Skip to content

Commit

Permalink
Upgrade k8s.io/* to v0.26.1, sigs.k8s.io/controller-runtime to …
Browse files Browse the repository at this point in the history 
…`v0.14.1` (#7248)

* Update `k8s.io/*` to `v0.26.0`

* Update `sigs.k8s.io/controller-runtime` to `v0.14.1`

* Set `RecoverPanic` globally for the manager of `controller-manager` controllers

* Set `RecoverPanic` globally for the manager of `gardenlet` controllers

* Set `RecoverPanic` globally for the manager of `operator` controllers

* Set `RecoverPanic` globally for the manager of `resource-manager` controllers

* Set `RecoverPanic` globally for the manager of `scheduler` controllers

* Set `RecoverPanic` globally in manager options for extension controllers

* Change RecoverPanic bool to bool pointer for other controllers

* Run `make generate`

* Set `AllowInvalidLabelValueInSelector` to true in LabelSelectorValidationOptions for backwards compatibility

See kubernetes/kubernetes#113699 for more details

* Drop `Not` predicate util function in favor of controller-runtime `predicate.Not`

* Drop `NewClientWithFieldSelectorSupport` function in favor of controller-runtime `WithIndex` function

kubernetes-sigs/controller-runtime/pull/2025

* Use `Build()` function for all controllers

* Use Subresource client for `shoots/binding` and drop generated clientset

* Use Subresource client for `shoots/adminkubeconfig` and drop generated clientset

* Use Status() client for Status

Ref: kubernetes-sigs/controller-runtime#2072

* Adapt unit tests with mock StatusWriter

* Add "ValidatingAdmissionPolicy" to default admission plugins

* Adapt changes related to removed fields in kube-proxy config

* Add unit test cases for "#IsAdmissionPluginSupported" function

* Update envtest version

* Return error from `informer.AddEventHandler`

* Copy onsi/gomega/format package also to gomegacheck testdata

* Address PR review feedback

* Vendor current `etcd-druid` master

* Use `builder.Watches()` wherever possible

* Call `etcdOptions.Complete()` for gardener apiserver config

etcd-encryption is supported out-of-the-box now.
ref: kubernetes/kubernetes#112789

* Use Subresource client for `serviceaccounts/token` wherever possible

* Update `ahmetb/gen-crd-api-reference-docs` to `0.3.0`

* Update `sigs.k8s.io/controller-tools` to `v0.11.0`

Update to `v0.11.1` once kubernetes/kubernetes/pull/114617 is released.
In k8s v0.26.0 the CRD generation is broken.

* Remove unneeded dependencies for `gardener-scheduler` from skaffold.yaml

* Hardcode `RecoverPanic` to true for extensions controller

* Use `k8s.io/apimachinery/pkg/util/sets` and drop copied packages

* Drop ready check for garden informer sync for gardenlet

Adding ready check to manager is not possible after it's started, since controller-runtime, `v0.11.0`. However the check was broken, and it is now fixed in kubernetes-sigs/controller-runtime#2090, so we have to drop this.

* Adapt `provider-local` webhook

* Address PR review feedback

* Fix panic in ManagedSeed controller

Contexts: from this PR, we're not setting RecoverPanic to true in tests

* Vendor `etcd-druid` `v0.15.3`

* Update `k8s.io/*` and `controller-runtime`

k8s.io/* - 0.26.0=>0.26.1
controller-tools - 0.11.0=>0.11.1

* Run `make generate`

* Rebase

* Address PR review feedback

* Fix failing test

* Adapt `highavailabilityconfig` webhook integration test

`autoscaling/v2beta2.HorizontalPodAutoscaler` is removed in v1.26.
Ref: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-26

* Use `apiutil.NewDynamicRESTMapper` for Manager cache in tests

Co-authored-by: Rafael Franzke <rafael.franzke@sap.com>

* Don't set `RecoverPanic` for os extensions in AddToManager

This is not required since we call `mgrOpts.Options()` here : https://github.com/gardener/gardener/blob/c9cb564d1adad0a1ecf9d44f23fb249bcf946a79/extensions/pkg/controller/operatingsystemconfig/oscommon/app/app.go#L88

* Truncate time in test to microsecond precision

Ref: kubernetes/kubernetes#111936

* Rebase

---------

Co-authored-by: Rafael Franzke <rafael.franzke@sap.com>
  • Loading branch information
@shafeeqes @rfranzke
shafeeqes and rfranzke committed Jan 31, 2023
1 parent 60e6bf2 commit 8d53342
Show file tree
Hide file tree
Showing 1,996 changed files with 180,306 additions and 47,212 deletions.
2 changes: 1 addition & 1 deletion charts/gardener/operator/templates/customresouredefintion.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: gardens.operator.gardener.cloud
spec:
Expand Down
11 changes: 2 additions & 9 deletions cmd/gardener-apiserver/app/gardener_apiserver.go
View file
Expand Up @@ -32,7 +32,6 @@ import (
"k8s.io/apiserver/pkg/quota/v1/generic"
genericapiserver "k8s.io/apiserver/pkg/server"
genericoptions "k8s.io/apiserver/pkg/server/options"
"k8s.io/apiserver/pkg/server/options/encryptionconfig"
"k8s.io/apiserver/pkg/server/resourceconfig"
serverstorage "k8s.io/apiserver/pkg/server/storage"
utilfeature "k8s.io/apiserver/pkg/util/feature"
Expand Down Expand Up @@ -425,14 +424,8 @@ func (o *Options) ApplyTo(config *apiserver.Config) error {
),
}

if len(o.Recommended.Etcd.EncryptionProviderConfigFilepath) != 0 {
transformerOverrides, err := encryptionconfig.GetTransformerOverrides(o.Recommended.Etcd.EncryptionProviderConfigFilepath)
if err != nil {
return err
}
for groupResource, transformer := range transformerOverrides {
storageFactory.SetTransformer(groupResource, transformer)
}
if err := o.Recommended.Etcd.Complete(config.GenericConfig.StorageObjectCountTracker, config.GenericConfig.DrainedNotify(), config.GenericConfig.AddPostStartHook); err != nil {
return err
}

return o.Recommended.Etcd.ApplyWithStorageFactoryTo(storageFactory, &gardenerAPIServerConfig.Config)
Expand Down
4 changes: 4 additions & 0 deletions cmd/gardener-controller-manager/app/app.go
View file
Expand Up @@ -30,6 +30,7 @@ import (
"k8s.io/klog/v2"
"k8s.io/utils/pointer"
"sigs.k8s.io/controller-runtime/pkg/client"
controllerconfigv1alpha1 "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1"
"sigs.k8s.io/controller-runtime/pkg/healthz"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"
Expand Down Expand Up @@ -138,6 +139,9 @@ func run(ctx context.Context, log logr.Logger, cfg *config.ControllerManagerConf
LeaseDuration: &cfg.LeaderElection.LeaseDuration.Duration,
RenewDeadline: &cfg.LeaderElection.RenewDeadline.Duration,
RetryPeriod: &cfg.LeaderElection.RetryPeriod.Duration,
Controller: controllerconfigv1alpha1.ControllerConfigurationSpec{
RecoverPanic: pointer.Bool(true),
},
})
if err != nil {
return err
Expand Down
15 changes: 10 additions & 5 deletions cmd/gardener-extension-provider-local/app/app.go
View file
Expand Up @@ -324,20 +324,25 @@ func (w *webhookTriggerer) Start(ctx context.Context) error {
return err
}

if err := w.trigger(ctx, w.client, w.client.Status(), &corev1.NodeList{}); err != nil {
if err := w.trigger(ctx, w.client, nil, w.client.Status(), &corev1.NodeList{}); err != nil {
return err
}

return w.trigger(ctx, w.client, w.client, &appsv1.DeploymentList{}, client.MatchingLabels{"app": "dependency-watchdog-probe"})
return w.trigger(ctx, w.client, w.client, nil, &appsv1.DeploymentList{}, client.MatchingLabels{"app": "dependency-watchdog-probe"})
}

func (w *webhookTriggerer) trigger(ctx context.Context, reader client.Reader, writer client.StatusWriter, objectList client.ObjectList, opts ...client.ListOption) error {
func (w *webhookTriggerer) trigger(ctx context.Context, reader client.Reader, writer client.Writer, statusWriter client.StatusWriter, objectList client.ObjectList, opts ...client.ListOption) error {
if err := reader.List(ctx, objectList, opts...); err != nil {
return err
}

return meta.EachListItem(objectList, func(obj runtime.Object) error {
object := obj.(client.Object)
return writer.Patch(ctx, object, client.RawPatch(types.StrategicMergePatchType, []byte("{}")))
switch object := obj.(type) {
case *appsv1.Deployment:
return writer.Patch(ctx, object, client.RawPatch(types.StrategicMergePatchType, []byte("{}")))
case *corev1.Node:
return statusWriter.Patch(ctx, object, client.RawPatch(types.StrategicMergePatchType, []byte("{}")))
}
return nil
})
}
4 changes: 4 additions & 0 deletions cmd/gardener-operator/app/app.go
View file
Expand Up @@ -32,6 +32,7 @@ import (
"k8s.io/utils/clock"
"k8s.io/utils/pointer"
"sigs.k8s.io/controller-runtime/pkg/client"
controllerconfigv1alpha1 "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1"
"sigs.k8s.io/controller-runtime/pkg/healthz"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"
Expand Down Expand Up @@ -139,6 +140,9 @@ func run(ctx context.Context, log logr.Logger, cfg *config.OperatorConfiguration
LeaseDuration: &cfg.LeaderElection.LeaseDuration.Duration,
RenewDeadline: &cfg.LeaderElection.RenewDeadline.Duration,
RetryPeriod: &cfg.LeaderElection.RetryPeriod.Duration,
Controller: controllerconfigv1alpha1.ControllerConfigurationSpec{
RecoverPanic: pointer.Bool(true),
},
})
if err != nil {
return err
Expand Down
4 changes: 4 additions & 0 deletions cmd/gardener-resource-manager/app/app.go
View file
Expand Up @@ -39,6 +39,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
"sigs.k8s.io/controller-runtime/pkg/cluster"
controllerconfigv1alpha1 "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1"
"sigs.k8s.io/controller-runtime/pkg/healthz"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"
Expand Down Expand Up @@ -157,6 +158,9 @@ func run(ctx context.Context, log logr.Logger, cfg *config.ResourceManagerConfig
LeaseDuration: &cfg.LeaderElection.LeaseDuration.Duration,
RenewDeadline: &cfg.LeaderElection.RenewDeadline.Duration,
RetryPeriod: &cfg.LeaderElection.RetryPeriod.Duration,
Controller: controllerconfigv1alpha1.ControllerConfigurationSpec{
RecoverPanic: pointer.Bool(true),
},
})
if err != nil {
return err
Expand Down
4 changes: 4 additions & 0 deletions cmd/gardener-scheduler/app/app.go
View file
Expand Up @@ -28,6 +28,7 @@ import (
"k8s.io/component-base/version/verflag"
"k8s.io/klog/v2"
"k8s.io/utils/pointer"
controllerconfigv1alpha1 "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1"
"sigs.k8s.io/controller-runtime/pkg/healthz"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"
Expand Down Expand Up @@ -125,6 +126,9 @@ func run(ctx context.Context, log logr.Logger, cfg *config.SchedulerConfiguratio
LeaseDuration: &cfg.LeaderElection.LeaseDuration.Duration,
RenewDeadline: &cfg.LeaderElection.RenewDeadline.Duration,
RetryPeriod: &cfg.LeaderElection.RetryPeriod.Duration,
Controller: controllerconfigv1alpha1.ControllerConfigurationSpec{
RecoverPanic: pointer.Bool(true),
},
})
if err != nil {
return err
Expand Down
9 changes: 4 additions & 5 deletions cmd/gardenlet/app/app.go
View file
Expand Up @@ -41,6 +41,7 @@ import (
"sigs.k8s.io/controller-runtime/pkg/cache"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/cluster"
controllerconfigv1alpha1 "sigs.k8s.io/controller-runtime/pkg/config/v1alpha1"
"sigs.k8s.io/controller-runtime/pkg/healthz"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"
Expand Down Expand Up @@ -160,6 +161,9 @@ func run(ctx context.Context, cancel context.CancelFunc, log logr.Logger, cfg *c
LeaseDuration: &cfg.LeaderElection.LeaseDuration.Duration,
RenewDeadline: &cfg.LeaderElection.RenewDeadline.Duration,
RetryPeriod: &cfg.LeaderElection.RetryPeriod.Duration,
Controller: controllerconfigv1alpha1.ControllerConfigurationSpec{
RecoverPanic: pointer.Bool(true),
},

ClientDisableCacheFor: []client.Object{
&corev1.Event{},
Expand Down Expand Up @@ -345,11 +349,6 @@ func (g *garden) Start(ctx context.Context) error {
return fmt.Errorf("failed creating garden cluster object: %w", err)
}

log.Info("Setting up ready check for garden informer sync")
if err := g.mgr.AddReadyzCheck("garden-informer-sync", gardenerhealthz.NewCacheSyncHealthz(gardenCluster.GetCache())); err != nil {
return err
}

log.Info("Cleaning bootstrap authentication data used to request a certificate if needed")
if len(g.kubeconfigBootstrapResult.CSRName) > 0 && len(g.kubeconfigBootstrapResult.SeedName) > 0 {
if err := bootstrap.DeleteBootstrapAuth(ctx, gardenCluster.GetClient(), gardenCluster.GetClient(), g.kubeconfigBootstrapResult.CSRName, g.kubeconfigBootstrapResult.SeedName); err != nil {
Expand Down
2 changes: 1 addition & 1 deletion example/operator/10-crd-operator.gardener.cloud_gardens.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: gardens.operator.gardener.cloud
spec:
Expand Down
2 changes: 1 addition & 1 deletion example/resource-manager/10-crd-resources.gardener.cloud_managedresources.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: managedresources.resources.gardener.cloud
spec:
Expand Down
6 changes: 3 additions & 3 deletions example/seed-crds/10-crd-autoscaling.k8s.io_hvpas.yaml
View file
Expand Up @@ -4,7 +4,7 @@ kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: unapproved, temporarily squatting
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: hvpas.autoscaling.k8s.io
spec:
Expand Down Expand Up @@ -458,7 +458,7 @@ spec:
type: string
kind:
description: 'Kind of the referent; More
info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"'
info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent; More
Expand Down Expand Up @@ -649,7 +649,7 @@ spec:
description: API version of the referent
type: string
kind:
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"'
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names'
Expand Down
2 changes: 1 addition & 1 deletion example/seed-crds/10-crd-druid.gardener.cloud_etcdcopybackupstasks.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: etcdcopybackupstasks.druid.gardener.cloud
spec:
Expand Down
77 changes: 73 additions & 4 deletions example/seed-crds/10-crd-druid.gardener.cloud_etcds.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: etcds.druid.gardener.cloud
spec:
Expand Down Expand Up @@ -54,6 +54,27 @@ spec:
description: 'CompactionResources defines compute Resources required
by compaction job. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
claims:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: Name must match the name of one entry in
pod.spec.resourceClaims of the Pod where this field
is used. It makes that resource available inside a
container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
Expand Down Expand Up @@ -177,6 +198,27 @@ spec:
description: 'Resources defines compute Resources required by
backup-restore container. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
claims:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: Name must match the name of one entry in
pod.spec.resourceClaims of the Pod where this field
is used. It makes that resource available inside a
container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
Expand Down Expand Up @@ -314,6 +356,12 @@ spec:
description: Annotations specify the annotations that should
be added to the client service
type: object
labels:
additionalProperties:
type: string
description: Labels specify the labels that should be added
to the client service
type: object
type: object
clientUrlTls:
description: ClientUrlTLS contains the ca, server TLS and client
Expand Down Expand Up @@ -456,6 +504,27 @@ spec:
description: 'Resources defines the compute Resources required
by etcd container. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
properties:
claims:
description: "Claims lists the names of resources, defined
in spec.resourceClaims, that are used by this container.
\n This is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable."
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: Name must match the name of one entry in
pod.spec.resourceClaims of the Pod where this field
is used. It makes that resource available inside a
container.
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
Expand Down Expand Up @@ -1492,7 +1561,7 @@ spec:
- Ignore: nodeAffinity/nodeSelector are ignored. All nodes
are included in the calculations. \n If this value is
nil, the behavior is equivalent to the Honor policy. This
is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread
is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread
feature flag."
type: string
nodeTaintsPolicy:
Expand All @@ -1502,8 +1571,8 @@ spec:
tainted nodes for which the incoming pod has a toleration,
are included. - Ignore: node taints are ignored. All nodes
are included. \n If this value is nil, the behavior is
equivalent to the Ignore policy. This is a alpha-level
feature enabled by the NodeInclusionPolicyInPodTopologySpread
equivalent to the Ignore policy. This is a beta-level
feature default enabled by the NodeInclusionPolicyInPodTopologySpread
feature flag."
type: string
topologyKey:
Expand Down
4 changes: 2 additions & 2 deletions example/seed-crds/10-crd-extensions.gardener.cloud_backupbuckets.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: backupbuckets.extensions.gardener.cloud
spec:
Expand Down Expand Up @@ -228,7 +228,7 @@ spec:
description: API version of the referent
type: string
kind:
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"'
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names'
Expand Down
4 changes: 2 additions & 2 deletions example/seed-crds/10-crd-extensions.gardener.cloud_backupentries.yaml
View file
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
name: backupentries.extensions.gardener.cloud
spec:
Expand Down Expand Up @@ -229,7 +229,7 @@ spec:
description: API version of the referent
type: string
kind:
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"'
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names'
Expand Down

0 comments on commit 8d53342

Please sign in to comment.