From ae6de5096fc9edd917813c64c718f7f55ac29e99 Mon Sep 17 00:00:00 2001 From: Angel Misevski Date: Fri, 30 Jul 2021 16:49:32 -0400 Subject: [PATCH] Update codebase to reflect later k8s APIs Prep code for supporting k8s 1.21: * Add context.Context parameter to Reconcile() functions [1] * Add RBAC get/create/update coordination.k8s.io/v1 Leases (replacing a configmap for leader election locks) [2] * Adapt event handler code to reflect simplification [3] * Adapt to apimachinery/pkg/runtime Log deprecation (replaced with pkg/client Log) [4] * client.Object is preferred in favor of runtime.Object (v0.7.0 release) [5] * Use admission/v1 instead of v1beta1 for webhook requests [6] [1] - https://github.com/kubernetes-sigs/controller-runtime/pull/1054 [2] - https://github.com/kubernetes-sigs/controller-runtime/pull/1144 [3] - https://github.com/kubernetes-sigs/controller-runtime/pull/1119 [4] - https://github.com/kubernetes-sigs/controller-runtime/pull/1105 [5] - https://github.com/kubernetes-sigs/controller-runtime/pull/898 https://github.com/kubernetes-sigs/controller-runtime/pull/1118 [6] - https://github.com/kubernetes-sigs/controller-runtime/pull/1284 https://github.com/kubernetes-sigs/controller-runtime/commit/a32b29d13265e87521ead29bed96d7fb44f57e1e Signed-off-by: Angel Misevski --- .../devworkspacerouting_controller.go | 4 +--- controllers/workspace/devworkspace_controller.go | 13 ++++++------- pkg/library/flatten/internal/testutil/k8sClient.go | 3 +-- pkg/provision/workspace/object.go | 8 ++++---- pkg/provision/workspace/rbac.go | 5 ++--- pkg/webhook/kubernetes/tls.go | 2 +- pkg/webhook/openshift/tls.go | 2 +- test/e2e/pkg/client/pod.go | 2 +- webhook/server/server.go | 2 +- webhook/workspace/handler/log.go | 2 +- webhook/workspace/log.go | 2 +- webhook/workspace/mutate.go | 6 +++--- webhook/workspace/validate.go | 4 ++-- 13 files changed, 25 insertions(+), 30 deletions(-) diff --git a/controllers/controller/devworkspacerouting/devworkspacerouting_controller.go b/controllers/controller/devworkspacerouting/devworkspacerouting_controller.go index beba7dfdd..9193b00cf 100644 --- a/controllers/controller/devworkspacerouting/devworkspacerouting_controller.go +++ b/controllers/controller/devworkspacerouting/devworkspacerouting_controller.go @@ -63,9 +63,7 @@ type DevWorkspaceRoutingReconciler struct { // +kubebuidler:rbac:groups=route.openshift.io,resources=routes/status,verbs=get,list,watch // +kubebuilder:rbac:groups=route.openshift.io,resources=routes/custom-host,verbs=create -func (r *DevWorkspaceRoutingReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { - ctx := context.Background() - +func (r *DevWorkspaceRoutingReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { reqLogger := r.Log.WithValues("Request.Namespace", req.Namespace, "Request.Name", req.Name) // Fetch the DevWorkspaceRouting instance diff --git a/controllers/workspace/devworkspace_controller.go b/controllers/workspace/devworkspace_controller.go index a2ca75735..0ebc38bcb 100644 --- a/controllers/workspace/devworkspace_controller.go +++ b/controllers/workspace/devworkspace_controller.go @@ -67,6 +67,7 @@ type DevWorkspaceReconciler struct { // +kubebuilder:rbac:groups=workspace.devfile.io,resources=*,verbs=* // +kubebuilder:rbac:groups=controller.devfile.io,resources=*,verbs=* /////// Required permissions for controller +// +kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=get;create;update // +kubebuilder:rbac:groups=apps;extensions,resources=deployments;replicasets,verbs=* // +kubebuilder:rbac:groups="",resources=pods;serviceaccounts;secrets;configmaps;persistentvolumeclaims,verbs=* // +kubebuilder:rbac:groups="",resources=namespaces;events,verbs=get;list;watch @@ -82,8 +83,7 @@ type DevWorkspaceReconciler struct { // +kubebuilder:rbac:groups=apps;extensions,resources=deployments,verbs=get;list;watch // +kubebuilder:rbac:groups="",resources=secrets,resourceNames=workspace-credentials-secret,verbs=get;create;delete -func (r *DevWorkspaceReconciler) Reconcile(req ctrl.Request) (reconcileResult ctrl.Result, err error) { - ctx := context.Background() +func (r *DevWorkspaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (reconcileResult ctrl.Result, err error) { reqLogger := r.Log.WithValues("Request.Namespace", req.Namespace, "Request.Name", req.Name) clusterAPI := wsprovision.ClusterAPI{ Client: r.Client, @@ -465,9 +465,8 @@ func getWorkspaceId(instance *dw.DevWorkspace) (string, error) { // Mapping the pod to the devworkspace func dwRelatedPodsHandler() handler.EventHandler { - podToDW := func(mapObj handler.MapObject) []reconcile.Request { - meta := mapObj.Meta - labels := meta.GetLabels() + podToDW := func(obj client.Object) []reconcile.Request { + labels := obj.GetLabels() if _, ok := labels[constants.DevWorkspaceNameLabel]; !ok { return nil } @@ -481,12 +480,12 @@ func dwRelatedPodsHandler() handler.EventHandler { { NamespacedName: types.NamespacedName{ Name: labels[constants.DevWorkspaceNameLabel], - Namespace: meta.GetNamespace(), + Namespace: obj.GetNamespace(), }, }, } } - return &handler.EnqueueRequestsFromMapFunc{ToRequests: handler.ToRequestsFunc(podToDW)} + return handler.EnqueueRequestsFromMapFunc(podToDW) } func (r *DevWorkspaceReconciler) SetupWithManager(mgr ctrl.Manager) error { diff --git a/pkg/library/flatten/internal/testutil/k8sClient.go b/pkg/library/flatten/internal/testutil/k8sClient.go index 94644a89b..7a4ded7aa 100644 --- a/pkg/library/flatten/internal/testutil/k8sClient.go +++ b/pkg/library/flatten/internal/testutil/k8sClient.go @@ -19,7 +19,6 @@ import ( dw "github.com/devfile/api/v2/pkg/apis/workspaces/v1alpha2" k8sErrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -30,7 +29,7 @@ type FakeK8sClient struct { Errors map[string]TestPluginError } -func (client *FakeK8sClient) Get(_ context.Context, namespacedName client.ObjectKey, obj runtime.Object) error { +func (client *FakeK8sClient) Get(_ context.Context, namespacedName client.ObjectKey, obj client.Object) error { template, ok := obj.(*dw.DevWorkspaceTemplate) if !ok { return fmt.Errorf("called Get() in fake client with non-DevWorkspaceTemplate") diff --git a/pkg/provision/workspace/object.go b/pkg/provision/workspace/object.go index 0d0b89180..7c0194e43 100644 --- a/pkg/provision/workspace/object.go +++ b/pkg/provision/workspace/object.go @@ -25,7 +25,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" - "sigs.k8s.io/controller-runtime/pkg/client" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" ) // Map to store diff options for each type we're handling. @@ -39,7 +39,7 @@ var diffOpts = map[reflect.Type]cmp.Options{ } // SyncMutableObjects synchronizes runtime objects and changes/updates existing ones -func SyncMutableObjects(objects []runtime.Object, client client.Client, reqLogger logr.Logger) (requeue bool, err error) { +func SyncMutableObjects(objects []runtimeClient.Object, client runtimeClient.Client, reqLogger logr.Logger) (requeue bool, err error) { for _, object := range objects { _, shouldRequeue, err := SyncObject(object, client, reqLogger, true) if err != nil { @@ -51,7 +51,7 @@ func SyncMutableObjects(objects []runtime.Object, client client.Client, reqLogge } // SyncObject synchronizes a runtime object and changes/updates existing ones -func SyncObject(object runtime.Object, client client.Client, reqLogger logr.Logger, update bool) (clusterObject runtime.Object, requeue bool, apiErr error) { +func SyncObject(object runtimeClient.Object, client runtimeClient.Client, reqLogger logr.Logger, update bool) (clusterObject runtime.Object, requeue bool, apiErr error) { objMeta, isMeta := object.(metav1.Object) if !isMeta { return nil, true, errors.NewBadRequest("Converted objects are not valid K8s objects") @@ -61,7 +61,7 @@ func SyncObject(object runtime.Object, client client.Client, reqLogger logr.Logg reqLogger.V(1).Info("Managing K8s Object", "kind", objType.String(), "name", objMeta.GetName()) - found := reflect.New(objType).Interface().(runtime.Object) + found := reflect.New(objType).Interface().(runtimeClient.Object) err := client.Get(context.TODO(), types.NamespacedName{Name: objMeta.GetName(), Namespace: objMeta.GetNamespace()}, found) if err != nil { if !errors.IsNotFound(err) { diff --git a/pkg/provision/workspace/rbac.go b/pkg/provision/workspace/rbac.go index f1165496f..6dcfea8f4 100644 --- a/pkg/provision/workspace/rbac.go +++ b/pkg/provision/workspace/rbac.go @@ -20,7 +20,6 @@ import ( "github.com/go-logr/logr" rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -32,9 +31,9 @@ func SyncRBAC(workspace *dw.DevWorkspace, client client.Client, reqLogger logr.L return ProvisioningStatus{Continue: !requeue, Err: err} } -func generateRBAC(namespace string) []runtime.Object { +func generateRBAC(namespace string) []client.Object { // TODO: The rolebindings here are created namespace-wide; find a way to limit this, given that each workspace - return []runtime.Object{ + return []client.Object{ &rbacv1.Role{ ObjectMeta: metav1.ObjectMeta{ Name: "workspace", diff --git a/pkg/webhook/kubernetes/tls.go b/pkg/webhook/kubernetes/tls.go index 0730d734d..174c8e66d 100644 --- a/pkg/webhook/kubernetes/tls.go +++ b/pkg/webhook/kubernetes/tls.go @@ -18,7 +18,7 @@ import ( "github.com/devfile/devworkspace-operator/pkg/webhook/service" crclient "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" + logf "sigs.k8s.io/controller-runtime/pkg/log" ) var log = logf.Log.WithName("webhook-k8s") diff --git a/pkg/webhook/openshift/tls.go b/pkg/webhook/openshift/tls.go index 99406dd0a..b9e3bf84f 100755 --- a/pkg/webhook/openshift/tls.go +++ b/pkg/webhook/openshift/tls.go @@ -16,7 +16,7 @@ import ( "context" "github.com/devfile/devworkspace-operator/pkg/webhook/service" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" + logf "sigs.k8s.io/controller-runtime/pkg/log" crclient "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/test/e2e/pkg/client/pod.go b/test/e2e/pkg/client/pod.go index cf22727c4..83a687469 100644 --- a/test/e2e/pkg/client/pod.go +++ b/test/e2e/pkg/client/pod.go @@ -50,7 +50,7 @@ func (w *K8sClient) WaitForRunningPodBySelector(namespace, selector string, time } if len(podList.Items) == 0 { log.Printf("Pod not created yet with selector '%s' in namespace %s", selector, namespace) - return fmt.Errorf("Pod not created yet in %s with label %s", namespace, selector) + return fmt.Errorf("pod not created yet in %s with label %s", namespace, selector) } for _, pod := range podList.Items { diff --git a/webhook/server/server.go b/webhook/server/server.go index 2ab659118..75c36b116 100644 --- a/webhook/server/server.go +++ b/webhook/server/server.go @@ -20,8 +20,8 @@ import ( "github.com/devfile/devworkspace-operator/pkg/constants" "github.com/devfile/devworkspace-operator/pkg/infrastructure" + logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/manager" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" "sigs.k8s.io/controller-runtime/pkg/webhook" ) diff --git a/webhook/workspace/handler/log.go b/webhook/workspace/handler/log.go index 425d518b8..39b7164df 100644 --- a/webhook/workspace/handler/log.go +++ b/webhook/workspace/handler/log.go @@ -12,6 +12,6 @@ package handler -import logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" +import logf "sigs.k8s.io/controller-runtime/pkg/log" var log = logf.Log.WithName("webhook.workspace.handler") diff --git a/webhook/workspace/log.go b/webhook/workspace/log.go index 4feb7f131..b8d31b30e 100644 --- a/webhook/workspace/log.go +++ b/webhook/workspace/log.go @@ -10,6 +10,6 @@ // Red Hat, Inc. - initial API and implementation package workspace -import logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" +import logf "sigs.k8s.io/controller-runtime/pkg/log" var log = logf.Log.WithName("webhook.devworkspace") diff --git a/webhook/workspace/mutate.go b/webhook/workspace/mutate.go index 7f4c66d6d..087bbe86c 100644 --- a/webhook/workspace/mutate.go +++ b/webhook/workspace/mutate.go @@ -15,7 +15,7 @@ import ( "fmt" "github.com/devfile/devworkspace-operator/webhook/workspace/handler" - "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) @@ -34,7 +34,7 @@ func NewResourcesMutator(controllerUID, controllerSAName string) *ResourcesMutat // ResourcesMutator verify if operation is a valid from Workspace controller perspective func (m *ResourcesMutator) Handle(ctx context.Context, req admission.Request) admission.Response { switch req.Operation { - case v1beta1.Create: + case admissionv1.Create: { switch req.Kind { case handler.V1alpha1DevWorkspaceKind: @@ -51,7 +51,7 @@ func (m *ResourcesMutator) Handle(ctx context.Context, req admission.Request) ad return m.HandleRestrictedAccessCreate(ctx, req) } } - case v1beta1.Update: + case admissionv1.Update: { switch req.Kind { case handler.V1alpha1DevWorkspaceKind: diff --git a/webhook/workspace/validate.go b/webhook/workspace/validate.go index 6971b2a04..cd4e1de16 100644 --- a/webhook/workspace/validate.go +++ b/webhook/workspace/validate.go @@ -15,7 +15,7 @@ import ( "fmt" "github.com/devfile/devworkspace-operator/webhook/workspace/handler" - "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) @@ -32,7 +32,7 @@ func NewResourcesValidator(controllerUID, controllerSAName string) *ResourcesVal } func (v *ResourcesValidator) Handle(ctx context.Context, req admission.Request) admission.Response { - if req.Kind == handler.V1PodExecOptionKind && req.Operation == v1beta1.Connect { + if req.Kind == handler.V1PodExecOptionKind && req.Operation == admissionv1.Connect { return v.ValidateExecOnConnect(ctx, req) } // Do not allow operation if the corresponding handler is not found