Merge pull request #41425 from ncdc/shared-informers-10-serviceaccount

Automatic merge from submit-queue

Switch serviceaccounts controller to generated shared informers

Originally part of #40097 

cc @deads2k @sttts @liggitt @smarterclayton @gmarek @wojtek-t @timothysc @kubernetes/sig-scalability-pr-reviews

cmd/kube-controller-manager/app/core.go

@@ -136,8 +136,8 @@ func startNamespaceController(ctx ControllerContext) (bool, error) {
 
 func startServiceAccountController(ctx ControllerContext) (bool, error) {
 	go serviceaccountcontroller.NewServiceAccountsController(
-		ctx.InformerFactory.ServiceAccounts(),
+		ctx.NewInformerFactory.Core().V1().ServiceAccounts(),
-		ctx.InformerFactory.Namespaces(),
+		ctx.NewInformerFactory.Core().V1().Namespaces(),
 		ctx.ClientBuilder.ClientOrDie("service-account-controller"),
 		serviceaccountcontroller.DefaultServiceAccountsControllerOptions(),
 	).Run(1, ctx.Stop)

pkg/controller/serviceaccount/BUILD

@@ -21,9 +21,9 @@ go_library(
         "//pkg/api:go_default_library",
         "//pkg/api/v1:go_default_library",
         "//pkg/client/clientset_generated/clientset:go_default_library",
-        "//pkg/client/legacylisters:go_default_library",
+        "//pkg/client/informers/informers_generated/externalversions/core/v1:go_default_library",
+        "//pkg/client/listers/core/v1:go_default_library",
         "//pkg/client/retry:go_default_library",
-        "//pkg/controller/informers:go_default_library",
         "//pkg/registry/core/secret:go_default_library",
         "//pkg/registry/core/secret/storage:go_default_library",
         "//pkg/registry/core/serviceaccount:go_default_library",
@@ -62,9 +62,8 @@ go_test(
         "//pkg/api:go_default_library",
         "//pkg/api/v1:go_default_library",
         "//pkg/client/clientset_generated/clientset/fake:go_default_library",
-        "//pkg/client/legacylisters:go_default_library",
+        "//pkg/client/informers/informers_generated/externalversions:go_default_library",
         "//pkg/controller:go_default_library",
-        "//pkg/controller/informers:go_default_library",
         "//vendor:github.com/davecgh/go-spew/spew",
         "//vendor:github.com/golang/glog",
         "//vendor:k8s.io/apimachinery/pkg/api/errors",
@@ -74,7 +73,6 @@ go_test(
         "//vendor:k8s.io/apimachinery/pkg/util/rand",
         "//vendor:k8s.io/apimachinery/pkg/util/sets",
         "//vendor:k8s.io/client-go/testing",
-        "//vendor:k8s.io/client-go/tools/cache",
     ],
 )
 

pkg/controller/serviceaccount/serviceaccounts_controller.go

@@ -31,8 +31,8 @@ import (
 	"k8s.io/client-go/util/workqueue"
 	"k8s.io/kubernetes/pkg/api/v1"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/clientset"
-	"k8s.io/kubernetes/pkg/client/legacylisters"
+	coreinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/externalversions/core/v1"
-	"k8s.io/kubernetes/pkg/controller/informers"
+	corelisters "k8s.io/kubernetes/pkg/client/listers/core/v1"
 	"k8s.io/kubernetes/pkg/util/metrics"
 )
 
@@ -70,7 +70,7 @@ func DefaultServiceAccountsControllerOptions() ServiceAccountsControllerOptions
 }
 
 // NewServiceAccountsController returns a new *ServiceAccountsController.
-func NewServiceAccountsController(saInformer informers.ServiceAccountInformer, nsInformer informers.NamespaceInformer, cl clientset.Interface, options ServiceAccountsControllerOptions) *ServiceAccountsController {
+func NewServiceAccountsController(saInformer coreinformers.ServiceAccountInformer, nsInformer coreinformers.NamespaceInformer, cl clientset.Interface, options ServiceAccountsControllerOptions) *ServiceAccountsController {
 	e := &ServiceAccountsController{
 		client:                  cl,
 		serviceAccountsToEnsure: options.ServiceAccounts,
@@ -83,15 +83,15 @@ func NewServiceAccountsController(saInformer informers.ServiceAccountInformer, n
 	saInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
 		DeleteFunc: e.serviceAccountDeleted,
 	})
+	e.saLister = saInformer.Lister()
+	e.saListerSynced = saInformer.Informer().HasSynced
+
 	nsInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
 		AddFunc:    e.namespaceAdded,
 		UpdateFunc: e.namespaceUpdated,
 	})
-
-	e.saSynced = saInformer.Informer().HasSynced
-	e.saLister = saInformer.Lister()
-	e.nsSynced = nsInformer.Informer().HasSynced
 	e.nsLister = nsInformer.Lister()
+	e.nsListerSynced = nsInformer.Informer().HasSynced
 
 	e.syncHandler = e.syncNamespace
 
@@ -106,11 +106,11 @@ type ServiceAccountsController struct {
 	// To allow injection for testing.
 	syncHandler func(key string) error
 
-	saLister *listers.StoreToServiceAccountLister
+	saLister       corelisters.ServiceAccountLister
-	nsLister *listers.IndexerToNamespaceLister
+	saListerSynced cache.InformerSynced
 
-	saSynced cache.InformerSynced
+	nsLister       corelisters.NamespaceLister
-	nsSynced cache.InformerSynced
+	nsListerSynced cache.InformerSynced
 
 	queue workqueue.RateLimitingInterface
 }
@@ -121,7 +121,8 @@ func (c *ServiceAccountsController) Run(workers int, stopCh <-chan struct{}) {
 
 	glog.Infof("Starting ServiceAccount controller")
 
-	if !cache.WaitForCacheSync(stopCh, c.saSynced) {
+	if !cache.WaitForCacheSync(stopCh, c.saListerSynced, c.nsListerSynced) {
+		utilruntime.HandleError(fmt.Errorf("timed out waiting for caches to sync"))
 		return
 	}
 

pkg/controller/serviceaccount/serviceaccounts_controller_test.go

@@ -23,12 +23,10 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/sets"
 	core "k8s.io/client-go/testing"
-	"k8s.io/client-go/tools/cache"
 	"k8s.io/kubernetes/pkg/api/v1"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/clientset/fake"
-	"k8s.io/kubernetes/pkg/client/legacylisters"
+	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/externalversions"
 	"k8s.io/kubernetes/pkg/controller"
-	"k8s.io/kubernetes/pkg/controller/informers"
 )
 
 type serverResponse struct {
@@ -159,17 +157,25 @@ func TestServiceAccountCreation(t *testing.T) {
 
 	for k, tc := range testcases {
 		client := fake.NewSimpleClientset(defaultServiceAccount, managedServiceAccount)
-		informers := informers.NewSharedInformerFactory(fake.NewSimpleClientset(), nil, controller.NoResyncPeriodFunc())
+		informers := informers.NewSharedInformerFactory(fake.NewSimpleClientset(), controller.NoResyncPeriodFunc())
 		options := DefaultServiceAccountsControllerOptions()
 		options.ServiceAccounts = []v1.ServiceAccount{
 			{ObjectMeta: metav1.ObjectMeta{Name: defaultName}},
 			{ObjectMeta: metav1.ObjectMeta{Name: managedName}},
 		}
-		controller := NewServiceAccountsController(informers.ServiceAccounts(), informers.Namespaces(), client, options)
+		saInformer := informers.Core().V1().ServiceAccounts()
-		controller.saLister = &listers.StoreToServiceAccountLister{Indexer: cache.NewIndexer(cache.DeletionHandlingMetaNamespaceKeyFunc, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc})}
+		nsInformer := informers.Core().V1().Namespaces()
-		controller.nsLister = &listers.IndexerToNamespaceLister{Indexer: cache.NewIndexer(cache.DeletionHandlingMetaNamespaceKeyFunc, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc})}
+		controller := NewServiceAccountsController(
-		controller.saSynced = alwaysReady
+			saInformer,
-		controller.nsSynced = alwaysReady
+			nsInformer,
+			client,
+			options,
+		)
+		controller.saListerSynced = alwaysReady
+		controller.nsListerSynced = alwaysReady
+
+		saStore := saInformer.Informer().GetStore()
+		nsStore := nsInformer.Informer().GetStore()
 
 		syncCalls := make(chan struct{})
 		controller.syncHandler = func(key string) error {
@@ -186,18 +192,18 @@ func TestServiceAccountCreation(t *testing.T) {
 		go controller.Run(1, stopCh)
 
 		if tc.ExistingNamespace != nil {
-			controller.nsLister.Add(tc.ExistingNamespace)
+			nsStore.Add(tc.ExistingNamespace)
 		}
 		for _, s := range tc.ExistingServiceAccounts {
-			controller.saLister.Indexer.Add(s)
+			saStore.Add(s)
 		}
 
 		if tc.AddedNamespace != nil {
-			controller.nsLister.Add(tc.AddedNamespace)
+			nsStore.Add(tc.AddedNamespace)
 			controller.namespaceAdded(tc.AddedNamespace)
 		}
 		if tc.UpdatedNamespace != nil {
-			controller.nsLister.Add(tc.UpdatedNamespace)
+			nsStore.Add(tc.UpdatedNamespace)
 			controller.namespaceUpdated(nil, tc.UpdatedNamespace)
 		}
 		if tc.DeletedServiceAccount != nil {

test/integration/serviceaccount/service_account_test.go

@@ -47,8 +47,8 @@ import (
 	"k8s.io/kubernetes/pkg/api/v1"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/clientset"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
+	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/externalversions"
 	"k8s.io/kubernetes/pkg/controller"
-	"k8s.io/kubernetes/pkg/controller/informers"
 	serviceaccountcontroller "k8s.io/kubernetes/pkg/controller/serviceaccount"
 	"k8s.io/kubernetes/pkg/serviceaccount"
 	serviceaccountadmission "k8s.io/kubernetes/plugin/pkg/admission/serviceaccount"
@@ -420,8 +420,13 @@ func startServiceAccountTestServer(t *testing.T) (*clientset.Clientset, restclie
 	tokenController := serviceaccountcontroller.NewTokensController(rootClientset, serviceaccountcontroller.TokensControllerOptions{TokenGenerator: serviceaccount.JWTTokenGenerator(serviceAccountKey)})
 	go tokenController.Run(1, stopCh)
 
-	informers := informers.NewSharedInformerFactory(rootClientset, nil, controller.NoResyncPeriodFunc())
+	informers := informers.NewSharedInformerFactory(rootClientset, controller.NoResyncPeriodFunc())
-	serviceAccountController := serviceaccountcontroller.NewServiceAccountsController(informers.ServiceAccounts(), informers.Namespaces(), rootClientset, serviceaccountcontroller.DefaultServiceAccountsControllerOptions())
+	serviceAccountController := serviceaccountcontroller.NewServiceAccountsController(
+		informers.Core().V1().ServiceAccounts(),
+		informers.Core().V1().Namespaces(),
+		rootClientset,
+		serviceaccountcontroller.DefaultServiceAccountsControllerOptions(),
+	)
 	informers.Start(stopCh)
 	go serviceAccountController.Run(5, stopCh)
 	// Start the admission plugin reflectors