Merge pull request #732 from vinayakankugoyal/byebye

Remove GKE specific kubelet readonly port signing loop.

Author: k8s-ci-robot

cmd/gcp-controller-manager/BUILD

@@ -26,7 +26,6 @@ go_library(
         "csr_signer.go",
         "gcp_config.go",
         "istiod_csr_approver.go",
-        "kubelet_readonly_csr_approver.go",
         "loops.go",
         "main.go",
         "node_annotator.go",
@@ -70,7 +69,6 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/util/runtime",
         "//vendor/k8s.io/apimachinery/pkg/util/validation/field",
         "//vendor/k8s.io/apimachinery/pkg/util/wait",
-        "//vendor/k8s.io/apiserver/pkg/authentication/serviceaccount",
         "//vendor/k8s.io/apiserver/pkg/server/options",
         "//vendor/k8s.io/apiserver/pkg/util/feature",
         "//vendor/k8s.io/apiserver/pkg/util/webhook",
@@ -112,7 +110,6 @@ go_test(
         "csr_signer_test.go",
         "gcp_config_test.go",
         "istiod_csr_approver_test.go",
-        "kubelet_readonly_csr_approver_test.go",
         "node_annotator_test.go",
         "node_csr_approver_test.go",
         "oidc_csr_approver_test.go",
@@ -134,7 +131,6 @@ go_test(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:meta",
         "//vendor/k8s.io/apimachinery/pkg/runtime",
         "//vendor/k8s.io/apimachinery/pkg/runtime/schema",
-        "//vendor/k8s.io/apimachinery/pkg/types",
         "//vendor/k8s.io/apimachinery/pkg/util/strategicpatch",
         "//vendor/k8s.io/client-go/kubernetes/fake",
         "//vendor/k8s.io/client-go/listers/core/v1:core",

cmd/gcp-controller-manager/csr_signer.go

@@ -91,8 +91,7 @@ func (s *gkeSigner) handleInternal(csr *capi.CertificateSigningRequest) (process
 		csr.Spec.SignerName != certsv1.KubeletServingSignerName &&
 		csr.Spec.SignerName != certsv1b1.LegacyUnknownSignerName &&
 		csr.Spec.SignerName != istiodSignerName &&
-		csr.Spec.SignerName != oidcSignerName &&
-		csr.Spec.SignerName != kubeletReadonlyCSRSignerName {
+		csr.Spec.SignerName != oidcSignerName {
 		return false, nil, nil
 	}
 

cmd/gcp-controller-manager/csr_signer_test.go

@@ -107,19 +107,6 @@ func TestGKESigner(t *testing.T) {
 			wantProcessed: true,
 			wantErr:       false,
 		},
-		{
-			name: "Signs approved certs with kubelet readonly signer name",
-			csr: &certsv1.CertificateSigningRequest{
-				Spec: capi.CertificateSigningRequestSpec{
-					SignerName: kubeletReadonlyCSRSignerName,
-					Request:    generateCSR(),
-				},
-				Status: statusApproved,
-			},
-			mockResponse:  goodResponse,
-			expected:      goodResponse.Status.Certificate,
-			wantProcessed: true,
-		},
 		{
 			name: "Signs Approved API client certificates",
 			csr: &certsv1.CertificateSigningRequest{
@@ -218,19 +205,6 @@ func TestGKESigner(t *testing.T) {
 			wantProcessed: true,
 			wantErr:       true,
 		},
-		{
-			name: "Returns error after invalid response for readonly approver",
-			csr: &certsv1.CertificateSigningRequest{
-				Spec: capi.CertificateSigningRequestSpec{
-					SignerName: kubeletReadonlyCSRSignerName,
-					Request:    generateCSR(),
-				},
-				Status: statusApproved,
-			},
-			mockResponse:  invalidResponse,
-			wantProcessed: true,
-			wantErr:       true,
-		},
 	}
 
 	for _, c := range cases {