Upgrade k8s package verison (#5358)

* upgrade k8s package version Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> * Script upgrade and code formatting. Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io> Signed-off-by: hongzhouzi <hongzhouzi@kubesphere.io>
2022-11-15 14:56:38 +08:00
parent 5f91c1663a
commit 44167aa47a
3106 changed files with 321340 additions and 172080 deletions
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/OWNERS
@@ -1,20 +1,16 @@
 # See the OWNERS docs at https://go.k8s.io/owners

 reviewers:
- thockin
- smarterclayton
- wojtek-t
- deads2k
- brendandburns
- derekwaynecarr
- caesarxuchao
- mikedanese
- liggitt
- justinsb
- ncdc
- dims
- hongchaodeng
- krousey
- ingvagabund
- sdminonne
- enj
+  - thockin
+  - smarterclayton
+  - wojtek-t
+  - deads2k
+  - derekwaynecarr
+  - caesarxuchao
+  - mikedanese
+  - liggitt
+  - justinsb
+  - ncdc
+  - dims
+  - ingvagabund
+  - enj
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/create.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/create.go
@@ -18,6 +18,7 @@ package rest

 import (
 	"context"
+	"fmt"

 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
@@ -28,9 +29,11 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/apiserver/pkg/admission"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/features"
 	"k8s.io/apiserver/pkg/storage/names"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/apiserver/pkg/warning"
 )

 // RESTCreateStrategy defines the minimum validation, accepted input, and
@@ -59,6 +62,26 @@ type RESTCreateStrategy interface {
 	// before the object is persisted.  This method should not mutate the
 	// object.
 	Validate(ctx context.Context, obj runtime.Object) field.ErrorList
+	// WarningsOnCreate returns warnings to the client performing a create.
+	// WarningsOnCreate is invoked after default fields in the object have been filled in
+	// and after Validate has passed, before Canonicalize is called, and the object is persisted.
+	// This method must not mutate the object.
+	//
+	// Be brief; limit warnings to 120 characters if possible.
+	// Don't include a "Warning:" prefix in the message (that is added by clients on output).
+	// Warnings returned about a specific field should be formatted as "path.to.field: message".
+	// For example: `spec.imagePullSecrets[0].name: invalid empty name ""`
+	//
+	// Use warning messages to describe problems the client making the API request should correct or be aware of.
+	// For example:
+	// - use of deprecated fields/labels/annotations that will stop working in a future release
+	// - use of obsolete fields/labels/annotations that are non-functional
+	// - malformed or invalid specifications that prevent successful handling of the submitted object,
+	//   but are not rejected by validation for compatibility reasons
+	//
+	// Warnings should not be returned for fields which cannot be resolved by the caller.
+	// For example, do not warn about spec fields in a subresource creation request.
+	WarningsOnCreate(ctx context.Context, obj runtime.Object) []string
 	// Canonicalize allows an object to be mutated into a canonical form. This
 	// ensures that code that operates on these objects can rely on the common
 	// form for things like comparison.  Canonicalize is invoked after
@@ -77,17 +100,22 @@ func BeforeCreate(strategy RESTCreateStrategy, ctx context.Context, obj runtime.
 		return kerr
 	}

-	if strategy.NamespaceScoped() {
-		if !ValidNamespace(ctx, objectMeta) {
-			return errors.NewBadRequest("the namespace of the provided object does not match the namespace sent on the request")
-		}
-	} else if len(objectMeta.GetNamespace()) > 0 {
-		objectMeta.SetNamespace(metav1.NamespaceNone)
+	// ensure that system-critical metadata has been populated
+	if !metav1.HasObjectMetaSystemFieldValues(objectMeta) {
+		return errors.NewInternalError(fmt.Errorf("system metadata was not initialized"))
 	}
-	objectMeta.SetDeletionTimestamp(nil)
-	objectMeta.SetDeletionGracePeriodSeconds(nil)
+
+	// ensure namespace on the object is correct, or error if a conflicting namespace was set in the object
+	requestNamespace, ok := genericapirequest.NamespaceFrom(ctx)
+	if !ok {
+		return errors.NewInternalError(fmt.Errorf("no namespace information found in request context"))
+	}
+	if err := EnsureObjectNamespaceMatchesRequestNamespace(ExpectedNamespaceForScope(requestNamespace, strategy.NamespaceScoped()), objectMeta); err != nil {
+		return err
+	}
+
 	strategy.PrepareForCreate(ctx, obj)
-	FillObjectMetaSystemFields(objectMeta)
+
 	if len(objectMeta.GetGenerateName()) > 0 && len(objectMeta.GetName()) == 0 {
 		objectMeta.SetName(strategy.GenerateName(objectMeta.GetGenerateName()))
 	}
@@ -97,11 +125,6 @@ func BeforeCreate(strategy RESTCreateStrategy, ctx context.Context, obj runtime.
 		objectMeta.SetManagedFields(nil)
 	}

-	// ClusterName is ignored and should not be saved
-	if len(objectMeta.GetClusterName()) > 0 {
-		objectMeta.SetClusterName("")
-	}
-
 	if errs := strategy.Validate(ctx, obj); len(errs) > 0 {
 		return errors.NewInvalid(kind.GroupKind(), objectMeta.GetName(), errs)
 	}
@@ -113,6 +136,10 @@ func BeforeCreate(strategy RESTCreateStrategy, ctx context.Context, obj runtime.
 		return errors.NewInvalid(kind.GroupKind(), objectMeta.GetName(), errs)
 	}

+	for _, w := range strategy.WarningsOnCreate(ctx, obj) {
+		warning.AddWarning(ctx, "", w)
+	}
+
 	strategy.Canonicalize(obj)

 	return nil
@@ -120,21 +147,31 @@ func BeforeCreate(strategy RESTCreateStrategy, ctx context.Context, obj runtime.

 // CheckGeneratedNameError checks whether an error that occurred creating a resource is due
 // to generation being unable to pick a valid name.
-func CheckGeneratedNameError(strategy RESTCreateStrategy, err error, obj runtime.Object) error {
+func CheckGeneratedNameError(ctx context.Context, strategy RESTCreateStrategy, err error, obj runtime.Object) error {
 	if !errors.IsAlreadyExists(err) {
 		return err
 	}

-	objectMeta, kind, kerr := objectMetaAndKind(strategy, obj)
+	objectMeta, gvk, kerr := objectMetaAndKind(strategy, obj)
 	if kerr != nil {
 		return kerr
 	}

 	if len(objectMeta.GetGenerateName()) == 0 {
+		// If we don't have a generated name, return the original error (AlreadyExists).
+		// When we're here, the user picked a name that is causing a conflict.
 		return err
 	}

-	return errors.NewServerTimeoutForKind(kind.GroupKind(), "POST", 0)
+	// Get the group resource information from the context, if populated.
+	gr := schema.GroupResource{}
+	if requestInfo, found := genericapirequest.RequestInfoFrom(ctx); found {
+		gr = schema.GroupResource{Group: gvk.Group, Resource: requestInfo.Resource}
+	}
+
+	// If we have a name and generated name, the server picked a name
+	// that already exists.
+	return errors.NewGenerateNameConflict(gr, objectMeta.GetName(), 1)
 }

 // objectMetaAndKind retrieves kind and ObjectMeta from a runtime object, or returns an error.
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/create_update.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/create_update.go
@@ -39,6 +39,26 @@ type RESTCreateUpdateStrategy interface {
 	// filled in before the object is persisted.  This method should not mutate
 	// the object.
 	ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList
+	// WarningsOnUpdate returns warnings to the client performing the update.
+	// WarningsOnUpdate is invoked after default fields in the object have been filled in
+	// and after ValidateUpdate has passed, before Canonicalize is called, and before the object is persisted.
+	// This method must not mutate either object.
+	//
+	// Be brief; limit warnings to 120 characters if possible.
+	// Don't include a "Warning:" prefix in the message (that is added by clients on output).
+	// Warnings returned about a specific field should be formatted as "path.to.field: message".
+	// For example: `spec.imagePullSecrets[0].name: invalid empty name ""`
+	//
+	// Use warning messages to describe problems the client making the API request should correct or be aware of.
+	// For example:
+	// - use of deprecated fields/labels/annotations that will stop working in a future release
+	// - use of obsolete fields/labels/annotations that are non-functional
+	// - malformed or invalid specifications that prevent successful handling of the submitted object,
+	//   but are not rejected by validation for compatibility reasons
+	//
+	// Warnings should not be returned for fields which cannot be resolved by the caller.
+	// For example, do not warn about spec fields in a status update.
+	WarningsOnUpdate(ctx context.Context, obj, old runtime.Object) []string
 	// AllowUnconditionalUpdate returns true if the object can be updated
 	// unconditionally (irrespective of the latest resource version), when
 	// there is no resource version specified in the object.
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/delete.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/delete.go
@@ -27,6 +27,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apiserver/pkg/admission"
+	utilpointer "k8s.io/utils/pointer"
 )

 // RESTDeleteStrategy defines deletion behavior on an object that follows Kubernetes
@@ -57,6 +58,8 @@ type GarbageCollectionDeleteStrategy interface {
 type RESTGracefulDeleteStrategy interface {
 	// CheckGracefulDelete should return true if the object can be gracefully deleted and set
 	// any default values on the DeleteOptions.
+	// NOTE: if return true, `options.GracePeriodSeconds` must be non-nil (nil will fail),
+	// that's what tells the deletion how "graceful" to be.
 	CheckGracefulDelete(ctx context.Context, obj runtime.Object, options *metav1.DeleteOptions) bool
 }

@@ -86,6 +89,15 @@ func BeforeDelete(strategy RESTDeleteStrategy, ctx context.Context, obj runtime.
 			return false, false, errors.NewConflict(schema.GroupResource{Group: gvk.Group, Resource: gvk.Kind}, objectMeta.GetName(), fmt.Errorf("the ResourceVersion in the precondition (%s) does not match the ResourceVersion in record (%s). The object might have been modified", *options.Preconditions.ResourceVersion, objectMeta.GetResourceVersion()))
 		}
 	}
+
+	// Negative values will be treated as the value `1s` on the delete path.
+	if gracePeriodSeconds := options.GracePeriodSeconds; gracePeriodSeconds != nil && *gracePeriodSeconds < 0 {
+		options.GracePeriodSeconds = utilpointer.Int64(1)
+	}
+	if deletionGracePeriodSeconds := objectMeta.GetDeletionGracePeriodSeconds(); deletionGracePeriodSeconds != nil && *deletionGracePeriodSeconds < 0 {
+		objectMeta.SetDeletionGracePeriodSeconds(utilpointer.Int64(1))
+	}
+
 	gracefulStrategy, ok := strategy.(RESTGracefulDeleteStrategy)
 	if !ok {
 		// If we're not deleting gracefully there's no point in updating Generation, as we won't update
@@ -126,9 +138,15 @@ func BeforeDelete(strategy RESTDeleteStrategy, ctx context.Context, obj runtime.
 		return false, true, nil
 	}

+	// `CheckGracefulDelete` will be implemented by specific strategy
 	if !gracefulStrategy.CheckGracefulDelete(ctx, obj, options) {
 		return false, false, nil
 	}
+
+	if options.GracePeriodSeconds == nil {
+		return false, false, errors.NewInternalError(fmt.Errorf("options.GracePeriodSeconds should not be nil"))
+	}
+
 	now := metav1.NewTime(metav1.Now().Add(time.Second * time.Duration(*options.GracePeriodSeconds)))
 	objectMeta.SetDeletionTimestamp(&now)
 	objectMeta.SetDeletionGracePeriodSeconds(options.GracePeriodSeconds)
@@ -139,6 +157,7 @@ func BeforeDelete(strategy RESTDeleteStrategy, ctx context.Context, obj runtime.
 	if objectMeta.GetGeneration() > 0 {
 		objectMeta.SetGeneration(objectMeta.GetGeneration() + 1)
 	}
+
 	return true, false, nil
 }

--- a/vendor/k8s.io/apiserver/pkg/registry/rest/meta.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/meta.go
@@ -17,27 +17,65 @@ limitations under the License.
 package rest

 import (
-	"context"
-
+	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/uuid"
-	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 )

+// WipeObjectMetaSystemFields erases fields that are managed by the system on ObjectMeta.
+func WipeObjectMetaSystemFields(meta metav1.Object) {
+	meta.SetCreationTimestamp(metav1.Time{})
+	meta.SetUID("")
+	meta.SetDeletionTimestamp(nil)
+	meta.SetDeletionGracePeriodSeconds(nil)
+	meta.SetSelfLink("")
+}
+
 // FillObjectMetaSystemFields populates fields that are managed by the system on ObjectMeta.
 func FillObjectMetaSystemFields(meta metav1.Object) {
 	meta.SetCreationTimestamp(metav1.Now())
 	meta.SetUID(uuid.NewUUID())
-	meta.SetSelfLink("")
 }

-// ValidNamespace returns false if the namespace on the context differs from
-// the resource.  If the resource has no namespace, it is set to the value in
-// the context.
-func ValidNamespace(ctx context.Context, resource metav1.Object) bool {
-	ns, ok := genericapirequest.NamespaceFrom(ctx)
-	if len(resource.GetNamespace()) == 0 {
-		resource.SetNamespace(ns)
+// EnsureObjectNamespaceMatchesRequestNamespace returns an error if obj.Namespace and requestNamespace
+// are both populated and do not match. If either is unpopulated, it modifies obj as needed to ensure
+// obj.GetNamespace() == requestNamespace.
+func EnsureObjectNamespaceMatchesRequestNamespace(requestNamespace string, obj metav1.Object) error {
+	objNamespace := obj.GetNamespace()
+	switch {
+	case objNamespace == requestNamespace:
+		// already matches, no-op
+		return nil
+
+	case objNamespace == metav1.NamespaceNone:
+		// unset, default to request namespace
+		obj.SetNamespace(requestNamespace)
+		return nil
+
+	case requestNamespace == metav1.NamespaceNone:
+		// cluster-scoped, clear namespace
+		obj.SetNamespace(metav1.NamespaceNone)
+		return nil
+
+	default:
+		// mismatch, error
+		return errors.NewBadRequest("the namespace of the provided object does not match the namespace sent on the request")
 	}
-	return ns == resource.GetNamespace() && ok
+}
+
+// ExpectedNamespaceForScope returns the expected namespace for a resource, given the request namespace and resource scope.
+func ExpectedNamespaceForScope(requestNamespace string, namespaceScoped bool) string {
+	if namespaceScoped {
+		return requestNamespace
+	}
+	return ""
+}
+
+// ExpectedNamespaceForResource returns the expected namespace for a resource, given the request namespace.
+func ExpectedNamespaceForResource(requestNamespace string, resource schema.GroupVersionResource) string {
+	if resource.Resource == "namespaces" && resource.Group == "" {
+		return ""
+	}
+	return requestNamespace
 }
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/rest.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/rest.go
@@ -56,6 +56,11 @@ type Storage interface {
 	// New returns an empty object that can be used with Create and Update after request data has been put into it.
 	// This object must be a pointer type for use with Codec.DecodeInto([]byte, runtime.Object)
 	New() runtime.Object
+
+	// Destroy cleans up its resources on shutdown.
+	// Destroy has to be implemented in thread-safe way and be prepared
+	// for being called more than once.
+	Destroy()
 }

 // Scoper indicates what scope the resource is at. It must be specified.
@@ -92,6 +97,13 @@ type GroupVersionKindProvider interface {
 	GroupVersionKind(containingGV schema.GroupVersion) schema.GroupVersionKind
 }

+// GroupVersionAcceptor is used to determine if a particular GroupVersion is acceptable to send to an endpoint.
+// This is used for endpoints which accept multiple versions (which is extremely rare).
+// The only known instance is pods/evictions which accepts policy/v1, but also policy/v1beta1 for backwards compatibility.
+type GroupVersionAcceptor interface {
+	AcceptsGroupVersion(gv schema.GroupVersion) bool
+}
+
 // Lister is an object that can retrieve resources that match the provided field and label criteria.
 type Lister interface {
 	// NewList returns an empty object that can be used with the List call.
@@ -271,6 +283,11 @@ type StandardStorage interface {
 	GracefulDeleter
 	CollectionDeleter
 	Watcher
+
+	// Destroy cleans up its resources on shutdown.
+	// Destroy has to be implemented in thread-safe way and be prepared
+	// for being called more than once.
+	Destroy()
 }

 // Redirector know how to return a remote resource's location.
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/table.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/table.go
@@ -70,13 +70,11 @@ func (c defaultTableConvertor) ConvertToTable(ctx context.Context, object runtim
 	}
 	if m, err := meta.ListAccessor(object); err == nil {
 		table.ResourceVersion = m.GetResourceVersion()
-		table.SelfLink = m.GetSelfLink()
 		table.Continue = m.GetContinue()
 		table.RemainingItemCount = m.GetRemainingItemCount()
 	} else {
 		if m, err := meta.CommonAccessor(object); err == nil {
 			table.ResourceVersion = m.GetResourceVersion()
-			table.SelfLink = m.GetSelfLink()
 		}
 	}
 	if opt, ok := tableOptions.(*metav1.TableOptions); !ok || !opt.NoHeaders {
--- a/vendor/k8s.io/apiserver/pkg/registry/rest/update.go
+++ b/vendor/k8s.io/apiserver/pkg/registry/rest/update.go
@@ -28,8 +28,10 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/apiserver/pkg/admission"
+	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/features"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/apiserver/pkg/warning"
 )

 // RESTUpdateStrategy defines the minimum validation, accepted input, and
@@ -51,6 +53,26 @@ type RESTUpdateStrategy interface {
 	// filled in before the object is persisted.  This method should not mutate
 	// the object.
 	ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList
+	// WarningsOnUpdate returns warnings to the client performing the update.
+	// WarningsOnUpdate is invoked after default fields in the object have been filled in
+	// and after ValidateUpdate has passed, before Canonicalize is called, and before the object is persisted.
+	// This method must not mutate either object.
+	//
+	// Be brief; limit warnings to 120 characters if possible.
+	// Don't include a "Warning:" prefix in the message (that is added by clients on output).
+	// Warnings returned about a specific field should be formatted as "path.to.field: message".
+	// For example: `spec.imagePullSecrets[0].name: invalid empty name ""`
+	//
+	// Use warning messages to describe problems the client making the API request should correct or be aware of.
+	// For example:
+	// - use of deprecated fields/labels/annotations that will stop working in a future release
+	// - use of obsolete fields/labels/annotations that are non-functional
+	// - malformed or invalid specifications that prevent successful handling of the submitted object,
+	//   but are not rejected by validation for compatibility reasons
+	//
+	// Warnings should not be returned for fields which cannot be resolved by the caller.
+	// For example, do not warn about spec fields in a status update.
+	WarningsOnUpdate(ctx context.Context, obj, old runtime.Object) []string
 	// Canonicalize allows an object to be mutated into a canonical form. This
 	// ensures that code that operates on these objects can rely on the common
 	// form for things like comparison.  Canonicalize is invoked after
@@ -89,12 +111,14 @@ func BeforeUpdate(strategy RESTUpdateStrategy, ctx context.Context, obj, old run
 	if kerr != nil {
 		return kerr
 	}
-	if strategy.NamespaceScoped() {
-		if !ValidNamespace(ctx, objectMeta) {
-			return errors.NewBadRequest("the namespace of the provided object does not match the namespace sent on the request")
-		}
-	} else if len(objectMeta.GetNamespace()) > 0 {
-		objectMeta.SetNamespace(metav1.NamespaceNone)
+
+	// ensure namespace on the object is correct, or error if a conflicting namespace was set in the object
+	requestNamespace, ok := genericapirequest.NamespaceFrom(ctx)
+	if !ok {
+		return errors.NewInternalError(fmt.Errorf("no namespace information found in request context"))
+	}
+	if err := EnsureObjectNamespaceMatchesRequestNamespace(ExpectedNamespaceForScope(requestNamespace, strategy.NamespaceScoped()), objectMeta); err != nil {
+		return err
 	}

 	// Ensure requests cannot update generation
@@ -112,10 +136,6 @@ func BeforeUpdate(strategy RESTUpdateStrategy, ctx context.Context, obj, old run

 	strategy.PrepareForUpdate(ctx, obj, old)

-	// ClusterName is ignored and should not be saved
-	if len(objectMeta.GetClusterName()) > 0 {
-		objectMeta.SetClusterName("")
-	}
 	// Use the existing UID if none is provided
 	if len(objectMeta.GetUID()) == 0 {
 		objectMeta.SetUID(oldMeta.GetUID())
@@ -144,6 +164,10 @@ func BeforeUpdate(strategy RESTUpdateStrategy, ctx context.Context, obj, old run
 		return errors.NewInvalid(kind.GroupKind(), objectMeta.GetName(), errs)
 	}

+	for _, w := range strategy.WarningsOnUpdate(ctx, obj, old) {
+		warning.AddWarning(ctx, "", w)
+	}
+
 	strategy.Canonicalize(obj)

 	return nil