From edb59e9bc753458762014590eec7a15292183003 Mon Sep 17 00:00:00 2001 From: "Lubomir I. Ivanov" Date: Wed, 21 Jun 2023 13:33:26 +0300 Subject: [PATCH] kubeadm: move token defaulting and related constants to token package Move the defaulting of the BootstrapToken type inside the bootstraptoken/v1 package. This prevents an error where codegen complains that a defaulter for the type exists in both the kubeadm v1beta3 and v1beta4. Adapt kubeadm code to use the defaulter function and constants that were moved to bootstraptoken/v1. NOTE: technically this is a breaking change for direct users of v1beta3/SetDefaults_BootstrapToken(). --- .../app/apis/bootstraptoken/v1/defaults.go | 54 +++++++++++++++++++ .../app/apis/kubeadm/v1beta3/defaults.go | 18 +------ .../kubeadm/v1beta3/zz_generated.defaults.go | 4 -- .../app/apis/kubeadm/v1beta4/defaults.go | 18 +------ .../kubeadm/v1beta4/zz_generated.defaults.go | 4 -- cmd/kubeadm/app/cmd/init_test.go | 8 +-- cmd/kubeadm/app/cmd/options/token.go | 5 +- cmd/kubeadm/app/constants/constants.go | 11 ---- 8 files changed, 62 insertions(+), 60 deletions(-) create mode 100644 cmd/kubeadm/app/apis/bootstraptoken/v1/defaults.go diff --git a/cmd/kubeadm/app/apis/bootstraptoken/v1/defaults.go b/cmd/kubeadm/app/apis/bootstraptoken/v1/defaults.go new file mode 100644 index 00000000000..1d98d3b0608 --- /dev/null +++ b/cmd/kubeadm/app/apis/bootstraptoken/v1/defaults.go @@ -0,0 +1,54 @@ +/* +Copyright 2023 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + "time" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + bootstrapapi "k8s.io/cluster-bootstrap/token/api" +) + +const ( + // DefaultTokenDuration specifies the default amount of time that a bootstrap token will be valid + // Default behaviour is 24 hours + DefaultTokenDuration = 24 * time.Hour +) + +var ( + // DefaultTokenUsages specifies the default functions a token will get + DefaultTokenUsages = bootstrapapi.KnownTokenUsages + + // DefaultTokenGroups specifies the default groups that this token will authenticate as when used for authentication + DefaultTokenGroups = []string{"system:bootstrappers:kubeadm:default-node-token"} +) + +// SetDefaults_BootstrapToken sets the defaults for an individual Bootstrap Token +func SetDefaults_BootstrapToken(bt *BootstrapToken) { + if bt.TTL == nil { + bt.TTL = &metav1.Duration{ + Duration: DefaultTokenDuration, + } + } + if len(bt.Usages) == 0 { + bt.Usages = DefaultTokenUsages + } + + if len(bt.Groups) == 0 { + bt.Groups = DefaultTokenGroups + } +} diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go b/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go index 7fdaa274b4e..d007ad0b36e 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta3/defaults.go @@ -181,23 +181,7 @@ func SetDefaults_BootstrapTokens(obj *InitConfiguration) { } for i := range obj.BootstrapTokens { - SetDefaults_BootstrapToken(&obj.BootstrapTokens[i]) - } -} - -// SetDefaults_BootstrapToken sets the defaults for an individual Bootstrap Token -func SetDefaults_BootstrapToken(bt *bootstraptokenv1.BootstrapToken) { - if bt.TTL == nil { - bt.TTL = &metav1.Duration{ - Duration: constants.DefaultTokenDuration, - } - } - if len(bt.Usages) == 0 { - bt.Usages = constants.DefaultTokenUsages - } - - if len(bt.Groups) == 0 { - bt.Groups = constants.DefaultTokenGroups + bootstraptokenv1.SetDefaults_BootstrapToken(&obj.BootstrapTokens[i]) } } diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta3/zz_generated.defaults.go b/cmd/kubeadm/app/apis/kubeadm/v1beta3/zz_generated.defaults.go index b3fa54fbe26..c9c1b487e83 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta3/zz_generated.defaults.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta3/zz_generated.defaults.go @@ -42,10 +42,6 @@ func SetObjectDefaults_ClusterConfiguration(in *ClusterConfiguration) { func SetObjectDefaults_InitConfiguration(in *InitConfiguration) { SetDefaults_InitConfiguration(in) - for i := range in.BootstrapTokens { - a := &in.BootstrapTokens[i] - SetDefaults_BootstrapToken(a) - } SetDefaults_APIEndpoint(&in.LocalAPIEndpoint) } diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta4/defaults.go b/cmd/kubeadm/app/apis/kubeadm/v1beta4/defaults.go index a599cf154a9..f303b386719 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta4/defaults.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta4/defaults.go @@ -181,23 +181,7 @@ func SetDefaults_BootstrapTokens(obj *InitConfiguration) { } for i := range obj.BootstrapTokens { - SetDefaults_BootstrapToken(&obj.BootstrapTokens[i]) - } -} - -// SetDefaults_BootstrapToken sets the defaults for an individual Bootstrap Token -func SetDefaults_BootstrapToken(bt *bootstraptokenv1.BootstrapToken) { - if bt.TTL == nil { - bt.TTL = &metav1.Duration{ - Duration: constants.DefaultTokenDuration, - } - } - if len(bt.Usages) == 0 { - bt.Usages = constants.DefaultTokenUsages - } - - if len(bt.Groups) == 0 { - bt.Groups = constants.DefaultTokenGroups + bootstraptokenv1.SetDefaults_BootstrapToken(&obj.BootstrapTokens[i]) } } diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta4/zz_generated.defaults.go b/cmd/kubeadm/app/apis/kubeadm/v1beta4/zz_generated.defaults.go index dfa01af863b..c898c74a884 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1beta4/zz_generated.defaults.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1beta4/zz_generated.defaults.go @@ -42,10 +42,6 @@ func SetObjectDefaults_ClusterConfiguration(in *ClusterConfiguration) { func SetObjectDefaults_InitConfiguration(in *InitConfiguration) { SetDefaults_InitConfiguration(in) - for i := range in.BootstrapTokens { - a := &in.BootstrapTokens[i] - SetDefaults_BootstrapToken(a) - } SetDefaults_APIEndpoint(&in.LocalAPIEndpoint) } diff --git a/cmd/kubeadm/app/cmd/init_test.go b/cmd/kubeadm/app/cmd/init_test.go index 91846d92faa..ef380388af2 100644 --- a/cmd/kubeadm/app/cmd/init_test.go +++ b/cmd/kubeadm/app/cmd/init_test.go @@ -27,7 +27,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/sets" - v1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/bootstraptoken/v1" + bootstraptokenv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/bootstraptoken/v1" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" @@ -121,12 +121,12 @@ func TestNewInitData(t *testing.T) { AdvertiseAddress: "1.2.3.4", BindPort: 6443, }, - BootstrapTokens: []v1.BootstrapToken{ + BootstrapTokens: []bootstraptokenv1.BootstrapToken{ { - Token: &v1.BootstrapTokenString{ID: "abcdef", Secret: "0123456789abcdef"}, + Token: &bootstraptokenv1.BootstrapTokenString{ID: "abcdef", Secret: "0123456789abcdef"}, Usages: []string{"signing", "authentication"}, TTL: &metav1.Duration{ - Duration: constants.DefaultTokenDuration, + Duration: bootstraptokenv1.DefaultTokenDuration, }, Groups: []string{"system:bootstrappers:kubeadm:default-node-token"}, }, diff --git a/cmd/kubeadm/app/cmd/options/token.go b/cmd/kubeadm/app/cmd/options/token.go index 19e24ab6615..4b01c130f62 100644 --- a/cmd/kubeadm/app/cmd/options/token.go +++ b/cmd/kubeadm/app/cmd/options/token.go @@ -26,13 +26,12 @@ import ( bootstraptokenv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/bootstraptoken/v1" kubeadmapiv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3" - kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" ) // NewBootstrapTokenOptions creates a new BootstrapTokenOptions object with the default values func NewBootstrapTokenOptions() *BootstrapTokenOptions { bto := &BootstrapTokenOptions{&bootstraptokenv1.BootstrapToken{}, ""} - kubeadmapiv1.SetDefaults_BootstrapToken(bto.BootstrapToken) + bootstraptokenv1.SetDefaults_BootstrapToken(bto.BootstrapToken) return bto } @@ -69,7 +68,7 @@ func (bto *BootstrapTokenOptions) AddTTLFlagWithName(fs *pflag.FlagSet, flagName func (bto *BootstrapTokenOptions) AddUsagesFlag(fs *pflag.FlagSet) { fs.StringSliceVar( &bto.Usages, TokenUsages, bto.Usages, - fmt.Sprintf("Describes the ways in which this token can be used. You can pass --usages multiple times or provide a comma separated list of options. Valid options: [%s]", strings.Join(kubeadmconstants.DefaultTokenUsages, ",")), + fmt.Sprintf("Describes the ways in which this token can be used. You can pass --usages multiple times or provide a comma separated list of options. Valid options: [%s]", strings.Join(bootstraptokenv1.DefaultTokenUsages, ",")), ) } diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go index ecf81aa55c6..62f08a61c3a 100644 --- a/cmd/kubeadm/app/constants/constants.go +++ b/cmd/kubeadm/app/constants/constants.go @@ -31,7 +31,6 @@ import ( "k8s.io/apimachinery/pkg/util/version" "k8s.io/apimachinery/pkg/util/wait" apimachineryversion "k8s.io/apimachinery/pkg/version" - bootstrapapi "k8s.io/cluster-bootstrap/token/api" componentversion "k8s.io/component-base/version" netutils "k8s.io/utils/net" ) @@ -243,10 +242,6 @@ const ( // The node subnet mask size must be no more than the pod subnet mask size + 16 PodSubnetNodeMaskMaxDiff = 16 - // DefaultTokenDuration specifies the default amount of time that a bootstrap token will be valid - // Default behaviour is 24 hours - DefaultTokenDuration = 24 * time.Hour - // DefaultCertTokenDuration specifies the default amount of time that the token used by upload certs will be valid // Default behaviour is 2 hours DefaultCertTokenDuration = 2 * time.Hour @@ -447,12 +442,6 @@ var ( Effect: v1.TaintEffectNoSchedule, } - // DefaultTokenUsages specifies the default functions a token will get - DefaultTokenUsages = bootstrapapi.KnownTokenUsages - - // DefaultTokenGroups specifies the default groups that this token will authenticate as when used for authentication - DefaultTokenGroups = []string{NodeBootstrapTokenAuthGroup} - // ControlPlaneComponents defines the control-plane component names ControlPlaneComponents = []string{KubeAPIServer, KubeControllerManager, KubeScheduler}