diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 0d81c15284952..2135349674046 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -18467,6 +18467,7 @@ "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1.ExternalDocumentation" }, "format": { + "description": "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,2559\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339.", "type": "string" }, "id": { @@ -19110,6 +19111,7 @@ "$ref": "#/definitions/io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.ExternalDocumentation" }, "format": { + "description": "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,2559\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339.", "type": "string" }, "id": { diff --git a/build/common.sh b/build/common.sh index 2ae17c9f1a9ef..58591eafdd04d 100755 --- a/build/common.sh +++ b/build/common.sh @@ -94,8 +94,8 @@ readonly KUBE_CONTAINER_RSYNC_PORT=8730 # $1 - server architecture kube::build::get_docker_wrapped_binaries() { local arch=$1 - local debian_base_version=v1.0.0 - local debian_iptables_version=v11.0.2 + local debian_base_version=v2.0.0 + local debian_iptables_version=v12.0.1 ### If you change any of these lists, please also update DOCKERIZED_BINARIES ### in build/BUILD. And kube::golang::server_image_targets local targets=( diff --git a/build/debian-base/Dockerfile.build b/build/debian-base/Dockerfile.build index cdd026b08f1b4..22bd98201b4c0 100644 --- a/build/debian-base/Dockerfile.build +++ b/build/debian-base/Dockerfile.build @@ -41,28 +41,14 @@ RUN apt-mark hold apt gnupg adduser passwd libsemanage1 libcap2 # Several utilities (e.g. ping) were kept for usefulness, but may be removed in later versions. RUN echo "Yes, do as I say!" | apt-get purge \ bash \ - debconf-i18n \ - e2fslibs \ e2fsprogs \ - init \ - initscripts \ libcap2-bin \ - libkmod2 \ libmount1 \ libsmartcols1 \ - libudev1 \ libblkid1 \ - libncursesw5 \ - libprocps6 \ - libslang2 \ libss2 \ - libsystemd0 \ - libtext-charwidth-perl libtext-iconv-perl libtext-wrapi18n-perl \ ncurses-base \ ncurses-bin \ - systemd \ - systemd-sysv \ - sysv-rc \ tzdata # No-op stubs replace some unnecessary binaries that may be depended on in the install process (in diff --git a/build/debian-base/Makefile b/build/debian-base/Makefile index 3370bcdf9e17d..54e3eb0f25e73 100755 --- a/build/debian-base/Makefile +++ b/build/debian-base/Makefile @@ -18,7 +18,7 @@ REGISTRY ?= staging-k8s.gcr.io IMAGE ?= $(REGISTRY)/debian-base BUILD_IMAGE ?= debian-build -TAG ?= v1.0.0 +TAG ?= v2.0.0 TAR_FILE ?= rootfs.tar ARCH?=amd64 @@ -33,22 +33,22 @@ SUDO=$(if $(filter 0,$(shell id -u)),,sudo) export DOCKER_CLI_EXPERIMENTAL := enabled ifeq ($(ARCH),amd64) - BASEIMAGE?=debian:stretch + BASEIMAGE?=debian:buster-slim endif ifeq ($(ARCH),arm) - BASEIMAGE?=arm32v7/debian:stretch + BASEIMAGE?=arm32v7/debian:buster-slim QEMUARCH=arm endif ifeq ($(ARCH),arm64) - BASEIMAGE?=arm64v8/debian:stretch + BASEIMAGE?=arm64v8/debian:buster-slim QEMUARCH=aarch64 endif ifeq ($(ARCH),ppc64le) - BASEIMAGE?=ppc64le/debian:stretch + BASEIMAGE?=ppc64le/debian:buster-slim QEMUARCH=ppc64le endif ifeq ($(ARCH),s390x) - BASEIMAGE?=s390x/debian:stretch + BASEIMAGE?=s390x/debian:buster-slim QEMUARCH=s390x endif diff --git a/build/debian-iptables/Dockerfile b/build/debian-iptables/Dockerfile index c7953b3762edd..3d8435fe680f8 100644 --- a/build/debian-iptables/Dockerfile +++ b/build/debian-iptables/Dockerfile @@ -14,10 +14,28 @@ FROM BASEIMAGE +# Install latest iptables package from buster-backports +RUN echo deb http://deb.debian.org/debian buster-backports main >> /etc/apt/sources.list; \ + apt-get update; \ + apt-get -t buster-backports -y --no-install-recommends install iptables + +# Install other dependencies and then clean up apt caches RUN clean-install \ conntrack \ ebtables \ ipset \ - iptables \ kmod \ netbase + +# Install iptables wrapper scripts to detect the correct iptables mode +# the first time any of them is run +COPY iptables-wrapper /usr/sbin/iptables-wrapper + +RUN update-alternatives \ + --install /usr/sbin/iptables iptables /usr/sbin/iptables-wrapper 100 \ + --slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-wrapper +RUN update-alternatives \ + --install /usr/sbin/ip6tables ip6tables /usr/sbin/iptables-wrapper 100 \ + --slave /usr/sbin/ip6tables-restore ip6tables-restore /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/ip6tables-save ip6tables-save /usr/sbin/iptables-wrapper diff --git a/build/debian-iptables/Makefile b/build/debian-iptables/Makefile index 87b0322d7ecc9..ff1d0bd724d83 100644 --- a/build/debian-iptables/Makefile +++ b/build/debian-iptables/Makefile @@ -16,12 +16,12 @@ REGISTRY?="staging-k8s.gcr.io" IMAGE=$(REGISTRY)/debian-iptables -TAG?=v11.0.2 +TAG?=v12.0.1 ARCH?=amd64 ALL_ARCH = amd64 arm arm64 ppc64le s390x TEMP_DIR:=$(shell mktemp -d) -BASEIMAGE?=k8s.gcr.io/debian-base-$(ARCH):v1.0.0 +BASEIMAGE?=k8s.gcr.io/debian-base-$(ARCH):v2.0.0 # This option is for running docker manifest command export DOCKER_CLI_EXPERIMENTAL := enabled diff --git a/build/debian-iptables/iptables-wrapper b/build/debian-iptables/iptables-wrapper new file mode 100755 index 0000000000000..c114ef0eb4b76 --- /dev/null +++ b/build/debian-iptables/iptables-wrapper @@ -0,0 +1,44 @@ +#!/bin/sh + +# Copyright 2019 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +# Detect whether the base system is using iptables-legacy or +# iptables-nft. This assumes that some non-containerized process (eg +# kubelet) has already created some iptables rules. + +# Bugs in iptables-nft 1.8.3 may cause it to get stuck in a loop in +# some circumstances, so we have to run the nft check in a timeout. To +# avoid hitting that timeout, we only bother to even check nft if +# legacy iptables was empty / mostly empty. + +num_legacy_lines=$( (iptables-legacy-save || true; ip6tables-legacy-save || true) 2>/dev/null | grep '^-' | wc -l) +if [ "${num_legacy_lines}" -ge 10 ]; then + mode=legacy +else + num_nft_lines=$( (timeout 5 sh -c "iptables-nft-save; ip6tables-nft-save" || true) 2>/dev/null | grep '^-' | wc -l) + if [ "${num_legacy_lines}" -ge "${num_nft_lines}" ]; then + mode=legacy + else + mode=nft + fi +fi + +update-alternatives --set iptables "/usr/sbin/iptables-${mode}" > /dev/null +update-alternatives --set ip6tables "/usr/sbin/ip6tables-${mode}" > /dev/null + +# Now re-exec the original command with the newly-selected alternative +exec "$0" "$@" diff --git a/build/workspace.bzl b/build/workspace.bzl index 7dc5fe4db5fc0..cfa0b0889b31d 100644 --- a/build/workspace.bzl +++ b/build/workspace.bzl @@ -73,21 +73,21 @@ def cri_tarballs(): # Use go get -u github.com/estesp/manifest-tool to find these values _DEBIAN_BASE_DIGEST = { - "manifest": "sha256:6966a0aedd7592c18ff2dd803c08bd85780ee19f5e3a2e7cf908a4cd837afcde", - "amd64": "sha256:8ccb65cd2dd7e0c24193d0742a20e4a673dbd11af5a33f16fcd471a31486866c", - "arm": "sha256:3432b41de3f6dfffdc1386fce961cfd1f9f8e208b3a35070e10ef3e2a733cb17", - "arm64": "sha256:9189251e1d1eb4126d6e6add2e272338f9c8a6a3db38863044625bca4b667f31", - "ppc64le": "sha256:50aa659e1e75e4231ee8293c3b4115e5755bb0517142b9b4bddbc134bf4354db", - "s390x": "sha256:bbb8ee3a2aaca738c00809f450233d98029fea4e319d8faaa30aa94c8b17a806", + "manifest": "sha256:ebda8587ec0f49eb88ee3a608ef018484908cbc5aa32556a0d78356088c185d4", + "amd64": "sha256:d7be39e143d4e6677a28c81c0a84868b40800fc979dea1848bb19d526668a00c", + "arm": "sha256:fc731da13b0bc9013b85a86b583fc92e50869b5bc8e7aa6ca730ec0240954c7d", + "arm64": "sha256:12502c3eed050fa9b6d5fe353a44bfc5f437dc325c8912b1a48dcc180df36f1e", + "ppc64le": "sha256:4277aa59b63c5a1369e6d84a295ecc4ffa08985dcf114de9f7b6de1af4fcbc86", + "s390x": "sha256:78ef2a6b017539379c1654b4e52ba8519bfec821c62d0b3a1dbd15104b711e21", } _DEBIAN_IPTABLES_DIGEST = { - "manifest": "sha256:b522b0035dba3ac2d5c0dbaaf8217bd66248e790332ccfdf653e0f943a280dcf", - "amd64": "sha256:adc40e9ec817c15d35b26d1d6aa4d0f8096fba4c99e26a026159bb0bc98c6a89", - "arm": "sha256:58e8a1d3b187eed2d8d3664cd1c9723e5029698714a24dfca4b6ef42ea27a9d4", - "arm64": "sha256:1a63fdd216fe7b84561d40ab1ebaa0daae1fc73e4232a6caffbd8353d9a14cea", - "ppc64le": "sha256:9f90adbc7513cc96d92fcec7633c4b29e766dd31cf876af03c0b54374e22fa9c", - "s390x": "sha256:4f147708deff2a0163ee49b6980cc95423514bec5f4091612d65773b898fbdae", + "manifest": "sha256:d1cd487e89fb4cba853cd3a948a6e9016faf66f2a7bb53cb1ac6b6c9cb58f5ed", + "amd64": "sha256:852d3c569932059bcab3a52cb6105c432d85b4b7bbd5fc93153b78010e34a783", + "arm": "sha256:c10f01b414a7cd4b2f3e26e152c90c64a1e781d99f83a6809764cf74ecbc46c3", + "arm64": "sha256:5725e6fde13a6405cf800e22846ebd2bde24b0860f1dc3f6f5f256f03cfa85bd", + "ppc64le": "sha256:b6d6e56a0c34c0393dcba0d5faaa531b92e5876114c5ab5a90e82e4889724c5a", + "s390x": "sha256:39e67e9bf25d67fe35bd9dcb25367277e5967368e02f2741e0efd4ce8874db14", } _DEBIAN_HYPERKUBE_BASE_DIGEST = { @@ -113,7 +113,7 @@ def debian_image_dependencies(): digest = _digest(_DEBIAN_BASE_DIGEST, arch), registry = "k8s.gcr.io", repository = "debian-base", - tag = "0.4.1", # ignored, but kept here for documentation + tag = "v2.0.0", # ignored, but kept here for documentation ) container_pull( @@ -122,7 +122,7 @@ def debian_image_dependencies(): digest = _digest(_DEBIAN_IPTABLES_DIGEST, arch), registry = "k8s.gcr.io", repository = "debian-iptables", - tag = "v11.0.2", # ignored, but kept here for documentation + tag = "v12.0.1", # ignored, but kept here for documentation ) container_pull( diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/generated.proto b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/generated.proto index 52bd0f7f13109..de4229cd869bf 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/generated.proto +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/generated.proto @@ -359,6 +359,32 @@ message JSONSchemaProps { optional string type = 5; + // format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + // + // - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + // - uri: an URI as parsed by Golang net/url.ParseRequestURI + // - email: an email address as parsed by Golang net/mail.ParseAddress + // - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + // - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + // - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + // - cidr: a CIDR as parsed by Golang net.ParseCIDR + // - mac: a MAC address as parsed by Golang net.ParseMAC + // - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + // - isbn10: an ISBN10 number string like "0321751043" + // - isbn13: an ISBN13 number string like "978-0321751041" + // - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + // - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + // - hexcolor: an hexadecimal color code like "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + // - rgbcolor: an RGB color code like rgb like "rgb(255,255,2559" + // - byte: base64 encoded binary data + // - password: any kind of string + // - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + // - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + // - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. optional string format = 6; optional string title = 7; diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/types_jsonschema.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/types_jsonschema.go index 628c60389bc6d..cd60312617421 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/types_jsonschema.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1/types_jsonschema.go @@ -23,8 +23,36 @@ type JSONSchemaProps struct { Ref *string `json:"$ref,omitempty" protobuf:"bytes,3,opt,name=ref"` Description string `json:"description,omitempty" protobuf:"bytes,4,opt,name=description"` Type string `json:"type,omitempty" protobuf:"bytes,5,opt,name=type"` - Format string `json:"format,omitempty" protobuf:"bytes,6,opt,name=format"` - Title string `json:"title,omitempty" protobuf:"bytes,7,opt,name=title"` + + // format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + // + // - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + // - uri: an URI as parsed by Golang net/url.ParseRequestURI + // - email: an email address as parsed by Golang net/mail.ParseAddress + // - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + // - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + // - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + // - cidr: a CIDR as parsed by Golang net.ParseCIDR + // - mac: a MAC address as parsed by Golang net.ParseMAC + // - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + // - isbn10: an ISBN10 number string like "0321751043" + // - isbn13: an ISBN13 number string like "978-0321751041" + // - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + // - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + // - hexcolor: an hexadecimal color code like "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + // - rgbcolor: an RGB color code like rgb like "rgb(255,255,2559" + // - byte: base64 encoded binary data + // - password: any kind of string + // - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + // - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + // - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + Format string `json:"format,omitempty" protobuf:"bytes,6,opt,name=format"` + + Title string `json:"title,omitempty" protobuf:"bytes,7,opt,name=title"` // default is a default value for undefined object fields. // Defaulting is a beta feature under the CustomResourceDefaulting feature gate. // Defaulting requires spec.preserveUnknownFields to be false. diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto index 597daf4df9973..705ca07995300 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/generated.proto @@ -411,6 +411,32 @@ message JSONSchemaProps { optional string type = 5; + // format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + // + // - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + // - uri: an URI as parsed by Golang net/url.ParseRequestURI + // - email: an email address as parsed by Golang net/mail.ParseAddress + // - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + // - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + // - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + // - cidr: a CIDR as parsed by Golang net.ParseCIDR + // - mac: a MAC address as parsed by Golang net.ParseMAC + // - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + // - isbn10: an ISBN10 number string like "0321751043" + // - isbn13: an ISBN13 number string like "978-0321751041" + // - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + // - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + // - hexcolor: an hexadecimal color code like "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + // - rgbcolor: an RGB color code like rgb like "rgb(255,255,2559" + // - byte: base64 encoded binary data + // - password: any kind of string + // - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + // - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + // - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. optional string format = 6; optional string title = 7; diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go index 5bbf403f41400..b51a3249969ce 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1/types_jsonschema.go @@ -23,8 +23,36 @@ type JSONSchemaProps struct { Ref *string `json:"$ref,omitempty" protobuf:"bytes,3,opt,name=ref"` Description string `json:"description,omitempty" protobuf:"bytes,4,opt,name=description"` Type string `json:"type,omitempty" protobuf:"bytes,5,opt,name=type"` - Format string `json:"format,omitempty" protobuf:"bytes,6,opt,name=format"` - Title string `json:"title,omitempty" protobuf:"bytes,7,opt,name=title"` + + // format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + // + // - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + // - uri: an URI as parsed by Golang net/url.ParseRequestURI + // - email: an email address as parsed by Golang net/mail.ParseAddress + // - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + // - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + // - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + // - cidr: a CIDR as parsed by Golang net.ParseCIDR + // - mac: a MAC address as parsed by Golang net.ParseMAC + // - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + // - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + // - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + // - isbn10: an ISBN10 number string like "0321751043" + // - isbn13: an ISBN13 number string like "978-0321751041" + // - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + // - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + // - hexcolor: an hexadecimal color code like "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + // - rgbcolor: an RGB color code like rgb like "rgb(255,255,2559" + // - byte: base64 encoded binary data + // - password: any kind of string + // - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + // - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + // - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + Format string `json:"format,omitempty" protobuf:"bytes,6,opt,name=format"` + + Title string `json:"title,omitempty" protobuf:"bytes,7,opt,name=title"` // default is a default value for undefined object fields. // Defaulting is a beta feature under the CustomResourceDefaulting feature gate. // CustomResourceDefinitions with defaults must be created using the v1 (or newer) CustomResourceDefinition API. diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go index 7f54d8396d308..4f459f25ee170 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go @@ -710,7 +710,7 @@ func (r *crdHandler) getOrCreateServingInfoFor(uid types.UID, name string) (*crd if validationSchema != nil && validationSchema.OpenAPIV3Schema != nil && validationSchema.OpenAPIV3Schema.Properties != nil { if statusSchema, ok := validationSchema.OpenAPIV3Schema.Properties["status"]; ok { openapiSchema := &spec.Schema{} - if err := apiservervalidation.ConvertJSONSchemaProps(&statusSchema, openapiSchema); err != nil { + if err := apiservervalidation.ConvertJSONSchemaPropsWithPostProcess(&statusSchema, openapiSchema, apiservervalidation.StripUnsupportedFormatsPostProcess); err != nil { return nil, err } statusValidator = validate.NewSchemaValidator(openapiSchema, nil, "", strfmt.Default, validate.DisableObjectArrayTypeCheck(true)) diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD index 4c6d5d23cb39f..eaf6912f64793 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/BUILD @@ -8,11 +8,15 @@ load( go_library( name = "go_default_library", - srcs = ["validation.go"], + srcs = [ + "formats.go", + "validation.go", + ], importmap = "k8s.io/kubernetes/vendor/k8s.io/apiextensions-apiserver/pkg/apiserver/validation", importpath = "k8s.io/apiextensions-apiserver/pkg/apiserver/validation", deps = [ "//staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library", + "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/validation/field:go_default_library", "//vendor/github.com/go-openapi/errors:go_default_library", "//vendor/github.com/go-openapi/spec:go_default_library", @@ -36,7 +40,10 @@ filegroup( go_test( name = "go_default_test", - srcs = ["validation_test.go"], + srcs = [ + "formats_test.go", + "validation_test.go", + ], embed = [":go_default_library"], deps = [ "//staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions:go_default_library", @@ -49,5 +56,6 @@ go_test( "//staging/src/k8s.io/apimachinery/pkg/util/json:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//vendor/github.com/go-openapi/spec:go_default_library", + "//vendor/github.com/go-openapi/strfmt:go_default_library", ], ) diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/formats.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/formats.go new file mode 100644 index 0000000000000..f0211576f7166 --- /dev/null +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/formats.go @@ -0,0 +1,65 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "strings" + + "github.com/go-openapi/spec" + "k8s.io/apimachinery/pkg/util/sets" +) + +var supportedFormats = sets.NewString( + "bsonobjectid", // bson object ID + "uri", // an URI as parsed by Golang net/url.ParseRequestURI + "email", // an email address as parsed by Golang net/mail.ParseAddress + "hostname", // a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + "ipv4", // an IPv4 IP as parsed by Golang net.ParseIP + "ipv6", // an IPv6 IP as parsed by Golang net.ParseIP + "cidr", // a CIDR as parsed by Golang net.ParseCIDR + "mac", // a MAC address as parsed by Golang net.ParseMAC + "uuid", // an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + "uuid3", // an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + "uuid4", // an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + "uuid5", // an UUID6 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + "isbn", // an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + "isbn10", // an ISBN10 number string like "0321751043" + "isbn13", // an ISBN13 number string like "978-0321751041" + "creditcard", // a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + "ssn", // a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + "hexcolor", // an hexadecimal color code like "#FFFFFF", following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + "rgbcolor", // an RGB color code like rgb like "rgb(255,255,2559" + "byte", // base64 encoded binary data + "password", // any kind of string + "date", // a date string like "2006-01-02" as defined by full-date in RFC3339 + "duration", // a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + "datetime", // a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339 +) + +// StripUnsupportedFormatsPostProcess sets unsupported formats to empty string. +func StripUnsupportedFormatsPostProcess(s *spec.Schema) error { + if len(s.Format) == 0 { + return nil + } + + normalized := strings.Replace(s.Format, "-", "", -1) // go-openapi default format name normalization + if !supportedFormats.Has(normalized) { + s.Format = "" + } + + return nil +} diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/formats_test.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/formats_test.go new file mode 100644 index 0000000000000..b97410efb8298 --- /dev/null +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/formats_test.go @@ -0,0 +1,31 @@ +/* +Copyright 2019 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package validation + +import ( + "testing" + + "github.com/go-openapi/strfmt" +) + +func TestRegistryFormats(t *testing.T) { + for f := range supportedFormats { + if !strfmt.Default.ContainsName(f) { + t.Errorf("expected format %q in strfmt default registry", f) + } + } +} diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go index 5515c49e3e66e..d8944c6e9bc61 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/validation/validation.go @@ -35,7 +35,7 @@ func NewSchemaValidator(customResourceValidation *apiextensions.CustomResourceVa openapiSchema := &spec.Schema{} if customResourceValidation != nil { // TODO: replace with NewStructural(...).ToGoOpenAPI - if err := ConvertJSONSchemaProps(customResourceValidation.OpenAPIV3Schema, openapiSchema); err != nil { + if err := ConvertJSONSchemaPropsWithPostProcess(customResourceValidation.OpenAPIV3Schema, openapiSchema, StripUnsupportedFormatsPostProcess); err != nil { return nil, nil, err } } @@ -103,7 +103,7 @@ func ConvertJSONSchemaProps(in *apiextensions.JSONSchemaProps, out *spec.Schema) type PostProcessFunc func(*spec.Schema) error // ConvertJSONSchemaPropsWithPostProcess converts the schema from apiextensions.JSONSchemaPropos to go-openapi/spec.Schema -// and run a post process step on each JSONSchemaProps node. +// and run a post process step on each JSONSchemaProps node. postProcess is never called for nil schemas. func ConvertJSONSchemaPropsWithPostProcess(in *apiextensions.JSONSchemaProps, out *spec.Schema, postProcess PostProcessFunc) error { if in == nil { return nil diff --git a/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring.go b/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring.go index 712bb5dc85d68..84b4f5884979f 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring.go +++ b/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring.go @@ -102,8 +102,8 @@ func (c *Expiring) Set(key interface{}, val interface{}, ttl time.Duration) { heap.Push(&c.heap, &expiringHeapEntry{ key: key, - generation: c.generation, expiry: expiry, + generation: c.generation, }) } @@ -158,13 +158,13 @@ func (c *Expiring) gc(now time.Time) { type expiringHeapEntry struct { key interface{} - generation uint64 expiry time.Time + generation uint64 } -// expiringHeap is a min-heap ordered by expiration time of it's entries. The -// expiring cache uses this as a priority queue efficiently organize entries to -// be garbage collected once they expire. +// expiringHeap is a min-heap ordered by expiration time of its entries. The +// expiring cache uses this as a priority queue to efficiently organize entries +// which will be garbage collected once they expire. type expiringHeap []*expiringHeapEntry var _ heap.Interface = &expiringHeap{} diff --git a/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring_test.go b/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring_test.go index 4e0b8f83d81f7..53f8707651a1d 100644 --- a/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring_test.go +++ b/staging/src/k8s.io/apimachinery/pkg/util/cache/expiring_test.go @@ -264,6 +264,7 @@ func TestStressExpiringCache(t *testing.T) { for i := 0; i < 256; i++ { wg.Add(1) go func() { + defer wg.Done() rand := rand.New(rand.NewSource(rand.Int63())) for { select { @@ -273,11 +274,18 @@ func TestStressExpiringCache(t *testing.T) { } key := keys[rand.Intn(numKeys)] if _, ok := cache.Get(key); !ok { - cache.Set(key, struct{}{}, time.Second) + cache.Set(key, struct{}{}, 50*time.Millisecond) } } }() } - wg.Done() + wg.Wait() + + // trigger a GC with a set and check the cache size. + time.Sleep(60 * time.Millisecond) + cache.Set("trigger", "gc", time.Second) + if cache.Len() != 1 { + t.Errorf("unexpected cache size: got=%d, want=1", cache.Len()) + } } diff --git a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go index ead404f0ca991..36ff861da7a06 100644 --- a/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go +++ b/staging/src/k8s.io/apiserver/pkg/endpoints/metrics/metrics.go @@ -76,9 +76,10 @@ var ( ) deprecatedRequestCounter = compbasemetrics.NewCounterVec( &compbasemetrics.CounterOpts{ - Name: "apiserver_request_count", - Help: "(Deprecated) Counter of apiserver requests broken out for each verb, group, version, resource, scope, component, client, and HTTP response contentType and code.", - StabilityLevel: compbasemetrics.ALPHA, + Name: "apiserver_request_count", + Help: "Counter of apiserver requests broken out for each verb, group, version, resource, scope, component, client, and HTTP response contentType and code.", + StabilityLevel: compbasemetrics.ALPHA, + DeprecatedVersion: "1.14.0", }, []string{"verb", "group", "version", "resource", "subresource", "scope", "component", "client", "contentType", "code"}, ) @@ -106,21 +107,23 @@ var ( deprecatedRequestLatencies = compbasemetrics.NewHistogramVec( &compbasemetrics.HistogramOpts{ Name: "apiserver_request_latencies", - Help: "(Deprecated) Response latency distribution in microseconds for each verb, group, version, resource, subresource, scope and component.", + Help: "Response latency distribution in microseconds for each verb, group, version, resource, subresource, scope and component.", // Use buckets ranging from 125 ms to 8 seconds. - Buckets: compbasemetrics.ExponentialBuckets(125000, 2.0, 7), - StabilityLevel: compbasemetrics.ALPHA, + Buckets: compbasemetrics.ExponentialBuckets(125000, 2.0, 7), + StabilityLevel: compbasemetrics.ALPHA, + DeprecatedVersion: "1.14.0", }, []string{"verb", "group", "version", "resource", "subresource", "scope", "component"}, ) deprecatedRequestLatenciesSummary = compbasemetrics.NewSummaryVec( &compbasemetrics.SummaryOpts{ Name: "apiserver_request_latencies_summary", - Help: "(Deprecated) Response latency summary in microseconds for each verb, group, version, resource, subresource, scope and component.", + Help: "Response latency summary in microseconds for each verb, group, version, resource, subresource, scope and component.", // Make the sliding window of 5h. // TODO: The value for this should be based on our SLI definition (medium term). - MaxAge: 5 * time.Hour, - StabilityLevel: compbasemetrics.ALPHA, + MaxAge: 5 * time.Hour, + StabilityLevel: compbasemetrics.ALPHA, + DeprecatedVersion: "1.14.0", }, []string{"verb", "group", "version", "resource", "subresource", "scope", "component"}, ) @@ -145,9 +148,10 @@ var ( ) DeprecatedDroppedRequests = compbasemetrics.NewCounterVec( &compbasemetrics.CounterOpts{ - Name: "apiserver_dropped_requests", - Help: "(Deprecated) Number of requests dropped with 'Try again later' response", - StabilityLevel: compbasemetrics.ALPHA, + Name: "apiserver_dropped_requests", + Help: "Number of requests dropped with 'Try again later' response", + StabilityLevel: compbasemetrics.ALPHA, + DeprecatedVersion: "1.14.0", }, []string{"requestKind"}, ) diff --git a/staging/src/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go b/staging/src/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go index 32210db164603..e2c4f1ca0087b 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go @@ -52,9 +52,10 @@ var ( deprecatedEtcdRequestLatenciesSummary = compbasemetrics.NewSummaryVec( &compbasemetrics.SummaryOpts{ - Name: "etcd_request_latencies_summary", - Help: "(Deprecated) Etcd request latency summary in microseconds for each operation and object type.", - StabilityLevel: compbasemetrics.ALPHA, + Name: "etcd_request_latencies_summary", + Help: "Etcd request latency summary in microseconds for each operation and object type.", + StabilityLevel: compbasemetrics.ALPHA, + DeprecatedVersion: "1.14.0", }, []string{"operation", "type"}, ) diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/metrics.go b/staging/src/k8s.io/apiserver/pkg/storage/value/metrics.go index 80d706c8e1a40..3d7f30bfc7167 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/metrics.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/metrics.go @@ -58,11 +58,12 @@ var ( Namespace: namespace, Subsystem: subsystem, Name: "transformation_latencies_microseconds", - Help: "(Deprecated) Latencies in microseconds of value transformation operations.", + Help: "Latencies in microseconds of value transformation operations.", // In-process transformations (ex. AES CBC) complete on the order of 20 microseconds. However, when // external KMS is involved latencies may climb into milliseconds. - Buckets: metrics.ExponentialBuckets(5, 2, 14), - StabilityLevel: metrics.ALPHA, + Buckets: metrics.ExponentialBuckets(5, 2, 14), + StabilityLevel: metrics.ALPHA, + DeprecatedVersion: "1.14.0", }, []string{"transformation_type"}, ) @@ -80,11 +81,12 @@ var ( deprecatedTransformerFailuresTotal = metrics.NewCounterVec( &metrics.CounterOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "transformation_failures_total", - Help: "(Deprecated) Total number of failed transformation operations.", - StabilityLevel: metrics.ALPHA, + Namespace: namespace, + Subsystem: subsystem, + Name: "transformation_failures_total", + Help: "Total number of failed transformation operations.", + StabilityLevel: metrics.ALPHA, + DeprecatedVersion: "1.15.0", }, []string{"transformation_type"}, ) @@ -111,12 +113,13 @@ var ( ) deprecatedDataKeyGenerationLatencies = metrics.NewHistogram( &metrics.HistogramOpts{ - Namespace: namespace, - Subsystem: subsystem, - Name: "data_key_generation_latencies_microseconds", - Help: "(Deprecated) Latencies in microseconds of data encryption key(DEK) generation operations.", - Buckets: metrics.ExponentialBuckets(5, 2, 14), - StabilityLevel: metrics.ALPHA, + Namespace: namespace, + Subsystem: subsystem, + Name: "data_key_generation_latencies_microseconds", + Help: "Latencies in microseconds of data encryption key(DEK) generation operations.", + Buckets: metrics.ExponentialBuckets(5, 2, 14), + StabilityLevel: metrics.ALPHA, + DeprecatedVersion: "1.14.0", }, ) dataKeyGenerationFailuresTotal = metrics.NewCounter( diff --git a/staging/src/k8s.io/apiserver/pkg/storage/value/metrics_test.go b/staging/src/k8s.io/apiserver/pkg/storage/value/metrics_test.go index 22109bb2a9ecf..5fd5b6b961f11 100644 --- a/staging/src/k8s.io/apiserver/pkg/storage/value/metrics_test.go +++ b/staging/src/k8s.io/apiserver/pkg/storage/value/metrics_test.go @@ -48,68 +48,52 @@ func TestTotals(t *testing.T) { prefix: NewPrefixTransformers(nil, nonStatusErrTransformer), metrics: []string{ "apiserver_storage_transformation_operations_total", - "apiserver_storage_transformation_failures_total", }, want: ` -# HELP apiserver_storage_transformation_failures_total [ALPHA] (Deprecated) Total number of failed transformation operations. -# TYPE apiserver_storage_transformation_failures_total counter -apiserver_storage_transformation_failures_total{transformation_type="from_storage"} 1 -apiserver_storage_transformation_failures_total{transformation_type="to_storage"} 1 -# HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. -# TYPE apiserver_storage_transformation_operations_total counter -apiserver_storage_transformation_operations_total{status="Unknown",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -apiserver_storage_transformation_operations_total{status="Unknown",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -`, + # HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. + # TYPE apiserver_storage_transformation_operations_total counter + apiserver_storage_transformation_operations_total{status="Unknown",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + apiserver_storage_transformation_operations_total{status="Unknown",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + `, }, { desc: "ok", prefix: NewPrefixTransformers(nil, okTransformer), metrics: []string{ "apiserver_storage_transformation_operations_total", - "apiserver_storage_transformation_failures_total", }, want: ` -# HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. -# TYPE apiserver_storage_transformation_operations_total counter -apiserver_storage_transformation_operations_total{status="OK",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -apiserver_storage_transformation_operations_total{status="OK",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -`, + # HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. + # TYPE apiserver_storage_transformation_operations_total counter + apiserver_storage_transformation_operations_total{status="OK",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + apiserver_storage_transformation_operations_total{status="OK",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + `, }, { desc: "failed precondition", prefix: NewPrefixTransformers(nil, failedPreconditionErrTransformer), metrics: []string{ "apiserver_storage_transformation_operations_total", - "apiserver_storage_transformation_failures_total", }, want: ` -# HELP apiserver_storage_transformation_failures_total [ALPHA] (Deprecated) Total number of failed transformation operations. -# TYPE apiserver_storage_transformation_failures_total counter -apiserver_storage_transformation_failures_total{transformation_type="from_storage"} 1 -apiserver_storage_transformation_failures_total{transformation_type="to_storage"} 1 -# HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. -# TYPE apiserver_storage_transformation_operations_total counter -apiserver_storage_transformation_operations_total{status="FailedPrecondition",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -apiserver_storage_transformation_operations_total{status="FailedPrecondition",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -`, + # HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. + # TYPE apiserver_storage_transformation_operations_total counter + apiserver_storage_transformation_operations_total{status="FailedPrecondition",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + apiserver_storage_transformation_operations_total{status="FailedPrecondition",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + `, }, { desc: "internal", prefix: NewPrefixTransformers(nil, internalErrTransformer), metrics: []string{ "apiserver_storage_transformation_operations_total", - "apiserver_storage_transformation_failures_total", }, want: ` -# HELP apiserver_storage_transformation_failures_total [ALPHA] (Deprecated) Total number of failed transformation operations. -# TYPE apiserver_storage_transformation_failures_total counter -apiserver_storage_transformation_failures_total{transformation_type="from_storage"} 1 -apiserver_storage_transformation_failures_total{transformation_type="to_storage"} 1 -# HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. -# TYPE apiserver_storage_transformation_operations_total counter -apiserver_storage_transformation_operations_total{status="Internal",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -apiserver_storage_transformation_operations_total{status="Internal",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 -`, + # HELP apiserver_storage_transformation_operations_total [ALPHA] Total number of transformations. + # TYPE apiserver_storage_transformation_operations_total counter + apiserver_storage_transformation_operations_total{status="Internal",transformation_type="from_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + apiserver_storage_transformation_operations_total{status="Internal",transformation_type="to_storage",transformer_prefix="k8s:enc:kms:v1:"} 1 + `, }, } diff --git a/test/e2e/apimachinery/crd_publish_openapi.go b/test/e2e/apimachinery/crd_publish_openapi.go index ec27a9d9f2290..dc7e236ebf56d 100644 --- a/test/e2e/apimachinery/crd_publish_openapi.go +++ b/test/e2e/apimachinery/crd_publish_openapi.go @@ -649,7 +649,7 @@ func convertJSONSchemaProps(in []byte, out *spec.Schema) error { if err := apiextensionsv1.Convert_v1_JSONSchemaProps_To_apiextensions_JSONSchemaProps(&external, &internal, nil); err != nil { return err } - if err := validation.ConvertJSONSchemaProps(&internal, out); err != nil { + if err := validation.ConvertJSONSchemaPropsWithPostProcess(&internal, out, validation.StripUnsupportedFormatsPostProcess); err != nil { return err } return nil diff --git a/test/e2e/framework/metrics/interesting_metrics.go b/test/e2e/framework/metrics/interesting_metrics.go index 3043f862fcdf7..a504c119eda96 100644 --- a/test/e2e/framework/metrics/interesting_metrics.go +++ b/test/e2e/framework/metrics/interesting_metrics.go @@ -18,9 +18,7 @@ package metrics var interestingAPIServerMetrics = []string{ "apiserver_request_total", - // TODO(krzysied): apiserver_request_latencies_summary is a deprecated metric. - // It should be replaced with new metric. - "apiserver_request_latencies_summary", + "apiserver_request_latency_seconds", "apiserver_init_events_total", }