Upgrade k8s package verison (#5358)

* upgrade k8s package version Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> * Script upgrade and code formatting. Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>
2022-11-15 14:56:38 +08:00
parent 5f91c1663a
commit 44167aa47a
3106 changed files with 321340 additions and 172080 deletions
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizer/interfaces.go
@@ -71,10 +71,10 @@ type Authorizer interface {
 	Authorize(ctx context.Context, a Attributes) (authorized Decision, reason string, err error)
 }

-type AuthorizerFunc func(a Attributes) (Decision, string, error)
+type AuthorizerFunc func(ctx context.Context, a Attributes) (Decision, string, error)

 func (f AuthorizerFunc) Authorize(ctx context.Context, a Attributes) (Decision, string, error) {
-	return f(a)
+	return f(ctx, a)
 }

 // RuleResolver provides a mechanism for resolving the list of rules that apply to a given user within a namespace.
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/OWNERS
@@ -1,5 +0,0 @@
-# See the OWNERS docs at https://go.k8s.io/owners
-
-reviewers:
- deads2k
- dims
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/delegating.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/delegating.go
@@ -29,7 +29,7 @@ import (
 // DelegatingAuthorizerConfig is the minimal configuration needed to create an authenticator
 // built to delegate authorization to a kube API server
 type DelegatingAuthorizerConfig struct {
-	SubjectAccessReviewClient authorizationclient.SubjectAccessReviewInterface
+	SubjectAccessReviewClient authorizationclient.AuthorizationV1Interface

 	// AllowCacheTTL is the length of time that a successful authorization response will be cached
 	AllowCacheTTL time.Duration
@@ -54,5 +54,9 @@ func (c DelegatingAuthorizerConfig) New() (authorizer.Authorizer, error) {
 		c.AllowCacheTTL,
 		c.DenyCacheTTL,
 		*c.WebhookRetryBackoff,
+		webhook.AuthorizerMetrics{
+			RecordRequestTotal:   RecordRequestTotal,
+			RecordRequestLatency: RecordRequestLatency,
+		},
 	)
 }
--- a/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/metrics.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory/metrics.go
@@ -0,0 +1,69 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package authorizerfactory
+
+import (
+	"context"
+
+	compbasemetrics "k8s.io/component-base/metrics"
+	"k8s.io/component-base/metrics/legacyregistry"
+)
+
+type registerables []compbasemetrics.Registerable
+
+// init registers all metrics
+func init() {
+	for _, metric := range metrics {
+		legacyregistry.MustRegister(metric)
+	}
+}
+
+var (
+	requestTotal = compbasemetrics.NewCounterVec(
+		&compbasemetrics.CounterOpts{
+			Name:           "apiserver_delegated_authz_request_total",
+			Help:           "Number of HTTP requests partitioned by status code.",
+			StabilityLevel: compbasemetrics.ALPHA,
+		},
+		[]string{"code"},
+	)
+
+	requestLatency = compbasemetrics.NewHistogramVec(
+		&compbasemetrics.HistogramOpts{
+			Name:           "apiserver_delegated_authz_request_duration_seconds",
+			Help:           "Request latency in seconds. Broken down by status code.",
+			Buckets:        []float64{0.25, 0.5, 0.7, 1, 1.5, 3, 5, 10},
+			StabilityLevel: compbasemetrics.ALPHA,
+		},
+		[]string{"code"},
+	)
+
+	metrics = registerables{
+		requestTotal,
+		requestLatency,
+	}
+)
+
+// RecordRequestTotal increments the total number of requests for the delegated authorization.
+func RecordRequestTotal(ctx context.Context, code string) {
+	requestTotal.WithContext(ctx).WithLabelValues(code).Add(1)
+}
+
+// RecordRequestLatency measures request latency in seconds for the delegated authorization. Broken down by status code.
+func RecordRequestLatency(ctx context.Context, code string, latency float64) {
+	requestLatency.WithContext(ctx).WithLabelValues(code).Observe(latency)
+}
--- a/vendor/k8s.io/apiserver/pkg/authorization/path/path.go
+++ b/vendor/k8s.io/apiserver/pkg/authorization/path/path.go
@@ -17,6 +17,7 @@ limitations under the License.
 package path

 import (
+	"context"
 	"fmt"
 	"strings"

@@ -46,7 +47,7 @@ func NewAuthorizer(alwaysAllowPaths []string) (authorizer.Authorizer, error) {
 		}
 	}

-	return authorizer.AuthorizerFunc(func(a authorizer.Attributes) (authorizer.Decision, string, error) {
+	return authorizer.AuthorizerFunc(func(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error) {
 		if a.IsResourceRequest() {
 			return authorizer.DecisionNoOpinion, "", nil
 		}