diff --git a/Dockerfile b/Dockerfile index 8e7a7a3db..bcda90cac 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ # SPDX-License-Identifier: Apache-2.0 ############# builder ############# -FROM golang:1.22.5 AS builder +FROM golang:1.23.0 AS builder WORKDIR /build diff --git a/Makefile b/Makefile index b502ab243..5344c85ed 100644 --- a/Makefile +++ b/Makefile @@ -60,14 +60,6 @@ build-local: -ldflags "-X main.Version=$(VERSION)-$(shell git rev-parse HEAD)"\ ./cmd/compound -.PHONY: build-local-dedicated -build-local-dedicated: - @CGO_ENABLED=1 go build -o $(EXECUTABLE)-dedicated \ - -race \ - -gcflags="all=-N -l" \ - -ldflags "-X main.Version=$(VERSION)-$(shell git rev-parse HEAD)"\ - ./cmd/dedicated - .PHONY: release release: @CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o $(EXECUTABLE) \ diff --git a/README.md b/README.md index 97375b86e..81313c72b 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ It contains provisioning controllers for creating DNS records in one of the DNS - [_Netlify DNS_](docs/netlify/README.md), - [_remote_](docs/remote/README.md), - [_DNS servers supporting RFC 2136 (DNS Update)_](docs/rfc2136/README.md) *(alpha - not recommended for productive usage)*, + - [_powerdns_](docs/powerdns/README.md), and source controllers for services and ingresses to create DNS entries by annotations. @@ -528,6 +529,7 @@ The following provider types can be selected (comma separated): - `infoblox-dns`: Infoblox DNS provider - `netlify-dns`: Netlify DNS provider - `remote`: Remote DNS provider (a dns-controller-manager with enabled remote access service) +- `powerdns`: PowerDNS provider If the compound DNS Provisioning Controller is enabled it is important to specify a unique controller identity using the `--identifier` option. diff --git a/VERSION b/VERSION index 8b7662202..964e4a9f9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v0.20.2-dev \ No newline at end of file +v0.21.1-dev \ No newline at end of file diff --git a/charts/external-dns-management/templates/clusterrole.yaml b/charts/external-dns-management/templates/clusterrole.yaml index 0c9fd0adc..1373ce6c4 100644 --- a/charts/external-dns-management/templates/clusterrole.yaml +++ b/charts/external-dns-management/templates/clusterrole.yaml @@ -63,10 +63,6 @@ rules: - dnsowners/status - dnshostedzonepolicies - dnshostedzonepolicies/status - - dnslocks - - dnslocks/status - - remoteaccesscertificates - - remoteaccesscertificates/status verbs: - get - list @@ -91,6 +87,15 @@ rules: - update - create - watch +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - delete + resourceNames: + - "dnslocks.dns.gardener.cloud" + - "remoteaccesscertificates.dns.gardener.cloud" {{- if semverCompare "<1.24-0" .Capabilities.KubeVersion.GitVersion }} - apiGroups: - policy diff --git a/charts/external-dns-management/templates/crds.yaml b/charts/external-dns-management/templates/crds.yaml index 2b3823410..0754a23b9 100644 --- a/charts/external-dns-management/templates/crds.yaml +++ b/charts/external-dns-management/templates/crds.yaml @@ -403,30 +403,9 @@ spec: description: state of the ownerid for the DNS controller observing entry using this owner id (default:true) type: boolean - dnsActivation: - description: Optional activation info for controlling the owner activation - remotely via DNS TXT record - properties: - dnsName: - description: DNS name for controlling the owner activation remotely - via DNS TXT record - type: string - value: - description: Optional value for the DNS activation record used - to activate this owner The default is the id of the cluster - used to read the owner object - type: string - required: - - dnsName - type: object ownerId: description: owner id used to tag entries in external DNS system type: string - validUntil: - description: optional time this owner should be active if active flag - is not false - format: date-time - type: string required: - ownerId type: object @@ -793,163 +772,4 @@ spec: storage: true subresources: status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - helm.sh/chart: {{ include "external-dns-management.chart" . }} - app.kubernetes.io/name: {{ include "external-dns-management.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - name: dnslocks.dns.gardener.cloud -spec: - group: dns.gardener.cloud - names: - kind: DNSLock - listKind: DNSLockList - plural: dnslocks - shortNames: - - dnsl - singular: dnslock - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: FQDN of DNS Entry - jsonPath: .spec.dnsName - name: DNS - type: string - - description: provider type - jsonPath: .status.providerType - name: TYPE - type: string - - description: assigned provider (namespace/name) - jsonPath: .status.provider - name: PROVIDER - type: string - - description: entry status - jsonPath: .status.state - name: STATUS - type: string - - description: entry creation timestamp - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - description: owner group id used to tag entries in external DNS system - jsonPath: .spec.ownerGroupId - name: OWNERID - type: string - - description: time to live - jsonPath: .status.ttl - name: TTL - priority: 2000 - type: integer - - description: zone id - jsonPath: .status.zone - name: ZONE - priority: 2000 - type: string - - description: message describing the reason for the state - jsonPath: .status.message - name: MESSAGE - priority: 2000 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - attributes: - additionalProperties: - type: string - description: attribute values (must be compatible with DNS TXT records) - type: object - dnsName: - description: full qualified domain name - type: string - lockId: - description: owner group for collaboration of multiple controller - type: string - timestamp: - description: Activation time stamp - format: date-time - type: string - ttl: - description: time to live for records in external DNS system - format: int64 - type: integer - required: - - dnsName - - timestamp - - ttl - type: object - status: - properties: - attributes: - additionalProperties: - type: string - description: attribute values found in DNS - type: object - firstFailedDNSLookup: - description: First failed DNS looup - format: date-time - type: string - lastUpdateTime: - description: lastUpdateTime contains the timestamp of the last status - update - format: date-time - type: string - lockId: - description: owner group for collaboration of multiple controller - found in DNS - type: string - message: - description: message describing the reason for the state - type: string - observedGeneration: - format: int64 - type: integer - provider: - description: assigned provider - type: string - providerType: - description: provider type used for the entry - type: string - state: - description: entry state - type: string - timestamp: - description: Activation time stamp found in DNS - format: date-time - type: string - ttl: - description: time to live used for the entry - format: int64 - type: integer - zone: - description: zone used for the entry - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} {{- end }} diff --git a/charts/external-dns-management/templates/deployment.yaml b/charts/external-dns-management/templates/deployment.yaml index 63e867980..d38c6fc67 100644 --- a/charts/external-dns-management/templates/deployment.yaml +++ b/charts/external-dns-management/templates/deployment.yaml @@ -897,12 +897,6 @@ spec: {{- if .Values.configuration.remoteRatelimiterQps }} - --remote.ratelimiter.qps={{ .Values.configuration.remoteRatelimiterQps }} {{- end }} - {{- if .Values.configuration.remoteaccesscertificatesDefaultPoolSize }} - - --remoteaccesscertificates.default.pool.size={{ .Values.configuration.remoteaccesscertificatesDefaultPoolSize }} - {{- end }} - {{- if .Values.configuration.remoteaccesscertificatesPoolSize }} - - --remoteaccesscertificates.pool.size={{ .Values.configuration.remoteaccesscertificatesPoolSize }} - {{- end }} {{- if .Values.configuration.rescheduleDelay }} - --reschedule-delay={{ .Values.configuration.rescheduleDelay }} {{- end }} diff --git a/charts/external-dns-management/templates/secret-remoteaccess.yaml b/charts/external-dns-management/templates/secret-remoteaccess.yaml index 55558e026..f2830ba05 100644 --- a/charts/external-dns-management/templates/secret-remoteaccess.yaml +++ b/charts/external-dns-management/templates/secret-remoteaccess.yaml @@ -8,9 +8,6 @@ metadata: type: Opaque data: ca.crt: {{ .Values.remoteaccess.certs.ca.cert }} -{{- if .Values.remoteaccess.certs.ca.key }} - ca.key: {{ .Values.remoteaccess.certs.ca.key }} -{{- end }} {{- if not .Values.remoteaccess.certs.server.secretName }} --- apiVersion: v1 diff --git a/charts/external-dns-management/values.yaml b/charts/external-dns-management/values.yaml index 500de71da..b81c63e1f 100644 --- a/charts/external-dns-management/values.yaml +++ b/charts/external-dns-management/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: repository: europe-docker.pkg.dev/gardener-project/public/dns-controller-manager - tag: v0.20.2-master + tag: v0.21.1-master pullPolicy: IfNotPresent env: [] @@ -323,8 +323,6 @@ configuration: # remoteRatelimiterBurst: # remoteRatelimiterEnabled: # remoteRatelimiterQps: - # remoteaccesscertificatesDefaultPoolSize: - # remoteaccesscertificatesPoolSize: # rescheduleDelay: 120s # rfc2136AdvancedBatchSize: # rfc2136AdvancedMaxRetries: @@ -412,7 +410,6 @@ remoteaccess: # certs: # ca: # cert: LS0t... # CA used for client certs -# #key: LS0t... # only needed if remoteaccesscertificates controller is enabled # server: # #secretName: remoteaccess-service # if managed server certificate is used # cert: LS0t... # only needed if certificate is not managed diff --git a/cmd/compound/main.go b/cmd/compound/main.go index 4e3f705b7..931daa395 100644 --- a/cmd/compound/main.go +++ b/cmd/compound/main.go @@ -14,6 +14,7 @@ import ( "github.com/gardener/controller-manager-library/pkg/controllermanager/controller/mappings" "github.com/gardener/controller-manager-library/pkg/resources" "github.com/gardener/controller-manager-library/pkg/utils" + resourcesv1alpha1 "github.com/gardener/gardener/pkg/apis/resources/v1alpha1" _ "go.uber.org/automaxprocs" istionetworkingv1 "istio.io/client-go/pkg/apis/networking/v1" istionetworkingv1alpha3 "istio.io/client-go/pkg/apis/networking/v1alpha3" @@ -38,9 +39,9 @@ import ( _ "github.com/gardener/external-dns-management/pkg/controller/provider/infoblox" _ "github.com/gardener/external-dns-management/pkg/controller/provider/netlify" _ "github.com/gardener/external-dns-management/pkg/controller/provider/openstack" + _ "github.com/gardener/external-dns-management/pkg/controller/provider/powerdns" _ "github.com/gardener/external-dns-management/pkg/controller/provider/remote" _ "github.com/gardener/external-dns-management/pkg/controller/provider/rfc2136" - _ "github.com/gardener/external-dns-management/pkg/controller/remoteaccesscertificates" _ "github.com/gardener/external-dns-management/pkg/controller/replication/dnsprovider" _ "github.com/gardener/external-dns-management/pkg/controller/source/dnsentry" _ "github.com/gardener/external-dns-management/pkg/controller/source/gateways/crdwatch" @@ -76,19 +77,15 @@ func init() { utils.Must(resources.Register(gatewayapisv1alpha2.SchemeBuilder)) utils.Must(resources.Register(gatewayapisv1beta1.SchemeBuilder)) utils.Must(resources.Register(gatewayapisv1.SchemeBuilder)) + utils.Must(resources.Register(resourcesv1alpha1.SchemeBuilder)) embed.RegisterCreateServerFunc(remote.CreateServer) } -func migrateExtensionsIngress(c controllermanager.Configuration) controllermanager.Configuration { - return c.GlobalGroupKindMigrations(resources.NewGroupKind("extensions", "Ingress"), - resources.NewGroupKind("networking.k8s.io", "Ingress")) -} - func main() { if len(os.Args) == 2 && os.Args[1] == "version" { fmt.Println(Version) os.Exit(0) } - controllermanager.Start("dns-controller-manager", "dns controller manager", "nothing", migrateExtensionsIngress) + controllermanager.Start("dns-controller-manager", "dns controller manager", "nothing") } diff --git a/cmd/dedicated/main.go b/cmd/dedicated/main.go deleted file mode 100644 index 572549b44..000000000 --- a/cmd/dedicated/main.go +++ /dev/null @@ -1,77 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package main - -import ( - "fmt" - "os" - - "github.com/gardener/controller-manager-library/pkg/controllermanager" - "github.com/gardener/controller-manager-library/pkg/controllermanager/cluster" - "github.com/gardener/controller-manager-library/pkg/controllermanager/controller" - "github.com/gardener/controller-manager-library/pkg/controllermanager/controller/mappings" - "github.com/gardener/controller-manager-library/pkg/resources" - "github.com/gardener/controller-manager-library/pkg/utils" - _ "go.uber.org/automaxprocs" - coordinationv1 "k8s.io/api/coordination/v1" - networkingv1 "k8s.io/api/networking/v1" - _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" - _ "k8s.io/client-go/plugin/pkg/client/auth/oidc" - - "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - _ "github.com/gardener/external-dns-management/pkg/controller/annotation/annotations" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/alicloud/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/aws/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/azure-private/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/azure/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/cloudflare/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/google/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/infoblox/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/netlify/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/openstack/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/remote/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/provider/rfc2136/controller" - _ "github.com/gardener/external-dns-management/pkg/controller/remoteaccesscertificates" - _ "github.com/gardener/external-dns-management/pkg/controller/replication/dnsprovider" - _ "github.com/gardener/external-dns-management/pkg/controller/source/dnsentry" - _ "github.com/gardener/external-dns-management/pkg/controller/source/gateways/crdwatch" - _ "github.com/gardener/external-dns-management/pkg/controller/source/gateways/gatewayapi" - _ "github.com/gardener/external-dns-management/pkg/controller/source/gateways/istio" - _ "github.com/gardener/external-dns-management/pkg/controller/source/ingress" - _ "github.com/gardener/external-dns-management/pkg/controller/source/service" - dnsprovider "github.com/gardener/external-dns-management/pkg/dns/provider" - dnssource "github.com/gardener/external-dns-management/pkg/dns/source" - _ "github.com/gardener/external-dns-management/pkg/server/pprof" -) - -var Version string - -func init() { - cluster.Configure( - dnsprovider.PROVIDER_CLUSTER, - "providers", - "cluster to look for provider objects", - ).Fallback(dnssource.TARGET_CLUSTER).MustRegister() - - mappings.ForControllerGroup(dnsprovider.CONTROLLER_GROUP_DNS_CONTROLLERS). - Map(controller.CLUSTER_MAIN, dnssource.TARGET_CLUSTER).MustRegister() - - utils.Must(resources.Register(v1alpha1.SchemeBuilder)) - utils.Must(resources.Register(coordinationv1.SchemeBuilder)) - utils.Must(resources.Register(networkingv1.SchemeBuilder)) -} - -func migrateExtensionsIngress(c controllermanager.Configuration) controllermanager.Configuration { - return c.GlobalGroupKindMigrations(resources.NewGroupKind("extensions", "Ingress"), - resources.NewGroupKind("networking.k8s.io", "Ingress")) -} - -func main() { - if len(os.Args) == 2 && os.Args[1] == "version" { - fmt.Println(Version) - os.Exit(0) - } - controllermanager.Start("dns-controller-manager", "dns controller manager", "nothing", migrateExtensionsIngress) -} diff --git a/cmd/play/main.go b/cmd/play/main.go deleted file mode 100644 index 195a6a37a..000000000 --- a/cmd/play/main.go +++ /dev/null @@ -1,27 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package main - -import ( - "fmt" - - "github.com/aliyun/alibaba-cloud-sdk-go/services/alidns" - - "github.com/gardener/external-dns-management/pkg/controller/provider/alicloud" - "github.com/gardener/external-dns-management/pkg/dns/provider/raw" -) - -func main() { - var r raw.Record - - ali := alidns.Record{Value: "test"} - - r = (*alicloud.Record)(&ali) - - fmt.Printf("Value: %s\n", r.GetValue()) - - back := (*alidns.Record)(r.(*alicloud.Record)) - fmt.Printf("Value: %s\n", back.Value) -} diff --git a/docs/powerdns/README.md b/docs/powerdns/README.md new file mode 100644 index 000000000..f3582636b --- /dev/null +++ b/docs/powerdns/README.md @@ -0,0 +1,26 @@ +# PowerDNS Provider + +This DNS provider allows you to create and manage DNS entries with [PowerDNS](https://www.powerdns.com/). + +## Required permissions + +There are no special permissions for the `apiToken`. + +## Credentials + +You need to have an `apiToken` and the url of your PowerDNS `server` in place. + +Create a `Secret` resource. All credentials need to be base64 encoded. + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: powerdns-credentials + namespace: default +type: Opaque +data: + # replace '...' with values encoded as base64 + apiToken: ... # your PowerDNS token + server: ... # your PowerDNS server url +``` diff --git a/docs/remote/README.md b/docs/remote/README.md index b54e779a6..d56d5d9e5 100644 --- a/docs/remote/README.md +++ b/docs/remote/README.md @@ -61,7 +61,6 @@ remoteaccess: certs: ca: cert: LS0t... # CA used for client certs - #key: LS0t... # only needed if remoteaccesscertificates controller is enabled server: #secretName: remoteaccess-service # if managed server certificate is used cert: LS0t... # only needed if certificate is not managed diff --git a/examples/20-secret-powerdns-credentials.yaml b/examples/20-secret-powerdns-credentials.yaml new file mode 100644 index 000000000..4aa9ec542 --- /dev/null +++ b/examples/20-secret-powerdns-credentials.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: powerdns-credentials + namespace: default +type: Opaque +data: + # replace '...' with values encoded as base64 + apiToken: ... # your PowerDNS token + server: ... # your PowerDNS server url diff --git a/examples/30-provider-powerdns.yaml b/examples/30-provider-powerdns.yaml new file mode 100644 index 000000000..9e13d1111 --- /dev/null +++ b/examples/30-provider-powerdns.yaml @@ -0,0 +1,12 @@ +apiVersion: dns.gardener.cloud/v1alpha1 +kind: DNSProvider +metadata: + name: powerdns + namespace: default +spec: + type: powerdns + secretRef: + name: powerdns-credentials + domains: + include: + - my.own.domain.com diff --git a/examples/60-owner.yaml b/examples/60-owner.yaml index 3d778cf63..2f74fade9 100644 --- a/examples/60-owner.yaml +++ b/examples/60-owner.yaml @@ -6,7 +6,3 @@ metadata: spec: ownerId: second-owner-id active: true - #validUntil: "2020-06-10T14:51:00Z" # After the specified time the owner object will be inactivated - #dnsActivation: # optional remote activation controlled by a DNS TXT record - # dnsName: any.domain.name # DNS Name to lookup TXT records (always required if dnsActivation is specified) - # value: record-content # optional value to lookup in records required for activation (defaulted by cluster id) \ No newline at end of file diff --git a/examples/90-dnslock.yaml b/examples/90-dnslock.yaml deleted file mode 100644 index 1985e1acf..000000000 --- a/examples/90-dnslock.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: dns.gardener.cloud/v1alpha1 -kind: DNSLock -metadata: - name: sample-lock - namespace: default -spec: - timestamp: "2021-07-05T11:48:00Z" - dnsName: sample-lock.foo.dev.k8s.ondemand.com - ttl: 120 - attributes: - _: my-lock-id # `_` means key-less attribute as used for DNS activation of a DNSOwner - #mykey: myvalue \ No newline at end of file diff --git a/examples/91-remoteaccesscertificate.yaml b/examples/91-remoteaccesscertificate.yaml deleted file mode 100644 index 4094aa6d9..000000000 --- a/examples/91-remoteaccesscertificate.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: dns.gardener.cloud/v1alpha1 -kind: RemoteAccessCertificate -metadata: - name: rcert1 - namespace: default -spec: - type: client - domainName: seed.dev.foo - secretName: rcc1 - days: 23 diff --git a/go.mod b/go.mod index 3c08eaa19..f85e018ad 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module github.com/gardener/external-dns-management -go 1.22 +go 1.22.4 + +toolchain go1.22.5 require ( github.com/Azure/azure-sdk-for-go/sdk/azcore v1.12.0 @@ -11,59 +13,60 @@ require ( github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190603021944-12ad9f921c0b github.com/aws/aws-sdk-go v1.44.173 github.com/cloudflare/cloudflare-go v0.11.4 - github.com/gardener/controller-manager-library v0.2.1-0.20240610092456-2d1cdc3e6f13 + github.com/gardener/controller-manager-library v0.2.1-0.20240816122604-33f686e858cc + github.com/gardener/gardener v1.101.0 github.com/go-openapi/runtime v0.24.1 github.com/go-openapi/strfmt v0.21.2 github.com/gophercloud/gophercloud v0.24.0 github.com/gophercloud/utils v0.0.0-20220307143606-8e7800759d16 github.com/infobloxopen/infoblox-go-client/v2 v2.1.0 - github.com/miekg/dns v1.1.51 + github.com/joeig/go-powerdns/v3 v3.10.0 + github.com/miekg/dns v1.1.58 github.com/netlify/open-api v1.1.0 github.com/onsi/ginkgo/v2 v2.19.0 - github.com/onsi/gomega v1.33.1 + github.com/onsi/gomega v1.34.0 github.com/prometheus/client_golang v1.18.0 go.uber.org/atomic v1.10.0 - go.uber.org/automaxprocs v1.4.0 - golang.org/x/oauth2 v0.16.0 - golang.org/x/sync v0.7.0 - golang.org/x/tools v0.22.0 + go.uber.org/automaxprocs v1.5.3 + golang.org/x/oauth2 v0.20.0 + golang.org/x/sync v0.8.0 + golang.org/x/tools v0.24.0 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 google.golang.org/api v0.149.0 google.golang.org/grpc v1.62.1 - google.golang.org/protobuf v1.33.0 - istio.io/api v1.22.0 + google.golang.org/protobuf v1.34.1 + istio.io/api v1.22.3 istio.io/client-go v1.22.0 - k8s.io/api v0.29.5 - k8s.io/apiextensions-apiserver v0.29.5 - k8s.io/apimachinery v0.29.5 - k8s.io/client-go v0.29.5 - k8s.io/code-generator v0.29.5 - k8s.io/utils v0.0.0-20230726121419-3b25d923346b + k8s.io/api v0.29.7 + k8s.io/apiextensions-apiserver v0.29.7 + k8s.io/apimachinery v0.29.7 + k8s.io/client-go v0.29.7 + k8s.io/code-generator v0.29.7 + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 sigs.k8s.io/controller-runtime v0.17.5 - sigs.k8s.io/controller-tools v0.13.0 + sigs.k8s.io/controller-tools v0.14.0 sigs.k8s.io/gateway-api v1.0.0 sigs.k8s.io/kind v0.18.0 ) require ( - cloud.google.com/go/compute v1.23.3 // indirect - cloud.google.com/go/compute/metadata v0.2.3 // indirect + cloud.google.com/go/compute/metadata v0.3.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.9.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect - github.com/BurntSushi/toml v1.0.0 // indirect + github.com/BurntSushi/toml v1.3.2 // indirect github.com/Masterminds/semver/v3 v3.2.1 // indirect github.com/alessio/shellescape v1.4.1 // indirect github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.7.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.8.0 // indirect - github.com/fatih/color v1.15.0 // indirect + github.com/fatih/color v1.16.0 // indirect github.com/go-logr/logr v1.4.1 // indirect github.com/go-openapi/analysis v0.21.2 // indirect - github.com/go-openapi/errors v0.20.2 // indirect + github.com/go-openapi/errors v0.20.4 // indirect github.com/go-openapi/jsonpointer v0.20.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/loads v0.21.1 // indirect @@ -95,40 +98,39 @@ require ( github.com/kylelemons/godebug v1.1.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.17 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect - github.com/mitchellh/mapstructure v1.4.3 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/oklog/ulid v1.3.1 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect - github.com/pelletier/go-toml v1.9.4 // indirect + github.com/pelletier/go-toml v1.9.5 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/client_model v0.6.0 // indirect github.com/prometheus/common v0.45.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sirupsen/logrus v1.9.3 // indirect - github.com/spf13/cobra v1.8.0 // indirect + github.com/spf13/cobra v1.8.1 // indirect github.com/spf13/pflag v1.0.5 // indirect go.mongodb.org/mongo-driver v1.8.3 // indirect go.opencensus.io v0.24.0 // indirect - golang.org/x/crypto v0.24.0 // indirect + golang.org/x/crypto v0.26.0 // indirect golang.org/x/lint v0.0.0-20190930215403-16217165b5de // indirect - golang.org/x/mod v0.18.0 // indirect - golang.org/x/net v0.26.0 // indirect - golang.org/x/sys v0.21.0 // indirect - golang.org/x/term v0.21.0 // indirect - golang.org/x/text v0.16.0 // indirect - golang.org/x/time v0.3.0 // indirect - google.golang.org/appengine v1.6.8 // indirect + golang.org/x/mod v0.20.0 // indirect + golang.org/x/net v0.28.0 // indirect + golang.org/x/sys v0.23.0 // indirect + golang.org/x/term v0.23.0 // indirect + golang.org/x/text v0.17.0 // indirect + golang.org/x/time v0.6.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240314234333-6e1732d8331c // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/ini.v1 v1.62.0 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 // indirect diff --git a/go.sum b/go.sum index 06e2837e5..93d7e4ccd 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go/compute v1.23.3 h1:6sVlXXBmbd7jNX0Ipq0trII3e4n1/MsADLK6a+aiVlk= -cloud.google.com/go/compute v1.23.3/go.mod h1:VCgBUoMnIVIR0CscqQiPJLAG25E3ZRZMzcFZeQ+h8CI= -cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= -cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= +cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc= +cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.12.0 h1:1nGuui+4POelzDwI7RG56yfQJHCnKvwfMoU7VsEp+Zg= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.12.0/go.mod h1:99EvauvlcJ1U06amZiksfYz/3aFGyIhWGHVyiZXtBAI= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 h1:tfLQ34V6F7tVSwoTf/4lH5sE0o6eCJuNDTmH09nDpbc= @@ -32,8 +30,9 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.0.0 h1:dtDWrepsVPfW9H/4y7dDgFc2MBUSeJhlaDtK13CxFlU= github.com/BurntSushi/toml v1.0.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= +github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/MartinWeindel/infoblox-go-client/v2 v2.0.0-20221122085954-b7d80ebb106b h1:5ltgdUOqRohN2Z/Xg8D0XUq2/Dir5kHvutd8CIkMZis= github.com/MartinWeindel/infoblox-go-client/v2 v2.0.0-20221122085954-b7d80ebb106b/go.mod h1:+lznx4ASBSUZ2i6qwlgyn0v3eKDxBHNU5aRJzghAFbw= github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= @@ -53,6 +52,8 @@ github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190603021944-12ad9f921c0b h1:eQd github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190603021944-12ad9f921c0b/go.mod h1:myCDvQSzCW+wB1WAlocEru4wMGJxy+vlxHdhegi1CDQ= github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= +github.com/andybalholm/brotli v1.1.0 h1:eLKJA0d02Lf0mVpIDgYnqXcUn0GqVmEFny3VuID1U3M= +github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= @@ -85,11 +86,12 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7 github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/deadcheat/goblet v1.3.1/go.mod h1:IrMNyAwyrVgB30HsND2WgleTUM4wHTS9m40yNY6NJQg= github.com/deadcheat/gonch v0.0.0-20180528124129-c2ff7a019863/go.mod h1:/5mH3gAuXUxGN3maOBAxBfB8RXvP9tBIX5fx2x1k0V0= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= @@ -107,14 +109,16 @@ github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLi github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= -github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= -github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/gardener/controller-manager-library v0.2.1-0.20240610092456-2d1cdc3e6f13 h1:hmJwTmqLBGEPtVDW5tEZiW432m9/zb7BnBo4oZCTmaw= -github.com/gardener/controller-manager-library v0.2.1-0.20240610092456-2d1cdc3e6f13/go.mod h1:hszuZW/ht2BkGWQZKKejZfgF8H83mp7XMVdo8i1LJzo= +github.com/gardener/controller-manager-library v0.2.1-0.20240816122604-33f686e858cc h1:G/mTdYdrGbOWdi2uzlNxPEZWAQblKfdpDGve5Wg9wk8= +github.com/gardener/controller-manager-library v0.2.1-0.20240816122604-33f686e858cc/go.mod h1:f8YBvgQ0yC7wCUm5OZUJjT57ngJYh8u9nExmKquvAyg= +github.com/gardener/gardener v1.101.0 h1:ZWpRfhl6IIq3VfpanUnYaP2LSeeDcBY+sxesVFQT55U= +github.com/gardener/gardener v1.101.0/go.mod h1:xoSdYcjUEUg5H5sQepb3jApml6QWHQCmWsFwBMm06fA= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= @@ -143,8 +147,9 @@ github.com/go-openapi/errors v0.19.3/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA github.com/go-openapi/errors v0.19.4/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= -github.com/go-openapi/errors v0.20.2 h1:dxy7PGTqEh94zj2E3h1cUmQQWiM1+aeCROfAr02EmK8= github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.20.4 h1:unTcVm6PispJsMECE3zWgvG4xTiKda1LIR5rCRWLG6M= +github.com/go-openapi/errors v0.20.4/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= github.com/go-openapi/inflect v0.19.0/go.mod h1:lHpZVlpIQqLyKwJ4N+YSc9hchQy/i12fJykb83CRBH4= github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= @@ -273,8 +278,6 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= @@ -288,7 +291,6 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -316,7 +318,6 @@ github.com/gophercloud/gophercloud v0.24.0 h1:jDsIMGJ1KZpAjYfQgGI2coNQj5Q83oPzui github.com/gophercloud/gophercloud v0.24.0/go.mod h1:Q8fZtyi5zZxPS/j9aj3sSxtvj41AdQMDwyo1myduD5c= github.com/gophercloud/utils v0.0.0-20220307143606-8e7800759d16 h1:slt/exMiitZNY+5OrKJ6ZvSogqN+SyzeYzAtyI6db9A= github.com/gophercloud/utils v0.0.0-20220307143606-8e7800759d16/go.mod h1:qOGlfG6OIJ193/c3Xt/XjOfHataNZdQcVgiu93LxBUM= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v1.4.2/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= @@ -333,12 +334,16 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/ironcore-dev/vgopath v0.1.4 h1:hBMuv7+wnZp5JHkVfdg4mtP8hsIGvuv42+l+F2wmQxk= github.com/ironcore-dev/vgopath v0.1.4/go.mod h1:PTGnX8xW/QDytFR7oU4kcXr1RPDLCgAJ0ZUa5Rp8vyI= +github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww= +github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/joeig/go-powerdns/v3 v3.10.0 h1:pUhC/8kdDJW4Y7/J/QawPXWlp0WcNrynABk0yX0WmRk= +github.com/joeig/go-powerdns/v3 v3.10.0/go.mod h1:SA9nmMT7kJr4vgSFTlYLMbomSwPxydacVWTPqSUoPFA= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= @@ -346,7 +351,6 @@ github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFF github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= @@ -393,21 +397,23 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.0-20170925054904-a5cdd64afdee/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= -github.com/miekg/dns v1.1.51 h1:0+Xg7vObnhrz/4ZCZcZh7zPXlmU0aveS2HDBd0m0qSo= -github.com/miekg/dns v1.1.51/go.mod h1:2Z9d3CP1LQWihRZUf29mQ19yDThaI4DAYzte2CaQW5c= +github.com/maxatome/go-testdeep v1.12.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM= +github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs= github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -439,8 +445,8 @@ github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7mt48= -github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= -github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/onsi/gomega v1.34.0 h1:eSSPsPNp6ZpsG8X1OVmOTxig+CblTc4AxpPBykhe2Os= +github.com/onsi/gomega v1.34.0/go.mod h1:MIKI8c+f+QLWk+hxbePD4i0LMJSExPaZOVfkoex4cAo= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= @@ -448,8 +454,9 @@ github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/9 github.com/pelletier/go-toml v1.4.0/go.mod h1:PN7xzY2wHTK0K9p34ErDQMlFxa51Fk0OUruD3k1mMwo= github.com/pelletier/go-toml v1.6.0/go.mod h1:5N711Q9dKgbdkxHL+MEfF31hpT7l0S0s/t2kKREewys= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= -github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM= github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= +github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -459,6 +466,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= +github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= +github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= @@ -466,8 +475,8 @@ github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlk github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= -github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/client_model v0.6.0 h1:k1v3CzpSRUTrKMppY35TLwPvxHqBu0bYgxZzqGIgaos= +github.com/prometheus/client_model v0.6.0/go.mod h1:NTQHnmxFpouOD0DpvP4XujX3CdOAGQPoaGhyTchlyt8= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= @@ -499,10 +508,8 @@ github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrf github.com/sirupsen/logrus v1.8.0/go.mod h1:4GuYW9TZmE769R5STWrRakJc4UqQ3+QQ95fyz7ENv1A= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= @@ -512,8 +519,8 @@ github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= -github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= -github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -575,14 +582,14 @@ go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/automaxprocs v1.4.0 h1:CpDZl6aOlLhReez+8S3eEotD7Jx0Os++lemPlMULQP0= -go.uber.org/automaxprocs v1.4.0/go.mod h1:/mTEdr7LvHhs0v7mjdxDreTz1OG5zdZGqgOnhWiR/+Q= +go.uber.org/automaxprocs v1.5.3 h1:kWazyxZUrS3Gs4qUpbwo5kEIMGe/DAvi5Z4tl2NW4j8= +go.uber.org/automaxprocs v1.5.3/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -599,11 +606,11 @@ golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= -golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= +golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= +golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= -golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= @@ -612,9 +619,8 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= -golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0= +golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180404174746-b3c676e531a6/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -644,13 +650,12 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= -golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= +golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= +golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= -golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= +golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= +golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -660,9 +665,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20170927054621-314a259e304f/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -696,30 +700,28 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= -golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM= +golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA= -golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0= +golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= +golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -742,9 +744,8 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k= -golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA= -golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c= +golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= +golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -758,8 +759,6 @@ google.golang.org/api v0.149.0/go.mod h1:Mwn1B7JTXrzXtnvmzQE2BD6bYZQ8DShKZDZbeN9 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= @@ -784,10 +783,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -803,8 +800,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.54.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU= -gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= @@ -825,22 +822,22 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -istio.io/api v1.22.0 h1:CdMUHgN/OfQK9ojj6lCjxlJSuUe0vD0ZAvoCcoBfn20= -istio.io/api v1.22.0/go.mod h1:S3l8LWqNYS9yT+d4bH+jqzH2lMencPkW7SKM1Cu9EyM= +istio.io/api v1.22.3 h1:V59wgcCm2fK2r137QBsddCDHNg0efg/DauIWEB9DFz8= +istio.io/api v1.22.3/go.mod h1:S3l8LWqNYS9yT+d4bH+jqzH2lMencPkW7SKM1Cu9EyM= istio.io/client-go v1.22.0 h1:TQ+Y7hqZVQHvaJXF99Q1jBqnVG7gYAHR9IvCK2nlwfE= istio.io/client-go v1.22.0/go.mod h1:1lAPr0DOVBbnRQqLAQKxWbEaxFk6b1CJTm+ypnP7sMo= -k8s.io/api v0.29.5 h1:levS+umUigHCfI3riD36pMY1vQEbrzh4r1ivVWAhHaI= -k8s.io/api v0.29.5/go.mod h1:7b18TtPcJzdjk7w5zWyIHgoAtpGeRvGGASxlS7UZXdQ= -k8s.io/apiextensions-apiserver v0.29.5 h1:njDywexhE6n+1NEl3A4axT0TMQHREnndrk3/ztdWcNE= -k8s.io/apiextensions-apiserver v0.29.5/go.mod h1:pfIvij+MH9a8NQKtW7MD4EFnzvUjJ1ZQsDL8wuP8fnc= -k8s.io/apimachinery v0.29.5 h1:Hofa2BmPfpoT+IyDTlcPdCHSnHtEQMoJYGVoQpRTfv4= -k8s.io/apimachinery v0.29.5/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= -k8s.io/client-go v0.29.5 h1:nlASXmPQy190qTteaVP31g3c/wi2kycznkTP7Sv1zPc= -k8s.io/client-go v0.29.5/go.mod h1:aY5CnqUUvXYccJhm47XHoPcRyX6vouHdIBHaKZGTbK4= -k8s.io/code-generator v0.29.5 h1:WqSdBPVV1B3jsPnKtPS39U02zj6Q7+FsjhAj1EPBJec= -k8s.io/code-generator v0.29.5/go.mod h1:7TYnI0dYItL2cKuhhgPSuF3WED9uMdELgbVXFfn/joE= -k8s.io/component-base v0.29.5 h1:Ptj8AzG+p8c2a839XriHwxakDpZH9uvIgYz+o1agjg8= -k8s.io/component-base v0.29.5/go.mod h1:9nBUoPxW/yimISIgAG7sJDrUGJlu7t8HnDafIrOdU8Q= +k8s.io/api v0.29.7 h1:Q2/thp7YYESgy0MGzxT9RvA/6doLJHBXSFH8GGLxSbc= +k8s.io/api v0.29.7/go.mod h1:mPimdbyuIjwoLtBEVIGVUYb4BKOE+44XHt/n4IqKsLA= +k8s.io/apiextensions-apiserver v0.29.7 h1:X62u7vUGfwW5rYJB5jkZDr0uV2XSyEHJRdxnfD5PaLs= +k8s.io/apiextensions-apiserver v0.29.7/go.mod h1:JzBXxlZKKdtEYGr4yiN+s0eXheCTYgKDay8JXPfSGoQ= +k8s.io/apimachinery v0.29.7 h1:ICXzya58Q7hyEEfnTrbmdfX1n1schSepX2KUfC2/ykc= +k8s.io/apimachinery v0.29.7/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= +k8s.io/client-go v0.29.7 h1:vTtiFrGBKlcBhxaeZC4eDrqui1e108nsTyue/KU63IY= +k8s.io/client-go v0.29.7/go.mod h1:69BvVqdRozgR/9TP45u/oO0tfrdbP+I8RqrcCJQshzg= +k8s.io/code-generator v0.29.7 h1:NEwmKOJVNObCh3upBLEojL1QuJMzGplOTYZnee4h0TY= +k8s.io/code-generator v0.29.7/go.mod h1:7TYnI0dYItL2cKuhhgPSuF3WED9uMdELgbVXFfn/joE= +k8s.io/component-base v0.29.7 h1:zXLJvZjvvDWdYmZCwZYk95E1Fd2oRXUz71mQukkRk5I= +k8s.io/component-base v0.29.7/go.mod h1:ddLTpIrjazaRI1EG83M41GNcYEAdskuQmx4JOOSXCOg= k8s.io/gengo v0.0.0-20201203183100-97869a43a9d9/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks= k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= @@ -852,12 +849,12 @@ k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.17.5 h1:1FI9Lm7NiOOmBsgTV36/s2XrEFXnO2C4sbg/Zme72Rw= sigs.k8s.io/controller-runtime v0.17.5/go.mod h1:N0jpP5Lo7lMTF9aL56Z/B2oWBJjey6StQM0jRbKQXtY= -sigs.k8s.io/controller-tools v0.13.0 h1:NfrvuZ4bxyolhDBt/rCZhDnx3M2hzlhgo5n3Iv2RykI= -sigs.k8s.io/controller-tools v0.13.0/go.mod h1:5vw3En2NazbejQGCeWKRrE7q4P+CW8/klfVqP8QZkgA= +sigs.k8s.io/controller-tools v0.14.0 h1:rnNoCC5wSXlrNoBKKzL70LNJKIQKEzT6lloG6/LF73A= +sigs.k8s.io/controller-tools v0.14.0/go.mod h1:TV7uOtNNnnR72SpzhStvPkoS/U5ir0nMudrkrC4M9Sc= sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= diff --git a/hack/copy-crds.sh b/hack/copy-crds.sh index 63199ceff..d350deb62 100755 --- a/hack/copy-crds.sh +++ b/hack/copy-crds.sh @@ -40,7 +40,6 @@ files=( "dns.gardener.cloud_dnsowners.yaml" "dns.gardener.cloud_dnsproviders.yaml" "dns.gardener.cloud_dnshostedzonepolicies.yaml" - "dns.gardener.cloud_dnslocks.yaml" ) for filename in "${files[@]}" do diff --git a/pkg/apis/dns/crds/dns.gardener.cloud_dnslocks.yaml b/pkg/apis/dns/crds/dns.gardener.cloud_dnslocks.yaml deleted file mode 100644 index 9919db480..000000000 --- a/pkg/apis/dns/crds/dns.gardener.cloud_dnslocks.yaml +++ /dev/null @@ -1,154 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - name: dnslocks.dns.gardener.cloud -spec: - group: dns.gardener.cloud - names: - kind: DNSLock - listKind: DNSLockList - plural: dnslocks - shortNames: - - dnsl - singular: dnslock - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: FQDN of DNS Entry - jsonPath: .spec.dnsName - name: DNS - type: string - - description: provider type - jsonPath: .status.providerType - name: TYPE - type: string - - description: assigned provider (namespace/name) - jsonPath: .status.provider - name: PROVIDER - type: string - - description: entry status - jsonPath: .status.state - name: STATUS - type: string - - description: entry creation timestamp - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - description: owner group id used to tag entries in external DNS system - jsonPath: .spec.ownerGroupId - name: OWNERID - type: string - - description: time to live - jsonPath: .status.ttl - name: TTL - priority: 2000 - type: integer - - description: zone id - jsonPath: .status.zone - name: ZONE - priority: 2000 - type: string - - description: message describing the reason for the state - jsonPath: .status.message - name: MESSAGE - priority: 2000 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - attributes: - additionalProperties: - type: string - description: attribute values (must be compatible with DNS TXT records) - type: object - dnsName: - description: full qualified domain name - type: string - lockId: - description: owner group for collaboration of multiple controller - type: string - timestamp: - description: Activation time stamp - format: date-time - type: string - ttl: - description: time to live for records in external DNS system - format: int64 - type: integer - required: - - dnsName - - timestamp - - ttl - type: object - status: - properties: - attributes: - additionalProperties: - type: string - description: attribute values found in DNS - type: object - firstFailedDNSLookup: - description: First failed DNS looup - format: date-time - type: string - lastUpdateTime: - description: lastUpdateTime contains the timestamp of the last status - update - format: date-time - type: string - lockId: - description: owner group for collaboration of multiple controller - found in DNS - type: string - message: - description: message describing the reason for the state - type: string - observedGeneration: - format: int64 - type: integer - provider: - description: assigned provider - type: string - providerType: - description: provider type used for the entry - type: string - state: - description: entry state - type: string - timestamp: - description: Activation time stamp found in DNS - format: date-time - type: string - ttl: - description: time to live used for the entry - format: int64 - type: integer - zone: - description: zone used for the entry - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/pkg/apis/dns/crds/dns.gardener.cloud_dnsowners.yaml b/pkg/apis/dns/crds/dns.gardener.cloud_dnsowners.yaml index d67ac01dc..46b2a2d42 100644 --- a/pkg/apis/dns/crds/dns.gardener.cloud_dnsowners.yaml +++ b/pkg/apis/dns/crds/dns.gardener.cloud_dnsowners.yaml @@ -57,30 +57,9 @@ spec: description: state of the ownerid for the DNS controller observing entry using this owner id (default:true) type: boolean - dnsActivation: - description: Optional activation info for controlling the owner activation - remotely via DNS TXT record - properties: - dnsName: - description: DNS name for controlling the owner activation remotely - via DNS TXT record - type: string - value: - description: Optional value for the DNS activation record used - to activate this owner The default is the id of the cluster - used to read the owner object - type: string - required: - - dnsName - type: object ownerId: description: owner id used to tag entries in external DNS system type: string - validUntil: - description: optional time this owner should be active if active flag - is not false - format: date-time - type: string required: - ownerId type: object diff --git a/pkg/apis/dns/crds/dns.gardener.cloud_remoteaccesscertificates.yaml b/pkg/apis/dns/crds/dns.gardener.cloud_remoteaccesscertificates.yaml deleted file mode 100644 index 16cf21dda..000000000 --- a/pkg/apis/dns/crds/dns.gardener.cloud_remoteaccesscertificates.yaml +++ /dev/null @@ -1,97 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - name: remoteaccesscertificates.dns.gardener.cloud -spec: - group: dns.gardener.cloud - names: - kind: RemoteAccessCertificate - listKind: RemoteAccessCertificateList - plural: remoteaccesscertificates - shortNames: - - remotecert - singular: remoteaccesscertificate - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.type - name: Type - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.notBefore - name: SecretAge - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - days: - description: Number of days the certificate should be valid - type: integer - domainName: - description: Domain name, used for building subject and DNS name - type: string - recreate: - description: Indicates if certificate should be recreated and replaced - in the secret - type: boolean - secretName: - description: Name of the secret to store the client certificate - type: string - type: - description: Certificate type (client or server) - type: string - required: - - days - - domainName - - secretName - - type - type: object - status: - properties: - message: - description: In case of a configuration problem this field describes - the reason - type: string - notAfter: - description: Expiration timestamp of the certificate - format: date-time - type: string - notBefore: - description: Creation timestamp of the certificate - format: date-time - type: string - recreating: - description: Indicates if certificate should be recreated and replaced - in the secret - type: boolean - serialNumber: - description: Serial number of the certificate - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} diff --git a/pkg/apis/dns/crds/zz_generated_crds.go b/pkg/apis/dns/crds/zz_generated_crds.go index e1ff4d50a..8ba7167d2 100644 --- a/pkg/apis/dns/crds/zz_generated_crds.go +++ b/pkg/apis/dns/crds/zz_generated_crds.go @@ -474,163 +474,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - name: dnslocks.dns.gardener.cloud -spec: - group: dns.gardener.cloud - names: - kind: DNSLock - listKind: DNSLockList - plural: dnslocks - shortNames: - - dnsl - singular: dnslock - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: FQDN of DNS Entry - jsonPath: .spec.dnsName - name: DNS - type: string - - description: provider type - jsonPath: .status.providerType - name: TYPE - type: string - - description: assigned provider (namespace/name) - jsonPath: .status.provider - name: PROVIDER - type: string - - description: entry status - jsonPath: .status.state - name: STATUS - type: string - - description: entry creation timestamp - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - description: owner group id used to tag entries in external DNS system - jsonPath: .spec.ownerGroupId - name: OWNERID - type: string - - description: time to live - jsonPath: .status.ttl - name: TTL - priority: 2000 - type: integer - - description: zone id - jsonPath: .status.zone - name: ZONE - priority: 2000 - type: string - - description: message describing the reason for the state - jsonPath: .status.message - name: MESSAGE - priority: 2000 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - attributes: - additionalProperties: - type: string - description: attribute values (must be compatible with DNS TXT records) - type: object - dnsName: - description: full qualified domain name - type: string - lockId: - description: owner group for collaboration of multiple controller - type: string - timestamp: - description: Activation time stamp - format: date-time - type: string - ttl: - description: time to live for records in external DNS system - format: int64 - type: integer - required: - - dnsName - - timestamp - - ttl - type: object - status: - properties: - attributes: - additionalProperties: - type: string - description: attribute values found in DNS - type: object - firstFailedDNSLookup: - description: First failed DNS looup - format: date-time - type: string - lastUpdateTime: - description: lastUpdateTime contains the timestamp of the last status - update - format: date-time - type: string - lockId: - description: owner group for collaboration of multiple controller - found in DNS - type: string - message: - description: message describing the reason for the state - type: string - observedGeneration: - format: int64 - type: integer - provider: - description: assigned provider - type: string - providerType: - description: provider type used for the entry - type: string - state: - description: entry state - type: string - timestamp: - description: Activation time stamp found in DNS - format: date-time - type: string - ttl: - description: time to live used for the entry - format: int64 - type: integer - zone: - description: zone used for the entry - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} - ` - utils.Must(registry.RegisterCRD(data)) - data = ` ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.13.0 @@ -687,30 +530,9 @@ spec: description: state of the ownerid for the DNS controller observing entry using this owner id (default:true) type: boolean - dnsActivation: - description: Optional activation info for controlling the owner activation - remotely via DNS TXT record - properties: - dnsName: - description: DNS name for controlling the owner activation remotely - via DNS TXT record - type: string - value: - description: Optional value for the DNS activation record used - to activate this owner The default is the id of the cluster - used to read the owner object - type: string - required: - - dnsName - type: object ownerId: description: owner id used to tag entries in external DNS system type: string - validUntil: - description: optional time this owner should be active if active flag - is not false - format: date-time - type: string required: - ownerId type: object @@ -952,106 +774,6 @@ spec: storage: true subresources: status: {} - ` - utils.Must(registry.RegisterCRD(data)) - data = ` ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - name: remoteaccesscertificates.dns.gardener.cloud -spec: - group: dns.gardener.cloud - names: - kind: RemoteAccessCertificate - listKind: RemoteAccessCertificateList - plural: remoteaccesscertificates - shortNames: - - remotecert - singular: remoteaccesscertificate - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.type - name: Type - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.notBefore - name: SecretAge - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - days: - description: Number of days the certificate should be valid - type: integer - domainName: - description: Domain name, used for building subject and DNS name - type: string - recreate: - description: Indicates if certificate should be recreated and replaced - in the secret - type: boolean - secretName: - description: Name of the secret to store the client certificate - type: string - type: - description: Certificate type (client or server) - type: string - required: - - days - - domainName - - secretName - - type - type: object - status: - properties: - message: - description: In case of a configuration problem this field describes - the reason - type: string - notAfter: - description: Expiration timestamp of the certificate - format: date-time - type: string - notBefore: - description: Creation timestamp of the certificate - format: date-time - type: string - recreating: - description: Indicates if certificate should be recreated and replaced - in the secret - type: boolean - serialNumber: - description: Serial number of the certificate - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ` utils.Must(registry.RegisterCRD(data)) } diff --git a/pkg/apis/dns/v1alpha1/dnslock.go b/pkg/apis/dns/v1alpha1/dnslock.go deleted file mode 100644 index 1e6c00cfa..000000000 --- a/pkg/apis/dns/v1alpha1/dnslock.go +++ /dev/null @@ -1,75 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type DNSLockList struct { - metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata - metav1.ListMeta `json:"metadata,omitempty"` - Items []DNSLock `json:"items"` -} - -// +kubebuilder:storageversion -// +kubebuilder:object:root=true -// +kubebuilder:resource:scope=Namespaced,path=dnslocks,shortName=dnsl,singular=dnslock -// +kubebuilder:subresource:status -// +kubebuilder:printcolumn:name=DNS,description="FQDN of DNS Entry",JSONPath=".spec.dnsName",type=string -// +kubebuilder:printcolumn:name=TYPE,JSONPath=".status.providerType",type=string,description="provider type" -// +kubebuilder:printcolumn:name=PROVIDER,JSONPath=".status.provider",type=string,description="assigned provider (namespace/name)" -// +kubebuilder:printcolumn:name=STATUS,JSONPath=".status.state",type=string,description="entry status" -// +kubebuilder:printcolumn:name=AGE,JSONPath=".metadata.creationTimestamp",type=date,description="entry creation timestamp" -// +kubebuilder:printcolumn:name=OWNERID,JSONPath=".spec.ownerGroupId",type=string,description="owner group id used to tag entries in external DNS system" -// +kubebuilder:printcolumn:name=TTL,JSONPath=".status.ttl",type=integer,priority=2000,description="time to live" -// +kubebuilder:printcolumn:name=ZONE,JSONPath=".status.zone",type=string,priority=2000,description="zone id" -// +kubebuilder:printcolumn:name=MESSAGE,JSONPath=".status.message",type=string,priority=2000,description="message describing the reason for the state" -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type DNSLock struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - Spec DNSLockSpec `json:"spec"` - // +optional - Status DNSLockStatus `json:"status,omitempty"` -} - -type DNSLockSpec struct { - // full qualified domain name - DNSName string `json:"dnsName"` - // owner group for collaboration of multiple controller - // +optional - LockId *string `json:"lockId,omitempty"` - // time to live for records in external DNS system - TTL int64 `json:"ttl"` - // Activation time stamp - Timestamp metav1.Time `json:"timestamp"` - // attribute values (must be compatible with DNS TXT records) - // +optional - Attributes map[string]string `json:"attributes,omitempty"` -} - -type DNSLockStatus struct { - DNSBaseStatus `json:",inline"` - // Activation time stamp found in DNS - // +optional - Timestamp *metav1.Time `json:"timestamp,omitempty"` - // owner group for collaboration of multiple controller found in DNS - // +optional - LockId *string `json:"lockId,omitempty"` - // attribute values found in DNS - // +optional - Attributes map[string]string `json:"attributes,omitempty"` - - // First failed DNS looup - // +optional - FirstFailedDNSLookup *metav1.Time `json:"firstFailedDNSLookup,omitempty"` -} diff --git a/pkg/apis/dns/v1alpha1/dnsowner.go b/pkg/apis/dns/v1alpha1/dnsowner.go index 29d65dd95..ad0ba7f93 100644 --- a/pkg/apis/dns/v1alpha1/dnsowner.go +++ b/pkg/apis/dns/v1alpha1/dnsowner.go @@ -45,24 +45,6 @@ type DNSOwnerSpec struct { // (default:true) // +optional Active *bool `json:"active,omitempty"` - // Optional activation info for controlling the owner activation remotely via DNS TXT record - // +optional - DNSActivation *DNSActivation `json:"dnsActivation,omitempty"` - - // +optional - // optional time this owner should be active if active flag is not false - ValidUntil *metav1.Time `json:"validUntil,omitempty"` -} - -// DNSActivation carries the optinal informatio required to control the -// activation of an owner id remotely via TXT records -type DNSActivation struct { - // DNS name for controlling the owner activation remotely via DNS TXT record - DNSName string `json:"dnsName"` - // Optional value for the DNS activation record used to activate this owner - // The default is the id of the cluster used to read the owner object - // +optional - Value *string `json:"value,omitempty"` } type DNSOwnerStatus struct { diff --git a/pkg/apis/dns/v1alpha1/register.go b/pkg/apis/dns/v1alpha1/register.go index ffc2d91a3..ee9abe437 100644 --- a/pkg/apis/dns/v1alpha1/register.go +++ b/pkg/apis/dns/v1alpha1/register.go @@ -18,11 +18,8 @@ const ( DNSOwnerKind = "DNSOwner" DNSProviderKind = "DNSProvider" DNSEntryKind = "DNSEntry" - DNSLockKind = "DNSLock" DNSAnnotationKind = "DNSAnnotation" DNSHostedZonePolicyKind = "DNSHostedZonePolicy" - - RemoteAccessCertificateKind = "RemoteAccessCertificate" ) // SchemeGroupVersion is group version used to register these objects @@ -53,13 +50,9 @@ func addKnownTypes(scheme *runtime.Scheme) error { &DNSEntry{}, &DNSEntryList{}, &DNSAnnotation{}, - &DNSLock{}, - &DNSLockList{}, &DNSAnnotationList{}, &DNSHostedZonePolicy{}, &DNSHostedZonePolicyList{}, - &RemoteAccessCertificate{}, - &RemoteAccessCertificateList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/pkg/apis/dns/v1alpha1/remoteaccesscertificate.go b/pkg/apis/dns/v1alpha1/remoteaccesscertificate.go deleted file mode 100644 index eef384694..000000000 --- a/pkg/apis/dns/v1alpha1/remoteaccesscertificate.go +++ /dev/null @@ -1,79 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type RemoteAccessCertificateList struct { - metav1.TypeMeta `json:",inline"` - // Standard list metadata - // More info: http://releases.k8s.io/HEAD/docs/devel/api-conventions.md#metadata - metav1.ListMeta `json:"metadata,omitempty"` - Items []RemoteAccessCertificate `json:"items"` -} - -// +kubebuilder:storageversion -// +kubebuilder:object:root=true -// +kubebuilder:resource:scope=Namespaced,path=remoteaccesscertificates,shortName=remotecert,singular=remoteaccesscertificate -// +kubebuilder:subresource:status -// +kubebuilder:printcolumn:name=Type,JSONPath=".spec.type",type=string -// +kubebuilder:printcolumn:name=Age,JSONPath=".metadata.creationTimestamp",type=date -// +kubebuilder:printcolumn:name=SecretAge,JSONPath=".status.notBefore",type=date -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type RemoteAccessCertificate struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - Spec RemoteAccessCertificateSpec `json:"spec"` - // +optional - Status RemoteAccessCertificateStatus `json:"status,omitempty"` -} - -type RemoteAccessCertificateSpec struct { - // Certificate type (client or server) - Type RemoteAccessCertificateType `json:"type"` - // Name of the secret to store the client certificate - SecretName string `json:"secretName"` - // Domain name, used for building subject and DNS name - DomainName string `json:"domainName"` - // Number of days the certificate should be valid - Days int `json:"days"` - // Indicates if certificate should be recreated and replaced in the secret - // +optional - Recreate bool `json:"recreate,omitempty"` -} - -// RemoteAccessCertificateType is a string alias. -type RemoteAccessCertificateType string - -const ( - // ServerType specifies that the certificate is a server certificate - ServerType RemoteAccessCertificateType = "server" - // ClientType specifies that the certificate is a client certificate - ClientType RemoteAccessCertificateType = "client" -) - -type RemoteAccessCertificateStatus struct { - // Creation timestamp of the certificate - // +optional - NotBefore *metav1.Time `json:"notBefore,omitempty"` - // Expiration timestamp of the certificate - // +optional - NotAfter *metav1.Time `json:"notAfter,omitempty"` - // Serial number of the certificate - // +optional - SerialNumber *string `json:"serialNumber,omitempty"` - // In case of a configuration problem this field describes the reason - // +optional - Message string `json:"message,omitempty"` - // Indicates if certificate should be recreated and replaced in the secret - // +optional - Recreating bool `json:"recreating,omitempty"` -} diff --git a/pkg/apis/dns/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/dns/v1alpha1/zz_generated.deepcopy.go index db0cf6a3a..0e9e871b3 100644 --- a/pkg/apis/dns/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/dns/v1alpha1/zz_generated.deepcopy.go @@ -14,27 +14,6 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DNSActivation) DeepCopyInto(out *DNSActivation) { - *out = *in - if in.Value != nil { - in, out := &in.Value, &out.Value - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSActivation. -func (in *DNSActivation) DeepCopy() *DNSActivation { - if in == nil { - return nil - } - out := new(DNSActivation) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSAnnotation) DeepCopyInto(out *DNSAnnotation) { *out = *in @@ -444,133 +423,6 @@ func (in *DNSHostedZonePolicyStatus) DeepCopy() *DNSHostedZonePolicyStatus { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DNSLock) DeepCopyInto(out *DNSLock) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSLock. -func (in *DNSLock) DeepCopy() *DNSLock { - if in == nil { - return nil - } - out := new(DNSLock) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DNSLock) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DNSLockList) DeepCopyInto(out *DNSLockList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]DNSLock, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSLockList. -func (in *DNSLockList) DeepCopy() *DNSLockList { - if in == nil { - return nil - } - out := new(DNSLockList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *DNSLockList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DNSLockSpec) DeepCopyInto(out *DNSLockSpec) { - *out = *in - if in.LockId != nil { - in, out := &in.LockId, &out.LockId - *out = new(string) - **out = **in - } - in.Timestamp.DeepCopyInto(&out.Timestamp) - if in.Attributes != nil { - in, out := &in.Attributes, &out.Attributes - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSLockSpec. -func (in *DNSLockSpec) DeepCopy() *DNSLockSpec { - if in == nil { - return nil - } - out := new(DNSLockSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DNSLockStatus) DeepCopyInto(out *DNSLockStatus) { - *out = *in - in.DNSBaseStatus.DeepCopyInto(&out.DNSBaseStatus) - if in.Timestamp != nil { - in, out := &in.Timestamp, &out.Timestamp - *out = (*in).DeepCopy() - } - if in.LockId != nil { - in, out := &in.LockId, &out.LockId - *out = new(string) - **out = **in - } - if in.Attributes != nil { - in, out := &in.Attributes, &out.Attributes - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.FirstFailedDNSLookup != nil { - in, out := &in.FirstFailedDNSLookup, &out.FirstFailedDNSLookup - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSLockStatus. -func (in *DNSLockStatus) DeepCopy() *DNSLockStatus { - if in == nil { - return nil - } - out := new(DNSLockStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSOwner) DeepCopyInto(out *DNSOwner) { *out = *in @@ -640,15 +492,6 @@ func (in *DNSOwnerSpec) DeepCopyInto(out *DNSOwnerSpec) { *out = new(bool) **out = **in } - if in.DNSActivation != nil { - in, out := &in.DNSActivation, &out.DNSActivation - *out = new(DNSActivation) - (*in).DeepCopyInto(*out) - } - if in.ValidUntil != nil { - in, out := &in.ValidUntil, &out.ValidUntil - *out = (*in).DeepCopy() - } return } @@ -935,112 +778,6 @@ func (in *RateLimit) DeepCopy() *RateLimit { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RemoteAccessCertificate) DeepCopyInto(out *RemoteAccessCertificate) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteAccessCertificate. -func (in *RemoteAccessCertificate) DeepCopy() *RemoteAccessCertificate { - if in == nil { - return nil - } - out := new(RemoteAccessCertificate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *RemoteAccessCertificate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RemoteAccessCertificateList) DeepCopyInto(out *RemoteAccessCertificateList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]RemoteAccessCertificate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteAccessCertificateList. -func (in *RemoteAccessCertificateList) DeepCopy() *RemoteAccessCertificateList { - if in == nil { - return nil - } - out := new(RemoteAccessCertificateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *RemoteAccessCertificateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RemoteAccessCertificateSpec) DeepCopyInto(out *RemoteAccessCertificateSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteAccessCertificateSpec. -func (in *RemoteAccessCertificateSpec) DeepCopy() *RemoteAccessCertificateSpec { - if in == nil { - return nil - } - out := new(RemoteAccessCertificateSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RemoteAccessCertificateStatus) DeepCopyInto(out *RemoteAccessCertificateStatus) { - *out = *in - if in.NotBefore != nil { - in, out := &in.NotBefore, &out.NotBefore - *out = (*in).DeepCopy() - } - if in.NotAfter != nil { - in, out := &in.NotAfter, &out.NotAfter - *out = (*in).DeepCopy() - } - if in.SerialNumber != nil { - in, out := &in.SerialNumber, &out.SerialNumber - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteAccessCertificateStatus. -func (in *RemoteAccessCertificateStatus) DeepCopy() *RemoteAccessCertificateStatus { - if in == nil { - return nil - } - out := new(RemoteAccessCertificateStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ResourceReference) DeepCopyInto(out *ResourceReference) { *out = *in diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dns_client.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dns_client.go index 48b1ef23c..527afe415 100644 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dns_client.go +++ b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dns_client.go @@ -18,10 +18,8 @@ type DnsV1alpha1Interface interface { DNSAnnotationsGetter DNSEntriesGetter DNSHostedZonePoliciesGetter - DNSLocksGetter DNSOwnersGetter DNSProvidersGetter - RemoteAccessCertificatesGetter } // DnsV1alpha1Client is used to interact with features provided by the dns.gardener.cloud group. @@ -41,10 +39,6 @@ func (c *DnsV1alpha1Client) DNSHostedZonePolicies(namespace string) DNSHostedZon return newDNSHostedZonePolicies(c, namespace) } -func (c *DnsV1alpha1Client) DNSLocks(namespace string) DNSLockInterface { - return newDNSLocks(c, namespace) -} - func (c *DnsV1alpha1Client) DNSOwners(namespace string) DNSOwnerInterface { return newDNSOwners(c, namespace) } @@ -53,10 +47,6 @@ func (c *DnsV1alpha1Client) DNSProviders(namespace string) DNSProviderInterface return newDNSProviders(c, namespace) } -func (c *DnsV1alpha1Client) RemoteAccessCertificates(namespace string) RemoteAccessCertificateInterface { - return newRemoteAccessCertificates(c, namespace) -} - // NewForConfig creates a new DnsV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dnslock.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dnslock.go deleted file mode 100644 index 0268d3040..000000000 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/dnslock.go +++ /dev/null @@ -1,182 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - scheme "github.com/gardener/external-dns-management/pkg/client/dns/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// DNSLocksGetter has a method to return a DNSLockInterface. -// A group's client should implement this interface. -type DNSLocksGetter interface { - DNSLocks(namespace string) DNSLockInterface -} - -// DNSLockInterface has methods to work with DNSLock resources. -type DNSLockInterface interface { - Create(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.CreateOptions) (*v1alpha1.DNSLock, error) - Update(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.UpdateOptions) (*v1alpha1.DNSLock, error) - UpdateStatus(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.UpdateOptions) (*v1alpha1.DNSLock, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.DNSLock, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.DNSLockList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.DNSLock, err error) - DNSLockExpansion -} - -// dNSLocks implements DNSLockInterface -type dNSLocks struct { - client rest.Interface - ns string -} - -// newDNSLocks returns a DNSLocks -func newDNSLocks(c *DnsV1alpha1Client, namespace string) *dNSLocks { - return &dNSLocks{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the dNSLock, and returns the corresponding dNSLock object, and an error if there is any. -func (c *dNSLocks) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.DNSLock, err error) { - result = &v1alpha1.DNSLock{} - err = c.client.Get(). - Namespace(c.ns). - Resource("dnslocks"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of DNSLocks that match those selectors. -func (c *dNSLocks) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.DNSLockList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.DNSLockList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("dnslocks"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested dNSLocks. -func (c *dNSLocks) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("dnslocks"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a dNSLock and creates it. Returns the server's representation of the dNSLock, and an error, if there is any. -func (c *dNSLocks) Create(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.CreateOptions) (result *v1alpha1.DNSLock, err error) { - result = &v1alpha1.DNSLock{} - err = c.client.Post(). - Namespace(c.ns). - Resource("dnslocks"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(dNSLock). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a dNSLock and updates it. Returns the server's representation of the dNSLock, and an error, if there is any. -func (c *dNSLocks) Update(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.UpdateOptions) (result *v1alpha1.DNSLock, err error) { - result = &v1alpha1.DNSLock{} - err = c.client.Put(). - Namespace(c.ns). - Resource("dnslocks"). - Name(dNSLock.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(dNSLock). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *dNSLocks) UpdateStatus(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.UpdateOptions) (result *v1alpha1.DNSLock, err error) { - result = &v1alpha1.DNSLock{} - err = c.client.Put(). - Namespace(c.ns). - Resource("dnslocks"). - Name(dNSLock.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(dNSLock). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the dNSLock and deletes it. Returns an error if one occurs. -func (c *dNSLocks) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("dnslocks"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *dNSLocks) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("dnslocks"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched dNSLock. -func (c *dNSLocks) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.DNSLock, err error) { - result = &v1alpha1.DNSLock{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("dnslocks"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dns_client.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dns_client.go index 99ef2df72..6c0440460 100644 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dns_client.go +++ b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dns_client.go @@ -27,10 +27,6 @@ func (c *FakeDnsV1alpha1) DNSHostedZonePolicies(namespace string) v1alpha1.DNSHo return &FakeDNSHostedZonePolicies{c, namespace} } -func (c *FakeDnsV1alpha1) DNSLocks(namespace string) v1alpha1.DNSLockInterface { - return &FakeDNSLocks{c, namespace} -} - func (c *FakeDnsV1alpha1) DNSOwners(namespace string) v1alpha1.DNSOwnerInterface { return &FakeDNSOwners{c, namespace} } @@ -39,10 +35,6 @@ func (c *FakeDnsV1alpha1) DNSProviders(namespace string) v1alpha1.DNSProviderInt return &FakeDNSProviders{c, namespace} } -func (c *FakeDnsV1alpha1) RemoteAccessCertificates(namespace string) v1alpha1.RemoteAccessCertificateInterface { - return &FakeRemoteAccessCertificates{c, namespace} -} - // RESTClient returns a RESTClient that is used to communicate // with API server by this client implementation. func (c *FakeDnsV1alpha1) RESTClient() rest.Interface { diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dnslock.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dnslock.go deleted file mode 100644 index f00790c00..000000000 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_dnslock.go +++ /dev/null @@ -1,128 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeDNSLocks implements DNSLockInterface -type FakeDNSLocks struct { - Fake *FakeDnsV1alpha1 - ns string -} - -var dnslocksResource = v1alpha1.SchemeGroupVersion.WithResource("dnslocks") - -var dnslocksKind = v1alpha1.SchemeGroupVersion.WithKind("DNSLock") - -// Get takes name of the dNSLock, and returns the corresponding dNSLock object, and an error if there is any. -func (c *FakeDNSLocks) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.DNSLock, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(dnslocksResource, c.ns, name), &v1alpha1.DNSLock{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.DNSLock), err -} - -// List takes label and field selectors, and returns the list of DNSLocks that match those selectors. -func (c *FakeDNSLocks) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.DNSLockList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(dnslocksResource, dnslocksKind, c.ns, opts), &v1alpha1.DNSLockList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.DNSLockList{ListMeta: obj.(*v1alpha1.DNSLockList).ListMeta} - for _, item := range obj.(*v1alpha1.DNSLockList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested dNSLocks. -func (c *FakeDNSLocks) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(dnslocksResource, c.ns, opts)) - -} - -// Create takes the representation of a dNSLock and creates it. Returns the server's representation of the dNSLock, and an error, if there is any. -func (c *FakeDNSLocks) Create(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.CreateOptions) (result *v1alpha1.DNSLock, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(dnslocksResource, c.ns, dNSLock), &v1alpha1.DNSLock{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.DNSLock), err -} - -// Update takes the representation of a dNSLock and updates it. Returns the server's representation of the dNSLock, and an error, if there is any. -func (c *FakeDNSLocks) Update(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.UpdateOptions) (result *v1alpha1.DNSLock, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(dnslocksResource, c.ns, dNSLock), &v1alpha1.DNSLock{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.DNSLock), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeDNSLocks) UpdateStatus(ctx context.Context, dNSLock *v1alpha1.DNSLock, opts v1.UpdateOptions) (*v1alpha1.DNSLock, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(dnslocksResource, "status", c.ns, dNSLock), &v1alpha1.DNSLock{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.DNSLock), err -} - -// Delete takes name of the dNSLock and deletes it. Returns an error if one occurs. -func (c *FakeDNSLocks) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(dnslocksResource, c.ns, name, opts), &v1alpha1.DNSLock{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeDNSLocks) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(dnslocksResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.DNSLockList{}) - return err -} - -// Patch applies the patch and returns the patched dNSLock. -func (c *FakeDNSLocks) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.DNSLock, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(dnslocksResource, c.ns, name, pt, data, subresources...), &v1alpha1.DNSLock{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.DNSLock), err -} diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_remoteaccesscertificate.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_remoteaccesscertificate.go deleted file mode 100644 index 516b3cb8a..000000000 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/fake/fake_remoteaccesscertificate.go +++ /dev/null @@ -1,128 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeRemoteAccessCertificates implements RemoteAccessCertificateInterface -type FakeRemoteAccessCertificates struct { - Fake *FakeDnsV1alpha1 - ns string -} - -var remoteaccesscertificatesResource = v1alpha1.SchemeGroupVersion.WithResource("remoteaccesscertificates") - -var remoteaccesscertificatesKind = v1alpha1.SchemeGroupVersion.WithKind("RemoteAccessCertificate") - -// Get takes name of the remoteAccessCertificate, and returns the corresponding remoteAccessCertificate object, and an error if there is any. -func (c *FakeRemoteAccessCertificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(remoteaccesscertificatesResource, c.ns, name), &v1alpha1.RemoteAccessCertificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.RemoteAccessCertificate), err -} - -// List takes label and field selectors, and returns the list of RemoteAccessCertificates that match those selectors. -func (c *FakeRemoteAccessCertificates) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.RemoteAccessCertificateList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(remoteaccesscertificatesResource, remoteaccesscertificatesKind, c.ns, opts), &v1alpha1.RemoteAccessCertificateList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.RemoteAccessCertificateList{ListMeta: obj.(*v1alpha1.RemoteAccessCertificateList).ListMeta} - for _, item := range obj.(*v1alpha1.RemoteAccessCertificateList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested remoteAccessCertificates. -func (c *FakeRemoteAccessCertificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(remoteaccesscertificatesResource, c.ns, opts)) - -} - -// Create takes the representation of a remoteAccessCertificate and creates it. Returns the server's representation of the remoteAccessCertificate, and an error, if there is any. -func (c *FakeRemoteAccessCertificates) Create(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.CreateOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(remoteaccesscertificatesResource, c.ns, remoteAccessCertificate), &v1alpha1.RemoteAccessCertificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.RemoteAccessCertificate), err -} - -// Update takes the representation of a remoteAccessCertificate and updates it. Returns the server's representation of the remoteAccessCertificate, and an error, if there is any. -func (c *FakeRemoteAccessCertificates) Update(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.UpdateOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(remoteaccesscertificatesResource, c.ns, remoteAccessCertificate), &v1alpha1.RemoteAccessCertificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.RemoteAccessCertificate), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeRemoteAccessCertificates) UpdateStatus(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.UpdateOptions) (*v1alpha1.RemoteAccessCertificate, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(remoteaccesscertificatesResource, "status", c.ns, remoteAccessCertificate), &v1alpha1.RemoteAccessCertificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.RemoteAccessCertificate), err -} - -// Delete takes name of the remoteAccessCertificate and deletes it. Returns an error if one occurs. -func (c *FakeRemoteAccessCertificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteActionWithOptions(remoteaccesscertificatesResource, c.ns, name, opts), &v1alpha1.RemoteAccessCertificate{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeRemoteAccessCertificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(remoteaccesscertificatesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.RemoteAccessCertificateList{}) - return err -} - -// Patch applies the patch and returns the patched remoteAccessCertificate. -func (c *FakeRemoteAccessCertificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.RemoteAccessCertificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(remoteaccesscertificatesResource, c.ns, name, pt, data, subresources...), &v1alpha1.RemoteAccessCertificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.RemoteAccessCertificate), err -} diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/generated_expansion.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/generated_expansion.go index 681a3ad86..63241c213 100644 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/generated_expansion.go +++ b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/generated_expansion.go @@ -11,10 +11,6 @@ type DNSEntryExpansion interface{} type DNSHostedZonePolicyExpansion interface{} -type DNSLockExpansion interface{} - type DNSOwnerExpansion interface{} type DNSProviderExpansion interface{} - -type RemoteAccessCertificateExpansion interface{} diff --git a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/remoteaccesscertificate.go b/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/remoteaccesscertificate.go deleted file mode 100644 index a48908f8e..000000000 --- a/pkg/client/dns/clientset/versioned/typed/dns/v1alpha1/remoteaccesscertificate.go +++ /dev/null @@ -1,182 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - scheme "github.com/gardener/external-dns-management/pkg/client/dns/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// RemoteAccessCertificatesGetter has a method to return a RemoteAccessCertificateInterface. -// A group's client should implement this interface. -type RemoteAccessCertificatesGetter interface { - RemoteAccessCertificates(namespace string) RemoteAccessCertificateInterface -} - -// RemoteAccessCertificateInterface has methods to work with RemoteAccessCertificate resources. -type RemoteAccessCertificateInterface interface { - Create(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.CreateOptions) (*v1alpha1.RemoteAccessCertificate, error) - Update(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.UpdateOptions) (*v1alpha1.RemoteAccessCertificate, error) - UpdateStatus(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.UpdateOptions) (*v1alpha1.RemoteAccessCertificate, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.RemoteAccessCertificate, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.RemoteAccessCertificateList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.RemoteAccessCertificate, err error) - RemoteAccessCertificateExpansion -} - -// remoteAccessCertificates implements RemoteAccessCertificateInterface -type remoteAccessCertificates struct { - client rest.Interface - ns string -} - -// newRemoteAccessCertificates returns a RemoteAccessCertificates -func newRemoteAccessCertificates(c *DnsV1alpha1Client, namespace string) *remoteAccessCertificates { - return &remoteAccessCertificates{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the remoteAccessCertificate, and returns the corresponding remoteAccessCertificate object, and an error if there is any. -func (c *remoteAccessCertificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - result = &v1alpha1.RemoteAccessCertificate{} - err = c.client.Get(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of RemoteAccessCertificates that match those selectors. -func (c *remoteAccessCertificates) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.RemoteAccessCertificateList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.RemoteAccessCertificateList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested remoteAccessCertificates. -func (c *remoteAccessCertificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a remoteAccessCertificate and creates it. Returns the server's representation of the remoteAccessCertificate, and an error, if there is any. -func (c *remoteAccessCertificates) Create(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.CreateOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - result = &v1alpha1.RemoteAccessCertificate{} - err = c.client.Post(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(remoteAccessCertificate). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a remoteAccessCertificate and updates it. Returns the server's representation of the remoteAccessCertificate, and an error, if there is any. -func (c *remoteAccessCertificates) Update(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.UpdateOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - result = &v1alpha1.RemoteAccessCertificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - Name(remoteAccessCertificate.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(remoteAccessCertificate). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *remoteAccessCertificates) UpdateStatus(ctx context.Context, remoteAccessCertificate *v1alpha1.RemoteAccessCertificate, opts v1.UpdateOptions) (result *v1alpha1.RemoteAccessCertificate, err error) { - result = &v1alpha1.RemoteAccessCertificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - Name(remoteAccessCertificate.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(remoteAccessCertificate). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the remoteAccessCertificate and deletes it. Returns an error if one occurs. -func (c *remoteAccessCertificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *remoteAccessCertificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched remoteAccessCertificate. -func (c *remoteAccessCertificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.RemoteAccessCertificate, err error) { - result = &v1alpha1.RemoteAccessCertificate{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("remoteaccesscertificates"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/client/dns/informers/externalversions/dns/v1alpha1/dnslock.go b/pkg/client/dns/informers/externalversions/dns/v1alpha1/dnslock.go deleted file mode 100644 index 66eb429f7..000000000 --- a/pkg/client/dns/informers/externalversions/dns/v1alpha1/dnslock.go +++ /dev/null @@ -1,77 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - dnsv1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - versioned "github.com/gardener/external-dns-management/pkg/client/dns/clientset/versioned" - internalinterfaces "github.com/gardener/external-dns-management/pkg/client/dns/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/gardener/external-dns-management/pkg/client/dns/listers/dns/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// DNSLockInformer provides access to a shared informer and lister for -// DNSLocks. -type DNSLockInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.DNSLockLister -} - -type dNSLockInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewDNSLockInformer constructs a new informer for DNSLock type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewDNSLockInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredDNSLockInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredDNSLockInformer constructs a new informer for DNSLock type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredDNSLockInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.DnsV1alpha1().DNSLocks(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.DnsV1alpha1().DNSLocks(namespace).Watch(context.TODO(), options) - }, - }, - &dnsv1alpha1.DNSLock{}, - resyncPeriod, - indexers, - ) -} - -func (f *dNSLockInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredDNSLockInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *dNSLockInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&dnsv1alpha1.DNSLock{}, f.defaultInformer) -} - -func (f *dNSLockInformer) Lister() v1alpha1.DNSLockLister { - return v1alpha1.NewDNSLockLister(f.Informer().GetIndexer()) -} diff --git a/pkg/client/dns/informers/externalversions/dns/v1alpha1/interface.go b/pkg/client/dns/informers/externalversions/dns/v1alpha1/interface.go index 00fa68b1a..d565df13d 100644 --- a/pkg/client/dns/informers/externalversions/dns/v1alpha1/interface.go +++ b/pkg/client/dns/informers/externalversions/dns/v1alpha1/interface.go @@ -17,14 +17,10 @@ type Interface interface { DNSEntries() DNSEntryInformer // DNSHostedZonePolicies returns a DNSHostedZonePolicyInformer. DNSHostedZonePolicies() DNSHostedZonePolicyInformer - // DNSLocks returns a DNSLockInformer. - DNSLocks() DNSLockInformer // DNSOwners returns a DNSOwnerInformer. DNSOwners() DNSOwnerInformer // DNSProviders returns a DNSProviderInformer. DNSProviders() DNSProviderInformer - // RemoteAccessCertificates returns a RemoteAccessCertificateInformer. - RemoteAccessCertificates() RemoteAccessCertificateInformer } type version struct { @@ -53,11 +49,6 @@ func (v *version) DNSHostedZonePolicies() DNSHostedZonePolicyInformer { return &dNSHostedZonePolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } -// DNSLocks returns a DNSLockInformer. -func (v *version) DNSLocks() DNSLockInformer { - return &dNSLockInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - // DNSOwners returns a DNSOwnerInformer. func (v *version) DNSOwners() DNSOwnerInformer { return &dNSOwnerInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} @@ -67,8 +58,3 @@ func (v *version) DNSOwners() DNSOwnerInformer { func (v *version) DNSProviders() DNSProviderInformer { return &dNSProviderInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } - -// RemoteAccessCertificates returns a RemoteAccessCertificateInformer. -func (v *version) RemoteAccessCertificates() RemoteAccessCertificateInformer { - return &remoteAccessCertificateInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/pkg/client/dns/informers/externalversions/dns/v1alpha1/remoteaccesscertificate.go b/pkg/client/dns/informers/externalversions/dns/v1alpha1/remoteaccesscertificate.go deleted file mode 100644 index 12a4d94d4..000000000 --- a/pkg/client/dns/informers/externalversions/dns/v1alpha1/remoteaccesscertificate.go +++ /dev/null @@ -1,77 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - dnsv1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - versioned "github.com/gardener/external-dns-management/pkg/client/dns/clientset/versioned" - internalinterfaces "github.com/gardener/external-dns-management/pkg/client/dns/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/gardener/external-dns-management/pkg/client/dns/listers/dns/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// RemoteAccessCertificateInformer provides access to a shared informer and lister for -// RemoteAccessCertificates. -type RemoteAccessCertificateInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.RemoteAccessCertificateLister -} - -type remoteAccessCertificateInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewRemoteAccessCertificateInformer constructs a new informer for RemoteAccessCertificate type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewRemoteAccessCertificateInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredRemoteAccessCertificateInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredRemoteAccessCertificateInformer constructs a new informer for RemoteAccessCertificate type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredRemoteAccessCertificateInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.DnsV1alpha1().RemoteAccessCertificates(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.DnsV1alpha1().RemoteAccessCertificates(namespace).Watch(context.TODO(), options) - }, - }, - &dnsv1alpha1.RemoteAccessCertificate{}, - resyncPeriod, - indexers, - ) -} - -func (f *remoteAccessCertificateInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredRemoteAccessCertificateInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *remoteAccessCertificateInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&dnsv1alpha1.RemoteAccessCertificate{}, f.defaultInformer) -} - -func (f *remoteAccessCertificateInformer) Lister() v1alpha1.RemoteAccessCertificateLister { - return v1alpha1.NewRemoteAccessCertificateLister(f.Informer().GetIndexer()) -} diff --git a/pkg/client/dns/informers/externalversions/generic.go b/pkg/client/dns/informers/externalversions/generic.go index 74935e491..7aa64dbe5 100644 --- a/pkg/client/dns/informers/externalversions/generic.go +++ b/pkg/client/dns/informers/externalversions/generic.go @@ -46,14 +46,10 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Dns().V1alpha1().DNSEntries().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("dnshostedzonepolicies"): return &genericInformer{resource: resource.GroupResource(), informer: f.Dns().V1alpha1().DNSHostedZonePolicies().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("dnslocks"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Dns().V1alpha1().DNSLocks().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("dnsowners"): return &genericInformer{resource: resource.GroupResource(), informer: f.Dns().V1alpha1().DNSOwners().Informer()}, nil case v1alpha1.SchemeGroupVersion.WithResource("dnsproviders"): return &genericInformer{resource: resource.GroupResource(), informer: f.Dns().V1alpha1().DNSProviders().Informer()}, nil - case v1alpha1.SchemeGroupVersion.WithResource("remoteaccesscertificates"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Dns().V1alpha1().RemoteAccessCertificates().Informer()}, nil } diff --git a/pkg/client/dns/listers/dns/v1alpha1/dnslock.go b/pkg/client/dns/listers/dns/v1alpha1/dnslock.go deleted file mode 100644 index 5d83f4380..000000000 --- a/pkg/client/dns/listers/dns/v1alpha1/dnslock.go +++ /dev/null @@ -1,86 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// DNSLockLister helps list DNSLocks. -// All objects returned here must be treated as read-only. -type DNSLockLister interface { - // List lists all DNSLocks in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.DNSLock, err error) - // DNSLocks returns an object that can list and get DNSLocks. - DNSLocks(namespace string) DNSLockNamespaceLister - DNSLockListerExpansion -} - -// dNSLockLister implements the DNSLockLister interface. -type dNSLockLister struct { - indexer cache.Indexer -} - -// NewDNSLockLister returns a new DNSLockLister. -func NewDNSLockLister(indexer cache.Indexer) DNSLockLister { - return &dNSLockLister{indexer: indexer} -} - -// List lists all DNSLocks in the indexer. -func (s *dNSLockLister) List(selector labels.Selector) (ret []*v1alpha1.DNSLock, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.DNSLock)) - }) - return ret, err -} - -// DNSLocks returns an object that can list and get DNSLocks. -func (s *dNSLockLister) DNSLocks(namespace string) DNSLockNamespaceLister { - return dNSLockNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// DNSLockNamespaceLister helps list and get DNSLocks. -// All objects returned here must be treated as read-only. -type DNSLockNamespaceLister interface { - // List lists all DNSLocks in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.DNSLock, err error) - // Get retrieves the DNSLock from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.DNSLock, error) - DNSLockNamespaceListerExpansion -} - -// dNSLockNamespaceLister implements the DNSLockNamespaceLister -// interface. -type dNSLockNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all DNSLocks in the indexer for a given namespace. -func (s dNSLockNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.DNSLock, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.DNSLock)) - }) - return ret, err -} - -// Get retrieves the DNSLock from the indexer for a given namespace and name. -func (s dNSLockNamespaceLister) Get(name string) (*v1alpha1.DNSLock, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("dnslock"), name) - } - return obj.(*v1alpha1.DNSLock), nil -} diff --git a/pkg/client/dns/listers/dns/v1alpha1/expansion_generated.go b/pkg/client/dns/listers/dns/v1alpha1/expansion_generated.go index d7cd5944a..6cc20e6c4 100644 --- a/pkg/client/dns/listers/dns/v1alpha1/expansion_generated.go +++ b/pkg/client/dns/listers/dns/v1alpha1/expansion_generated.go @@ -29,14 +29,6 @@ type DNSHostedZonePolicyListerExpansion interface{} // DNSHostedZonePolicyNamespaceLister. type DNSHostedZonePolicyNamespaceListerExpansion interface{} -// DNSLockListerExpansion allows custom methods to be added to -// DNSLockLister. -type DNSLockListerExpansion interface{} - -// DNSLockNamespaceListerExpansion allows custom methods to be added to -// DNSLockNamespaceLister. -type DNSLockNamespaceListerExpansion interface{} - // DNSOwnerListerExpansion allows custom methods to be added to // DNSOwnerLister. type DNSOwnerListerExpansion interface{} @@ -52,11 +44,3 @@ type DNSProviderListerExpansion interface{} // DNSProviderNamespaceListerExpansion allows custom methods to be added to // DNSProviderNamespaceLister. type DNSProviderNamespaceListerExpansion interface{} - -// RemoteAccessCertificateListerExpansion allows custom methods to be added to -// RemoteAccessCertificateLister. -type RemoteAccessCertificateListerExpansion interface{} - -// RemoteAccessCertificateNamespaceListerExpansion allows custom methods to be added to -// RemoteAccessCertificateNamespaceLister. -type RemoteAccessCertificateNamespaceListerExpansion interface{} diff --git a/pkg/client/dns/listers/dns/v1alpha1/remoteaccesscertificate.go b/pkg/client/dns/listers/dns/v1alpha1/remoteaccesscertificate.go deleted file mode 100644 index 8db712052..000000000 --- a/pkg/client/dns/listers/dns/v1alpha1/remoteaccesscertificate.go +++ /dev/null @@ -1,86 +0,0 @@ -// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// RemoteAccessCertificateLister helps list RemoteAccessCertificates. -// All objects returned here must be treated as read-only. -type RemoteAccessCertificateLister interface { - // List lists all RemoteAccessCertificates in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.RemoteAccessCertificate, err error) - // RemoteAccessCertificates returns an object that can list and get RemoteAccessCertificates. - RemoteAccessCertificates(namespace string) RemoteAccessCertificateNamespaceLister - RemoteAccessCertificateListerExpansion -} - -// remoteAccessCertificateLister implements the RemoteAccessCertificateLister interface. -type remoteAccessCertificateLister struct { - indexer cache.Indexer -} - -// NewRemoteAccessCertificateLister returns a new RemoteAccessCertificateLister. -func NewRemoteAccessCertificateLister(indexer cache.Indexer) RemoteAccessCertificateLister { - return &remoteAccessCertificateLister{indexer: indexer} -} - -// List lists all RemoteAccessCertificates in the indexer. -func (s *remoteAccessCertificateLister) List(selector labels.Selector) (ret []*v1alpha1.RemoteAccessCertificate, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.RemoteAccessCertificate)) - }) - return ret, err -} - -// RemoteAccessCertificates returns an object that can list and get RemoteAccessCertificates. -func (s *remoteAccessCertificateLister) RemoteAccessCertificates(namespace string) RemoteAccessCertificateNamespaceLister { - return remoteAccessCertificateNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// RemoteAccessCertificateNamespaceLister helps list and get RemoteAccessCertificates. -// All objects returned here must be treated as read-only. -type RemoteAccessCertificateNamespaceLister interface { - // List lists all RemoteAccessCertificates in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.RemoteAccessCertificate, err error) - // Get retrieves the RemoteAccessCertificate from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.RemoteAccessCertificate, error) - RemoteAccessCertificateNamespaceListerExpansion -} - -// remoteAccessCertificateNamespaceLister implements the RemoteAccessCertificateNamespaceLister -// interface. -type remoteAccessCertificateNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all RemoteAccessCertificates in the indexer for a given namespace. -func (s remoteAccessCertificateNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.RemoteAccessCertificate, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.RemoteAccessCertificate)) - }) - return ret, err -} - -// Get retrieves the RemoteAccessCertificate from the indexer for a given namespace and name. -func (s remoteAccessCertificateNamespaceLister) Get(name string) (*v1alpha1.RemoteAccessCertificate, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("remoteaccesscertificate"), name) - } - return obj.(*v1alpha1.RemoteAccessCertificate), nil -} diff --git a/pkg/controller/provider/powerdns/controller/controller.go b/pkg/controller/provider/powerdns/controller/controller.go new file mode 100644 index 000000000..6e47c4adc --- /dev/null +++ b/pkg/controller/provider/powerdns/controller/controller.go @@ -0,0 +1,16 @@ +// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors +// +// SPDX-License-Identifier: Apache-2.0 + +package controller + +import ( + "github.com/gardener/external-dns-management/pkg/controller/provider/powerdns" + "github.com/gardener/external-dns-management/pkg/dns/provider" +) + +func init() { + provider.DNSController("", powerdns.Factory). + FinalizerDomain("dns.gardener.cloud"). + MustRegister(provider.CONTROLLER_GROUP_DNS_CONTROLLERS) +} diff --git a/pkg/controller/provider/powerdns/execution.go b/pkg/controller/provider/powerdns/execution.go new file mode 100644 index 000000000..1065a0243 --- /dev/null +++ b/pkg/controller/provider/powerdns/execution.go @@ -0,0 +1,100 @@ +// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors +// +// SPDX-License-Identifier: Apache-2.0 + +package powerdns + +import ( + "fmt" + + "github.com/gardener/controller-manager-library/pkg/logger" + "github.com/joeig/go-powerdns/v3" + + "github.com/gardener/external-dns-management/pkg/dns" + "github.com/gardener/external-dns-management/pkg/dns/provider" +) + +type RecordSet struct { + Name string + RecordType powerdns.RRType + TTL uint32 + Content []string +} + +type Execution struct { + logger.LogContext + handler *Handler + zone provider.DNSHostedZone +} + +func NewExecution(logger logger.LogContext, h *Handler, zone provider.DNSHostedZone) *Execution { + return &Execution{LogContext: logger, handler: h, zone: zone} +} + +func (exec *Execution) buildRecordSet(req *provider.ChangeRequest) (*RecordSet, error) { + var dnsset *dns.DNSSet + + switch req.Action { + case provider.R_CREATE, provider.R_UPDATE: + dnsset = req.Addition + case provider.R_DELETE: + dnsset = req.Deletion + } + + name, rset := dns.MapToProvider(req.Type, dnsset, exec.zone.Domain()) + + if name.SetIdentifier != "" || dnsset.RoutingPolicy != nil { + return nil, fmt.Errorf("routing policies not supported for " + TYPE_CODE) + } + + if name.DNSName == "" || len(rset.Records) == 0 { + return nil, nil + } + + exec.Infof("Desired %s: %s record set %s[%s] with TTL %d: %s", req.Action, rset.Type, name.DNSName, exec.zone.Id(), rset.TTL, rset.RecordString()) + + recordSet := RecordSet{ + Name: name.DNSName, + RecordType: powerdns.RRType(rset.Type), + } + + switch req.Action { + case provider.R_CREATE, provider.R_UPDATE: + var content []string + for _, record := range rset.Records { + content = append(content, record.Value) + } + + recordSet.Content = content + recordSet.TTL = uint32(rset.TTL) + } + + return &recordSet, nil +} + +func (exec *Execution) apply(action string, rset *RecordSet, metrics provider.Metrics) error { + var err error + switch action { + case provider.R_CREATE, provider.R_UPDATE: + err = exec.update(rset, metrics) + case provider.R_DELETE: + err = exec.delete(rset, metrics) + } + return err +} + +func (exec *Execution) update(rset *RecordSet, metrics provider.Metrics) error { + exec.handler.config.RateLimiter.Accept() + zoneID := exec.zone.Id().ID + err := exec.handler.powerdns.Records.Change(exec.handler.ctx, zoneID, rset.Name, rset.RecordType, rset.TTL, rset.Content) + metrics.AddZoneRequests(zoneID, provider.M_UPDATERECORDS, 1) + return err +} + +func (exec *Execution) delete(rset *RecordSet, metrics provider.Metrics) error { + exec.handler.config.RateLimiter.Accept() + zoneID := exec.zone.Id().ID + err := exec.handler.powerdns.Records.Delete(exec.handler.ctx, zoneID, rset.Name, rset.RecordType) + metrics.AddZoneRequests(zoneID, provider.M_DELETERECORDS, 1) + return err +} diff --git a/pkg/controller/provider/powerdns/factory.go b/pkg/controller/provider/powerdns/factory.go new file mode 100644 index 000000000..94156daee --- /dev/null +++ b/pkg/controller/provider/powerdns/factory.go @@ -0,0 +1,25 @@ +// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors +// +// SPDX-License-Identifier: Apache-2.0 + +package powerdns + +import ( + "github.com/gardener/external-dns-management/pkg/controller/provider/compound" + "github.com/gardener/external-dns-management/pkg/dns/provider" +) + +const TYPE_CODE = "powerdns" + +var rateLimiterDefaults = provider.RateLimiterOptions{ + Enabled: true, + QPS: 50, + Burst: 10, +} + +var Factory = provider.NewDNSHandlerFactory(TYPE_CODE, NewHandler). + SetGenericFactoryOptionDefaults(provider.GenericFactoryOptionDefaults.SetRateLimiterOptions(rateLimiterDefaults)) + +func init() { + compound.MustRegister(Factory) +} diff --git a/pkg/controller/provider/powerdns/handler.go b/pkg/controller/provider/powerdns/handler.go new file mode 100644 index 000000000..2e4789628 --- /dev/null +++ b/pkg/controller/provider/powerdns/handler.go @@ -0,0 +1,199 @@ +// SPDX-FileCopyrightText: SAP SE or an SAP affiliate company and Gardener contributors +// +// SPDX-License-Identifier: Apache-2.0 + +package powerdns + +import ( + "context" + "crypto/tls" + "crypto/x509" + "fmt" + "net/http" + + "github.com/joeig/go-powerdns/v3" + + "github.com/gardener/controller-manager-library/pkg/logger" + "github.com/gardener/external-dns-management/pkg/dns" + "github.com/gardener/external-dns-management/pkg/dns/provider" +) + +type Handler struct { + provider.DefaultDNSHandler + config provider.DNSHandlerConfig + cache provider.ZoneCache + ctx context.Context + powerdns *powerdns.Client +} + +var _ provider.DNSHandler = &Handler{} + +func NewHandler(c *provider.DNSHandlerConfig) (provider.DNSHandler, error) { + h := &Handler{ + DefaultDNSHandler: provider.NewDefaultDNSHandler(TYPE_CODE), + config: *c, + } + + h.ctx = c.Context + + server, err := c.GetRequiredProperty("Server", "server") + if err != nil { + return nil, err + } + + apiKey, err := c.GetRequiredProperty("ApiKey", "apiKey") + if err != nil { + return nil, err + } + + virtualHost := c.GetProperty("VirtualHost", "virtualHost") + + insecureSkipVerify, err := c.GetDefaultedBoolProperty("InsecureSkipVerify", false, "insecureSkipVerify") + if err != nil { + return nil, err + } + + trustedCaCert := c.GetProperty("TrustedCaCert", "trustedCaCert") + + headers := map[string]string{"X-API-Key": apiKey} + httpClient := newHttpClient(insecureSkipVerify, trustedCaCert) + + h.powerdns = powerdns.NewClient(server, virtualHost, headers, httpClient) + + h.cache, err = c.ZoneCacheFactory.CreateZoneCache(provider.CacheZoneState, c.Metrics, h.getZones, h.getZoneState) + if err != nil { + return nil, err + } + + return h, nil +} + +func newHttpClient(insecureSkipVerify bool, trustedCaCert string) *http.Client { + httpClient := http.DefaultClient + + if insecureSkipVerify { + httpClient.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + } + + if trustedCaCert != "" { + caCertPool := x509.NewCertPool() + caCertPool.AppendCertsFromPEM([]byte(trustedCaCert)) + httpClient.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{ + RootCAs: caCertPool, + InsecureSkipVerify: false, + MinVersion: tls.VersionTLS12, + }, + } + } + + return httpClient +} + +func (h *Handler) Release() { + h.cache.Release() +} + +func (h *Handler) GetZones() (provider.DNSHostedZones, error) { + return h.cache.GetZones() +} + +func (h *Handler) getZones(_ provider.ZoneCache) (provider.DNSHostedZones, error) { + hostedZones := provider.DNSHostedZones{} + zones, err := h.powerdns.Zones.List(h.ctx) + if err != nil { + return nil, err + } + + for _, z := range zones { + id := powerdns.StringValue(z.ID) + domain := dns.NormalizeHostname(powerdns.StringValue(z.Name)) + hostedZone := provider.NewDNSHostedZone(h.ProviderType(), id, domain, id, false) + hostedZones = append(hostedZones, hostedZone) + } + h.config.Metrics.AddGenericRequests(provider.M_LISTZONES, 1) + return hostedZones, nil +} + +func (h *Handler) GetZoneState(zone provider.DNSHostedZone) (provider.DNSZoneState, error) { + return h.cache.GetZoneState(zone) +} + +func (h *Handler) getZoneState(zone provider.DNSHostedZone, _ provider.ZoneCache) (provider.DNSZoneState, error) { + dnssets := dns.DNSSets{} + + h.config.RateLimiter.Accept() + + state, err := h.powerdns.Zones.Get(h.ctx, zone.Id().ID) + if err != nil { + return nil, err + } + + for _, rrset := range state.RRsets { + h.config.Metrics.AddZoneRequests(zone.Id().ID, provider.M_LISTRECORDS, 1) + if rrset.Type == nil { + h.config.Logger.Warnf("Missing type for RRSet %s from Zone %s", powerdns.StringValue(rrset.Name), zone.Id().ID) + continue + } + + rs := dns.NewRecordSet(powerdns.StringValue((*string)(rrset.Type)), int64(powerdns.Uint32Value(rrset.TTL)), nil) + for _, rr := range rrset.Records { + rs.Add(&dns.Record{Value: powerdns.StringValue(rr.Content)}) + } + dnssets.AddRecordSetFromProvider(powerdns.StringValue(rrset.Name), rs) + } + return provider.NewDNSZoneState(dnssets), nil + +} + +func (h *Handler) ReportZoneStateConflict(zone provider.DNSHostedZone, err error) bool { + return h.cache.ReportZoneStateConflict(zone, err) +} + +func (h *Handler) ExecuteRequests(logger logger.LogContext, zone provider.DNSHostedZone, state provider.DNSZoneState, reqs []*provider.ChangeRequest) error { + err := h.executeRequests(logger, zone, state, reqs) + h.cache.ApplyRequests(logger, err, zone, reqs) + return err +} + +func (h *Handler) executeRequests(logger logger.LogContext, zone provider.DNSHostedZone, _ provider.DNSZoneState, reqs []*provider.ChangeRequest) error { + exec := NewExecution(logger, h, zone) + + var succeeded, failed int + for _, req := range reqs { + rset, err := exec.buildRecordSet(req) + if err != nil { + if req.Done != nil { + req.Done.SetInvalid(err) + } + continue + } + + err = exec.apply(req.Action, rset, h.config.Metrics) + if err != nil { + failed++ + logger.Infof("Apply failed with %s", err.Error()) + if req.Done != nil { + req.Done.Failed(err) + } + } else { + succeeded++ + if req.Done != nil { + req.Done.Succeeded() + } + } + } + + if succeeded > 0 { + logger.Infof("Succeeded updates for records in apiKey %s: %d", zone.Id(), succeeded) + } + + if failed > 0 { + logger.Infof("Failed updates for records in apiKey %s: %d", zone.Id(), failed) + return fmt.Errorf("%d changes failed", failed) + } + + return nil +} diff --git a/pkg/controller/remoteaccesscertificates/controller.go b/pkg/controller/remoteaccesscertificates/controller.go deleted file mode 100644 index 22a6cba70..000000000 --- a/pkg/controller/remoteaccesscertificates/controller.go +++ /dev/null @@ -1,308 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package remoteaccesscertificates - -import ( - "crypto/rsa" - "crypto/x509" - "fmt" - "os" - "time" - - "github.com/gardener/controller-manager-library/pkg/config" - "github.com/gardener/controller-manager-library/pkg/resources/apiextensions" - "github.com/gardener/controller-manager-library/pkg/utils" - "github.com/gardener/external-dns-management/pkg/dns/provider" - "go.uber.org/atomic" - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - - "github.com/gardener/controller-manager-library/pkg/controllermanager/controller" - "github.com/gardener/controller-manager-library/pkg/controllermanager/controller/reconcile" - "github.com/gardener/controller-manager-library/pkg/logger" - "github.com/gardener/controller-manager-library/pkg/resources" - - "github.com/gardener/external-dns-management/pkg/apis/dns/crds" - api "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - dnsutils "github.com/gardener/external-dns-management/pkg/dns/utils" -) - -const ( - CONTROLLER = "remoteaccesscertificates" - OPT_REMOTE_ACCESS_CAKEY = "remote-access-cakey" -) - -func init() { - crds.AddToRegistry(apiextensions.DefaultRegistry()) - - controller.Configure(CONTROLLER). - Reconciler(Create). - DefaultWorkerPool(1, 0*time.Second). - OptionsByExample("options", &Config{}). - CustomResourceDefinitions(resources.NewGroupKind(api.GroupName, api.RemoteAccessCertificateKind)). - MainResource(api.GroupName, api.RemoteAccessCertificateKind). - ActivateExplicitly(). - MustRegister() -} - -type Config struct { - caKeyFile string - caCertFile string -} - -func (r *Config) AddOptionsToSet(set config.OptionSet) { - set.AddStringOption(&r.caKeyFile, OPT_REMOTE_ACCESS_CAKEY, "", "", "filename for private key of client CA") - set.AddStringOption(&r.caCertFile, provider.OPT_REMOTE_ACCESS_CACERT, "", "", "filename for certificate of client CA") -} - -func (r *Config) Evaluate() error { - return nil -} - -type reconciler struct { - reconcile.DefaultReconciler - controller controller.Interface - secretResources resources.Interface - certResources resources.Interface - config *Config - clientCACert *x509.Certificate - clientCAPrivateKey *rsa.PrivateKey - - nextSerialNumber atomic.Int64 -} - -var _ reconcile.Interface = &reconciler{} - -/////////////////////////////////////////////////////////////////////////////// - -func Create(controller controller.Interface) (reconcile.Interface, error) { - cfg, err := controller.GetOptionSource("options") - config := cfg.(*Config) - if err != nil { - return nil, err - } - - caCert, caPrivateKey, err := loadClientCA(config) - if err != nil { - return nil, err - } - - secretResources, err := controller.GetMainCluster().Resources().GetByExample(&corev1.Secret{}) - if err != nil { - return nil, err - } - certResources, err := controller.GetMainCluster().Resources().GetByExample(&api.RemoteAccessCertificate{}) - if err != nil { - return nil, err - } - return &reconciler{ - controller: controller, - secretResources: secretResources, - certResources: certResources, - config: config, - clientCACert: caCert, - clientCAPrivateKey: caPrivateKey, - }, nil -} - -func loadClientCA(config *Config) (*x509.Certificate, *rsa.PrivateKey, error) { - if config.caCertFile == "" { - return nil, nil, fmt.Errorf("missing option %s with CA for client certificates", provider.OPT_REMOTE_ACCESS_CACERT) - } - pemClientCA, err := os.ReadFile(config.caCertFile) - if err != nil { - return nil, nil, fmt.Errorf("cannot read client CA: %w", err) - } - clientCA, err := DecodeCert(pemClientCA) - if err != nil { - return nil, nil, err - } - - if config.caKeyFile == "" { - return nil, nil, fmt.Errorf("missing option %s with CA key for client certificates", OPT_REMOTE_ACCESS_CAKEY) - } - keyPem, err := os.ReadFile(config.caKeyFile) - if err != nil { - return nil, nil, fmt.Errorf("cannot read client CA key: %w", err) - } - caPrivateKey, err := DecodePrivateKey(keyPem) - if err != nil { - return nil, nil, err - } - - return clientCA, caPrivateKey, nil -} - -func (r *reconciler) Setup() error { - r.nextSerialNumber.Store(time.Now().Unix()) - r.controller.Infof("### setup remote client certificate") - res, _ := r.controller.GetMainCluster().Resources().GetByExample(&api.RemoteAccessCertificate{}) - list, _ := res.ListCached(labels.Everything()) - return dnsutils.ProcessElements(list, func(e resources.Object) error { - return r.reconcile(r.controller, e) - }, 1) -} - -/////////////////////////////////////////////////////////////////////////////// - -func (r *reconciler) Reconcile(logger logger.LogContext, obj resources.Object) reconcile.Status { - err := r.reconcile(logger, obj) - return reconcile.DelayOnError(logger, err) -} - -func (r *reconciler) reconcile(logger logger.LogContext, obj resources.Object) error { - cert := obj.Data().(*api.RemoteAccessCertificate) - - hasSecret := cert.Status.NotBefore != nil - if hasSecret { - _, err := r.getSecret(cert.Namespace, cert.Spec.SecretName) - if err != nil { - if !errors.IsNotFound(err) { - return err - } - hasSecret = false - } - } - - if hasSecret && cert.Spec.Recreate { - logger.Infof("prepare for recreating certificate secret") - return r.resetForCertificatRecreation(cert) - } - - if hasSecret && !cert.Status.Recreating { - return nil - } - - switch cert.Spec.Type { - case api.ServerType: - return r.createServerCertificate(cert) - case api.ClientType: - return r.createClientCertificate(cert) - default: - return fmt.Errorf("invalid .spec.type %s", cert.Spec.Type) - } -} - -func (r *reconciler) createServerCertificate(cert *api.RemoteAccessCertificate) error { - subject := CreateSubject(cert.Spec.DomainName) - - cdata, err := CreateCertificate(r.clientCACert, r.clientCAPrivateKey, subject, cert.Spec.DomainName, - cert.Spec.Days, r.nextSerialNumber.Inc(), true) - if err != nil { - return err - } - - return r.writeSecretAndStatus(cert, cdata, nil) -} - -func (r *reconciler) createClientCertificate(cert *api.RemoteAccessCertificate) error { - commonName := cert.Namespace + "." + cert.Spec.DomainName - subject := CreateSubject(commonName) - - cdata, err := CreateCertificate(r.clientCACert, r.clientCAPrivateKey, subject, cert.Spec.DomainName, - cert.Spec.Days, r.nextSerialNumber.Inc(), false) - if err != nil { - return err - } - - additionalData := map[string][]byte{ - "NAMESPACE": []byte(cert.Namespace), - } - - return r.writeSecretAndStatus(cert, cdata, additionalData) -} - -func (r *reconciler) writeSecretAndStatus(cert *api.RemoteAccessCertificate, cdata *CertData, additionalData map[string][]byte) error { - secretData := map[string][]byte{ - corev1.TLSPrivateKeyKey: cdata.TLSKey, - corev1.TLSCertKey: cdata.TLSCrt, - "ca.crt": cdata.CACrt, // using same CA for client and server - "NAMESPACE": []byte(cert.Namespace), - } - for k, v := range additionalData { - secretData[k] = v - } - - secret := &corev1.Secret{} - secret.Namespace = cert.Namespace - secret.Name = cert.Spec.SecretName - secret.Type = corev1.SecretTypeTLS - secret.Data = secretData - _, err := r.secretResources.CreateOrUpdate(secret) - logger.Infof("created certificate secret %s/%s", secret.Namespace, secret.Name) - if err != nil { - _, _, err = r.certResources.ModifyStatus(cert, func(data resources.ObjectData) (bool, error) { - o := data.(*api.RemoteAccessCertificate) - mod := utils.ModificationState{} - mod.AssureStringValue(&o.Status.Message, err.Error()) - return mod.IsModified(), nil - }) - return err - } - - _, _, err = r.certResources.ModifyStatus(cert, func(data resources.ObjectData) (bool, error) { - o := data.(*api.RemoteAccessCertificate) - mod := utils.ModificationState{} - o.Status.NotAfter = &metav1.Time{Time: cdata.Certificate.NotAfter} - o.Status.NotBefore = &metav1.Time{Time: cdata.Certificate.NotBefore} - sn := cdata.Certificate.SerialNumber.String() - o.Status.SerialNumber = &sn - mod.Modify(true) - mod.AssureStringValue(&o.Status.Message, "") - mod.AssureBoolValue(&o.Status.Recreating, false) - return mod.IsModified(), nil - }) - - return err -} - -func (r *reconciler) resetForCertificatRecreation(certobj *api.RemoteAccessCertificate) error { - _, _, err := r.certResources.ModifyStatus(certobj, func(data resources.ObjectData) (bool, error) { - o := data.(*api.RemoteAccessCertificate) - mod := utils.ModificationState{} - mod.AssureStringValue(&o.Status.Message, "") - mod.AssureBoolValue(&o.Status.Recreating, true) - return mod.IsModified(), nil - }) - if err != nil { - return err - } - certobj.Spec.Recreate = false - _, err = r.certResources.Update(certobj) - - return err -} - -func (r *reconciler) Delete(logger logger.LogContext, obj resources.Object) reconcile.Status { - cert := obj.Data().(*api.RemoteAccessCertificate) - if err := r.deleteSecret(cert.Namespace, cert.Spec.SecretName); err != nil { - return reconcile.Failed(logger, err) - } - return reconcile.Succeeded(logger) -} - -func (r *reconciler) Deleted(logger logger.LogContext, _ resources.ClusterObjectKey) reconcile.Status { - return reconcile.Succeeded(logger) -} - -func (r *reconciler) deleteSecret(namespace, name string) error { - secret := &metav1.ObjectMeta{} - secret.SetName(name) - secret.SetNamespace(namespace) - return r.secretResources.DeleteByName(secret) -} - -func (r *reconciler) getSecret(namespace, name string) (*corev1.Secret, error) { - secret := &corev1.Secret{} - secret.SetName(name) - secret.SetNamespace(namespace) - obj, err := r.secretResources.Get(secret) - if err != nil { - return nil, err - } - return obj.Data().(*corev1.Secret), nil -} diff --git a/pkg/dns/provider/changemodel.go b/pkg/dns/provider/changemodel.go index 5e3699a13..475fbd6b1 100644 --- a/pkg/dns/provider/changemodel.go +++ b/pkg/dns/provider/changemodel.go @@ -487,7 +487,7 @@ func (this *changeModelDoneHandler) Throttled() { // DNSSets func (this *ChangeModel) Owns(set *dns.DNSSet) bool { - return set.GetKind() != api.DNSLockKind && set.IsOwnedBy(this.ownership) + return set.IsOwnedBy(this.ownership) } func (this *ChangeModel) IsForeign(set *dns.DNSSet) bool { diff --git a/pkg/dns/provider/const.go b/pkg/dns/provider/const.go index 597b418f1..b1501a2ab 100644 --- a/pkg/dns/provider/const.go +++ b/pkg/dns/provider/const.go @@ -43,7 +43,6 @@ const ( CMD_HOSTEDZONE_PREFIX = "hostedzone:" CMD_STATISTIC = "statistic" - CMD_DNSLOOKUP = "dnslookup" MSG_THROTTLING = "provider throttled" ) diff --git a/pkg/dns/provider/controller.go b/pkg/dns/provider/controller.go index 9e21e7eb1..810049991 100644 --- a/pkg/dns/provider/controller.go +++ b/pkg/dns/provider/controller.go @@ -5,6 +5,7 @@ package provider import ( + "fmt" "reflect" "time" @@ -13,6 +14,9 @@ import ( "github.com/gardener/external-dns-management/pkg/dns" "github.com/gardener/external-dns-management/pkg/dns/source" dnsutils "github.com/gardener/external-dns-management/pkg/dns/utils" + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" "github.com/gardener/controller-manager-library/pkg/config" "github.com/gardener/controller-manager-library/pkg/controllermanager/controller" @@ -46,7 +50,6 @@ var ( providerGroupKind = resources.NewGroupKind(api.GroupName, api.DNSProviderKind) entryGroupKind = resources.NewGroupKind(api.GroupName, api.DNSEntryKind) zonePolicyGroupKind = resources.NewGroupKind(api.GroupName, api.DNSHostedZonePolicyKind) - lockGroupKind = resources.NewGroupKind(api.GroupName, api.DNSLockKind) ) // RemoteAccessClientID stores the optional client ID for remote access @@ -121,7 +124,6 @@ func DNSController(name string, factory DNSHandlerFactory) controller.Configurat WorkerPool("ownerids", 1, 0). Watches( controller.NewResourceKey(api.GroupName, api.DNSOwnerKind), - controller.NewResourceKey(api.GroupName, api.DNSLockKind), ). Cluster(PROVIDER_CLUSTER). CustomResourceDefinitions(providerGroupKind). @@ -139,7 +141,6 @@ func DNSController(name string, factory DNSHandlerFactory) controller.Configurat controller.NewResourceKey(api.GroupName, api.DNSHostedZonePolicyKind), ). WorkerPool(DNS_POOL, 1, 15*time.Minute).CommandMatchers(utils.NewStringGlobMatcher(CMD_HOSTEDZONE_PREFIX+"*")). - Commands(CMD_DNSLOOKUP). WorkerPool("statistic", 2, 0).Commands(CMD_STATISTIC). OptionSource(FACTORY_OPTIONS, FactoryOptionSourceCreator(factory)) return cfg @@ -198,21 +199,19 @@ func Create(c controller.Interface, factory DNSHandlerFactory) (reconcile.Interf } func (this *reconciler) Setup() error { + if err := this.removeObsoleteCRDs(); err != nil { + return err + } this.controller.Infof("*** state Setup ") return this.state.Setup() } func (this *reconciler) Start() { - this.state.setup.pending.Add(CMD_DNSLOOKUP) this.state.Start() } func (this *reconciler) Command(logger logger.LogContext, cmd string) reconcile.Status { switch cmd { - case CMD_DNSLOOKUP: - this.state.ownerCache.TriggerDNSActivation(logger, this.controller) - this.state.UpdateLockStates(logger) - return reconcile.RescheduleAfter(logger, this.state.config.StatusCheckPeriod) case CMD_STATISTIC: this.state.UpdateOwnerCounts(logger) default: @@ -251,12 +250,6 @@ func (this *reconciler) Reconcile(logger logger.LogContext, obj resources.Object } else { return this.state.RemoveZonePolicy(logger, dnsutils.DNSHostedZonePolicy(obj)) } - case obj.IsA(&api.DNSLock{}): - if this.state.IsResponsibleFor(logger, obj) { - return this.state.UpdateEntry(logger, dnsutils.DNSLock(obj)) - } else { - return this.state.EntryDeleted(logger, obj.ClusterKey()) - } case obj.IsMinimal() && obj.GroupVersionKind().GroupKind() == secretGroupKind: return this.state.UpdateSecret(logger, obj) } @@ -272,9 +265,6 @@ func (this *reconciler) Delete(logger logger.LogContext, obj resources.Object) r case obj.IsA(&api.DNSEntry{}): _ = obj.UpdateFromCache() return this.state.DeleteEntry(logger, dnsutils.DNSEntry(obj)) - case obj.IsA(&api.DNSLock{}): - _ = obj.UpdateFromCache() - return this.state.DeleteEntry(logger, dnsutils.DNSLock(obj)) case obj.IsMinimal() && obj.GroupVersionKind().GroupKind() == secretGroupKind: return this.state.UpdateSecret(logger, obj) } @@ -293,8 +283,23 @@ func (this *reconciler) Deleted(logger logger.LogContext, key resources.ClusterO return this.state.EntryDeleted(logger, key) case zonePolicyGroupKind: return this.state.ZonePolicyDeleted(logger, key) - case lockGroupKind: - return this.state.EntryDeleted(logger, key) } return reconcile.Succeeded(logger) } + +// removeObsoleteCRDs removes DNSLock and RemoteAccessCertificates CRDs which are not supported anymore. +// Can be deleted 2025. +func (this *reconciler) removeObsoleteCRDs() error { + res, err := this.controller.GetCluster(TARGET_CLUSTER).Resources().GetByExample(&apiextensionsv1.CustomResourceDefinition{}) + if err != nil { + return err + } + for _, name := range []string{"dnslocks.dns.gardener.cloud", "remoteaccesscertificates.dns.gardener.cloud"} { + if err := res.Delete(&apiextensionsv1.CustomResourceDefinition{ObjectMeta: metav1.ObjectMeta{Name: name}}); client.IgnoreNotFound(err) != nil { + return fmt.Errorf("could not delete CRD %s: %w", name, err) + } else if err == nil { + this.controller.Infof("deleted obsolete CRD %s", name) + } + } + return nil +} diff --git a/pkg/dns/provider/entry.go b/pkg/dns/provider/entry.go index dc13fa5c1..2c669a58a 100644 --- a/pkg/dns/provider/entry.go +++ b/pkg/dns/provider/entry.go @@ -70,7 +70,7 @@ func (this *EntryPremise) NotifyChange(p *EntryPremise) string { } type EntryVersion struct { - object dnsutils.DNSSpecification + object *dnsutils.DNSEntryObject providername resources.ObjectName dnsSetName dns.DNSSetName targets Targets @@ -87,7 +87,7 @@ type EntryVersion struct { obsolete bool } -func NewEntryVersion(object dnsutils.DNSSpecification, old *Entry) *EntryVersion { +func NewEntryVersion(object *dnsutils.DNSEntryObject, old *Entry) *EntryVersion { v := &EntryVersion{ object: object, dnsSetName: dns.DNSSetName{DNSName: object.GetDNSName(), SetIdentifier: object.GetSetIdentifier()}, @@ -110,7 +110,7 @@ func (this *EntryVersion) GetAnnotations() map[string]string { return this.object.GetAnnotations() } -func (this *EntryVersion) RequiresUpdateFor(e *EntryVersion) (reasons []string, refresh bool) { +func (this *EntryVersion) RequiresUpdateFor(e *EntryVersion) (reasons []string) { if this.dnsSetName != e.dnsSetName { reasons = append(reasons, "recordset name changed") } @@ -140,11 +140,6 @@ func (this *EntryVersion) RequiresUpdateFor(e *EntryVersion) (reasons []string, if this.obsolete != e.obsolete { reasons = append(reasons, "provider responsibility changed") } - - if this.object.RefreshTime().Before(e.object.RefreshTime()) { - reasons = append(reasons, "refresh time changed") - refresh = true - } return } @@ -160,7 +155,7 @@ func (this *EntryVersion) IsDeleting() bool { return this.object.IsDeleting() } -func (this *EntryVersion) Object() dnsutils.DNSSpecification { +func (this *EntryVersion) Object() *dnsutils.DNSEntryObject { return this.object } @@ -243,78 +238,21 @@ func (this *EntryVersion) OwnerId() string { return "" } -type dnsSpecModification struct { - dnsutils.DNSSpecification - targets []string - text []string - ttl *int64 - ownerid *string - lookup *int64 - policy *dns.RoutingPolicy - resolveTargetsToAddresses *bool -} - -func (this *dnsSpecModification) GetTargets() []string { - if this.targets != nil { - return this.targets - } - return this.DNSSpecification.GetTargets() -} - -func (this *dnsSpecModification) GetText() []string { - if this.text != nil { - return this.text - } - return this.DNSSpecification.GetText() -} - -func (this *dnsSpecModification) GetOwnerId() *string { - if this.ownerid != nil { - return this.ownerid - } - return this.DNSSpecification.GetOwnerId() -} - -func (this *dnsSpecModification) GetCNameLookupInterval() *int64 { - if this.lookup != nil { - return this.lookup - } - return this.DNSSpecification.GetCNameLookupInterval() -} - -func (this *dnsSpecModification) ResolveTargetsToAddresses() *bool { - if this.resolveTargetsToAddresses != nil { - return this.resolveTargetsToAddresses - } - return this.DNSSpecification.ResolveTargetsToAddresses() -} - -func (this *dnsSpecModification) GetTTL() *int64 { - if this.ttl != nil { - return this.ttl - } - return this.DNSSpecification.GetTTL() -} - -func (this *dnsSpecModification) IsModified() bool { - return this.targets != nil || this.text != nil || this.ownerid != nil || this.lookup != nil || this.ttl != nil || this.policy != nil -} - -func complete(logger logger.LogContext, state *state, spec dnsutils.DNSSpecification, object resources.Object, prefix string) (dnsutils.DNSSpecification, error) { - if ref := spec.GetReference(); ref != nil && ref.Name != "" { - mod := &dnsSpecModification{DNSSpecification: spec} +func complete(logger logger.LogContext, state *state, entry *dnsutils.DNSEntryObject, prefix string) (*api.DNSEntrySpec, error) { + if ref := entry.GetReference(); ref != nil && ref.Name != "" { + newSpec := entry.Spec().DeepCopy() ns := ref.Namespace if ns == "" { - ns = object.GetNamespace() + ns = entry.GetNamespace() } dnsref := resources.NewObjectName(ns, ref.Name) logger.Infof("completeing spec by reference: %s%s", prefix, dnsref) - cur := object.ClusterKey() + cur := entry.ClusterKey() key := resources.NewClusterKey(cur.Cluster(), cur.GroupKind(), dnsref.Namespace(), dnsref.Name()) state.references.AddRef(cur, key) - ref, err := object.GetResource().GetCached(dnsref) + ref, err := entry.GetResource().GetCached(dnsref) if err != nil { if errors.IsNotFound(err) { err = fmt.Errorf("entry reference %s%q not found", prefix, dnsref) @@ -322,46 +260,42 @@ func complete(logger logger.LogContext, state *state, spec dnsutils.DNSSpecifica logger.Warn(err) return nil, err } - err = access.CheckAccessWithRealms(object, "use", ref, state.realms) + err = access.CheckAccessWithRealms(entry, "use", ref, state.realms) if err != nil { return nil, fmt.Errorf("%s%s", prefix, err) } - rspec, err := complete(logger, state, dnsutils.DNSEntry(ref), ref, fmt.Sprintf("%s%s->", prefix, dnsref)) + rspec, err := complete(logger, state, dnsutils.DNSEntry(ref), fmt.Sprintf("%s%s->", prefix, dnsref)) if err != nil { return nil, err } - if spec.GetTargets() != nil { + if entry.GetTargets() != nil { return nil, fmt.Errorf("%stargets specified together with entry reference", prefix) } - if spec.GetText() != nil { + if entry.GetText() != nil { err = fmt.Errorf("%stext specified together with entry reference", prefix) return nil, err } - mod.targets = rspec.GetTargets() - mod.text = rspec.GetText() + newSpec.Targets = rspec.Targets + newSpec.Text = rspec.Text - if spec.GetTTL() == nil { - mod.ttl = rspec.GetTTL() + if entry.GetTTL() == nil { + newSpec.TTL = rspec.TTL } - if spec.GetOwnerId() == nil { - mod.ownerid = rspec.GetOwnerId() + if entry.GetOwnerId() == nil { + newSpec.OwnerId = rspec.OwnerId } - if spec.GetCNameLookupInterval() == nil { - mod.lookup = rspec.GetCNameLookupInterval() - } - if mod.IsModified() { - return mod, nil + if entry.GetCNameLookupInterval() == nil { + newSpec.CNameLookupInterval = rspec.CNameLookupInterval } + return newSpec, nil } else { - state.references.DelRef(object.ClusterKey()) + state.references.DelRef(entry.ClusterKey()) } - return spec, nil + return entry.Spec(), nil } -func validate(logger logger.LogContext, state *state, entry *EntryVersion, p *EntryPremise) (effspec dnsutils.DNSSpecification, targets Targets, warnings []string, err error) { - effspec = entry.object - +func validate(logger logger.LogContext, state *state, entry *EntryVersion, p *EntryPremise) (effspec *api.DNSEntrySpec, targets Targets, warnings []string, err error) { targets = Targets{} warnings = []string{} @@ -372,10 +306,7 @@ func validate(logger logger.LogContext, state *state, entry *EntryVersion, p *En } } - if err = effspec.ValidateSpecial(); err != nil { - return - } - effspec, err = complete(logger, state, effspec, entry.object, "") + effspec, err = complete(logger, state, entry.object, "") if err != nil { return } @@ -389,16 +320,16 @@ func validate(logger logger.LogContext, state *state, entry *EntryVersion, p *En } } } - if len(effspec.GetTargets()) > 0 && len(effspec.GetText()) > 0 { + if len(effspec.Targets) > 0 && len(effspec.Text) > 0 { err = fmt.Errorf("only Text or Targets possible") return } - if ttl := effspec.GetTTL(); ttl != nil && (*ttl == 0 || *ttl < 0) { + if ttl := effspec.TTL; ttl != nil && (*ttl == 0 || *ttl < 0) { err = fmt.Errorf("TTL must be greater than zero") return } - for i, t := range effspec.GetTargets() { + for i, t := range effspec.Targets { if strings.TrimSpace(t) == "" { err = fmt.Errorf("target %d must not be empty", i+1) return @@ -415,7 +346,7 @@ func validate(logger logger.LogContext, state *state, entry *EntryVersion, p *En } } tcnt := 0 - for _, t := range effspec.GetText() { + for _, t := range effspec.Text { if t == "" { warnings = append(warnings, fmt.Sprintf("dns entry %q has empty text", entry.ObjectName())) continue @@ -428,7 +359,7 @@ func validate(logger logger.LogContext, state *state, entry *EntryVersion, p *En tcnt++ } } - if len(effspec.GetText()) > 0 && tcnt == 0 { + if len(effspec.Text) > 0 && tcnt == 0 { err = fmt.Errorf("dns entry has only empty text") return } @@ -443,7 +374,7 @@ func validateOwner(_ logger.LogContext, state *state, entry *EntryVersion) error effspec := entry.object if ownerid := utils.StringValue(effspec.GetOwnerId()); ownerid != "" { - if entry.Kind() != api.DNSLockKind && !state.ownerCache.IsResponsibleFor(ownerid) && !state.ownerCache.IsResponsiblePendingFor(ownerid) { + if !state.ownerCache.IsResponsibleFor(ownerid) && !state.ownerCache.IsResponsiblePendingFor(ownerid) { return fmt.Errorf("unknown owner id '%s'", ownerid) } } @@ -455,7 +386,7 @@ func (this *EntryVersion) Setup(logger logger.LogContext, state *state, p *Entry this.valid = false this.responsible = false - spec := this.object + spec := this.object.Spec() ///////////// handle type responsibility @@ -526,8 +457,8 @@ func (this *EntryVersion) Setup(logger logger.LogContext, state *state, p *Entry this.status.Provider = &provider defaultTTL := p.provider.DefaultTTL() this.status.TTL = &defaultTTL - if spec.GetTTL() != nil { - this.status.TTL = spec.GetTTL() + if spec.TTL != nil { + this.status.TTL = spec.TTL } } else { this.providername = nil @@ -545,8 +476,8 @@ func (this *EntryVersion) Setup(logger logger.LogContext, state *state, p *Entry } spec, targets, warnings, verr := validate(logger, state, this, p) - if p.provider != nil && spec.GetTTL() != nil { - this.status.TTL = spec.GetTTL() + if p.provider != nil && spec.TTL != nil { + this.status.TTL = spec.TTL } if verr != nil { @@ -571,7 +502,7 @@ func (this *EntryVersion) Setup(logger logger.LogContext, state *state, p *Entry targets, lookupResults, multiCName := normalizeTargets(logger, this.object, targets...) if multiCName { this.interval = int64(600) - if iv := spec.GetCNameLookupInterval(); iv != nil && *iv > 0 { + if iv := spec.CNameLookupInterval; iv != nil && *iv > 0 { this.interval = *iv if this.interval < 30 { this.interval = 30 @@ -611,7 +542,7 @@ func (this *EntryVersion) Setup(logger logger.LogContext, state *state, p *Entry } this.targets = targets - this.routingPolicy = spec.GetRoutingPolicy() + this.routingPolicy = dnsutils.ToDNSRoutingPolicy(spec.RoutingPolicy) if err != nil { if this.status.State != api.STATE_STALE { if this.status.State == api.STATE_READY && (p.provider != nil && !p.provider.IsValid()) { @@ -647,33 +578,31 @@ func (this *EntryVersion) Setup(logger logger.LogContext, state *state, p *Entry } } - switch this.object.(type) { - case *dnsutils.DNSEntryObject: - logger.Infof("%s: valid: %t, message: %s%s", this.status.State, this.valid, utils.StringValue(this.status.Message), errorValue(", err: %s", err)) - logmsg := dnsutils.NewLogMessage("update entry status") - f := func(data resources.ObjectData) (bool, error) { - obj, err := this.object.GetResource().Wrap(data) - if err != nil { - return false, err - } - status := dnsutils.DNSObject(obj).BaseStatus() - mod := &utils.ModificationState{} - if p.zoneid != "" { - mod.AssureStringPtrValue(&status.ProviderType, p.ptype) - } - mod.AssureStringValue(&status.State, this.status.State). - AssureStringPtrPtr(&status.Message, this.status.Message). - AssureStringPtrPtr(&status.Zone, this.status.Zone). - AssureStringPtrPtr(&status.Provider, this.status.Provider) - if mod.IsModified() { - dnsutils.SetLastUpdateTime(&status.LastUptimeTime) - logmsg.Infof(logger) - } - mod.Modify(dnsutils.DNSEntry(obj).AcknowledgeCNAMELookupInterval(this.interval)) - return mod.IsModified(), nil + logger.Infof("%s: valid: %t, message: %s%s", this.status.State, this.valid, utils.StringValue(this.status.Message), errorValue(", err: %s", err)) + logmsg := dnsutils.NewLogMessage("update entry status") + f := func(data resources.ObjectData) (bool, error) { + obj, err := this.object.GetResource().Wrap(data) + if err != nil { + return false, err + } + status := dnsutils.DNSEntry(obj).BaseStatus() + mod := &utils.ModificationState{} + if p.zoneid != "" { + mod.AssureStringPtrValue(&status.ProviderType, p.ptype) + } + mod.AssureStringValue(&status.State, this.status.State). + AssureStringPtrPtr(&status.Message, this.status.Message). + AssureStringPtrPtr(&status.Zone, this.status.Zone). + AssureStringPtrPtr(&status.Provider, this.status.Provider) + if mod.IsModified() { + dnsutils.SetLastUpdateTime(&status.LastUptimeTime) + logmsg.Infof(logger) } - _, err = this.object.ModifyStatus(f) + mod.Modify(dnsutils.DNSEntry(obj).AcknowledgeCNAMELookupInterval(this.interval)) + return mod.IsModified(), nil } + _, err = this.object.ModifyStatus(f) + return reconcile.DelayOnError(logger, err) } @@ -689,7 +618,11 @@ func (this *EntryVersion) NotRateLimited() bool { func (this *EntryVersion) updateStatus(logger logger.LogContext, state, msg string, args ...interface{}) error { logmsg := dnsutils.NewLogMessage(msg, args...) f := func(data resources.ObjectData) (bool, error) { - o := dnsutils.DNSObject(this.object.GetResource().Wrap(data)) + tmp, err := this.object.GetResource().Wrap(data) + if err != nil { + return false, err + } + o := dnsutils.DNSEntry(tmp) status := o.BaseStatus() mod := (&utils.ModificationState{}). AssureStringPtrPtr(&status.ProviderType, this.status.ProviderType). @@ -721,7 +654,7 @@ func (this *EntryVersion) UpdateStatus(logger logger.LogContext, state string, m if err != nil { return false, err } - o := dnsutils.DNSObject(obj) + o := dnsutils.DNSEntry(obj) b := o.BaseStatus() if state == api.STATE_PENDING && b.State != "" { return false, nil @@ -767,7 +700,7 @@ func (this *EntryVersion) UpdateState(logger logger.LogContext, state, msg strin if err != nil { return false, err } - o := dnsutils.DNSObject(obj) + o := dnsutils.DNSEntry(obj) b := o.BaseStatus() mod := &utils.ModificationState{} @@ -797,7 +730,7 @@ func targetList(targets Targets) ([]string, string) { return list, msg } -func normalizeTargets(logger logger.LogContext, object dnsutils.DNSSpecification, targets ...Target) (Targets, *lookupAllResults, bool) { +func normalizeTargets(logger logger.LogContext, object *dnsutils.DNSEntryObject, targets ...Target) (Targets, *lookupAllResults, bool) { multiCNAME := len(targets) > 0 && targets[0].GetRecordType() == dns.RS_CNAME && (len(targets) > 1 || ptr.Deref(object.ResolveTargetsToAddresses(), false)) if !multiCNAME { return targets, nil, false @@ -833,13 +766,12 @@ func normalizeTargets(logger logger.LogContext, object dnsutils.DNSSpecification /////////////////////////////////////////////////////////////////////////////// type Entry struct { - lock *dnsutils.TryLock - key string - createdAt time.Time - modified bool - updateRequired bool - activezone dns.ZoneID - state *state + lock *dnsutils.TryLock + key string + createdAt time.Time + modified bool + activezone dns.ZoneID + state *state *EntryVersion } @@ -872,7 +804,7 @@ func (this *Entry) IsActive() bool { if id == "" { id = this.state.config.Ident } - return this.Kind() == api.DNSLockKind || this.state.ownerCache.IsResponsibleFor(id) + return this.state.ownerCache.IsResponsibleFor(id) } func (this *Entry) IsModified() bool { @@ -888,7 +820,7 @@ func (this *Entry) Update(logger logger.LogContext, new *EntryVersion) *Entry { return NewEntry(new, this.state) } - reasons, _ := this.RequiresUpdateFor(new) + reasons := this.RequiresUpdateFor(new) if len(reasons) != 0 { logger.Infof("update actual entry: valid: %t %v", new.IsValid(), reasons) if this.targets.DifferFrom(new.targets) && !new.IsDeleting() { diff --git a/pkg/dns/provider/ownercache.go b/pkg/dns/provider/ownercache.go index fa1b1d653..c5f604cfa 100644 --- a/pkg/dns/provider/ownercache.go +++ b/pkg/dns/provider/ownercache.go @@ -8,14 +8,9 @@ import ( "context" "sync" - "github.com/gardener/controller-manager-library/pkg/controllermanager/controller" - "github.com/gardener/controller-manager-library/pkg/logger" "github.com/gardener/controller-manager-library/pkg/resources" "github.com/gardener/controller-manager-library/pkg/utils" "github.com/gardener/external-dns-management/pkg/dns" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - api "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" "github.com/gardener/external-dns-management/pkg/dns/provider/statistic" dnsutils "github.com/gardener/external-dns-management/pkg/dns/utils" ) @@ -41,18 +36,6 @@ type OwnerName string type OwnerObjectInfos map[OwnerName]OwnerObjectInfo -type OwnerDNSActivation struct { - Key resources.ClusterObjectKey - Current bool - api.DNSActivation -} - -func (this *OwnerDNSActivation) IsActive() bool { - return dnsutils.CheckDNSActivation(this.Key.Cluster(), &this.DNSActivation) -} - -type OwnerDNSActivations map[resources.ClusterObjectKey]*OwnerDNSActivation - type OwnerIDInfo struct { refcount int entrycounts map[string]int @@ -72,54 +55,24 @@ type OwnerCache struct { lock sync.RWMutex ctx ProviderCacheContext - owners OwnerObjectInfos - dnsactivations OwnerDNSActivations + owners OwnerObjectInfos ownerids OwnerIDInfos pendingids utils.StringSet - - schedule *dnsutils.Schedule } var _ dns.Ownership = &OwnerCache{} func NewOwnerCache(ctx ProviderCacheContext, config *Config) *OwnerCache { this := &OwnerCache{ - ctx: ctx, - owners: OwnerObjectInfos{}, - ownerids: OwnerIDInfos{config.Ident: {refcount: 1, entrycounts: ProviderTypeCounts{}}}, - dnsactivations: OwnerDNSActivations{}, - pendingids: utils.StringSet{}, + ctx: ctx, + owners: OwnerObjectInfos{}, + ownerids: OwnerIDInfos{config.Ident: {refcount: 1, entrycounts: ProviderTypeCounts{}}}, + pendingids: utils.StringSet{}, } - this.schedule = dnsutils.NewSchedule(ctx.GetContext(), dnsutils.ScheduleExecutorFunction(this.expire)) return this } -func (this *OwnerCache) GetDNSActivations() OwnerDNSActivations { - queries := OwnerDNSActivations{} - this.lock.RLock() - defer this.lock.RUnlock() - for k, v := range this.dnsactivations { - queries[k] = v - } - return queries -} - -func (this *OwnerCache) TriggerDNSActivation(logger logger.LogContext, cntr controller.Interface) { - for k, a := range this.GetDNSActivations() { - if active := a.IsActive(); active != a.Current { - logger.Infof("DNS activation changed for %s[%s] (%t)", k.ObjectName(), a.DNSName, active) - _ = cntr.EnqueueKey(k) - } - } -} - -func (this *OwnerCache) expire(key dnsutils.ScheduleKey) { - id := key.(resources.ClusterObjectKey) - this.ctx.Infof("owner %s expired", id.Name()) - _ = this.ctx.EnqueueKey(id) -} - func (this *OwnerCache) IsResponsibleFor(id string) bool { this.lock.RLock() defer this.lock.RUnlock() @@ -176,21 +129,16 @@ func (this *OwnerCache) UpdateOwner(owner *dnsutils.DNSOwnerObject) (changeset u active := owner.IsActive() this.lock.Lock() defer this.lock.Unlock() - if activation := owner.GetDNSActivation(); activation != nil { - this.dnsactivations[owner.ClusterKey()] = &OwnerDNSActivation{Key: owner.ClusterKey(), Current: active, DNSActivation: *activation} - } else { - delete(this.dnsactivations, owner.ClusterKey()) - } - return this._updateOwnerData(OwnerName(owner.GetName()), owner.ClusterKey(), owner.GetOwnerId(), active, owner.GetCounts(), owner.ValidUntil()) + return this._updateOwnerData(OwnerName(owner.GetName()), owner.GetOwnerId(), active, owner.GetCounts()) } -func (this *OwnerCache) updateOwnerData(cachekey OwnerName, key dnsutils.ScheduleKey, id string, active bool, counts ProviderTypeCounts, valid *metav1.Time) (changeset utils.StringSet, activeset utils.StringSet) { +func (this *OwnerCache) updateOwnerData(cachekey OwnerName, id string, active bool, counts ProviderTypeCounts) (changeset utils.StringSet, activeset utils.StringSet) { this.lock.Lock() defer this.lock.Unlock() - return this._updateOwnerData(cachekey, key, id, active, counts, valid) + return this._updateOwnerData(cachekey, id, active, counts) } -func (this *OwnerCache) _updateOwnerData(cachekey OwnerName, key dnsutils.ScheduleKey, id string, active bool, counts ProviderTypeCounts, valid *metav1.Time) (changeset utils.StringSet, activeset utils.StringSet) { +func (this *OwnerCache) _updateOwnerData(cachekey OwnerName, id string, active bool, counts ProviderTypeCounts) (changeset utils.StringSet, activeset utils.StringSet) { changeset = utils.StringSet{} old, ok := this.owners[cachekey] @@ -200,13 +148,6 @@ func (this *OwnerCache) _updateOwnerData(cachekey OwnerName, key dnsutils.Schedu } this.deactivate(cachekey, old, changeset) } - if key != nil { - if active && valid != nil { - this.schedule.Schedule(key, (*valid).Time) - } else { - this.schedule.Delete(key) - } - } this.activate(cachekey, id, active, changeset, counts) return changeset, this.ownerids.KeySet() } @@ -214,12 +155,10 @@ func (this *OwnerCache) _updateOwnerData(cachekey OwnerName, key dnsutils.Schedu func (this *OwnerCache) DeleteOwner(key resources.ClusterObjectKey) (changeset utils.StringSet, activeset utils.StringSet) { this.lock.Lock() defer this.lock.Unlock() - delete(this.dnsactivations, key) changeset = utils.StringSet{} cachekey := OwnerName(key.Name()) old, ok := this.owners[cachekey] if ok { - this.schedule.Delete(key) this.deactivate(cachekey, old, changeset) } return changeset, this.ownerids.KeySet() diff --git a/pkg/dns/provider/ownercache_test.go b/pkg/dns/provider/ownercache_test.go index 3854ab2f3..05fc48599 100644 --- a/pkg/dns/provider/ownercache_test.go +++ b/pkg/dns/provider/ownercache_test.go @@ -6,14 +6,11 @@ package provider import ( "context" - "time" "github.com/gardener/controller-manager-library/pkg/resources" "github.com/gardener/controller-manager-library/pkg/utils" ginkgov2 "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime/schema" ) const ident = "TEST" @@ -23,7 +20,6 @@ const ident = "TEST" type owner struct { id string - valid *metav1.Time active bool } type TestOwnerCacheContext struct { @@ -42,27 +38,21 @@ func (this *TestOwnerCacheContext) EnqueueKey(key resources.ClusterObjectKey) er cachekey := OwnerName(key.Name()) old, ok := this.ids[cachekey] if ok { - active := old.active && old.valid.After(time.Now()) - this.OwnerCache.updateOwnerData(cachekey, key, old.id, active, nil, old.valid) + this.OwnerCache.updateOwnerData(cachekey, old.id, old.active, nil) } return nil } func (this *TestOwnerCacheContext) updateOwnerData(cachekey OwnerName, id string, active bool) (changeset utils.StringSet, activeset utils.StringSet) { - return this._updateOwnerData(cachekey, id, active, nil) + return this._updateOwnerData(cachekey, id, active) } -func (this *TestOwnerCacheContext) updateOwnerDataExpiration(cachekey OwnerName, id string, active bool, valid time.Duration) (changeset utils.StringSet, activeset utils.StringSet) { - t := metav1.NewTime(time.Now().Add(valid)) - return this._updateOwnerData(cachekey, id, active, &t) -} - -func (this *TestOwnerCacheContext) _updateOwnerData(cachekey OwnerName, id string, active bool, valid *metav1.Time) (changeset utils.StringSet, activeset utils.StringSet) { +func (this *TestOwnerCacheContext) _updateOwnerData(cachekey OwnerName, id string, active bool) (changeset utils.StringSet, activeset utils.StringSet) { this.ids[cachekey] = owner{ - id, valid, active, + id: id, + active: active, } - key := resources.NewClusterKey("", schema.GroupKind{}, "", string(cachekey)) - return this.OwnerCache.updateOwnerData(cachekey, key, id, active, nil, valid) + return this.OwnerCache.updateOwnerData(cachekey, id, active, nil) } //////////////////////////////////////////////////////////////////////////////// @@ -218,16 +208,4 @@ var _ = ginkgov2.Describe("Owner cache", func() { Expect(cache.GetIds()).To(Equal(utils.NewStringSet(ident))) }) - - ginkgov2.It("activate and observe expiration date", func() { - changed, _ := cache.updateOwnerDataExpiration(name1, "id1", true, 1*time.Second) - Expect(changed).To(Equal(utils.NewStringSet("id1"))) - changed, _ = cache.updateOwnerData(name2, "id2", true) - Expect(changed).To(Equal(utils.NewStringSet("id2"))) - Expect(cache.GetIds()).To(Equal(utils.NewStringSet(ident, "id1", "id2"))) - time.Sleep(2 * time.Second) - Expect(cache.GetIds()).To(Equal(utils.NewStringSet(ident, "id2"))) - _, _ = cache.updateOwnerData(name1, "id1", true) - Expect(cache.GetIds()).To(Equal(utils.NewStringSet(ident, "id1", "id2"))) - }) }) diff --git a/pkg/dns/provider/state.go b/pkg/dns/provider/state.go index d449d690e..3fbf221f9 100644 --- a/pkg/dns/provider/state.go +++ b/pkg/dns/provider/state.go @@ -260,13 +260,6 @@ func (this *state) Setup() error { }, processors); err != nil { return err } - if err := this.setupFor(&api.DNSLock{}, "locks", func(e resources.Object) error { - p := dnsutils.DNSLock(e) - this.UpdateEntry(this.context.NewContext("entry", p.ObjectName().String()), p) - return nil - }, processors); err != nil { - return err - } this.triggerStatistic() this.initialized = true @@ -418,7 +411,7 @@ type providerMatch struct { match int } -func (this *state) lookupProvider(e dnsutils.DNSSpecification) (DNSProvider, DNSProvider, error) { +func (this *state) lookupProvider(e *dnsutils.DNSEntryObject) (DNSProvider, DNSProvider, error) { handleMatch := func(match *providerMatch, p *dnsProviderVersion, n int, err error) error { if match.match <= n { err2 := access.CheckAccessWithRealms(e, "use", p.Object(), this.realms) @@ -520,9 +513,6 @@ func (this *state) addEntriesForZone( } } for dns, e := range this.dnsnames { - if e.Kind() == api.DNSLockKind { - continue - } if e.IsValid() { provider, fallback, err := this.lookupProvider(e.Object()) if (provider == nil || !provider.IsValid()) && !e.IsDeleting() { diff --git a/pkg/dns/provider/state_entry.go b/pkg/dns/provider/state_entry.go index 8e255ba74..75805e8aa 100644 --- a/pkg/dns/provider/state_entry.go +++ b/pkg/dns/provider/state_entry.go @@ -7,9 +7,6 @@ package provider import ( "fmt" "math/rand" - "net" - "strconv" - "strings" "time" "github.com/gardener/controller-manager-library/pkg/controllermanager/controller/reconcile" @@ -20,7 +17,6 @@ import ( "github.com/gardener/external-dns-management/pkg/dns" perrs "github.com/gardener/external-dns-management/pkg/dns/provider/errors" dnsutils "github.com/gardener/external-dns-management/pkg/dns/utils" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" ) @@ -85,11 +81,11 @@ func (this *state) addBlockingEntries(logger logger.LogContext, entries Entries) //////////////////////////////////////////////////////////////////////////////// -func (this *state) UpdateEntry(logger logger.LogContext, object dnsutils.DNSSpecification) reconcile.Status { +func (this *state) UpdateEntry(logger logger.LogContext, object *dnsutils.DNSEntryObject) reconcile.Status { return this.HandleUpdateEntry(logger, "reconcile", object) } -func (this *state) DeleteEntry(logger logger.LogContext, object dnsutils.DNSSpecification) reconcile.Status { +func (this *state) DeleteEntry(logger logger.LogContext, object *dnsutils.DNSEntryObject) reconcile.Status { return this.HandleUpdateEntry(logger, "delete", object) } @@ -115,9 +111,7 @@ func (this *state) addEntryVersion(logger logger.LogContext, v *EntryVersion, st if v.IsDeleting() { var err error if old != nil { - if old.Kind() != api.DNSLockKind { // TODO: why is cleanup called here - this.cleanupEntry(logger, old) - } + this.cleanupEntry(logger, old) } if new.valid { if !new.activezone.IsEmpty() && this.zones[new.activezone] != nil { @@ -217,7 +211,7 @@ func (this *state) addEntryVersion(logger logger.LogContext, v *EntryVersion, st return new, status } -func (this *state) entryPremise(e dnsutils.DNSSpecification) (*EntryPremise, error) { +func (this *state) entryPremise(e *dnsutils.DNSEntryObject) (*EntryPremise, error) { provider, fallback, err := this.lookupProvider(e) p := &EntryPremise{ ptypes: this.config.Enabled, @@ -244,7 +238,7 @@ func (this *state) entryPremise(e dnsutils.DNSSpecification) (*EntryPremise, err return p, err } -func (this *state) HandleUpdateEntry(logger logger.LogContext, op string, object dnsutils.DNSSpecification) reconcile.Status { +func (this *state) HandleUpdateEntry(logger logger.LogContext, op string, object *dnsutils.DNSEntryObject) reconcile.Status { this.lock.Lock() defer this.lock.Unlock() @@ -257,21 +251,18 @@ func (this *state) HandleUpdateEntry(logger logger.LogContext, op string, object defer old.lock.Unlock() } - switch object.(type) { - case *dnsutils.DNSEntryObject: - if !object.IsDeleting() && object.GetAnnotations()[dns.AnnotationIgnore] == "true" { - _, err := object.ModifyStatus(func(data resources.ObjectData) (bool, error) { - status := &data.(*api.DNSEntry).Status - mod := utils.ModificationState{} - mod.AssureStringValue(&status.State, api.STATE_IGNORED) - mod.AssureStringPtrPtr(&status.Message, ptr.To("entry is ignored as annotated with "+dns.AnnotationIgnore)) - return mod.IsModified(), nil - }) - if err != nil { - return reconcile.Delay(logger, err) - } - return reconcile.Succeeded(logger, "ignored") + if !object.IsDeleting() && object.GetAnnotations()[dns.AnnotationIgnore] == "true" { + _, err := object.ModifyStatus(func(data resources.ObjectData) (bool, error) { + status := &data.(*api.DNSEntry).Status + mod := utils.ModificationState{} + mod.AssureStringValue(&status.State, api.STATE_IGNORED) + mod.AssureStringPtrPtr(&status.Message, ptr.To("entry is ignored as annotated with "+dns.AnnotationIgnore)) + return mod.IsModified(), nil + }) + if err != nil { + return reconcile.Delay(logger, err) } + return reconcile.Succeeded(logger, "ignored") } p, err := this.entryPremise(object) @@ -293,14 +284,6 @@ func (this *state) HandleUpdateEntry(logger logger.LogContext, op string, object new, status := this.addEntryVersion(logger, v, status) if new != nil { - if new.Kind() == api.DNSLockKind { - if object.IsDeleting() { - return this.checkAndDeleteLock(logger, new, p) - } else { - return this.checkAndUpdateLock(logger, new, p) - } - } - if new.IsModified() && !new.ZoneId().IsEmpty() { this.smartInfof(logger, "trigger zone %q", new.ZoneId()) this.triggerHostedZone(new.ZoneId()) @@ -381,252 +364,6 @@ func (this *state) cleanupEntry(logger logger.LogContext, e *Entry) { } } -func (this *state) checkAndUpdateLock(logger logger.LogContext, entry *Entry, premise *EntryPremise) reconcile.Status { - if !entry.updateRequired && entry.object.BaseStatus().ObservedGeneration == entry.object.GetGeneration() { - return reconcile.Succeeded(logger) - } - - handler := premise.provider.GetDedicatedDNSAccess() - if handler == nil { - return reconcile.Failed(logger, fmt.Errorf("provider type %s does not support DNS locks", premise.ptype)) - } - zone := this.zones[entry.ZoneId()] - - newTTL := entry.TTL() - records := dns.Records{} - for _, s := range entry.object.GetText() { - target := dnsutils.NewText(s, newTTL) - records = append(records, target.AsRecord()) - } - newRS := FromDedicatedRecordSet(entry.DNSSetName(), dns.NewRecordSet(dns.RS_TXT, newTTL, records)) - - rs, err := handler.GetRecordSet(zone, entry.DNSSetName(), dns.RS_TXT) - if err != nil { - return reconcile.Delay(logger, err) - } - owned := true - ok := true - ownedMsg := "" - if len(rs) != 0 { - lockID := rs.GetAttr(dns.ATTR_LOCKID) - timestamp := rs.GetAttr(dns.ATTR_TIMESTAMP) - owned, ok, ownedMsg = isLockOwned(entry.object.(*dnsutils.DNSLockObject), lockID, timestamp) - } - - if owned && hasLockRecordsetChanged(rs, newRS) { - err = handler.CreateOrUpdateRecordSet(logger, zone, rs, newRS) - if err != nil { - return reconcile.Delay(logger, err) - } - logger.Infof("lock created or updated") - } - entry.updateRequired = false - - _, err = entry.object.ModifyStatus(func(data resources.ObjectData) (bool, error) { - status := &data.(*api.DNSLock).Status - mod := utils.ModificationState{} - if status.FirstFailedDNSLookup != nil { - status.FirstFailedDNSLookup = nil - mod.Modify(true) - } - - state := api.STATE_READY - msg := "DNS record is set." - if !ok { - state = api.STATE_INVALID - msg = ownedMsg - } else if !owned { - msg = ownedMsg - } - - mod.AssureStringValue(&status.State, state) - mod.AssureStringPtrPtr(&status.Message, &msg) - - mod.AssureStringPtrPtr(&status.Zone, &premise.zoneid) - provider := premise.provider.ObjectName().String() - mod.AssureStringPtrPtr(&status.Provider, &provider) - mod.AssureStringPtrPtr(&status.ProviderType, &premise.ptype) - mod.AssureInt64Value(&status.ObservedGeneration, entry.object.GetGeneration()) - return mod.IsModified(), nil - }) - if err != nil { - return reconcile.Delay(logger, err) - } - - return reconcile.Succeeded(logger) -} - -func hasLockRecordsetChanged(old, new DedicatedRecordSet) bool { - if len(new) != len(old) { - return true - } - - oldRecords := utils.NewStringSet() - for _, s := range old { - oldRecords.Add(s.GetValue()) - } - - oldTTL := 120 - if len(old) > 0 { - oldTTL = old[0].GetTTL() - } - for _, r := range new { - if !oldRecords.Contains(r.GetValue()) || oldTTL != r.GetTTL() { - return true - } - } - return false -} - -func isLockOwned(obj *dnsutils.DNSLockObject, lockDNS, timestampDNS string) (owned, ok bool, msg string) { - if lockObj := utils.StringValue(obj.Spec().LockId); lockObj != lockDNS { - msg = fmt.Sprintf("mismatching lock ids %s != %s", lockObj, lockDNS) - return - } - i, err := strconv.ParseInt(timestampDNS, 10, 64) - if err != nil { - msg = fmt.Sprintf("invalid timestamp in DNS record: %s", timestampDNS) - return - } - ok = true - tsDNS := time.Unix(i, 0) - if tsObj := obj.GetTimestamp(); tsObj.Before(tsDNS) { - msg = fmt.Sprintf("skipping DNS update because of timestamp %s < %s", tsObj, tsDNS) - return - } - owned = true - return -} - -func (this *state) checkAndDeleteLock(logger logger.LogContext, entry *Entry, premise *EntryPremise) reconcile.Status { - handler := premise.provider.GetDedicatedDNSAccess() - zone := this.zones[entry.ZoneId()] - - rs, err := handler.GetRecordSet(zone, entry.DNSSetName(), dns.RS_TXT) - if err != nil { - return reconcile.Delay(logger, err) - } - if rs != nil { - lockID := rs.GetAttr(dns.ATTR_LOCKID) - timestamp := rs.GetAttr(dns.ATTR_TIMESTAMP) - owned, _, _ := isLockOwned(entry.object.(*dnsutils.DNSLockObject), lockID, timestamp) - if owned { - err = handler.DeleteRecordSet(logger, zone, rs) - if err != nil { - return reconcile.Delay(logger, err) - } - logger.Infof("lock deleted") - } - } - return reconcile.DelayOnError(logger, this.RemoveFinalizer(entry.object)) -} - -func (this *state) UpdateLockStates(log logger.LogContext) { - this.lock.RLock() - entries := map[string]*Entry{} - for _, e := range this.entries { - if e.Kind() == api.DNSLockKind { - entries[e.DNSName()] = e - } - } - this.lock.RUnlock() - - for dnsName, e := range entries { - records, err := net.LookupTXT(dnsName) - this.updateLockState(log, dnsName, e, records, err) - } -} - -func (this *state) updateLockState(log logger.LogContext, dnsName string, e *Entry, records []string, err error) { - _ = e.lock.Lock() - defer e.lock.Unlock() - - updateRequired := false - firstfailed := time.Time{} - ts := time.Time{} - timestampDNS := "" - lockDNS := "" - attrs := map[string]string{} - unnamed := 0 - - if err == nil { - log.Infof("found records %v", records) - for _, r := range records { - r = strings.Trim(r, "\"") - fields := strings.Split(r, "=") - if len(fields) != 2 { - fields = []string{fmt.Sprintf("_%d", unnamed), r} - unnamed++ - } - switch fields[0] { - case dns.ATTR_TIMESTAMP: - timestampDNS = fields[1] - i, err := strconv.ParseInt(timestampDNS, 10, 64) - if err != nil { - continue - } - ts = time.Unix(i, 0) - case dns.ATTR_LOCKID: - lockDNS = fields[1] - default: - attrs[fields[0]] = fields[1] - } - } - } else { - log.Warnf("dns lookup failed for %q: %s", dnsName, err) - now := time.Now() - status := e.object.StatusField().(*api.DNSLockStatus) - ttl := time.Duration(e.object.Data().(*api.DNSLock).Spec.TTL) * time.Second - if status.FirstFailedDNSLookup != nil && status.FirstFailedDNSLookup.After(this.startupTime) { - firstfailed = status.FirstFailedDNSLookup.Time - if now.Sub(firstfailed) > ttl*2 { - log.Infof("try to resurrect dns lock %q", e.object.ObjectName()) - updateRequired = true - } - } else { - firstfailed = now - } - } - - owned, ok, ownedMsg := isLockOwned(e.object.(*dnsutils.DNSLockObject), lockDNS, timestampDNS) - if _, err = e.object.ModifyStatus(func(data resources.ObjectData) (bool, error) { - status := &data.(*api.DNSLock).Status - mod := utils.ModificationState{} - mod.Modify(AssureTimestamp(&status.Timestamp, ts)) - state := api.STATE_READY - msg := "DNS record is set." - if !ok { - state = api.STATE_INVALID - msg = ownedMsg - } else if !owned { - msg = ownedMsg - } - - if !firstfailed.IsZero() { - state = api.STATE_STALE - msg = "DNS record cannot be looked up" - } - mod.AssureStringValue(&status.State, state) - mod.AssureStringPtrPtr(&status.Message, &msg) - var pLockID *string - if lockDNS != "" { - pLockID = &lockDNS - } - mod.AssureStringPtrPtr(&status.LockId, pLockID) - mod.Modify(AssureTimestamp(&status.FirstFailedDNSLookup, firstfailed)) - mod.Modify(!EqualAttrs(attrs, status.Attributes)) - status.Attributes = attrs - return mod.IsModified(), nil - }); err != nil { - log.Infof("status update failed for %s: %s", e.object.ObjectName(), err) - } - - if updateRequired { - e.updateRequired = true - _ = this.context.Enqueue(e.object) - } -} - func (this *state) DeleteLookupJob(entryName resources.ObjectName) { this.lookupProcessor.Delete(entryName) } @@ -634,30 +371,3 @@ func (this *state) DeleteLookupJob(entryName resources.ObjectName) { func (this *state) UpsertLookupJob(entryName resources.ObjectName, results lookupAllResults, interval time.Duration) { this.lookupProcessor.Upsert(entryName, results, interval) } - -func AssureTimestamp(target **metav1.Time, ts time.Time) bool { - mod := false - if ts.IsZero() { - mod = *target != nil - *target = nil - } else { - if *target == nil || !(*target).Time.Equal(ts) { - mod = true - } - t := metav1.NewTime(ts) - *target = &t - } - return mod -} - -func EqualAttrs(a, b map[string]string) bool { - if len(a) != len(b) { - return false - } - for k, v := range a { - if f, ok := b[k]; !ok || f != v { - return false - } - } - return true -} diff --git a/pkg/dns/provider/state_owner.go b/pkg/dns/provider/state_owner.go index 9138f5465..aec674c6a 100644 --- a/pkg/dns/provider/state_owner.go +++ b/pkg/dns/provider/state_owner.go @@ -6,7 +6,6 @@ package provider import ( "fmt" - "time" "github.com/gardener/controller-manager-library/pkg/controllermanager/controller/reconcile" "github.com/gardener/controller-manager-library/pkg/logger" @@ -22,19 +21,8 @@ import ( // state handling for OwnerIds //////////////////////////////////////////////////////////////////////////////// -func delta(owner *dnsutils.DNSOwnerObject, changed, active utils.StringSet) string { +func delta(changed, active utils.StringSet) string { msg := "" - if owner != nil && owner.ValidUntil() != nil { - if owner.IsEnabled() { - if !owner.IsActive() { - msg = fmt.Sprintf(" (%s expired (%s))", owner.GetName(), owner.ValidUntil().Format(time.RFC3339)) - } else { - d := time.Until(owner.ValidUntil().Time) - msg = fmt.Sprintf(" (%s expires in %s)", owner.GetName(), d) - } - } - } - added := utils.NewStringSet() deleted := utils.NewStringSet() for k := range changed { @@ -70,7 +58,7 @@ func (this *state) UpdateOwner(logger logger.LogContext, owner *dnsutils.DNSOwne this.lock.Lock() changed, active := this.ownerCache.UpdateOwner(owner) this.lock.Unlock() - logger.Infof("update: owner ids %s", delta(owner, changed, active)) + logger.Infof("update: owner ids %s", delta(changed, active)) logger.Debugf(" active owner ids %s", active) if len(changed) > 0 { this.TriggerEntriesByOwner(logger, changed) diff --git a/pkg/dns/utils/schedule.go b/pkg/dns/utils/schedule.go deleted file mode 100644 index c576cf78b..000000000 --- a/pkg/dns/utils/schedule.go +++ /dev/null @@ -1,258 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package utils - -import ( - "context" - "fmt" - "sync" - "time" -) - -type Timer struct { - lock sync.Mutex - done <-chan struct{} - stop chan struct{} - timer *time.Timer - exec func(*Timer) -} - -func NewTimer(ctx context.Context, exec func(*Timer)) *Timer { - return &Timer{ - done: ctx.Done(), - stop: make(chan struct{}), - exec: exec, - } -} - -func (this *Timer) Next(d time.Duration) { - this.lock.Lock() - defer this.lock.Unlock() - - if this.timer == nil { - this.timer = time.NewTimer(d) - go this.process() - } else { - this.timer.Stop() - this.timer.Reset(d) - } -} - -func (this *Timer) Stop() { - this.lock.Lock() - defer this.lock.Unlock() - if this.timer != nil { - this.timer.Stop() - close(this.stop) - } -} - -func (this *Timer) process() { -loop: - for { - select { - case <-this.done: - break loop - case <-this.stop: - break loop - case _, ok := <-this.timer.C: - if !ok { - break loop - } - go this.exec(this) - } - } -} - -type ScheduleExecutor interface { - Execute(key ScheduleKey) -} - -type ScheduleExecutorFunction func(key ScheduleKey) - -func (this ScheduleExecutorFunction) Execute(key ScheduleKey) { - this(key) -} - -type ScheduleKey interface{} - -type ScheduleEntry struct { - key ScheduleKey - due time.Time -} - -type scheduleEntry struct { - ScheduleEntry - next *scheduleEntry - prev **scheduleEntry -} - -func (this ScheduleEntry) Key() ScheduleKey { - return this.key -} - -func (this ScheduleEntry) Due() time.Time { - return this.due -} - -func (this ScheduleEntry) String() string { - return fmt.Sprintf("%s: %s", this.key, this.due.Format(time.RFC3339)) -} - -type Schedule struct { - lock sync.Mutex - ctx context.Context - exec ScheduleExecutor - - timer *Timer - - entries map[ScheduleKey]*scheduleEntry - next *scheduleEntry -} - -func NewSchedule(ctx context.Context, exec ScheduleExecutor) *Schedule { - sched := &Schedule{ - entries: map[ScheduleKey]*scheduleEntry{}, - ctx: ctx, - exec: exec, - } - sched.timer = NewTimer(ctx, sched.execute) - return sched -} - -func (this *Schedule) Reset() { - this.lock.Lock() - defer this.lock.Unlock() - - this.timer.Stop() - this.timer = NewTimer(this.ctx, this.execute) -} - -func (this *Schedule) execute(timer *Timer) { - this.lock.Lock() - defer this.lock.Unlock() - - if this.timer != timer { - return - } - now := time.Now() - for this.next != nil && !this.next.due.After(now) { - go this.exec.Execute(this.next.key) - delete(this.entries, this.next.key) - this.next.prev = &this.next - this.next = this.next.next - } - if this.next != nil { - timer.Next(this.next.due.Sub(now)) - } -} - -func (this *Schedule) List() []ScheduleKey { - this.lock.Lock() - defer this.lock.Unlock() - - list := []ScheduleKey{} - next := this.next - for next != nil { - list = append(list, next.key) - next = next.next - } - return list -} - -func (this *Schedule) ListSchedule() []ScheduleEntry { - this.lock.Lock() - defer this.lock.Unlock() - - list := []ScheduleEntry{} - next := this.next - for next != nil { - list = append(list, next.ScheduleEntry) - next = next.next - } - return list -} - -func (this *Schedule) Delete(key ScheduleKey) { - this.lock.Lock() - defer this.lock.Unlock() - - old := this.entries[key] - if old != nil { - if old.next != nil { - old.next.prev = old.prev - } - *old.prev = old.next - } -} - -func (this *Schedule) ScheduleAfter(key ScheduleKey, due time.Duration) { - this.Schedule(key, time.Now().Add(due)) -} - -func (this *Schedule) Schedule(key ScheduleKey, due time.Time) { - this.lock.Lock() - defer this.lock.Unlock() - - select { - case _, ok := <-this.ctx.Done(): - if !ok { - panic("schedule is closed") - } - default: - } - - var cur time.Time - - if this.next != nil { - cur = this.next.due - } - - next := &this.next - old := this.entries[key] - if old != nil { - if old.due.Equal(due) { - return - } - if old.next != nil { - old.next.prev = old.prev - } - *old.prev = old.next - if old.due.Before(due) { - next = old.prev - } - } else { - old = &scheduleEntry{ - ScheduleEntry: ScheduleEntry{key: key}, - } - } - now := time.Now() - if !due.After(now) { - this.exec.Execute(key) - return - } - - old.due = due - for *next != nil { - if (*next).due.After(due) { - old.next = *next - old.prev = next - (*next).prev = &old.next - *next = old - break - } - next = &(*next).next - } - this.entries[key] = old - if (*next) == nil { - *next = old - old.prev = next - old.next = nil - } - - if this.next.due != cur { - this.timer.Next(this.next.due.Sub(now)) - } -} diff --git a/pkg/dns/utils/schedule_test.go b/pkg/dns/utils/schedule_test.go deleted file mode 100644 index 71132ea3d..000000000 --- a/pkg/dns/utils/schedule_test.go +++ /dev/null @@ -1,225 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package utils - -import ( - "context" - "fmt" - "sync" - "time" - - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" -) - -const PERIOD = 10 * time.Millisecond - -type Execution struct { - d int - k ScheduleKey -} - -func (this Execution) String() string { - return fmt.Sprintf("%5d: %s", this.d, this.k) -} - -type Result struct { - lock sync.Mutex - start time.Time - result []Execution -} - -func (this *Result) Execute(key ScheduleKey) { - this.lock.Lock() - defer this.lock.Unlock() - d := time.Since(this.start) + (PERIOD / 2) - this.result = append(this.result, Execution{int(d / PERIOD), key}) -} - -func (this *Result) String() string { - this.lock.Lock() - defer this.lock.Unlock() - return fmt.Sprintf("%v", this.result) -} - -var _ = Describe("Schedule", func() { - var sched *Schedule - var result *Result - - BeforeEach(func() { - result = &Result{start: time.Now()} - sched = NewSchedule(context.Background(), result) - }) - AfterEach(func() { - sched.Reset() - }) - - It("dummy", func() { - timer := time.NewTimer(0 * time.Second) - time.Sleep(PERIOD) - fmt.Printf("%t\n", timer.Stop()) - timer.Reset(2 * PERIOD) - <-timer.C - fmt.Printf("first\n") - time.Sleep(3 * PERIOD) - select { - case <-timer.C: - default: - Fail("second not ready") - } - select { - case <-timer.C: - Fail("oops, got third") - default: - } - }) - - Context("queue", func() { - It("queues one entry", func() { - sched.ScheduleAfter("A", 2*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A"})) - }) - - It("appends entry", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 4*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "B"})) - fmt.Printf("%v\n", sched.ListSchedule()) - }) - - It("inserts entry in between", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 4*time.Hour) - sched.ScheduleAfter("C", 3*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "C", "B"})) - }) - - It("prepends entry", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 1*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"B", "A"})) - }) - - It("delays entry", func() { - sched.ScheduleAfter("A", 1*time.Hour) - sched.ScheduleAfter("B", 2*time.Hour) - sched.ScheduleAfter("C", 3*time.Hour) - sched.ScheduleAfter("B", 4*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "C", "B"})) - }) - It("keeps order", func() { - sched.ScheduleAfter("A", 1*time.Hour) - sched.ScheduleAfter("B", 2*time.Hour) - sched.ScheduleAfter("C", 4*time.Hour) - sched.ScheduleAfter("B", 3*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "B", "C"})) - }) - It("reinserts", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 3*time.Hour) - sched.ScheduleAfter("C", 4*time.Hour) - sched.ScheduleAfter("B", 1*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"B", "A", "C"})) - }) - It("delete first", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 3*time.Hour) - sched.ScheduleAfter("C", 4*time.Hour) - sched.Delete("A") - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"B", "C"})) - }) - It("delete middle", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 3*time.Hour) - sched.ScheduleAfter("C", 4*time.Hour) - sched.Delete("B") - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "C"})) - }) - It("delete last", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 3*time.Hour) - sched.ScheduleAfter("C", 4*time.Hour) - sched.Delete("C") - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "B"})) - }) - It("delete last and append new", func() { - sched.ScheduleAfter("A", 2*time.Hour) - sched.ScheduleAfter("B", 3*time.Hour) - sched.ScheduleAfter("C", 4*time.Hour) - sched.Delete("C") - sched.ScheduleAfter("D", 4*time.Hour) - list := sched.List() - Expect(list).To(Equal([]ScheduleKey{"A", "B", "D"})) - }) - }) - Context("exec", func() { - It("executes order", func() { - sched.ScheduleAfter("A", 1*PERIOD) - sched.ScheduleAfter("C", 3*PERIOD) - sched.ScheduleAfter("B", 2*PERIOD) - time.Sleep(4 * PERIOD) - fmt.Printf("RES: %s\n", result) - Expect(result.result).To(Equal([]Execution{{1, "A"}, {2, "B"}, {3, "C"}})) - }) - It("restarts", func() { - sched.ScheduleAfter("A", 1*PERIOD) - sched.ScheduleAfter("C", 3*PERIOD) - time.Sleep(4 * PERIOD) - sched.ScheduleAfter("B", 2*PERIOD) - time.Sleep(3 * PERIOD) - fmt.Printf("RES: %s\n", result) - Expect(result.result).To(Equal([]Execution{{1, "A"}, {3, "C"}, {6, "B"}})) - }) - It("inserts after sched", func() { - sched.ScheduleAfter("A", 1*PERIOD) - sched.ScheduleAfter("C", 4*PERIOD) - time.Sleep(2 * PERIOD) - sched.ScheduleAfter("B", 1*PERIOD) - sched.ScheduleAfter("D", 3*PERIOD) - time.Sleep(4 * PERIOD) - fmt.Printf("RES: %s\n", result) - Expect(result.result).To(Equal([]Execution{{1, "A"}, {3, "B"}, {4, "C"}, {5, "D"}})) - }) - It("resets for earlier", func() { - sched.ScheduleAfter("C", 3*PERIOD) - sched.ScheduleAfter("D", 4*PERIOD) - sched.ScheduleAfter("B", 2*PERIOD) - sched.ScheduleAfter("A", 1*PERIOD) - time.Sleep(5 * PERIOD) - fmt.Printf("RES: %s\n", result) - Expect(result.result).To(Equal([]Execution{{1, "A"}, {2, "B"}, {3, "C"}, {4, "D"}})) - }) - - It("reschedule first", func() { - sched.ScheduleAfter("A", 3*PERIOD) - sched.ScheduleAfter("B", 4*PERIOD) - time.Sleep(1 * PERIOD) - sched.ScheduleAfter("A", 1*PERIOD) - time.Sleep(4 * PERIOD) - fmt.Printf("RES: %s\n", result) - Expect(result.result).To(Equal([]Execution{{2, "A"}, {4, "B"}})) - }) - - It("delete first", func() { - sched.ScheduleAfter("A", 3*PERIOD) - sched.ScheduleAfter("B", 4*PERIOD) - time.Sleep(1 * PERIOD) - sched.Delete("A") - time.Sleep(4 * PERIOD) - fmt.Printf("RES: %s\n", result) - Expect(result.result).To(Equal([]Execution{{4, "B"}})) - }) - }) -}) diff --git a/pkg/dns/utils/target.go b/pkg/dns/utils/target.go index 78fb15474..ec93b0e5b 100644 --- a/pkg/dns/utils/target.go +++ b/pkg/dns/utils/target.go @@ -98,7 +98,7 @@ type targetSpec struct { routingPolicy *dns.RoutingPolicy } -func BaseTargetSpec(entry DNSSpecification, p TargetProvider) TargetSpec { +func BaseTargetSpec(entry *DNSEntryObject, p TargetProvider) TargetSpec { spec := &targetSpec{ kind: entry.GroupKind().Kind, ownerId: p.OwnerId(), diff --git a/pkg/dns/utils/utils_dns.go b/pkg/dns/utils/utils_dns.go index 384fcf9b1..5755a33c6 100644 --- a/pkg/dns/utils/utils_dns.go +++ b/pkg/dns/utils/utils_dns.go @@ -5,10 +5,6 @@ package utils import ( - "time" - - "github.com/gardener/controller-manager-library/pkg/resources" - api "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" "github.com/gardener/external-dns-management/pkg/dns" ) @@ -18,36 +14,3 @@ type TargetProvider interface { OwnerId() string RoutingPolicy() *dns.RoutingPolicy } - -type DNSSpecification interface { - resources.Object - GetDNSName() string - GetSetIdentifier() string - GetTTL() *int64 - GetOwnerId() *string - GetTargets() []string - GetText() []string - GetCNameLookupInterval() *int64 - ResolveTargetsToAddresses() *bool - GetReference() *api.EntryReference - BaseStatus() *api.DNSBaseStatus - GetRoutingPolicy() *dns.RoutingPolicy - - GetTargetSpec(TargetProvider) TargetSpec - - RefreshTime() time.Time - ValidateSpecial() error - AcknowledgeTargets(targets []string) bool - AcknowledgeRoutingPolicy(policy *dns.RoutingPolicy) bool -} - -func DNSObject(data resources.Object, _ ...any) DNSSpecification { - switch data.Data().(type) { - case *api.DNSEntry: - return DNSEntry(data) - case *api.DNSLock: - return DNSLock(data) - default: - return nil - } -} diff --git a/pkg/dns/utils/utils_entry.go b/pkg/dns/utils/utils_entry.go index 43ae748eb..7b0ae6ce5 100644 --- a/pkg/dns/utils/utils_entry.go +++ b/pkg/dns/utils/utils_entry.go @@ -6,7 +6,6 @@ package utils import ( "reflect" - "time" "github.com/gardener/controller-manager-library/pkg/resources" "github.com/gardener/controller-manager-library/pkg/utils" @@ -15,8 +14,6 @@ import ( api "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" ) -var _ DNSSpecification = (*DNSEntryObject)(nil) - var DNSEntryType = (*api.DNSEntry)(nil) type DNSEntryObject struct { @@ -94,21 +91,7 @@ func (this *DNSEntryObject) GetReference() *api.EntryReference { } func (this *DNSEntryObject) GetRoutingPolicy() *dns.RoutingPolicy { - if policy := this.DNSEntry().Spec.RoutingPolicy; policy != nil { - return &dns.RoutingPolicy{ - Type: policy.Type, - Parameters: policy.Parameters, - } - } - return nil -} - -func (this *DNSEntryObject) RefreshTime() time.Time { - return time.Time{} -} - -func (this *DNSEntryObject) ValidateSpecial() error { - return nil + return ToDNSRoutingPolicy(this.DNSEntry().Spec.RoutingPolicy) } func (this *DNSEntryObject) AcknowledgeTargets(targets []string) bool { @@ -177,3 +160,13 @@ func DNSSetNameMatcher(name dns.DNSSetName) resources.ObjectMatcher { return DNSEntry(o).DNSSetName() == name } } + +func ToDNSRoutingPolicy(policy *api.RoutingPolicy) *dns.RoutingPolicy { + if policy != nil { + return &dns.RoutingPolicy{ + Type: policy.Type, + Parameters: policy.Parameters, + } + } + return nil +} diff --git a/pkg/dns/utils/utils_lock.go b/pkg/dns/utils/utils_lock.go deleted file mode 100644 index 37373e4ae..000000000 --- a/pkg/dns/utils/utils_lock.go +++ /dev/null @@ -1,163 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package utils - -import ( - "fmt" - "strconv" - "strings" - "time" - - "github.com/gardener/controller-manager-library/pkg/resources" - "github.com/gardener/controller-manager-library/pkg/utils" - api "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - "github.com/gardener/external-dns-management/pkg/dns" -) - -var _ DNSSpecification = (*DNSLockObject)(nil) - -var DNSLockType = (*api.DNSLock)(nil) - -type DNSLockObject struct { - resources.Object -} - -func (this *DNSLockObject) DNSLock() *api.DNSLock { - return this.Data().(*api.DNSLock) -} - -func DNSLock(o resources.Object) *DNSLockObject { - if o.IsA(DNSLockType) { - return &DNSLockObject{o} - } - return nil -} - -func (this *DNSLockObject) Spec() *api.DNSLockSpec { - return &this.DNSLock().Spec -} - -func (this *DNSLockObject) StatusField() interface{} { - return this.Status() -} - -func (this *DNSLockObject) Status() *api.DNSLockStatus { - return &this.DNSLock().Status -} - -func (this *DNSLockObject) BaseStatus() *api.DNSBaseStatus { - return &this.DNSLock().Status.DNSBaseStatus -} - -func (this *DNSLockObject) GetDNSName() string { - return dns.NormalizeHostname(this.DNSLock().Spec.DNSName) -} - -func (this *DNSLockObject) GetSetIdentifier() string { - return "" -} - -func (this *DNSLockObject) GetTargets() []string { - return nil -} - -func (this *DNSLockObject) GetText() []string { - attrs := []string{} - if s := utils.StringValue(this.Spec().LockId); s != "" { - attrs = append(attrs, fmt.Sprintf("%s=%s", dns.ATTR_LOCKID, s)) - } - attrs = append(attrs, fmt.Sprintf("%s=%d", dns.ATTR_TIMESTAMP, this.Spec().Timestamp.Unix())) - if this.Spec().Attributes != nil { - for k, v := range this.Spec().Attributes { - if strings.HasPrefix(k, "_") { - attrs = append(attrs, v) - } else { - attrs = append(attrs, fmt.Sprintf("%s=%s", k, v)) - } - } - } - return attrs -} - -func (this *DNSLockObject) GetTimestamp() time.Time { - return this.Spec().Timestamp.Time -} - -func (this *DNSLockObject) GetOwnerId() *string { - return this.DNSLock().Spec.LockId -} - -func (this *DNSLockObject) GetTTL() *int64 { - return &this.DNSLock().Spec.TTL -} - -func (this *DNSLockObject) GetCNameLookupInterval() *int64 { - return nil -} - -func (this *DNSLockObject) ResolveTargetsToAddresses() *bool { - return nil -} - -func (this *DNSLockObject) GetReference() *api.EntryReference { - return nil -} - -func (this *DNSLockObject) GetRoutingPolicy() *dns.RoutingPolicy { - return nil -} - -func (this *DNSLockObject) RefreshTime() time.Time { - return this.Spec().Timestamp.Time -} - -func (this *DNSLockObject) ValidateSpecial() error { - if len(this.Spec().Attributes) == 0 { - return fmt.Errorf("no attributes defined") - } - return nil -} - -func (this *DNSLockObject) AcknowledgeTargets(_ []string) bool { - return false -} - -func (this *DNSLockObject) AcknowledgeRoutingPolicy(_ *dns.RoutingPolicy) bool { - return false -} - -func (this *DNSLockObject) GetTargetSpec(p TargetProvider) TargetSpec { - return &lockTargetSpec{ - TargetSpec: BaseTargetSpec(this, p), - refreshTime: this.RefreshTime(), - } -} - -type lockTargetSpec struct { - TargetSpec - refreshTime time.Time -} - -func (this *lockTargetSpec) Responsible(set *dns.DNSSet, _ dns.Ownership) bool { - if set.GetKind() != api.DNSLockKind { - return false - } - if set.GetOwner() != this.OwnerId() { - fmt.Printf("found lock %q owner mismatch %q->%q\n", set.Name, set.GetOwner(), this.OwnerId()) - return false - } - - t, err := strconv.ParseInt(set.GetTxtAttr(dns.ATTR_TIMESTAMP), 10, 64) - if err != nil { - fmt.Printf("found lock %q ts parsing error: %s\n", set.Name, err) - return false - } - if time.Unix(t, 0).After(this.refreshTime) { - fmt.Printf("found lock %q timestamp mismatch %q->%q\n", set.Name, time.Unix(t, 0), this.refreshTime) - return false - } - fmt.Printf("found responsibility for lock %q\n", set.Name) - return true -} diff --git a/pkg/dns/utils/utils_owner.go b/pkg/dns/utils/utils_owner.go index 376ad3ee8..46ea85402 100644 --- a/pkg/dns/utils/utils_owner.go +++ b/pkg/dns/utils/utils_owner.go @@ -5,12 +5,7 @@ package utils import ( - "net" - "time" - "github.com/gardener/controller-manager-library/pkg/resources" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - api "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" ) @@ -39,28 +34,13 @@ func (this *DNSOwnerObject) GetOwnerId() string { return this.DNSOwner().Spec.OwnerId } -func (this *DNSOwnerObject) GetDNSActivation() *api.DNSActivation { - return this.DNSOwner().Spec.DNSActivation -} - func (this *DNSOwnerObject) IsEnabled() bool { a := this.DNSOwner().Spec.Active return a == nil || *a } func (this *DNSOwnerObject) IsActive() bool { - if this.IsEnabled() { - valid := this.DNSOwner().Spec.ValidUntil - if valid != nil && !valid.After(time.Now()) { - return false - } - return CheckDNSActivation(this.GetCluster().GetId(), this.GetDNSActivation()) - } - return false -} - -func (this *DNSOwnerObject) ValidUntil() *metav1.Time { - return this.DNSOwner().Spec.ValidUntil + return this.IsEnabled() } func (this *DNSOwnerObject) GetCounts() map[string]int { @@ -74,30 +54,3 @@ func (this *DNSOwnerObject) GetCount() int { func (this *DNSOwnerObject) Status() *api.DNSOwnerStatus { return &this.DNSOwner().Status } - -// LookupTXTFunc is a type for looking up DNS TXT entries (or to mock it) -type LookupTXTFunc func(string) ([]string, error) - -// DNSActivationLookupTXTFunc contains the actual LookupTXTFunc. -// (can be overwritten for test purposes) -var DNSActivationLookupTXTFunc LookupTXTFunc = net.LookupTXT - -func CheckDNSActivation(clusterid string, activation *api.DNSActivation) bool { - if activation == nil { - return true - } - records, err := DNSActivationLookupTXTFunc(activation.DNSName) - if err != nil { - return false - } - value := clusterid - if activation.Value != nil && *activation.Value != "" { - value = *activation.Value - } - for _, r := range records { - if r == value { - return true - } - } - return false -} diff --git a/test/functional/config/config.go b/test/functional/config/config.go index 2d0ba458d..3d82d5c1d 100644 --- a/test/functional/config/config.go +++ b/test/functional/config/config.go @@ -21,7 +21,6 @@ var ( namespace = "default" dnsServer = "" dnsLookup = true - dedicated = false ) func init() { @@ -35,11 +34,6 @@ func init() { dnsLookup = strings.ToLower(value) == "true" } - value = os.Getenv("DNS_DEDICATED") - if value != "" { - dedicated = strings.ToLower(value) == "true" - } - value = os.Getenv("DNS_SERVER") if value != "" { dnsServer = value @@ -146,11 +140,7 @@ func (c *Config) postProcess(namespace string) error { names[provider.Name] = provider provider.Namespace = namespace if provider.FinalizerType == "" { - if !dedicated { - provider.FinalizerType = "compound" - } else { - provider.FinalizerType = provider.Type - } + provider.FinalizerType = "compound" } if provider.ForeignDomain == "" { parts := strings.SplitN(provider.Domain, ".", 2) diff --git a/test/functional/run.sh b/test/functional/run.sh index b2e7918f3..af1692f22 100755 --- a/test/functional/run.sh +++ b/test/functional/run.sh @@ -14,7 +14,6 @@ cd $SCRIPT_BASEDIR FUNCTEST_CONFIG=$ROOTDIR/local/functest-config.yaml DNS_LOOKUP=true -DNS_DEDICATED=false DNS_SERVER=8.8.4.4 RUN_CONTROLLER=true GLOBAL_LOCK_URL=https://kvdb.io/8Kr6JtkwHUrq96Wk5aogEK/functest-lock @@ -26,7 +25,7 @@ Usage: Runs functional tests for external-dns-management for all provider using secrets from a functest-config.yaml file (see functest-config-template.yaml for details how it should look). -./run.sh [--no-dns] [-f ] [-r|--reuse] [-v] [-k|--keep] [--dns-server ] [--no-controller] [--dedicated] [-- ] +./run.sh [--no-dns] [-f ] [-r|--reuse] [-v] [-k|--keep] [--dns-server ] [--no-controller] [-- ] Options: -r | --reuse reuse existing kind cluster @@ -35,7 +34,6 @@ Options: --dns-server dns server to use for DNS lookups (defaults to $DNS_SERVER) --no-dns do not perform DNS lookups (for faster testing) -f path to functest configuration file (defaults to $FUNCTEST_CONFIG) - --dedicated use dedicated, non-compound controller --no-controller do not start the dns-controller-manager For options of ginkgo run: @@ -67,9 +65,6 @@ while [ "$1" != "" ]; do DNS_LOOKUP=$1 shift ;; - --dedicated ) shift - DNS_DEDICATED=true - ;; --no-controller ) shift RUN_CONTROLLER=false ;; @@ -180,25 +175,15 @@ fi kubectl cluster-info if [ "$RUN_CONTROLLER" == "true" ]; then - if [ "$DNS_DEDICATED" == "true" ]; then - go build -race -o $ROOTDIR/dns-controller-manager-dedicated $ROOTDIR/cmd/dedicated - $ROOTDIR/dns-controller-manager-dedicated --controllers=dnscontrollers,infoblox-dns --identifier=functest --omit-lease >/tmp/dnsmgr-functional.log 2>&1 & - PID_CONTROLLER=$! - else - go build -race -o $ROOTDIR/dns-controller-manager $ROOTDIR/cmd/compound - $ROOTDIR/dns-controller-manager --controllers=dnscontrollers --identifier=functest --omit-lease > /tmp/dnsmgr-functional.log 2>&1 & - PID_CONTROLLER=$! - fi + go build -race -o $ROOTDIR/dns-controller-manager $ROOTDIR/cmd/compound + $ROOTDIR/dns-controller-manager --controllers=dnscontrollers --identifier=functest --omit-lease > /tmp/dnsmgr-functional.log 2>&1 & + PID_CONTROLLER=$! else - if [ "$DNS_DEDICATED" == "true" ]; then - echo dns-controller-manager-dedicated must be started with arguments: '--controllers=dnscontrollers,infoblox-dns --identifier=functest' - else - echo dns-controller-manager must be started with arguments: '--controllers=dnscontrollers --identifier=functest' - fi + echo dns-controller-manager must be started with arguments: '--controllers=dnscontrollers --identifier=functest' fi GINKGO=${GINKGO:-ginkgo} -FUNCTEST_CONFIG=$FUNCTEST_CONFIG DNS_LOOKUP=$DNS_LOOKUP DNS_SERVER=$DNS_SERVER DNS_DEDICATED=$DNS_DEDICATED ${GINKGO} -v -p "$@" +FUNCTEST_CONFIG=$FUNCTEST_CONFIG DNS_LOOKUP=$DNS_LOOKUP DNS_SERVER=$DNS_SERVER ${GINKGO} -v -p "$@" RETCODE=$? diff --git a/test/integration/dnsActivation_test.go b/test/integration/dnsActivation_test.go deleted file mode 100644 index a2492409a..000000000 --- a/test/integration/dnsActivation_test.go +++ /dev/null @@ -1,111 +0,0 @@ -// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors -// -// SPDX-License-Identifier: Apache-2.0 - -package integration - -import ( - "fmt" - "net" - "time" - - "github.com/gardener/external-dns-management/pkg/apis/dns/v1alpha1" - dnsutils "github.com/gardener/external-dns-management/pkg/dns/utils" - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" -) - -var _ = Describe("DNSActivation", func() { - lookupName := "lock.mock.xx" - lookupValues := []string{} - - // mock DNS TXT record lookup - BeforeEach(func() { - dnsutils.DNSActivationLookupTXTFunc = func(dnsname string) ([]string, error) { - if dnsname == lookupName { - return lookupValues, nil - } - return []string{}, nil - } - }) - AfterEach(func() { - dnsutils.DNSActivationLookupTXTFunc = net.LookupTXT - }) - - It("should active/deactivate DNSOwner and related DNSEntries", func() { - baseDomain := "xx.mock" - - pr, domain, _, err := testEnv.CreateSecretAndProvider(baseDomain, 0) - Ω(err).ShouldNot(HaveOccurred()) - defer testEnv.DeleteProviderAndSecret(pr) - - ownerID := "id-owner1" - setSpec := func(e *v1alpha1.DNSEntry) { - var ttl int64 = 120 - e.Spec.TTL = &ttl - e.Spec.DNSName = fmt.Sprintf("e1.%s", domain) - e.Spec.Targets = []string{"1.1.1.1"} - e.Spec.OwnerId = &ownerID - } - entry, err := testEnv.CreateEntryGeneric(0, setSpec) - Ω(err).ShouldNot(HaveOccurred()) - - checkProviderEx(testEnv, pr) - - err = testEnv.AwaitEntryStale(entry.GetName()) - Ω(err).ShouldNot(HaveOccurred()) - - clusterID := "cluster-id-1234" - ownerSetSpec := func(o *v1alpha1.DNSOwner) { - o.Spec.OwnerId = ownerID - o.Spec.DNSActivation = &v1alpha1.DNSActivation{ - DNSName: lookupName, - Value: &clusterID, - } - } - owner1, err := testEnv.CreateOwnerGeneric("owner1", ownerSetSpec) - Ω(err).ShouldNot(HaveOccurred()) - - active := false - lookupValues = []string{clusterID} - for i := 0; i < 30; i++ { - time.Sleep(500 * time.Millisecond) - obj, err := testEnv.GetOwner(owner1.GetName()) - Ω(err).ShouldNot(HaveOccurred()) - owner := UnwrapOwner(obj) - if owner.Status.Active != nil && *owner.Status.Active { - active = true - break - } - } - Ω(active).Should(BeTrue()) - - err = testEnv.AwaitEntryReady(entry.GetName()) - Ω(err).ShouldNot(HaveOccurred()) - - lookupValues = []string{"foo"} - for i := 0; i < 30; i++ { - time.Sleep(500 * time.Millisecond) - obj, err := testEnv.GetOwner(owner1.GetName()) - Ω(err).ShouldNot(HaveOccurred()) - owner := UnwrapOwner(obj) - if owner.Status.Active != nil && !*owner.Status.Active { - active = false - break - } - } - Ω(active).Should(BeFalse()) - - err = testEnv.AwaitEntryStale(entry.GetName()) - Ω(err).ShouldNot(HaveOccurred()) - - err = testEnv.DeleteOwner(owner1) - Ω(err).ShouldNot(HaveOccurred()) - - err = testEnv.DeleteEntryAndWait(entry) - Ω(err).ShouldNot(HaveOccurred()) - - err = testEnv.DeleteProviderAndSecret(pr) - Ω(err).ShouldNot(HaveOccurred()) - }) -})