github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #92842 from liggitt/deprecated-annotation

Browse Source 
Deprecated API request audit annotation
This commit is contained in:
Kubernetes Prow Robot 2020-07-11 20:56:43 -07:00 committed by GitHub
commit 71bfb73751
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go
View File

@ -142,6 +142,9 @@ type crdInfo struct {
spec *apiextensionsv1.CustomResourceDefinitionSpec spec *apiextensionsv1.CustomResourceDefinitionSpec
acceptedNames *apiextensionsv1.CustomResourceDefinitionNames acceptedNames *apiextensionsv1.CustomResourceDefinitionNames
// Deprecated per version
deprecated map[string]bool
// Warnings per version // Warnings per version
warnings map[string][]string warnings map[string][]string
@ -329,10 +332,9 @@ func (r *crdHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
return return
} }
if utilfeature.DefaultFeatureGate.Enabled(features.WarningHeaders) { deprecated := crdInfo.deprecated[requestInfo.APIVersion]
for _, w := range crdInfo.warnings[requestInfo.APIVersion] { for _, w := range crdInfo.warnings[requestInfo.APIVersion] {
warning.AddWarning(req.Context(), "", w) warning.AddWarning(req.Context(), "", w)
}
} }
verb := strings.ToUpper(requestInfo.Verb) verb := strings.ToUpper(requestInfo.Verb)
@ -372,7 +374,7 @@ func (r *crdHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
} }
if handlerFunc != nil { if handlerFunc != nil {
handlerFunc = metrics.InstrumentHandlerFunc(verb, requestInfo.APIGroup, requestInfo.APIVersion, resource, subresource, scope, metrics.APIServerComponent, false, "", handlerFunc) handlerFunc = metrics.InstrumentHandlerFunc(verb, requestInfo.APIGroup, requestInfo.APIVersion, resource, subresource, scope, metrics.APIServerComponent, deprecated, "", handlerFunc)
handler := genericfilters.WithWaitGroup(handlerFunc, longRunningFilter, crdInfo.waitGroup) handler := genericfilters.WithWaitGroup(handlerFunc, longRunningFilter, crdInfo.waitGroup)
handler.ServeHTTP(w, req) handler.ServeHTTP(w, req)
return return
@ -622,6 +624,7 @@ func (r *crdHandler) getOrCreateServingInfoFor(uid types.UID, name string) (*crd
storages := map[string]customresource.CustomResourceStorage{} storages := map[string]customresource.CustomResourceStorage{}
statusScopes := map[string]*handlers.RequestScope{} statusScopes := map[string]*handlers.RequestScope{}
scaleScopes := map[string]*handlers.RequestScope{} scaleScopes := map[string]*handlers.RequestScope{}
deprecated := map[string]bool{}
warnings := map[string][]string{} warnings := map[string][]string{}
equivalentResourceRegistry := runtime.NewEquivalentResourceRegistry() equivalentResourceRegistry := runtime.NewEquivalentResourceRegistry()
@ -883,10 +886,13 @@ func (r *crdHandler) getOrCreateServingInfoFor(uid types.UID, name string) (*crd
statusScopes[v.Name] = &statusScope statusScopes[v.Name] = &statusScope
if v.Deprecated { if v.Deprecated {
if v.DeprecationWarning != nil { deprecated[v.Name] = true
warnings[v.Name] = append(warnings[v.Name], *v.DeprecationWarning) if utilfeature.DefaultFeatureGate.Enabled(features.WarningHeaders) {
} else { if v.DeprecationWarning != nil {
warnings[v.Name] = append(warnings[v.Name], defaultDeprecationWarning(v.Name, crd.Spec)) warnings[v.Name] = append(warnings[v.Name], *v.DeprecationWarning)
} else {
warnings[v.Name] = append(warnings[v.Name], defaultDeprecationWarning(v.Name, crd.Spec))
}
} }
} }
} }
@ -898,6 +904,7 @@ func (r *crdHandler) getOrCreateServingInfoFor(uid types.UID, name string) (*crd
requestScopes: requestScopes, requestScopes: requestScopes,
scaleRequestScopes: scaleScopes, scaleRequestScopes: scaleScopes,
statusRequestScopes: statusScopes, statusRequestScopes: statusScopes,
deprecated: deprecated,
warnings: warnings, warnings: warnings,
storageVersion: storageVersion, storageVersion: storageVersion,
waitGroup: &utilwaitgroup.SafeWaitGroup{}, waitGroup: &utilwaitgroup.SafeWaitGroup{},

1
staging/src/k8s.io/apiserver/pkg/endpoints/metrics/BUILD
View File

@ -15,6 +15,7 @@ go_library(
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/validation:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/validation:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/audit:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library", "//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/features:go_default_library", "//staging/src/k8s.io/apiserver/pkg/features:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library",

15
staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go
View File

@ -31,6 +31,7 @@ import (
"k8s.io/apimachinery/pkg/apis/meta/v1/validation" "k8s.io/apimachinery/pkg/apis/meta/v1/validation"
"k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/types"
utilsets "k8s.io/apimachinery/pkg/util/sets" utilsets "k8s.io/apimachinery/pkg/util/sets"
"k8s.io/apiserver/pkg/audit"
"k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/endpoints/request"
"k8s.io/apiserver/pkg/features" "k8s.io/apiserver/pkg/features"
utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeature "k8s.io/apiserver/pkg/util/feature"
@ -232,6 +233,16 @@ const (
MutatingKind = "mutating" MutatingKind = "mutating"
) )
const (
// deprecatedAnnotationKey is a key for an audit annotation set to
// "true" on requests made to deprecated API versions
deprecatedAnnotationKey = "k8s.io/deprecated"
// removedReleaseAnnotationKey is a key for an audit annotation set to
// the target removal release, in "<major>.<minor>" format,
// on requests made to deprecated API versions with a target removal release
removedReleaseAnnotationKey = "k8s.io/removed-release"
)
var registerMetrics sync.Once var registerMetrics sync.Once
// Register all metrics. // Register all metrics.
@ -315,6 +326,10 @@ func MonitorRequest(req *http.Request, verb, group, version, resource, subresour
requestCounter.WithLabelValues(reportedVerb, dryRun, group, version, resource, subresource, scope, component, cleanContentType, codeToString(httpCode)).Inc() requestCounter.WithLabelValues(reportedVerb, dryRun, group, version, resource, subresource, scope, component, cleanContentType, codeToString(httpCode)).Inc()
if deprecated { if deprecated {
deprecatedRequestGauge.WithLabelValues(group, version, resource, subresource, removedRelease).Set(1) deprecatedRequestGauge.WithLabelValues(group, version, resource, subresource, removedRelease).Set(1)
audit.AddAuditAnnotation(req.Context(), deprecatedAnnotationKey, "true")
if len(removedRelease) > 0 {
audit.AddAuditAnnotation(req.Context(), removedReleaseAnnotationKey, removedRelease)
}
} }
requestLatencies.WithLabelValues(reportedVerb, dryRun, group, version, resource, subresource, scope, component).Observe(elapsedSeconds) requestLatencies.WithLabelValues(reportedVerb, dryRun, group, version, resource, subresource, scope, component).Observe(elapsedSeconds)
// We are only interested in response sizes of read requests. // We are only interested in response sizes of read requests.