Update vendor

vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/factory.go

@@ -0,0 +1,43 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package transformer provides transformer factory
+package transformer
+
+import (
+	"k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash"
+	"k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch"
+	"sigs.k8s.io/kustomize/pkg/resource"
+	"sigs.k8s.io/kustomize/pkg/transformers"
+)
+
+// FactoryImpl makes patch transformer and name hash transformer
+type FactoryImpl struct{}
+
+// NewFactoryImpl makes a new factoryImpl instance
+func NewFactoryImpl() *FactoryImpl {
+	return &FactoryImpl{}
+}
+
+// MakePatchTransformer makes a new patch transformer
+func (p *FactoryImpl) MakePatchTransformer(slice []*resource.Resource, rf *resource.Factory) (transformers.Transformer, error) {
+	return patch.NewPatchTransformer(slice, rf)
+}
+
+// MakeHashTransformer makes a new name hash transformer
+func (p *FactoryImpl) MakeHashTransformer() transformers.Transformer {
+	return hash.NewNameHashTransformer()
+}

vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/hash.go

@@ -0,0 +1,184 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package hash
+
+import (
+	"crypto/sha256"
+	"encoding/json"
+	"fmt"
+
+	"k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+)
+
+// KustHash compute hash for unstructured objects
+type KustHash struct{}
+
+// NewKustHash returns a KustHash object
+func NewKustHash() *KustHash {
+	return &KustHash{}
+}
+
+// Hash returns a hash of either a ConfigMap or a Secret
+func (h *KustHash) Hash(m map[string]interface{}) (string, error) {
+	u := unstructured.Unstructured{
+		Object: m,
+	}
+	kind := u.GetKind()
+	switch kind {
+	case "ConfigMap":
+		cm, err := unstructuredToConfigmap(u)
+		if err != nil {
+			return "", err
+		}
+		return ConfigMapHash(cm)
+	case "Secret":
+		sec, err := unstructuredToSecret(u)
+
+		if err != nil {
+			return "", err
+		}
+		return SecretHash(sec)
+	default:
+		return "", fmt.Errorf("type %s is supported for hashing in %v", kind, m)
+	}
+}
+
+// ConfigMapHash returns a hash of the ConfigMap.
+// The Data, Kind, and Name are taken into account.
+func ConfigMapHash(cm *v1.ConfigMap) (string, error) {
+	encoded, err := encodeConfigMap(cm)
+	if err != nil {
+		return "", err
+	}
+	h, err := encodeHash(hash(encoded))
+	if err != nil {
+		return "", err
+	}
+	return h, nil
+}
+
+// SecretHash returns a hash of the Secret.
+// The Data, Kind, Name, and Type are taken into account.
+func SecretHash(sec *v1.Secret) (string, error) {
+	encoded, err := encodeSecret(sec)
+	if err != nil {
+		return "", err
+	}
+	h, err := encodeHash(hash(encoded))
+	if err != nil {
+		return "", err
+	}
+	return h, nil
+}
+
+// encodeConfigMap encodes a ConfigMap.
+// Data, Kind, and Name are taken into account.
+func encodeConfigMap(cm *v1.ConfigMap) (string, error) {
+	// json.Marshal sorts the keys in a stable order in the encoding
+	m := map[string]interface{}{
+		"kind": "ConfigMap",
+		"name": cm.Name,
+		"data": cm.Data,
+	}
+	if cm.Immutable != nil {
+		m["immutable"] = *cm.Immutable
+	}
+	if len(cm.BinaryData) > 0 {
+		m["binaryData"] = cm.BinaryData
+	}
+	data, err := json.Marshal(m)
+	if err != nil {
+		return "", err
+	}
+	return string(data), nil
+}
+
+// encodeSecret encodes a Secret.
+// Data, Kind, Name, and Type are taken into account.
+func encodeSecret(sec *v1.Secret) (string, error) {
+	// json.Marshal sorts the keys in a stable order in the encoding
+	m := map[string]interface{}{
+		"kind": "Secret",
+		"type": sec.Type,
+		"name": sec.Name,
+		"data": sec.Data,
+	}
+	if sec.Immutable != nil {
+		m["immutable"] = *sec.Immutable
+	}
+	data, err := json.Marshal(m)
+	if err != nil {
+		return "", err
+	}
+	return string(data), nil
+}
+
+// encodeHash extracts the first 40 bits of the hash from the hex string
+// (1 hex char represents 4 bits), and then maps vowels and vowel-like hex
+// characters to consonants to prevent bad words from being formed (the theory
+// is that no vowels makes it really hard to make bad words). Since the string
+// is hex, the only vowels it can contain are 'a' and 'e'.
+// We picked some arbitrary consonants to map to from the same character set as GenerateName.
+// See: https://github.com/kubernetes/apimachinery/blob/dc1f89aff9a7509782bde3b68824c8043a3e58cc/pkg/util/rand/rand.go#L75
+// If the hex string contains fewer than ten characters, returns an error.
+func encodeHash(hex string) (string, error) {
+	if len(hex) < 10 {
+		return "", fmt.Errorf("the hex string must contain at least 10 characters")
+	}
+	enc := []rune(hex[:10])
+	for i := range enc {
+		switch enc[i] {
+		case '0':
+			enc[i] = 'g'
+		case '1':
+			enc[i] = 'h'
+		case '3':
+			enc[i] = 'k'
+		case 'a':
+			enc[i] = 'm'
+		case 'e':
+			enc[i] = 't'
+		}
+	}
+	return string(enc), nil
+}
+
+// hash hashes `data` with sha256 and returns the hex string
+func hash(data string) string {
+	return fmt.Sprintf("%x", sha256.Sum256([]byte(data)))
+}
+
+func unstructuredToConfigmap(u unstructured.Unstructured) (*v1.ConfigMap, error) {
+	marshaled, err := json.Marshal(u.Object)
+	if err != nil {
+		return nil, err
+	}
+	var out v1.ConfigMap
+	err = json.Unmarshal(marshaled, &out)
+	return &out, err
+}
+
+func unstructuredToSecret(u unstructured.Unstructured) (*v1.Secret, error) {
+	marshaled, err := json.Marshal(u.Object)
+	if err != nil {
+		return nil, err
+	}
+	var out v1.Secret
+	err = json.Unmarshal(marshaled, &out)
+	return &out, err
+}

vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash/namehash.go

@@ -0,0 +1,47 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package hash
+
+import (
+	"fmt"
+
+	"sigs.k8s.io/kustomize/pkg/resmap"
+	"sigs.k8s.io/kustomize/pkg/transformers"
+)
+
+type nameHashTransformer struct{}
+
+var _ transformers.Transformer = &nameHashTransformer{}
+
+// NewNameHashTransformer construct a nameHashTransformer.
+func NewNameHashTransformer() transformers.Transformer {
+	return &nameHashTransformer{}
+}
+
+// Transform appends hash to generated resources.
+func (o *nameHashTransformer) Transform(m resmap.ResMap) error {
+	for _, res := range m {
+		if res.NeedHashSuffix() {
+			h, err := NewKustHash().Hash(res.Map())
+			if err != nil {
+				return err
+			}
+			res.SetName(fmt.Sprintf("%s-%s", res.GetName(), h))
+		}
+	}
+	return nil
+}

vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patch.go

@@ -0,0 +1,174 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package patch
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/evanphx/json-patch"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/strategicpatch"
+	"k8s.io/client-go/kubernetes/scheme"
+	"sigs.k8s.io/kustomize/pkg/gvk"
+	"sigs.k8s.io/kustomize/pkg/resmap"
+	"sigs.k8s.io/kustomize/pkg/resource"
+	"sigs.k8s.io/kustomize/pkg/transformers"
+)
+
+// patchTransformer applies patches.
+type patchTransformer struct {
+	patches []*resource.Resource
+	rf      *resource.Factory
+}
+
+var _ transformers.Transformer = &patchTransformer{}
+
+// NewPatchTransformer constructs a patchTransformer.
+func NewPatchTransformer(
+	slice []*resource.Resource, rf *resource.Factory) (transformers.Transformer, error) {
+	if len(slice) == 0 {
+		return transformers.NewNoOpTransformer(), nil
+	}
+	return &patchTransformer{patches: slice, rf: rf}, nil
+}
+
+// Transform apply the patches on top of the base resources.
+func (pt *patchTransformer) Transform(baseResourceMap resmap.ResMap) error {
+	// Merge and then index the patches by Id.
+	patches, err := pt.mergePatches()
+	if err != nil {
+		return err
+	}
+
+	// Strategic merge the resources exist in both base and patches.
+	for _, patch := range patches {
+		// Merge patches with base resource.
+		id := patch.Id()
+		matchedIds := baseResourceMap.GetMatchingIds(id.GvknEquals)
+		if len(matchedIds) == 0 {
+			return fmt.Errorf("failed to find an object with %s to apply the patch", id.GvknString())
+		}
+		if len(matchedIds) > 1 {
+			return fmt.Errorf("found multiple objects %#v targeted by patch %#v (ambiguous)", matchedIds, id)
+		}
+		id = matchedIds[0]
+		base := baseResourceMap[id]
+		merged := map[string]interface{}{}
+		versionedObj, err := scheme.Scheme.New(toSchemaGvk(id.Gvk()))
+		baseName := base.GetName()
+		switch {
+		case runtime.IsNotRegisteredError(err):
+			// Use JSON merge patch to handle types w/o schema
+			baseBytes, err := json.Marshal(base.Map())
+			if err != nil {
+				return err
+			}
+			patchBytes, err := json.Marshal(patch.Map())
+			if err != nil {
+				return err
+			}
+			mergedBytes, err := jsonpatch.MergePatch(baseBytes, patchBytes)
+			if err != nil {
+				return err
+			}
+			err = json.Unmarshal(mergedBytes, &merged)
+			if err != nil {
+				return err
+			}
+		case err != nil:
+			return err
+		default:
+			// Use Strategic-Merge-Patch to handle types w/ schema
+			// TODO: Change this to use the new Merge package.
+			// Store the name of the base object, because this name may have been munged.
+			// Apply this name to the patched object.
+			lookupPatchMeta, err := strategicpatch.NewPatchMetaFromStruct(versionedObj)
+			if err != nil {
+				return err
+			}
+			merged, err = strategicpatch.StrategicMergeMapPatchUsingLookupPatchMeta(
+				base.Map(),
+				patch.Map(),
+				lookupPatchMeta)
+			if err != nil {
+				return err
+			}
+		}
+		base.SetName(baseName)
+		baseResourceMap[id].SetMap(merged)
+	}
+	return nil
+}
+
+// mergePatches merge and index patches by Id.
+// It errors out if there is conflict between patches.
+func (pt *patchTransformer) mergePatches() (resmap.ResMap, error) {
+	rc := resmap.ResMap{}
+	for ix, patch := range pt.patches {
+		id := patch.Id()
+		existing, found := rc[id]
+		if !found {
+			rc[id] = patch
+			continue
+		}
+
+		versionedObj, err := scheme.Scheme.New(toSchemaGvk(id.Gvk()))
+		if err != nil && !runtime.IsNotRegisteredError(err) {
+			return nil, err
+		}
+		var cd conflictDetector
+		if err != nil {
+			cd = newJMPConflictDetector(pt.rf)
+		} else {
+			cd, err = newSMPConflictDetector(versionedObj, pt.rf)
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		conflict, err := cd.hasConflict(existing, patch)
+		if err != nil {
+			return nil, err
+		}
+		if conflict {
+			conflictingPatch, err := cd.findConflict(ix, pt.patches)
+			if err != nil {
+				return nil, err
+			}
+			return nil, fmt.Errorf(
+				"conflict between %#v and %#v",
+				conflictingPatch.Map(), patch.Map())
+		}
+		merged, err := cd.mergePatches(existing, patch)
+		if err != nil {
+			return nil, err
+		}
+		rc[id] = merged
+	}
+	return rc, nil
+}
+
+// toSchemaGvk converts to a schema.GroupVersionKind.
+func toSchemaGvk(x gvk.Gvk) schema.GroupVersionKind {
+	return schema.GroupVersionKind{
+		Group:   x.Group,
+		Version: x.Version,
+		Kind:    x.Kind,
+	}
+}

vendor/k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch/patchconflictdetector.go

@@ -0,0 +1,137 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package patch
+
+import (
+	"encoding/json"
+
+	"github.com/evanphx/json-patch"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/mergepatch"
+	"k8s.io/apimachinery/pkg/util/strategicpatch"
+	"sigs.k8s.io/kustomize/pkg/resource"
+)
+
+type conflictDetector interface {
+	hasConflict(patch1, patch2 *resource.Resource) (bool, error)
+	findConflict(conflictingPatchIdx int, patches []*resource.Resource) (*resource.Resource, error)
+	mergePatches(patch1, patch2 *resource.Resource) (*resource.Resource, error)
+}
+
+type jsonMergePatch struct {
+	rf *resource.Factory
+}
+
+var _ conflictDetector = &jsonMergePatch{}
+
+func newJMPConflictDetector(rf *resource.Factory) conflictDetector {
+	return &jsonMergePatch{rf: rf}
+}
+
+func (jmp *jsonMergePatch) hasConflict(
+	patch1, patch2 *resource.Resource) (bool, error) {
+	return mergepatch.HasConflicts(patch1.Map(), patch2.Map())
+}
+
+func (jmp *jsonMergePatch) findConflict(
+	conflictingPatchIdx int, patches []*resource.Resource) (*resource.Resource, error) {
+	for i, patch := range patches {
+		if i == conflictingPatchIdx {
+			continue
+		}
+		if !patches[conflictingPatchIdx].Id().GvknEquals(patch.Id()) {
+			continue
+		}
+		conflict, err := mergepatch.HasConflicts(
+			patch.Map(),
+			patches[conflictingPatchIdx].Map())
+		if err != nil {
+			return nil, err
+		}
+		if conflict {
+			return patch, nil
+		}
+	}
+	return nil, nil
+}
+
+func (jmp *jsonMergePatch) mergePatches(
+	patch1, patch2 *resource.Resource) (*resource.Resource, error) {
+	baseBytes, err := json.Marshal(patch1.Map())
+	if err != nil {
+		return nil, err
+	}
+	patchBytes, err := json.Marshal(patch2.Map())
+	if err != nil {
+		return nil, err
+	}
+	mergedBytes, err := jsonpatch.MergeMergePatches(baseBytes, patchBytes)
+	if err != nil {
+		return nil, err
+	}
+	mergedMap := make(map[string]interface{})
+	err = json.Unmarshal(mergedBytes, &mergedMap)
+	return jmp.rf.FromMap(mergedMap), err
+}
+
+type strategicMergePatch struct {
+	lookupPatchMeta strategicpatch.LookupPatchMeta
+	rf              *resource.Factory
+}
+
+var _ conflictDetector = &strategicMergePatch{}
+
+func newSMPConflictDetector(
+	versionedObj runtime.Object,
+	rf *resource.Factory) (conflictDetector, error) {
+	lookupPatchMeta, err := strategicpatch.NewPatchMetaFromStruct(versionedObj)
+	return &strategicMergePatch{lookupPatchMeta: lookupPatchMeta, rf: rf}, err
+}
+
+func (smp *strategicMergePatch) hasConflict(p1, p2 *resource.Resource) (bool, error) {
+	return strategicpatch.MergingMapsHaveConflicts(
+		p1.Map(), p2.Map(), smp.lookupPatchMeta)
+}
+
+func (smp *strategicMergePatch) findConflict(
+	conflictingPatchIdx int, patches []*resource.Resource) (*resource.Resource, error) {
+	for i, patch := range patches {
+		if i == conflictingPatchIdx {
+			continue
+		}
+		if !patches[conflictingPatchIdx].Id().GvknEquals(patch.Id()) {
+			continue
+		}
+		conflict, err := strategicpatch.MergingMapsHaveConflicts(
+			patch.Map(),
+			patches[conflictingPatchIdx].Map(),
+			smp.lookupPatchMeta)
+		if err != nil {
+			return nil, err
+		}
+		if conflict {
+			return patch, nil
+		}
+	}
+	return nil, nil
+}
+
+func (smp *strategicMergePatch) mergePatches(patch1, patch2 *resource.Resource) (*resource.Resource, error) {
+	mergeJSONMap, err := strategicpatch.MergeStrategicMergeMapPatchUsingLookupPatchMeta(
+		smp.lookupPatchMeta, patch1.Map(), patch2.Map())
+	return smp.rf.FromMap(mergeJSONMap), err
+}