Decouple shared functions between controllers (#8829)

* Decouple shared functions between controllers * Apply suggestions from code review Co-authored-by: Jintao Zhang <tao12345666333@163.com> * Fix package names and fmt Co-authored-by: Jintao Zhang <tao12345666333@163.com>
2022-07-20 15:53:44 -03:00 · 2022-07-20 15:53:44 -03:00 · 4c6a7ee158
commit 4c6a7ee158
parent 8f9df544ea
27 changed files with 413 additions and 134 deletions
--- a/internal/file/file.go
+++ b/internal/file/file.go
@ -1,38 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package file
-
-import (
-	"crypto/sha1" // #nosec
-	"encoding/hex"
-	"os"
-
-	"k8s.io/klog/v2"
-)
-
-// SHA1 returns the SHA1 of a file.
-func SHA1(filename string) string {
-	hasher := sha1.New() // #nosec
-	s, err := os.ReadFile(filename)
-	if err != nil {
-		klog.ErrorS(err, "Error reading file", "path", filename)
-		return ""
-	}
-
-	hasher.Write(s)
-	return hex.EncodeToString(hasher.Sum(nil))
-}
--- a/internal/file/file_test.go
+++ b/internal/file/file_test.go
@ -1,53 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package file
-
-import (
-	"os"
-	"testing"
-)
-
-func TestSHA1(t *testing.T) {
-	tests := []struct {
-		content []byte
-		sha     string
-	}{
-		{[]byte(""), "da39a3ee5e6b4b0d3255bfef95601890afd80709"},
-		{[]byte("hello world"), "2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"},
-	}
-
-	for _, test := range tests {
-		f, err := os.CreateTemp("", "sha-test")
-		if err != nil {
-			t.Fatal(err)
-		}
-		f.Write(test.content)
-		f.Sync()
-
-		sha := SHA1(f.Name())
-		f.Close()
-
-		if sha != test.sha {
-			t.Fatalf("expected %v but returned %s", test.sha, sha)
-		}
-	}
-
-	sha := SHA1("")
-	if sha != "" {
-		t.Fatalf("expected an empty sha but returned %s", sha)
-	}
-}
--- a/internal/file/filesystem.go
+++ b/internal/file/filesystem.go
@ -1,20 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package file
-
-// ReadWriteByUser defines linux permission to read and write files for the owner user
-const ReadWriteByUser = 0700
--- a/internal/file/structure.go
+++ b/internal/file/structure.go
@ -1,63 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package file
-
-import (
-	"fmt"
-	"os"
-)
-
-const (
-	// AuthDirectory default directory used to store files
-	// to authenticate request
-	AuthDirectory = "/etc/ingress-controller/auth"
-
-	// DefaultSSLDirectory defines the location where the SSL certificates will be generated
-	// This directory contains all the SSL certificates that are specified in Ingress rules.
-	// The name of each file is <namespace>-<secret name>.pem. The content is the concatenated
-	// certificate and key.
-	DefaultSSLDirectory = "/etc/ingress-controller/ssl"
-)
-
-var (
-	directories = []string{
-		DefaultSSLDirectory,
-		AuthDirectory,
-	}
-)
-
-// CreateRequiredDirectories verifies if the required directories to
-// start the ingress controller exist and creates the missing ones.
-func CreateRequiredDirectories() error {
-	for _, directory := range directories {
-		_, err := os.Stat(directory)
-		if err != nil {
-			if os.IsNotExist(err) {
-				err = os.MkdirAll(directory, ReadWriteByUser)
-				if err != nil {
-					return fmt.Errorf("creating directory %s: %w", directory, err)
-				}
-
-				continue
-			}
-
-			return fmt.Errorf("checking directory %s: %w", directory, err)
-		}
-	}
-
-	return nil
-}
--- a/internal/ingress/annotations/auth/main.go
+++ b/internal/ingress/annotations/auth/main.go
@ -26,10 +26,10 @@ import (
 	networking "k8s.io/api/networking/v1"
 	"k8s.io/client-go/tools/cache"

-	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
 	ing_errors "k8s.io/ingress-nginx/internal/ingress/errors"
 	"k8s.io/ingress-nginx/internal/ingress/resolver"
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 var (
--- a/internal/ingress/controller/checker_test.go
+++ b/internal/ingress/controller/checker_test.go
@ -26,9 +26,9 @@ import (

 	"k8s.io/apiserver/pkg/server/healthz"

-	"k8s.io/ingress-nginx/internal/file"
 	ngx_config "k8s.io/ingress-nginx/internal/ingress/controller/config"
 	"k8s.io/ingress-nginx/internal/nginx"
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 func TestNginxCheck(t *testing.T) {
--- a/internal/ingress/controller/config/config.go
+++ b/internal/ingress/controller/config/config.go
@ -26,7 +26,7 @@ import (

 	"k8s.io/ingress-nginx/internal/ingress"
 	"k8s.io/ingress-nginx/internal/ingress/defaults"
-	"k8s.io/ingress-nginx/internal/runtime"
+	"k8s.io/ingress-nginx/pkg/util/runtime"
 )

 var (
--- a/internal/ingress/controller/controller_test.go
+++ b/internal/ingress/controller/controller_test.go
@ -39,8 +39,8 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/client-go/kubernetes/fake"

-	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
+
 	"k8s.io/ingress-nginx/internal/ingress/annotations"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/canary"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ipwhitelist"
@ -56,6 +56,8 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/resolver"
 	"k8s.io/ingress-nginx/internal/k8s"
 	"k8s.io/ingress-nginx/internal/net/ssl"
+
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 type fakeIngressStore struct {
--- a/internal/ingress/controller/nginx.go
+++ b/internal/ingress/controller/nginx.go
@ -44,10 +44,8 @@ import (
 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/flowcontrol"
-	"k8s.io/klog/v2"

 	adm_controller "k8s.io/ingress-nginx/internal/admission/controller"
-	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
 	ngx_config "k8s.io/ingress-nginx/internal/ingress/controller/config"
 	"k8s.io/ingress-nginx/internal/ingress/controller/process"
@ -61,6 +59,9 @@ import (
 	"k8s.io/ingress-nginx/internal/nginx"
 	"k8s.io/ingress-nginx/internal/task"
 	"k8s.io/ingress-nginx/internal/watch"
+
+	"k8s.io/ingress-nginx/pkg/util/file"
+	klog "k8s.io/klog/v2"
 )

 const (
--- a/internal/ingress/controller/store/backend_ssl.go
+++ b/internal/ingress/controller/store/backend_ssl.go
@ -20,15 +20,17 @@ import (
 	"fmt"
 	"strings"

-	"k8s.io/klog/v2"
-
 	apiv1 "k8s.io/api/core/v1"
 	networking "k8s.io/api/networking/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

-	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
+
+	klog "k8s.io/klog/v2"
+
 	"k8s.io/ingress-nginx/internal/net/ssl"
+
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 // syncSecret synchronizes the content of a TLS Secret (certificate(s), secret
--- a/internal/ingress/controller/store/store.go
+++ b/internal/ingress/controller/store/store.go
@ -43,9 +43,11 @@ import (
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/ingress-nginx/internal/ingress/inspector"
-	"k8s.io/klog/v2"

-	"k8s.io/ingress-nginx/internal/file"
+	"k8s.io/ingress-nginx/internal/nginx"
+	"k8s.io/ingress-nginx/pkg/util/file"
+	klog "k8s.io/klog/v2"
+
 	"k8s.io/ingress-nginx/internal/ingress"
 	"k8s.io/ingress-nginx/internal/ingress/annotations"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
@ -56,7 +58,6 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/errors"
 	"k8s.io/ingress-nginx/internal/ingress/resolver"
 	"k8s.io/ingress-nginx/internal/k8s"
-	"k8s.io/ingress-nginx/internal/nginx"
 )

 // IngressFilterFunc decides if an Ingress should be omitted or not
--- a/internal/ingress/controller/template/configmap.go
+++ b/internal/ingress/controller/template/configmap.go
@ -34,7 +34,7 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
 	"k8s.io/ingress-nginx/internal/ingress/controller/config"
 	ing_net "k8s.io/ingress-nginx/internal/net"
-	"k8s.io/ingress-nginx/internal/runtime"
+	"k8s.io/ingress-nginx/pkg/util/runtime"
 )

 const (
--- a/internal/net/dns/dns_test.go
+++ b/internal/net/dns/dns_test.go
@ -21,7 +21,7 @@ import (
 	"os"
 	"testing"

-	"k8s.io/ingress-nginx/internal/file"
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 func TestGetDNSServers(t *testing.T) {
--- a/internal/net/ssl/ssl.go
+++ b/internal/net/ssl/ssl.go
@ -39,11 +39,14 @@ import (

 	"github.com/zakjan/cert-chain-resolver/certUtil"
 	"k8s.io/apimachinery/pkg/util/sets"
-	"k8s.io/ingress-nginx/internal/file"
+
 	"k8s.io/ingress-nginx/internal/ingress"
+
 	ngx_config "k8s.io/ingress-nginx/internal/ingress/controller/config"
 	"k8s.io/ingress-nginx/internal/watch"
-	"k8s.io/klog/v2"
+
+	"k8s.io/ingress-nginx/pkg/util/file"
+	klog "k8s.io/klog/v2"
 )

 // FakeSSLCertificateUID defines the default UID to use for the fake SSL
--- a/internal/net/ssl/ssl_test.go
+++ b/internal/net/ssl/ssl_test.go
@ -39,7 +39,7 @@ import (
 	"time"

 	certutil "k8s.io/client-go/util/cert"
-	"k8s.io/ingress-nginx/internal/file"
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 // generateRSACerts generates a self signed certificate using a self generated ca
--- a/internal/runtime/cpu_linux.go
+++ b/internal/runtime/cpu_linux.go
@ -1,67 +0,0 @@
-//go:build linux
-// +build linux
-
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package runtime
-
-import (
-	"math"
-	"os"
-	"path/filepath"
-	"runtime"
-	"strconv"
-	"strings"
-
-	libcontainercgroups "github.com/opencontainers/runc/libcontainer/cgroups"
-)
-
-// NumCPU returns the number of logical CPUs usable by the current process.
-// If CPU cgroups limits are configured, use cfs_quota_us / cfs_period_us
-// as formula
-//  https://www.kernel.org/doc/Documentation/scheduler/sched-bwc.txt
-func NumCPU() int {
-	cpus := runtime.NumCPU()
-
-	cgroupPath, err := libcontainercgroups.FindCgroupMountpoint("", "cpu")
-	if err != nil {
-		return cpus
-	}
-
-	cpuQuota := readCgroupFileToInt64(cgroupPath, "cpu.cfs_quota_us")
-	cpuPeriod := readCgroupFileToInt64(cgroupPath, "cpu.cfs_period_us")
-
-	if cpuQuota == -1 || cpuPeriod == -1 {
-		return cpus
-	}
-
-	return int(math.Ceil(float64(cpuQuota) / float64(cpuPeriod)))
-}
-
-func readCgroupFileToInt64(cgroupPath, cgroupFile string) int64 {
-	contents, err := os.ReadFile(filepath.Join(cgroupPath, cgroupFile))
-	if err != nil {
-		return -1
-	}
-
-	strValue := strings.TrimSpace(string(contents))
-	if value, err := strconv.ParseInt(strValue, 10, 64); err == nil {
-		return value
-	}
-
-	return -1
-}
--- a/internal/runtime/cpu_notlinux.go
+++ b/internal/runtime/cpu_notlinux.go
@ -1,29 +0,0 @@
-//go:build !linux
-// +build !linux
-
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package runtime
-
-import (
-	"runtime"
-)
-
-// NumCPU ...
-func NumCPU() int {
-	return runtime.NumCPU()
-}
--- a/internal/watch/file_watcher_test.go
+++ b/internal/watch/file_watcher_test.go
@ -23,7 +23,7 @@ import (
 	"testing"
 	"time"

-	"k8s.io/ingress-nginx/internal/file"
+	"k8s.io/ingress-nginx/pkg/util/file"
 )

 func prepareTimeout() chan bool {