s.io/klog/v2 v2.120.1
+## explicit; go 1.18
k8s.io/klog/v2
k8s.io/klog/v2/internal/buffer
k8s.io/klog/v2/internal/clock
@@ -1183,13 +1182,15 @@ k8s.io/klog/v2/internal/dbg
k8s.io/klog/v2/internal/serialize
k8s.io/klog/v2/internal/severity
k8s.io/klog/v2/internal/sloghandler
-# k8s.io/kms v0.29.1
+k8s.io/klog/v2/internal/verbosity
+k8s.io/klog/v2/textlogger
+# k8s.io/kms v0.30.0-alpha.3
## explicit; go 1.21
k8s.io/kms/apis/v1beta1
k8s.io/kms/apis/v2
k8s.io/kms/pkg/service
k8s.io/kms/pkg/util
-# k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00
+# k8s.io/kube-openapi v0.0.0-20231113174909-778a5567bc1e
## explicit; go 1.19
k8s.io/kube-openapi/cmd/openapi-gen/args
k8s.io/kube-openapi/pkg/builder
@@ -1219,7 +1220,6 @@ k8s.io/kube-openapi/pkg/validation/strfmt/bson
k8s.io/utils/buffer
k8s.io/utils/clock
k8s.io/utils/clock/testing
-k8s.io/utils/integer
k8s.io/utils/internal/third_party/forked/golang/golang-lru
k8s.io/utils/internal/third_party/forked/golang/net
k8s.io/utils/lru
@@ -1229,7 +1229,7 @@ k8s.io/utils/pointer
k8s.io/utils/ptr
k8s.io/utils/strings/slices
k8s.io/utils/trace
-# sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0
+# sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.29.0
## explicit; go 1.20
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client/metrics
@@ -1254,4 +1254,3 @@ sigs.k8s.io/structured-merge-diff/v4/value
## explicit; go 1.12
sigs.k8s.io/yaml
# go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0
-# golang.org/x/crypto v0.16.0 => golang.org/x/crypto v0.17.0