diff --git a/go.mod b/go.mod index ef18695c..ee41d2c3 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( carvel.dev/ytt v0.50.0 github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 github.com/andybalholm/brotli v1.1.0 - github.com/gardener/gardener v1.104.0 + github.com/gardener/gardener v1.105.0 github.com/go-logr/logr v1.4.2 github.com/spf13/cobra v1.8.1 golang.org/x/tools v0.25.0 @@ -35,7 +35,7 @@ require ( github.com/fluent/fluent-operator/v2 v2.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/gardener/cert-management v0.15.0 // indirect - github.com/gardener/etcd-druid v0.22.5 // indirect + github.com/gardener/etcd-druid v0.22.7 // indirect github.com/gardener/hvpa-controller/api v0.17.0 // indirect github.com/gardener/machine-controller-manager v0.53.1 // indirect github.com/go-logr/zapr v1.3.0 // indirect @@ -113,7 +113,7 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect helm.sh/helm/v3 v3.14.4 // indirect - istio.io/api v1.22.4 // indirect + istio.io/api v1.22.5 // indirect istio.io/client-go v1.22.0 // indirect k8s.io/apiextensions-apiserver v0.29.9 // indirect k8s.io/autoscaler/vertical-pod-autoscaler v1.2.1 // indirect @@ -126,7 +126,7 @@ require ( k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect k8s.io/kubelet v0.29.9 // indirect k8s.io/metrics v0.29.9 // indirect - k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3 // indirect + k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 // indirect sigs.k8s.io/controller-runtime/tools/setup-envtest v0.0.0-20231015215740-bf15e44028f9 // indirect sigs.k8s.io/controller-tools v0.14.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect diff --git a/go.sum b/go.sum index 66bf4829..416fb36b 100644 --- a/go.sum +++ b/go.sum @@ -92,10 +92,10 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/gardener/cert-management v0.15.0 h1:ohm1eWae2rQSkwFGWXTt+lBv4rLBhtJsJgqvaXJBs6o= github.com/gardener/cert-management v0.15.0/go.mod h1:3BK2VEtGwv2ijf3bSziTLMCUvYnPzIQrQ/uPeZzL4m0= -github.com/gardener/etcd-druid v0.22.5 h1:1k7oEB796ZYiAz6XzQFfG7NevRtLonnXE/p4LudeWdw= -github.com/gardener/etcd-druid v0.22.5/go.mod h1:FROhfVKyWBo4krlPe3R6FIhJRmOmijEWBdEeUP0CJjE= -github.com/gardener/gardener v1.104.0 h1:F5HEDuvs0QHroPA6iZZGwE6ElJuIRyYvNSl+452qYoc= -github.com/gardener/gardener v1.104.0/go.mod h1:D7geCRFheAbYTOwlHPlwHbHaI2ccbixcg4M5sFgAxsY= +github.com/gardener/etcd-druid v0.22.7 h1:ftMTv/+xTsR+JYlERAbXNmf/ykGy10NN6P5/h3yvWSk= +github.com/gardener/etcd-druid v0.22.7/go.mod h1:FROhfVKyWBo4krlPe3R6FIhJRmOmijEWBdEeUP0CJjE= +github.com/gardener/gardener v1.105.0 h1:yHZTrkVbroRLkW6gP0DcmXVCEiZmSW1dqlOP47vcPBE= +github.com/gardener/gardener v1.105.0/go.mod h1:6veUAG3zUdUxAGq+0iucMd1m3cOf42bIT6qmkggzUWs= github.com/gardener/hvpa-controller/api v0.17.0 h1:1mNeP+xsnjPH6GhewugU5srslXiTCJgYIFCMuRXwI7w= github.com/gardener/hvpa-controller/api v0.17.0/go.mod h1:eKrL7j6/YX8PaoP80xxi3+UFmQgHVf/QCPsGwNnmDeE= github.com/gardener/machine-controller-manager v0.53.1 h1:4P9qtzoD+989Lhc8XaI6Zo3X2TaQVXgHHrbEpuhJcrI= @@ -718,8 +718,8 @@ honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -istio.io/api v1.22.4 h1:qOPePC/6eUxYGzXTClW40fgqO6kvYib2/IDDdq8O8uQ= -istio.io/api v1.22.4/go.mod h1:S3l8LWqNYS9yT+d4bH+jqzH2lMencPkW7SKM1Cu9EyM= +istio.io/api v1.22.5 h1:xR1DMG6uuNqzWSzfJJJO8jx53panv+xqTg62l6dVW2U= +istio.io/api v1.22.5/go.mod h1:S3l8LWqNYS9yT+d4bH+jqzH2lMencPkW7SKM1Cu9EyM= istio.io/client-go v1.22.0 h1:TQ+Y7hqZVQHvaJXF99Q1jBqnVG7gYAHR9IvCK2nlwfE= istio.io/client-go v1.22.0/go.mod h1:1lAPr0DOVBbnRQqLAQKxWbEaxFk6b1CJTm+ypnP7sMo= k8s.io/api v0.19.0/go.mod h1:I1K45XlvTrDjmj5LoM5LuP/KYrhWbjUKT/SoPG0qTjw= @@ -765,8 +765,8 @@ k8s.io/metrics v0.29.9 h1:0Rglc03f5u4/wHliG8cfhLOtSbTwL03WQ37CMn9c4OI= k8s.io/metrics v0.29.9/go.mod h1:1DixHaqPn7puV31YlEKT/kAEP+31cpOShIPiRtro5no= k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3 h1:b2FmK8YH+QEwq/Sy2uAEhmqL5nPfGYbJOcaqjeYYZoA= -k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 h1:MDF6h2H/h4tbzmtIKTuctcwZmY0tY9mD9fNT47QO6HI= +k8s.io/utils v0.0.0-20240921022957-49e7df575cb6/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= sigs.k8s.io/controller-runtime v0.17.6 h1:12IXsozEsIXWAMRpgRlYS1jjAHQXHtWEOMdULh3DbEw= sigs.k8s.io/controller-runtime v0.17.6/go.mod h1:N0jpP5Lo7lMTF9aL56Z/B2oWBJjey6StQM0jRbKQXtY= diff --git a/vendor/github.com/gardener/gardener/extensions/pkg/controller/cmd/options.go b/vendor/github.com/gardener/gardener/extensions/pkg/controller/cmd/options.go index 7f1a52ef..5dca04cc 100644 --- a/vendor/github.com/gardener/gardener/extensions/pkg/controller/cmd/options.go +++ b/vendor/github.com/gardener/gardener/extensions/pkg/controller/cmd/options.go @@ -58,6 +58,9 @@ const ( // a rest.Config of a manager.Manager. MasterURLFlag = "master" + // ControllersFlag is the name of the command line flag to enable individual controllers. + ControllersFlag = "controllers" + // DisableFlag is the name of the command line flag to disable individual controllers. DisableFlag = "disable-controllers" @@ -385,6 +388,7 @@ func (r *RESTOptions) AddFlags(fs *pflag.FlagSet) { // SwitchOptions are options to build an AddToManager function that filters the disabled controllers. type SwitchOptions struct { + Enabled []string Disabled []string nameToAddToManager map[string]func(context.Context, manager.Manager) error @@ -425,12 +429,24 @@ func (d *SwitchOptions) AddFlags(fs *pflag.FlagSet) { for name := range d.nameToAddToManager { controllerNames = append(controllerNames, name) } + fs.StringSliceVar(&d.Enabled, ControllersFlag, controllerNames, fmt.Sprintf("List of controllers to enable. If not set, all controllers are enabled. %v", controllerNames)) fs.StringSliceVar(&d.Disabled, DisableFlag, d.Disabled, fmt.Sprintf("List of controllers to disable %v", controllerNames)) } // Complete implements Option. func (d *SwitchOptions) Complete() error { - disabled := sets.New[string]() + var ( + enabled = sets.New[string]() + disabled = sets.New[string]() + ) + + for _, enabledName := range d.Enabled { + if _, ok := d.nameToAddToManager[enabledName]; !ok { + return fmt.Errorf("cannot enable unknown controller %q", enabledName) + } + enabled.Insert(enabledName) + } + for _, disabledName := range d.Disabled { if _, ok := d.nameToAddToManager[disabledName]; !ok { return fmt.Errorf("cannot disable unknown controller %q", disabledName) @@ -439,7 +455,7 @@ func (d *SwitchOptions) Complete() error { } for name, addToManager := range d.nameToAddToManager { - if !disabled.Has(name) { + if enabled.Has(name) && !disabled.Has(name) { d.addToManagerBuilder.Register(addToManager) } } diff --git a/vendor/github.com/gardener/gardener/hack/ci-e2e-kind-upgrade.sh b/vendor/github.com/gardener/gardener/hack/ci-e2e-kind-upgrade.sh index 741d34e3..c62e5a90 100755 --- a/vendor/github.com/gardener/gardener/hack/ci-e2e-kind-upgrade.sh +++ b/vendor/github.com/gardener/gardener/hack/ci-e2e-kind-upgrade.sh @@ -204,13 +204,6 @@ set_seed_name $(dirname "${0}")/download_gardener_source_code.sh --gardener-version $GARDENER_PREVIOUS_RELEASE --download-path $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases export GARDENER_PREVIOUS_VERSION="$(cat $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases/$GARDENER_PREVIOUS_RELEASE/VERSION)" -# TODO(MartinWeindel): Temporary fix of addresses in previous release for e2e upgrade tests (remove this after v1.102 has been released). -sed -i -e 's/hostIP: "127.0.0.1"/hostIP: "172.18.255.1"/' $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases/$GARDENER_PREVIOUS_RELEASE/charts/gardener/provider-local/values.yaml -sed -i -e 's/zone0IP: "127.0.0.10"/zone0IP: "172.18.255.10"/' $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases/$GARDENER_PREVIOUS_RELEASE/charts/gardener/provider-local/values.yaml -sed -i -e 's/zone1IP: "127.0.0.11"/zone1IP: "172.18.255.11"/' $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases/$GARDENER_PREVIOUS_RELEASE/charts/gardener/provider-local/values.yaml -sed -i -e 's/zone2IP: "127.0.0.12"/zone2IP: "172.18.255.12"/' $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases/$GARDENER_PREVIOUS_RELEASE/charts/gardener/provider-local/values.yaml -sed -i -e 's/- 127.0.0./- 172.18.255./' $GARDENER_RELEASE_DOWNLOAD_PATH/gardener-releases/$GARDENER_PREVIOUS_RELEASE/example/gardener-local/kind/ha-multi-zone/values.yaml - # test setup kind_up diff --git a/vendor/github.com/gardener/gardener/hack/tools.mk b/vendor/github.com/gardener/gardener/hack/tools.mk index 5e4335bf..23b018b0 100755 --- a/vendor/github.com/gardener/gardener/hack/tools.mk +++ b/vendor/github.com/gardener/gardener/hack/tools.mk @@ -72,7 +72,7 @@ KUSTOMIZE_VERSION ?= v5.3.0 # renovate: datasource=github-releases depName=prometheus/prometheus PROMTOOL_VERSION ?= 2.54.1 # renovate: datasource=github-releases depName=protocolbuffers/protobuf -PROTOC_VERSION ?= v28.1 +PROTOC_VERSION ?= v28.2 # renovate: datasource=github-releases depName=GoogleContainerTools/skaffold SKAFFOLD_VERSION ?= v2.13.2 # renovate: datasource=github-releases depName=mikefarah/yq diff --git a/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/types_worker.go b/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/types_worker.go index c013a325..b963cf5f 100644 --- a/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/types_worker.go +++ b/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/types_worker.go @@ -134,19 +134,9 @@ type WorkerPool struct { // +kubebuilder:pruning:PreserveUnknownFields // +optional ProviderConfig *runtime.RawExtension `json:"providerConfig,omitempty"` - // UserData is a base64-encoded string that contains the data that is sent to the provider's APIs - // when a new machine/VM that is part of this worker pool shall be spawned. - // Either this or UserDataSecretRef must be provided. - // - // Deprecated: This field will be removed in future release. - // TODO(rfranzke): Remove this field after v1.104 has been released. - // +optional - UserData []byte `json:"userData,omitempty"` // UserDataSecretRef references a Secret and a data key containing the data that is sent to the provider's APIs when // a new machine/VM that is part of this worker pool shall be spawned. - // Either this or UserData must be provided. - // +optional - UserDataSecretRef *corev1.SecretKeySelector `json:"userDataSecretRef,omitempty"` + UserDataSecretRef corev1.SecretKeySelector `json:"userDataSecretRef"` // Volume contains information about the root disks that should be used for this worker pool. // +optional Volume *Volume `json:"volume,omitempty"` diff --git a/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.go index 9d9a1b9e..f8f67946 100644 --- a/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/gardener/gardener/pkg/apis/extensions/v1alpha1/zz_generated.deepcopy.go @@ -1893,16 +1893,7 @@ func (in *WorkerPool) DeepCopyInto(out *WorkerPool) { *out = new(runtime.RawExtension) (*in).DeepCopyInto(*out) } - if in.UserData != nil { - in, out := &in.UserData, &out.UserData - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.UserDataSecretRef != nil { - in, out := &in.UserDataSecretRef, &out.UserDataSecretRef - *out = new(v1.SecretKeySelector) - (*in).DeepCopyInto(*out) - } + in.UserDataSecretRef.DeepCopyInto(&out.UserDataSecretRef) if in.Volume != nil { in, out := &in.Volume, &out.Volume *out = new(Volume) diff --git a/vendor/github.com/gardener/gardener/pkg/apis/operator/v1alpha1/types_extension.go b/vendor/github.com/gardener/gardener/pkg/apis/operator/v1alpha1/types_extension.go index d932c5d3..097edb9d 100644 --- a/vendor/github.com/gardener/gardener/pkg/apis/operator/v1alpha1/types_extension.go +++ b/vendor/github.com/gardener/gardener/pkg/apis/operator/v1alpha1/types_extension.go @@ -73,6 +73,7 @@ type ExtensionDeploymentSpec struct { // +optional Values *apiextensionsv1.JSON `json:"values,omitempty"` // RuntimeClusterValues are the deployment values for the extension deployment running in the runtime garden cluster. + // If no values are specified, a runtime deployment is considered deactivated. // +optional RuntimeClusterValues *apiextensionsv1.JSON `json:"runtimeClusterValues,omitempty"` // Policy controls how the controller is deployed. It defaults to 'OnDemand'. diff --git a/vendor/github.com/gardener/gardener/pkg/client/kubernetes/applier.go b/vendor/github.com/gardener/gardener/pkg/client/kubernetes/applier.go index 517f5e4d..6397576b 100644 --- a/vendor/github.com/gardener/gardener/pkg/client/kubernetes/applier.go +++ b/vendor/github.com/gardener/gardener/pkg/client/kubernetes/applier.go @@ -54,27 +54,7 @@ func NewApplierForConfig(config *rest.Config) (Applier, error) { } func (a *defaultApplier) applyObject(ctx context.Context, desired *unstructured.Unstructured, options MergeFuncs) error { - // look up scope of objects' kind to check, if we should default the namespace field - mapping, err := a.restMapper.RESTMapping(desired.GroupVersionKind().GroupKind(), desired.GroupVersionKind().Version) - if err != nil || mapping == nil { - // Don't reset RESTMapper in case of cache misses. Most probably indicates, that the corresponding CRD is not yet applied. - // CRD might be applied later as part of the same chart - - // default namespace on a best effort basis - if desired.GetKind() != "Namespace" && desired.GetNamespace() == "" { - desired.SetNamespace(metav1.NamespaceDefault) - } - } else { - if mapping.Scope.Name() == meta.RESTScopeNameNamespace { - // default namespace field to `default` in case of namespaced kinds - if desired.GetNamespace() == "" { - desired.SetNamespace(metav1.NamespaceDefault) - } - } else { - // unset namespace field in case of non-namespaced kinds - desired.SetNamespace("") - } - } + a.setNamespace(desired) key := client.ObjectKeyFromObject(desired) if len(key.Name) == 0 { @@ -83,7 +63,7 @@ func (a *defaultApplier) applyObject(ctx context.Context, desired *unstructured. current := &unstructured.Unstructured{} current.SetGroupVersionKind(desired.GroupVersionKind()) - if err = a.client.Get(ctx, key, current); err != nil { + if err := a.client.Get(ctx, key, current); err != nil { if apierrors.IsNotFound(err) { return a.client.Create(ctx, desired) } @@ -98,9 +78,8 @@ func (a *defaultApplier) applyObject(ctx context.Context, desired *unstructured. } func (a *defaultApplier) deleteObject(ctx context.Context, desired *unstructured.Unstructured, opts *DeleteManifestOptions) error { - if desired.GetNamespace() == "" { - desired.SetNamespace(metav1.NamespaceDefault) - } + a.setNamespace(desired) + if len(desired.GetName()) == 0 { return fmt.Errorf("missing 'metadata.name' in: %+v", desired) } @@ -294,6 +273,30 @@ func (a *defaultApplier) mergeObjects(newObj, oldObj *unstructured.Unstructured, return nil } +// setNamespace looks up scope of objects' kind to check if we should default the namespace field +func (a *defaultApplier) setNamespace(desired *unstructured.Unstructured) { + mapping, err := a.restMapper.RESTMapping(desired.GroupVersionKind().GroupKind(), desired.GroupVersionKind().Version) + if err != nil || mapping == nil { + // Don't reset RESTMapper in case of cache misses. Most probably indicates, that the corresponding CRD is not yet applied. + // CRD might be applied later as part of the same chart + + // default namespace on a best effort basis + if desired.GetKind() != "Namespace" && desired.GetNamespace() == "" { + desired.SetNamespace(metav1.NamespaceDefault) + } + } else { + if mapping.Scope.Name() == meta.RESTScopeNameNamespace { + // default namespace field to `default` in case of namespaced kinds + if desired.GetNamespace() == "" { + desired.SetNamespace(metav1.NamespaceDefault) + } + } else { + // unset namespace field in case of non-namespaced kinds + desired.SetNamespace("") + } + } +} + // ApplyManifest is a function which does the same like `kubectl apply -f `. It takes a bunch of manifests , // all concatenated in a byte slice, and sends them one after the other to the API server. If a resource // already exists at the API server, it will update it. It returns an error as soon as the first error occurs. diff --git a/vendor/github.com/gardener/gardener/pkg/client/kubernetes/types.go b/vendor/github.com/gardener/gardener/pkg/client/kubernetes/types.go index a377980b..e814da14 100644 --- a/vendor/github.com/gardener/gardener/pkg/client/kubernetes/types.go +++ b/vendor/github.com/gardener/gardener/pkg/client/kubernetes/types.go @@ -64,7 +64,8 @@ var ( client.PropagationPolicy(metav1.DeletePropagationBackground), client.GracePeriodSeconds(0), } - + // GardenSerializer is a YAML serializer using the Garden scheme. + GardenSerializer = json.NewSerializerWithOptions(json.DefaultMetaFactory, GardenScheme, GardenScheme, json.SerializerOptions{Yaml: true, Pretty: false, Strict: false}) // GardenCodec is a codec factory using the Garden scheme. GardenCodec = serializer.NewCodecFactory(GardenScheme) diff --git a/vendor/github.com/gardener/gardener/pkg/extensions/predicate.go b/vendor/github.com/gardener/gardener/pkg/extensions/predicate.go new file mode 100644 index 00000000..3b228c1b --- /dev/null +++ b/vendor/github.com/gardener/gardener/pkg/extensions/predicate.go @@ -0,0 +1,46 @@ +// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors +// +// SPDX-License-Identifier: Apache-2.0 + +package extensions + +import ( + "sigs.k8s.io/controller-runtime/pkg/event" + "sigs.k8s.io/controller-runtime/pkg/predicate" + + extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" +) + +// ObjectPredicate returns true for 'create' and 'delete' events. For updates, it only returns true when the extension +// type has changed. +func ObjectPredicate() predicate.Predicate { + return predicate.Funcs{ + CreateFunc: func(_ event.CreateEvent) bool { + return true + }, + UpdateFunc: func(e event.UpdateEvent) bool { + // enqueue on periodic cache resyncs + if e.ObjectOld.GetResourceVersion() == e.ObjectNew.GetResourceVersion() { + return true + } + + extensionObj, ok := e.ObjectNew.(extensionsv1alpha1.Object) + if !ok { + return false + } + + oldExtensionObj, ok := e.ObjectOld.(extensionsv1alpha1.Object) + if !ok { + return false + } + + return oldExtensionObj.GetExtensionSpec().GetExtensionType() != extensionObj.GetExtensionSpec().GetExtensionType() + }, + DeleteFunc: func(_ event.DeleteEvent) bool { + return true + }, + GenericFunc: func(_ event.GenericEvent) bool { + return false + }, + } +} diff --git a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/deployment.go b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/deployment.go index 4ec7b087..cb96702e 100644 --- a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/deployment.go +++ b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/deployment.go @@ -11,7 +11,6 @@ import ( appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" @@ -140,11 +139,17 @@ func IsDeploymentUpdated(reader client.Reader, deployment *appsv1.Deployment) fu // DeploymentHasExactNumberOfPods returns true when there are exactly as many pods as the .spec.replicas field of the // deployment mandates. func DeploymentHasExactNumberOfPods(ctx context.Context, reader client.Reader, deployment *appsv1.Deployment) (bool, error) { - podList := &metav1.PartialObjectMetadataList{} - podList.SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("PodList")) + podList := &corev1.PodList{} if err := reader.List(ctx, podList, client.InNamespace(deployment.Namespace), client.MatchingLabels(deployment.Spec.Selector.MatchLabels)); err != nil { return false, err } - return int32(len(podList.Items)) == ptr.Deref(deployment.Spec.Replicas, 1), nil + var numberOfRelevantPods int32 + for _, pod := range podList.Items { + if !IsPodStale(pod.Status.Reason) { + numberOfRelevantPods++ + } + } + + return numberOfRelevantPods == ptr.Deref(deployment.Spec.Replicas, 1), nil } diff --git a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/pod.go b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/pod.go index dc1bd8b5..ef4e1469 100644 --- a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/pod.go +++ b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/health/pod.go @@ -8,6 +8,7 @@ package health import ( "fmt" + "strings" corev1 "k8s.io/api/core/v1" ) @@ -58,3 +59,11 @@ func CheckPod(pod *corev1.Pod) error { return fmt.Errorf("pod is in invalid phase %q (expected one of %q)", pod.Status.Phase, healthyPodPhases) } + +// IsPodStale returns true when the pod reason indicates staleness. +func IsPodStale(reason string) bool { + return strings.Contains(reason, "Evicted") || + strings.HasPrefix(reason, "OutOf") || + strings.Contains(reason, "NodeAffinity") || + strings.Contains(reason, "NodeLost") +} diff --git a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/highavailability.go b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/highavailability.go index c50dc6ea..1919ec76 100644 --- a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/highavailability.go +++ b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/highavailability.go @@ -60,10 +60,23 @@ func GetTopologySpreadConstraints( } var ( + // Enforcing a spread over zones is required when there are: + // - multiple zones + // - AND + // - the failure tolerance type is 'nil' (seed/shoot system component case) or 'zone' (shoot control-plane case) + zoneSpreadRequired = numberOfZones > 1 && (failureToleranceType == nil || *failureToleranceType == gardencorev1beta1.FailureToleranceTypeZone) + + // Enforcing a spread over hosts is required when: + // - it is explicitly requested via 'enforceSpreadAcrossHosts' argument + // - OR + // - a failure tolerance type is set + hostSpreadRequired = enforceSpreadAcrossHosts || ptr.Deref(failureToleranceType, "") != "" + minDomainsHosts *int32 whenUnsatisfiable = corev1.ScheduleAnyway ) - if ptr.Deref(failureToleranceType, "") != "" || enforceSpreadAcrossHosts { + + if hostSpreadRequired { whenUnsatisfiable = corev1.DoNotSchedule minDomainsHosts = calculateMinDomains(3, maxReplicas) } @@ -76,21 +89,11 @@ func GetTopologySpreadConstraints( LabelSelector: &labelSelector, }} - // We only want to enforce a spread over zones when there are: - // - multiple zones - // - AND - // - the failure tolerance type is 'nil' (seed/shoot system component case) or 'zone' (shoot control-plane case) - if numberOfZones > 1 && (failureToleranceType == nil || *failureToleranceType == gardencorev1beta1.FailureToleranceTypeZone) { - maxSkew := int32(1) - // Increase maxSkew if there are >= 2*numberOfZones maxReplicas, see https://github.com/kubernetes/kubernetes/issues/109364. - if maxReplicas >= 2*numberOfZones { - maxSkew = 2 - } - + if zoneSpreadRequired { topologySpreadConstraints = append(topologySpreadConstraints, corev1.TopologySpreadConstraint{ TopologyKey: corev1.LabelTopologyZone, MinDomains: calculateMinDomains(numberOfZones, maxReplicas), - MaxSkew: maxSkew, + MaxSkew: 1, WhenUnsatisfiable: corev1.DoNotSchedule, LabelSelector: &labelSelector, }) diff --git a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/pod.go b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/pod.go index 5eff3459..7134c0c6 100644 --- a/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/pod.go +++ b/vendor/github.com/gardener/gardener/pkg/utils/kubernetes/pod.go @@ -8,7 +8,10 @@ import ( "context" "fmt" "slices" + "time" + "github.com/go-logr/logr" + "github.com/hashicorp/go-multierror" appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" @@ -19,6 +22,9 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/sets" "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/gardener/gardener/pkg/client/kubernetes" + "github.com/gardener/gardener/pkg/utils/kubernetes/health" ) // VisitPodSpec calls the given visitor for the PodSpec contained in the given object. The visitor may mutate the @@ -187,3 +193,47 @@ func GetDeploymentForPod(ctx context.Context, reader client.Reader, namespace st return deployment, nil } + +// DeleteStalePods deletes stale pods. +func DeleteStalePods(ctx context.Context, log logr.Logger, c client.Client, pods []corev1.Pod) error { + var result error + + for _, pod := range pods { + logger := log.WithValues("pod", client.ObjectKeyFromObject(&pod)) + + if health.IsPodStale(pod.Status.Reason) { + logger.V(1).Info("Deleting stale pod", "reason", pod.Status.Reason) + if err := c.Delete(ctx, &pod); client.IgnoreNotFound(err) != nil { + result = multierror.Append(result, err) + } + + continue + } + + if shouldObjectBeRemoved(&pod) { + logger.V(1).Info("Deleting stuck terminating pod") + if err := c.Delete(ctx, &pod, kubernetes.ForceDeleteOptions...); client.IgnoreNotFound(err) != nil { + result = multierror.Append(result, err) + } + } + } + + return result +} + +// shouldObjectBeRemoved determines whether the given object should be gone now. +// This is calculated by first checking the deletion timestamp of an object: If the deletion timestamp +// is unset, the object should not be removed - i.e. this returns false. +// Otherwise, it is checked whether the deletionTimestamp is before the current time minus the +// grace period. +func shouldObjectBeRemoved(obj metav1.Object) bool { + // gardenerDeletionGracePeriod is the default grace period for Gardener's force deletion methods. + const gardenerDeletionGracePeriod = 5 * time.Minute + + deletionTimestamp := obj.GetDeletionTimestamp() + if deletionTimestamp == nil { + return false + } + + return deletionTimestamp.Time.Before(time.Now().Add(-gardenerDeletionGracePeriod)) +} diff --git a/vendor/github.com/gardener/gardener/pkg/utils/managedresources/managedresources.go b/vendor/github.com/gardener/gardener/pkg/utils/managedresources/managedresources.go index efe49d65..4fed44ec 100644 --- a/vendor/github.com/gardener/gardener/pkg/utils/managedresources/managedresources.go +++ b/vendor/github.com/gardener/gardener/pkg/utils/managedresources/managedresources.go @@ -15,6 +15,7 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" @@ -417,14 +418,14 @@ func checkConfigurationError(err error) []gardencorev1beta1.ErrorCode { } // CheckIfManagedResourcesExist checks if some ManagedResources of the given class still exist. If yes it returns true. -func CheckIfManagedResourcesExist(ctx context.Context, c client.Client, class *string) (bool, error) { +func CheckIfManagedResourcesExist(ctx context.Context, c client.Client, class *string, excludeNames ...string) (bool, error) { managedResourceList := &resourcesv1alpha1.ManagedResourceList{} if err := c.List(ctx, managedResourceList); err != nil { return false, err } for _, managedResource := range managedResourceList.Items { - if ptr.Equal(managedResource.Spec.Class, class) { + if ptr.Equal(managedResource.Spec.Class, class) && !sets.New(excludeNames...).Has(managedResource.Name) { return true, nil } } diff --git a/vendor/k8s.io/utils/integer/integer.go b/vendor/k8s.io/utils/integer/integer.go index e0811e83..f64d6495 100644 --- a/vendor/k8s.io/utils/integer/integer.go +++ b/vendor/k8s.io/utils/integer/integer.go @@ -18,7 +18,8 @@ package integer import "math" -// IntMax returns the maximum of the params +// IntMax returns the maximum of the params. +// Deprecated: for new code, use the max() builtin instead. func IntMax(a, b int) int { if b > a { return b @@ -26,7 +27,8 @@ func IntMax(a, b int) int { return a } -// IntMin returns the minimum of the params +// IntMin returns the minimum of the params. +// Deprecated: for new code, use the min() builtin instead. func IntMin(a, b int) int { if b < a { return b @@ -34,7 +36,8 @@ func IntMin(a, b int) int { return a } -// Int32Max returns the maximum of the params +// Int32Max returns the maximum of the params. +// Deprecated: for new code, use the max() builtin instead. func Int32Max(a, b int32) int32 { if b > a { return b @@ -42,7 +45,8 @@ func Int32Max(a, b int32) int32 { return a } -// Int32Min returns the minimum of the params +// Int32Min returns the minimum of the params. +// Deprecated: for new code, use the min() builtin instead. func Int32Min(a, b int32) int32 { if b < a { return b @@ -50,7 +54,8 @@ func Int32Min(a, b int32) int32 { return a } -// Int64Max returns the maximum of the params +// Int64Max returns the maximum of the params. +// Deprecated: for new code, use the max() builtin instead. func Int64Max(a, b int64) int64 { if b > a { return b @@ -58,7 +63,8 @@ func Int64Max(a, b int64) int64 { return a } -// Int64Min returns the minimum of the params +// Int64Min returns the minimum of the params. +// Deprecated: for new code, use the min() builtin instead. func Int64Min(a, b int64) int64 { if b < a { return b diff --git a/vendor/modules.txt b/vendor/modules.txt index 479e34ab..e5eb0d2e 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -85,10 +85,10 @@ github.com/fsnotify/fsnotify ## explicit; go 1.22.0 github.com/gardener/cert-management/pkg/apis/cert github.com/gardener/cert-management/pkg/apis/cert/v1alpha1 -# github.com/gardener/etcd-druid v0.22.5 +# github.com/gardener/etcd-druid v0.22.7 ## explicit; go 1.21 github.com/gardener/etcd-druid/api/v1alpha1 -# github.com/gardener/gardener v1.104.0 +# github.com/gardener/gardener v1.105.0 ## explicit; go 1.23.0 github.com/gardener/gardener/extensions/pkg/apis/config github.com/gardener/gardener/extensions/pkg/controller @@ -600,7 +600,7 @@ helm.sh/helm/v3/pkg/ignore helm.sh/helm/v3/pkg/release helm.sh/helm/v3/pkg/releaseutil helm.sh/helm/v3/pkg/time -# istio.io/api v1.22.4 +# istio.io/api v1.22.5 ## explicit; go 1.22 istio.io/api/analysis/v1alpha1 istio.io/api/meta/v1alpha1 @@ -983,7 +983,7 @@ k8s.io/kubelet/pkg/apis ## explicit; go 1.21 k8s.io/metrics/pkg/apis/metrics k8s.io/metrics/pkg/apis/metrics/v1beta1 -# k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3 +# k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 ## explicit; go 1.18 k8s.io/utils/buffer k8s.io/utils/clock