add service mesh controller

add service mesh metrics

remove unused circle yaml

fix travis misconfiguration

fix travis misconfiguration

fix travis misconfiguration

vendor/k8s.io/client-go/rest/OWNERS

@@ -1,24 +0,0 @@
-reviewers:
-- thockin
-- smarterclayton
-- caesarxuchao
-- wojtek-t
-- deads2k
-- brendandburns
-- liggitt
-- nikhiljindal
-- gmarek
-- erictune
-- sttts
-- luxas
-- dims
-- errordeveloper
-- hongchaodeng
-- krousey
-- resouer
-- cjcullen
-- rmmh
-- lixiaobing10051267
-- asalkeld
-- juanvallejo
-- lojies

vendor/k8s.io/client-go/rest/config.go

@@ -29,7 +29,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/golang/glog"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -37,6 +36,7 @@ import (
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 	certutil "k8s.io/client-go/util/cert"
 	"k8s.io/client-go/util/flowcontrol"
+	"k8s.io/klog"
 )
 
 const (
@@ -70,6 +70,11 @@ type Config struct {
 	// TODO: demonstrate an OAuth2 compatible client.
 	BearerToken string
 
+	// Path to a file containing a BearerToken.
+	// If set, the contents are periodically read.
+	// The last successfully read value takes precedence over BearerToken.
+	BearerTokenFile string
+
 	// Impersonate is the configuration that RESTClient will use for impersonation.
 	Impersonate ImpersonationConfig
 
@@ -322,16 +327,15 @@ func InClusterConfig() (*Config, error) {
 		return nil, ErrNotInCluster
 	}
 
-	ts := newCachedPathTokenSource(tokenFile)
-
-	if _, err := ts.Token(); err != nil {
+	token, err := ioutil.ReadFile(tokenFile)
+	if err != nil {
 		return nil, err
 	}
 
 	tlsClientConfig := TLSClientConfig{}
 
 	if _, err := certutil.NewPool(rootCAFile); err != nil {
-		glog.Errorf("Expected to load root CA config from %s, but got err: %v", rootCAFile, err)
+		klog.Errorf("Expected to load root CA config from %s, but got err: %v", rootCAFile, err)
 	} else {
 		tlsClientConfig.CAFile = rootCAFile
 	}
@@ -340,7 +344,8 @@ func InClusterConfig() (*Config, error) {
 		// TODO: switch to using cluster DNS.
 		Host:            "https://" + net.JoinHostPort(host, port),
 		TLSClientConfig: tlsClientConfig,
-		WrapTransport:   TokenSourceWrapTransport(ts),
+		BearerToken:     string(token),
+		BearerTokenFile: tokenFile,
 	}, nil
 }
 
@@ -430,12 +435,13 @@ func AnonymousClientConfig(config *Config) *Config {
 // CopyConfig returns a copy of the given config
 func CopyConfig(config *Config) *Config {
 	return &Config{
-		Host:          config.Host,
-		APIPath:       config.APIPath,
-		ContentConfig: config.ContentConfig,
-		Username:      config.Username,
-		Password:      config.Password,
-		BearerToken:   config.BearerToken,
+		Host:            config.Host,
+		APIPath:         config.APIPath,
+		ContentConfig:   config.ContentConfig,
+		Username:        config.Username,
+		Password:        config.Password,
+		BearerToken:     config.BearerToken,
+		BearerTokenFile: config.BearerTokenFile,
 		Impersonate: ImpersonationConfig{
 			Groups:   config.Impersonate.Groups,
 			Extra:    config.Impersonate.Extra,

vendor/k8s.io/client-go/rest/plugin.go

@@ -21,7 +21,7 @@ import (
 	"net/http"
 	"sync"
 
-	"github.com/golang/glog"
+	"k8s.io/klog"
 
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 )
@@ -57,7 +57,7 @@ func RegisterAuthProviderPlugin(name string, plugin Factory) error {
 	if _, found := plugins[name]; found {
 		return fmt.Errorf("Auth Provider Plugin %q was registered twice", name)
 	}
-	glog.V(4).Infof("Registered Auth Provider Plugin %q", name)
+	klog.V(4).Infof("Registered Auth Provider Plugin %q", name)
 	plugins[name] = plugin
 	return nil
 }

vendor/k8s.io/client-go/rest/request.go

@@ -32,7 +32,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/golang/glog"
 	"golang.org/x/net/http2"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -44,6 +43,7 @@ import (
 	restclientwatch "k8s.io/client-go/rest/watch"
 	"k8s.io/client-go/tools/metrics"
 	"k8s.io/client-go/util/flowcontrol"
+	"k8s.io/klog"
 )
 
 var (
@@ -114,7 +114,7 @@ type Request struct {
 // NewRequest creates a new request helper object for accessing runtime.Objects on a server.
 func NewRequest(client HTTPClient, verb string, baseURL *url.URL, versionedAPIPath string, content ContentConfig, serializers Serializers, backoff BackoffManager, throttle flowcontrol.RateLimiter, timeout time.Duration) *Request {
 	if backoff == nil {
-		glog.V(2).Infof("Not implementing request backoff strategy.")
+		klog.V(2).Infof("Not implementing request backoff strategy.")
 		backoff = &NoBackoff{}
 	}
 
@@ -527,7 +527,7 @@ func (r *Request) tryThrottle() {
 		r.throttle.Accept()
 	}
 	if latency := time.Since(now); latency > longThrottleLatency {
-		glog.V(4).Infof("Throttling request took %v, request: %s:%s", latency, r.verb, r.URL().String())
+		klog.V(4).Infof("Throttling request took %v, request: %s:%s", latency, r.verb, r.URL().String())
 	}
 }
 
@@ -683,7 +683,7 @@ func (r *Request) request(fn func(*http.Request, *http.Response)) error {
 	}()
 
 	if r.err != nil {
-		glog.V(4).Infof("Error in request: %v", r.err)
+		klog.V(4).Infof("Error in request: %v", r.err)
 		return r.err
 	}
 
@@ -770,13 +770,13 @@ func (r *Request) request(fn func(*http.Request, *http.Response)) error {
 				if seeker, ok := r.body.(io.Seeker); ok && r.body != nil {
 					_, err := seeker.Seek(0, 0)
 					if err != nil {
-						glog.V(4).Infof("Could not retry request, can't Seek() back to beginning of body for %T", r.body)
+						klog.V(4).Infof("Could not retry request, can't Seek() back to beginning of body for %T", r.body)
 						fn(req, resp)
 						return true
 					}
 				}
 
-				glog.V(4).Infof("Got a Retry-After %ds response for attempt %d to %v", seconds, retries, url)
+				klog.V(4).Infof("Got a Retry-After %ds response for attempt %d to %v", seconds, retries, url)
 				r.backoffMgr.Sleep(time.Duration(seconds) * time.Second)
 				return false
 			}
@@ -844,13 +844,13 @@ func (r *Request) transformResponse(resp *http.Response, req *http.Request) Resu
 			// 2. Apiserver sends back the headers and then part of the body
 			// 3. Apiserver closes connection.
 			// 4. client-go should catch this and return an error.
-			glog.V(2).Infof("Stream error %#v when reading response body, may be caused by closed connection.", err)
+			klog.V(2).Infof("Stream error %#v when reading response body, may be caused by closed connection.", err)
 			streamErr := fmt.Errorf("Stream error %#v when reading response body, may be caused by closed connection. Please retry.", err)
 			return Result{
 				err: streamErr,
 			}
 		default:
-			glog.Errorf("Unexpected error when reading response body: %#v", err)
+			klog.Errorf("Unexpected error when reading response body: %#v", err)
 			unexpectedErr := fmt.Errorf("Unexpected error %#v when reading response body. Please retry.", err)
 			return Result{
 				err: unexpectedErr,
@@ -914,11 +914,11 @@ func (r *Request) transformResponse(resp *http.Response, req *http.Request) Resu
 func truncateBody(body string) string {
 	max := 0
 	switch {
-	case bool(glog.V(10)):
+	case bool(klog.V(10)):
 		return body
-	case bool(glog.V(9)):
+	case bool(klog.V(9)):
 		max = 10240
-	case bool(glog.V(8)):
+	case bool(klog.V(8)):
 		max = 1024
 	}
 
@@ -933,13 +933,13 @@ func truncateBody(body string) string {
 // allocating a new string for the body output unless necessary. Uses a simple heuristic to determine
 // whether the body is printable.
 func glogBody(prefix string, body []byte) {
-	if glog.V(8) {
+	if klog.V(8) {
 		if bytes.IndexFunc(body, func(r rune) bool {
 			return r < 0x0a
 		}) != -1 {
-			glog.Infof("%s:\n%s", prefix, truncateBody(hex.Dump(body)))
+			klog.Infof("%s:\n%s", prefix, truncateBody(hex.Dump(body)))
 		} else {
-			glog.Infof("%s: %s", prefix, truncateBody(string(body)))
+			klog.Infof("%s: %s", prefix, truncateBody(string(body)))
 		}
 	}
 }
@@ -1141,7 +1141,7 @@ func (r Result) Error() error {
 	// to be backwards compatible with old servers that do not return a version, default to "v1"
 	out, _, err := r.decoder.Decode(r.body, &schema.GroupVersionKind{Version: "v1"}, nil)
 	if err != nil {
-		glog.V(5).Infof("body was not decodable (unable to check for Status): %v", err)
+		klog.V(5).Infof("body was not decodable (unable to check for Status): %v", err)
 		return r.err
 	}
 	switch t := out.(type) {

vendor/k8s.io/client-go/rest/token_source.go

@@ -1,138 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package rest
-
-import (
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/golang/glog"
-	"golang.org/x/oauth2"
-)
-
-// TokenSourceWrapTransport returns a WrapTransport that injects bearer tokens
-// authentication from an oauth2.TokenSource.
-func TokenSourceWrapTransport(ts oauth2.TokenSource) func(http.RoundTripper) http.RoundTripper {
-	return func(rt http.RoundTripper) http.RoundTripper {
-		return &tokenSourceTransport{
-			base: rt,
-			ort: &oauth2.Transport{
-				Source: ts,
-				Base:   rt,
-			},
-		}
-	}
-}
-
-func newCachedPathTokenSource(path string) oauth2.TokenSource {
-	return &cachingTokenSource{
-		now:    time.Now,
-		leeway: 1 * time.Minute,
-		base: &fileTokenSource{
-			path: path,
-			// This period was picked because it is half of the minimum validity
-			// duration for a token provisioned by they TokenRequest API. This is
-			// unsophisticated and should induce rotation at a frequency that should
-			// work with the token volume source.
-			period: 5 * time.Minute,
-		},
-	}
-}
-
-type tokenSourceTransport struct {
-	base http.RoundTripper
-	ort  http.RoundTripper
-}
-
-func (tst *tokenSourceTransport) RoundTrip(req *http.Request) (*http.Response, error) {
-	// This is to allow --token to override other bearer token providers.
-	if req.Header.Get("Authorization") != "" {
-		return tst.base.RoundTrip(req)
-	}
-	return tst.ort.RoundTrip(req)
-}
-
-type fileTokenSource struct {
-	path   string
-	period time.Duration
-}
-
-var _ = oauth2.TokenSource(&fileTokenSource{})
-
-func (ts *fileTokenSource) Token() (*oauth2.Token, error) {
-	tokb, err := ioutil.ReadFile(ts.path)
-	if err != nil {
-		return nil, fmt.Errorf("failed to read token file %q: %v", ts.path, err)
-	}
-	tok := strings.TrimSpace(string(tokb))
-	if len(tok) == 0 {
-		return nil, fmt.Errorf("read empty token from file %q", ts.path)
-	}
-
-	return &oauth2.Token{
-		AccessToken: tok,
-		Expiry:      time.Now().Add(ts.period),
-	}, nil
-}
-
-type cachingTokenSource struct {
-	base   oauth2.TokenSource
-	leeway time.Duration
-
-	sync.RWMutex
-	tok *oauth2.Token
-
-	// for testing
-	now func() time.Time
-}
-
-var _ = oauth2.TokenSource(&cachingTokenSource{})
-
-func (ts *cachingTokenSource) Token() (*oauth2.Token, error) {
-	now := ts.now()
-	// fast path
-	ts.RLock()
-	tok := ts.tok
-	ts.RUnlock()
-
-	if tok != nil && tok.Expiry.Add(-1*ts.leeway).After(now) {
-		return tok, nil
-	}
-
-	// slow path
-	ts.Lock()
-	defer ts.Unlock()
-	if tok := ts.tok; tok != nil && tok.Expiry.Add(-1*ts.leeway).After(now) {
-		return tok, nil
-	}
-
-	tok, err := ts.base.Token()
-	if err != nil {
-		if ts.tok == nil {
-			return nil, err
-		}
-		glog.Errorf("Unable to rotate token: %v", err)
-		return ts.tok, nil
-	}
-
-	ts.tok = tok
-	return tok, nil
-}

vendor/k8s.io/client-go/rest/urlbackoff.go

@@ -20,9 +20,9 @@ import (
 	"net/url"
 	"time"
 
-	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/client-go/util/flowcontrol"
+	"k8s.io/klog"
 )
 
 // Set of resp. Codes that we backoff for.
@@ -64,7 +64,7 @@ func (n *NoBackoff) Sleep(d time.Duration) {
 // Disable makes the backoff trivial, i.e., sets it to zero.  This might be used
 // by tests which want to run 1000s of mock requests without slowing down.
 func (b *URLBackoff) Disable() {
-	glog.V(4).Infof("Disabling backoff strategy")
+	klog.V(4).Infof("Disabling backoff strategy")
 	b.Backoff = flowcontrol.NewBackOff(0*time.Second, 0*time.Second)
 }
 
@@ -76,7 +76,7 @@ func (b *URLBackoff) baseUrlKey(rawurl *url.URL) string {
 	// in the future.
 	host, err := url.Parse(rawurl.String())
 	if err != nil {
-		glog.V(4).Infof("Error extracting url: %v", rawurl)
+		klog.V(4).Infof("Error extracting url: %v", rawurl)
 		panic("bad url!")
 	}
 	return host.Host
@@ -89,7 +89,7 @@ func (b *URLBackoff) UpdateBackoff(actualUrl *url.URL, err error, responseCode i
 		b.Backoff.Next(b.baseUrlKey(actualUrl), b.Backoff.Clock.Now())
 		return
 	} else if responseCode >= 300 || err != nil {
-		glog.V(4).Infof("Client is returning errors: code %v, error %v", responseCode, err)
+		klog.V(4).Infof("Client is returning errors: code %v, error %v", responseCode, err)
 	}
 
 	//If we got this far, there is no backoff required for this URL anymore.