DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update go dependencies

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2019-02-09 19:03:51 -03:00
parent 5c4854b537
commit bfb7f61936
26 changed files with 1326 additions and 190 deletions
Download patch file Download diff file Expand all files Collapse all files

5
vendor/k8s.io/client-go/.travis.yml generated vendored
View file

@ -3,8 +3,7 @@ language: go
go_import_path: k8s.io/client-go
go:
- 1.11.1
- 1.11.2
script:
- if [ "$TRAVIS_BRANCH" != "master" ]; then godep restore; fi
- go build ./...
- go build ./...

108
vendor/k8s.io/client-go/CHANGELOG.md generated vendored
View file

@ -5,6 +5,114 @@ https://github.com/kubernetes/test-infra/issues/5843.
Changes in `k8s.io/api` and `k8s.io/apimachinery` are mentioned here
because `k8s.io/client-go` depends on them.
# v10.0.0
**Breaking Changes:**
* Action required: client-go will no longer have bootstrap
(`k8s.io/client-go/tools/bootstrap`) related code. Any reference to it will
break. Please redirect all references to `k8s.io/bootstrap` instead.
([#67356](https://github.com/kubernetes/kubernetes/pull/67356))
* The methods `NewSelfSignedCACert` and `NewSignedCert` now use `crypto.Signer`
interface instead of `rsa.PrivateKey` for certificate creation. This is done
to allow different kind of private keys (for example: ecdsa).
([#69329](https://github.com/kubernetes/kubernetes/pull/69329))
* `GetScale` and `UpdateScale` methods have been added for `apps/v1` clients
and with this, no-verb scale clients have been removed.
([#70437](https://github.com/kubernetes/kubernetes/pull/70437))
* `k8s.io/client-go/util/cert/triple` package has been removed.
([#70966](https://github.com/kubernetes/kubernetes/pull/70966))
**New Features:**
* `unfinished_work_microseconds` is added to the workqueue metrics.
It can be used to detect stuck worker threads (kube-controller-manager runs many workqueues.).
([#70884](https://github.com/kubernetes/kubernetes/pull/70884))
* A method `GetPorts` is added to expose the ports that were forwarded.
This can be used to retrieve the locally-bound port in cases where the input was port 0.
([#67513](https://github.com/kubernetes/kubernetes/pull/67513))
* Dynamic listers and informers, that work with `runtime.Unstructured` objects,
are added. These are useful for writing generic, non-generated controllers.
([68748](https://github.com/kubernetes/kubernetes/pull/68748))
* The dynamic fake client now supports JSONPatch.
([#69330](https://github.com/kubernetes/kubernetes/pull/69330))
* The `GetBinding` method is added for pods in the fake client.
([#69412](https://github.com/kubernetes/kubernetes/pull/69412))
**Bug fixes and Improvements:**
* The `apiVersion` and action name values for fake evictions are now set.
([#69035](https://github.com/kubernetes/kubernetes/pull/69035))
* PEM files containing both TLS certificate and key can now be parsed in
arbitrary order. Previously key was always required to be first.
([#69536](https://github.com/kubernetes/kubernetes/pull/69536))
* Go clients created from a kubeconfig that specifies a `TokenFile` now
periodically reload the token from the specified file.
([#70606](https://github.com/kubernetes/kubernetes/pull/70606))
* It is now ensured that oversized data frames are not written to
spdystreams in `remotecommand.NewSPDYExecutor`.
([#70999](https://github.com/kubernetes/kubernetes/pull/70999))
* A panic occuring on calling `scheme.Convert` is fixed by populating the fake
dynamic client scheme. ([#69125](https://github.com/kubernetes/kubernetes/pull/69125))
* Add step to correctly setup permissions for the in-cluster-client-configuration example.
([#69232](https://github.com/kubernetes/kubernetes/pull/69232))
* The function `Parallelize` is deprecated. Use `ParallelizeUntil` instead.
([#68403](https://github.com/kubernetes/kubernetes/pull/68403))
* [k8s.io/apimachinery] Restrict redirect following from the apiserver to
same-host redirects, and ignore redirects in some cases.
([#66516](https://github.com/kubernetes/kubernetes/pull/66516))
## API changes
**New Features:**
* GlusterFS PersistentVolumes sources can now reference endpoints in any
namespace using the `spec.glusterfs.endpointsNamespace` field.
Ensure all kubelets are upgraded to 1.13+ before using this capability.
([#60195](https://github.com/kubernetes/kubernetes/pull/60195))
* The [dynamic audit configuration](https://github.com/kubernetes/community/blob/master/keps/sig-auth/0014-dynamic-audit-configuration.md)
API is added. ([#67547](https://github.com/kubernetes/kubernetes/pull/67547))
* A new field `EnableServiceLinks` is added to the `PodSpec` to indicate whether
information about services should be injected into pod's environment variables.
([#68754](https://github.com/kubernetes/kubernetes/pull/68754))
* `CSIPersistentVolume` feature, i.e. `PersistentVolumes` with
`CSIPersistentVolumeSource`, is GA. `CSIPersistentVolume` feature gate is now
deprecated and will be removed according to deprecation policy.
([#69929](https://github.com/kubernetes/kubernetes/pull/69929))
* Raw block volume support is promoted to beta, and enabled by default.
This is accessible via the `volumeDevices` container field in pod specs,
and the `volumeMode` field in persistent volume and persistent volume claims definitions.
([#71167](https://github.com/kubernetes/kubernetes/pull/71167))
**Bug fixes and Improvements:**
* The default value of extensions/v1beta1 Deployment's `RevisionHistoryLimit`
is set to `MaxInt32`. ([#66605](https://github.com/kubernetes/kubernetes/pull/66605))
* `procMount` field is no longer incorrectly marked as required in openapi schema.
([#69694](https://github.com/kubernetes/kubernetes/pull/69694))
* The caBundle and service fields in admission webhook API objects now correctly
indicate they are optional. ([#70138](https://github.com/kubernetes/kubernetes/pull/70138))
# v9.0.0
**Breaking Changes:**

25
vendor/k8s.io/client-go/README.md generated vendored
View file

@ -2,7 +2,7 @@
Go clients for talking to a [kubernetes](http://kubernetes.io/) cluster.
We currently recommend using the v9.0.0 tag. See [INSTALL.md](/INSTALL.md) for
We currently recommend using the v10.0.0 tag. See [INSTALL.md](/INSTALL.md) for
detailed installation instructions. `go get k8s.io/client-go/...` works, but
will build `master`, which doesn't handle the dependencies well.
@ -91,16 +91,16 @@ We will backport bugfixes--but not new features--into older versions of
#### Compatibility matrix
| | Kubernetes 1.6 | Kubernetes 1.7 | Kubernetes 1.8 | Kubernetes 1.9 | Kubernetes 1.10 | Kubernetes 1.11 | Kubernetes 1.12 |
|---------------------|----------------|----------------|----------------|----------------|-----------------|-----------------|-----------------|
| client-go 3.0 | ✓ | - | +- | +- | +- | +- | +- |
| client-go 4.0 | +- | ✓ | +- | +- | +- | +- | +- |
| client-go 5.0 | +- | +- | ✓ | +- | +- | +- | +- |
| client-go 6.0 | +- | +- | +- | ✓ | +- | +- | +- |
| client-go 7.0 | +- | +- | +- | +- | ✓ | +- | +- |
| client-go 8.0 | +- | +- | +- | +- | +- | ✓ | +- |
| client-go 9.0 | +- | +- | +- | +- | +- | +- | ✓ |
| client-go HEAD | +- | +- | +- | +- | +- | +- | +- |
| | Kubernetes 1.7 | Kubernetes 1.8 | Kubernetes 1.9 | Kubernetes 1.10 | Kubernetes 1.11 | Kubernetes 1.12 | Kubernetes 1.13 |
|---------------------|----------------|----------------|----------------|-----------------|-----------------|-----------------|-----------------|
| client-go 4.0 | ✓ | +- | +- | +- | +- | +- | +- |
| client-go 5.0 | +- | ✓ | +- | +- | +- | +- | +- |
| client-go 6.0 | +- | +- | ✓ | +- | +- | +- | +- |
| client-go 7.0 | +- | +- | +- | ✓ | +- | +- | +- |
| client-go 8.0 | +- | +- | +- | +- | ✓ | +- | +- |
| client-go 9.0 | +- | +- | +- | +- | +- | ✓ | +- |
| client-go 10.0 | +- | +- | +- | +- | +- | +- | ✓ |
| client-go HEAD | +- | +- | +- | +- | +- | +- | +- |
Key:
@ -128,9 +128,10 @@ between client-go versions.
| client-go 4.0 | Kubernetes main repo, 1.7 branch | = - |
| client-go 5.0 | Kubernetes main repo, 1.8 branch | = - |
| client-go 6.0 | Kubernetes main repo, 1.9 branch | = - |
| client-go 7.0 | Kubernetes main repo, 1.10 branch | |
| client-go 7.0 | Kubernetes main repo, 1.10 branch | = - |
| client-go 8.0 | Kubernetes main repo, 1.11 branch | ✓ |
| client-go 9.0 | Kubernetes main repo, 1.12 branch | ✓ |
| client-go 10.0 | Kubernetes main repo, 1.13 branch | ✓ |
| client-go HEAD | Kubernetes main repo, master branch | ✓ |
Key:

26
vendor/k8s.io/client-go/rest/config.go generated vendored
View file

@ -70,6 +70,11 @@ type Config struct {
// TODO: demonstrate an OAuth2 compatible client.
BearerToken string
// Path to a file containing a BearerToken.
// If set, the contents are periodically read.
// The last successfully read value takes precedence over BearerToken.
BearerTokenFile string
// Impersonate is the configuration that RESTClient will use for impersonation.
Impersonate ImpersonationConfig
@ -322,9 +327,8 @@ func InClusterConfig() (*Config, error) {
return nil, ErrNotInCluster
}
ts := NewCachedFileTokenSource(tokenFile)
if _, err := ts.Token(); err != nil {
token, err := ioutil.ReadFile(tokenFile)
if err != nil {
return nil, err
}
@ -340,7 +344,8 @@ func InClusterConfig() (*Config, error) {
// TODO: switch to using cluster DNS.
Host: "https://" + net.JoinHostPort(host, port),
TLSClientConfig: tlsClientConfig,
WrapTransport: TokenSourceWrapTransport(ts),
BearerToken: string(token),
BearerTokenFile: tokenFile,
}, nil
}
@ -430,12 +435,13 @@ func AnonymousClientConfig(config *Config) *Config {
// CopyConfig returns a copy of the given config
func CopyConfig(config *Config) *Config {
return &Config{
Host: config.Host,
APIPath: config.APIPath,
ContentConfig: config.ContentConfig,
Username: config.Username,
Password: config.Password,
BearerToken: config.BearerToken,
Host: config.Host,
APIPath: config.APIPath,
ContentConfig: config.ContentConfig,
Username: config.Username,
Password: config.Password,
BearerToken: config.BearerToken,
BearerTokenFile: config.BearerTokenFile,
Impersonate: ImpersonationConfig{
Groups: config.Impersonate.Groups,
Extra: config.Impersonate.Extra,

7
vendor/k8s.io/client-go/tools/clientcmd/client_config.go generated vendored
View file

@ -229,11 +229,12 @@ func (config *DirectClientConfig) getUserIdentificationPartialConfig(configAuthI
if len(configAuthInfo.Token) > 0 {
mergedConfig.BearerToken = configAuthInfo.Token
} else if len(configAuthInfo.TokenFile) > 0 {
ts := restclient.NewCachedFileTokenSource(configAuthInfo.TokenFile)
if _, err := ts.Token(); err != nil {
tokenBytes, err := ioutil.ReadFile(configAuthInfo.TokenFile)
if err != nil {
return nil, err
}
mergedConfig.WrapTransport = restclient.TokenSourceWrapTransport(ts)
mergedConfig.BearerToken = string(tokenBytes)
mergedConfig.BearerTokenFile = configAuthInfo.TokenFile
}
if len(configAuthInfo.Impersonate) > 0 {
mergedConfig.Impersonate = restclient.ImpersonationConfig{

7
vendor/k8s.io/client-go/transport/config.go generated vendored
View file

@ -39,6 +39,11 @@ type Config struct {
// Bearer token for authentication
BearerToken string
// Path to a file containing a BearerToken.
// If set, the contents are periodically read.
// The last successfully read value takes precedence over BearerToken.
BearerTokenFile string
// Impersonate is the config that this Config will impersonate using
Impersonate ImpersonationConfig
@ -80,7 +85,7 @@ func (c *Config) HasBasicAuth() bool {
// HasTokenAuth returns whether the configuration has token authentication or not.
func (c *Config) HasTokenAuth() bool {
return len(c.BearerToken) != 0
return len(c.BearerToken) != 0 || len(c.BearerTokenFile) != 0
}
// HasCertAuth returns whether the configuration has certificate authentication or not.

39
vendor/k8s.io/client-go/transport/round_trippers.go generated vendored
View file

@ -22,6 +22,7 @@ import (
"strings"
"time"
"golang.org/x/oauth2"
"k8s.io/klog"
utilnet "k8s.io/apimachinery/pkg/util/net"
@ -44,7 +45,11 @@ func HTTPWrappersForConfig(config *Config, rt http.RoundTripper) (http.RoundTrip
case config.HasBasicAuth() && config.HasTokenAuth():
return nil, fmt.Errorf("username/password or bearer token may be set, but not both")
case config.HasTokenAuth():
rt = NewBearerAuthRoundTripper(config.BearerToken, rt)
var err error
rt, err = NewBearerAuthWithRefreshRoundTripper(config.BearerToken, config.BearerTokenFile, rt)
if err != nil {
return nil, err
}
case config.HasBasicAuth():
rt = NewBasicAuthRoundTripper(config.Username, config.Password, rt)
}
@ -265,13 +270,35 @@ func (rt *impersonatingRoundTripper) WrappedRoundTripper() http.RoundTripper { r
type bearerAuthRoundTripper struct {
bearer string
source oauth2.TokenSource
rt http.RoundTripper
}
// NewBearerAuthRoundTripper adds the provided bearer token to a request
// unless the authorization header has already been set.
func NewBearerAuthRoundTripper(bearer string, rt http.RoundTripper) http.RoundTripper {
return &bearerAuthRoundTripper{bearer, rt}
return &bearerAuthRoundTripper{bearer, nil, rt}
}
// NewBearerAuthRoundTripper adds the provided bearer token to a request
// unless the authorization header has already been set.
// If tokenFile is non-empty, it is periodically read,
// and the last successfully read content is used as the bearer token.
// If tokenFile is non-empty and bearer is empty, the tokenFile is read
// immediately to populate the initial bearer token.
func NewBearerAuthWithRefreshRoundTripper(bearer string, tokenFile string, rt http.RoundTripper) (http.RoundTripper, error) {
if len(tokenFile) == 0 {
return &bearerAuthRoundTripper{bearer, nil, rt}, nil
}
source := NewCachedFileTokenSource(tokenFile)
if len(bearer) == 0 {
token, err := source.Token()
if err != nil {
return nil, err
}
bearer = token.AccessToken
}
return &bearerAuthRoundTripper{bearer, source, rt}, nil
}
func (rt *bearerAuthRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
@ -280,7 +307,13 @@ func (rt *bearerAuthRoundTripper) RoundTrip(req *http.Request) (*http.Response,
}
req = utilnet.CloneRequest(req)
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", rt.bearer))
token := rt.bearer
if rt.source != nil {
if refreshedToken, err := rt.source.Token(); err == nil {
token = refreshedToken.AccessToken
}
}
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))
return rt.rt.RoundTrip(req)
}

14
vendor/k8s.io/client-go/rest/token_source.go → vendor/k8s.io/client-go/transport/token_source.go generated vendored
View file

@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
package rest
package transport
import (
"fmt"
@ -47,14 +47,14 @@ func TokenSourceWrapTransport(ts oauth2.TokenSource) func(http.RoundTripper) htt
func NewCachedFileTokenSource(path string) oauth2.TokenSource {
return &cachingTokenSource{
now: time.Now,
leeway: 1 * time.Minute,
leeway: 10 * time.Second,
base: &fileTokenSource{
path: path,
// This period was picked because it is half of the minimum validity
// duration for a token provisioned by they TokenRequest API. This is
// unsophisticated and should induce rotation at a frequency that should
// work with the token volume source.
period: 5 * time.Minute,
// This period was picked because it is half of the duration between when the kubelet
// refreshes a projected service account token and when the original token expires.
// Default token lifetime is 10 minutes, and the kubelet starts refreshing at 80% of lifetime.
// This should induce re-reading at a frequency that works with the token volume source.
period: time.Minute,
},
}
}