From 4a24a08f936a295bf332b9567bea182e2feff554 Mon Sep 17 00:00:00 2001 From: xiongzhongliang Date: Sun, 28 Feb 2021 01:00:09 +0800 Subject: [PATCH] Optimize some codes --- cmd/kube-apiserver/app/options/validation.go | 2 +- pkg/kubeapiserver/options/admission.go | 2 +- pkg/kubeapiserver/options/authentication.go | 4 ++-- pkg/kubeapiserver/options/authorization.go | 16 ++++++---------- .../k8s.io/apiserver/pkg/server/options/audit.go | 10 ++-------- 5 files changed, 12 insertions(+), 22 deletions(-) diff --git a/cmd/kube-apiserver/app/options/validation.go b/cmd/kube-apiserver/app/options/validation.go index 0730aa05f10..9fef63fcf8a 100644 --- a/cmd/kube-apiserver/app/options/validation.go +++ b/cmd/kube-apiserver/app/options/validation.go @@ -106,7 +106,7 @@ func validateServiceNodePort(options *ServerRunOptions) []error { } if options.KubernetesServiceNodePort > 0 && !options.ServiceNodePortRange.Contains(options.KubernetesServiceNodePort) { - errs = append(errs, fmt.Errorf("kubernetes service port range %v doesn't contain %v", options.ServiceNodePortRange, (options.KubernetesServiceNodePort))) + errs = append(errs, fmt.Errorf("kubernetes service node port range %v doesn't contain %v", options.ServiceNodePortRange, options.KubernetesServiceNodePort)) } return errs } diff --git a/pkg/kubeapiserver/options/admission.go b/pkg/kubeapiserver/options/admission.go index 82a37f6b88e..f788c4c36c2 100644 --- a/pkg/kubeapiserver/options/admission.go +++ b/pkg/kubeapiserver/options/admission.go @@ -84,7 +84,7 @@ func (a *AdmissionOptions) Validate() []error { if a == nil { return nil } - errs := []error{} + var errs []error if a.PluginNames != nil && (a.GenericAdmission.EnablePlugins != nil || a.GenericAdmission.DisablePlugins != nil) { errs = append(errs, fmt.Errorf("admission-control and enable-admission-plugins/disable-admission-plugins flags are mutually exclusive")) diff --git a/pkg/kubeapiserver/options/authentication.go b/pkg/kubeapiserver/options/authentication.go index 8100a74f2c5..d28a3b94ea8 100644 --- a/pkg/kubeapiserver/options/authentication.go +++ b/pkg/kubeapiserver/options/authentication.go @@ -185,7 +185,7 @@ func (o *BuiltInAuthenticationOptions) WithWebHook() *BuiltInAuthenticationOptio // Validate checks invalid config combination func (o *BuiltInAuthenticationOptions) Validate() []error { - allErrors := []error{} + var allErrors []error if o.OIDC != nil && (len(o.OIDC.IssuerURL) > 0) != (len(o.OIDC.ClientID) > 0) { allErrors = append(allErrors, fmt.Errorf("oidc-issuer-url and oidc-client-id should be specified together")) @@ -219,7 +219,7 @@ func (o *BuiltInAuthenticationOptions) Validate() []error { if o.WebHook != nil { retryBackoff := o.WebHook.RetryBackoff if retryBackoff != nil && retryBackoff.Steps <= 0 { - allErrors = append(allErrors, fmt.Errorf("number of webhook retry attempts must be greater than 1, but is: %d", retryBackoff.Steps)) + allErrors = append(allErrors, fmt.Errorf("number of webhook retry attempts must be greater than 0, but is: %d", retryBackoff.Steps)) } } diff --git a/pkg/kubeapiserver/options/authorization.go b/pkg/kubeapiserver/options/authorization.go index e9d4f39bc53..a6760d1720e 100644 --- a/pkg/kubeapiserver/options/authorization.go +++ b/pkg/kubeapiserver/options/authorization.go @@ -61,7 +61,7 @@ func (o *BuiltInAuthorizationOptions) Validate() []error { if o == nil { return nil } - allErrors := []error{} + var allErrors []error if len(o.Modes) == 0 { allErrors = append(allErrors, fmt.Errorf("at least one authorization-mode must be passed")) @@ -72,15 +72,11 @@ func (o *BuiltInAuthorizationOptions) Validate() []error { if !authzmodes.IsValidAuthorizationMode(mode) { allErrors = append(allErrors, fmt.Errorf("authorization-mode %q is not a valid mode", mode)) } - if mode == authzmodes.ModeABAC { - if o.PolicyFile == "" { - allErrors = append(allErrors, fmt.Errorf("authorization-mode ABAC's authorization policy file not passed")) - } + if mode == authzmodes.ModeABAC && o.PolicyFile == "" { + allErrors = append(allErrors, fmt.Errorf("authorization-mode ABAC's authorization policy file not passed")) } - if mode == authzmodes.ModeWebhook { - if o.WebhookConfigFile == "" { - allErrors = append(allErrors, fmt.Errorf("authorization-mode Webhook's authorization config file not passed")) - } + if mode == authzmodes.ModeWebhook && o.WebhookConfigFile == "" { + allErrors = append(allErrors, fmt.Errorf("authorization-mode Webhook's authorization config file not passed")) } } @@ -97,7 +93,7 @@ func (o *BuiltInAuthorizationOptions) Validate() []error { } if o.WebhookRetryBackoff != nil && o.WebhookRetryBackoff.Steps <= 0 { - allErrors = append(allErrors, fmt.Errorf("number of webhook retry attempts must be greater than 1, but is: %d", o.WebhookRetryBackoff.Steps)) + allErrors = append(allErrors, fmt.Errorf("number of webhook retry attempts must be greater than 0, but is: %d", o.WebhookRetryBackoff.Steps)) } return allErrors diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/audit.go b/staging/src/k8s.io/apiserver/pkg/server/options/audit.go index cb8b7bc21e2..11858004df5 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/audit.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/audit.go @@ -29,6 +29,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" utilnet "k8s.io/apimachinery/pkg/util/net" + "k8s.io/apimachinery/pkg/util/sets" auditinternal "k8s.io/apiserver/pkg/apis/audit" auditv1 "k8s.io/apiserver/pkg/apis/audit/v1" auditv1alpha1 "k8s.io/apiserver/pkg/apis/audit/v1alpha1" @@ -475,14 +476,7 @@ func (o *AuditLogOptions) Validate() []error { } // Check log format - validFormat := false - for _, f := range pluginlog.AllowedFormats { - if f == o.Format { - validFormat = true - break - } - } - if !validFormat { + if !sets.NewString(pluginlog.AllowedFormats...).Has(o.Format) { allErrors = append(allErrors, fmt.Errorf("invalid audit log format %s, allowed formats are %q", o.Format, strings.Join(pluginlog.AllowedFormats, ","))) }