Move SCTP to GA

Author: danwinship

pkg/apis/core/validation/conditional_validation.go

@@ -33,12 +33,6 @@ import (
 // is the cluster default, although the clusterIP here dictates the family defaulting.
 func ValidateConditionalService(service, oldService *api.Service, allowedIPFamilies []api.IPFamily) field.ErrorList {
 	var errs field.ErrorList
-	// If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it
-	if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(serviceSCTPFields(oldService)) == 0 {
-		for _, f := range serviceSCTPFields(service) {
-			errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)}))
-		}
-	}
 
 	errs = append(errs, validateIPFamily(service, oldService, allowedIPFamilies)...)
 
@@ -114,115 +108,3 @@ func joinIPFamilies(families []api.IPFamily, separator string) string {
 	}
 	return b.String()
 }
-
-func serviceSCTPFields(service *api.Service) []*field.Path {
-	if service == nil {
-		return nil
-	}
-	fields := []*field.Path{}
-	for pIndex, p := range service.Spec.Ports {
-		if p.Protocol == api.ProtocolSCTP {
-			fields = append(fields, field.NewPath("spec.ports").Index(pIndex).Child("protocol"))
-		}
-	}
-	return fields
-}
-
-// ValidateConditionalEndpoints validates conditionally valid fields.
-func ValidateConditionalEndpoints(endpoints, oldEndpoints *api.Endpoints) field.ErrorList {
-	var errs field.ErrorList
-	// If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it
-	if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(endpointsSCTPFields(oldEndpoints)) == 0 {
-		for _, f := range endpointsSCTPFields(endpoints) {
-			errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)}))
-		}
-	}
-	return errs
-}
-
-func endpointsSCTPFields(endpoints *api.Endpoints) []*field.Path {
-	if endpoints == nil {
-		return nil
-	}
-	fields := []*field.Path{}
-	for sIndex, s := range endpoints.Subsets {
-		for pIndex, p := range s.Ports {
-			if p.Protocol == api.ProtocolSCTP {
-				fields = append(fields, field.NewPath("subsets").Index(sIndex).Child("ports").Index(pIndex).Child("protocol"))
-			}
-		}
-	}
-	return fields
-}
-
-// ValidateConditionalPodTemplate validates conditionally valid fields.
-// This should be called from Validate/ValidateUpdate for all resources containing a PodTemplateSpec
-func ValidateConditionalPodTemplate(podTemplate, oldPodTemplate *api.PodTemplateSpec, fldPath *field.Path) field.ErrorList {
-	var (
-		podSpec    *api.PodSpec
-		oldPodSpec *api.PodSpec
-	)
-	if podTemplate != nil {
-		podSpec = &podTemplate.Spec
-	}
-	if oldPodTemplate != nil {
-		oldPodSpec = &oldPodTemplate.Spec
-	}
-	return validateConditionalPodSpec(podSpec, oldPodSpec, fldPath.Child("spec"))
-}
-
-// ValidateConditionalPod validates conditionally valid fields.
-// This should be called from Validate/ValidateUpdate for all resources containing a Pod
-func ValidateConditionalPod(pod, oldPod *api.Pod, fldPath *field.Path) field.ErrorList {
-	var (
-		podSpec    *api.PodSpec
-		oldPodSpec *api.PodSpec
-	)
-	if pod != nil {
-		podSpec = &pod.Spec
-	}
-	if oldPod != nil {
-		oldPodSpec = &oldPod.Spec
-	}
-	return validateConditionalPodSpec(podSpec, oldPodSpec, fldPath.Child("spec"))
-}
-
-func validateConditionalPodSpec(podSpec, oldPodSpec *api.PodSpec, fldPath *field.Path) field.ErrorList {
-	// Always make sure we have a non-nil current pod spec
-	if podSpec == nil {
-		podSpec = &api.PodSpec{}
-	}
-
-	errs := field.ErrorList{}
-
-	// If the SCTPSupport feature is disabled, and the old object isn't using the SCTP feature, prevent the new object from using it
-	if !utilfeature.DefaultFeatureGate.Enabled(features.SCTPSupport) && len(podSCTPFields(oldPodSpec, nil)) == 0 {
-		for _, f := range podSCTPFields(podSpec, fldPath) {
-			errs = append(errs, field.NotSupported(f, api.ProtocolSCTP, []string{string(api.ProtocolTCP), string(api.ProtocolUDP)}))
-		}
-	}
-
-	return errs
-}
-
-func podSCTPFields(podSpec *api.PodSpec, fldPath *field.Path) []*field.Path {
-	if podSpec == nil {
-		return nil
-	}
-	fields := []*field.Path{}
-	for cIndex, c := range podSpec.InitContainers {
-		for pIndex, p := range c.Ports {
-			if p.Protocol == api.ProtocolSCTP {
-				fields = append(fields, fldPath.Child("initContainers").Index(cIndex).Child("ports").Index(pIndex).Child("protocol"))
-			}
-		}
-	}
-	for cIndex, c := range podSpec.Containers {
-		for pIndex, p := range c.Ports {
-			if p.Protocol == api.ProtocolSCTP {
-				fields = append(fields, fldPath.Child("containers").Index(cIndex).Child("ports").Index(pIndex).Child("protocol"))
-			}
-		}
-	}
-	return fields
-}

pkg/apis/core/validation/conditional_validation_test.go

@@ -17,7 +17,6 @@ limitations under the License.
 package validation
 
 import (
-	"fmt"
 	"reflect"
 	"strings"
 	"testing"
@@ -29,230 +28,6 @@ import (
 	"k8s.io/kubernetes/pkg/features"
 )
 
-func TestValidatePodSCTP(t *testing.T) {
-	objectWithValue := func() *api.Pod {
-		return &api.Pod{
-			Spec: api.PodSpec{
-				Containers:     []api.Container{{Name: "container1", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 80, Protocol: api.ProtocolSCTP}}}},
-				InitContainers: []api.Container{{Name: "container2", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 90, Protocol: api.ProtocolSCTP}}}},
-			},
-		}
-	}
-	objectWithoutValue := func() *api.Pod {
-		return &api.Pod{
-			Spec: api.PodSpec{
-				Containers:     []api.Container{{Name: "container1", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 80, Protocol: api.ProtocolTCP}}}},
-				InitContainers: []api.Container{{Name: "container2", Image: "testimage", Ports: []api.ContainerPort{{ContainerPort: 90, Protocol: api.ProtocolTCP}}}},
-			},
-		}
-	}
-
-	objectInfo := []struct {
-		description string
-		hasValue    bool
-		object      func() *api.Pod
-	}{
-		{
-			description: "has value",
-			hasValue:    true,
-			object:      objectWithValue,
-		},
-		{
-			description: "does not have value",
-			hasValue:    false,
-			object:      objectWithoutValue,
-		},
-		{
-			description: "is nil",
-			hasValue:    false,
-			object:      func() *api.Pod { return nil },
-		},
-	}
-
-	for _, enabled := range []bool{true, false} {
-		for _, oldPodInfo := range objectInfo {
-			for _, newPodInfo := range objectInfo {
-				oldPodHasValue, oldPod := oldPodInfo.hasValue, oldPodInfo.object()
-				newPodHasValue, newPod := newPodInfo.hasValue, newPodInfo.object()
-				if newPod == nil {
-					continue
-				}
-
-				t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldPodInfo.description, newPodInfo.description), func(t *testing.T) {
-					defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)()
-					errs := ValidateConditionalPod(newPod, oldPod, nil)
-					// objects should never be changed
-					if !reflect.DeepEqual(oldPod, oldPodInfo.object()) {
-						t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldPod, oldPodInfo.object()))
-					}
-					if !reflect.DeepEqual(newPod, newPodInfo.object()) {
-						t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newPod, newPodInfo.object()))
-					}
-
-					switch {
-					case enabled || oldPodHasValue || !newPodHasValue:
-						if len(errs) > 0 {
-							t.Errorf("unexpected errors: %v", errs)
-						}
-					default:
-						if len(errs) != 2 {
-							t.Errorf("expected 2 errors, got %v", errs)
-						}
-					}
-				})
-			}
-		}
-	}
-}
-
-func TestValidateServiceSCTP(t *testing.T) {
-	objectWithValue := func() *api.Service {
-		return &api.Service{
-			Spec: api.ServiceSpec{
-				Ports: []api.ServicePort{{Protocol: api.ProtocolSCTP}},
-			},
-		}
-	}
-	objectWithoutValue := func() *api.Service {
-		return &api.Service{
-			Spec: api.ServiceSpec{
-				Ports: []api.ServicePort{{Protocol: api.ProtocolTCP}},
-			},
-		}
-	}
-
-	objectInfo := []struct {
-		description string
-		hasValue    bool
-		object      func() *api.Service
-	}{
-		{
-			description: "has value",
-			hasValue:    true,
-			object:      objectWithValue,
-		},
-		{
-			description: "does not have value",
-			hasValue:    false,
-			object:      objectWithoutValue,
-		},
-		{
-			description: "is nil",
-			hasValue:    false,
-			object:      func() *api.Service { return nil },
-		},
-	}
-
-	for _, enabled := range []bool{true, false} {
-		for _, oldServiceInfo := range objectInfo {
-			for _, newServiceInfo := range objectInfo {
-				oldServiceHasValue, oldService := oldServiceInfo.hasValue, oldServiceInfo.object()
-				newServiceHasValue, newService := newServiceInfo.hasValue, newServiceInfo.object()
-				if newService == nil {
-					continue
-				}
-
-				t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldServiceInfo.description, newServiceInfo.description), func(t *testing.T) {
-					defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)()
-					errs := ValidateConditionalService(newService, oldService, []api.IPFamily{api.IPv4Protocol})
-					// objects should never be changed
-					if !reflect.DeepEqual(oldService, oldServiceInfo.object()) {
-						t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldService, oldServiceInfo.object()))
-					}
-					if !reflect.DeepEqual(newService, newServiceInfo.object()) {
-						t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newService, newServiceInfo.object()))
-					}
-
-					switch {
-					case enabled || oldServiceHasValue || !newServiceHasValue:
-						if len(errs) > 0 {
-							t.Errorf("unexpected errors: %v", errs)
-						}
-					default:
-						if len(errs) != 1 {
-							t.Errorf("expected 1 error, got %v", errs)
-						}
-					}
-				})
-			}
-		}
-	}
-}
-
-func TestValidateEndpointsSCTP(t *testing.T) {
-	objectWithValue := func() *api.Endpoints {
-		return &api.Endpoints{
-			Subsets: []api.EndpointSubset{
-				{Ports: []api.EndpointPort{{Protocol: api.ProtocolSCTP}}},
-			},
-		}
-	}
-	objectWithoutValue := func() *api.Endpoints {
-		return &api.Endpoints{
-			Subsets: []api.EndpointSubset{
-				{Ports: []api.EndpointPort{{Protocol: api.ProtocolTCP}}},
-			},
-		}
-	}
-
-	objectInfo := []struct {
-		description string
-		hasValue    bool
-		object      func() *api.Endpoints
-	}{
-		{
-			description: "has value",
-			hasValue:    true,
-			object:      objectWithValue,
-		},
-		{
-			description: "does not have value",
-			hasValue:    false,
-			object:      objectWithoutValue,
-		},
-		{
-			description: "is nil",
-			hasValue:    false,
-			object:      func() *api.Endpoints { return nil },
-		},
-	}
-
-	for _, enabled := range []bool{true, false} {
-		for _, oldEndpointsInfo := range objectInfo {
-			for _, newEndpointsInfo := range objectInfo {
-				oldEndpointsHasValue, oldEndpoints := oldEndpointsInfo.hasValue, oldEndpointsInfo.object()
-				newEndpointsHasValue, newEndpoints := newEndpointsInfo.hasValue, newEndpointsInfo.object()
-				if newEndpoints == nil {
-					continue
-				}
-
-				t.Run(fmt.Sprintf("feature enabled=%v, old object %v, new object %v", enabled, oldEndpointsInfo.description, newEndpointsInfo.description), func(t *testing.T) {
-					defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, enabled)()
-					errs := ValidateConditionalEndpoints(newEndpoints, oldEndpoints)
-					// objects should never be changed
-					if !reflect.DeepEqual(oldEndpoints, oldEndpointsInfo.object()) {
-						t.Errorf("old object changed: %v", diff.ObjectReflectDiff(oldEndpoints, oldEndpointsInfo.object()))
-					}
-					if !reflect.DeepEqual(newEndpoints, newEndpointsInfo.object()) {
-						t.Errorf("new object changed: %v", diff.ObjectReflectDiff(newEndpoints, newEndpointsInfo.object()))
-					}
-
-					switch {
-					case enabled || oldEndpointsHasValue || !newEndpointsHasValue:
-						if len(errs) > 0 {
-							t.Errorf("unexpected errors: %v", errs)
-						}
-					default:
-						if len(errs) != 1 {
-							t.Errorf("expected 1 error, got %v", errs)
-						}
-					}
-				})
-			}
-		}
-	}
-}
-
 func TestValidateServiceIPFamily(t *testing.T) {
 	ipv4 := api.IPv4Protocol
 	ipv6 := api.IPv6Protocol

pkg/apis/core/validation/validation_test.go

@@ -4410,12 +4410,11 @@ func TestValidateResourceQuotaWithAlphaLocalStorageCapacityIsolation(t *testing.
 }
 
 func TestValidatePorts(t *testing.T) {
-	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, true)()
 	successCase := []core.ContainerPort{
 		{Name: "abc", ContainerPort: 80, HostPort: 80, Protocol: "TCP"},
 		{Name: "easy", ContainerPort: 82, Protocol: "TCP"},
 		{Name: "as", ContainerPort: 83, Protocol: "UDP"},
-		{Name: "do-re-me", ContainerPort: 84, Protocol: "UDP"},
+		{Name: "do-re-me", ContainerPort: 84, Protocol: "SCTP"},
 		{ContainerPort: 85, Protocol: "TCP"},
 	}
 	if errs := validateContainerPorts(successCase, field.NewPath("field")); len(errs) != 0 {
@@ -9894,7 +9893,6 @@ func TestValidatePodEphemeralContainersUpdate(t *testing.T) {
 }
 
 func TestValidateServiceCreate(t *testing.T) {
-	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.SCTPSupport, true)()
 	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.ServiceTopology, true)()
 
 	testCases := []struct {