From ed2b4f0fcb48cfa69ceaf6f385d30a289236ad57 Mon Sep 17 00:00:00 2001
From: Patrick Ohly <patrick.ohly@intel.com>
Date: Wed, 2 Aug 2023 10:57:51 +0200
Subject: [PATCH] SSA: prevent usage of Extract calls via forbidigo

Client-side extract calls depend on `managedFields`, which might not be
available. Therefore they should not be used in production code.

They are okay in test files (because the API has to be tested), in the
generated code (because the various type specific APIs still need to be
provided) and in unstructured.go (same reason).

Kubernetes-commit: 4bc9434f99d9a87dd5b63e738b6b1b16693f10e4
---
 applyconfigurations/meta/v1/unstructured.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/applyconfigurations/meta/v1/unstructured.go b/applyconfigurations/meta/v1/unstructured.go
index 8a58d9e8..a206bd32 100644
--- a/applyconfigurations/meta/v1/unstructured.go
+++ b/applyconfigurations/meta/v1/unstructured.go
@@ -125,7 +125,7 @@ func (e *extractor) extractUnstructured(object *unstructured.Unstructured, field
 		return nil, fmt.Errorf("failed to fetch the objectType: %v", err)
 	}
 	result := &unstructured.Unstructured{}
-	err = managedfields.ExtractInto(object, *objectType, fieldManager, result, subresource)
+	err = managedfields.ExtractInto(object, *objectType, fieldManager, result, subresource) //nolint:forbidigo
 	if err != nil {
 		return nil, fmt.Errorf("failed calling ExtractInto for unstructured: %v", err)
 	}