From c8804bff6d1616a23547eaff3f91b75200a3319a Mon Sep 17 00:00:00 2001 From: yongruilin Date: Wed, 5 Feb 2025 15:39:04 -0800 Subject: [PATCH 1/2] fix: flagz endpoint to return parsed flags value --- cmd/kube-apiserver/app/options/completion.go | 2 +- cmd/kube-apiserver/app/options/options.go | 6 ++++++ cmd/kube-apiserver/app/options/options_test.go | 1 + cmd/kube-apiserver/app/server.go | 1 + 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/cmd/kube-apiserver/app/options/completion.go b/cmd/kube-apiserver/app/options/completion.go index 0b83e79a9ed..8325b322c37 100644 --- a/cmd/kube-apiserver/app/options/completion.go +++ b/cmd/kube-apiserver/app/options/completion.go @@ -57,7 +57,7 @@ func (s *ServerRunOptions) Complete(ctx context.Context) (CompletedOptions, erro if err != nil { return CompletedOptions{}, err } - controlplane, err := s.Options.Complete(ctx, s.Flags(), []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}, []net.IP{apiServerServiceIP}) + controlplane, err := s.Options.Complete(ctx, *s.ParsedFlags, []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}, []net.IP{apiServerServiceIP}) if err != nil { return CompletedOptions{}, err } diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index ebed12af1d6..2ebe8a7ab59 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -41,6 +41,8 @@ type ServerRunOptions struct { CloudProvider *kubeoptions.CloudProviderOptions Extra + // ParsedFlags hold the parsed CLI flags. + ParsedFlags *cliflag.NamedFlagSets } type Extra struct { @@ -100,6 +102,9 @@ func NewServerRunOptions() *ServerRunOptions { // Flags returns flags for a specific APIServer by section name func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) { + if s.ParsedFlags != nil { + return *s.ParsedFlags + } s.Options.AddFlags(&fss) s.CloudProvider.AddFlags(fss.FlagSet("cloud provider")) @@ -156,5 +161,6 @@ func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) { "The number of apiservers running in the cluster, must be a positive number. (In use when --endpoint-reconciler-type=master-count is enabled.)") fs.MarkDeprecated("apiserver-count", "apiserver-count is deprecated and will be removed in a future version.") + s.ParsedFlags = &fss return fss } diff --git a/cmd/kube-apiserver/app/options/options_test.go b/cmd/kube-apiserver/app/options/options_test.go index 33fe7785b89..5f510cffa85 100644 --- a/cmd/kube-apiserver/app/options/options_test.go +++ b/cmd/kube-apiserver/app/options/options_test.go @@ -335,6 +335,7 @@ func TestAddFlags(t *testing.T) { CloudConfigFile: "/cloud-config", CloudProvider: "azure", }, + ParsedFlags: s.ParsedFlags, } expected.Authentication.OIDC.UsernameClaim = "sub" diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 06a8ca81801..f105636a39c 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -124,6 +124,7 @@ cluster's shared state through which all other components interact.`, fs := cmd.Flags() namedFlagSets := s.Flags() + s.ParsedFlags = &namedFlagSets verflag.AddFlags(namedFlagSets.FlagSet("global")) globalflag.AddGlobalFlags(namedFlagSets.FlagSet("global"), cmd.Name(), logs.SkipLoggingConfigurationFlags()) options.AddCustomGlobalFlags(namedFlagSets.FlagSet("generic")) From b1d72a5b7c9d49676c5e79b5658736e75cf68074 Mon Sep 17 00:00:00 2001 From: yongruilin Date: Wed, 5 Feb 2025 15:40:33 -0800 Subject: [PATCH 2/2] test: Add emulated-version flag verification in flagz test --- cmd/kube-apiserver/app/options/completion.go | 2 +- cmd/kube-apiserver/app/options/options.go | 6 ------ cmd/kube-apiserver/app/options/options_test.go | 1 - cmd/kube-apiserver/app/server.go | 8 +++++++- cmd/kube-apiserver/app/testing/testserver.go | 8 +++++++- pkg/controlplane/apiserver/config_test.go | 3 +-- pkg/controlplane/apiserver/options/options.go | 4 +--- .../apiserver/samples/generic/server/server.go | 3 +-- .../samples/generic/server/testing/testserver.go | 8 +++++++- .../integration/controlplane/kube_apiserver_test.go | 13 ++++++++++++- 10 files changed, 37 insertions(+), 19 deletions(-) diff --git a/cmd/kube-apiserver/app/options/completion.go b/cmd/kube-apiserver/app/options/completion.go index 8325b322c37..89e2dbf9e41 100644 --- a/cmd/kube-apiserver/app/options/completion.go +++ b/cmd/kube-apiserver/app/options/completion.go @@ -57,7 +57,7 @@ func (s *ServerRunOptions) Complete(ctx context.Context) (CompletedOptions, erro if err != nil { return CompletedOptions{}, err } - controlplane, err := s.Options.Complete(ctx, *s.ParsedFlags, []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}, []net.IP{apiServerServiceIP}) + controlplane, err := s.Options.Complete(ctx, []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}, []net.IP{apiServerServiceIP}) if err != nil { return CompletedOptions{}, err } diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index 2ebe8a7ab59..ebed12af1d6 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -41,8 +41,6 @@ type ServerRunOptions struct { CloudProvider *kubeoptions.CloudProviderOptions Extra - // ParsedFlags hold the parsed CLI flags. - ParsedFlags *cliflag.NamedFlagSets } type Extra struct { @@ -102,9 +100,6 @@ func NewServerRunOptions() *ServerRunOptions { // Flags returns flags for a specific APIServer by section name func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) { - if s.ParsedFlags != nil { - return *s.ParsedFlags - } s.Options.AddFlags(&fss) s.CloudProvider.AddFlags(fss.FlagSet("cloud provider")) @@ -161,6 +156,5 @@ func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) { "The number of apiservers running in the cluster, must be a positive number. (In use when --endpoint-reconciler-type=master-count is enabled.)") fs.MarkDeprecated("apiserver-count", "apiserver-count is deprecated and will be removed in a future version.") - s.ParsedFlags = &fss return fss } diff --git a/cmd/kube-apiserver/app/options/options_test.go b/cmd/kube-apiserver/app/options/options_test.go index 5f510cffa85..33fe7785b89 100644 --- a/cmd/kube-apiserver/app/options/options_test.go +++ b/cmd/kube-apiserver/app/options/options_test.go @@ -335,7 +335,6 @@ func TestAddFlags(t *testing.T) { CloudConfigFile: "/cloud-config", CloudProvider: "azure", }, - ParsedFlags: s.ParsedFlags, } expected.Authentication.OIDC.UsernameClaim = "sub" diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index f105636a39c..fea75ca87c6 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -49,6 +49,8 @@ import ( "k8s.io/component-base/term" utilversion "k8s.io/component-base/version" "k8s.io/component-base/version/verflag" + zpagesfeatures "k8s.io/component-base/zpages/features" + "k8s.io/component-base/zpages/flagz" "k8s.io/klog/v2" aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver" "k8s.io/kubernetes/cmd/kube-apiserver/app/options" @@ -124,7 +126,11 @@ cluster's shared state through which all other components interact.`, fs := cmd.Flags() namedFlagSets := s.Flags() - s.ParsedFlags = &namedFlagSets + if utilfeature.DefaultFeatureGate.Enabled(zpagesfeatures.ComponentFlagz) { + s.Flagz = flagz.NamedFlagSetsReader{ + FlagSets: namedFlagSets, + } + } verflag.AddFlags(namedFlagSets.FlagSet("global")) globalflag.AddGlobalFlags(namedFlagSets.FlagSet("global"), cmd.Name(), logs.SkipLoggingConfigurationFlags()) options.AddCustomGlobalFlags(namedFlagSets.FlagSet("generic")) diff --git a/cmd/kube-apiserver/app/testing/testserver.go b/cmd/kube-apiserver/app/testing/testserver.go index d7be4ad537e..de615a9b1ca 100644 --- a/cmd/kube-apiserver/app/testing/testserver.go +++ b/cmd/kube-apiserver/app/testing/testserver.go @@ -57,6 +57,8 @@ import ( basecompatibility "k8s.io/component-base/compatibility" featuregatetesting "k8s.io/component-base/featuregate/testing" logsapi "k8s.io/component-base/logs/api/v1" + zpagesfeatures "k8s.io/component-base/zpages/features" + "k8s.io/component-base/zpages/flagz" "k8s.io/klog/v2" "k8s.io/kube-aggregator/pkg/apiserver" "k8s.io/kubernetes/pkg/features" @@ -207,7 +209,8 @@ func StartTestServer(t ktesting.TB, instanceOptions *TestServerInstanceOptions, s.GenericServerRunOptions.RequestTimeout = instanceOptions.RequestTimeout } - for _, f := range s.Flags().FlagSets { + namedFlagSets := s.Flags() + for _, f := range namedFlagSets.FlagSets { fs.AddFlagSet(f) } @@ -341,6 +344,9 @@ func StartTestServer(t ktesting.TB, instanceOptions *TestServerInstanceOptions, if err := fs.Parse(customFlags); err != nil { return result, err } + if utilfeature.DefaultFeatureGate.Enabled(zpagesfeatures.ComponentFlagz) { + s.Flagz = flagz.NamedFlagSetsReader{FlagSets: namedFlagSets} + } // the RequestHeader options pointer gets replaced in the case of EnableCertAuth override // and so flags are connected to a struct that no longer appears in the ServerOptions struct diff --git a/pkg/controlplane/apiserver/config_test.go b/pkg/controlplane/apiserver/config_test.go index 9f624cbcba7..b6d4f979927 100644 --- a/pkg/controlplane/apiserver/config_test.go +++ b/pkg/controlplane/apiserver/config_test.go @@ -25,7 +25,6 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" apiserveroptions "k8s.io/apiserver/pkg/server/options" - cliflag "k8s.io/component-base/cli/flag" aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme" "k8s.io/kubernetes/pkg/api/legacyscheme" "k8s.io/kubernetes/pkg/controlplane/apiserver/options" @@ -47,7 +46,7 @@ func TestBuildGenericConfig(t *testing.T) { s.BindPort = ln.Addr().(*net.TCPAddr).Port opts.SecureServing = s - completedOptions, err := opts.Complete(context.TODO(), cliflag.NamedFlagSets{}, nil, nil) + completedOptions, err := opts.Complete(context.TODO(), nil, nil) if err != nil { t.Fatalf("Failed to complete apiserver options: %v", err) } diff --git a/pkg/controlplane/apiserver/options/options.go b/pkg/controlplane/apiserver/options/options.go index a6a81ee137d..a2437a18c0c 100644 --- a/pkg/controlplane/apiserver/options/options.go +++ b/pkg/controlplane/apiserver/options/options.go @@ -203,7 +203,7 @@ func (s *Options) AddFlags(fss *cliflag.NamedFlagSets) { "Path to socket where a external JWT signer is listening. This flag is mutually exclusive with --service-account-signing-key-file and --service-account-key-file. Requires enabling feature gate (ExternalServiceAccountTokenSigner)") } -func (o *Options) Complete(ctx context.Context, fss cliflag.NamedFlagSets, alternateDNS []string, alternateIPs []net.IP) (CompletedOptions, error) { +func (o *Options) Complete(ctx context.Context, alternateDNS []string, alternateIPs []net.IP) (CompletedOptions, error) { if o == nil { return CompletedOptions{completedOptions: &completedOptions{}}, nil } @@ -269,8 +269,6 @@ func (o *Options) Complete(ctx context.Context, fss cliflag.NamedFlagSets, alter } } - completed.Flagz = flagz.NamedFlagSetsReader{FlagSets: fss} - return CompletedOptions{ completedOptions: &completed, }, nil diff --git a/pkg/controlplane/apiserver/samples/generic/server/server.go b/pkg/controlplane/apiserver/samples/generic/server/server.go index cbc6d9e5633..be6af3f94d4 100644 --- a/pkg/controlplane/apiserver/samples/generic/server/server.go +++ b/pkg/controlplane/apiserver/samples/generic/server/server.go @@ -24,7 +24,6 @@ import ( "path/filepath" "github.com/spf13/cobra" - "github.com/spf13/pflag" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" utilerrors "k8s.io/apimachinery/pkg/util/errors" utilruntime "k8s.io/apimachinery/pkg/util/runtime" @@ -86,7 +85,7 @@ APIs.`, ctx := genericapiserver.SetupSignalContext() - completedOptions, err := s.Complete(ctx, cliflag.NamedFlagSets{FlagSets: map[string]*pflag.FlagSet{"sample_generic_controlplane": fs}}, []string{}, []net.IP{}) + completedOptions, err := s.Complete(ctx, []string{}, []net.IP{}) if err != nil { return err } diff --git a/pkg/controlplane/apiserver/samples/generic/server/testing/testserver.go b/pkg/controlplane/apiserver/samples/generic/server/testing/testserver.go index f7dc5453589..16a0667711b 100644 --- a/pkg/controlplane/apiserver/samples/generic/server/testing/testserver.go +++ b/pkg/controlplane/apiserver/samples/generic/server/testing/testserver.go @@ -37,10 +37,13 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/apiserver/pkg/storage/storagebackend" + utilfeature "k8s.io/apiserver/pkg/util/feature" "k8s.io/client-go/kubernetes" restclient "k8s.io/client-go/rest" cliflag "k8s.io/component-base/cli/flag" logsapi "k8s.io/component-base/logs/api/v1" + zpagesfeatures "k8s.io/component-base/zpages/features" + "k8s.io/component-base/zpages/flagz" "k8s.io/klog/v2" controlplaneapiserver "k8s.io/kubernetes/pkg/controlplane/apiserver/options" "k8s.io/kubernetes/test/utils/ktesting" @@ -126,6 +129,9 @@ func StartTestServer(t ktesting.TB, instanceOptions *TestServerInstanceOptions, o := server.NewOptions() var fss cliflag.NamedFlagSets o.AddFlags(&fss) + if utilfeature.DefaultFeatureGate.Enabled(zpagesfeatures.ComponentFlagz) { + o.Flagz = flagz.NamedFlagSetsReader{FlagSets: fss} + } fs := pflag.NewFlagSet("test", pflag.PanicOnError) for _, f := range fss.FlagSets { @@ -164,7 +170,7 @@ func StartTestServer(t ktesting.TB, instanceOptions *TestServerInstanceOptions, o.Authentication.ServiceAccounts.Issuers = []string{"https://foo.bar.example.com"} o.Authentication.ServiceAccounts.KeyFiles = []string{saSigningKeyFile.Name()} - completedOptions, err := o.Complete(tCtx, fss, nil, nil) + completedOptions, err := o.Complete(tCtx, nil, nil) if err != nil { return result, fmt.Errorf("failed to set default ServerRunOptions: %w", err) } diff --git a/test/integration/controlplane/kube_apiserver_test.go b/test/integration/controlplane/kube_apiserver_test.go index 0585f5d4cbe..8470fe3f790 100644 --- a/test/integration/controlplane/kube_apiserver_test.go +++ b/test/integration/controlplane/kube_apiserver_test.go @@ -132,7 +132,8 @@ func TestLivezAndReadyz(t *testing.T) { func TestFlagz(t *testing.T) { featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.ComponentFlagz, true) - server := kubeapiservertesting.StartTestServerOrDie(t, nil, framework.DefaultTestServerFlags(), framework.SharedEtcd()) + testServerFlags := append(framework.DefaultTestServerFlags(), "--emulated-version=1.32") + server := kubeapiservertesting.StartTestServerOrDie(t, nil, testServerFlags, framework.SharedEtcd()) defer server.TearDownFn() client, err := kubernetes.NewForConfig(server.ClientConfig) @@ -158,6 +159,16 @@ Warning: This endpoint is not meant to be machine parseable, has no formatting c if !bytes.HasPrefix(raw, []byte(expectedHeader)) { t.Fatalf("Header mismatch!\nExpected:\n%s\n\nGot:\n%s", expectedHeader, string(raw)) } + found := false + for _, line := range strings.Split(string(raw), "\n") { + if strings.Contains(line, "emulated-version") && strings.Contains(line, "1.32") { + found = true + break + } + } + if !found { + t.Fatalf("Expected flag --emulated-version=[1.32] to be reflected in /flagz output, got:\n%s", string(raw)) + } } // TestOpenAPIDelegationChainPlumbing is a smoke test that checks for