diff --git a/pkg/kubeapiserver/admission/initializer.go b/pkg/kubeapiserver/admission/initializer.go index b913b5a76c8..0ba97b5427b 100644 --- a/pkg/kubeapiserver/admission/initializer.go +++ b/pkg/kubeapiserver/admission/initializer.go @@ -30,11 +30,6 @@ type WantsCloudConfig interface { SetCloudConfig([]byte) } -// WantsRESTMapper defines a function which sets RESTMapper for admission plugins that need it. -type WantsRESTMapper interface { - SetRESTMapper(meta.RESTMapper) -} - // PluginInitializer is used for initialization of the Kubernetes specific admission plugins. type PluginInitializer struct { cloudConfig []byte @@ -66,7 +61,7 @@ func (i *PluginInitializer) Initialize(plugin admission.Interface) { wants.SetCloudConfig(i.cloudConfig) } - if wants, ok := plugin.(WantsRESTMapper); ok { + if wants, ok := plugin.(initializer.WantsRESTMapper); ok { wants.SetRESTMapper(i.restMapper) } diff --git a/plugin/pkg/admission/gc/gc_admission_test.go b/plugin/pkg/admission/gc/gc_admission_test.go index d5a30caa005..d32c7cd2504 100644 --- a/plugin/pkg/admission/gc/gc_admission_test.go +++ b/plugin/pkg/admission/gc/gc_admission_test.go @@ -115,7 +115,7 @@ func newGCPermissionsEnforcement() (*gcPermissionsEnforcement, error) { whiteList: whiteList, } - genericPluginInitializer := initializer.New(nil, nil, fakeAuthorizer{}, nil, nil) + genericPluginInitializer := initializer.New(nil, nil, nil, fakeAuthorizer{}, nil, nil) fakeDiscoveryClient := &fakediscovery.FakeDiscovery{Fake: &coretesting.Fake{}} fakeDiscoveryClient.Resources = []*metav1.APIResourceList{ { diff --git a/plugin/pkg/admission/limitranger/admission_test.go b/plugin/pkg/admission/limitranger/admission_test.go index 01a83816037..99ed3c9cf70 100644 --- a/plugin/pkg/admission/limitranger/admission_test.go +++ b/plugin/pkg/admission/limitranger/admission_test.go @@ -792,7 +792,7 @@ func newHandlerForTest(c clientset.Interface) (*LimitRanger, informers.SharedInf if err != nil { return nil, f, err } - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, nil, f, nil, nil, nil) pluginInitializer.Initialize(handler) err = admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/namespace/autoprovision/admission_test.go b/plugin/pkg/admission/namespace/autoprovision/admission_test.go index 7b1991acdf4..57c8fa0ace6 100644 --- a/plugin/pkg/admission/namespace/autoprovision/admission_test.go +++ b/plugin/pkg/admission/namespace/autoprovision/admission_test.go @@ -41,7 +41,7 @@ import ( func newHandlerForTest(c clientset.Interface) (admission.MutationInterface, informers.SharedInformerFactory, error) { f := informers.NewSharedInformerFactory(c, 5*time.Minute) handler := NewProvision() - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, nil, f, nil, nil, nil) pluginInitializer.Initialize(handler) err := admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/namespace/exists/admission_test.go b/plugin/pkg/admission/namespace/exists/admission_test.go index 03500e77433..999bb7b0a92 100644 --- a/plugin/pkg/admission/namespace/exists/admission_test.go +++ b/plugin/pkg/admission/namespace/exists/admission_test.go @@ -39,7 +39,7 @@ import ( func newHandlerForTest(c kubernetes.Interface) (admission.ValidationInterface, informers.SharedInformerFactory, error) { f := informers.NewSharedInformerFactory(c, 5*time.Minute) handler := NewExists() - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, nil, f, nil, nil, nil) pluginInitializer.Initialize(handler) err := admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/podnodeselector/admission_test.go b/plugin/pkg/admission/podnodeselector/admission_test.go index ab2f5404a87..f7de6357165 100644 --- a/plugin/pkg/admission/podnodeselector/admission_test.go +++ b/plugin/pkg/admission/podnodeselector/admission_test.go @@ -198,7 +198,7 @@ func TestHandles(t *testing.T) { func newHandlerForTest(c kubernetes.Interface) (*Plugin, informers.SharedInformerFactory, error) { f := informers.NewSharedInformerFactory(c, 5*time.Minute) handler := NewPodNodeSelector(nil) - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, nil, f, nil, nil, nil) pluginInitializer.Initialize(handler) err := admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/podtolerationrestriction/admission_test.go b/plugin/pkg/admission/podtolerationrestriction/admission_test.go index de79148deec..6c127321c25 100644 --- a/plugin/pkg/admission/podtolerationrestriction/admission_test.go +++ b/plugin/pkg/admission/podtolerationrestriction/admission_test.go @@ -355,7 +355,7 @@ func newHandlerForTest(c kubernetes.Interface) (*Plugin, informers.SharedInforme return nil, nil, err } handler := NewPodTolerationsPlugin(pluginConfig) - pluginInitializer := genericadmissioninitializer.New(c, f, nil, nil, nil) + pluginInitializer := genericadmissioninitializer.New(c, nil, f, nil, nil, nil) pluginInitializer.Initialize(handler) err = admission.ValidateInitialization(handler) return handler, f, err diff --git a/plugin/pkg/admission/resourcequota/admission_test.go b/plugin/pkg/admission/resourcequota/admission_test.go index 1089ba14cf6..dfc2308462f 100644 --- a/plugin/pkg/admission/resourcequota/admission_test.go +++ b/plugin/pkg/admission/resourcequota/admission_test.go @@ -107,7 +107,7 @@ func createHandlerWithConfig(kubeClient kubernetes.Interface, informerFactory in } initializers := admission.PluginInitializers{ - genericadmissioninitializer.New(kubeClient, informerFactory, nil, nil, stopCh), + genericadmissioninitializer.New(kubeClient, nil, informerFactory, nil, nil, stopCh), kubeapiserveradmission.NewPluginInitializer(nil, nil, quotaConfiguration), } initializers.Initialize(handler) diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go index 2d9bae550ad..2d293d79ac6 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer.go @@ -19,6 +19,7 @@ package initializer import ( "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/authorization/authorizer" + "k8s.io/client-go/dynamic" "k8s.io/client-go/informers" "k8s.io/client-go/kubernetes" "k8s.io/component-base/featuregate" @@ -26,6 +27,7 @@ import ( type pluginInitializer struct { externalClient kubernetes.Interface + dynamicClient dynamic.Interface externalInformers informers.SharedInformerFactory authorizer authorizer.Authorizer featureGates featuregate.FeatureGate @@ -37,6 +39,7 @@ type pluginInitializer struct { // during compilation when they update a level. func New( extClientset kubernetes.Interface, + dynamicClient dynamic.Interface, extInformers informers.SharedInformerFactory, authz authorizer.Authorizer, featureGates featuregate.FeatureGate, @@ -44,6 +47,7 @@ func New( ) pluginInitializer { return pluginInitializer{ externalClient: extClientset, + dynamicClient: dynamicClient, externalInformers: extInformers, authorizer: authz, featureGates: featureGates, @@ -68,6 +72,10 @@ func (i pluginInitializer) Initialize(plugin admission.Interface) { wants.SetExternalKubeClientSet(i.externalClient) } + if wants, ok := plugin.(WantsDynamicClient); ok { + wants.SetDynamicClient(i.dynamicClient) + } + if wants, ok := plugin.(WantsExternalKubeInformerFactory); ok { wants.SetExternalKubeInformerFactory(i.externalInformers) } diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go index a2849bbce18..872178b4bda 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/initializer_test.go @@ -32,7 +32,7 @@ import ( // TestWantsAuthorizer ensures that the authorizer is injected // when the WantsAuthorizer interface is implemented by a plugin. func TestWantsAuthorizer(t *testing.T) { - target := initializer.New(nil, nil, &TestAuthorizer{}, nil, nil) + target := initializer.New(nil, nil, nil, &TestAuthorizer{}, nil, nil) wantAuthorizerAdmission := &WantAuthorizerAdmission{} target.Initialize(wantAuthorizerAdmission) if wantAuthorizerAdmission.auth == nil { @@ -44,7 +44,7 @@ func TestWantsAuthorizer(t *testing.T) { // when the WantsExternalKubeClientSet interface is implemented by a plugin. func TestWantsExternalKubeClientSet(t *testing.T) { cs := &fake.Clientset{} - target := initializer.New(cs, nil, &TestAuthorizer{}, nil, nil) + target := initializer.New(cs, nil, nil, &TestAuthorizer{}, nil, nil) wantExternalKubeClientSet := &WantExternalKubeClientSet{} target.Initialize(wantExternalKubeClientSet) if wantExternalKubeClientSet.cs != cs { @@ -57,7 +57,7 @@ func TestWantsExternalKubeClientSet(t *testing.T) { func TestWantsExternalKubeInformerFactory(t *testing.T) { cs := &fake.Clientset{} sf := informers.NewSharedInformerFactory(cs, time.Duration(1)*time.Second) - target := initializer.New(cs, sf, &TestAuthorizer{}, nil, nil) + target := initializer.New(cs, nil, sf, &TestAuthorizer{}, nil, nil) wantExternalKubeInformerFactory := &WantExternalKubeInformerFactory{} target.Initialize(wantExternalKubeInformerFactory) if wantExternalKubeInformerFactory.sf != sf { @@ -69,7 +69,7 @@ func TestWantsExternalKubeInformerFactory(t *testing.T) { // when the WantsShutdownSignal interface is implemented by a plugin. func TestWantsShutdownNotification(t *testing.T) { stopCh := make(chan struct{}) - target := initializer.New(nil, nil, &TestAuthorizer{}, nil, stopCh) + target := initializer.New(nil, nil, nil, &TestAuthorizer{}, nil, stopCh) wantDrainedNotification := &WantDrainedNotification{} target.Initialize(wantDrainedNotification) if wantDrainedNotification.stopCh == nil { diff --git a/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go b/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go index 83d3d48c180..2a6632c3ed0 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/initializer/interfaces.go @@ -17,9 +17,11 @@ limitations under the License. package initializer import ( + "k8s.io/apimachinery/pkg/api/meta" "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/authorization/authorizer" quota "k8s.io/apiserver/pkg/quota/v1" + "k8s.io/client-go/dynamic" "k8s.io/client-go/informers" "k8s.io/client-go/kubernetes" "k8s.io/component-base/featuregate" @@ -68,3 +70,14 @@ type WantsFeatures interface { InspectFeatureGates(featuregate.FeatureGate) admission.InitializationValidator } + +type WantsDynamicClient interface { + SetDynamicClient(dynamic.Interface) + admission.InitializationValidator +} + +// WantsRESTMapper defines a function which sets RESTMapper for admission plugins that need it. +type WantsRESTMapper interface { + SetRESTMapper(meta.RESTMapper) + admission.InitializationValidator +} diff --git a/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go b/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go index c29bacf0ea4..b98c8860daf 100644 --- a/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go +++ b/staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle/admission_test.go @@ -53,7 +53,7 @@ func newHandlerForTestWithClock(c clientset.Interface, cacheClock clock.Clock) ( if err != nil { return nil, f, err } - pluginInitializer := kubeadmission.New(c, f, nil, nil, nil) + pluginInitializer := kubeadmission.New(c, nil, f, nil, nil, nil) pluginInitializer.Initialize(handler) err = admission.ValidateInitialization(handler) return handler, f, err diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go index c265677bbbf..2061b886b25 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go @@ -35,6 +35,7 @@ import ( apiserverapiv1 "k8s.io/apiserver/pkg/apis/apiserver/v1" apiserverapiv1alpha1 "k8s.io/apiserver/pkg/apis/apiserver/v1alpha1" "k8s.io/apiserver/pkg/server" + "k8s.io/client-go/dynamic" "k8s.io/client-go/informers" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" @@ -145,7 +146,11 @@ func (a *AdmissionOptions) ApplyTo( if err != nil { return err } - genericInitializer := initializer.New(clientset, informers, c.Authorization.Authorizer, features, c.DrainedNotify()) + dynamicClient, err := dynamic.NewForConfig(kubeAPIServerClientConfig) + if err != nil { + return err + } + genericInitializer := initializer.New(clientset, dynamicClient, informers, c.Authorization.Authorizer, features, c.DrainedNotify()) initializersChain := admission.PluginInitializers{genericInitializer} initializersChain = append(initializersChain, pluginInitializers...)