DOCKER is otherwise used to be the command name (perhaps podman), but we were conflating DOCKER_OPTS in kube::util::ensure_docker_daemon_connectivity.
Split out docker opts.
This fixes shellcheck warning that docker is assigned an array and then a string in some scripts.
The `make` rules which auto-generate some of our API stuff are
incredibly baroque, and hard to maintain. They were originally added on
the assumption that we would stop checking generated files into git.
Since then we have moved away from that goal, and the worst problems
with generated files have been resolved.
Reasons to kill this:
* It is slow on every build, as opposed to just being slow when running
the generators. It is even slow to calculate that there's nothing to
update.
* Most development work doesn't involve changing APIs.
* It only covers about half (or less) of the generated code, and making
it cover more would be even slower.
* Approximately 1 person knows how this all works.
* We have CI to make sure changes do not get merged without updating
this code.
* We have corner cases where this does the WRONG thing and tracking
those down is ugly and hard in perpetuity.
So this commit puts all the same logic that WAS in the
Makefile.generated_files into update-codegen.sh.
I do not love this script, especially WRT sub-packages, but I am trying
not to boil the ocean. I hope to follow up with some more cleanups over
time.
I have tested this manually and with the scripts and it still seems to
catch errors properly.
This includes a change to kube::util::read-array to make it not unset
variables and not over-write non-array variables.
* switched one spot to use kube::logging
* make kube::util::find-binary return an error when it doesn't find
anything so that hack scripts fail fast instead of with '' binary not
found errors.
* this required deleting some genfeddoc stuff. the binary no longer
exists in k/k repo since we removed federation/, and I don't see it
in https://github.com/kubernetes-sigs/kubefed/ either. I'm assuming
that it's gone for good now.
If a bearer token is present in a request, the exec credential plugin should accept that as the chosen method of authentication. Judging by an [earlier comment in exec.go](c18bc7e9f7/staging/src/k8s.io/client-go/plugin/pkg/client/auth/exec/exec.go (L217)), this was already intended. This would however not work since UpdateTransportConfig would set the GetCert callback which would then get called by the transport, triggering the exec plugin action even with a token present in the request. See linked issue for further details.
See #87369 for further details.
Signed-off-by: Anders Eknert <anders.eknert@bisnode.com>
The image used by the Image Promoter (gcr.io/k8s-testimages/gcb-docker-gcloud:v20190906-745fed4)
is based on busybox, and thus, the sed binary is actually busybox. image-util.sh calls
kube::util::ensure-gnu-sed several times, which ensures that a GNU sed binary exists
(it checks by greping GNU in its --help output). Obviously, it won't match the busybox sed
binary. But the sed usage in image-util.sh is fairly simple, and the busybox sed is sufficient.
This was previously fixed in: #87188, but it was reverted by #87653 as it was failing
on Mac (sed does not exist). This commit fixes that issue as well.
Prior to the Image Centralization part 4 (https://github.com/kubernetes/kubernetes/pull/81170),
a PR merged that enables the Image Promoter to run on the k/k test images.
The Image Promoter currently only builds the Conformance-related images, but the
Image Centralization part 4 centralized some of those images into agnhost, so they
need to be removed from the conformance_images list.
Additionally, https://github.com/kubernetes/kubernetes/pull/81226 proposes mounttest-user
image to be removed, and RunAsUser to be used in tests instead.
The image used by the Image Promoter (gcr.io/k8s-testimages/gcb-docker-gcloud:v20190906-745fed4)
is based on busybox, and thus, the sed binary is actually busybox. image-util.sh calls
kube::util::ensure-gnu-sed several times, which ensures that a GNU sed binary exists
(it checks by greping GNU in its --help output). Obviously, it won't match the busybox sed
binary. But the sed usage in image-util.sh is fairly simple, and the busybox sed is sufficient.
Bumps image versions for: jessie-dnsutils, nonewprivs, resource-consumer, sample-apiserver. These
images are included in the conformance_images that are being built by the Image Promoter, so
we're bumping them just to make sure we're not breaking anything and cause all the CIs to fall.
We're going to bump the image versions used in tests in a subsequent PR. The image version was not
bumped for: agnhost, kitten, nautilus, as they were already bumped by the Image Centralization part 4
PR.
When using hack/local-up-cluster.sh deploy local cluster, it
failed with following message "kube-proxy terminated unexpectedly"
and "Failed to retrieve node info: nodes "127.0.0.1" not found" in
kube-proxy.log.
The root reason for this error is miss boot order of kubernetes
services in local-up-cluster.sh, kube-proxy and kubectl daemon.
When starting kube-proxy, it would check node information. And
these information are collected by kubelet daemon. However, in
the shell script, kube-proxy service start before kubelet daemon.
This patch changed the boot order of kubelet daemon and kube-proxy
and check if node stats ready for kube-proxy start.
Signed-off-by: Howard Zhang <howard.zhang@arm.com>
Test script:
#!/bin/bash
rev1="foo"
rev2="\"bar\""
rev3="'bar'"
newrev1="${rev1//[\'\"]}"
newrev2="${rev2//[\'\"]}"
newrev3="${rev3//[\'\"]}"
oldrev1=$(echo "${rev1}" | sed "s/['\"]//g")
oldrev2=$(echo "${rev2}" | sed "s/['\"]//g")
oldrev3=$(echo "${rev3}" | sed "s/['\"]//g")
echo "$newrev1 vs. $oldrev1"
echo "$newrev2 vs. $oldrev2"
echo "$newrev3 vs. $oldrev3"
expected output:
foo vs. foo
bar vs. bar
bar vs. bar
Also fix array item comparison. Test script for the comparison change:
#!/bin/bash
staging_apis=(extensions/v1beta1 extensions/v1 extensions/v1alpha)
group_versions=(v1 extensions/v1beta1 extensions/v1 extensions.k8s.io/v1)
for group_version in ${group_versions[@]}; do
# original code
if [[ " ${staging_apis[@]} " =~ " ${group_version/.*k8s.io/} " ]]; then
echo "orig: vendor/k8s.io/api/${group_version/.*k8s.io/}"
fi
# new code
for api in ${staging_apis[@]}; do
if [[ "${api}" = "${group_version/.*k8s.io/}" ]]; then
echo "new: vendor/k8s.io/api/${group_version/.*k8s.io/}"
fi
done
done
Expected output:
orig: vendor/k8s.io/api/extensions/v1beta1
new: vendor/k8s.io/api/extensions/v1beta1
orig: vendor/k8s.io/api/extensions/v1
new: vendor/k8s.io/api/extensions/v1
orig: vendor/k8s.io/api/extensions/v1
new: vendor/k8s.io/api/extensions/v1
"Decorate" the variables with a no-op function to prevent shellcheck
from complaining that they are not being used. This method provides
visibility to which variables are supposed to be used in a sourcing
script compared to just disabling the warning.
Use "command -v" instead of "which". Also remove the redirections,
since "command -v" does not return an error message if the command isn't
found. Also use "read -r" instead of "read" and quote variables
properly. Do some error handling if "pushd" or "popd" fail. Read values
properly into arrays.
However, one shellcheck error is ignored in trap mechanism. The logic
in trap_add function requires the trap command to be expanded when run.
Just storing the variable into trap doesn't work. Add a shellcheck
disable directive to ignore the error.
An alternative to ignoring could be tricking shellcheck with:
trap ''"${new_cmd}" "${trap_add_name}"
Both verify-golint.sh and verify-shellcheck.sh have the same logic
which checks failure_file in alphabetical order.
In addition, we'd like to add another script which requires the
same logic. So this add a common function for cleanup.
The placeholder documentation introduces a couple of problems:
- it complicates the contributor-experience (forces the CI to run
N times before the contributor finds out that they need to call an .sh
script and include certain files from docs/)
- it forces CLI related pull requests for tools like kubeadm and kubectl
to require top level approval from docs/OWNERS as such PRs still need
to touch the .generated_docs file
Stop tracking the placeholder documentation by applying the
following actions:
- remove the utility set-placeholder-gen-docs()
- make verify-generated-docs.sh only generate in a temporary folder
and not match .generated_docs
- mark generate-docs.sh as an alias for update-generated-docs.sh
- remove all current placeholder files in docs folders admin, man,
user-guide, yaml
- ignore the above folders and .generated_docs in a .gitignore file
