diff --git a/hack/update-gofmt.sh b/hack/update-gofmt.sh index c71fe71a020..83800c6eeed 100755 --- a/hack/update-gofmt.sh +++ b/hack/update-gofmt.sh @@ -34,11 +34,10 @@ find_files() { -o -wholename './_output' \ -o -wholename './_gopath' \ -o -wholename './release' \ - -o -wholename './staging' \ -o -wholename './target' \ -o -wholename '*/third_party/*' \ -o -wholename '*/vendor/*' \ - -o -wholename './staging' \ + -o -wholename './staging/src/k8s.io/client-go/*vendor/*' \ \) -prune \ \) -name '*.go' } diff --git a/hack/verify-gofmt.sh b/hack/verify-gofmt.sh index ee6e420ec22..af1b50675cc 100755 --- a/hack/verify-gofmt.sh +++ b/hack/verify-gofmt.sh @@ -42,7 +42,7 @@ find_files() { -o -wholename './target' \ -o -wholename '*/third_party/*' \ -o -wholename '*/vendor/*' \ - -o -wholename './staging' \ + -o -wholename './staging/src/k8s.io/client-go/*vendor/*' \ -o -wholename '*/bindata.go' \ \) -prune \ \) -name '*.go' diff --git a/hack/verify-pkg-names.sh b/hack/verify-pkg-names.sh index 75fda425365..79bb85f684f 100755 --- a/hack/verify-pkg-names.sh +++ b/hack/verify-pkg-names.sh @@ -26,7 +26,7 @@ source "${KUBE_ROOT}/hack/lib/init.sh" kube::golang::verify_go_version cd "${KUBE_ROOT}" -if git --no-pager grep -E $'^(import |\t)[a-z]+[A-Z_][a-zA-Z]* "[^"]+"$' -- '**/*.go' ':(exclude)vendor/*' ':(exclude)staging/*'; then +if git --no-pager grep -E $'^(import |\t)[a-z]+[A-Z_][a-zA-Z]* "[^"]+"$' -- '**/*.go' ':(exclude)vendor/*' ':(exclude)staging/src/k8s.io/client-go/*vendor/*'; then echo "!!! Some package aliases break go conventions." echo "To fix these errors, do not use capitalized or underlined characters" echo "in pkg aliases. Refer to https://blog.golang.org/package-names for more info." diff --git a/hack/verify-readonly-packages.sh b/hack/verify-readonly-packages.sh index 92d078b1262..babf558e80d 100755 --- a/hack/verify-readonly-packages.sh +++ b/hack/verify-readonly-packages.sh @@ -37,7 +37,8 @@ find_files() { -o -wholename './target' \ -o -wholename '*/third_party/*' \ -o -wholename '*/vendor/*' \ - -o -wholename './staging' \ + -o -wholename './staging/src/k8s.io/client-go/*vendor/*' \ + -o -wholename './staging/src/k8s.io/client-go/pkg/*' \ \) -prune \ \) -name '.readonly' } diff --git a/staging/src/k8s.io/apimachinery/pkg/api/testing/codec.go b/staging/src/k8s.io/apimachinery/pkg/api/testing/codec.go index 8ed8008a8bd..89375ffb4fb 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/testing/codec.go +++ b/staging/src/k8s.io/apimachinery/pkg/api/testing/codec.go @@ -17,18 +17,18 @@ limitations under the License. package testing import ( - "os" - "mime" "fmt" + "mime" + "os" "k8s.io/apimachinery/pkg/runtime" - runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/apimachinery/pkg/runtime/schema" + runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/apimachinery/pkg/runtime/serializer/recognizer" ) var ( - testCodecMediaType string + testCodecMediaType string testStorageCodecMediaType string ) diff --git a/staging/src/k8s.io/apimachinery/pkg/api/testing/valuefuzz_test.go b/staging/src/k8s.io/apimachinery/pkg/api/testing/valuefuzz_test.go index 50191e8c565..07dca80227d 100644 --- a/staging/src/k8s.io/apimachinery/pkg/api/testing/valuefuzz_test.go +++ b/staging/src/k8s.io/apimachinery/pkg/api/testing/valuefuzz_test.go @@ -27,17 +27,17 @@ func TestValueFuzz(t *testing.T) { U uint } X struct { - Ptr *X - Y Y - Map map[string]int + Ptr *X + Y Y + Map map[string]int Slice []int } ) x := X{ - Ptr: &X{}, - Map: map[string]int{"foo": 42}, - Slice: []int{1,2,3}, + Ptr: &X{}, + Map: map[string]int{"foo": 42}, + Slice: []int{1, 2, 3}, } p := x.Ptr diff --git a/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/register_test.go b/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/register_test.go index 151f99a0fb0..8a6fefa4173 100644 --- a/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/register_test.go +++ b/staging/src/k8s.io/apimachinery/pkg/apis/meta/internalversion/register_test.go @@ -49,8 +49,8 @@ func TestListOptions(t *testing.T) { // verify failing conversion for i, failingObject := range []*metav1.ListOptions{ - &metav1.ListOptions{LabelSelector: "a!!!"}, - &metav1.ListOptions{FieldSelector: "a!!!"}, + {LabelSelector: "a!!!"}, + {FieldSelector: "a!!!"}, } { out = &ListOptions{} if err := scheme.Convert(failingObject, out, nil); err == nil { diff --git a/staging/src/k8s.io/apimachinery/pkg/conversion/unstructured/converter_test.go b/staging/src/k8s.io/apimachinery/pkg/conversion/unstructured/converter_test.go index e51c08f3b90..b661cf2f28b 100644 --- a/staging/src/k8s.io/apimachinery/pkg/conversion/unstructured/converter_test.go +++ b/staging/src/k8s.io/apimachinery/pkg/conversion/unstructured/converter_test.go @@ -29,28 +29,28 @@ import ( // Definte a number of test types. type A struct { - A int `json:"aa,omitempty"` + A int `json:"aa,omitempty"` B string `json:"ab,omitempty"` - C bool `json:"ac,omitempty"` + C bool `json:"ac,omitempty"` } type B struct { - A A `json:"ba"` - B string `json:"bb"` + A A `json:"ba"` + B string `json:"bb"` C map[string]string `json:"bc"` - D []string `json:"bd"` + D []string `json:"bd"` } type C struct { - A []A `json:"ca"` - B B `json:",inline"` - C string `json:"cc"` - D *int64 `json:"cd"` + A []A `json:"ca"` + B B `json:",inline"` + C string `json:"cc"` + D *int64 `json:"cd"` E map[string]int `json:"ce"` - F []bool `json:"cf"` - G []int `json"cg"` - H float32 `json:ch"` - I []interface{} `json:"ci"` + F []bool `json:"cf"` + G []int `json"cg"` + H float32 `json:ch"` + I []interface{} `json:"ci"` } type D struct { @@ -62,15 +62,15 @@ type E struct { } type F struct { - A string `json:"fa"` + A string `json:"fa"` B map[string]string `json:"fb"` - C []A `json:"fc"` - D int `json:"fd"` - E float32 `json:"fe"` - F []string `json:"ff"` - G []int `json:"fg"` - H []bool `json:"fh"` - I []float32 `json:"fi"` + C []A `json:"fc"` + D int `json:"fd"` + E float32 `json:"fe"` + F []string `json:"ff"` + G []int `json:"fg"` + H []bool `json:"fh"` + I []float32 `json:"fi"` } // Implement runtime.Object to make types usable for tests. @@ -142,7 +142,7 @@ func doRoundTrip(t *testing.T, item runtime.Object) { func TestRoundTrip(t *testing.T) { intVal := int64(42) - testCases := []struct{ + testCases := []struct { obj runtime.Object }{ { @@ -250,10 +250,10 @@ func doUnrecognized(t *testing.T, jsonData string, item runtime.Object, expected } func TestUnrecognized(t *testing.T) { - testCases := []struct{ + testCases := []struct { data string obj runtime.Object - err error + err error }{ { data: "{\"da\":[3.0,\"3.0\",null]}", @@ -265,15 +265,15 @@ func TestUnrecognized(t *testing.T) { }, { data: "{\"ea\":[null,null,null]}", - obj: &E{}, + obj: &E{}, }, { data: "{\"ea\":[[],[null]]}", - obj: &E{}, + obj: &E{}, }, { data: "{\"ea\":{\"a\":[],\"b\":null}}", - obj: &E{}, + obj: &E{}, }, { data: "{\"fa\":\"fa\",\"fb\":{\"a\":\"a\"}}", diff --git a/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch.go b/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch.go index 5583daa3330..e81e4f23a80 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch.go +++ b/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch.go @@ -20,8 +20,8 @@ import ( "fmt" "reflect" - "k8s.io/apimachinery/pkg/util/json" "github.com/evanphx/json-patch" + "k8s.io/apimachinery/pkg/util/json" "k8s.io/apimachinery/pkg/util/mergepatch" ) diff --git a/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch_test.go b/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch_test.go index 49967151dd1..f462bf915f6 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch_test.go +++ b/staging/src/k8s.io/apimachinery/pkg/util/jsonmergepatch/patch_test.go @@ -21,9 +21,9 @@ import ( "reflect" "testing" + "github.com/davecgh/go-spew/spew" "github.com/evanphx/json-patch" "github.com/ghodss/yaml" - "github.com/davecgh/go-spew/spew" "k8s.io/apimachinery/pkg/util/json" ) @@ -32,9 +32,9 @@ type FilterNullTestCases struct { } type FilterNullTestCase struct { - Description string - OriginalObj map[string]interface{} - ExpectedWithNull map[string]interface{} + Description string + OriginalObj map[string]interface{} + ExpectedWithNull map[string]interface{} ExpectedWithoutNull map[string]interface{} } @@ -171,7 +171,6 @@ func TestKeepOrDeleteNullInObj(t *testing.T) { } } - type JSONMergePatchTestCases struct { TestCases []JSONMergePatchTestCase } @@ -622,10 +621,10 @@ func testPatchApplication(t *testing.T, original, patch, expected []byte, descri func threeWayTestCaseToJSONOrFail(t *testing.T, c JSONMergePatchTestCase) ([]byte, []byte, []byte, []byte, []byte) { return testObjectToJSONOrFail(t, c.Original), - testObjectToJSONOrFail(t, c.Modified), - testObjectToJSONOrFail(t, c.Current), - testObjectToJSONOrFail(t, c.ThreeWay), - testObjectToJSONOrFail(t, c.Result) + testObjectToJSONOrFail(t, c.Modified), + testObjectToJSONOrFail(t, c.Current), + testObjectToJSONOrFail(t, c.ThreeWay), + testObjectToJSONOrFail(t, c.Result) } func testObjectToJSONOrFail(t *testing.T, o map[string]interface{}) []byte { @@ -661,4 +660,4 @@ func jsonToYAML(j []byte) ([]byte, error) { return nil, fmt.Errorf("json to yaml failed: %v\n%v\n", err, j) } return y, nil -} \ No newline at end of file +} diff --git a/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go b/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go index 544108b6926..4b1f42de070 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go +++ b/staging/src/k8s.io/apimachinery/pkg/util/strategicpatch/patch.go @@ -23,8 +23,8 @@ import ( "strings" "k8s.io/apimachinery/pkg/util/json" - forkedjson "k8s.io/apimachinery/third_party/forked/golang/json" "k8s.io/apimachinery/pkg/util/mergepatch" + forkedjson "k8s.io/apimachinery/third_party/forked/golang/json" ) // An alternate implementation of JSON Merge Patch diff --git a/staging/src/k8s.io/apiserver/pkg/apis/example/fuzzer/fuzzer.go b/staging/src/k8s.io/apiserver/pkg/apis/example/fuzzer/fuzzer.go index 1dac46fd26a..1f62fbfc0b3 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/example/fuzzer/fuzzer.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/example/fuzzer/fuzzer.go @@ -22,8 +22,8 @@ import ( apitesting "k8s.io/apimachinery/pkg/api/testing" "k8s.io/apimachinery/pkg/runtime" runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" - examplev1 "k8s.io/apiserver/pkg/apis/example/v1" "k8s.io/apiserver/pkg/apis/example" + examplev1 "k8s.io/apiserver/pkg/apis/example/v1" ) // overrideGenericFuncs override some generic fuzzer funcs from k8s.io/apiserver in order to have more realistic diff --git a/staging/src/k8s.io/apiserver/pkg/apis/example/types.go b/staging/src/k8s.io/apiserver/pkg/apis/example/types.go index 7ce7358e391..340c0abebee 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/example/types.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/example/types.go @@ -21,10 +21,10 @@ import ( ) type ( - ConditionStatus string + ConditionStatus string PodConditionType string - PodPhase string - RestartPolicy string + PodPhase string + RestartPolicy string ) // Pod is a collection of containers, used as either input (create, update) or as output (list, get). diff --git a/staging/src/k8s.io/apiserver/pkg/apis/example/v1/defaults.go b/staging/src/k8s.io/apiserver/pkg/apis/example/v1/defaults.go index 7033ddc3d90..fa9baa0987b 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/example/v1/defaults.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/example/v1/defaults.go @@ -23,4 +23,3 @@ import ( func addDefaultingFuncs(scheme *runtime.Scheme) error { return nil } - diff --git a/staging/src/k8s.io/apiserver/pkg/apis/example/v1/types.go b/staging/src/k8s.io/apiserver/pkg/apis/example/v1/types.go index 412cfa4e4a8..0c706ac15da 100644 --- a/staging/src/k8s.io/apiserver/pkg/apis/example/v1/types.go +++ b/staging/src/k8s.io/apiserver/pkg/apis/example/v1/types.go @@ -21,10 +21,10 @@ import ( ) type ( - ConditionStatus string + ConditionStatus string PodConditionType string - PodPhase string - RestartPolicy string + PodPhase string + RestartPolicy string ) // Pod is a collection of containers, used as either input (create, update) or as output (list, get). diff --git a/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/x509_test.go b/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/x509_test.go index 20b49f80091..bdda2446408 100644 --- a/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/x509_test.go +++ b/staging/src/k8s.io/apiserver/pkg/authentication/request/x509/x509_test.go @@ -17,24 +17,24 @@ limitations under the License. package x509 import ( - "crypto/tls" - "crypto/x509" - "encoding/pem" - "errors" - "io/ioutil" - "net/http" - "reflect" - "sort" - "testing" - "time" + "crypto/tls" + "crypto/x509" + "encoding/pem" + "errors" + "io/ioutil" + "net/http" + "reflect" + "sort" + "testing" + "time" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apiserver/pkg/authentication/authenticator" - "k8s.io/apiserver/pkg/authentication/user" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apiserver/pkg/authentication/authenticator" + "k8s.io/apiserver/pkg/authentication/user" ) const ( - rootCACert = `-----BEGIN CERTIFICATE----- + rootCACert = `-----BEGIN CERTIFICATE----- MIIDOTCCAqKgAwIBAgIJAOoObf5kuGgZMA0GCSqGSIb3DQEBBQUAMGcxCzAJBgNV BAYTAlVTMREwDwYDVQQIEwhNeSBTdGF0ZTEQMA4GA1UEBxMHTXkgQ2l0eTEPMA0G A1UEChMGTXkgT3JnMRAwDgYDVQQLEwdNeSBVbml0MRAwDgYDVQQDEwdST09UIENB @@ -56,7 +56,7 @@ H9oc7u5zhTGXeV8WPg== -----END CERTIFICATE----- ` - selfSignedCert = `-----BEGIN CERTIFICATE----- + selfSignedCert = `-----BEGIN CERTIFICATE----- MIIDEzCCAnygAwIBAgIJAMaPaFbGgJN+MA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNV BAYTAlVTMREwDwYDVQQIEwhNeSBTdGF0ZTEQMA4GA1UEBxMHTXkgQ2l0eTEPMA0G A1UEChMGTXkgT3JnMRAwDgYDVQQLEwdNeSBVbml0MQ4wDAYDVQQDEwVzZWxmMTAe @@ -77,7 +77,7 @@ ze3kOoP+iWSmTySHMSKVMppp0Xnls6t38mrsXtPuY8fGD2GS6VllaizMqc3wShNK -----END CERTIFICATE----- ` - clientCNCert = `Certificate: + clientCNCert = `Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) @@ -151,7 +151,7 @@ AjARBglghkgBhvhCAQEEBAMCB4AwDQYJKoZIhvcNAQELBQADgYEACLy0gKU7vpp4 i5fmaPPBNzzBFCaQoN3TAjrpwp5Z0kQ= -----END CERTIFICATE-----` - clientDNSCert = `Certificate: + clientDNSCert = `Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) @@ -224,7 +224,7 @@ gGolrD3igQXkiStVY5otSto7xJdeGulvg7gFSty9q7CgddAetcWN8/aS8VLSgWf8 b3TuSTdzCLz1JoZn9YIE/9tan/lr3y/1dWHypZELBVZb6NE211Z67X3lXyoIh8JI -----END CERTIFICATE-----` - clientEmailCert = `Certificate: + clientEmailCert = `Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) @@ -299,7 +299,7 @@ BIaMiQ== -----END CERTIFICATE----- ` - serverCert = `Certificate: + serverCert = `Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) @@ -374,17 +374,17 @@ mFlG6tStAWz3TmydciZNdiEbeqHw5uaIYWj1zC5AdvFXBFue0ojIrJ5JtbTWccH9 -----END CERTIFICATE----- ` - /* - openssl genrsa -out ca.key 4096 - openssl req -new -x509 -days 36500 \ - -sha256 -key ca.key -extensions v3_ca \ - -out ca.crt \ - -subj "/C=US/ST=My State/L=My City/O=My Org/O=My Org 1/O=My Org 2/CN=ROOT CA WITH GROUPS" - openssl x509 -in ca.crt -text - */ + /* + openssl genrsa -out ca.key 4096 + openssl req -new -x509 -days 36500 \ + -sha256 -key ca.key -extensions v3_ca \ + -out ca.crt \ + -subj "/C=US/ST=My State/L=My City/O=My Org/O=My Org 1/O=My Org 2/CN=ROOT CA WITH GROUPS" + openssl x509 -in ca.crt -text + */ - // A certificate with multiple organizations. - caWithGroups = `Certificate: + // A certificate with multiple organizations. + caWithGroups = `Certificate: Data: Version: 3 (0x2) Serial Number: @@ -510,424 +510,424 @@ PKJQCs0CM0zkesktuLi/gFpuB0nEwyOgLg== ) func TestX509(t *testing.T) { - multilevelOpts := DefaultVerifyOptions() - multilevelOpts.Roots = x509.NewCertPool() - multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0]) + multilevelOpts := DefaultVerifyOptions() + multilevelOpts.Roots = x509.NewCertPool() + multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0]) - testCases := map[string]struct { - Insecure bool - Certs []*x509.Certificate + testCases := map[string]struct { + Insecure bool + Certs []*x509.Certificate - Opts x509.VerifyOptions - User UserConversion + Opts x509.VerifyOptions + User UserConversion - ExpectUserName string - ExpectGroups []string - ExpectOK bool - ExpectErr bool - }{ - "non-tls": { - Insecure: true, + ExpectUserName string + ExpectGroups []string + ExpectOK bool + ExpectErr bool + }{ + "non-tls": { + Insecure: true, - ExpectOK: false, - ExpectErr: false, - }, + ExpectOK: false, + ExpectErr: false, + }, - "tls, no certs": { - ExpectOK: false, - ExpectErr: false, - }, + "tls, no certs": { + ExpectOK: false, + ExpectErr: false, + }, - "self signed": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, selfSignedCert), - User: CommonNameUserConversion, + "self signed": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, selfSignedCert), + User: CommonNameUserConversion, - ExpectErr: true, - }, + ExpectErr: true, + }, - "server cert": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, serverCert), - User: CommonNameUserConversion, + "server cert": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, serverCert), + User: CommonNameUserConversion, - ExpectErr: true, - }, - "server cert allowing non-client cert usages": { - Opts: x509.VerifyOptions{Roots: getRootCertPool(t)}, - Certs: getCerts(t, serverCert), - User: CommonNameUserConversion, + ExpectErr: true, + }, + "server cert allowing non-client cert usages": { + Opts: x509.VerifyOptions{Roots: getRootCertPool(t)}, + Certs: getCerts(t, serverCert), + User: CommonNameUserConversion, - ExpectUserName: "127.0.0.1", - ExpectGroups: []string{"My Org"}, - ExpectOK: true, - ExpectErr: false, - }, + ExpectUserName: "127.0.0.1", + ExpectGroups: []string{"My Org"}, + ExpectOK: true, + ExpectErr: false, + }, - "common name": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientCNCert), - User: CommonNameUserConversion, + "common name": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientCNCert), + User: CommonNameUserConversion, - ExpectUserName: "client_cn", - ExpectGroups: []string{"My Org"}, - ExpectOK: true, - ExpectErr: false, - }, - "ca with multiple organizations": { - Opts: x509.VerifyOptions{ - Roots: getRootCertPoolFor(t, caWithGroups), - }, - Certs: getCerts(t, caWithGroups), - User: CommonNameUserConversion, + ExpectUserName: "client_cn", + ExpectGroups: []string{"My Org"}, + ExpectOK: true, + ExpectErr: false, + }, + "ca with multiple organizations": { + Opts: x509.VerifyOptions{ + Roots: getRootCertPoolFor(t, caWithGroups), + }, + Certs: getCerts(t, caWithGroups), + User: CommonNameUserConversion, - ExpectUserName: "ROOT CA WITH GROUPS", - ExpectGroups: []string{"My Org", "My Org 1", "My Org 2"}, - ExpectOK: true, - ExpectErr: false, - }, - "empty dns": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientCNCert), - User: DNSNameUserConversion, + ExpectUserName: "ROOT CA WITH GROUPS", + ExpectGroups: []string{"My Org", "My Org 1", "My Org 2"}, + ExpectOK: true, + ExpectErr: false, + }, + "empty dns": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientCNCert), + User: DNSNameUserConversion, - ExpectOK: false, - ExpectErr: false, - }, - "dns": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientDNSCert), - User: DNSNameUserConversion, + ExpectOK: false, + ExpectErr: false, + }, + "dns": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientDNSCert), + User: DNSNameUserConversion, - ExpectUserName: "client_dns.example.com", - ExpectOK: true, - ExpectErr: false, - }, + ExpectUserName: "client_dns.example.com", + ExpectOK: true, + ExpectErr: false, + }, - "empty email": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientCNCert), - User: EmailAddressUserConversion, + "empty email": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientCNCert), + User: EmailAddressUserConversion, - ExpectOK: false, - ExpectErr: false, - }, - "email": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientEmailCert), - User: EmailAddressUserConversion, + ExpectOK: false, + ExpectErr: false, + }, + "email": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientEmailCert), + User: EmailAddressUserConversion, - ExpectUserName: "client_email@example.com", - ExpectOK: true, - ExpectErr: false, - }, + ExpectUserName: "client_email@example.com", + ExpectOK: true, + ExpectErr: false, + }, - "custom conversion error": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientCNCert), - User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) { - return nil, false, errors.New("custom error") - }), + "custom conversion error": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientCNCert), + User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) { + return nil, false, errors.New("custom error") + }), - ExpectOK: false, - ExpectErr: true, - }, - "custom conversion success": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientCNCert), - User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) { - return &user.DefaultInfo{Name: "custom"}, true, nil - }), + ExpectOK: false, + ExpectErr: true, + }, + "custom conversion success": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientCNCert), + User: UserConversionFunc(func(chain []*x509.Certificate) (user.Info, bool, error) { + return &user.DefaultInfo{Name: "custom"}, true, nil + }), - ExpectUserName: "custom", - ExpectOK: true, - ExpectErr: false, - }, + ExpectUserName: "custom", + ExpectOK: true, + ExpectErr: false, + }, - "future cert": { - Opts: x509.VerifyOptions{ - CurrentTime: time.Now().Add(time.Duration(-100 * time.Hour * 24 * 365)), - Roots: getRootCertPool(t), - }, - Certs: getCerts(t, clientCNCert), - User: CommonNameUserConversion, + "future cert": { + Opts: x509.VerifyOptions{ + CurrentTime: time.Now().Add(time.Duration(-100 * time.Hour * 24 * 365)), + Roots: getRootCertPool(t), + }, + Certs: getCerts(t, clientCNCert), + User: CommonNameUserConversion, - ExpectOK: false, - ExpectErr: true, - }, - "expired cert": { - Opts: x509.VerifyOptions{ - CurrentTime: time.Now().Add(time.Duration(100 * time.Hour * 24 * 365)), - Roots: getRootCertPool(t), - }, - Certs: getCerts(t, clientCNCert), - User: CommonNameUserConversion, + ExpectOK: false, + ExpectErr: true, + }, + "expired cert": { + Opts: x509.VerifyOptions{ + CurrentTime: time.Now().Add(time.Duration(100 * time.Hour * 24 * 365)), + Roots: getRootCertPool(t), + }, + Certs: getCerts(t, clientCNCert), + User: CommonNameUserConversion, - ExpectOK: false, - ExpectErr: true, - }, + ExpectOK: false, + ExpectErr: true, + }, - "multi-level, valid": { - Opts: multilevelOpts, - Certs: getCertsFromFile(t, "client-valid", "intermediate"), - User: CommonNameUserConversion, + "multi-level, valid": { + Opts: multilevelOpts, + Certs: getCertsFromFile(t, "client-valid", "intermediate"), + User: CommonNameUserConversion, - ExpectUserName: "My Client", - ExpectOK: true, - ExpectErr: false, - }, - "multi-level, expired": { - Opts: multilevelOpts, - Certs: getCertsFromFile(t, "client-expired", "intermediate"), - User: CommonNameUserConversion, + ExpectUserName: "My Client", + ExpectOK: true, + ExpectErr: false, + }, + "multi-level, expired": { + Opts: multilevelOpts, + Certs: getCertsFromFile(t, "client-expired", "intermediate"), + User: CommonNameUserConversion, - ExpectOK: false, - ExpectErr: true, - }, - } + ExpectOK: false, + ExpectErr: true, + }, + } - for k, testCase := range testCases { - req, _ := http.NewRequest("GET", "/", nil) - if !testCase.Insecure { - req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs} - } + for k, testCase := range testCases { + req, _ := http.NewRequest("GET", "/", nil) + if !testCase.Insecure { + req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs} + } - a := New(testCase.Opts, testCase.User) + a := New(testCase.Opts, testCase.User) - user, ok, err := a.AuthenticateRequest(req) + user, ok, err := a.AuthenticateRequest(req) - if testCase.ExpectErr && err == nil { - t.Errorf("%s: Expected error, got none", k) - continue - } - if !testCase.ExpectErr && err != nil { - t.Errorf("%s: Got unexpected error: %v", k, err) - continue - } + if testCase.ExpectErr && err == nil { + t.Errorf("%s: Expected error, got none", k) + continue + } + if !testCase.ExpectErr && err != nil { + t.Errorf("%s: Got unexpected error: %v", k, err) + continue + } - if testCase.ExpectOK != ok { - t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok) - continue - } + if testCase.ExpectOK != ok { + t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok) + continue + } - if testCase.ExpectOK { - if testCase.ExpectUserName != user.GetName() { - t.Errorf("%s: Expected user.name=%v, got %v", k, testCase.ExpectUserName, user.GetName()) - } + if testCase.ExpectOK { + if testCase.ExpectUserName != user.GetName() { + t.Errorf("%s: Expected user.name=%v, got %v", k, testCase.ExpectUserName, user.GetName()) + } - groups := user.GetGroups() - sort.Strings(testCase.ExpectGroups) - sort.Strings(groups) - if !reflect.DeepEqual(testCase.ExpectGroups, groups) { - t.Errorf("%s: Expected user.groups=%v, got %v", k, testCase.ExpectGroups, groups) - } - } - } + groups := user.GetGroups() + sort.Strings(testCase.ExpectGroups) + sort.Strings(groups) + if !reflect.DeepEqual(testCase.ExpectGroups, groups) { + t.Errorf("%s: Expected user.groups=%v, got %v", k, testCase.ExpectGroups, groups) + } + } + } } func TestX509Verifier(t *testing.T) { - multilevelOpts := DefaultVerifyOptions() - multilevelOpts.Roots = x509.NewCertPool() - multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0]) + multilevelOpts := DefaultVerifyOptions() + multilevelOpts.Roots = x509.NewCertPool() + multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0]) - testCases := map[string]struct { - Insecure bool - Certs []*x509.Certificate + testCases := map[string]struct { + Insecure bool + Certs []*x509.Certificate - Opts x509.VerifyOptions + Opts x509.VerifyOptions - AllowedCNs sets.String + AllowedCNs sets.String - ExpectOK bool - ExpectErr bool - }{ - "non-tls": { - Insecure: true, + ExpectOK bool + ExpectErr bool + }{ + "non-tls": { + Insecure: true, - ExpectOK: false, - ExpectErr: false, - }, + ExpectOK: false, + ExpectErr: false, + }, - "tls, no certs": { - ExpectOK: false, - ExpectErr: false, - }, + "tls, no certs": { + ExpectOK: false, + ExpectErr: false, + }, - "self signed": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, selfSignedCert), + "self signed": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, selfSignedCert), - ExpectErr: true, - }, + ExpectErr: true, + }, - "server cert disallowed": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, serverCert), + "server cert disallowed": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, serverCert), - ExpectErr: true, - }, - "server cert allowing non-client cert usages": { - Opts: x509.VerifyOptions{Roots: getRootCertPool(t)}, - Certs: getCerts(t, serverCert), + ExpectErr: true, + }, + "server cert allowing non-client cert usages": { + Opts: x509.VerifyOptions{Roots: getRootCertPool(t)}, + Certs: getCerts(t, serverCert), - ExpectOK: true, - ExpectErr: false, - }, + ExpectOK: true, + ExpectErr: false, + }, - "valid client cert": { - Opts: getDefaultVerifyOptions(t), - Certs: getCerts(t, clientCNCert), + "valid client cert": { + Opts: getDefaultVerifyOptions(t), + Certs: getCerts(t, clientCNCert), - ExpectOK: true, - ExpectErr: false, - }, - "valid client cert with wrong CN": { - Opts: getDefaultVerifyOptions(t), - AllowedCNs: sets.NewString("foo", "bar"), - Certs: getCerts(t, clientCNCert), + ExpectOK: true, + ExpectErr: false, + }, + "valid client cert with wrong CN": { + Opts: getDefaultVerifyOptions(t), + AllowedCNs: sets.NewString("foo", "bar"), + Certs: getCerts(t, clientCNCert), - ExpectOK: false, - ExpectErr: true, - }, - "valid client cert with right CN": { - Opts: getDefaultVerifyOptions(t), - AllowedCNs: sets.NewString("client_cn"), - Certs: getCerts(t, clientCNCert), + ExpectOK: false, + ExpectErr: true, + }, + "valid client cert with right CN": { + Opts: getDefaultVerifyOptions(t), + AllowedCNs: sets.NewString("client_cn"), + Certs: getCerts(t, clientCNCert), - ExpectOK: true, - ExpectErr: false, - }, + ExpectOK: true, + ExpectErr: false, + }, - "future cert": { - Opts: x509.VerifyOptions{ - CurrentTime: time.Now().Add(-100 * time.Hour * 24 * 365), - Roots: getRootCertPool(t), - }, - Certs: getCerts(t, clientCNCert), + "future cert": { + Opts: x509.VerifyOptions{ + CurrentTime: time.Now().Add(-100 * time.Hour * 24 * 365), + Roots: getRootCertPool(t), + }, + Certs: getCerts(t, clientCNCert), - ExpectOK: false, - ExpectErr: true, - }, - "expired cert": { - Opts: x509.VerifyOptions{ - CurrentTime: time.Now().Add(100 * time.Hour * 24 * 365), - Roots: getRootCertPool(t), - }, - Certs: getCerts(t, clientCNCert), + ExpectOK: false, + ExpectErr: true, + }, + "expired cert": { + Opts: x509.VerifyOptions{ + CurrentTime: time.Now().Add(100 * time.Hour * 24 * 365), + Roots: getRootCertPool(t), + }, + Certs: getCerts(t, clientCNCert), - ExpectOK: false, - ExpectErr: true, - }, + ExpectOK: false, + ExpectErr: true, + }, - "multi-level, valid": { - Opts: multilevelOpts, - Certs: getCertsFromFile(t, "client-valid", "intermediate"), + "multi-level, valid": { + Opts: multilevelOpts, + Certs: getCertsFromFile(t, "client-valid", "intermediate"), - ExpectOK: true, - ExpectErr: false, - }, - "multi-level, expired": { - Opts: multilevelOpts, - Certs: getCertsFromFile(t, "client-expired", "intermediate"), + ExpectOK: true, + ExpectErr: false, + }, + "multi-level, expired": { + Opts: multilevelOpts, + Certs: getCertsFromFile(t, "client-expired", "intermediate"), - ExpectOK: false, - ExpectErr: true, - }, - } + ExpectOK: false, + ExpectErr: true, + }, + } - for k, testCase := range testCases { - req, _ := http.NewRequest("GET", "/", nil) - if !testCase.Insecure { - req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs} - } + for k, testCase := range testCases { + req, _ := http.NewRequest("GET", "/", nil) + if !testCase.Insecure { + req.TLS = &tls.ConnectionState{PeerCertificates: testCase.Certs} + } - authCall := false - auth := authenticator.RequestFunc(func(req *http.Request) (user.Info, bool, error) { - authCall = true - return &user.DefaultInfo{Name: "innerauth"}, true, nil - }) + authCall := false + auth := authenticator.RequestFunc(func(req *http.Request) (user.Info, bool, error) { + authCall = true + return &user.DefaultInfo{Name: "innerauth"}, true, nil + }) - a := NewVerifier(testCase.Opts, auth, testCase.AllowedCNs) + a := NewVerifier(testCase.Opts, auth, testCase.AllowedCNs) - user, ok, err := a.AuthenticateRequest(req) + user, ok, err := a.AuthenticateRequest(req) - if testCase.ExpectErr && err == nil { - t.Errorf("%s: Expected error, got none", k) - continue - } - if !testCase.ExpectErr && err != nil { - t.Errorf("%s: Got unexpected error: %v", k, err) - continue - } + if testCase.ExpectErr && err == nil { + t.Errorf("%s: Expected error, got none", k) + continue + } + if !testCase.ExpectErr && err != nil { + t.Errorf("%s: Got unexpected error: %v", k, err) + continue + } - if testCase.ExpectOK != ok { - t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok) - continue - } + if testCase.ExpectOK != ok { + t.Errorf("%s: Expected ok=%v, got %v", k, testCase.ExpectOK, ok) + continue + } - if testCase.ExpectOK { - if !authCall { - t.Errorf("%s: Expected inner auth called, wasn't", k) - continue - } - if "innerauth" != user.GetName() { - t.Errorf("%s: Expected user.name=%v, got %v", k, "innerauth", user.GetName()) - continue - } - } else { - if authCall { - t.Errorf("%s: Expected inner auth not to be called, was", k) - continue - } - } - } + if testCase.ExpectOK { + if !authCall { + t.Errorf("%s: Expected inner auth called, wasn't", k) + continue + } + if "innerauth" != user.GetName() { + t.Errorf("%s: Expected user.name=%v, got %v", k, "innerauth", user.GetName()) + continue + } + } else { + if authCall { + t.Errorf("%s: Expected inner auth not to be called, was", k) + continue + } + } + } } func getDefaultVerifyOptions(t *testing.T) x509.VerifyOptions { - options := DefaultVerifyOptions() - options.Roots = getRootCertPool(t) - return options + options := DefaultVerifyOptions() + options.Roots = getRootCertPool(t) + return options } func getRootCertPool(t *testing.T) *x509.CertPool { - return getRootCertPoolFor(t, rootCACert) + return getRootCertPoolFor(t, rootCACert) } func getRootCertPoolFor(t *testing.T, certs ...string) *x509.CertPool { - pool := x509.NewCertPool() - for _, cert := range certs { - pool.AddCert(getCert(t, cert)) - } - return pool + pool := x509.NewCertPool() + for _, cert := range certs { + pool.AddCert(getCert(t, cert)) + } + return pool } func getCertsFromFile(t *testing.T, names ...string) []*x509.Certificate { - certs := []*x509.Certificate{} - for _, name := range names { - filename := "testdata/" + name + ".pem" - data, err := ioutil.ReadFile(filename) - if err != nil { - t.Fatalf("error reading %s: %v", filename, err) - } - certs = append(certs, getCert(t, string(data))) - } - return certs + certs := []*x509.Certificate{} + for _, name := range names { + filename := "testdata/" + name + ".pem" + data, err := ioutil.ReadFile(filename) + if err != nil { + t.Fatalf("error reading %s: %v", filename, err) + } + certs = append(certs, getCert(t, string(data))) + } + return certs } func getCert(t *testing.T, pemData string) *x509.Certificate { - pemBlock, _ := pem.Decode([]byte(pemData)) - cert, err := x509.ParseCertificate(pemBlock.Bytes) - if err != nil { - t.Fatalf("Error parsing cert: %v", err) - return nil - } - return cert + pemBlock, _ := pem.Decode([]byte(pemData)) + cert, err := x509.ParseCertificate(pemBlock.Bytes) + if err != nil { + t.Fatalf("Error parsing cert: %v", err) + return nil + } + return cert } func getCerts(t *testing.T, pemData ...string) []*x509.Certificate { - certs := []*x509.Certificate{} - for _, pemData := range pemData { - certs = append(certs, getCert(t, pemData)) - } - return certs + certs := []*x509.Certificate{} + for _, pemData := range pemData { + certs = append(certs, getCert(t, pemData)) + } + return certs } diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go index f627fac05c9..55571975068 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/apiserver_test.go @@ -54,9 +54,9 @@ import ( "k8s.io/apiserver/pkg/apis/example" examplefuzzer "k8s.io/apiserver/pkg/apis/example/fuzzer" examplev1 "k8s.io/apiserver/pkg/apis/example/v1" - "k8s.io/apiserver/pkg/endpoints/request" genericapifilters "k8s.io/apiserver/pkg/endpoints/filters" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" + "k8s.io/apiserver/pkg/endpoints/request" genericapitesting "k8s.io/apiserver/pkg/endpoints/testing" "k8s.io/apiserver/pkg/registry/rest" "k8s.io/kubernetes/plugin/pkg/admission/admit" diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/discovery.go b/staging/src/k8s.io/apiserver/pkg/endpoints/discovery.go index 3121d5fd85b..77b7debd399 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/discovery.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/discovery.go @@ -27,8 +27,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apiserver/pkg/endpoints/handlers/negotiation" "k8s.io/apiserver/pkg/endpoints/handlers" + "k8s.io/apiserver/pkg/endpoints/handlers/negotiation" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" ) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/audit.go b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/audit.go index 35484298395..e920a620623 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/audit.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/audit.go @@ -30,9 +30,9 @@ import ( "github.com/pborman/uuid" utilnet "k8s.io/apimachinery/pkg/util/net" + "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/apiserver/pkg/endpoints/request" authenticationapi "k8s.io/client-go/pkg/apis/authentication" - "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" ) var _ http.ResponseWriter = &auditResponseWriter{} diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go index 0d9292cc608..90599fe3e9a 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization.go @@ -23,8 +23,8 @@ import ( "github.com/golang/glog" "k8s.io/apiserver/pkg/authorization/authorizer" - "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" + "k8s.io/apiserver/pkg/endpoints/request" ) // WithAuthorizationCheck passes all authorized requests on to handler, and returns a forbidden error otherwise. diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization_test.go index b60ba76a034..cc6c11a225b 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization_test.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/authorization_test.go @@ -24,9 +24,9 @@ import ( "testing" "k8s.io/apiserver/pkg/authorization/authorizer" + "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/kubernetes/pkg/apis/batch" - "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" ) func TestGetAuthorizerAttributes(t *testing.T) { diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go index 6c6164e0b2a..b1ffca9045e 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/impersonation.go @@ -27,11 +27,11 @@ import ( "k8s.io/apiserver/pkg/authentication/serviceaccount" "k8s.io/apiserver/pkg/authentication/user" "k8s.io/apiserver/pkg/authorization/authorizer" + "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/server/httplog" "k8s.io/client-go/pkg/api" authenticationapi "k8s.io/client-go/pkg/apis/authentication" - "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" ) // WithImpersonation is a filter that will inspect and check requests that attempt to change the user.Info for their requests diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/requestinfo.go b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/requestinfo.go index 887fc953498..52823f87a39 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/filters/requestinfo.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/filters/requestinfo.go @@ -21,8 +21,8 @@ import ( "fmt" "net/http" - "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" + "k8s.io/apiserver/pkg/endpoints/request" ) // WithRequestInfo attaches a RequestInfo to the context. diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go b/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go index ca102660fd6..52636c3957a 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/groupversion.go @@ -30,8 +30,8 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" utilerrors "k8s.io/apimachinery/pkg/util/errors" "k8s.io/apiserver/pkg/admission" - "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/endpoints/handlers" + "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/registry/rest" ) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go index 32f8a13f594..fa8b1b16bfa 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/proxy.go @@ -32,12 +32,12 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/httpstream" "k8s.io/apimachinery/pkg/util/net" + "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" "k8s.io/apiserver/pkg/endpoints/metrics" "k8s.io/apiserver/pkg/endpoints/request" + "k8s.io/apiserver/pkg/registry/rest" "k8s.io/apiserver/pkg/server/httplog" proxyutil "k8s.io/apiserver/pkg/util/proxy" - "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" - "k8s.io/apiserver/pkg/registry/rest" "github.com/golang/glog" ) diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/writers.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/writers.go index 5ec764b0254..13af2505a81 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/writers.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/responsewriters/writers.go @@ -27,9 +27,9 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apiserver/pkg/endpoints/handlers/negotiation" + "k8s.io/apiserver/pkg/registry/rest" "k8s.io/apiserver/pkg/util/flushwriter" "k8s.io/apiserver/pkg/util/wsstream" - "k8s.io/apiserver/pkg/registry/rest" ) // WriteObject renders a returned runtime.Object to the response as a stream or an encoded object. If the object diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go index c1fdeeb602f..280729c6261 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest.go @@ -38,15 +38,15 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/mergepatch" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/strategicpatch" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/endpoints/handlers/negotiation" - "k8s.io/apiserver/pkg/endpoints/request" - utiltrace "k8s.io/apiserver/pkg/util/trace" "k8s.io/apiserver/pkg/endpoints/handlers/responsewriters" + "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/registry/rest" + utiltrace "k8s.io/apiserver/pkg/util/trace" ) // ContextFunc returns a Context given a request - a context must be returned diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go index 619b8bb2f97..cf7e317f1ea 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/rest_test.go @@ -35,10 +35,10 @@ import ( "k8s.io/apimachinery/pkg/util/diff" "k8s.io/apimachinery/pkg/util/strategicpatch" "k8s.io/apiserver/pkg/endpoints/request" + "k8s.io/apiserver/pkg/registry/rest" "k8s.io/kubernetes/pkg/api" "k8s.io/kubernetes/pkg/api/testapi" "k8s.io/kubernetes/pkg/api/v1" - "k8s.io/apiserver/pkg/registry/rest" ) type testPatchType struct { diff --git a/staging/src/k8s.io/apiserver/pkg/features/kube_features.go b/staging/src/k8s.io/apiserver/pkg/features/kube_features.go index ff624bb9721..8ab10fa200c 100644 --- a/staging/src/k8s.io/apiserver/pkg/features/kube_features.go +++ b/staging/src/k8s.io/apiserver/pkg/features/kube_features.go @@ -43,5 +43,5 @@ func init() { // To add a new feature, define a key for it above and add it here. The features will be // available throughout Kubernetes binaries. var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureSpec{ - StreamingProxyRedirects: {Default: true, PreRelease: utilfeature.Beta}, + StreamingProxyRedirects: {Default: true, PreRelease: utilfeature.Beta}, } diff --git a/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/storage_factory.go b/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/storage_factory.go index 2e741e12356..417bbbbcd0a 100644 --- a/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/storage_factory.go +++ b/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/storage_factory.go @@ -18,11 +18,11 @@ package registry import ( "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/registry/generic" "k8s.io/apiserver/pkg/storage" etcdstorage "k8s.io/apiserver/pkg/storage/etcd" "k8s.io/apiserver/pkg/storage/storagebackend" "k8s.io/apiserver/pkg/storage/storagebackend/factory" - "k8s.io/apiserver/pkg/registry/generic" ) var _ generic.StorageDecorator = StorageWithCacher diff --git a/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store.go b/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store.go index fe32388908e..0f3e0fa5113 100644 --- a/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store.go +++ b/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store.go @@ -36,10 +36,10 @@ import ( "k8s.io/apimachinery/pkg/util/validation/field" "k8s.io/apimachinery/pkg/watch" genericapirequest "k8s.io/apiserver/pkg/endpoints/request" - "k8s.io/apiserver/pkg/storage" - storeerr "k8s.io/apiserver/pkg/storage/errors" "k8s.io/apiserver/pkg/registry/generic" "k8s.io/apiserver/pkg/registry/rest" + "k8s.io/apiserver/pkg/storage" + storeerr "k8s.io/apiserver/pkg/storage/errors" "github.com/golang/glog" ) diff --git a/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store_test.go b/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store_test.go index 16a799ec966..005917cff45 100644 --- a/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store_test.go +++ b/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store_test.go @@ -42,14 +42,14 @@ import ( "k8s.io/apiserver/pkg/apis/example" examplev1 "k8s.io/apiserver/pkg/apis/example/v1" genericapirequest "k8s.io/apiserver/pkg/endpoints/request" + "k8s.io/apiserver/pkg/registry/generic" + "k8s.io/apiserver/pkg/registry/rest" "k8s.io/apiserver/pkg/storage" etcdstorage "k8s.io/apiserver/pkg/storage/etcd" etcdtesting "k8s.io/apiserver/pkg/storage/etcd/testing" "k8s.io/apiserver/pkg/storage/names" "k8s.io/apiserver/pkg/storage/storagebackend/factory" storagetesting "k8s.io/apiserver/pkg/storage/testing" - "k8s.io/apiserver/pkg/registry/generic" - "k8s.io/apiserver/pkg/registry/rest" ) var scheme = runtime.NewScheme() diff --git a/staging/src/k8s.io/apiserver/pkg/server/filters/maxinflight_test.go b/staging/src/k8s.io/apiserver/pkg/server/filters/maxinflight_test.go index 8793143f92a..eb5debfbaa1 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/filters/maxinflight_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/filters/maxinflight_test.go @@ -26,8 +26,8 @@ import ( "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/util/sets" - apirequest "k8s.io/apiserver/pkg/endpoints/request" apifilters "k8s.io/apiserver/pkg/endpoints/filters" + apirequest "k8s.io/apiserver/pkg/endpoints/request" ) func createMaxInflightServer(callsWg, blockWg *sync.WaitGroup, disableCallsWg *bool, disableCallsWgMutex *sync.Mutex, nonMutating, mutating int) *httptest.Server { diff --git a/staging/src/k8s.io/apiserver/pkg/server/openapi/openapi.go b/staging/src/k8s.io/apiserver/pkg/server/openapi/openapi.go index d1c487a260c..258347f3ae2 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/openapi/openapi.go +++ b/staging/src/k8s.io/apiserver/pkg/server/openapi/openapi.go @@ -27,8 +27,8 @@ import ( "k8s.io/apimachinery/pkg/openapi" "k8s.io/apimachinery/pkg/util/json" - "k8s.io/apiserver/pkg/util/trie" genericmux "k8s.io/apiserver/pkg/server/mux" + "k8s.io/apiserver/pkg/util/trie" ) const ( diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/etcd.go b/staging/src/k8s.io/apiserver/pkg/server/options/etcd.go index f0c83c0b4c0..955864b35ab 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/etcd.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/etcd.go @@ -44,7 +44,7 @@ type EtcdOptions struct { func NewEtcdOptions(backendConfig *storagebackend.Config) *EtcdOptions { return &EtcdOptions{ - StorageConfig: *backendConfig, + StorageConfig: *backendConfig, DefaultStorageMediaType: "application/json", DeleteCollectionWorkers: 1, EnableGarbageCollection: true, @@ -135,7 +135,7 @@ func (f *simpleRestOptionsFactory) GetRESTOptions(resource schema.GroupResource) } type storageFactoryRestOptionsFactory struct { - Options EtcdOptions + Options EtcdOptions StorageFactory serverstorage.StorageFactory } diff --git a/staging/src/k8s.io/apiserver/pkg/server/routes/metrics.go b/staging/src/k8s.io/apiserver/pkg/server/routes/metrics.go index 39aff023220..541362cdc04 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/routes/metrics.go +++ b/staging/src/k8s.io/apiserver/pkg/server/routes/metrics.go @@ -21,8 +21,8 @@ import ( "net/http" apimetrics "k8s.io/apiserver/pkg/endpoints/metrics" - etcdmetrics "k8s.io/apiserver/pkg/storage/etcd/metrics" "k8s.io/apiserver/pkg/server/mux" + etcdmetrics "k8s.io/apiserver/pkg/storage/etcd/metrics" "github.com/prometheus/client_golang/prometheus" ) diff --git a/staging/src/k8s.io/apiserver/pkg/server/routes/swaggerui.go b/staging/src/k8s.io/apiserver/pkg/server/routes/swaggerui.go index 13f3a6166f4..c59f68242cd 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/routes/swaggerui.go +++ b/staging/src/k8s.io/apiserver/pkg/server/routes/swaggerui.go @@ -21,8 +21,8 @@ import ( assetfs "github.com/elazarl/go-bindata-assetfs" - "k8s.io/apiserver/pkg/server/routes/data/swagger" "k8s.io/apiserver/pkg/server/mux" + "k8s.io/apiserver/pkg/server/routes/data/swagger" ) // SwaggerUI exposes files in third_party/swagger-ui/ under /swagger-ui. diff --git a/staging/src/k8s.io/apiserver/pkg/server/storage/storage_factory_test.go b/staging/src/k8s.io/apiserver/pkg/server/storage/storage_factory_test.go index 3839c842d8e..bb881fd5cbc 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/storage/storage_factory_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/storage/storage_factory_test.go @@ -23,21 +23,21 @@ import ( "k8s.io/apimachinery/pkg/apimachinery/announced" "k8s.io/apimachinery/pkg/apimachinery/registered" - exampleinstall "k8s.io/apiserver/pkg/apis/example/install" - "k8s.io/apiserver/pkg/storage/storagebackend" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/apiserver/pkg/apis/example" + exampleinstall "k8s.io/apiserver/pkg/apis/example/install" examplev1 "k8s.io/apiserver/pkg/apis/example/v1" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/storage/storagebackend" ) var ( v1GroupVersion = schema.GroupVersion{Group: "", Version: "v1"} - registry = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS")) - announce = make(announced.APIGroupFactoryRegistry) + registry = registered.NewOrDie(os.Getenv("KUBE_API_VERSIONS")) + announce = make(announced.APIGroupFactoryRegistry) scheme = runtime.NewScheme() codecs = serializer.NewCodecFactory(scheme) parameterCodec = runtime.NewParameterCodec(scheme) diff --git a/staging/src/k8s.io/apiserver/pkg/storage/etcd/testing/utils.go b/staging/src/k8s.io/apiserver/pkg/storage/etcd/testing/utils.go index 832de06d12f..83fcbd5049c 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/etcd/testing/utils.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/etcd/testing/utils.go @@ -29,9 +29,9 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/apiserver/pkg/storage/storagebackend" "k8s.io/apiserver/pkg/storage/etcd/etcdtest" "k8s.io/apiserver/pkg/storage/etcd/testing/testingcert" + "k8s.io/apiserver/pkg/storage/storagebackend" etcd "github.com/coreos/etcd/client" "github.com/coreos/etcd/clientv3" diff --git a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd2.go b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd2.go index a96897ca1f8..874ff53b892 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd2.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd2.go @@ -26,8 +26,8 @@ import ( utilnet "k8s.io/apimachinery/pkg/util/net" "k8s.io/apiserver/pkg/storage" - "k8s.io/apiserver/pkg/storage/storagebackend" "k8s.io/apiserver/pkg/storage/etcd" + "k8s.io/apiserver/pkg/storage/storagebackend" ) func newETCD2Storage(c storagebackend.Config) (storage.Interface, DestroyFunc, error) { diff --git a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go index 48f2b760d23..b7b3b799c40 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/etcd3.go @@ -18,8 +18,8 @@ package factory import ( "k8s.io/apiserver/pkg/storage" - "k8s.io/apiserver/pkg/storage/storagebackend" "k8s.io/apiserver/pkg/storage/etcd3" + "k8s.io/apiserver/pkg/storage/storagebackend" "github.com/coreos/etcd/clientv3" "github.com/coreos/etcd/pkg/transport" diff --git a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/tls_test.go b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/tls_test.go index 294642eeb3e..135dfce6c5a 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/tls_test.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/storagebackend/factory/tls_test.go @@ -33,8 +33,8 @@ import ( "k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/apiserver/pkg/apis/example" examplev1 "k8s.io/apiserver/pkg/apis/example/v1" - "k8s.io/apiserver/pkg/storage/storagebackend" "k8s.io/apiserver/pkg/storage/etcd/testing/testingcert" + "k8s.io/apiserver/pkg/storage/storagebackend" ) var scheme = runtime.NewScheme() diff --git a/staging/src/k8s.io/apiserver/pkg/util/feature/feature_gate.go b/staging/src/k8s.io/apiserver/pkg/util/feature/feature_gate.go index 458aa366044..c060766c0a4 100644 --- a/staging/src/k8s.io/apiserver/pkg/util/feature/feature_gate.go +++ b/staging/src/k8s.io/apiserver/pkg/util/feature/feature_gate.go @@ -67,7 +67,7 @@ const ( // Values for PreRelease. Alpha = prerelease("ALPHA") Beta = prerelease("BETA") - GA = prerelease("") + GA = prerelease("") ) // FeatureGate parses and stores flag gates for known features from