mirror of
https://github.com/kubernetes-sigs/prometheus-adapter.git
synced 2026-06-10 10:15:57 +00:00
vendor: Update vendor logic
This commit is contained in:
Clayton Coleman
parent
c6ac5cbc87
commit
4ca64b85f0
1540 changed files with 265304 additions and 91616 deletions
25
vendor/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic.go
generated
vendored
25
vendor/k8s.io/apiserver/plugin/pkg/audit/dynamic/dynamic.go
generated
vendored
|
|
@ -28,6 +28,7 @@ import (
|
|||
auditregv1alpha1 "k8s.io/api/auditregistration/v1alpha1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime/schema"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
auditinternal "k8s.io/apiserver/pkg/apis/audit"
|
||||
auditinstall "k8s.io/apiserver/pkg/apis/audit/install"
|
||||
|
|
@ -101,7 +102,7 @@ func NewBackend(c *Config) (audit.Backend, error) {
|
|||
if c.BufferedConfig == nil {
|
||||
c.BufferedConfig = NewDefaultWebhookBatchConfig()
|
||||
}
|
||||
cm, err := webhook.NewClientManager(auditv1.SchemeGroupVersion, func(s *runtime.Scheme) error {
|
||||
cm, err := webhook.NewClientManager([]schema.GroupVersion{auditv1.SchemeGroupVersion}, func(s *runtime.Scheme) error {
|
||||
auditinstall.Install(s)
|
||||
return nil
|
||||
})
|
||||
|
|
@ -122,6 +123,7 @@ func NewBackend(c *Config) (audit.Backend, error) {
|
|||
config: c,
|
||||
delegates: atomic.Value{},
|
||||
delegateUpdateMutex: sync.Mutex{},
|
||||
stopped: false,
|
||||
webhookClientManager: cm,
|
||||
recorder: recorder,
|
||||
}
|
||||
|
|
@ -158,6 +160,7 @@ func NewBackend(c *Config) (audit.Backend, error) {
|
|||
type backend struct {
|
||||
// delegateUpdateMutex holds an update lock on the delegates
|
||||
delegateUpdateMutex sync.Mutex
|
||||
stopped bool
|
||||
config *Config
|
||||
delegates atomic.Value
|
||||
webhookClientManager webhook.ClientManager
|
||||
|
|
@ -200,6 +203,11 @@ func (b *backend) Run(stopCh <-chan struct{}) error {
|
|||
// the primary stopChan to the current delegate map.
|
||||
func (b *backend) stopAllDelegates() {
|
||||
b.delegateUpdateMutex.Lock()
|
||||
defer b.delegateUpdateMutex.Unlock()
|
||||
if b.stopped {
|
||||
return
|
||||
}
|
||||
b.stopped = true
|
||||
for _, d := range b.GetDelegates() {
|
||||
close(d.stopChan)
|
||||
}
|
||||
|
|
@ -236,6 +244,11 @@ func (b *backend) setDelegates(delegates syncedDelegates) {
|
|||
func (b *backend) addSink(sink *auditregv1alpha1.AuditSink) {
|
||||
b.delegateUpdateMutex.Lock()
|
||||
defer b.delegateUpdateMutex.Unlock()
|
||||
if b.stopped {
|
||||
msg := fmt.Sprintf("Could not add audit sink %q uid: %s. Update to all delegates is stopped.", sink.Name, sink.UID)
|
||||
klog.Error(msg)
|
||||
return
|
||||
}
|
||||
delegates := b.copyDelegates()
|
||||
if _, ok := delegates[sink.UID]; ok {
|
||||
klog.Errorf("Audit sink %q uid: %s already exists, could not readd", sink.Name, sink.UID)
|
||||
|
|
@ -261,6 +274,11 @@ func (b *backend) addSink(sink *auditregv1alpha1.AuditSink) {
|
|||
func (b *backend) updateSink(oldSink, newSink *auditregv1alpha1.AuditSink) {
|
||||
b.delegateUpdateMutex.Lock()
|
||||
defer b.delegateUpdateMutex.Unlock()
|
||||
if b.stopped {
|
||||
msg := fmt.Sprintf("Could not update old audit sink %q to new audit sink %q. Update to all delegates is stopped.", oldSink.Name, newSink.Name)
|
||||
klog.Error(msg)
|
||||
return
|
||||
}
|
||||
delegates := b.copyDelegates()
|
||||
oldDelegate, ok := delegates[oldSink.UID]
|
||||
if !ok {
|
||||
|
|
@ -299,6 +317,11 @@ func (b *backend) updateSink(oldSink, newSink *auditregv1alpha1.AuditSink) {
|
|||
func (b *backend) deleteSink(sink *auditregv1alpha1.AuditSink) {
|
||||
b.delegateUpdateMutex.Lock()
|
||||
defer b.delegateUpdateMutex.Unlock()
|
||||
if b.stopped {
|
||||
msg := fmt.Sprintf("Could not delete audit sink %q uid: %s. Update to all delegates is stopped.", sink.Name, sink.UID)
|
||||
klog.Warning(msg)
|
||||
return
|
||||
}
|
||||
delegates := b.copyDelegates()
|
||||
delegate, ok := delegates[sink.UID]
|
||||
if !ok {
|
||||
|
|
|
|||
14
vendor/k8s.io/apiserver/plugin/pkg/audit/log/backend.go
generated
vendored
14
vendor/k8s.io/apiserver/plugin/pkg/audit/log/backend.go
generated
vendored
|
|
@ -44,18 +44,18 @@ var AllowedFormats = []string{
|
|||
}
|
||||
|
||||
type backend struct {
|
||||
out io.Writer
|
||||
format string
|
||||
groupVersion schema.GroupVersion
|
||||
out io.Writer
|
||||
format string
|
||||
encoder runtime.Encoder
|
||||
}
|
||||
|
||||
var _ audit.Backend = &backend{}
|
||||
|
||||
func NewBackend(out io.Writer, format string, groupVersion schema.GroupVersion) audit.Backend {
|
||||
return &backend{
|
||||
out: out,
|
||||
format: format,
|
||||
groupVersion: groupVersion,
|
||||
out: out,
|
||||
format: format,
|
||||
encoder: audit.Codecs.LegacyCodec(groupVersion),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -73,7 +73,7 @@ func (b *backend) logEvent(ev *auditinternal.Event) bool {
|
|||
case FormatLegacy:
|
||||
line = audit.EventString(ev) + "\n"
|
||||
case FormatJson:
|
||||
bs, err := runtime.Encode(audit.Codecs.LegacyCodec(b.groupVersion), ev)
|
||||
bs, err := runtime.Encode(b.encoder, ev)
|
||||
if err != nil {
|
||||
audit.HandlePluginError(PluginName, err, ev)
|
||||
return false
|
||||
|
|
|
|||
33
vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
generated
vendored
33
vendor/k8s.io/apiserver/plugin/pkg/audit/webhook/webhook.go
generated
vendored
|
|
@ -18,6 +18,7 @@ limitations under the License.
|
|||
package webhook
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
|
|
@ -27,6 +28,7 @@ import (
|
|||
"k8s.io/apiserver/pkg/audit"
|
||||
"k8s.io/apiserver/pkg/util/webhook"
|
||||
"k8s.io/client-go/rest"
|
||||
utiltrace "k8s.io/utils/trace"
|
||||
)
|
||||
|
||||
const (
|
||||
|
|
@ -42,9 +44,27 @@ func init() {
|
|||
install.Install(audit.Scheme)
|
||||
}
|
||||
|
||||
// retryOnError enforces the webhook client to retry requests
|
||||
// on error regardless of its nature.
|
||||
// The default implementation considers a very limited set of
|
||||
// 'retriable' errors, assuming correct use of HTTP codes by
|
||||
// external webhooks.
|
||||
// That may easily lead to dropped audit events. In fact, there is
|
||||
// hardly any error that could be a justified reason NOT to retry
|
||||
// sending audit events if there is even a slight chance that the
|
||||
// receiving service gets back to normal at some point.
|
||||
func retryOnError(err error) bool {
|
||||
if err != nil {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func loadWebhook(configFile string, groupVersion schema.GroupVersion, initialBackoff time.Duration) (*webhook.GenericWebhook, error) {
|
||||
return webhook.NewGenericWebhook(audit.Scheme, audit.Codecs, configFile,
|
||||
w, err := webhook.NewGenericWebhook(audit.Scheme, audit.Codecs, configFile,
|
||||
[]schema.GroupVersion{groupVersion}, initialBackoff)
|
||||
w.ShouldRetry = retryOnError
|
||||
return w, err
|
||||
}
|
||||
|
||||
type backend struct {
|
||||
|
|
@ -59,6 +79,7 @@ func NewDynamicBackend(rc *rest.RESTClient, initialBackoff time.Duration) audit.
|
|||
w: &webhook.GenericWebhook{
|
||||
RestClient: rc,
|
||||
InitialBackoff: initialBackoff,
|
||||
ShouldRetry: retryOnError,
|
||||
},
|
||||
name: fmt.Sprintf("dynamic_%s", PluginName),
|
||||
}
|
||||
|
|
@ -94,7 +115,15 @@ func (b *backend) processEvents(ev ...*auditinternal.Event) error {
|
|||
for _, e := range ev {
|
||||
list.Items = append(list.Items, *e)
|
||||
}
|
||||
return b.w.WithExponentialBackoff(func() rest.Result {
|
||||
return b.w.WithExponentialBackoff(context.Background(), func() rest.Result {
|
||||
trace := utiltrace.New("Call Audit Events webhook",
|
||||
utiltrace.Field{"name", b.name},
|
||||
utiltrace.Field{"event-count", len(list.Items)})
|
||||
// Only log audit webhook traces that exceed a 25ms per object limit plus a 50ms
|
||||
// request overhead allowance. The high per object limit used here is primarily to
|
||||
// allow enough time for the serialization/deserialization of audit events, which
|
||||
// contain nested request and response objects plus additional event fields.
|
||||
defer trace.LogIfLong(time.Duration(50+25*len(list.Items)) * time.Millisecond)
|
||||
return b.w.RestClient.Post().Body(&list).Do()
|
||||
}).Error()
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue