зеркало из https://github.com/Azure/ARO-RP.git
fix lint and go test issue
This commit is contained in:
Родитель
878d9e5169
Коммит
16f6d48ad6
2
go.mod
2
go.mod
|
@ -77,7 +77,6 @@ require (
|
||||||
sigs.k8s.io/cluster-api-provider-azure v1.2.1
|
sigs.k8s.io/cluster-api-provider-azure v1.2.1
|
||||||
sigs.k8s.io/controller-runtime v0.12.3
|
sigs.k8s.io/controller-runtime v0.12.3
|
||||||
sigs.k8s.io/controller-tools v0.9.0
|
sigs.k8s.io/controller-tools v0.9.0
|
||||||
sigs.k8s.io/yaml v1.3.0
|
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
|
@ -360,6 +359,7 @@ require (
|
||||||
sigs.k8s.io/kustomize/api v0.11.4 // indirect
|
sigs.k8s.io/kustomize/api v0.11.4 // indirect
|
||||||
sigs.k8s.io/kustomize/kyaml v0.13.6 // indirect
|
sigs.k8s.io/kustomize/kyaml v0.13.6 // indirect
|
||||||
sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
|
sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
|
||||||
|
sigs.k8s.io/yaml v1.3.0 // indirect
|
||||||
)
|
)
|
||||||
|
|
||||||
exclude (
|
exclude (
|
||||||
|
|
|
@ -166,7 +166,6 @@ func (r *Reconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.
|
||||||
|
|
||||||
// start a ticker to re-enforce gatekeeper policies periodically
|
// start a ticker to re-enforce gatekeeper policies periodically
|
||||||
r.startTicker(ctx, instance)
|
r.startTicker(ctx, instance)
|
||||||
|
|
||||||
} else if strings.EqualFold(managed, "false") {
|
} else if strings.EqualFold(managed, "false") {
|
||||||
if r.gkPolicyTemplate != nil {
|
if r.gkPolicyTemplate != nil {
|
||||||
// stop the gatekeeper policies re-enforce ticker
|
// stop the gatekeeper policies re-enforce ticker
|
||||||
|
@ -193,7 +192,6 @@ func (r *Reconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.
|
||||||
|
|
||||||
// SetupWithManager setup our manager
|
// SetupWithManager setup our manager
|
||||||
func (r *Reconciler) SetupWithManager(mgr ctrl.Manager) error {
|
func (r *Reconciler) SetupWithManager(mgr ctrl.Manager) error {
|
||||||
|
|
||||||
pullSecretPredicate := predicate.NewPredicateFuncs(func(o client.Object) bool {
|
pullSecretPredicate := predicate.NewPredicateFuncs(func(o client.Object) bool {
|
||||||
return (o.GetName() == pullSecretName.Name && o.GetNamespace() == pullSecretName.Namespace)
|
return (o.GetName() == pullSecretName.Name && o.GetNamespace() == pullSecretName.Namespace)
|
||||||
})
|
})
|
||||||
|
|
|
@ -24,7 +24,6 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func (r *Reconciler) getPolicyConfig(ctx context.Context, na string) (string, string, error) {
|
func (r *Reconciler) getPolicyConfig(ctx context.Context, na string) (string, string, error) {
|
||||||
|
|
||||||
parts := strings.Split(na, ".")
|
parts := strings.Split(na, ".")
|
||||||
if len(parts) < 1 {
|
if len(parts) < 1 {
|
||||||
return "", "", errors.New("unrecognised name: " + na)
|
return "", "", errors.New("unrecognised name: " + na)
|
||||||
|
|
|
@ -13,7 +13,6 @@ webhooks:
|
||||||
name: gatekeeper-webhook-service
|
name: gatekeeper-webhook-service
|
||||||
namespace: {{.Namespace}}
|
namespace: {{.Namespace}}
|
||||||
path: /v1/mutate
|
path: /v1/mutate
|
||||||
failurePolicy: Ignore
|
|
||||||
matchPolicy: Exact
|
matchPolicy: Exact
|
||||||
name: mutation.gatekeeper.sh
|
name: mutation.gatekeeper.sh
|
||||||
failurePolicy: {{.MutatingWebhookFailurePolicy}}
|
failurePolicy: {{.MutatingWebhookFailurePolicy}}
|
||||||
|
|
|
@ -13,7 +13,6 @@ webhooks:
|
||||||
name: gatekeeper-webhook-service
|
name: gatekeeper-webhook-service
|
||||||
namespace: {{.Namespace}}
|
namespace: {{.Namespace}}
|
||||||
path: /v1/admit
|
path: /v1/admit
|
||||||
failurePolicy: Ignore
|
|
||||||
matchPolicy: Exact
|
matchPolicy: Exact
|
||||||
name: validation.gatekeeper.sh
|
name: validation.gatekeeper.sh
|
||||||
failurePolicy: {{.ValidatingWebhookFailurePolicy}}
|
failurePolicy: {{.ValidatingWebhookFailurePolicy}}
|
||||||
|
@ -42,7 +41,7 @@ webhooks:
|
||||||
name: gatekeeper-webhook-service
|
name: gatekeeper-webhook-service
|
||||||
namespace: {{.Namespace}}
|
namespace: {{.Namespace}}
|
||||||
path: /v1/admitlabel
|
path: /v1/admitlabel
|
||||||
failurePolicy: Fail
|
failurePolicy: {{.ValidatingWebhookFailurePolicy}}
|
||||||
matchPolicy: Exact
|
matchPolicy: Exact
|
||||||
name: check-ignore-label.gatekeeper.sh
|
name: check-ignore-label.gatekeeper.sh
|
||||||
rules:
|
rules:
|
||||||
|
|
|
@ -88,7 +88,7 @@ func TestDeployDelete(t *testing.T) {
|
||||||
|
|
||||||
k8scli := fake.NewSimpleClientset()
|
k8scli := fake.NewSimpleClientset()
|
||||||
dh := mock_dynamichelper.NewMockInterface(controller)
|
dh := mock_dynamichelper.NewMockInterface(controller)
|
||||||
dh.EXPECT().EnsureDeleted(gomock.Any(), "Deployment", "openshift-managed-upgrade-operator", "managed-upgrade-operator").Return(nil)
|
dh.EXPECT().EnsureDeletedGVR(gomock.Any(), "Deployment.apps", "openshift-managed-upgrade-operator", "managed-upgrade-operator", gomock.Any()).Return(nil)
|
||||||
|
|
||||||
deployer := NewDeployer(k8scli, dh, staticFiles, "staticresources")
|
deployer := NewDeployer(k8scli, dh, staticFiles, "staticresources")
|
||||||
err := deployer.Remove(context.Background(), config.MUODeploymentConfig{})
|
err := deployer.Remove(context.Background(), config.MUODeploymentConfig{})
|
||||||
|
@ -103,14 +103,14 @@ func TestDeployDeleteFailure(t *testing.T) {
|
||||||
|
|
||||||
k8scli := fake.NewSimpleClientset()
|
k8scli := fake.NewSimpleClientset()
|
||||||
dh := mock_dynamichelper.NewMockInterface(controller)
|
dh := mock_dynamichelper.NewMockInterface(controller)
|
||||||
dh.EXPECT().EnsureDeleted(gomock.Any(), "Deployment", "openshift-managed-upgrade-operator", "managed-upgrade-operator").Return(errors.New("fail"))
|
dh.EXPECT().EnsureDeletedGVR(gomock.Any(), "Deployment.apps", "openshift-managed-upgrade-operator", "managed-upgrade-operator", gomock.Any()).Return(errors.New("fail"))
|
||||||
|
|
||||||
deployer := NewDeployer(k8scli, dh, staticFiles, "staticresources")
|
deployer := NewDeployer(k8scli, dh, staticFiles, "staticresources")
|
||||||
err := deployer.Remove(context.Background(), config.MUODeploymentConfig{})
|
err := deployer.Remove(context.Background(), config.MUODeploymentConfig{})
|
||||||
if err == nil {
|
if err == nil {
|
||||||
t.Error(err)
|
t.Error(err)
|
||||||
}
|
}
|
||||||
if err.Error() != "error removing deployment:\nfail" {
|
if err.Error() != "error removing resource:\nfail" {
|
||||||
t.Error(err)
|
t.Error(err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -77,7 +77,6 @@ func New(log *logrus.Entry, restconfig *rest.Config) (Interface, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (dh *dynamicHelper) resolve(groupKind, optionalVersion string) (*schema.GroupVersionResource, error) {
|
func (dh *dynamicHelper) resolve(groupKind, optionalVersion string) (*schema.GroupVersionResource, error) {
|
||||||
|
|
||||||
gvr, err := dh.Resolve(groupKind, optionalVersion)
|
gvr, err := dh.Resolve(groupKind, optionalVersion)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return gvr, err
|
return gvr, err
|
||||||
|
@ -137,7 +136,6 @@ func (dh *dynamicHelper) Ensure(ctx context.Context, objs ...kruntime.Object) er
|
||||||
}
|
}
|
||||||
|
|
||||||
func (dh *dynamicHelper) ensureUnstructuredObj(ctx context.Context, o *UnstructuredObj) error {
|
func (dh *dynamicHelper) ensureUnstructuredObj(ctx context.Context, o *UnstructuredObj) error {
|
||||||
|
|
||||||
gvr, err := dh.resolve(o.obj.GroupVersionKind().GroupKind().String(), o.obj.GroupVersionKind().Version)
|
gvr, err := dh.resolve(o.obj.GroupVersionKind().GroupKind().String(), o.obj.GroupVersionKind().Version)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -167,7 +165,7 @@ func (dh *dynamicHelper) ensureUnstructuredObj(ctx context.Context, o *Unstructu
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
if strings.ToLower(enOld) == strings.ToLower(enNew) {
|
if strings.EqualFold(enOld, enNew) {
|
||||||
// currently EnforcementAction is the only part that may change in an update
|
// currently EnforcementAction is the only part that may change in an update
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -205,7 +203,6 @@ func GetEnforcementAction(obj *unstructured.Unstructured) (string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (dh *dynamicHelper) deleteUnstructuredObj(ctx context.Context, groupKind, namespace, name string) error {
|
func (dh *dynamicHelper) deleteUnstructuredObj(ctx context.Context, groupKind, namespace, name string) error {
|
||||||
|
|
||||||
gvr, err := dh.resolve(groupKind, "")
|
gvr, err := dh.resolve(groupKind, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -456,10 +453,9 @@ func mergeGK(old, new kruntime.Object) (kruntime.Object, bool, string, error) {
|
||||||
// 2. Do fix-ups on a per-Kind basis.
|
// 2. Do fix-ups on a per-Kind basis.
|
||||||
changed := false
|
changed := false
|
||||||
switch new.(type) {
|
switch new.(type) {
|
||||||
|
|
||||||
case *appsv1.Deployment:
|
case *appsv1.Deployment:
|
||||||
new, expect := new.(*appsv1.Deployment), expect.(*appsv1.Deployment)
|
new, expect := new.(*appsv1.Deployment), expect.(*appsv1.Deployment)
|
||||||
for i, _ := range expect.Spec.Template.Spec.Containers {
|
for i := range expect.Spec.Template.Spec.Containers {
|
||||||
ec := expect.Spec.Template.Spec.Containers[i]
|
ec := expect.Spec.Template.Spec.Containers[i]
|
||||||
nc := new.Spec.Template.Spec.Containers[i]
|
nc := new.Spec.Template.Spec.Containers[i]
|
||||||
if ec.Image != nc.Image {
|
if ec.Image != nc.Image {
|
||||||
|
@ -478,7 +474,7 @@ func mergeGK(old, new kruntime.Object) (kruntime.Object, bool, string, error) {
|
||||||
}
|
}
|
||||||
case *admissionregistrationv1.ValidatingWebhookConfiguration:
|
case *admissionregistrationv1.ValidatingWebhookConfiguration:
|
||||||
new, expect := new.(*admissionregistrationv1.ValidatingWebhookConfiguration), expect.(*admissionregistrationv1.ValidatingWebhookConfiguration)
|
new, expect := new.(*admissionregistrationv1.ValidatingWebhookConfiguration), expect.(*admissionregistrationv1.ValidatingWebhookConfiguration)
|
||||||
for i, _ := range expect.Webhooks {
|
for i := range expect.Webhooks {
|
||||||
if *expect.Webhooks[i].FailurePolicy != *new.Webhooks[i].FailurePolicy {
|
if *expect.Webhooks[i].FailurePolicy != *new.Webhooks[i].FailurePolicy {
|
||||||
logrus.Printf("\x1b[%dm guardrails::mergeGK FailurePolicy changed %s->%s\x1b[0m", 31, *expect.Webhooks[i].FailurePolicy, *new.Webhooks[i].FailurePolicy)
|
logrus.Printf("\x1b[%dm guardrails::mergeGK FailurePolicy changed %s->%s\x1b[0m", 31, *expect.Webhooks[i].FailurePolicy, *new.Webhooks[i].FailurePolicy)
|
||||||
expect.Webhooks[i].FailurePolicy = new.Webhooks[i].FailurePolicy
|
expect.Webhooks[i].FailurePolicy = new.Webhooks[i].FailurePolicy
|
||||||
|
@ -492,7 +488,7 @@ func mergeGK(old, new kruntime.Object) (kruntime.Object, bool, string, error) {
|
||||||
}
|
}
|
||||||
case *admissionregistrationv1.MutatingWebhookConfiguration:
|
case *admissionregistrationv1.MutatingWebhookConfiguration:
|
||||||
new, expect := new.(*admissionregistrationv1.MutatingWebhookConfiguration), expect.(*admissionregistrationv1.MutatingWebhookConfiguration)
|
new, expect := new.(*admissionregistrationv1.MutatingWebhookConfiguration), expect.(*admissionregistrationv1.MutatingWebhookConfiguration)
|
||||||
for i, _ := range expect.Webhooks {
|
for i := range expect.Webhooks {
|
||||||
if *expect.Webhooks[i].FailurePolicy != *new.Webhooks[i].FailurePolicy {
|
if *expect.Webhooks[i].FailurePolicy != *new.Webhooks[i].FailurePolicy {
|
||||||
logrus.Printf("\x1b[%dm guardrails::mergeGK FailurePolicy changed %s->%s\x1b[0m", 31, *expect.Webhooks[i].FailurePolicy, *new.Webhooks[i].FailurePolicy)
|
logrus.Printf("\x1b[%dm guardrails::mergeGK FailurePolicy changed %s->%s\x1b[0m", 31, *expect.Webhooks[i].FailurePolicy, *new.Webhooks[i].FailurePolicy)
|
||||||
expect.Webhooks[i].FailurePolicy = new.Webhooks[i].FailurePolicy
|
expect.Webhooks[i].FailurePolicy = new.Webhooks[i].FailurePolicy
|
||||||
|
|
|
@ -12,6 +12,7 @@ import (
|
||||||
|
|
||||||
"github.com/Azure/go-autorest/autorest/to"
|
"github.com/Azure/go-autorest/autorest/to"
|
||||||
mcv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1"
|
mcv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1"
|
||||||
|
"github.com/sirupsen/logrus"
|
||||||
appsv1 "k8s.io/api/apps/v1"
|
appsv1 "k8s.io/api/apps/v1"
|
||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
extensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
|
extensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
|
||||||
|
@ -69,6 +70,7 @@ func TestEsureDeleted(t *testing.T) {
|
||||||
dh := &dynamicHelper{
|
dh := &dynamicHelper{
|
||||||
GVRResolver: mockGVRResolver,
|
GVRResolver: mockGVRResolver,
|
||||||
restcli: mockRestCLI,
|
restcli: mockRestCLI,
|
||||||
|
log: logrus.NewEntry(logrus.StandardLogger()),
|
||||||
}
|
}
|
||||||
|
|
||||||
err := dh.EnsureDeleted(ctx, "configmap", "test-ns-1", "test-name-1")
|
err := dh.EnsureDeleted(ctx, "configmap", "test-ns-1", "test-name-1")
|
||||||
|
|
|
@ -6,10 +6,10 @@ package dynamichelper
|
||||||
import (
|
import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/ghodss/yaml"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
kruntime "k8s.io/apimachinery/pkg/runtime"
|
kruntime "k8s.io/apimachinery/pkg/runtime"
|
||||||
"k8s.io/apimachinery/pkg/runtime/schema"
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||||
"sigs.k8s.io/yaml"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type UnstructuredObj struct {
|
type UnstructuredObj struct {
|
||||||
|
@ -56,8 +56,5 @@ func (o *UnstructuredObj) DecodeUnstructured(data []byte) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func isKindUnstructured(groupKind string) bool {
|
func isKindUnstructured(groupKind string) bool {
|
||||||
if strings.HasSuffix(groupKind, ".constraints.gatekeeper.sh") {
|
return strings.HasSuffix(groupKind, ".constraints.gatekeeper.sh")
|
||||||
return true
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
}
|
}
|
||||||
|
|
Загрузка…
Ссылка в новой задаче