use istio client-go library instead of knative (#1661)

use istio client-go library instead of knative bump kubernetes dependency version change code coverage to codecov
2019-12-13 11:26:18 +08:00
parent f249a6e081
commit ea88c8803d
2071 changed files with 354531 additions and 108336 deletions
--- a/vendor/k8s.io/apiserver/pkg/audit/OWNERS
+++ b/vendor/k8s.io/apiserver/pkg/audit/OWNERS
@@ -1,3 +1,5 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
 approvers:
 - sig-auth-audit-approvers
 reviewers:
--- a/vendor/k8s.io/apiserver/pkg/audit/metrics.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/metrics.go
@@ -19,8 +19,9 @@ package audit
 import (
 	"fmt"

-	"github.com/prometheus/client_golang/prometheus"
 	auditinternal "k8s.io/apiserver/pkg/apis/audit"
+	"k8s.io/component-base/metrics"
+	"k8s.io/component-base/metrics/legacyregistry"
 	"k8s.io/klog"
 )

@@ -28,46 +29,58 @@ const (
 	subsystem = "apiserver_audit"
 )

+/*
+ * By default, all the following metrics are defined as falling under
+ * ALPHA stability level https://github.com/kubernetes/enhancements/blob/master/keps/sig-instrumentation/20190404-kubernetes-control-plane-metrics-stability.md#stability-classes)
+ *
+ * Promoting the stability level of the metric is a responsibility of the component owner, since it
+ * involves explicitly acknowledging support for the metric across multiple releases, in accordance with
+ * the metric stability policy.
+ */
 var (
-	eventCounter = prometheus.NewCounter(
-		prometheus.CounterOpts{
-			Subsystem: subsystem,
-			Name:      "event_total",
-			Help:      "Counter of audit events generated and sent to the audit backend.",
+	eventCounter = metrics.NewCounter(
+		&metrics.CounterOpts{
+			Subsystem:      subsystem,
+			Name:           "event_total",
+			Help:           "Counter of audit events generated and sent to the audit backend.",
+			StabilityLevel: metrics.ALPHA,
 		})
-	errorCounter = prometheus.NewCounterVec(
-		prometheus.CounterOpts{
+	errorCounter = metrics.NewCounterVec(
+		&metrics.CounterOpts{
 			Subsystem: subsystem,
 			Name:      "error_total",
 			Help: "Counter of audit events that failed to be audited properly. " +
 				"Plugin identifies the plugin affected by the error.",
+			StabilityLevel: metrics.ALPHA,
 		},
 		[]string{"plugin"},
 	)
-	levelCounter = prometheus.NewCounterVec(
-		prometheus.CounterOpts{
-			Subsystem: subsystem,
-			Name:      "level_total",
-			Help:      "Counter of policy levels for audit events (1 per request).",
+	levelCounter = metrics.NewCounterVec(
+		&metrics.CounterOpts{
+			Subsystem:      subsystem,
+			Name:           "level_total",
+			Help:           "Counter of policy levels for audit events (1 per request).",
+			StabilityLevel: metrics.ALPHA,
 		},
 		[]string{"level"},
 	)

-	ApiserverAuditDroppedCounter = prometheus.NewCounter(
-		prometheus.CounterOpts{
+	ApiserverAuditDroppedCounter = metrics.NewCounter(
+		&metrics.CounterOpts{
 			Subsystem: subsystem,
 			Name:      "requests_rejected_total",
 			Help: "Counter of apiserver requests rejected due to an error " +
 				"in audit logging backend.",
+			StabilityLevel: metrics.ALPHA,
 		},
 	)
 )

 func init() {
-	prometheus.MustRegister(eventCounter)
-	prometheus.MustRegister(errorCounter)
-	prometheus.MustRegister(levelCounter)
-	prometheus.MustRegister(ApiserverAuditDroppedCounter)
+	legacyregistry.MustRegister(eventCounter)
+	legacyregistry.MustRegister(errorCounter)
+	legacyregistry.MustRegister(levelCounter)
+	legacyregistry.MustRegister(ApiserverAuditDroppedCounter)
 }

 // ObserveEvent updates the relevant prometheus metrics for the generated audit event.
--- a/vendor/k8s.io/apiserver/pkg/audit/request.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/request.go
@@ -20,13 +20,13 @@ import (
 	"bytes"
 	"fmt"
 	"net/http"
+	"reflect"
 	"time"

 	"github.com/pborman/uuid"
 	"k8s.io/klog"

-	"reflect"
-
+	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -117,8 +117,9 @@ func LogRequestObject(ae *auditinternal.Event, obj runtime.Object, gvr schema.Gr
 	if ae.ObjectRef == nil {
 		ae.ObjectRef = &auditinternal.ObjectReference{}
 	}
-	if acc, ok := obj.(metav1.ObjectMetaAccessor); ok {
-		meta := acc.GetObjectMeta()
+
+	// meta.Accessor is more general than ObjectMetaAccessor, but if it fails, we can just skip setting these bits
+	if meta, err := meta.Accessor(obj); err == nil {
 		if len(ae.ObjectRef.Namespace) == 0 {
 			ae.ObjectRef.Namespace = meta.GetNamespace()
 		}
@@ -196,22 +197,22 @@ func LogResponseObject(ae *auditinternal.Event, obj runtime.Object, gv schema.Gr
 }

 func encodeObject(obj runtime.Object, gv schema.GroupVersion, serializer runtime.NegotiatedSerializer) (*runtime.Unknown, error) {
-	supported := serializer.SupportedMediaTypes()
-	for i := range supported {
-		if supported[i].MediaType == "application/json" {
-			enc := serializer.EncoderForVersion(supported[i].Serializer, gv)
-			var buf bytes.Buffer
-			if err := enc.Encode(obj, &buf); err != nil {
-				return nil, fmt.Errorf("encoding failed: %v", err)
-			}
-
-			return &runtime.Unknown{
-				Raw:         buf.Bytes(),
-				ContentType: runtime.ContentTypeJSON,
-			}, nil
-		}
+	const mediaType = runtime.ContentTypeJSON
+	info, ok := runtime.SerializerInfoForMediaType(serializer.SupportedMediaTypes(), mediaType)
+	if !ok {
+		return nil, fmt.Errorf("unable to locate encoder -- %q is not a supported media type", mediaType)
 	}
-	return nil, fmt.Errorf("no json encoder found")
+
+	enc := serializer.EncoderForVersion(info.Serializer, gv)
+	var buf bytes.Buffer
+	if err := enc.Encode(obj, &buf); err != nil {
+		return nil, fmt.Errorf("encoding failed: %v", err)
+	}
+
+	return &runtime.Unknown{
+		Raw:         buf.Bytes(),
+		ContentType: runtime.ContentTypeJSON,
+	}, nil
 }

 // LogAnnotation fills in the Annotations according to the key value pair.
@@ -229,16 +230,6 @@ func LogAnnotation(ae *auditinternal.Event, key, value string) {
 	ae.Annotations[key] = value
 }

-// LogAnnotations fills in the Annotations according to the annotations map.
-func LogAnnotations(ae *auditinternal.Event, annotations map[string]string) {
-	if ae == nil || ae.Level.Less(auditinternal.LevelMetadata) {
-		return
-	}
-	for key, value := range annotations {
-		LogAnnotation(ae, key, value)
-	}
-}
-
 // truncate User-Agent if too long, otherwise return it directly.
 func maybeTruncateUserAgent(req *http.Request) string {
 	ua := req.UserAgent()
--- a/vendor/k8s.io/apiserver/pkg/audit/scheme.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/scheme.go
@@ -23,6 +23,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	auditinternal "k8s.io/apiserver/pkg/apis/audit"
 	"k8s.io/apiserver/pkg/apis/audit/v1"
 	"k8s.io/apiserver/pkg/apis/audit/v1alpha1"
 	"k8s.io/apiserver/pkg/apis/audit/v1beta1"
@@ -36,4 +37,6 @@ func init() {
 	utilruntime.Must(v1.AddToScheme(Scheme))
 	utilruntime.Must(v1alpha1.AddToScheme(Scheme))
 	utilruntime.Must(v1beta1.AddToScheme(Scheme))
+	utilruntime.Must(auditinternal.AddToScheme(Scheme))
+	utilruntime.Must(Scheme.SetVersionPriority(v1.SchemeGroupVersion, v1beta1.SchemeGroupVersion, v1alpha1.SchemeGroupVersion))
 }
--- a/vendor/k8s.io/apiserver/pkg/audit/util/conversion.go
+++ b/vendor/k8s.io/apiserver/pkg/audit/util/conversion.go
@@ -35,6 +35,12 @@ func HookClientConfigForSink(a *v1alpha1.AuditSink) webhook.ClientConfig {
 			Name:      c.Service.Name,
 			Namespace: c.Service.Namespace,
 		}
+		if c.Service.Port != nil {
+			ret.Service.Port = *c.Service.Port
+		} else {
+			ret.Service.Port = 443
+		}
+
 		if c.Service.Path != nil {
 			ret.Service.Path = *c.Service.Path
 		}