From 3df90134ca566d98b3a8a29f1843f420d5b4ac74 Mon Sep 17 00:00:00 2001 From: Vlad Vitan <23100181+vlasebian@users.noreply.github.com> Date: Sun, 5 Nov 2023 15:25:27 +0100 Subject: [PATCH 1/2] add script for restricting import of test only libraries --- hack/verify-testing-import.sh | 60 +++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100755 hack/verify-testing-import.sh diff --git a/hack/verify-testing-import.sh b/hack/verify-testing-import.sh new file mode 100755 index 00000000000..a9be4d7a315 --- /dev/null +++ b/hack/verify-testing-import.sh @@ -0,0 +1,60 @@ +#!/usr/bin/env bash + +# Copyright 2023 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script checks whether the testing.init symbol is present in any +# of the release binaries and fails if it finds one. This check is needed +# to avoid including test libraries in production binaries as they often lack +# rigorous review and sufficient testing. +# Usage: `hack/verify-test-code.sh`. + +set -o errexit +set -o nounset +set -o pipefail + +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +source "${KUBE_ROOT}/hack/lib/init.sh" +cd "${KUBE_ROOT}" + +RELEASE_BIN_PKGS=( + "${KUBE_ROOT}/cmd/cloud-controller-manager" + "${KUBE_ROOT}/cmd/kube-apiserver" + "${KUBE_ROOT}/cmd/kube-controller-manager" + "${KUBE_ROOT}/cmd/kube-proxy" + "${KUBE_ROOT}/cmd/kube-scheduler" + "${KUBE_ROOT}/cmd/kubectl" + "${KUBE_ROOT}/cmd/kubectl-convert" + "${KUBE_ROOT}/cmd/kubelet" +) + +pkgs_with_testing_import=() +for file in "${RELEASE_BIN_PKGS[@]}" +do + if [ "$(go list -json "${file}" | jq 'any(.Deps[]; . == "testing")')" == "true" ] + then + pkgs_with_testing_import+=( "${file}" ) + fi +done + +if [ ${#pkgs_with_testing_import[@]} -ne 0 ]; then + printf "%s\n" "Testing package imported in:" + for file in "${pkgs_with_testing_import[@]}"; do + printf "\t%s\n" "${file}" + done + exit 1 +fi + +exit 0 + From 565ac50bafbee678d423936812a16b611e03b6e2 Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Wed, 15 Nov 2023 15:05:18 -0500 Subject: [PATCH 2/2] Drop testing dependency from shipped binaries --- pkg/kubelet/container/testing/fake_runtime.go | 7 +++++-- .../component-base/metrics/testutil/testutil.go | 11 ++++++++--- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/pkg/kubelet/container/testing/fake_runtime.go b/pkg/kubelet/container/testing/fake_runtime.go index b6229d3a3fa..aecad28b3d4 100644 --- a/pkg/kubelet/container/testing/fake_runtime.go +++ b/pkg/kubelet/container/testing/fake_runtime.go @@ -22,7 +22,6 @@ import ( "net/url" "reflect" "sync" - "testing" "time" v1 "k8s.io/api/core/v1" @@ -33,6 +32,10 @@ import ( "k8s.io/kubernetes/pkg/volume" ) +type TB interface { + Errorf(format string, args ...any) +} + type FakePod struct { Pod *kubecontainer.Pod NetnsPath string @@ -65,7 +68,7 @@ type FakeRuntime struct { // from container runtime. BlockImagePulls bool imagePullTokenBucket chan bool - T *testing.T + T TB } const FakeHost = "localhost:12345" diff --git a/staging/src/k8s.io/component-base/metrics/testutil/testutil.go b/staging/src/k8s.io/component-base/metrics/testutil/testutil.go index 26d2d5fd715..b00f949c376 100644 --- a/staging/src/k8s.io/component-base/metrics/testutil/testutil.go +++ b/staging/src/k8s.io/component-base/metrics/testutil/testutil.go @@ -19,7 +19,6 @@ package testutil import ( "fmt" "io" - "testing" "github.com/prometheus/client_golang/prometheus/testutil" @@ -28,6 +27,12 @@ import ( "k8s.io/component-base/metrics/legacyregistry" ) +type TB interface { + Logf(format string, args ...any) + Errorf(format string, args ...any) + Fatalf(format string, args ...any) +} + // CollectAndCompare registers the provided Collector with a newly created // pedantic Registry. It then does the same as GatherAndCompare, gathering the // metrics from the pedantic Registry. @@ -94,7 +99,7 @@ func NewFakeKubeRegistry(ver string) metrics.KubeRegistry { return metrics.NewKubeRegistry() } -func AssertVectorCount(t *testing.T, name string, labelFilter map[string]string, wantCount int) { +func AssertVectorCount(t TB, name string, labelFilter map[string]string, wantCount int) { metrics, err := legacyregistry.DefaultGatherer.Gather() if err != nil { t.Fatalf("Failed to gather metrics: %s", err) @@ -124,7 +129,7 @@ func AssertVectorCount(t *testing.T, name string, labelFilter map[string]string, } } -func AssertHistogramTotalCount(t *testing.T, name string, labelFilter map[string]string, wantCount int) { +func AssertHistogramTotalCount(t TB, name string, labelFilter map[string]string, wantCount int) { metrics, err := legacyregistry.DefaultGatherer.Gather() if err != nil { t.Fatalf("Failed to gather metrics: %s", err)