fix: 81134: fix unsafe json for ReleaseControllerRevision (#104049)
* fix: 81134: fix unsafe json for ReleaseControllerRevision 1. Ensures that ReleaseControllerRevision returns a proper json by marshalling an object into bytes. Otherwise, it returns an error. 2. Also, refactors the code to commonize the merge type GenerateDeleteOwnerRefStrategicMergeBytes that returns a byte and is used across ReleasePod, ReleaseControllerRevison ReleaseReplicaSet. * Move GeneratePatchBytesForDelete to controller_ref_manager
This commit is contained in:
Manu Gupta
@@ -232,7 +232,7 @@ func (m *PodControllerRefManager) AdoptPod(ctx context.Context, pod *v1.Pod) err
|
||||
func (m *PodControllerRefManager) ReleasePod(pod *v1.Pod) error {
|
||||
klog.V(2).Infof("patching pod %s_%s to remove its controllerRef to %s/%s:%s",
|
||||
pod.Namespace, pod.Name, m.controllerKind.GroupVersion(), m.controllerKind.Kind, m.Controller.GetName())
|
||||
patchBytes, err := deleteOwnerRefStrategicMergePatch(pod.UID, m.Controller.GetUID(), m.finalizers...)
|
||||
patchBytes, err := GenerateDeleteOwnerRefStrategicMergeBytes(pod.UID, []types.UID{m.Controller.GetUID()}, m.finalizers...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -357,7 +357,7 @@ func (m *ReplicaSetControllerRefManager) AdoptReplicaSet(ctx context.Context, rs
|
||||
func (m *ReplicaSetControllerRefManager) ReleaseReplicaSet(replicaSet *apps.ReplicaSet) error {
|
||||
klog.V(2).Infof("patching ReplicaSet %s_%s to remove its controllerRef to %s/%s:%s",
|
||||
replicaSet.Namespace, replicaSet.Name, m.controllerKind.GroupVersion(), m.controllerKind.Kind, m.Controller.GetName())
|
||||
patchBytes, err := deleteOwnerRefStrategicMergePatch(replicaSet.UID, m.Controller.GetUID())
|
||||
patchBytes, err := GenerateDeleteOwnerRefStrategicMergeBytes(replicaSet.UID, []types.UID{m.Controller.GetUID()})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -495,7 +495,7 @@ func (m *ControllerRevisionControllerRefManager) AdoptControllerRevision(ctx con
|
||||
func (m *ControllerRevisionControllerRefManager) ReleaseControllerRevision(history *apps.ControllerRevision) error {
|
||||
klog.V(2).Infof("patching ControllerRevision %s_%s to remove its controllerRef to %s/%s:%s",
|
||||
history.Namespace, history.Name, m.controllerKind.GroupVersion(), m.controllerKind.Kind, m.Controller.GetName())
|
||||
patchBytes, err := deleteOwnerRefStrategicMergePatch(history.UID, m.Controller.GetUID())
|
||||
patchBytes, err := GenerateDeleteOwnerRefStrategicMergeBytes(history.UID, []types.UID{m.Controller.GetUID()})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -517,36 +517,6 @@ func (m *ControllerRevisionControllerRefManager) ReleaseControllerRevision(histo
|
||||
return err
|
||||
}
|
||||
|
||||
type objectForDeleteOwnerRefStrategicMergePatch struct {
|
||||
Metadata objectMetaForMergePatch `json:"metadata"`
|
||||
}
|
||||
|
||||
type objectMetaForMergePatch struct {
|
||||
UID types.UID `json:"uid"`
|
||||
OwnerReferences []map[string]string `json:"ownerReferences"`
|
||||
DeleteFinalizers []string `json:"$deleteFromPrimitiveList/finalizers,omitempty"`
|
||||
}
|
||||
|
||||
func deleteOwnerRefStrategicMergePatch(dependentUID types.UID, ownerUID types.UID, finalizers ...string) ([]byte, error) {
|
||||
patch := objectForDeleteOwnerRefStrategicMergePatch{
|
||||
Metadata: objectMetaForMergePatch{
|
||||
UID: dependentUID,
|
||||
OwnerReferences: []map[string]string{
|
||||
{
|
||||
"$patch": "delete",
|
||||
"uid": string(ownerUID),
|
||||
},
|
||||
},
|
||||
DeleteFinalizers: finalizers,
|
||||
},
|
||||
}
|
||||
patchBytes, err := json.Marshal(&patch)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return patchBytes, nil
|
||||
}
|
||||
|
||||
type objectForAddOwnerRefPatch struct {
|
||||
Metadata objectMetaForPatch `json:"metadata"`
|
||||
}
|
||||
@@ -582,3 +552,39 @@ func ownerRefControllerPatch(controller metav1.Object, controllerKind schema.Gro
|
||||
}
|
||||
return patchBytes, nil
|
||||
}
|
||||
|
||||
type objectForDeleteOwnerRefStrategicMergePatch struct {
|
||||
Metadata objectMetaForMergePatch `json:"metadata"`
|
||||
}
|
||||
|
||||
type objectMetaForMergePatch struct {
|
||||
UID types.UID `json:"uid"`
|
||||
OwnerReferences []map[string]string `json:"ownerReferences"`
|
||||
DeleteFinalizers []string `json:"$deleteFromPrimitiveList/finalizers,omitempty"`
|
||||
}
|
||||
|
||||
func GenerateDeleteOwnerRefStrategicMergeBytes(dependentUID types.UID, ownerUIDs []types.UID, finalizers ...string) ([]byte, error) {
|
||||
var ownerReferences []map[string]string
|
||||
for _, ownerUID := range ownerUIDs {
|
||||
ownerReferences = append(ownerReferences, ownerReference(ownerUID, "delete"))
|
||||
}
|
||||
patch := objectForDeleteOwnerRefStrategicMergePatch{
|
||||
Metadata: objectMetaForMergePatch{
|
||||
UID: dependentUID,
|
||||
OwnerReferences: ownerReferences,
|
||||
DeleteFinalizers: finalizers,
|
||||
},
|
||||
}
|
||||
patchBytes, err := json.Marshal(&patch)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return patchBytes, nil
|
||||
}
|
||||
|
||||
func ownerReference(uid types.UID, patchType string) map[string]string {
|
||||
return map[string]string{
|
||||
"$patch": patchType,
|
||||
"uid": string(uid),
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user