Fix context/finish removing stopCh

* Context for configmap watch needs to be created from Background(), otherwise watch failure will cause authenticator to crash. * Add some logging. * Remove unnecessary references to stopCh.
kubernetes-sigs · Nov 22, 2023 · c938a74 · c938a74
1 parent da5341d
commit c938a74
Show file tree

Hide file tree

Showing 16 changed files with 232 additions and 211 deletions.
diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml
@@ -11,7 +11,7 @@ jobs:
         with:
           show-progress: false
       - name: "Dependency Review"
-        uses: actions/[email protected].2
+        uses: actions/[email protected].3
   govulncheck:
     runs-on: ubuntu-latest
     steps:

diff --git a/cmd/aws-iam-authenticator/server.go b/cmd/aws-iam-authenticator/server.go
@@ -1,4 +1,5 @@
 //go:build !no_server
+
 /*
 Copyright 2017 by the contributors.
 
@@ -52,15 +53,14 @@ var serverCmd = &cobra.Command{
 		var err error
 		fmt.Printf("Authenticator Version: %q, %q\n", pkg.Version, pkg.CommitID)
 		metrics.InitMetrics(prometheus.DefaultRegisterer)
-		cmd.Context()
 		ctx := signals.SetupSignalHandler()
 
 		cfg, err := getConfig()
 		if err != nil {
 			logrus.Fatalf("%s", err)
 		}
 
-		httpServer := server.New(ctx, cfg, )
+		httpServer := server.New(ctx, cfg)
 		httpServer.Run(ctx)
 	},
 }

diff --git a/go.mod b/go.mod
@@ -13,12 +13,12 @@ require (
 	github.com/spf13/viper v1.17.0
 	golang.org/x/time v0.4.0
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.28.3
-	k8s.io/apimachinery v0.28.3
-	k8s.io/client-go v0.28.3
-	k8s.io/code-generator v0.28.3
-	k8s.io/component-base v0.28.3
-	k8s.io/sample-controller v0.28.3
+	k8s.io/api v0.28.4
+	k8s.io/apimachinery v0.28.4
+	k8s.io/client-go v0.28.4
+	k8s.io/code-generator v0.28.4
+	k8s.io/component-base v0.28.4
+	k8s.io/sample-controller v0.28.4
 	sigs.k8s.io/yaml v1.4.0
 )
 

diff --git a/go.sum b/go.sum
@@ -615,25 +615,25 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM=
-k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc=
-k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A=
-k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8=
-k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4=
-k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo=
-k8s.io/code-generator v0.28.3 h1:I847QvdpYx7xKiG2KVQeCSyNF/xU9TowaDAg601mvlw=
-k8s.io/code-generator v0.28.3/go.mod h1:A2EAHTRYvCvBrb/MM2zZBNipeCk3f8NtpdNIKawC43M=
-k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI=
-k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8=
+k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY=
+k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0=
+k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8=
+k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg=
+k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY=
+k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4=
+k8s.io/code-generator v0.28.4 h1:tcOSNIZQvuAvXhOwpbuJkKbAABJQeyCcQBCN/3uI18c=
+k8s.io/code-generator v0.28.4/go.mod h1:OQAfl6bZikQ/tK6faJ18Vyzo54rUII2NmjurHyiN1g4=
+k8s.io/component-base v0.28.4 h1:c/iQLWPdUgI90O+T9TeECg8o7N3YJTiuz2sKxILYcYo=
+k8s.io/component-base v0.28.4/go.mod h1:m9hR0uvqXDybiGL2nf/3Lf0MerAfQXzkfWhUY58JUbU=
 k8s.io/gengo v0.0.0-20220902162205-c0856e24416d h1:U9tB195lKdzwqicbJvyJeOXV7Klv+wNAWENRnXEGi08=
 k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
 k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
 k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
 k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM=
-k8s.io/sample-controller v0.28.3 h1:yS3hNgOFpgaIldluEAlSLIRk2281g07kxNrdwKBX2gM=
-k8s.io/sample-controller v0.28.3/go.mod h1:R6ahxfGNbfqHpCF53ogmYoIn80jQrBNvEjKCGAYufHQ=
+k8s.io/sample-controller v0.28.4 h1:qghAHWGAFbDaTssOEiktdjbpq9avioOKRMB+KEwBIR0=
+k8s.io/sample-controller v0.28.4/go.mod h1:XXL627j2rVrUQTMpebt6imNnSE30tmFnAOvZsYUsWpo=
 k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk=
 k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=

diff --git a/hack/get-version.sh b/hack/get-version.sh
@@ -18,7 +18,7 @@ VERSION=$(cat version.txt)
 
 printerr() { echo "$@" 1>&2; }
 
-if [[ ! "${VERSION}" =~ ^([0-9]+[.][0-9]+)[.]([0-9]+)(-(alpha|beta)[.]([0-9]+))?$ ]]; then
+if [[ ! "${VERSION}" =~ ^([0-9]+[.][0-9]+)[.]([0-9]+)(-(alpha|beta|dev)[.]([0-9]+))?$ ]]; then
   printerr "Version ${VERSION} must be 'X.Y.Z', 'X.Y.Z-alpha.N', or 'X.Y.Z-beta.N'"
   exit 1
 fi

diff --git a/hack/test-integration.sh b/hack/test-integration.sh
@@ -67,6 +67,7 @@ function cleanup {
         echo "Cleaning up test role ${GENERATED_TEST_ROLE_NAME}"
         aws iam delete-role --role-name "${GENERATED_TEST_ROLE_NAME}" || echo "Failed to clean up test role ${GENERATED_TEST_ROLE_NAME}"
     fi
+    chmod -R +w "${TEST_ARTIFACTS}"
 }
 trap cleanup EXIT
 
@@ -89,7 +90,7 @@ mkdir -p ${TEST_ARTIFACTS}/k8s.io/kubernetes
 git clone --branch ${KUBERNETES_TAG} --depth 1 https://github.com/kubernetes/kubernetes.git ${TEST_ARTIFACTS}/k8s.io/kubernetes --depth 1
 
 pushd ${TEST_ARTIFACTS}/k8s.io/kubernetes
-make generated_files
+./hack/update-codegen.sh
 ./hack/install-etcd.sh
 export PATH="${TEST_ARTIFACTS}/k8s.io/kubernetes/third_party/etcd:${PATH}"
 popd

diff --git a/pkg/fileutil/util.go b/pkg/fileutil/util.go
@@ -46,6 +46,7 @@ func loadDynamicFile(ctx context.Context, filename string) ([]byte, error) {
 }
 
 func StartLoadDynamicFile(ctx context.Context, filename string, callBack FileChangeCallBack) {
+	logrus.Infof("Starting Dynamic File Loader")
 	go wait.Until(func() {
 		// start to watch the file change
 		watcher, err := fsnotify.NewWatcher()

diff --git a/pkg/mapper/configmap/configmap.go b/pkg/mapper/configmap/configmap.go
@@ -59,7 +59,7 @@ func (ms *MapStore) startLoadConfigMap(ctx context.Context) {
 				logrus.Info("Context is complete in startLoadConfigMap")
 				return
 			default:
-				watcher, err := ms.configMap.Watch(ctx, metav1.ListOptions{
+				watcher, err := ms.configMap.Watch(context.Background(), metav1.ListOptions{
 					Watch:         true,
 					FieldSelector: fields.OneTermEqualSelector("metadata.name", "aws-auth").String(),
 				})

diff --git a/pkg/server/server.go b/pkg/server/server.go
@@ -154,7 +154,6 @@ func New(ctx context.Context, cfg config.Config) *Server {
 
 // Run will run the server closing the connection if there is a struct on the channel
 func (c *Server) Run(ctx context.Context) {
-
 	defer c.listener.Close()
 
 	go func() {
@@ -165,7 +164,7 @@ func (c *Server) Run(ctx context.Context) {
 			select {
 			case <-ctx.Done():
 				logrus.Info("shut down mapper before return from Run")
-				close(c.internalHandler.backendMapper.mapperStopCh)
+				//close(c.internalHandler.backendMapper.mapperStopCh)
 				return
 			}
 		}
@@ -227,9 +226,9 @@ func (c *Server) getHandler(ctx context.Context, backendMapper BackendMapper, ec
 }
 
 func BuildMapperChain(ctx context.Context, cfg config.Config, modes []string) (BackendMapper, error) {
+	logrus.Infof("Building mapper chain")
 	backendMapper := BackendMapper{
 		mappers: []mapper.Mapper{},
-		// mapperStopCh: make(chan struct{}),
 	}
 	for _, mode := range modes {
 		switch mode {
@@ -504,7 +503,6 @@ func (h *handler) CallBackForFileLoad(ctx context.Context, dynamicContent []byte
 		newMapper, err := BuildMapperChain(ctx, h.cfg, strings.Split(backendModes.BackendMode, " "))
 		if err == nil && len(newMapper.mappers) > 0 {
 			// replace the mapper
-			close(h.backendMapper.mapperStopCh)
 			h.backendMapper = newMapper
 		} else {
 			return err
@@ -520,7 +518,6 @@ func (h *handler) CallBackForFileDeletion(ctx context.Context) error {
 	backendMapper, err := BuildMapperChain(ctx, h.cfg, h.cfg.BackendMode)
 	if err == nil && len(backendMapper.mappers) > 0 {
 		// replace the mapper
-		close(h.backendMapper.mapperStopCh)
 		h.backendMapper = backendMapper
 	} else {
 		return err

diff --git a/tests/e2e/go.mod b/tests/e2e/go.mod
@@ -5,10 +5,10 @@ go 1.21
 require (
 	github.com/onsi/ginkgo/v2 v2.9.4
 	github.com/onsi/gomega v1.27.6
-	k8s.io/api v0.28.3
-	k8s.io/apimachinery v0.28.3
-	k8s.io/client-go v0.28.3
-	k8s.io/kubernetes v1.28.3
+	k8s.io/api v0.28.4
+	k8s.io/apimachinery v0.28.4
+	k8s.io/client-go v0.28.4
+	k8s.io/kubernetes v1.28.4
 )
 
 require (
@@ -50,7 +50,7 @@ require (
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/component-base v0.28.3 // indirect
+	k8s.io/component-base v0.28.4 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
 	k8s.io/pod-security-admission v0.0.0 // indirect
@@ -61,34 +61,34 @@ require (
 )
 
 replace (
-	k8s.io.client-go => k8s.io/client-go v0.28.3
-	k8s.io/api => k8s.io/api v0.28.3
-	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.28.3
-	k8s.io/apimachinery => k8s.io/apimachinery v0.28.3
-	k8s.io/apiserver => k8s.io/apiserver v0.28.3
-	k8s.io/cli-runtime => k8s.io/cli-runtime v0.28.3
-	k8s.io/client-go => k8s.io/client-go v0.28.3
-	k8s.io/cloud-provider => k8s.io/cloud-provider v0.28.3
-	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.28.3
-	k8s.io/code-generator => k8s.io/code-generator v0.28.3
-	k8s.io/component-base => k8s.io/component-base v0.28.3
-	k8s.io/component-helpers => k8s.io/component-helpers v0.28.3
-	k8s.io/controller-manager => k8s.io/controller-manager v0.28.3
-	k8s.io/cri-api => k8s.io/cri-api v0.28.3
-	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.28.3
-	k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.28.3
-	k8s.io/kms => k8s.io/kms v0.28.3
-	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.28.3
-	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.28.3
-	k8s.io/kube-proxy => k8s.io/kube-proxy v0.28.3
-	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.28.3
-	k8s.io/kubectl => k8s.io/kubectl v0.28.3
-	k8s.io/kubelet => k8s.io/kubelet v0.28.3
-	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.28.3
-	k8s.io/metrics => k8s.io/metrics v0.28.3
-	k8s.io/mount-utils => k8s.io/mount-utils v0.28.3
-	k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.28.3
-	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.28.3
-	k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.28.3
-	k8s.io/sample-controller => k8s.io/sample-controller v0.28.3
+	k8s.io.client-go => k8s.io/client-go v0.28.4
+	k8s.io/api => k8s.io/api v0.28.4
+	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.28.4
+	k8s.io/apimachinery => k8s.io/apimachinery v0.28.4
+	k8s.io/apiserver => k8s.io/apiserver v0.28.4
+	k8s.io/cli-runtime => k8s.io/cli-runtime v0.28.4
+	k8s.io/client-go => k8s.io/client-go v0.28.4
+	k8s.io/cloud-provider => k8s.io/cloud-provider v0.28.4
+	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.28.4
+	k8s.io/code-generator => k8s.io/code-generator v0.28.4
+	k8s.io/component-base => k8s.io/component-base v0.28.4
+	k8s.io/component-helpers => k8s.io/component-helpers v0.28.4
+	k8s.io/controller-manager => k8s.io/controller-manager v0.28.4
+	k8s.io/cri-api => k8s.io/cri-api v0.28.4
+	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.28.4
+	k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.28.4
+	k8s.io/kms => k8s.io/kms v0.28.4
+	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.28.4
+	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.28.4
+	k8s.io/kube-proxy => k8s.io/kube-proxy v0.28.4
+	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.28.4
+	k8s.io/kubectl => k8s.io/kubectl v0.28.4
+	k8s.io/kubelet => k8s.io/kubelet v0.28.4
+	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.28.4
+	k8s.io/metrics => k8s.io/metrics v0.28.4
+	k8s.io/mount-utils => k8s.io/mount-utils v0.28.4
+	k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.28.4
+	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.28.4
+	k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.28.4
+	k8s.io/sample-controller => k8s.io/sample-controller v0.28.4
 )