diff --git a/cmd/appgw-ingress/main.go b/cmd/appgw-ingress/main.go index 3f0402f10..b1d0bcbaf 100644 --- a/cmd/appgw-ingress/main.go +++ b/cmd/appgw-ingress/main.go @@ -6,6 +6,7 @@ package main import ( + "context" "flag" "fmt" "os" @@ -22,9 +23,11 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/client-go/kubernetes" "k8s.io/klog/v2" + ctrl_client "sigs.k8s.io/controller-runtime/pkg/client" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/appgw" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/azure" + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/cni" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/controller" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/controllererrors" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/crd_client/agic_crd_client/clientset/versioned" @@ -33,6 +36,7 @@ import ( "github.com/Azure/application-gateway-kubernetes-ingress/pkg/environment" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/events" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/httpserver" + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8s" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8scontext" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/metricstore" "github.com/Azure/application-gateway-kubernetes-ingress/pkg/utils" @@ -90,6 +94,18 @@ func main() { _ = flag.Set("v", strconv.Itoa(*verbosity)) apiConfig := getKubeClientConfig() + scheme, err := k8s.NewScheme() + if err != nil { + klog.Fatalf("Failed to create k8s scheme: %v", err) + } + + ctrlClient, err := ctrl_client.New(apiConfig, ctrl_client.Options{ + Scheme: scheme, + }) + if err != nil { + klog.Fatalf("Failed to create controller-runtime client: %v", err) + } + kubeClient := kubernetes.NewForConfigOrDie(apiConfig) k8scontext.IsNetworkingV1PackageSupported = k8scontext.SupportsNetworkingPackage(kubeClient) k8scontext.IsInMultiClusterMode = env.MultiClusterMode @@ -199,18 +215,11 @@ func main() { klog.Fatal(errorLine) } - // associate route table to application gateway subnet - if cpConfig != nil && cpConfig.RouteTableName != "" { - subnetID := *(*appGw.GatewayIPConfigurations)[0].Subnet.ID - routeTableID := azure.RouteTableID(azure.SubscriptionID(cpConfig.SubscriptionID), azure.ResourceGroup(cpConfig.RouteTableResourceGroup), azure.ResourceName(cpConfig.RouteTableName)) - - err = azClient.ApplyRouteTable(subnetID, routeTableID) - if err != nil { - klog.V(3).Infof("Unable to associate Application Gateway subnet '%s' with route table '%s' due to error (this is relevant for AKS clusters using 'Kubenet' network plugin): [%+v]", - subnetID, - routeTableID, - err) + if err := cni.ReconcileCNI(context.Background(), azClient, ctrlClient, env.AGICPodNamespace, cpConfig, appGw, env.AddonMode); err != nil { + if agicPod != nil { + recorder.Event(agicPod, v1.EventTypeWarning, events.ReasonFailedCNIConfiguration, err.Error()) } + klog.Warning(err) } if err := appGwIngressController.Start(env); err != nil { diff --git a/go.mod b/go.mod index 471cee2da..0f1c5c998 100644 --- a/go.mod +++ b/go.mod @@ -5,9 +5,10 @@ go 1.22.0 toolchain go1.22.4 require ( + github.com/Azure/azure-container-networking v1.6.5 github.com/Azure/azure-sdk-for-go v66.0.0+incompatible - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 github.com/Azure/go-autorest/autorest v0.11.28 github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 github.com/Azure/go-autorest/autorest/to v0.4.0 @@ -15,20 +16,22 @@ require ( github.com/getlantern/deepcopy v0.0.0-20160317154340-7f45deb8130a github.com/knative/pkg v0.0.0-20190619032946-d90a9bc97dde github.com/kylelemons/godebug v1.1.0 - github.com/onsi/ginkgo v1.16.4 - github.com/onsi/ginkgo/v2 v2.15.0 - github.com/onsi/gomega v1.31.0 - github.com/prometheus/client_golang v1.11.1 + github.com/onsi/ginkgo v1.16.5 + github.com/onsi/ginkgo/v2 v2.17.2 + github.com/onsi/gomega v1.33.1 + github.com/pkg/errors v0.9.1 + github.com/prometheus/client_golang v1.20.2 github.com/spf13/pflag v1.0.5 gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.30.3 k8s.io/apimachinery v0.30.3 k8s.io/client-go v0.30.3 - k8s.io/klog/v2 v2.120.1 + k8s.io/klog/v2 v2.130.1 + sigs.k8s.io/controller-runtime v0.18.4 ) require ( - github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest/autorest/adal v0.9.21 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect @@ -38,17 +41,18 @@ require ( github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dimchansky/utfbom v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/fsnotify/fsnotify v1.4.9 // indirect - github.com/go-logr/logr v1.4.1 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-openapi/jsonpointer v0.20.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/go-openapi/swag v0.22.4 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v4 v4.4.2 // indirect github.com/golang-jwt/jwt/v5 v5.2.1 // indirect @@ -57,33 +61,31 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect + github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/imdario/mergo v0.3.13 // indirect + github.com/imdario/mergo v0.3.16 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect + github.com/klauspost/compress v1.17.9 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/nxadm/tail v1.4.8 // indirect + github.com/nxadm/tail v1.4.11 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect - github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_model v0.2.0 // indirect - github.com/prometheus/common v0.26.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect - golang.org/x/crypto v0.24.0 // indirect - golang.org/x/net v0.26.0 // indirect - golang.org/x/oauth2 v0.10.0 // indirect - golang.org/x/sys v0.21.0 // indirect - golang.org/x/term v0.21.0 // indirect - golang.org/x/text v0.16.0 // indirect - golang.org/x/time v0.3.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.57.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect + golang.org/x/crypto v0.26.0 // indirect + golang.org/x/net v0.27.0 // indirect + golang.org/x/oauth2 v0.21.0 // indirect + golang.org/x/sys v0.24.0 // indirect + golang.org/x/term v0.23.0 // indirect + golang.org/x/text v0.17.0 // indirect + golang.org/x/time v0.6.0 // indirect golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect @@ -91,5 +93,5 @@ require ( k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index dac1426e5..6ee32d739 100644 --- a/go.sum +++ b/go.sum @@ -1,12 +1,13 @@ -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/Azure/azure-container-networking v1.6.5 h1:l6Ooy6K3qDUAj27kh0Rtzt34UGcDj/1qZeQvWvhdvGA= +github.com/Azure/azure-container-networking v1.6.5/go.mod h1:YbEtGjcyXwhbkctHqPg41eypNP5aUF/2fX4BZoVC42Y= github.com/Azure/azure-sdk-for-go v66.0.0+incompatible h1:bmmC38SlE8/E81nNADlgmVGurPWMHDX2YNXVQMrBpEE= github.com/Azure/azure-sdk-for-go v66.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 h1:E+OJmp2tPvt1W+amx48v1eqbjDYsgN+RzP4q16yV5eM= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 h1:U2rTu3Ef+7w9FHKIAXM6ZyqF3UOWJZ12zIm8zECAFfg= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 h1:jBQA3cKT4L2rWMpgE7Yt3Hwh2aUj8KXjIGLxjHeYNNo= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0/go.mod h1:4OG6tQ9EOP/MT0NMjDlRzWoVFxfu9rN9B2X+tlSVktg= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 h1:nyQWyZvwGTvunIMxi1Y9uXkcyr+I7TeNrr/foo4Kpk8= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0/go.mod h1:l38EPgmsp71HHLq9j7De57JcKOWPyhrsW1Awm1JS6K0= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 h1:tfLQ34V6F7tVSwoTf/4lH5sE0o6eCJuNDTmH09nDpbc= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= @@ -35,25 +36,15 @@ github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUM github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= -github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4= github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= @@ -62,30 +53,30 @@ github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxER github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/getlantern/deepcopy v0.0.0-20160317154340-7f45deb8130a h1:yU/FENpkHYISWsQrbr3pcZOBj0EuRjPzNc1+dTCLu44= github.com/getlantern/deepcopy v0.0.0-20160317154340-7f45deb8130a/go.mod h1:AEugkNu3BjBxyz958nJ5holD9PRjta6iprcoUauDbU4= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= +github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= @@ -97,15 +88,12 @@ github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVI github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= @@ -113,40 +101,29 @@ github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYu github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= -github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/knative/pkg v0.0.0-20190619032946-d90a9bc97dde h1:ClvZGUMjX37HAVLhyf88dO4pgGDm+NX+UmdTbozENZI= github.com/knative/pkg v0.0.0-20190619032946-d90a9bc97dde/go.mod h1:7Ijfhw7rfB+H9VtosIsDYvZQ+qYTz7auK3fHW/5z4ww= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -158,77 +135,53 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= -github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= +github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY= +github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= -github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= -github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= +github.com/onsi/ginkgo/v2 v2.17.2 h1:7eMhcy3GimbsA3hEnVKdw/PQM9XN9krpKVXsZdph0/g= +github.com/onsi/ginkgo/v2 v2.17.2/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE= -github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.1 h1:+4eQaD7vAZ6DsfsxB15hbE0odUjGI5ARs9yskGu1v4s= -github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0 h1:iMAkS2TDoNWnKM+Kopnx/8tnEStIfpYA0ur0xQzzhMQ= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.20.2 h1:5ctymQzZlyOON1666svgwn3s6IKWgfbjsejTMiXIyjg= +github.com/prometheus/client_golang v1.20.2/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.57.0 h1:Ro/rKjwdq9mZn1K5QPctzh+MA4Lp0BuYk5ZZEVhoNcY= +github.com/prometheus/common v0.57.0/go.mod h1:7uRPFSUTbfZWsJ7MHY56sqt7hLQu3bxXHDnNhl8E9qI= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= @@ -236,78 +189,64 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= -golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= +golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= +golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= -golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= -golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= +golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= -golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= +golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA= -golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0= +golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= +golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -319,21 +258,15 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= @@ -341,33 +274,34 @@ gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= +k8s.io/apiextensions-apiserver v0.30.1 h1:4fAJZ9985BmpJG6PkoxVRpXv9vmPUOVzl614xarePws= +k8s.io/apiextensions-apiserver v0.30.1/go.mod h1:R4GuSrlhgq43oRY9sF2IToFh7PVlF1JjfWdoG3pixk4= k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= -k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= -k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.18.4 h1:87+guW1zhvuPLh1PHybKdYFLU0YJp4FhJRmiHvm5BZw= +sigs.k8s.io/controller-runtime v0.18.4/go.mod h1:TVoGrfdpbA9VRFaRnKgk9P5/atA0pMwq+f+msb9M8Sg= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/helm/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..cf4febd28 --- /dev/null +++ b/helm/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,68 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "application-gateway-kubernetes-ingress.fullname" . }}-cleanup + labels: + app: {{ template "application-gateway-kubernetes-ingress.name" . }}-cleanup + chart: {{ .Chart.Name }}-{{ .Chart.Version }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: {{ template "application-gateway-kubernetes-ingress.serviceaccountname" . }} + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" +{{- if .Values.addon }} + - "app.kubernetes.io/managed-by=ingress-azure-addon" +{{- else }} + - "app.kubernetes.io/managed-by=ingress-azure-helm" +{{- end }} + securityContext: + capabilities: + drop: + - ALL + {{- if .Values.kubernetes.nodeSelector }} + {{- with .Values.kubernetes.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end}} + {{- else}} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end}} + {{- end}} + + {{- with .Values.kubernetes.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.kubernetes.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: + - name: {{ .Values.image.pullSecrets }} + {{- end }} diff --git a/helm/ingress-azure/templates/clusterrole.yaml b/helm/ingress-azure/templates/clusterrole.yaml index d1e25ebb0..526f1d8d8 100644 --- a/helm/ingress-azure/templates/clusterrole.yaml +++ b/helm/ingress-azure/templates/clusterrole.yaml @@ -65,4 +65,22 @@ rules: verbs: - create - patch +- apiGroups: + - "acn.azure.com" + resources: + - "overlayextensionconfigs" + verbs: + - "list" + - "get" + - "watch" + - "create" + - "update" + - "delete" + - "patch" +- apiGroups: + - "acn.azure.com" + resources: + - "nodenetworkconfigs" + verbs: + - "list" {{- end -}} diff --git a/helm/ingress-azure/templates/configmap.yaml b/helm/ingress-azure/templates/configmap.yaml index f29589b56..afe464c5d 100644 --- a/helm/ingress-azure/templates/configmap.yaml +++ b/helm/ingress-azure/templates/configmap.yaml @@ -106,4 +106,8 @@ data: {{- if .Values.kubernetes.ingressClassResource.controllerValue}} INGRESS_CLASS_RESOURCE_CONTROLLER: "{{ .Values.kubernetes.ingressClassResource.controllerValue }}" -{{- end}} \ No newline at end of file +{{- end}} + +{{- if .Values.addon }} + ADDON_MODE: {{ .Values.addon | quote }} +{{- end }} \ No newline at end of file diff --git a/helm/ingress-azure/tests/chart_test.go b/helm/ingress-azure/tests/chart_test.go index 3a3fad362..e02315a97 100644 --- a/helm/ingress-azure/tests/chart_test.go +++ b/helm/ingress-azure/tests/chart_test.go @@ -3,6 +3,7 @@ // Licensed under the MIT License. See License.txt in the project root for license information. // -------------------------------------------------------------------------------------------- +//go:build unittest // +build unittest package tests @@ -39,7 +40,7 @@ func TestChart(t *testing.T) { for _, snapshot := range snapshots { snapshotName, _ := filepath.Rel(valuesDir, snapshot) - name := strings.TrimRight(snapshotName, ".json") + name := strings.TrimSuffix(snapshotName, ".json") t.Run(name, func(t *testing.T) { snapshotDir := fmt.Sprintf("snapshots/%s", name) diff --git a/helm/ingress-azure/tests/fixtures/sample-config-addon.json b/helm/ingress-azure/tests/fixtures/sample-config-addon.json new file mode 100644 index 000000000..e910b79f8 --- /dev/null +++ b/helm/ingress-azure/tests/fixtures/sample-config-addon.json @@ -0,0 +1,103 @@ +{ + "verbosityLevel": 3, + "appgw": { + "subscriptionId": "0000-0000-0000-0000-00000000", + "resourceGroup": "resgp", + "name": "gateway", + "usePrivateIP": false, + "shared": false + }, + "armAuth": { + "type": "aadPodIdentity", + "identityResourceID": "/a/b/c", + "identityClientID": "0000-0000-0000-0000-00000000" + }, + "rbac": { + "enabled": false + }, + "kubernetes": { + "multiClusterMode": false, + "watchNamespace": "a,b,c", + "securityContext": { + "runAsUser": 3000, + "runAsGroup": 3000 + }, + "containerSecurityContext": { + "readOnlyRootFilesystem": "true" + }, + "resources": { + "limits": { + "cpu": "200m", + "memory": "100Mi" + }, + "requests": { + "cpu": "100m", + "memory": "100Mi" + } + }, + "nodeSelector": { + "beta.kubernetes.io/os": "linux" + }, + "podAnnotations": { + "custom-annotation": "custom-value" + }, + "tolerations": [ + { + "key": "CriticalAppsOnly", + "operator": "Exists" + } + ], + "affinity": { + "nodeAffinity": { + "preferredDuringSchedulingIgnoredDuringExecution": [ + { + "weight": 100, + "preference": { + "matchExpressions": [ + { + "key": "kubernetes.cloud.com/mode", + "operator": "In", + "values": [ + "system" + ] + } + ] + } + } + ], + "requiredDuringSchedulingIgnoredDuringExecution": { + "nodeSelectorTerms": [ + { + "labelSelector": null, + "matchExpressions": [ + { + "key": "kubernetes.cloud.com/cluster", + "operator": "Exists" + } + ] + } + ] + } + } + }, + "volumes": { + "extraVolumes": [ + { + "name": "contoso", + "hostPath": { + "path": "/etc/contoso/", + "type": "Directory" + } + } + ], + "extraVolumeMounts": [ + { + "name": "contoso", + "mountPath": "/etc/contoso/", + "readOnly": true + } + ] + } + }, + "addon": true +} \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/aadpodidbinding.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/aadpodidbinding.yaml new file mode 100644 index 000000000..68dfd303a --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/aadpodidbinding.yaml @@ -0,0 +1,10 @@ +--- +# Source: ingress-azure/templates/aadpodidbinding.yaml +# Please see https://github.com/Azure/aad-pod-identity for more inromation +apiVersion: "aadpodidentity.k8s.io/v1" +kind: AzureIdentityBinding +metadata: + name: release-name-azidbinding-ingress-azure +spec: + azureIdentity: release-name-azid-ingress-azure + selector: release-name-ingress-azure \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/aadpodidentity.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/aadpodidentity.yaml new file mode 100644 index 000000000..598dea7b3 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/aadpodidentity.yaml @@ -0,0 +1,11 @@ +--- +# Source: ingress-azure/templates/aadpodidentity.yaml +# Please see https://github.com/Azure/aad-pod-identity for more information +apiVersion: "aadpodidentity.k8s.io/v1" +kind: AzureIdentity +metadata: + name: release-name-azid-ingress-azure +spec: + type: 0 + resourceID: /a/b/c + clientID: 0000-0000-0000-0000-00000000 \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..c44d0be0d --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,63 @@ +--- +# Source: ingress-azure/templates/cleanup-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: release-name-ingress-azure-cleanup + labels: + app: ingress-azure-cleanup + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: release-name-sa-ingress-azure + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" + - "app.kubernetes.io/managed-by=ingress-azure-addon" + securityContext: + capabilities: + drop: + - ALL + nodeSelector: + beta.kubernetes.io/os: linux + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: kubernetes.cloud.com/mode + operator: In + values: + - system + weight: 100 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - labelSelector: null + matchExpressions: + - key: kubernetes.cloud.com/cluster + operator: Exists + tolerations: + - key: CriticalAppsOnly + operator: Exists \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/configmap.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/configmap.yaml new file mode 100644 index 000000000..aef83b0ab --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/configmap.yaml @@ -0,0 +1,26 @@ +--- +# Source: ingress-azure/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: release-name-cm-ingress-azure + labels: + app: ingress-azure + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name +data: + APPGW_VERBOSITY_LEVEL: "3" + MULTI_CLUSTER_MODE: "false" + HTTP_SERVICE_PORT: "8123" + APPGW_SUBSCRIPTION_ID: "0000-0000-0000-0000-00000000" + APPGW_RESOURCE_GROUP: "resgp" + APPGW_NAME: "gateway" + APPGW_SUBNET_NAME: "gateway-subnet" + KUBERNETES_WATCHNAMESPACE: "a,b,c" + AZURE_CLIENT_ID: "0000-0000-0000-0000-00000000" + USE_MANAGED_IDENTITY_FOR_POD: "true" + INGRESS_CLASS_RESOURCE_ENABLED: "true" + INGRESS_CLASS_RESOURCE_NAME: "azure-application-gateway" + INGRESS_CLASS_RESOURCE_CONTROLLER: "azure/application-gateway" + ADDON_MODE: "true" \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/deployment.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/deployment.yaml new file mode 100644 index 000000000..500f86daa --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/deployment.yaml @@ -0,0 +1,108 @@ +--- +# Source: ingress-azure/templates/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: release-name-ingress-azure + labels: + app: ingress-azure + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name +spec: + replicas: 1 # TODO: Make configurable when leader election is supported. + selector: + matchLabels: + app: ingress-azure + release: release-name + template: + metadata: + labels: + app: ingress-azure + release: release-name + aadpodidbinding: release-name-ingress-azure + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8123" + custom-annotation: custom-value + spec: + serviceAccountName: release-name-sa-ingress-azure + securityContext: + runAsGroup: 3000 + runAsUser: 3000 + containers: + - name: ingress-azure + image: mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:1.6.0 + imagePullPolicy: Always + readinessProbe: + httpGet: + path: /health/ready + port: 8123 + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /health/alive + port: 8123 + initialDelaySeconds: 15 + periodSeconds: 20 + resources: + limits: + cpu: 200m + memory: 100Mi + requests: + cpu: 100m + memory: 100Mi + securityContext: + readOnlyRootFilesystem: "true" + env: + - name: AZURE_CLOUD_PROVIDER_LOCATION + value: /etc/appgw/azure.json + - name: AGIC_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: release-name-cm-ingress-azure + volumeMounts: + - name: azure + mountPath: /etc/appgw/ + readOnly: true + - mountPath: /etc/contoso/ + name: contoso + readOnly: true + volumes: + - name: azure + hostPath: + path: /etc/kubernetes/ + type: Directory + - hostPath: + path: /etc/contoso/ + type: Directory + name: contoso + nodeSelector: + beta.kubernetes.io/os: linux + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: kubernetes.cloud.com/mode + operator: In + values: + - system + weight: 100 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - labelSelector: null + matchExpressions: + - key: kubernetes.cloud.com/cluster + operator: Exists + tolerations: + - key: CriticalAppsOnly + operator: Exists \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/ingressclass.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/ingressclass.yaml new file mode 100644 index 000000000..fb6386af0 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/ingressclass.yaml @@ -0,0 +1,10 @@ +--- +# Source: ingress-azure/templates/ingressclass.yaml +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + labels: + app.kubernetes.io/component: controller + name: azure-application-gateway +spec: + controller: azure/application-gateway \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/serviceaccount.yaml b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/serviceaccount.yaml new file mode 100644 index 000000000..f6645b0a5 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-addon/ingress-azure/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +--- +# Source: ingress-azure/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: ingress-azure + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + name: release-name-sa-ingress-azure \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-empty/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/tests/snapshots/sample-config-empty/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..a0d1b3897 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-empty/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,42 @@ +--- +# Source: ingress-azure/templates/cleanup-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: release-name-ingress-azure-cleanup + labels: + app: ingress-azure-cleanup + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: release-name-sa-ingress-azure + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" + - "app.kubernetes.io/managed-by=ingress-azure-helm" + securityContext: + capabilities: + drop: + - ALL \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..a0d1b3897 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,42 @@ +--- +# Source: ingress-azure/templates/cleanup-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: release-name-ingress-azure-cleanup + labels: + app: ingress-azure-cleanup + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: release-name-sa-ingress-azure + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" + - "app.kubernetes.io/managed-by=ingress-azure-helm" + securityContext: + capabilities: + drop: + - ALL \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/configmap.yaml b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/configmap.yaml index 2184a3e2b..180080fe0 100644 --- a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/configmap.yaml +++ b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/configmap.yaml @@ -12,11 +12,11 @@ metadata: data: APPGW_VERBOSITY_LEVEL: "3" MULTI_CLUSTER_MODE: "false" - HTTP_SERVICE_PORT: "8123" + HTTP_SERVICE_PORT: "8123" APPGW_SUBSCRIPTION_ID: "0000-0000-0000-0000-00000000" - APPGW_RESOURCE_GROUP: "resgp" - APPGW_NAME: "gateway" + APPGW_RESOURCE_GROUP: "resgp" + APPGW_NAME: "gateway" APPGW_SUBNET_NAME: "gateway-subnet" INGRESS_CLASS_RESOURCE_ENABLED: "true" INGRESS_CLASS_RESOURCE_NAME: "azure-application-gateway" - INGRESS_CLASS_RESOURCE_CONTROLLER: "azure/application-gateway" + INGRESS_CLASS_RESOURCE_CONTROLLER: "azure/application-gateway" \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/deployment.yaml b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/deployment.yaml index 53901f655..8a0fe7ca3 100644 --- a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/deployment.yaml +++ b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/deployment.yaml @@ -28,49 +28,49 @@ spec: securityContext: runAsUser: 0 containers: - - name: ingress-azure - image: mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:1.6.0 - imagePullPolicy: Always - readinessProbe: - httpGet: - path: /health/ready - port: 8123 - initialDelaySeconds: 5 - periodSeconds: 10 - livenessProbe: - httpGet: - path: /health/alive - port: 8123 - initialDelaySeconds: 15 - periodSeconds: 20 - env: - - name: AZURE_CLOUD_PROVIDER_LOCATION - value: /etc/appgw/azure.json - - name: AGIC_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: AGIC_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: AZURE_AUTH_LOCATION - value: /etc/Azure/Networking-AppGW/auth/armAuth.json - envFrom: - - configMapRef: - name: release-name-cm-ingress-azure - volumeMounts: - - name: azure - mountPath: /etc/appgw/ - readOnly: true - - name: networking-appgw-k8s-azure-service-principal-mount - mountPath: /etc/Azure/Networking-AppGW/auth - readOnly: true - volumes: + - name: ingress-azure + image: mcr.microsoft.com/azure-application-gateway/kubernetes-ingress:1.6.0 + imagePullPolicy: Always + readinessProbe: + httpGet: + path: /health/ready + port: 8123 + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /health/alive + port: 8123 + initialDelaySeconds: 15 + periodSeconds: 20 + env: + - name: AZURE_CLOUD_PROVIDER_LOCATION + value: /etc/appgw/azure.json + - name: AGIC_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: AZURE_AUTH_LOCATION + value: /etc/Azure/Networking-AppGW/auth/armAuth.json + envFrom: + - configMapRef: + name: release-name-cm-ingress-azure + volumeMounts: - name: azure - hostPath: - path: /etc/kubernetes/ - type: Directory + mountPath: /etc/appgw/ + readOnly: true - name: networking-appgw-k8s-azure-service-principal-mount - secret: - secretName: my-existing-secret + mountPath: /etc/Azure/Networking-AppGW/auth + readOnly: true + volumes: + - name: azure + hostPath: + path: /etc/kubernetes/ + type: Directory + - name: networking-appgw-k8s-azure-service-principal-mount + secret: + secretName: my-existing-secret \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/ingressclass.yaml b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/ingressclass.yaml index ee151ee4f..fb6386af0 100644 --- a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/ingressclass.yaml +++ b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/ingressclass.yaml @@ -7,4 +7,4 @@ metadata: app.kubernetes.io/component: controller name: azure-application-gateway spec: - controller: azure/application-gateway + controller: azure/application-gateway \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/serviceaccount.yaml b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/serviceaccount.yaml index cf1796184..f6645b0a5 100644 --- a/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/serviceaccount.yaml +++ b/helm/ingress-azure/tests/snapshots/sample-config-existing-secret/ingress-azure/templates/serviceaccount.yaml @@ -8,4 +8,4 @@ metadata: chart: ingress-azure-1.6.0 heritage: Helm release: release-name - name: release-name-sa-ingress-azure + name: release-name-sa-ingress-azure \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-prohibited-target/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/tests/snapshots/sample-config-prohibited-target/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..a0d1b3897 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-prohibited-target/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,42 @@ +--- +# Source: ingress-azure/templates/cleanup-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: release-name-ingress-azure-cleanup + labels: + app: ingress-azure-cleanup + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: release-name-sa-ingress-azure + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" + - "app.kubernetes.io/managed-by=ingress-azure-helm" + securityContext: + capabilities: + drop: + - ALL \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config-workload-identity/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/tests/snapshots/sample-config-workload-identity/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..a0d1b3897 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config-workload-identity/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,42 @@ +--- +# Source: ingress-azure/templates/cleanup-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: release-name-ingress-azure-cleanup + labels: + app: ingress-azure-cleanup + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: release-name-sa-ingress-azure + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" + - "app.kubernetes.io/managed-by=ingress-azure-helm" + securityContext: + capabilities: + drop: + - ALL \ No newline at end of file diff --git a/helm/ingress-azure/tests/snapshots/sample-config/ingress-azure/templates/cleanup-job.yaml b/helm/ingress-azure/tests/snapshots/sample-config/ingress-azure/templates/cleanup-job.yaml new file mode 100644 index 000000000..38b052977 --- /dev/null +++ b/helm/ingress-azure/tests/snapshots/sample-config/ingress-azure/templates/cleanup-job.yaml @@ -0,0 +1,63 @@ +--- +# Source: ingress-azure/templates/cleanup-job.yaml +apiVersion: batch/v1 +kind: Job +metadata: + name: release-name-ingress-azure-cleanup + labels: + app: ingress-azure-cleanup + chart: ingress-azure-1.6.0 + heritage: Helm + release: release-name + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + template: + spec: + serviceAccountName: release-name-sa-ingress-azure + restartPolicy: OnFailure + containers: + - name: cleanup + image: "mcr.microsoft.com/oss/kubernetes/kubectl:v1.30.5" + imagePullPolicy: IfNotPresent + env: + - name: AGIC_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + command: + - "kubectl" + - "delete" + - "--ignore-not-found" + - "--wait" + - "-n" + - "$(AGIC_POD_NAMESPACE)" + - "overlayextensionconfigs.acn.azure.com" + - "-l" + - "app.kubernetes.io/managed-by=ingress-azure-helm" + securityContext: + capabilities: + drop: + - ALL + nodeSelector: + beta.kubernetes.io/os: linux + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: kubernetes.cloud.com/mode + operator: In + values: + - system + weight: 100 + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - labelSelector: null + matchExpressions: + - key: kubernetes.cloud.com/cluster + operator: Exists + tolerations: + - key: CriticalAppsOnly + operator: Exists \ No newline at end of file diff --git a/helm/ingress-azure/values.yaml b/helm/ingress-azure/values.yaml index 4a9b7858e..fcee7b240 100644 --- a/helm/ingress-azure/values.yaml +++ b/helm/ingress-azure/values.yaml @@ -120,3 +120,7 @@ nodeSelector: {} # Specify if the cluster is RBAC enabled or not rbac: enabled: false # true/false + +################################################################################ +# Specify if the controller is running as an addon. +addon: false # true/false \ No newline at end of file diff --git a/pkg/azure/client.go b/pkg/azure/client.go index d35404db9..4f1b37554 100644 --- a/pkg/azure/client.go +++ b/pkg/azure/client.go @@ -34,6 +34,7 @@ type AzClient interface { UpdateGateway(*n.ApplicationGateway) error DeployGatewayWithVnet(ResourceGroup, ResourceName, ResourceName, string, string) error DeployGatewayWithSubnet(string, string) error + GetSubnet(string) (n.Subnet, error) GetPublicIP(string) (n.PublicIPAddress, error) } @@ -297,6 +298,12 @@ func (az *azClient) ApplyRouteTable(subnetID string, routeTableID string) error return nil } +func (az *azClient) GetSubnet(subnetID string) (n.Subnet, error) { + _, subnetResourceGroup, subnetVnetName, subnetName := ParseSubResourceID(subnetID) + subnet, err := az.subnetsClient.Get(az.ctx, string(subnetResourceGroup), string(subnetVnetName), string(subnetName), "") + return subnet, err +} + // DeployGatewayWithVnet creates Application Gateway within the specifid VNet. Implements AzClient interface. func (az *azClient) DeployGatewayWithVnet(resourceGroupName ResourceGroup, vnetName ResourceName, subnetName ResourceName, subnetPrefix, skuName string) (err error) { vnet, err := az.getVnet(resourceGroupName, vnetName) diff --git a/pkg/azure/fake.go b/pkg/azure/fake.go index 3b4fc324f..4d4e7dba7 100644 --- a/pkg/azure/fake.go +++ b/pkg/azure/fake.go @@ -28,6 +28,9 @@ type GetPublicIPFunc func(string) (n.PublicIPAddress, error) // ApplyRouteTableFunc is a function type type ApplyRouteTableFunc func(string, string) error +// GetSubnetFunc is a function type +type GetSubnetFunc func(string) (n.Subnet, error) + // FakeAzClient is a fake struct for AzClient type FakeAzClient struct { GetGatewayFunc @@ -35,6 +38,7 @@ type FakeAzClient struct { DeployGatewayFunc GetPublicIPFunc ApplyRouteTableFunc + GetSubnetFunc } // NewFakeAzClient returns a fake Azure Client @@ -115,3 +119,10 @@ func (az *FakeAzClient) ApplyRouteTable(subnetID string, routeTableID string) er } return nil } + +func (az *FakeAzClient) GetSubnet(subnetID string) (n.Subnet, error) { + if az.GetSubnetFunc != nil { + return az.GetSubnetFunc(subnetID) + } + return n.Subnet{}, nil +} diff --git a/pkg/cni/cni.go b/pkg/cni/cni.go new file mode 100644 index 000000000..681279662 --- /dev/null +++ b/pkg/cni/cni.go @@ -0,0 +1,43 @@ +package cni + +import ( + "context" + + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/azure" + n "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2021-03-01/network" + "github.com/pkg/errors" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +// Reconciler reconciles the resources required to configure +// CNI on the AKS cluster. +type Reconciler struct { + armClient azure.AzClient + client client.Client + namespace string + addonMode bool +} + +func ReconcileCNI(ctx context.Context, armClient azure.AzClient, client client.Client, namespace string, cpConfig *azure.CloudProviderConfig, appGw n.ApplicationGateway, addonMode bool) error { + r := &Reconciler{ + armClient: armClient, + client: client, + namespace: namespace, + addonMode: addonMode, + } + + return r.Reconcile(ctx, cpConfig, appGw) +} + +func (r *Reconciler) Reconcile(ctx context.Context, cpConfig *azure.CloudProviderConfig, appGw n.ApplicationGateway) error { + subnetID := *(*appGw.GatewayIPConfigurations)[0].Subnet.ID + + if err := r.reconcileOverlayCniIfNeeded(ctx, subnetID); err != nil { + return errors.Wrap(err, "failed to reconcile overlay CNI") + } + + if err := r.reconcileKubenetCniIfNeeded(cpConfig, subnetID); err != nil { + return errors.Wrap(err, "failed to reconcile kubenet CNI") + } + return nil +} diff --git a/pkg/cni/cni_suite_test.go b/pkg/cni/cni_suite_test.go new file mode 100644 index 000000000..ee54d5be6 --- /dev/null +++ b/pkg/cni/cni_suite_test.go @@ -0,0 +1,13 @@ +package cni_test + +import ( + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +func Test(t *testing.T) { + RegisterFailHandler(Fail) + RunSpecs(t, "CNI Suite") +} diff --git a/pkg/cni/kubenet.go b/pkg/cni/kubenet.go new file mode 100644 index 000000000..6add67d5b --- /dev/null +++ b/pkg/cni/kubenet.go @@ -0,0 +1,21 @@ +package cni + +import ( + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/azure" + "github.com/pkg/errors" +) + +func (r *Reconciler) reconcileKubenetCniIfNeeded(cpConfig *azure.CloudProviderConfig, subnetID string) error { + if cpConfig == nil || cpConfig.RouteTableName == "" { + return nil + } + + routeTableID := azure.RouteTableID(azure.SubscriptionID(cpConfig.SubscriptionID), azure.ResourceGroup(cpConfig.RouteTableResourceGroup), azure.ResourceName(cpConfig.RouteTableName)) + if err := r.armClient.ApplyRouteTable(subnetID, routeTableID); err != nil { + return errors.Wrapf(err, "Unable to associate Application Gateway subnet '%s' with route table '%s' due to error (this is relevant for AKS clusters using 'Kubenet' network plugin)", + subnetID, + routeTableID) + } + + return nil +} diff --git a/pkg/cni/kubenet_test.go b/pkg/cni/kubenet_test.go new file mode 100644 index 000000000..cea12ccac --- /dev/null +++ b/pkg/cni/kubenet_test.go @@ -0,0 +1,71 @@ +package cni_test + +import ( + "context" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + ctrl_client "sigs.k8s.io/controller-runtime/pkg/client" + ctrl_client_fake "sigs.k8s.io/controller-runtime/pkg/client/fake" + + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/azure" + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/cni" + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8s" + n "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2021-03-01/network" + "github.com/Azure/go-autorest/autorest/to" +) + +var _ = Describe("Kubenet CNI", func() { + var ctx = context.TODO() + var azClient *azure.FakeAzClient + var k8sClient ctrl_client.Client + var appGw = n.ApplicationGateway{ + ApplicationGatewayPropertiesFormat: &n.ApplicationGatewayPropertiesFormat{ + GatewayIPConfigurations: &[]n.ApplicationGatewayIPConfiguration{ + { + ApplicationGatewayIPConfigurationPropertiesFormat: &n.ApplicationGatewayIPConfigurationPropertiesFormat{ + Subnet: &n.SubResource{ + ID: to.StringPtr("subnet-id"), + }, + }, + }, + }, + }, + } + + BeforeEach(func() { + azClient = azure.NewFakeAzClient() + + scheme, _ := k8s.NewScheme() + k8sClient = ctrl_client_fake.NewClientBuilder().WithScheme(scheme).Build() + }) + + Context("reconcileKubenetCniIfNeeded", func() { + It("should apply route table", func() { + azClient.ApplyRouteTableFunc = func(subnetID string, routeTableID string) error { + Expect(subnetID).To(Equal("subnet-id")) + Expect(routeTableID).To(Equal("/subscriptions/test-sub/resourceGroups/test-rg/providers/Microsoft.Network/routeTables/test-rt")) + return nil + } + + err := cni.ReconcileCNI(ctx, azClient, k8sClient, "test", &azure.CloudProviderConfig{ + SubscriptionID: "test-sub", + RouteTableResourceGroup: "test-rg", + RouteTableName: "test-rt", + }, appGw, false) + Expect(err).To(BeNil()) + }) + + It("should return nil if RouteTableName is empty", func() { + azClient.ApplyRouteTableFunc = func(subnetID string, routeTableID string) error { + Fail("ApplyRouteTable should not be called") + return nil + } + + err := cni.ReconcileCNI(ctx, azClient, k8sClient, "test", &azure.CloudProviderConfig{ + RouteTableName: "", + }, appGw, false) + Expect(err).To(BeNil()) + }) + }) +}) diff --git a/pkg/cni/overlay.go b/pkg/cni/overlay.go new file mode 100644 index 000000000..f8a89d53a --- /dev/null +++ b/pkg/cni/overlay.go @@ -0,0 +1,108 @@ +package cni + +import ( + "context" + + nodenetworkconfig_v1alpha "github.com/Azure/azure-container-networking/crd/nodenetworkconfig/api/v1alpha" + overlayextensionconfig_v1alpha1 "github.com/Azure/azure-container-networking/crd/overlayextensionconfig/api/v1alpha1" + "github.com/pkg/errors" + apierrors "k8s.io/apimachinery/pkg/api/errors" + meta "k8s.io/apimachinery/pkg/api/meta" + meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/klog/v2" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +const ( + ResourceManagedByLabel = "app.kubernetes.io/managed-by" + ResourceManagedByAddonValue = "ingress-appgw-addon" + ResourceManagedByHelmValue = "ingress-appgw-helm" +) + +const ( + // OverlayExtensionConfigName is the name of the overlay extension config resource + OverlayExtensionConfigName = "agic-overlay-extension-config" +) + +func (r *Reconciler) reconcileOverlayCniIfNeeded(ctx context.Context, subnetID string) error { + isOverlay, err := r.isClusterOverlayCNI(ctx) + if err != nil { + return errors.Wrap(err, "failed to check if cluster is using overlay CNI") + } + + if !isOverlay { + return nil + } + + klog.Infof("Cluster is using overlay CNI, using subnetID %q for application gateway", subnetID) + subnet, err := r.armClient.GetSubnet(subnetID) + if err != nil { + return errors.Wrap(err, "failed to get subnet") + } + + subnetCIDR := *subnet.AddressPrefix + err = r.reconcileOverlayExtensionConfig(ctx, subnetCIDR) + if err != nil { + return errors.Wrap(err, "failed to reconcile overlay resources") + } + + return nil +} + +func (r *Reconciler) isClusterOverlayCNI(ctx context.Context) (bool, error) { + var nodeNetworkConfigs nodenetworkconfig_v1alpha.NodeNetworkConfigList + if err := r.client.List(ctx, &nodeNetworkConfigs); err != nil { + if meta.IsNoMatchError(err) { + return false, nil + } + + return false, errors.Wrap(err, "failed to list node network configs") + } + + return len(nodeNetworkConfigs.Items) > 0, nil +} + +func (r *Reconciler) reconcileOverlayExtensionConfig(ctx context.Context, subnetCIDR string) error { + var config overlayextensionconfig_v1alpha1.OverlayExtensionConfig + if err := r.client.Get(ctx, client.ObjectKey{ + Name: OverlayExtensionConfigName, + Namespace: r.namespace, + }, &config); err != nil { + if !apierrors.IsNotFound(err) { + return errors.Wrap(err, "failed to get overlay extension config") + } + + managedByValue := ResourceManagedByHelmValue + if r.addonMode { + managedByValue = ResourceManagedByAddonValue + } + + config = overlayextensionconfig_v1alpha1.OverlayExtensionConfig{ + ObjectMeta: meta_v1.ObjectMeta{ + Name: OverlayExtensionConfigName, + Namespace: r.namespace, + Labels: map[string]string{ + ResourceManagedByLabel: managedByValue, + }, + }, + Spec: overlayextensionconfig_v1alpha1.OverlayExtensionConfigSpec{ + ExtensionIPRange: subnetCIDR, + }, + } + + klog.Infof("Creating overlay extension config with subnet CIDR %s", subnetCIDR) + err := r.client.Create(ctx, &config) + if err != nil { + return errors.Wrap(err, "failed to create overlay extension config") + } + return nil + } + + config.Spec.ExtensionIPRange = subnetCIDR + klog.Infof("Updating overlay extension config with subnet CIDR %s", subnetCIDR) + err := r.client.Update(ctx, &config) + if err != nil { + return errors.Wrap(err, "failed to update overlay extension config") + } + return nil +} diff --git a/pkg/cni/overlay_test.go b/pkg/cni/overlay_test.go new file mode 100644 index 000000000..160c34fd1 --- /dev/null +++ b/pkg/cni/overlay_test.go @@ -0,0 +1,121 @@ +package cni_test + +import ( + "context" + "errors" + + nodenetworkconfig_v1alpha "github.com/Azure/azure-container-networking/crd/nodenetworkconfig/api/v1alpha" + overlayextensionconfig_v1alpha1 "github.com/Azure/azure-container-networking/crd/overlayextensionconfig/api/v1alpha1" + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + ctrl_client "sigs.k8s.io/controller-runtime/pkg/client" + ctrl_client_fake "sigs.k8s.io/controller-runtime/pkg/client/fake" + + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/azure" + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/cni" + "github.com/Azure/application-gateway-kubernetes-ingress/pkg/k8s" + n "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2021-03-01/network" + "github.com/Azure/go-autorest/autorest/to" +) + +var _ = Describe("Overlay CNI", func() { + var ctx = context.TODO() + var azClient *azure.FakeAzClient + var k8sClient ctrl_client.Client + var namespace = "test-namespace" + var subnetCIDR = "10.0.0.0/16" + var appGw = n.ApplicationGateway{ + ApplicationGatewayPropertiesFormat: &n.ApplicationGatewayPropertiesFormat{ + GatewayIPConfigurations: &[]n.ApplicationGatewayIPConfiguration{ + { + ApplicationGatewayIPConfigurationPropertiesFormat: &n.ApplicationGatewayIPConfigurationPropertiesFormat{ + Subnet: &n.SubResource{ + ID: to.StringPtr("subnet-id"), + }, + }, + }, + }, + }, + } + + BeforeEach(func() { + azClient = azure.NewFakeAzClient() + azClient.ApplyRouteTableFunc = func(subnetID string, routeTableID string) error { + Fail("ApplyRouteTable should not be called") + return nil + } + + scheme, _ := k8s.NewScheme() + k8sClient = ctrl_client_fake.NewClientBuilder().WithScheme(scheme).Build() + + config := &nodenetworkconfig_v1alpha.NodeNetworkConfig{ + ObjectMeta: meta_v1.ObjectMeta{ + Name: "test-node-network-config", + Namespace: namespace, + }, + Spec: nodenetworkconfig_v1alpha.NodeNetworkConfigSpec{}, + } + err := k8sClient.Create(ctx, config) + Expect(err).To(BeNil()) + }) + + Context("reconcileOverlayCniIfNeeded", func() { + It("should create overlay extension config with addon if controller is addon", func() { + azClient.GetSubnetFunc = func(subnetID string) (n.Subnet, error) { + return n.Subnet{ + SubnetPropertiesFormat: &n.SubnetPropertiesFormat{ + AddressPrefix: to.StringPtr(subnetCIDR), + }, + }, nil + } + + err := cni.ReconcileCNI(context.TODO(), azClient, k8sClient, namespace, nil, appGw, true) + Expect(err).To(BeNil()) + + var config overlayextensionconfig_v1alpha1.OverlayExtensionConfig + err = k8sClient.Get(ctx, ctrl_client.ObjectKey{ + Name: cni.OverlayExtensionConfigName, + Namespace: namespace, + }, &config) + Expect(err).To(BeNil()) + + Expect(config.Labels).To(HaveLen(1)) + Expect(config.Labels[cni.ResourceManagedByLabel]).To(Equal(cni.ResourceManagedByAddonValue)) + Expect(config.Spec.ExtensionIPRange).To(Equal(subnetCIDR)) + }) + + It("should create overlay extension config with addon if controller is addon", func() { + azClient.GetSubnetFunc = func(subnetID string) (n.Subnet, error) { + return n.Subnet{ + SubnetPropertiesFormat: &n.SubnetPropertiesFormat{ + AddressPrefix: to.StringPtr(subnetCIDR), + }, + }, nil + } + + err := cni.ReconcileCNI(context.TODO(), azClient, k8sClient, namespace, nil, appGw, false) + Expect(err).To(BeNil()) + + var config overlayextensionconfig_v1alpha1.OverlayExtensionConfig + err = k8sClient.Get(ctx, ctrl_client.ObjectKey{ + Name: cni.OverlayExtensionConfigName, + Namespace: namespace, + }, &config) + Expect(err).To(BeNil()) + + Expect(config.Labels).To(HaveLen(1)) + Expect(config.Labels[cni.ResourceManagedByLabel]).To(Equal(cni.ResourceManagedByHelmValue)) + Expect(config.Spec.ExtensionIPRange).To(Equal(subnetCIDR)) + }) + + It("should return error if failed to get subnet", func() { + azClient.GetSubnetFunc = func(subnetID string) (n.Subnet, error) { + return n.Subnet{}, errors.New("failed to get subnet") + } + + err := cni.ReconcileCNI(context.TODO(), azClient, k8sClient, namespace, nil, appGw, false) + Expect(err).ToNot(BeNil()) + }) + }) +}) diff --git a/pkg/environment/environment.go b/pkg/environment/environment.go index b6468e404..e28a4a909 100644 --- a/pkg/environment/environment.go +++ b/pkg/environment/environment.go @@ -112,6 +112,9 @@ const ( // MultiClusterModeVarName is an environment variable to control whether AGIC monitors Ingresses or MutliClusterIngresses MultiClusterModeVarName = "MULTI_CLUSTER_MODE" + + // AddonModeVarName is an environment variable to inform if the controller is running as an addon. + AddonModeVarName = "ADDON_MODE" ) const ( @@ -162,6 +165,7 @@ type EnvVariables struct { HostedOnUnderlay bool ReconcilePeriodSeconds string MultiClusterMode bool + AddonMode bool } // Consolidate sets defaults and missing values using cpConfig @@ -241,6 +245,7 @@ func GetEnv() EnvVariables { HostedOnUnderlay: GetEnvironmentVariable(HostedOnUnderlayVarName, "false", boolValidator) == "true", ReconcilePeriodSeconds: os.Getenv(ReconcilePeriodSecondsVarName), MultiClusterMode: multiClusterMode, + AddonMode: GetEnvironmentVariable(AddonModeVarName, "false", boolValidator) == "true", } return env diff --git a/pkg/events/types.go b/pkg/events/types.go index 2991d2200..3897c19a2 100644 --- a/pkg/events/types.go +++ b/pkg/events/types.go @@ -75,6 +75,9 @@ const ( // ReasonARMAuthFailure is a reason for an event to be emitted. ReasonARMAuthFailure = "ARMAuthFailure" + // ReasonFailedCNIConfiguration is a reason for an event to be emitted. + ReasonFailedCNIConfiguration = "FailedCNIConfiguration" + // UnsupportedAppGatewaySKUTier is a reason for an event to be emitted. UnsupportedAppGatewaySKUTier = "UnsupportedAppGatewaySKUTier" ) diff --git a/pkg/k8s/scheme.go b/pkg/k8s/scheme.go new file mode 100644 index 000000000..5839c1d15 --- /dev/null +++ b/pkg/k8s/scheme.go @@ -0,0 +1,23 @@ +package k8s + +import ( + nodenetworkconfig_v1alpha "github.com/Azure/azure-container-networking/crd/nodenetworkconfig/api/v1alpha" + overlayextensionconfig_v1alpha1 "github.com/Azure/azure-container-networking/crd/overlayextensionconfig/api/v1alpha1" + "k8s.io/apimachinery/pkg/runtime" +) + +// NewScheme builds and returns k8s schemes used by ALB Controller. +func NewScheme() (*runtime.Scheme, error) { + s := runtime.NewScheme() + sb := runtime.SchemeBuilder{ + // Azure CNI CRDs + overlayextensionconfig_v1alpha1.AddToScheme, + nodenetworkconfig_v1alpha.AddToScheme, + } + + if err := sb.AddToScheme(s); err != nil { + return nil, err + } + + return s, nil +}