Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update minor dependencies (master) #2592

Merged
merged 4 commits into from
May 2, 2024
Merged

fix(deps): update minor dependencies (master) #2592

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
69f3c79
fix(deps): update minor dependencies
renovate[bot] Mar 19, 2024
bcb3718
fix: remove PodSecurityPolicy
mantissahz Mar 22, 2024
9d5cba8
Merge remote-tracking branch 'origin/master' into renovate/master-min…
ejweber May 1, 2024
f8d8a9b
fix: correct "function" nam of log in csi
mantissahz May 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
10 changes: 0 additions & 10 deletions controller/controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ import (

appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
policyv1beta1 "k8s.io/api/policy/v1beta1"
rbacv1 "k8s.io/api/rbac/v1"
storagev1 "k8s.io/api/storage/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
Expand Down Expand Up @@ -355,15 +354,6 @@ func newDeployment(name string, spec appsv1.DeploymentSpec) *appsv1.Deployment {
}
}

func newPodSecurityPolicy(spec policyv1beta1.PodSecurityPolicySpec) *policyv1beta1.PodSecurityPolicy {
return &policyv1beta1.PodSecurityPolicy{
ObjectMeta: metav1.ObjectMeta{
Name: TestPodSecurityPolicyName,
},
Spec: spec,
}
}

func newRecurringJob(name string, spec longhorn.RecurringJobSpec) *longhorn.RecurringJob {
return &longhorn.RecurringJob{
ObjectMeta: metav1.ObjectMeta{
Expand Down
2 changes: 1 addition & 1 deletion controller/kubernetes_pv_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ func newPVC() *corev1.PersistentVolumeClaim {
AccessModes: []corev1.PersistentVolumeAccessMode{
corev1.ReadWriteOnce,
},
Resources: corev1.ResourceRequirements{
Resources: corev1.VolumeResourceRequirements{
Requests: corev1.ResourceList{
corev1.ResourceStorage: *resource.NewQuantity(1, resource.BinarySI),
},
Expand Down
54 changes: 2 additions & 52 deletions controller/system_backup_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ import (
"k8s.io/kubernetes/pkg/controller"

corev1 "k8s.io/api/core/v1"
policyv1beta1 "k8s.io/api/policy/v1beta1"
rbacv1 "k8s.io/api/rbac/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
Expand Down Expand Up @@ -907,7 +906,7 @@ func (c *SystemBackupController) generateSystemBackupYAMLsForKubernetes(dir stri
return
}

err = c.generateSystemBackupYAMLsForPodSecurityPolicy(dir, "roles", "rolebindings", "podsecuritypolicies", scheme)
err = c.generateSystemBackupYAMLsForRoles(dir, "roles", "rolebindings", scheme)
mantissahz marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
return
}
Expand Down Expand Up @@ -981,9 +980,7 @@ func (c *SystemBackupController) generateSystemBackupYAMLsForServices(dir, name
}, scheme)
}

func (c *SystemBackupController) generateSystemBackupYAMLsForPodSecurityPolicy(dir,
roleName, roleBindingName, podSecurityPolicyName string,
scheme *runtime.Scheme) (err error) {
func (c *SystemBackupController) generateSystemBackupYAMLsForRoles(dir, roleName, roleBindingName string, scheme *runtime.Scheme) (err error) {
// Generate Role YAML
roleObj, err := c.ds.GetAllRoleList()
if err != nil && !apierrors.IsNotFound(err) {
Expand All @@ -1002,55 +999,8 @@ func (c *SystemBackupController) generateSystemBackupYAMLsForPodSecurityPolicy(d
return
}

// Generate PodSecurityPolicy YAML
err = c.generateSystemBackupYAMLsForPodSecurityPoliciesByRoles(roleList, dir, podSecurityPolicyName, scheme)
if err != nil {
return
}

// Generate RoleBinding YAML
return getObjectsAndPrintToYAML(dir, roleBindingName, c.ds.GetAllRoleBindingList, scheme)

}

func (c *SystemBackupController) generateSystemBackupYAMLsForPodSecurityPoliciesByRoles(
roleList *rbacv1.RoleList,
dir, name string, scheme *runtime.Scheme) (err error) {
pspObj, err := c.ds.GetAllPodSecurityPolicyList()
if err != nil && !apierrors.IsNotFound(err) {
return errors.Wrap(err, "failed to get all podSecurityPolicies")
}

pspList, ok := pspObj.(*policyv1beta1.PodSecurityPolicyList)
if !ok {
return errors.Wrap(err, "failed to convert to podSecurityPolicyList object")
}

filtered := []policyv1beta1.PodSecurityPolicy{}
for _, psp := range pspList.Items {
shouldBackup := false
for _, role := range roleList.Items {
for _, rule := range role.Rules {
if util.Contains(rule.ResourceNames, psp.Name) {
shouldBackup = true
break
}
}

if shouldBackup {
break
}
}

if shouldBackup {
filtered = append(filtered, psp)
}
}
pspList.Items = filtered

return getObjectsAndPrintToYAML(dir, name, func() (runtime.Object, error) {
return pspList, nil
}, scheme)
}

func (c *SystemBackupController) generateSystemBackupYAMLsForServiceAccount(dir,
Expand Down
34 changes: 0 additions & 34 deletions controller/system_restore_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ import (

appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
policyv1beta1 "k8s.io/api/policy/v1beta1"
rbacv1 "k8s.io/api/rbac/v1"
storagev1 "k8s.io/api/storage/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
Expand Down Expand Up @@ -551,39 +550,6 @@ func fakeSystemRolloutPersistentVolumeClaims(fakeObjs map[SystemRolloutCRName]*c
}
}

func fakeSystemRolloutPodSecurityPolicies(fakeObjs map[SystemRolloutCRName]*policyv1beta1.PodSecurityPolicy, c *C, informerFactory informers.SharedInformerFactory, client *fake.Clientset) {
indexer := informerFactory.Policy().V1beta1().PodSecurityPolicies().Informer().GetIndexer()

clientInterface := client.PolicyV1beta1().PodSecurityPolicies()

exists, err := clientInterface.List(context.TODO(), metav1.ListOptions{})
c.Assert(err, IsNil)

for _, exist := range exists.Items {
exist, err := clientInterface.Get(context.TODO(), exist.Name, metav1.GetOptions{})
c.Assert(err, IsNil)

err = clientInterface.Delete(context.TODO(), exist.Name, metav1.DeleteOptions{})
c.Assert(err, IsNil)

err = indexer.Delete(exist)
c.Assert(err, IsNil)
}

for k, fakeObj := range fakeObjs {
name := string(k)
if strings.HasSuffix(name, TestIgnoreSuffix) {
continue
}

exist, err := clientInterface.Create(context.TODO(), newPodSecurityPolicy(fakeObj.Spec), metav1.CreateOptions{})
c.Assert(err, IsNil)

err = indexer.Add(exist)
c.Assert(err, IsNil)
}
}

func fakeSystemRolloutRecurringJobs(fakeObjs map[SystemRolloutCRName]*longhorn.RecurringJob, c *C, informerFactory lhinformers.SharedInformerFactory, client *lhfake.Clientset) {
indexer := informerFactory.Longhorn().V1beta2().RecurringJobs().Informer().GetIndexer()

Expand Down
62 changes: 0 additions & 62 deletions controller/system_rollout_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ import (

appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
policyv1beta1 "k8s.io/api/policy/v1beta1"
rbacv1 "k8s.io/api/rbac/v1"
storagev1 "k8s.io/api/storage/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
Expand Down Expand Up @@ -112,8 +111,6 @@ type extractedResources struct {

storageClassList *storagev1.StorageClassList

podSecurityPolicyList *policyv1beta1.PodSecurityPolicyList

engineImageList *longhorn.EngineImageList
recurringJobList *longhorn.RecurringJobList
settingList *longhorn.SettingList
Expand Down Expand Up @@ -439,7 +436,6 @@ func (c *SystemRolloutController) systemRollout() error {
types.KubernetesKindServiceAccountList: c.restoreServiceAccounts,
types.KubernetesKindClusterRoleList: c.restoreClusterRoles,
types.KubernetesKindClusterRoleBindingList: c.restoreClusterRoleBindings,
types.KubernetesKindPodSecurityPolicyList: c.restorePodSecurityPolicies,
types.KubernetesKindRoleList: c.restoreRoles,
types.KubernetesKindRoleBindingList: c.restoreRoleBindings,
types.KubernetesKindStorageClassList: c.restoreStorageClasses,
Expand Down Expand Up @@ -681,9 +677,6 @@ func (c *SystemRolloutController) cacheResourcesFromDirectory(name string, schem
// Kubernetes Storage
case types.KubernetesKindStorageClassList:
c.storageClassList = obj.(*storagev1.StorageClassList)
// Kubernetes Policy
case types.KubernetesKindPodSecurityPolicyList:
c.podSecurityPolicyList = obj.(*policyv1beta1.PodSecurityPolicyList)
// Longhorn
case types.LonghornKindEngineImageList:
c.engineImageList = obj.(*longhorn.EngineImageList)
Expand Down Expand Up @@ -1393,61 +1386,6 @@ func (c *SystemRolloutController) restorePersistentVolumeClaims() (err error) {
return nil
}

func (c *SystemRolloutController) restorePodSecurityPolicies() (err error) {
if c.podSecurityPolicyList == nil {
return nil
}

for _, restore := range c.podSecurityPolicyList.Items {
log := c.logger.WithField(types.KubernetesKindPodSecurityPolicy, restore.Name)

exist, err := c.ds.GetPodSecurityPolicy(restore.Name)
if err != nil {
if !datastore.ErrorIsNotFound(err) {
return err
}

restore.ResourceVersion = ""

log.Info(SystemRolloutMsgCreating)

fnCreate := func(restore runtime.Object) (runtime.Object, error) {
obj, ok := restore.(*policyv1beta1.PodSecurityPolicy)
if !ok {
return nil, fmt.Errorf(SystemRolloutErrFailedConvertToObjectFmt, restore.GetObjectKind(), types.KubernetesKindPodSecurityPolicy)
}
return c.ds.CreatePodSecurityPolicy(obj)
}
_, err := c.rolloutResource(&restore, fnCreate, false, log, SystemRolloutMsgRestoredItem)
if err != nil && !apierrors.IsAlreadyExists(err) {
return err
}
continue
}

isSkipped := true
if !reflect.DeepEqual(exist.Spec, restore.Spec) {
log.Info(SystemRolloutMsgUpdating)
exist.Spec = restore.Spec

isSkipped = false
}
fnUpdate := func(exist runtime.Object) (runtime.Object, error) {
obj, ok := exist.(*policyv1beta1.PodSecurityPolicy)
if !ok {
return nil, fmt.Errorf(SystemRolloutErrFailedConvertToObjectFmt, exist.GetObjectKind(), types.KubernetesKindPodSecurityPolicy)
}
return c.ds.UpdatePodSecurityPolicy(obj)
}
_, err = c.rolloutResource(exist, fnUpdate, isSkipped, log, SystemRolloutMsgSkipIdentical)
if err != nil {
return err
}
}

return nil
}

func (c *SystemRolloutController) restoreRecurringJobs() (err error) {
if c.recurringJobList == nil {
return nil
Expand Down