From a909cc8af515314c481422d6ab0d60a8253e3d99 Mon Sep 17 00:00:00 2001
From: tengqm <tengqim@cn.ibm.com>
Date: Thu, 17 Aug 2017 20:33:11 +0800
Subject: [PATCH] Fix admission plugin registration

The current registration of admission plug-ins happen too late so the
command line help is not yielding correct/useful information to users.
This is already causing confusion as mentioned in some issues.

This patch fixes it by moving plugins.go down to options package because
"plugins" in this context are themselves options for users. Registration
of plugins is not an expensive operation and it is already done in most
execution paths.

In future, we may want to revisit these plugins and migrate them to the
shared apiserver repo when appropriate.
---
 cmd/kube-apiserver/app/BUILD                  | 27 ------------------
 cmd/kube-apiserver/app/options/BUILD          | 28 +++++++++++++++++++
 cmd/kube-apiserver/app/options/options.go     |  3 ++
 .../app/{ => options}/plugins.go              |  2 +-
 cmd/kube-apiserver/app/server.go              |  3 --
 5 files changed, 32 insertions(+), 31 deletions(-)
 rename cmd/kube-apiserver/app/{ => options}/plugins.go (99%)

diff --git a/cmd/kube-apiserver/app/BUILD b/cmd/kube-apiserver/app/BUILD
index 48b7925eff7..563922ce5cb 100644
--- a/cmd/kube-apiserver/app/BUILD
+++ b/cmd/kube-apiserver/app/BUILD
@@ -10,7 +10,6 @@ go_library(
     srcs = [
         "aggregator.go",
         "apiextensions.go",
-        "plugins.go",
         "server.go",
     ],
     deps = [
@@ -24,7 +23,6 @@ go_library(
         "//pkg/client/clientset_generated/internalclientset:go_default_library",
         "//pkg/client/informers/informers_generated/internalversion:go_default_library",
         "//pkg/cloudprovider:go_default_library",
-        "//pkg/cloudprovider/providers:go_default_library",
         "//pkg/controller/serviceaccount:go_default_library",
         "//pkg/generated/openapi:go_default_library",
         "//pkg/kubeapiserver:go_default_library",
@@ -42,31 +40,6 @@ go_library(
         "//pkg/util/reflector/prometheus:go_default_library",
         "//pkg/util/workqueue/prometheus:go_default_library",
         "//pkg/version:go_default_library",
-        "//plugin/pkg/admission/admit:go_default_library",
-        "//plugin/pkg/admission/alwayspullimages:go_default_library",
-        "//plugin/pkg/admission/antiaffinity:go_default_library",
-        "//plugin/pkg/admission/defaulttolerationseconds:go_default_library",
-        "//plugin/pkg/admission/deny:go_default_library",
-        "//plugin/pkg/admission/exec:go_default_library",
-        "//plugin/pkg/admission/gc:go_default_library",
-        "//plugin/pkg/admission/imagepolicy:go_default_library",
-        "//plugin/pkg/admission/initialization:go_default_library",
-        "//plugin/pkg/admission/initialresources:go_default_library",
-        "//plugin/pkg/admission/limitranger:go_default_library",
-        "//plugin/pkg/admission/namespace/autoprovision:go_default_library",
-        "//plugin/pkg/admission/namespace/exists:go_default_library",
-        "//plugin/pkg/admission/noderestriction:go_default_library",
-        "//plugin/pkg/admission/persistentvolume/label:go_default_library",
-        "//plugin/pkg/admission/podnodeselector:go_default_library",
-        "//plugin/pkg/admission/podpreset:go_default_library",
-        "//plugin/pkg/admission/podtolerationrestriction:go_default_library",
-        "//plugin/pkg/admission/priority:go_default_library",
-        "//plugin/pkg/admission/resourcequota:go_default_library",
-        "//plugin/pkg/admission/security/podsecuritypolicy:go_default_library",
-        "//plugin/pkg/admission/securitycontext/scdeny:go_default_library",
-        "//plugin/pkg/admission/serviceaccount:go_default_library",
-        "//plugin/pkg/admission/storageclass/setdefault:go_default_library",
-        "//plugin/pkg/admission/webhook:go_default_library",
         "//plugin/pkg/auth/authenticator/token/bootstrap:go_default_library",
         "//vendor/github.com/go-openapi/spec:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
diff --git a/cmd/kube-apiserver/app/options/BUILD b/cmd/kube-apiserver/app/options/BUILD
index 6e5b3d19963..24b91cd21f1 100644
--- a/cmd/kube-apiserver/app/options/BUILD
+++ b/cmd/kube-apiserver/app/options/BUILD
@@ -10,17 +10,45 @@ go_library(
     name = "go_default_library",
     srcs = [
         "options.go",
+        "plugins.go",
         "validation.go",
     ],
     deps = [
         "//pkg/api:go_default_library",
         "//pkg/api/validation:go_default_library",
+        "//pkg/cloudprovider/providers:go_default_library",
         "//pkg/features:go_default_library",
         "//pkg/kubeapiserver/options:go_default_library",
         "//pkg/kubelet/client:go_default_library",
         "//pkg/master/ports:go_default_library",
+        "//plugin/pkg/admission/admit:go_default_library",
+        "//plugin/pkg/admission/alwayspullimages:go_default_library",
+        "//plugin/pkg/admission/antiaffinity:go_default_library",
+        "//plugin/pkg/admission/defaulttolerationseconds:go_default_library",
+        "//plugin/pkg/admission/deny:go_default_library",
+        "//plugin/pkg/admission/exec:go_default_library",
+        "//plugin/pkg/admission/gc:go_default_library",
+        "//plugin/pkg/admission/imagepolicy:go_default_library",
+        "//plugin/pkg/admission/initialization:go_default_library",
+        "//plugin/pkg/admission/initialresources:go_default_library",
+        "//plugin/pkg/admission/limitranger:go_default_library",
+        "//plugin/pkg/admission/namespace/autoprovision:go_default_library",
+        "//plugin/pkg/admission/namespace/exists:go_default_library",
+        "//plugin/pkg/admission/noderestriction:go_default_library",
+        "//plugin/pkg/admission/persistentvolume/label:go_default_library",
+        "//plugin/pkg/admission/podnodeselector:go_default_library",
+        "//plugin/pkg/admission/podpreset:go_default_library",
+        "//plugin/pkg/admission/podtolerationrestriction:go_default_library",
+        "//plugin/pkg/admission/priority:go_default_library",
+        "//plugin/pkg/admission/resourcequota:go_default_library",
+        "//plugin/pkg/admission/security/podsecuritypolicy:go_default_library",
+        "//plugin/pkg/admission/securitycontext/scdeny:go_default_library",
+        "//plugin/pkg/admission/serviceaccount:go_default_library",
+        "//plugin/pkg/admission/storageclass/setdefault:go_default_library",
+        "//plugin/pkg/admission/webhook:go_default_library",
         "//vendor/github.com/spf13/pflag:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
         "//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
     ],
diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go
index c9daf9da337..31cc0529434 100644
--- a/cmd/kube-apiserver/app/options/options.go
+++ b/cmd/kube-apiserver/app/options/options.go
@@ -113,6 +113,9 @@ func NewServerRunOptions() *ServerRunOptions {
 	}
 	// Overwrite the default for storage data format.
 	s.Etcd.DefaultStorageMediaType = "application/vnd.kubernetes.protobuf"
+
+	// register all admission plugins
+	RegisterAllAdmissionPlugins(s.Admission.Plugins)
 	// Set the default for admission plugins names
 	s.Admission.PluginNames = []string{"AlwaysAdmit"}
 	return &s
diff --git a/cmd/kube-apiserver/app/plugins.go b/cmd/kube-apiserver/app/options/plugins.go
similarity index 99%
rename from cmd/kube-apiserver/app/plugins.go
rename to cmd/kube-apiserver/app/options/plugins.go
index 06e21d5a5f0..7d0e8bb04a3 100644
--- a/cmd/kube-apiserver/app/plugins.go
+++ b/cmd/kube-apiserver/app/options/plugins.go
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package app
+package options
 
 // This file exists to force the desired plugin implementations to be linked.
 // This should probably be part of some configuration fed into the build for a
diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go
index 7d0e9a1fc24..95a201daa00 100644
--- a/cmd/kube-apiserver/app/server.go
+++ b/cmd/kube-apiserver/app/server.go
@@ -249,9 +249,6 @@ func CreateNodeDialer(s *options.ServerRunOptions) (tunneler.Tunneler, *http.Tra
 
 // CreateKubeAPIServerConfig creates all the resources for running the API server, but runs none of them
 func CreateKubeAPIServerConfig(s *options.ServerRunOptions, nodeTunneler tunneler.Tunneler, proxyTransport http.RoundTripper) (*master.Config, informers.SharedInformerFactory, clientgoinformers.SharedInformerFactory, *kubeserver.InsecureServingInfo, aggregatorapiserver.ServiceResolver, error) {
-	// register all admission plugins
-	RegisterAllAdmissionPlugins(s.Admission.Plugins)
-
 	// set defaults in the options before trying to create the generic config
 	if err := defaultOptions(s); err != nil {
 		return nil, nil, nil, nil, nil, err