Bumping k8s dependencies to 1.13

2018-11-16 14:08:25 -08:00
parent 305407125c
commit b4c0b68ec7
8002 changed files with 884099 additions and 276228 deletions
--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/BUILD
@@ -11,56 +11,24 @@ go_library(
    srcs = [
        "doc.go",
        "iptables.go",
+        "iptables_linux.go",
+        "iptables_unsupported.go",
        "save_restore.go",
-    ] + select({
-        "@io_bazel_rules_go//go/platform:android": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:darwin": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:dragonfly": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:freebsd": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:linux": [
-            "iptables_linux.go",
-        ],
-        "@io_bazel_rules_go//go/platform:nacl": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:netbsd": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:openbsd": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:plan9": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:solaris": [
-            "iptables_unsupported.go",
-        ],
-        "@io_bazel_rules_go//go/platform:windows": [
-            "iptables_unsupported.go",
-        ],
-        "//conditions:default": [],
-    }),
+    ],
    importpath = "k8s.io/kubernetes/pkg/util/iptables",
    deps = [
        "//pkg/util/dbus:go_default_library",
        "//pkg/util/version:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//staging/src/k8s.io/apiserver/pkg/util/trace:go_default_library",
        "//vendor/github.com/godbus/dbus:go_default_library",
        "//vendor/github.com/golang/glog:go_default_library",
-        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
        "//vendor/k8s.io/utils/exec:go_default_library",
    ] + select({
        "@io_bazel_rules_go//go/platform:linux": [
+            "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library",
+            "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library",
            "//vendor/golang.org/x/sys/unix:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
        ],
        "//conditions:default": [],
    }),
@@ -68,17 +36,15 @@ go_library(

 go_test(
    name = "go_default_test",
-    srcs = select({
-        "@io_bazel_rules_go//go/platform:linux": [
-            "iptables_test.go",
-        ],
-        "//conditions:default": [],
-    }),
+    srcs = [
+        "iptables_test.go",
+        "save_restore_test.go",
+    ],
    embed = [":go_default_library"],
    deps = select({
        "@io_bazel_rules_go//go/platform:linux": [
            "//pkg/util/dbus:go_default_library",
-            "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+            "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
            "//vendor/k8s.io/utils/exec:go_default_library",
            "//vendor/k8s.io/utils/exec/testing:go_default_library",
        ],
--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/iptables.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/iptables.go
@@ -28,6 +28,7 @@ import (
 	godbus "github.com/godbus/dbus"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/util/sets"
+	utiltrace "k8s.io/apiserver/pkg/util/trace"
 	utildbus "k8s.io/kubernetes/pkg/util/dbus"
 	utilversion "k8s.io/kubernetes/pkg/util/version"
 	utilexec "k8s.io/utils/exec"
@@ -137,6 +138,7 @@ type runner struct {
 	dbus            utildbus.Interface
 	protocol        Protocol
 	hasCheck        bool
+	hasListener     bool
 	waitFlag        []string
 	restoreWaitFlag []string
 	lockfilePath    string
@@ -163,13 +165,11 @@ func newInternal(exec utilexec.Interface, dbus utildbus.Interface, protocol Prot
 		dbus:            dbus,
 		protocol:        protocol,
 		hasCheck:        getIPTablesHasCheckCommand(vstring),
+		hasListener:     false,
 		waitFlag:        getIPTablesWaitFlag(vstring),
 		restoreWaitFlag: getIPTablesRestoreWaitFlag(exec, protocol),
 		lockfilePath:    lockfilePath,
 	}
-	// TODO this needs to be moved to a separate Start() or Run() function so that New() has zero side
-	// effects.
-	runner.connectToFirewallD()
 	return runner
 }

@@ -200,6 +200,7 @@ func (runner *runner) connectToFirewallD() {
 		glog.V(1).Infof("Could not connect to D-Bus system bus: %s", err)
 		return
 	}
+	runner.hasListener = true

 	rule := fmt.Sprintf("type='signal',sender='%s',path='%s',interface='%s',member='Reloaded'", firewalldName, firewalldPath, firewalldInterface)
 	bus.BusObject().Call("org.freedesktop.DBus.AddMatch", 0, rule)
@@ -317,6 +318,9 @@ func (runner *runner) SaveInto(table Table, buffer *bytes.Buffer) error {
 	runner.mu.Lock()
 	defer runner.mu.Unlock()

+	trace := utiltrace.New("iptables save")
+	defer trace.LogIfLong(2 * time.Second)
+
 	// run and return
 	iptablesSaveCmd := iptablesSaveCommand(runner.protocol)
 	args := []string{"-t", string(table)}
@@ -355,6 +359,9 @@ func (runner *runner) restoreInternal(args []string, data []byte, flush FlushFla
 	runner.mu.Lock()
 	defer runner.mu.Unlock()

+	trace := utiltrace.New("iptables restore")
+	defer trace.LogIfLong(2 * time.Second)
+
 	if !flush {
 		args = append(args, "--noflush")
 	}
@@ -370,6 +377,7 @@ func (runner *runner) restoreInternal(args []string, data []byte, flush FlushFla
 		if err != nil {
 			return err
 		}
+		trace.Step("Locks grabbed")
 		defer func(locker iptablesLocker) {
 			if err := locker.Close(); err != nil {
 				glog.Errorf("Failed to close iptables locks: %v", err)
@@ -669,6 +677,15 @@ func (runner *runner) dbusSignalHandler(bus utildbus.Connection) {

 // AddReloadFunc is part of Interface
 func (runner *runner) AddReloadFunc(reloadFunc func()) {
+	runner.mu.Lock()
+	defer runner.mu.Unlock()
+
+	// We only need to listen to firewalld if there are Reload functions, so lazy
+	// initialize the listener.
+	if !runner.hasListener {
+		runner.connectToFirewallD()
+	}
+
 	runner.reloadFuncs = append(runner.reloadFuncs, reloadFunc)
 }

--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/save_restore.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/save_restore.go
@@ -17,8 +17,13 @@ limitations under the License.
 package iptables

 import (
+	"bytes"
 	"fmt"
-	"strings"
+)
+
+var (
+	commitBytes = []byte("COMMIT")
+	spaceBytes  = []byte(" ")
 )

 // MakeChainLine return an iptables-save/restore formatted chain line given a Chain
@@ -27,41 +32,43 @@ func MakeChainLine(chain Chain) string {
 }

 // GetChainLines parses a table's iptables-save data to find chains in the table.
-// It returns a map of iptables.Chain to string where the string is the chain line from the save (with counters etc).
-func GetChainLines(table Table, save []byte) map[Chain]string {
-	chainsMap := make(map[Chain]string)
-	tablePrefix := "*" + string(table)
+// It returns a map of iptables.Chain to []byte where the []byte is the chain line
+// from save (with counters etc.).
+// Note that to avoid allocations memory is SHARED with save.
+func GetChainLines(table Table, save []byte) map[Chain][]byte {
+	chainsMap := make(map[Chain][]byte)
+	tablePrefix := []byte("*" + string(table))
 	readIndex := 0
 	// find beginning of table
 	for readIndex < len(save) {
-		line, n := ReadLine(readIndex, save)
+		line, n := readLine(readIndex, save)
 		readIndex = n
-		if strings.HasPrefix(line, tablePrefix) {
+		if bytes.HasPrefix(line, tablePrefix) {
 			break
 		}
 	}
 	// parse table lines
 	for readIndex < len(save) {
-		line, n := ReadLine(readIndex, save)
+		line, n := readLine(readIndex, save)
 		readIndex = n
 		if len(line) == 0 {
 			continue
 		}
-		if strings.HasPrefix(line, "COMMIT") || strings.HasPrefix(line, "*") {
+		if bytes.HasPrefix(line, commitBytes) || line[0] == '*' {
 			break
-		} else if strings.HasPrefix(line, "#") {
+		} else if line[0] == '#' {
 			continue
-		} else if strings.HasPrefix(line, ":") && len(line) > 1 {
+		} else if line[0] == ':' && len(line) > 1 {
 			// We assume that the <line> contains space - chain lines have 3 fields,
 			// space delimited. If there is no space, this line will panic.
-			chain := Chain(line[1:strings.Index(line, " ")])
+			chain := Chain(line[1:bytes.Index(line, spaceBytes)])
 			chainsMap[chain] = line
 		}
 	}
 	return chainsMap
 }

-func ReadLine(readIndex int, byteArray []byte) (string, int) {
+func readLine(readIndex int, byteArray []byte) ([]byte, int) {
 	currentReadIndex := readIndex

 	// consume left spaces
@@ -89,7 +96,7 @@ func ReadLine(readIndex int, byteArray []byte) (string, int) {
 		} else if (byteArray[currentReadIndex] == '\n') || (currentReadIndex == (len(byteArray) - 1)) {
 			// end of line or byte buffer is reached
 			if currentReadIndex <= leftTrimIndex {
-				return "", currentReadIndex + 1
+				return nil, currentReadIndex + 1
 			}
 			// set the rightTrimIndex
 			if rightTrimIndex == -1 {
@@ -100,11 +107,12 @@ func ReadLine(readIndex int, byteArray []byte) (string, int) {
 					rightTrimIndex = currentReadIndex + 1
 				}
 			}
-			return string(byteArray[leftTrimIndex:rightTrimIndex]), currentReadIndex + 1
+			// Avoid unnecessary allocation.
+			return byteArray[leftTrimIndex:rightTrimIndex], currentReadIndex + 1
 		} else {
 			// unset rightTrimIndex
 			rightTrimIndex = -1
 		}
 	}
-	return "", currentReadIndex
+	return nil, currentReadIndex
 }
--- a/vendor/k8s.io/kubernetes/pkg/util/iptables/save_restore_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/util/iptables/save_restore_test.go
@@ -0,0 +1,53 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package iptables
+
+import (
+	"testing"
+)
+
+func TestReadLinesFromByteBuffer(t *testing.T) {
+	testFn := func(byteArray []byte, expected []string) {
+		index := 0
+		readIndex := 0
+		for ; readIndex < len(byteArray); index++ {
+			line, n := readLine(readIndex, byteArray)
+			readIndex = n
+			if expected[index] != string(line) {
+				t.Errorf("expected:%q, actual:%q", expected[index], line)
+			}
+		} // for
+		if readIndex < len(byteArray) {
+			t.Errorf("Byte buffer was only partially read. Buffer length is:%d, readIndex is:%d", len(byteArray), readIndex)
+		}
+		if index < len(expected) {
+			t.Errorf("All expected strings were not compared. expected arr length:%d, matched count:%d", len(expected), index-1)
+		}
+	}
+
+	byteArray1 := []byte("\n  Line 1  \n\n\n L ine4  \nLine 5 \n \n")
+	expected1 := []string{"", "Line 1", "", "", "L ine4", "Line 5", ""}
+	testFn(byteArray1, expected1)
+
+	byteArray1 = []byte("")
+	expected1 = []string{}
+	testFn(byteArray1, expected1)
+
+	byteArray1 = []byte("\n\n")
+	expected1 = []string{"", ""}
+	testFn(byteArray1, expected1)
+}