published by bot

(https://github.com/kubernetes/contrib/tree/master/mungegithub)

copied from https://github.com/kubernetes/kubernetes.git, branch master,
last commit is 71ba8a90f0a4f3a307cffeb8f8566d13277cb135

tools/cache/listers.go

@@ -21,6 +21,7 @@ import (
 
 	"github.com/golang/glog"
 	"k8s.io/client-go/pkg/api"
+	"k8s.io/client-go/pkg/api/errors"
 	"k8s.io/client-go/pkg/api/meta"
 	"k8s.io/client-go/pkg/api/unversioned"
 	"k8s.io/client-go/pkg/apis/apps"
@@ -28,7 +29,9 @@ import (
 	"k8s.io/client-go/pkg/apis/certificates"
 	"k8s.io/client-go/pkg/apis/extensions"
 	"k8s.io/client-go/pkg/apis/policy"
+	"k8s.io/client-go/pkg/apis/storage"
 	"k8s.io/client-go/pkg/labels"
+	"k8s.io/client-go/pkg/runtime"
 )
 
 // AppendFunc is used to add a matching item to whatever list the caller is using
@@ -90,6 +93,79 @@ func ListAllByNamespace(indexer Indexer, namespace string, selector labels.Selec
 	return nil
 }
 
+// GenericLister is a lister skin on a generic Indexer
+type GenericLister interface {
+	// List will return all objects across namespaces
+	List(selector labels.Selector) (ret []runtime.Object, err error)
+	// Get will attempt to retrieve assuming that name==key
+	Get(name string) (runtime.Object, error)
+	// ByNamespace will give you a GenericNamespaceLister for one namespace
+	ByNamespace(namespace string) GenericNamespaceLister
+}
+
+// GenericNamespaceLister is a lister skin on a generic Indexer
+type GenericNamespaceLister interface {
+	// List will return all objects in this namespace
+	List(selector labels.Selector) (ret []runtime.Object, err error)
+	// Get will attempt to retrieve by namespace and name
+	Get(name string) (runtime.Object, error)
+}
+
+func NewGenericLister(indexer Indexer, resource unversioned.GroupResource) GenericLister {
+	return &genericLister{indexer: indexer, resource: resource}
+}
+
+type genericLister struct {
+	indexer  Indexer
+	resource unversioned.GroupResource
+}
+
+func (s *genericLister) List(selector labels.Selector) (ret []runtime.Object, err error) {
+	err = ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(runtime.Object))
+	})
+	return ret, err
+}
+
+func (s *genericLister) ByNamespace(namespace string) GenericNamespaceLister {
+	return &genericNamespaceLister{indexer: s.indexer, namespace: namespace, resource: s.resource}
+}
+
+func (s *genericLister) Get(name string) (runtime.Object, error) {
+	obj, exists, err := s.indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(s.resource, name)
+	}
+	return obj.(runtime.Object), nil
+}
+
+type genericNamespaceLister struct {
+	indexer   Indexer
+	namespace string
+	resource  unversioned.GroupResource
+}
+
+func (s *genericNamespaceLister) List(selector labels.Selector) (ret []runtime.Object, err error) {
+	err = ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
+		ret = append(ret, m.(runtime.Object))
+	})
+	return ret, err
+}
+
+func (s *genericNamespaceLister) Get(name string) (runtime.Object, error) {
+	obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(s.resource, name)
+	}
+	return obj.(runtime.Object), nil
+}
+
 //  TODO: generate these classes and methods for all resources of interest using
 // a script.  Can use "go generate" once 1.4 is supported by all users.
 
@@ -288,32 +364,13 @@ func (s *StoreToPVFetcher) GetPersistentVolumeInfo(id string) (*api.PersistentVo
 	return o.(*api.PersistentVolume), nil
 }
 
-// Typed wrapper around a store of PersistentVolumeClaims
-type StoreToPVCFetcher struct {
+// StoreToStatefulSetLister gives a store List and Exists methods. The store must contain only StatefulSets.
+type StoreToStatefulSetLister struct {
 	Store
 }
 
-// GetPersistentVolumeClaimInfo returns cached data for the PersistentVolumeClaim 'id'.
-func (s *StoreToPVCFetcher) GetPersistentVolumeClaimInfo(namespace string, id string) (*api.PersistentVolumeClaim, error) {
-	o, exists, err := s.Get(&api.PersistentVolumeClaim{ObjectMeta: api.ObjectMeta{Namespace: namespace, Name: id}})
-	if err != nil {
-		return nil, fmt.Errorf("error retrieving PersistentVolumeClaim '%s/%s' from cache: %v", namespace, id, err)
-	}
-
-	if !exists {
-		return nil, fmt.Errorf("PersistentVolumeClaim '%s/%s' not found", namespace, id)
-	}
-
-	return o.(*api.PersistentVolumeClaim), nil
-}
-
-// StoreToPetSetLister gives a store List and Exists methods. The store must contain only PetSets.
-type StoreToPetSetLister struct {
-	Store
-}
-
-// Exists checks if the given PetSet exists in the store.
-func (s *StoreToPetSetLister) Exists(ps *apps.PetSet) (bool, error) {
+// Exists checks if the given StatefulSet exists in the store.
+func (s *StoreToStatefulSetLister) Exists(ps *apps.StatefulSet) (bool, error) {
 	_, exists, err := s.Store.Get(ps)
 	if err != nil {
 		return false, err
@@ -321,35 +378,35 @@ func (s *StoreToPetSetLister) Exists(ps *apps.PetSet) (bool, error) {
 	return exists, nil
 }
 
-// List lists all PetSets in the store.
-func (s *StoreToPetSetLister) List() (psList []apps.PetSet, err error) {
+// List lists all StatefulSets in the store.
+func (s *StoreToStatefulSetLister) List() (psList []apps.StatefulSet, err error) {
 	for _, ps := range s.Store.List() {
-		psList = append(psList, *(ps.(*apps.PetSet)))
+		psList = append(psList, *(ps.(*apps.StatefulSet)))
 	}
 	return psList, nil
 }
 
-type storePetSetsNamespacer struct {
+type storeStatefulSetsNamespacer struct {
 	store     Store
 	namespace string
 }
 
-func (s *StoreToPetSetLister) PetSets(namespace string) storePetSetsNamespacer {
-	return storePetSetsNamespacer{s.Store, namespace}
+func (s *StoreToStatefulSetLister) StatefulSets(namespace string) storeStatefulSetsNamespacer {
+	return storeStatefulSetsNamespacer{s.Store, namespace}
 }
 
-// GetPodPetSets returns a list of PetSets managing a pod. Returns an error only if no matching PetSets are found.
-func (s *StoreToPetSetLister) GetPodPetSets(pod *api.Pod) (psList []apps.PetSet, err error) {
+// GetPodStatefulSets returns a list of StatefulSets managing a pod. Returns an error only if no matching StatefulSets are found.
+func (s *StoreToStatefulSetLister) GetPodStatefulSets(pod *api.Pod) (psList []apps.StatefulSet, err error) {
 	var selector labels.Selector
-	var ps apps.PetSet
+	var ps apps.StatefulSet
 
 	if len(pod.Labels) == 0 {
-		err = fmt.Errorf("no PetSets found for pod %v because it has no labels", pod.Name)
+		err = fmt.Errorf("no StatefulSets found for pod %v because it has no labels", pod.Name)
 		return
 	}
 
 	for _, m := range s.Store.List() {
-		ps = *m.(*apps.PetSet)
+		ps = *m.(*apps.StatefulSet)
 		if ps.Namespace != pod.Namespace {
 			continue
 		}
@@ -359,14 +416,14 @@ func (s *StoreToPetSetLister) GetPodPetSets(pod *api.Pod) (psList []apps.PetSet,
 			return
 		}
 
-		// If a PetSet with a nil or empty selector creeps in, it should match nothing, not everything.
+		// If a StatefulSet with a nil or empty selector creeps in, it should match nothing, not everything.
 		if selector.Empty() || !selector.Matches(labels.Set(pod.Labels)) {
 			continue
 		}
 		psList = append(psList, ps)
 	}
 	if len(psList) == 0 {
-		err = fmt.Errorf("could not find PetSet for pod %s in namespace %s with labels: %v", pod.Name, pod.Namespace, pod.Labels)
+		err = fmt.Errorf("could not find StatefulSet for pod %s in namespace %s with labels: %v", pod.Name, pod.Namespace, pod.Labels)
 	}
 	return
 }
@@ -393,23 +450,6 @@ func (s *StoreToCertificateRequestLister) List() (csrs certificates.CertificateS
 	return csrs, nil
 }
 
-// IndexerToNamespaceLister gives an Indexer List method
-type IndexerToNamespaceLister struct {
-	Indexer
-}
-
-// List returns a list of namespaces
-func (i *IndexerToNamespaceLister) List(selector labels.Selector) (namespaces []*api.Namespace, err error) {
-	for _, m := range i.Indexer.List() {
-		namespace := m.(*api.Namespace)
-		if selector.Matches(labels.Set(namespace.Labels)) {
-			namespaces = append(namespaces, namespace)
-		}
-	}
-
-	return namespaces, nil
-}
-
 type StoreToPodDisruptionBudgetLister struct {
 	Store
 }
@@ -450,3 +490,40 @@ func (s *StoreToPodDisruptionBudgetLister) GetPodPodDisruptionBudgets(pod *api.P
 	}
 	return
 }
+
+// StorageClassLister knows how to list storage classes
+type StorageClassLister interface {
+	List(selector labels.Selector) (ret []*storage.StorageClass, err error)
+	Get(name string) (*storage.StorageClass, error)
+}
+
+// storageClassLister implements StorageClassLister
+type storageClassLister struct {
+	indexer Indexer
+}
+
+// NewStorageClassLister returns a new lister.
+func NewStorageClassLister(indexer Indexer) StorageClassLister {
+	return &storageClassLister{indexer: indexer}
+}
+
+// List returns a list of storage classes
+func (s *storageClassLister) List(selector labels.Selector) (ret []*storage.StorageClass, err error) {
+	err = ListAll(s.indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*storage.StorageClass))
+	})
+	return ret, err
+}
+
+// List returns a list of storage classes
+func (s *storageClassLister) Get(name string) (*storage.StorageClass, error) {
+	key := &storage.StorageClass{ObjectMeta: api.ObjectMeta{Name: name}}
+	obj, exists, err := s.indexer.Get(key)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(storage.Resource("storageclass"), name)
+	}
+	return obj.(*storage.StorageClass), nil
+}

tools/cache/listers_core.go

@@ -203,3 +203,146 @@ func (s *StoreToReplicationControllerLister) GetPodControllers(pod *api.Pod) (co
 	}
 	return
 }
+
+// StoreToServiceAccountLister helps list service accounts
+type StoreToServiceAccountLister struct {
+	Indexer Indexer
+}
+
+func (s *StoreToServiceAccountLister) List(selector labels.Selector) (ret []*api.ServiceAccount, err error) {
+	err = ListAll(s.Indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.ServiceAccount))
+	})
+	return ret, err
+}
+
+func (s *StoreToServiceAccountLister) ServiceAccounts(namespace string) storeServiceAccountsNamespacer {
+	return storeServiceAccountsNamespacer{s.Indexer, namespace}
+}
+
+type storeServiceAccountsNamespacer struct {
+	indexer   Indexer
+	namespace string
+}
+
+func (s storeServiceAccountsNamespacer) List(selector labels.Selector) (ret []*api.ServiceAccount, err error) {
+	err = ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.ServiceAccount))
+	})
+	return ret, err
+}
+
+func (s storeServiceAccountsNamespacer) Get(name string) (*api.ServiceAccount, error) {
+	obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(api.Resource("serviceaccount"), name)
+	}
+	return obj.(*api.ServiceAccount), nil
+}
+
+// StoreToLimitRangeLister helps list limit ranges
+type StoreToLimitRangeLister struct {
+	Indexer Indexer
+}
+
+func (s *StoreToLimitRangeLister) List(selector labels.Selector) (ret []*api.LimitRange, err error) {
+	err = ListAll(s.Indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.LimitRange))
+	})
+	return ret, err
+}
+
+// StoreToPersistentVolumeClaimLister helps list pvcs
+type StoreToPersistentVolumeClaimLister struct {
+	Indexer Indexer
+}
+
+// List returns all persistentvolumeclaims that match the specified selector
+func (s *StoreToPersistentVolumeClaimLister) List(selector labels.Selector) (ret []*api.PersistentVolumeClaim, err error) {
+	err = ListAll(s.Indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.PersistentVolumeClaim))
+	})
+	return ret, err
+}
+
+func (s *StoreToLimitRangeLister) LimitRanges(namespace string) storeLimitRangesNamespacer {
+	return storeLimitRangesNamespacer{s.Indexer, namespace}
+}
+
+type storeLimitRangesNamespacer struct {
+	indexer   Indexer
+	namespace string
+}
+
+func (s storeLimitRangesNamespacer) List(selector labels.Selector) (ret []*api.LimitRange, err error) {
+	err = ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.LimitRange))
+	})
+	return ret, err
+}
+
+func (s storeLimitRangesNamespacer) Get(name string) (*api.LimitRange, error) {
+	obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(api.Resource("limitrange"), name)
+	}
+	return obj.(*api.LimitRange), nil
+}
+
+// PersistentVolumeClaims returns all claims in a specified namespace.
+func (s *StoreToPersistentVolumeClaimLister) PersistentVolumeClaims(namespace string) storePersistentVolumeClaimsNamespacer {
+	return storePersistentVolumeClaimsNamespacer{Indexer: s.Indexer, namespace: namespace}
+}
+
+type storePersistentVolumeClaimsNamespacer struct {
+	Indexer   Indexer
+	namespace string
+}
+
+func (s storePersistentVolumeClaimsNamespacer) List(selector labels.Selector) (ret []*api.PersistentVolumeClaim, err error) {
+	err = ListAllByNamespace(s.Indexer, s.namespace, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.PersistentVolumeClaim))
+	})
+	return ret, err
+}
+
+func (s storePersistentVolumeClaimsNamespacer) Get(name string) (*api.PersistentVolumeClaim, error) {
+	obj, exists, err := s.Indexer.GetByKey(s.namespace + "/" + name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(api.Resource("persistentvolumeclaims"), name)
+	}
+	return obj.(*api.PersistentVolumeClaim), nil
+}
+
+// IndexerToNamespaceLister gives an Indexer List method
+type IndexerToNamespaceLister struct {
+	Indexer
+}
+
+// List returns a list of namespaces
+func (i *IndexerToNamespaceLister) List(selector labels.Selector) (ret []*api.Namespace, err error) {
+	err = ListAll(i.Indexer, selector, func(m interface{}) {
+		ret = append(ret, m.(*api.Namespace))
+	})
+	return ret, err
+}
+
+func (i *IndexerToNamespaceLister) Get(name string) (*api.Namespace, error) {
+	obj, exists, err := i.Indexer.GetByKey(name)
+	if err != nil {
+		return nil, err
+	}
+	if !exists {
+		return nil, errors.NewNotFound(api.Resource("namespace"), name)
+	}
+	return obj.(*api.Namespace), nil
+}

tools/cache/mutation_detector.go

@@ -0,0 +1,135 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cache
+
+import (
+	"fmt"
+	"os"
+	"reflect"
+	"strconv"
+	"sync"
+	"time"
+
+	"k8s.io/client-go/pkg/api"
+	"k8s.io/client-go/pkg/runtime"
+	"k8s.io/client-go/pkg/util/diff"
+)
+
+var mutationDetectionEnabled = false
+
+func init() {
+	mutationDetectionEnabled, _ = strconv.ParseBool(os.Getenv("KUBE_CACHE_MUTATION_DETECTOR"))
+}
+
+type CacheMutationDetector interface {
+	AddObject(obj interface{})
+	Run(stopCh <-chan struct{})
+}
+
+func NewCacheMutationDetector(name string) CacheMutationDetector {
+	if !mutationDetectionEnabled {
+		return dummyMutationDetector{}
+	}
+	return &defaultCacheMutationDetector{name: name, period: 1 * time.Second}
+}
+
+type dummyMutationDetector struct{}
+
+func (dummyMutationDetector) Run(stopCh <-chan struct{}) {
+}
+func (dummyMutationDetector) AddObject(obj interface{}) {
+}
+
+// defaultCacheMutationDetector gives a way to detect if a cached object has been mutated
+// It has a list of cached objects and their copies.  I haven't thought of a way
+// to see WHO is mutating it, just that it's getting mutated.
+type defaultCacheMutationDetector struct {
+	name   string
+	period time.Duration
+
+	lock       sync.Mutex
+	cachedObjs []cacheObj
+
+	// failureFunc is injectable for unit testing.  If you don't have it, the process will panic.
+	// This panic is intentional, since turning on this detection indicates you want a strong
+	// failure signal.  This failure is effectively a p0 bug and you can't trust process results
+	// after a mutation anyway.
+	failureFunc func(message string)
+}
+
+// cacheObj holds the actual object and a copy
+type cacheObj struct {
+	cached interface{}
+	copied interface{}
+}
+
+func (d *defaultCacheMutationDetector) Run(stopCh <-chan struct{}) {
+	// we DON'T want protection from panics.  If we're running this code, we want to die
+	go func() {
+		for {
+			d.CompareObjects()
+
+			select {
+			case <-stopCh:
+				return
+			case <-time.After(d.period):
+			}
+		}
+	}()
+}
+
+// AddObject makes a deep copy of the object for later comparison.  It only works on runtime.Object
+// but that covers the vast majority of our cached objects
+func (d *defaultCacheMutationDetector) AddObject(obj interface{}) {
+	if _, ok := obj.(DeletedFinalStateUnknown); ok {
+		return
+	}
+	if _, ok := obj.(runtime.Object); !ok {
+		return
+	}
+
+	copiedObj, err := api.Scheme.Copy(obj.(runtime.Object))
+	if err != nil {
+		return
+	}
+
+	d.lock.Lock()
+	defer d.lock.Unlock()
+	d.cachedObjs = append(d.cachedObjs, cacheObj{cached: obj, copied: copiedObj})
+}
+
+func (d *defaultCacheMutationDetector) CompareObjects() {
+	d.lock.Lock()
+	defer d.lock.Unlock()
+
+	altered := false
+	for i, obj := range d.cachedObjs {
+		if !reflect.DeepEqual(obj.cached, obj.copied) {
+			fmt.Printf("CACHE %s[%d] ALTERED!\n%v\n", d.name, i, diff.ObjectDiff(obj.cached, obj.copied))
+			altered = true
+		}
+	}
+
+	if altered {
+		msg := fmt.Sprintf("cache %s modified", d.name)
+		if d.failureFunc != nil {
+			d.failureFunc(msg)
+			return
+		}
+		panic(msg)
+	}
+}

tools/cache/mutation_detector_test.go

@@ -0,0 +1,80 @@
+// +build !race
+
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cache
+
+import (
+	"testing"
+	"time"
+
+	"k8s.io/client-go/pkg/api"
+	"k8s.io/client-go/pkg/runtime"
+	"k8s.io/client-go/pkg/watch"
+)
+
+func TestMutationDetector(t *testing.T) {
+	fakeWatch := watch.NewFake()
+	lw := &testLW{
+		WatchFunc: func(options api.ListOptions) (watch.Interface, error) {
+			return fakeWatch, nil
+		},
+		ListFunc: func(options api.ListOptions) (runtime.Object, error) {
+			return &api.PodList{}, nil
+		},
+	}
+	pod := &api.Pod{
+		ObjectMeta: api.ObjectMeta{
+			Name:   "anything",
+			Labels: map[string]string{"check": "foo"},
+		},
+	}
+	stopCh := make(chan struct{})
+	defer close(stopCh)
+	addReceived := make(chan bool)
+	mutationFound := make(chan bool)
+
+	informer := NewSharedInformer(lw, &api.Pod{}, 1*time.Second).(*sharedIndexInformer)
+	informer.cacheMutationDetector = &defaultCacheMutationDetector{
+		name:   "name",
+		period: 1 * time.Second,
+		failureFunc: func(message string) {
+			mutationFound <- true
+		},
+	}
+	informer.AddEventHandler(
+		ResourceEventHandlerFuncs{
+			AddFunc: func(obj interface{}) {
+				addReceived <- true
+			},
+		},
+	)
+	go informer.Run(stopCh)
+
+	fakeWatch.Add(pod)
+
+	select {
+	case <-addReceived:
+	}
+
+	pod.Labels["change"] = "true"
+
+	select {
+	case <-mutationFound:
+	}
+
+}

tools/cache/shared_informer.go

@@ -68,11 +68,12 @@ func NewSharedInformer(lw ListerWatcher, objType runtime.Object, resyncPeriod ti
 // be shared amongst all consumers.
 func NewSharedIndexInformer(lw ListerWatcher, objType runtime.Object, resyncPeriod time.Duration, indexers Indexers) SharedIndexInformer {
 	sharedIndexInformer := &sharedIndexInformer{
-		processor:        &sharedProcessor{},
-		indexer:          NewIndexer(DeletionHandlingMetaNamespaceKeyFunc, indexers),
-		listerWatcher:    lw,
-		objectType:       objType,
-		fullResyncPeriod: resyncPeriod,
+		processor:             &sharedProcessor{},
+		indexer:               NewIndexer(DeletionHandlingMetaNamespaceKeyFunc, indexers),
+		listerWatcher:         lw,
+		objectType:            objType,
+		fullResyncPeriod:      resyncPeriod,
+		cacheMutationDetector: NewCacheMutationDetector(fmt.Sprintf("%T", objType)),
 	}
 	return sharedIndexInformer
 }
@@ -109,7 +110,8 @@ type sharedIndexInformer struct {
 	indexer    Indexer
 	controller *Controller
 
-	processor *sharedProcessor
+	processor             *sharedProcessor
+	cacheMutationDetector CacheMutationDetector
 
 	// This block is tracked to handle late initialization of the controller
 	listerWatcher    ListerWatcher
@@ -180,6 +182,7 @@ func (s *sharedIndexInformer) Run(stopCh <-chan struct{}) {
 	}()
 
 	s.stopCh = stopCh
+	s.cacheMutationDetector.Run(stopCh)
 	s.processor.run(stopCh)
 	s.controller.Run(stopCh)
 }
@@ -204,7 +207,7 @@ func (s *sharedIndexInformer) LastSyncResourceVersion() string {
 	s.startedLock.Lock()
 	defer s.startedLock.Unlock()
 
-	if s.controller == nil {
+	if s.controller == nil || s.controller.reflector == nil {
 		return ""
 	}
 	return s.controller.reflector.LastSyncResourceVersion()
@@ -273,6 +276,7 @@ func (s *sharedIndexInformer) HandleDeltas(obj interface{}) error {
 	for _, d := range obj.(Deltas) {
 		switch d.Type {
 		case Sync, Added, Updated:
+			s.cacheMutationDetector.AddObject(d.Object)
 			if old, exists, err := s.indexer.Get(d.Object); err == nil && exists {
 				if err := s.indexer.Update(d.Object); err != nil {
 					return err

tools/clientcmd/api/latest/latest.go

@@ -56,7 +56,7 @@ func init() {
 		panic(err)
 	}
 	yamlSerializer := json.NewYAMLSerializer(json.DefaultMetaFactory, Scheme, Scheme)
-	Codec = versioning.NewCodecForScheme(
+	Codec = versioning.NewDefaultingCodecForScheme(
 		Scheme,
 		yamlSerializer,
 		yamlSerializer,

tools/clientcmd/api/types.go

@@ -28,12 +28,14 @@ import (
 type Config struct {
 	// Legacy field from pkg/api/types.go TypeMeta.
 	// TODO(jlowdermilk): remove this after eliminating downstream dependencies.
+	// +optional
 	Kind string `json:"kind,omitempty"`
 	// DEPRECATED: APIVersion is the preferred api version for communicating with the kubernetes cluster (v1, v2, etc).
 	// Because a cluster can run multiple API groups and potentially multiple versions of each, it no longer makes sense to specify
 	// a single value for the cluster version.
 	// This field isn't really needed anyway, so we are deprecating it without replacement.
 	// It will be ignored if it is present.
+	// +optional
 	APIVersion string `json:"apiVersion,omitempty"`
 	// Preferences holds general information to be use for cli interactions
 	Preferences Preferences `json:"preferences"`
@@ -46,13 +48,16 @@ type Config struct {
 	// CurrentContext is the name of the context that you would like to use by default
 	CurrentContext string `json:"current-context"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions map[string]runtime.Object `json:"extensions,omitempty"`
 }
 
 // IMPORTANT if you add fields to this struct, please update IsConfigEmpty()
 type Preferences struct {
+	// +optional
 	Colors bool `json:"colors,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions map[string]runtime.Object `json:"extensions,omitempty"`
 }
 
@@ -63,14 +68,19 @@ type Cluster struct {
 	// Server is the address of the kubernetes cluster (https://hostname:port).
 	Server string `json:"server"`
 	// APIVersion is the preferred api version for communicating with the kubernetes cluster (v1, v2, etc).
+	// +optional
 	APIVersion string `json:"api-version,omitempty"`
 	// InsecureSkipTLSVerify skips the validity check for the server's certificate. This will make your HTTPS connections insecure.
+	// +optional
 	InsecureSkipTLSVerify bool `json:"insecure-skip-tls-verify,omitempty"`
 	// CertificateAuthority is the path to a cert file for the certificate authority.
+	// +optional
 	CertificateAuthority string `json:"certificate-authority,omitempty"`
 	// CertificateAuthorityData contains PEM-encoded certificate authority certificates. Overrides CertificateAuthority
+	// +optional
 	CertificateAuthorityData []byte `json:"certificate-authority-data,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions map[string]runtime.Object `json:"extensions,omitempty"`
 }
 
@@ -79,26 +89,37 @@ type AuthInfo struct {
 	// LocationOfOrigin indicates where this object came from.  It is used for round tripping config post-merge, but never serialized.
 	LocationOfOrigin string
 	// ClientCertificate is the path to a client cert file for TLS.
+	// +optional
 	ClientCertificate string `json:"client-certificate,omitempty"`
 	// ClientCertificateData contains PEM-encoded data from a client cert file for TLS. Overrides ClientCertificate
+	// +optional
 	ClientCertificateData []byte `json:"client-certificate-data,omitempty"`
 	// ClientKey is the path to a client key file for TLS.
+	// +optional
 	ClientKey string `json:"client-key,omitempty"`
 	// ClientKeyData contains PEM-encoded data from a client key file for TLS. Overrides ClientKey
+	// +optional
 	ClientKeyData []byte `json:"client-key-data,omitempty"`
 	// Token is the bearer token for authentication to the kubernetes cluster.
+	// +optional
 	Token string `json:"token,omitempty"`
 	// TokenFile is a pointer to a file that contains a bearer token (as described above).  If both Token and TokenFile are present, Token takes precedence.
+	// +optional
 	TokenFile string `json:"tokenFile,omitempty"`
 	// Impersonate is the username to act-as.
+	// +optional
 	Impersonate string `json:"act-as,omitempty"`
 	// Username is the username for basic authentication to the kubernetes cluster.
+	// +optional
 	Username string `json:"username,omitempty"`
 	// Password is the password for basic authentication to the kubernetes cluster.
+	// +optional
 	Password string `json:"password,omitempty"`
 	// AuthProvider specifies a custom authentication plugin for the kubernetes cluster.
+	// +optional
 	AuthProvider *AuthProviderConfig `json:"auth-provider,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions map[string]runtime.Object `json:"extensions,omitempty"`
 }
 
@@ -111,14 +132,17 @@ type Context struct {
 	// AuthInfo is the name of the authInfo for this context
 	AuthInfo string `json:"user"`
 	// Namespace is the default namespace to use on unspecified requests
+	// +optional
 	Namespace string `json:"namespace,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions map[string]runtime.Object `json:"extensions,omitempty"`
 }
 
 // AuthProviderConfig holds the configuration for a specified auth provider.
 type AuthProviderConfig struct {
-	Name   string            `json:"name"`
+	Name string `json:"name"`
+	// +optional
 	Config map[string]string `json:"config,omitempty"`
 }
 

tools/clientcmd/api/v1/types.go

@@ -27,12 +27,14 @@ import (
 type Config struct {
 	// Legacy field from pkg/api/types.go TypeMeta.
 	// TODO(jlowdermilk): remove this after eliminating downstream dependencies.
+	// +optional
 	Kind string `json:"kind,omitempty"`
 	// DEPRECATED: APIVersion is the preferred api version for communicating with the kubernetes cluster (v1, v2, etc).
 	// Because a cluster can run multiple API groups and potentially multiple versions of each, it no longer makes sense to specify
 	// a single value for the cluster version.
 	// This field isn't really needed anyway, so we are deprecating it without replacement.
 	// It will be ignored if it is present.
+	// +optional
 	APIVersion string `json:"apiVersion,omitempty"`
 	// Preferences holds general information to be use for cli interactions
 	Preferences Preferences `json:"preferences"`
@@ -45,12 +47,15 @@ type Config struct {
 	// CurrentContext is the name of the context that you would like to use by default
 	CurrentContext string `json:"current-context"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions []NamedExtension `json:"extensions,omitempty"`
 }
 
 type Preferences struct {
+	// +optional
 	Colors bool `json:"colors,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions []NamedExtension `json:"extensions,omitempty"`
 }
 
@@ -59,40 +64,56 @@ type Cluster struct {
 	// Server is the address of the kubernetes cluster (https://hostname:port).
 	Server string `json:"server"`
 	// APIVersion is the preferred api version for communicating with the kubernetes cluster (v1, v2, etc).
+	// +optional
 	APIVersion string `json:"api-version,omitempty"`
 	// InsecureSkipTLSVerify skips the validity check for the server's certificate. This will make your HTTPS connections insecure.
+	// +optional
 	InsecureSkipTLSVerify bool `json:"insecure-skip-tls-verify,omitempty"`
 	// CertificateAuthority is the path to a cert file for the certificate authority.
+	// +optional
 	CertificateAuthority string `json:"certificate-authority,omitempty"`
 	// CertificateAuthorityData contains PEM-encoded certificate authority certificates. Overrides CertificateAuthority
+	// +optional
 	CertificateAuthorityData []byte `json:"certificate-authority-data,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions []NamedExtension `json:"extensions,omitempty"`
 }
 
 // AuthInfo contains information that describes identity information.  This is use to tell the kubernetes cluster who you are.
 type AuthInfo struct {
 	// ClientCertificate is the path to a client cert file for TLS.
+	// +optional
 	ClientCertificate string `json:"client-certificate,omitempty"`
 	// ClientCertificateData contains PEM-encoded data from a client cert file for TLS. Overrides ClientCertificate
+	// +optional
 	ClientCertificateData []byte `json:"client-certificate-data,omitempty"`
 	// ClientKey is the path to a client key file for TLS.
+	// +optional
 	ClientKey string `json:"client-key,omitempty"`
 	// ClientKeyData contains PEM-encoded data from a client key file for TLS. Overrides ClientKey
+	// +optional
 	ClientKeyData []byte `json:"client-key-data,omitempty"`
 	// Token is the bearer token for authentication to the kubernetes cluster.
+	// +optional
 	Token string `json:"token,omitempty"`
 	// TokenFile is a pointer to a file that contains a bearer token (as described above).  If both Token and TokenFile are present, Token takes precedence.
+	// +optional
 	TokenFile string `json:"tokenFile,omitempty"`
 	// Impersonate is the username to imperonate.  The name matches the flag.
+	// +optional
 	Impersonate string `json:"as,omitempty"`
 	// Username is the username for basic authentication to the kubernetes cluster.
+	// +optional
 	Username string `json:"username,omitempty"`
 	// Password is the password for basic authentication to the kubernetes cluster.
+	// +optional
 	Password string `json:"password,omitempty"`
 	// AuthProvider specifies a custom authentication plugin for the kubernetes cluster.
+	// +optional
 	AuthProvider *AuthProviderConfig `json:"auth-provider,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions []NamedExtension `json:"extensions,omitempty"`
 }
 
@@ -103,8 +124,10 @@ type Context struct {
 	// AuthInfo is the name of the authInfo for this context
 	AuthInfo string `json:"user"`
 	// Namespace is the default namespace to use on unspecified requests
+	// +optional
 	Namespace string `json:"namespace,omitempty"`
 	// Extensions holds additional information. This is useful for extenders so that reads and writes don't clobber unknown fields
+	// +optional
 	Extensions []NamedExtension `json:"extensions,omitempty"`
 }