Drop v1beta1 from ingress nginx (#7156)

* Drop v1beta1 from ingress nginx Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix intorstr logic in controller Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * fixing admission Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * more intorstr fixing * correct template rendering Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix e2e tests for v1 api Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Fix gofmt errors * This is finally working...almost there... Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@gmail.com> * Re-add removed validation of AdmissionReview
2021-06-23 18:20:10 -03:00 · 2021-06-23 18:20:10 -03:00 · 78afe7e389
commit 78afe7e389
parent a8408cdb51
159 changed files with 1217 additions and 1008 deletions
--- a/internal/admission/controller/convert.go
+++ b/internal/admission/controller/convert.go
@ -1,90 +0,0 @@
-/*
-Copyright 2020 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package controller
-
-import (
-	"unsafe"
-
-	admissionv1 "k8s.io/api/admission/v1"
-	admissionv1beta1 "k8s.io/api/admission/v1beta1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/types"
-)
-
-// these conversions are copied from https://github.com/kubernetes/kubernetes/blob/4db3a096ce8ac730b2280494422e1c4cf5fe875e/pkg/apis/admission/v1beta1/zz_generated.conversion.go
-// to avoid copying in kubernetes/kubernetes
-// they are sightly modified to remove complexity
-
-func convertV1beta1AdmissionReviewToAdmissionAdmissionReview(in *admissionv1beta1.AdmissionReview, out *admissionv1.AdmissionReview) {
-	if in.Request != nil {
-		if out.Request == nil {
-			out.Request = &admissionv1.AdmissionRequest{}
-		}
-		in, out := &in.Request, &out.Request
-		*out = new(admissionv1.AdmissionRequest)
-		convertV1beta1AdmissionRequestToAdmissionAdmissionRequest(*in, *out)
-	} else {
-		out.Request = nil
-	}
-	out.Response = (*admissionv1.AdmissionResponse)(unsafe.Pointer(in.Response)) // #nosec
-}
-
-func convertV1beta1AdmissionRequestToAdmissionAdmissionRequest(in *admissionv1beta1.AdmissionRequest, out *admissionv1.AdmissionRequest) {
-	out.UID = types.UID(in.UID)
-	out.Kind = in.Kind
-	out.Resource = in.Resource
-	out.SubResource = in.SubResource
-	out.RequestKind = (*metav1.GroupVersionKind)(unsafe.Pointer(in.RequestKind))             // #nosec
-	out.RequestResource = (*metav1.GroupVersionResource)(unsafe.Pointer(in.RequestResource)) // #nosec
-	out.RequestSubResource = in.RequestSubResource
-	out.Name = in.Name
-	out.Namespace = in.Namespace
-	out.Operation = admissionv1.Operation(in.Operation)
-	out.Object = in.Object
-	out.OldObject = in.OldObject
-	out.Options = in.Options
-}
-
-func convertAdmissionAdmissionReviewToV1beta1AdmissionReview(in *admissionv1.AdmissionReview, out *admissionv1beta1.AdmissionReview) {
-	if in.Request != nil {
-		if out.Request == nil {
-			out.Request = &admissionv1beta1.AdmissionRequest{}
-		}
-		in, out := &in.Request, &out.Request
-		*out = new(admissionv1beta1.AdmissionRequest)
-		convertAdmissionAdmissionRequestToV1beta1AdmissionRequest(*in, *out)
-	} else {
-		out.Request = nil
-	}
-	out.Response = (*admissionv1beta1.AdmissionResponse)(unsafe.Pointer(in.Response)) // #nosec
-}
-
-func convertAdmissionAdmissionRequestToV1beta1AdmissionRequest(in *admissionv1.AdmissionRequest, out *admissionv1beta1.AdmissionRequest) {
-	out.UID = types.UID(in.UID)
-	out.Kind = in.Kind
-	out.Resource = in.Resource
-	out.SubResource = in.SubResource
-	out.RequestKind = (*metav1.GroupVersionKind)(unsafe.Pointer(in.RequestKind))             // #nosec
-	out.RequestResource = (*metav1.GroupVersionResource)(unsafe.Pointer(in.RequestResource)) // #nosec
-	out.RequestSubResource = in.RequestSubResource
-	out.Name = in.Name
-	out.Namespace = in.Namespace
-	out.Operation = admissionv1beta1.Operation(in.Operation)
-	out.Object = in.Object
-	out.OldObject = in.OldObject
-	out.Options = in.Options
-}
--- a/internal/admission/controller/main.go
+++ b/internal/admission/controller/main.go
@ -21,12 +21,10 @@ import (
 	"net/http"

 	admissionv1 "k8s.io/api/admission/v1"
-	admissionv1beta1 "k8s.io/api/admission/v1beta1"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	apiequality "k8s.io/apimachinery/pkg/api/equality"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	"k8s.io/klog/v2"
 )
@ -46,7 +44,7 @@ type IngressAdmission struct {
 var (
 	ingressResource = metav1.GroupVersionKind{
 		Group:   networking.GroupName,
-		Version: "v1beta1",
+		Version: "v1",
 		Kind:    "Ingress",
 	}
 )
@ -55,19 +53,10 @@ var (
 // with Allowed=false if the Object is an ingress that would prevent nginx to reload the configuration
 // with Allowed=true otherwise
 func (ia *IngressAdmission) HandleAdmission(obj runtime.Object) (runtime.Object, error) {
-	outputVersion := admissionv1.SchemeGroupVersion

 	review, isV1 := obj.(*admissionv1.AdmissionReview)
-
 	if !isV1 {
-		outputVersion = admissionv1beta1.SchemeGroupVersion
-		reviewv1beta1, isv1beta1 := obj.(*admissionv1beta1.AdmissionReview)
-		if !isv1beta1 {
-			return nil, fmt.Errorf("request is not of type AdmissionReview v1 or v1beta1")
-		}
-
-		review = &admissionv1.AdmissionReview{}
-		convertV1beta1AdmissionReviewToAdmissionAdmissionReview(reviewv1beta1, review)
+		return nil, fmt.Errorf("request is not of type AdmissionReview v1 or v1beta1")
 	}

 	if !apiequality.Semantic.DeepEqual(review.Request.Kind, ingressResource) {
@ -94,7 +83,7 @@ func (ia *IngressAdmission) HandleAdmission(obj runtime.Object) (runtime.Object,
 		}

 		review.Response = status
-		return convertResponse(review, outputVersion), nil
+		return review, nil
 	}

 	if err := ia.Checker.CheckIngress(&ingress); err != nil {
@ -106,24 +95,12 @@ func (ia *IngressAdmission) HandleAdmission(obj runtime.Object) (runtime.Object,
 		}

 		review.Response = status
-		return convertResponse(review, outputVersion), nil
+		return review, nil
 	}

 	klog.InfoS("successfully validated configuration, accepting", "ingress", fmt.Sprintf("%v/%v", review.Request.Name, review.Request.Namespace))
 	status.Allowed = true
 	review.Response = status

-	return convertResponse(review, outputVersion), nil
-}
-
-func convertResponse(review *admissionv1.AdmissionReview, outputVersion schema.GroupVersion) runtime.Object {
-	// reply v1
-	if outputVersion.Version == admissionv1.SchemeGroupVersion.Version {
-		return review
-	}
-
-	// reply v1beta1
-	reviewv1beta1 := &admissionv1beta1.AdmissionReview{}
-	convertAdmissionAdmissionReviewToV1beta1AdmissionReview(review, reviewv1beta1)
-	return review
+	return review, nil
 }
--- a/internal/admission/controller/main_test.go
+++ b/internal/admission/controller/main_test.go
@ -21,7 +21,7 @@ import (
 	"testing"

 	admissionv1 "k8s.io/api/admission/v1"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/json"
@ -71,7 +71,7 @@ func TestHandleAdmission(t *testing.T) {

 	result, err = adm.HandleAdmission(&admissionv1.AdmissionReview{
 		Request: &admissionv1.AdmissionRequest{
-			Kind: v1.GroupVersionKind{Group: networking.GroupName, Version: "v1beta1", Kind: "Ingress"},
+			Kind: v1.GroupVersionKind{Group: networking.GroupName, Version: "v1", Kind: "Ingress"},
 			Object: runtime.RawExtension{
 				Raw: []byte{0xff},
 			},
--- a/internal/admission/controller/server.go
+++ b/internal/admission/controller/server.go
@ -21,7 +21,6 @@ import (
 	"net/http"

 	admissionv1 "k8s.io/api/admission/v1"
-	admissionv1beta1 "k8s.io/api/admission/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	"k8s.io/klog/v2"
@ -32,7 +31,6 @@ var (
 )

 func init() {
-	admissionv1beta1.AddToScheme(scheme)
 	admissionv1.AddToScheme(scheme)
 }