diff --git a/chart/stash/templates/validating-webhook.yaml b/chart/stash/templates/validating-webhook.yaml index 6476eba97..e9f7a82b7 100644 --- a/chart/stash/templates/validating-webhook.yaml +++ b/chart/stash/templates/validating-webhook.yaml @@ -57,4 +57,25 @@ webhooks: {{- if and (ge $major 1) (ge $minor 12) }} sideEffects: None {{- end }} +- name: repository.admission.stash.appscode.com + clientConfig: + service: + namespace: default + name: kubernetes + path: /apis/admission.stash.appscode.com/v1alpha1/repositories + caBundle: {{ b64enc .Values.apiserver.ca }} + rules: + - operations: + - CREATE + - UPDATE + apiGroups: + - stash.appscode.com + apiVersions: + - "*" + resources: + - repositories + failurePolicy: Fail +{{- if and (ge $major 1) (ge $minor 12) }} + sideEffects: None +{{- end }} {{ end }} diff --git a/glide.lock b/glide.lock index 0dae7f54a..47d5e3f7b 100644 --- a/glide.lock +++ b/glide.lock @@ -1,5 +1,5 @@ hash: 4f8094db058fef42adf0b07136b9208a6c6d50a6c634cfabc9c42f108429d9b5 -updated: 2018-12-03T14:10:17.769494304-08:00 +updated: 2018-12-08T18:54:40.614166269-08:00 imports: - name: bitbucket.org/ww/goautoneg version: 75cd24fc2f2c2a2088577d12123ddee5f54e0675 @@ -42,7 +42,7 @@ imports: - registry/admissionreview/v1beta1 - runtime/serializer/versioning - name: github.com/appscode/kutil - version: 239838b6231b8a27a66426e25678351ce50c4cfd + version: 51b5bcd8acd29487177991028426f9864c4c3637 subpackages: - admissionregistration/v1beta1 - apiextensions/v1beta1 @@ -65,7 +65,7 @@ imports: - name: github.com/appscode/ocutil version: 9e3ab89e810deaabe1fd353d01913aaf7dbe6e6d - name: github.com/appscode/osm - version: 1afd84f09007c717e2a46e9d87e30902d8331b91 + version: fb08059eb9264578f9e15dc796f7afdb1bd40294 subpackages: - context - name: github.com/appscode/pat diff --git a/pkg/controller/repository.go b/pkg/controller/repository.go index 8df0002bf..665b5563c 100644 --- a/pkg/controller/repository.go +++ b/pkg/controller/repository.go @@ -40,12 +40,12 @@ func (c *StashController) NewRepositoryWebhook() hooks.AdmissionHook { } func (c *StashController) initRepositoryWatcher() { c.repoInformer = c.stashInformerFactory.Stash().V1alpha1().Repositories().Informer() - c.repoQueue = queue.New("Repository", c.MaxNumRequeues, c.NumThreads, c.runRepositoryInjector) + c.repoQueue = queue.New("Repository", c.MaxNumRequeues, c.NumThreads, c.runRepositoryReconciler) c.repoInformer.AddEventHandler(queue.DefaultEventHandler(c.repoQueue.GetQueue())) c.repoLister = c.stashInformerFactory.Stash().V1alpha1().Repositories().Lister() } -func (c *StashController) runRepositoryInjector(key string) error { +func (c *StashController) runRepositoryReconciler(key string) error { obj, exist, err := c.repoInformer.GetIndexer().GetByKey(key) if err != nil { glog.Errorf("Fetching object with key %s from store failed with %v", key, err) @@ -61,7 +61,8 @@ func (c *StashController) runRepositoryInjector(key string) error { if repo.DeletionTimestamp != nil { if core_util.HasFinalizer(repo.ObjectMeta, util.RepositoryFinalizer) { - if repo.Spec.WipeOut { + // ignore invalid repository objects (eg: created by xray). + if repo.IsValid() == nil && repo.Spec.WipeOut { err = c.deleteResticRepository(repo) if err != nil { return err diff --git a/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/kubernetes.go b/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/kubernetes.go index 4a4870cf1..972b4eb8c 100644 --- a/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/kubernetes.go +++ b/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/kubernetes.go @@ -1,7 +1,7 @@ package v1beta1 import ( - "github.com/json-iterator/go" + jsoniter "github.com/json-iterator/go" ) var json = jsoniter.ConfigFastest diff --git a/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/xray.go b/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/xray.go index c6c37ec49..66680a54e 100644 --- a/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/xray.go +++ b/vendor/github.com/appscode/kutil/admissionregistration/v1beta1/xray.go @@ -1,14 +1,16 @@ package v1beta1 import ( + "fmt" "strings" "github.com/appscode/kutil" apireg_util "github.com/appscode/kutil/apiregistration/v1beta1" core_util "github.com/appscode/kutil/core/v1" "github.com/appscode/kutil/discovery" + dynamic_util "github.com/appscode/kutil/dynamic" meta_util "github.com/appscode/kutil/meta" - "github.com/evanphx/json-patch" + jsonpatch "github.com/evanphx/json-patch" "github.com/golang/glog" "github.com/pkg/errors" "github.com/spf13/pflag" @@ -111,6 +113,7 @@ func (d ValidatingWebhookXray) IsActive() error { } attempt := 0 + var failures []string return wait.PollImmediateUntil(kutil.RetryInterval, func() (bool, error) { apisvc, err := apireg.ApiregistrationV1beta1().APIServices().Get(d.apisvc, metav1.GetOptions{}) if err != nil { @@ -144,12 +147,18 @@ func (d ValidatingWebhookXray) IsActive() error { attempt++ active, err := d.check() if err != nil { - glog.Warningf("Attempt %d to detect ValidatingWebhook activation failed due to %s", attempt, err.Error()) + failures = append(failures, fmt.Sprintf("Attempt %d to detect ValidatingWebhook activation failed due to %s", attempt, err.Error())) } err = retry(err) if active || err != nil { d.updateAPIService(apireg, apisvc, err) } + if err != nil { + // log failures only if xray fails, otherwise don't confuse users with intermediate failures. + for _, msg := range failures { + glog.Warningln(msg) + } + } return active, err } } @@ -157,7 +166,7 @@ func (d ValidatingWebhookXray) IsActive() error { }, d.stopCh) } -func (d ValidatingWebhookXray) updateAPIService(apireg apireg_cs.Interface, apisvc *apiregistration.APIService, err error) { +func (d ValidatingWebhookXray) updateAPIService(apireg apireg_cs.Interface, apisvc *apiregistration.APIService, err error) error { fn := func(annotations map[string]string) map[string]string { if len(annotations) == 0 { annotations = map[string]string{} @@ -172,7 +181,7 @@ func (d ValidatingWebhookXray) updateAPIService(apireg apireg_cs.Interface, apis return annotations } - apireg_util.PatchAPIService(apireg, apisvc, func(in *apiregistration.APIService) *apiregistration.APIService { + _, _, e3 := apireg_util.PatchAPIService(apireg, apisvc, func(in *apiregistration.APIService) *apiregistration.APIService { data, ok := in.Annotations[meta_util.LastAppliedConfigAnnotation] if ok { u, e2 := runtime.Decode(unstructured.UnstructuredJSONScheme, []byte(data)) @@ -193,6 +202,7 @@ func (d ValidatingWebhookXray) updateAPIService(apireg apireg_cs.Interface, apis in.Annotations = fn(in.Annotations) return in }) + return e3 } func (d ValidatingWebhookXray) check() (bool, error) { @@ -246,13 +256,13 @@ func (d ValidatingWebhookXray) check() (bool, error) { if d.op == v1beta1.Create { _, err := ri.Create(&u, metav1.CreateOptions{}) if kutil.AdmissionWebhookDeniedRequest(err) { - glog.Infof("failed to create invalid test object as expected with error: %s", err) + glog.V(10).Infof("failed to create invalid test object as expected with error: %s", err) return true, nil } else if err != nil { return false, err } - ri.Delete(accessor.GetName(), &metav1.DeleteOptions{}) + dynamic_util.WaitUntilDeleted(ri, d.stopCh, accessor.GetName()) return false, ErrWebhookNotActivated } else if d.op == v1beta1.Update { _, err := ri.Create(&u, metav1.CreateOptions{}) @@ -273,10 +283,10 @@ func (d ValidatingWebhookXray) check() (bool, error) { } _, err = ri.Patch(accessor.GetName(), types.MergePatchType, patch, metav1.UpdateOptions{}) - defer ri.Delete(accessor.GetName(), &metav1.DeleteOptions{}) + defer dynamic_util.WaitUntilDeleted(ri, d.stopCh, accessor.GetName()) if kutil.AdmissionWebhookDeniedRequest(err) { - glog.Infof("failed to update test object as expected with error: %s", err) + glog.V(10).Infof("failed to update test object as expected with error: %s", err) return true, nil } else if err != nil { return false, err @@ -308,10 +318,10 @@ func (d ValidatingWebhookXray) check() (bool, error) { ri.Patch(accessor.GetName(), types.MergePatchType, patch, metav1.UpdateOptions{}) // delete - ri.Delete(accessor.GetName(), &metav1.DeleteOptions{}) + dynamic_util.WaitUntilDeleted(ri, d.stopCh, accessor.GetName()) }() - glog.Infof("failed to delete test object as expected with error: %s", err) + glog.V(10).Infof("failed to delete test object as expected with error: %s", err) return true, nil } else if err != nil { return false, err diff --git a/vendor/github.com/appscode/kutil/apiextensions/v1beta1/kubernetes.go b/vendor/github.com/appscode/kutil/apiextensions/v1beta1/kubernetes.go index f082b821e..01830a9e4 100644 --- a/vendor/github.com/appscode/kutil/apiextensions/v1beta1/kubernetes.go +++ b/vendor/github.com/appscode/kutil/apiextensions/v1beta1/kubernetes.go @@ -25,7 +25,13 @@ func RegisterCRDs(client crd_cs.ApiextensionsV1beta1Interface, crds []*crd_api.C } else if err != nil { return err } else { + // Update AdditionalPrinterColumns, Catagories, ShortNames, Validation + // and Subresources of existing CRD. + existing.Spec.AdditionalPrinterColumns = crd.Spec.AdditionalPrinterColumns + existing.Spec.Names.Categories = crd.Spec.Names.Categories + existing.Spec.Names.ShortNames = crd.Spec.Names.ShortNames existing.Spec.Validation = crd.Spec.Validation + if crd.Spec.Subresources != nil && existing.Spec.Subresources == nil { existing.Spec.Subresources = &crd_api.CustomResourceSubresources{} if crd.Spec.Subresources.Status != nil && existing.Spec.Subresources.Status == nil { diff --git a/vendor/github.com/appscode/kutil/apps/v1/kubernetes.go b/vendor/github.com/appscode/kutil/apps/v1/kubernetes.go index 9a848683d..1b7070732 100644 --- a/vendor/github.com/appscode/kutil/apps/v1/kubernetes.go +++ b/vendor/github.com/appscode/kutil/apps/v1/kubernetes.go @@ -1,7 +1,7 @@ package v1 import ( - "github.com/json-iterator/go" + jsoniter "github.com/json-iterator/go" ) var json = jsoniter.ConfigFastest diff --git a/vendor/github.com/appscode/kutil/batch/v1beta1/kubernetes.go b/vendor/github.com/appscode/kutil/batch/v1beta1/kubernetes.go index 4a4870cf1..972b4eb8c 100644 --- a/vendor/github.com/appscode/kutil/batch/v1beta1/kubernetes.go +++ b/vendor/github.com/appscode/kutil/batch/v1beta1/kubernetes.go @@ -1,7 +1,7 @@ package v1beta1 import ( - "github.com/json-iterator/go" + jsoniter "github.com/json-iterator/go" ) var json = jsoniter.ConfigFastest diff --git a/vendor/github.com/appscode/kutil/core/v1/kubernetes.go b/vendor/github.com/appscode/kutil/core/v1/kubernetes.go index 65293e56d..38bc363f2 100644 --- a/vendor/github.com/appscode/kutil/core/v1/kubernetes.go +++ b/vendor/github.com/appscode/kutil/core/v1/kubernetes.go @@ -5,7 +5,7 @@ import ( "github.com/appscode/go/types" "github.com/appscode/mergo" - "github.com/json-iterator/go" + jsoniter "github.com/json-iterator/go" core "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/vendor/github.com/appscode/kutil/discovery/lib.go b/vendor/github.com/appscode/kutil/discovery/lib.go index 05a27fcc7..beba04228 100644 --- a/vendor/github.com/appscode/kutil/discovery/lib.go +++ b/vendor/github.com/appscode/kutil/discovery/lib.go @@ -3,7 +3,7 @@ package discovery import ( "fmt" - "github.com/appscode/go-version" + version "github.com/appscode/go-version" "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/discovery" diff --git a/vendor/github.com/appscode/kutil/dynamic/kubernetes.go b/vendor/github.com/appscode/kutil/dynamic/kubernetes.go index b8327a2b5..b8cf441e4 100644 --- a/vendor/github.com/appscode/kutil/dynamic/kubernetes.go +++ b/vendor/github.com/appscode/kutil/dynamic/kubernetes.go @@ -6,7 +6,7 @@ import ( "time" "github.com/appscode/kutil" - "github.com/appscode/kutil/core/v1" + v1 "github.com/appscode/kutil/core/v1" discovery_util "github.com/appscode/kutil/discovery" "github.com/pkg/errors" core "k8s.io/api/core/v1" @@ -19,6 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" utilerrors "k8s.io/apimachinery/pkg/util/errors" + "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/dynamic" "k8s.io/client-go/kubernetes" @@ -27,6 +28,25 @@ import ( watchtools "k8s.io/client-go/tools/watch" ) +func WaitUntilDeleted(ri dynamic.ResourceInterface, stopCh <-chan struct{}, name string, subresources ...string) error { + err := ri.Delete(name, &metav1.DeleteOptions{}, subresources...) + if kerr.IsNotFound(err) { + return nil + } else if err != nil { + return err + } + // delete operation was successful, now wait for obj to be removed(eg: objects with finalizers) + return wait.PollImmediateUntil(kutil.RetryInterval, func() (bool, error) { + _, e2 := ri.Get(name, metav1.GetOptions{}, subresources...) + if kerr.IsNotFound(e2) { + return true, nil + } else if e2 != nil && !kutil.IsRequestRetryable(e2) { + return false, e2 + } + return false, nil + }, stopCh) +} + func UntilHasLabel(config *rest.Config, gvk schema.GroupVersionKind, namespace, name string, key string, value *string, timeout time.Duration) (out string, err error) { return untilHasKey(config, gvk, namespace, name, func(obj metav1.Object) map[string]string { return obj.GetLabels() }, key, value, timeout) } diff --git a/vendor/github.com/appscode/kutil/meta/cmp.go b/vendor/github.com/appscode/kutil/meta/cmp.go index 702e98d35..f4e2d11b7 100644 --- a/vendor/github.com/appscode/kutil/meta/cmp.go +++ b/vendor/github.com/appscode/kutil/meta/cmp.go @@ -2,7 +2,7 @@ package meta import ( "github.com/google/go-cmp/cmp" - "github.com/json-iterator/go" + jsoniter "github.com/json-iterator/go" jsondiff "github.com/yudai/gojsondiff" "github.com/yudai/gojsondiff/formatter" "k8s.io/apimachinery/pkg/api/resource" diff --git a/vendor/github.com/appscode/kutil/meta/hash.go b/vendor/github.com/appscode/kutil/meta/hash.go index b207e3e96..a8cfbb63a 100644 --- a/vendor/github.com/appscode/kutil/meta/hash.go +++ b/vendor/github.com/appscode/kutil/meta/hash.go @@ -134,7 +134,7 @@ func AlreadyObserved2(old, nu interface{}, enableStatusSubresource bool) bool { } if !match && bool(glog.V(log.LevelDebug)) { - diff := Diff(nu, old) + diff := Diff(old, nu) glog.V(log.LevelDebug).Infof("%s %s/%s has changed. Diff: %s", GetKind(old), oldObj.GetNamespace(), oldObj.GetName(), diff) } return match diff --git a/vendor/github.com/appscode/kutil/meta/patch.go b/vendor/github.com/appscode/kutil/meta/patch.go index b087d8140..3557480c4 100644 --- a/vendor/github.com/appscode/kutil/meta/patch.go +++ b/vendor/github.com/appscode/kutil/meta/patch.go @@ -5,8 +5,8 @@ import ( "strings" jp "github.com/appscode/jsonpatch" - "github.com/evanphx/json-patch" - "github.com/json-iterator/go" + jsonpatch "github.com/evanphx/json-patch" + jsoniter "github.com/json-iterator/go" "k8s.io/apimachinery/pkg/util/mergepatch" "k8s.io/apimachinery/pkg/util/strategicpatch" ) diff --git a/vendor/github.com/appscode/kutil/rbac/v1/kubernetes.go b/vendor/github.com/appscode/kutil/rbac/v1/kubernetes.go index 9a848683d..1b7070732 100644 --- a/vendor/github.com/appscode/kutil/rbac/v1/kubernetes.go +++ b/vendor/github.com/appscode/kutil/rbac/v1/kubernetes.go @@ -1,7 +1,7 @@ package v1 import ( - "github.com/json-iterator/go" + jsoniter "github.com/json-iterator/go" ) var json = jsoniter.ConfigFastest diff --git a/vendor/github.com/appscode/kutil/tools/cli/cli.go b/vendor/github.com/appscode/kutil/tools/cli/cli.go index 43355863d..644d6d76a 100644 --- a/vendor/github.com/appscode/kutil/tools/cli/cli.go +++ b/vendor/github.com/appscode/kutil/tools/cli/cli.go @@ -7,7 +7,7 @@ import ( "github.com/appscode/go/log/golog" "github.com/appscode/kutil/tools/analytics" - "github.com/jpillora/go-ogle-analytics" + ga "github.com/jpillora/go-ogle-analytics" "github.com/spf13/cobra" )